专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20100138907A1 METHOD AND SYSTEM FOR GENERATING DIGITAL CERTIFICATES AND CERTIFICATE SIGNING REQUESTS 审中-公开
标题翻译：产生数字证书和证书签名要求的方法和系统
公开(公告)号：US20100138907A1
公开(公告)日：2010-06-03
申请号：US12326002
申请日：2008-12-01
申请人： Garret Grajek , Stephen Moore , Mark Lambiase
发明人： Garret Grajek , Stephen Moore , Mark Lambiase
IPC分类号： H04L9/32 , G06F15/16 , G06F17/00
CPC分类号： H04L9/3263 , H04L63/0823
摘要： A certificate server is provided for issuing digital certificates to be used by a network resource and/or a client resource. The certificate server is configured to communicate with the network resource or the client resource to receive a certificate request. Upon receiving the certificate request, the certificate server may automate the process for authenticating the certificate request, validating the terms of the certificate request and digitally signing the certificate request. An authentication appliance may communicate with or be integrated within the certificate server. The certificate server includes a web service server, a certificate authority component, and a database that enable communication with either the network resource, client resource, or the authentication appliance to automate the administration process typically involved in receiving and signing a certificate request. The certificate authority component may sign the certificate request with a trusted root chain associated with the network resource.
摘要翻译：提供证书服务器用于发行要由网络资源和/或客户端资源使用的数字证书。证书服务器被配置为与网络资源或客户端资源通信以接收证书请求。证书服务器在收到证书请求后，可自动执行认证证书请求的过程，验证证书请求的条款并对证书请求进行数字签名。身份验证设备可以与证书服务器通信或集成在证书服务器中。证书服务器包括Web服务服务器，证书颁发机构组件和能够与网络资源，客户端资源或身份验证设备通信的数据库，以自动执行通常涉及到接收和签署证书请求的管理过程。证书颁发机构组件可以使用与网络资源相关联的受信任的根链对证书请求进行签名。

2. 发明申请

US20090307486A1 SYSTEM AND METHOD FOR SECURED NETWORK ACCESS UTILIZING A CLIENT .NET SOFTWARE COMPONENT 审中-公开
标题翻译：使用客户端软件组件的安全网络访问的系统和方法
公开(公告)号：US20090307486A1
公开(公告)日：2009-12-10
申请号：US12135466
申请日：2008-06-09
申请人： Garret Grajek , Stephen Moore , Mark Lambiase
发明人： Garret Grajek , Stephen Moore , Mark Lambiase
IPC分类号： H04L9/32
CPC分类号： H04L9/3273 , H04L9/3263 , H04L63/0272 , H04L63/0428 , H04L63/062 , H04L63/0823 , H04L63/123 , H04L2209/56
摘要： A method for self-service authentication of a client and a server. The method includes the server receiving an initialization command from the client. The initialization command may be transmitted to the server via a client web browser over an unsecured data transfer link. The method continues with requesting authentication information from the client. In response to receiving the authentication information from the client, the server transmits a client software component to the client. The client software component utilizes a client-side library installed on the operating system of the client to generate the various client credentials described above. Thereafter, the certificate signing request may be transmitted to a certificate server for signing the certificate signing request. The signed certificate signing request is then received by the client via the client web browser. The client utilizes the information associated with the signed certificate signing request with the client-side library installed on the client to generate a client certificate.
摘要翻译：一种用于客户端和服务器的自服务认证的方法。该方法包括服务器从客户端接收初始化命令。初始化命令可以经由客户端web浏览器通过不安全的数据传输链路传送到服务器。该方法继续请求来自客户端的认证信息。响应于从客户端接收认证信息，服务器向客户端发送客户端软件组件。客户端软件组件利用安装在客户机操作系统上的客户端库生成上述各种客户端证书。此后，证书签发请求可以被发送到证书服务器以签署证书签名请求。然后，客户端通过客户端Web浏览器接收签名的证书签名请求。客户端使用与签名的证书签名请求相关联的信息与安装在客户端上的客户端库生成客户端证书。

3. 发明申请

US20090025080A1 SYSTEM AND METHOD FOR AUTHENTICATING A CLIENT TO A SERVER VIA AN IPSEC VPN AND FACILITATING A SECURE MIGRATION TO SSL VPN REMOTE ACCESS 审中-公开
标题翻译：通过IPSEC VPN验证服务器的客户端的系统和方法，并为SSL VPN远程访问提供安全移动
公开(公告)号：US20090025080A1
公开(公告)日：2009-01-22
申请号：US12212959
申请日：2008-09-18
申请人： Craig Lund , Garret Grajek , Stephen Moore , Mark Lambiase
发明人： Craig Lund , Garret Grajek , Stephen Moore , Mark Lambiase
IPC分类号： H04L29/06
CPC分类号： H04L9/3215 , H04L9/3228 , H04L9/3263 , H04L9/3273 , H04L63/0272 , H04L63/0823 , H04L63/166 , H04L2209/56
摘要： Authenticating a client to a server accessible through an Internet Protocol Security (IPSec) Virtual Private Network (VPN) appliance. The IPSec VPN appliance and an SSL VPN appliance are configured to receive an initialization command from the client. The SSL VPN appliance is in communication with an authentication appliance for authenticating the client to the server. In response to the initialization command, the authentication appliance generates a client key pair including a client private key and a client public key. The authentication appliance generates a client certificate and a client IPSec profile. The authentication appliance transmits the client key pair, the client certificate and the client IPSec profile to the client. A secure communication session between the client and the server is established. The secure communication session is established through the IPSec VPN appliance. Upon receipt of the IPSec profile, the communication session between the client and the server is encrypted.
摘要翻译：将客户端验证到可通过Internet协议安全（IPSec）虚拟专用网（VPN）设备访问的服务器。 IPSec VPN设备和SSL VPN设备配置为从客户端接收初始化命令。 SSL VPN设备与认证设备通信，用于向服务器认证客户端。响应于初始化命令，认证装置产生包括客户端私钥和客户端公钥的客户端密钥对。身份验证设备生成客户端证书和客户端IPSec配置文件。认证设备将客户端密钥对，客户端证书和客户端IPSec配置文件发送给客户端。建立客户端与服务器之间的安全通信会话。安全通信会话通过IPSec VPN设备建立。在接收到IPSec配置文件之后，客户端和服务器之间的通信会话被加密。

4. 发明申请

US20100217975A1 METHOD AND SYSTEM FOR SECURE ONLINE TRANSACTIONS WITH MESSAGE-LEVEL VALIDATION 审中-公开
标题翻译：使用消息级验证安全在线交易的方法和系统
公开(公告)号：US20100217975A1
公开(公告)日：2010-08-26
申请号：US12392760
申请日：2009-02-25
申请人： Garret Grajek , Stephen Moore , Mark Lambiase
发明人： Garret Grajek , Stephen Moore , Mark Lambiase
IPC分类号： H04L9/32
CPC分类号： G06F21/445 , H04L9/3226 , H04L9/3263 , H04L9/3271 , H04L63/0823 , H04L63/083 , H04L63/168 , H04L2209/56
摘要： A method and system for authenticating a client and a server is disclosed. In one contemplated embodiment, the client has a client certificate and the server have a server certificate. The client is validated to an authentication module based upon a certificate request identifier generated thereby, a secure data link certificate, and an authentication module Uniform Resource Locator. The authentication module is validated to the client based upon the client certificate and the certificate request identifier. A password associated with a user identifier that is encrypted with a private client key and signed with a public server key is transmitted to the authentication module. The password is then validated.
摘要翻译：公开了一种用于认证客户机和服务器的方法和系统。在一个预期的实施例中，客户端具有客户端证书，并且服务器具有服务器证书。基于由此产生的证书请求标识符，安全数据链路证书和认证模块统一资源定位符，验证客户端到认证模块。验证模块根据客户端证书和证书请求标识符对客户端进行验证。与用私人客户端密钥加密并用公共服务器密钥签名的用户标识符相关联的密码被发送到认证模块。密码然后验证。

5. 发明授权

US08301877B2 System and method for configuring a valid duration period for a digital certificate 有权
标题翻译：配置数字证书的有效持续时间的系统和方法
公开(公告)号：US08301877B2
公开(公告)日：2012-10-30
申请号：US12075219
申请日：2008-03-10
申请人： Garret Grajek , Craig Lund , Steven Moore , Mark Lambiase
发明人： Garret Grajek , Craig Lund , Steven Moore , Mark Lambiase
IPC分类号： G06F21/00
CPC分类号： H04L63/0823 , H04L9/3263 , H04L9/3268 , H04L63/12 , H04L63/123 , H04L2209/56 , H04L2209/80
摘要： A method and system for configuring a valid duration period for a digital certificate. The method includes assigning a positive numeric value for each certificate term. The positive numeric value assigned to each certificate term is representative of the valid duration period. The method continues by prompting a user of the client device to request one certificate term. The method may include transmitting the requested certificate term to a server. The certificate term requested is sent via a certificate request. The server is configured to convert the positive numeric value associated with the requested certificate term into a duration counter. The method may also include a certificate server receiving from the server, the certificate request including the duration counter. The certificate server is configured to digitally sign the certificate request. The method may conclude with the client device generating the digital certificate having the valid duration period correspond to the positive numeric value associated with the requested certificate term.
摘要翻译：一种用于配置数字证书有效期限的方法和系统。该方法包括为每个证书项分配正数值。分配给每个证书期限的正数值表示有效的持续时间。该方法继续通过提示客户端设备的用户请求一个证书期限。该方法可以包括将所请求的证书项发送到服务器。所要求的证书字段通过证书请求发送。服务器被配置为将与所请求的证书项相关联的正数值转换为持续时间计数器。该方法还可以包括从服务器接收的证书服务器，证书请求包括持续时间计数器。证书服务器被配置为对证书请求进行数字签名。该方法可以与生成具有对应于与所请求的证书项相关联的正数值的有效持续时间段的数字证书的客户端设备结束。

6. 发明申请

US20090228703A1 System and method for configuring a valid duration period for a digital certificate 有权
标题翻译：配置数字证书的有效持续时间的系统和方法
公开(公告)号：US20090228703A1
公开(公告)日：2009-09-10
申请号：US12075219
申请日：2008-03-10
申请人： Garret Grajek , Craig Lund , Steven Moore , Mark Lambiase
发明人： Garret Grajek , Craig Lund , Steven Moore , Mark Lambiase
IPC分类号： H04L9/00
CPC分类号： H04L63/0823 , H04L9/3263 , H04L9/3268 , H04L63/12 , H04L63/123 , H04L2209/56 , H04L2209/80
摘要： A method and system for configuring a valid duration period for a digital certificate. The method includes assigning a positive numeric value for each certificate term. The positive numeric value assigned to each certificate term is representative of the valid duration period. The method continues by prompting a user of the client device to request one certificate term. The method may include transmitting the requested certificate term to a server. The certificate term requested is sent via a certificate request. The server is configured to convert the positive numeric value associated with the requested certificate term into a duration counter. The method may also include a certificate server receiving from the server, the certificate request including the duration counter. The certificate server is configured to digitally sign the certificate request. The method may conclude with the client device generating the digital certificate having the valid duration period correspond to the positive numeric value associated with the requested certificate term.
摘要翻译：一种用于配置数字证书有效期限的方法和系统。该方法包括为每个证书项分配正数值。分配给每个证书期限的正数值表示有效的持续时间。该方法继续通过提示客户端设备的用户请求一个证书期限。该方法可以包括将所请求的证书项发送到服务器。所要求的证书字段通过证书请求发送。服务器被配置为将与所请求的证书项相关联的正数值转换为持续时间计数器。该方法还可以包括从服务器接收的证书服务器，证书请求包括持续时间计数器。证书服务器被配置为对证书请求进行数字签名。该方法可以与生成具有对应于与所请求的证书项相关联的正数值的有效持续时间段的数字证书的客户端设备结束。

7. 发明申请

US20110209208A1 SECURITY DEVICE PROVISIONING 有权
标题翻译：安全设备提供
公开(公告)号：US20110209208A1
公开(公告)日：2011-08-25
申请号：US13035289
申请日：2011-02-25
申请人： ALLEN YU QUACH , Jeffrey Chiwai Lo , Garret Florian Grajek , Mark Lambiase
发明人： ALLEN YU QUACH , Jeffrey Chiwai Lo , Garret Florian Grajek , Mark Lambiase
IPC分类号： H04L9/32
CPC分类号： H04L63/10 , H04L9/3215 , H04L9/3228 , H04L63/08 , H04L63/0853 , H04L67/42
摘要： The provisioning of a security token object to a user is disclosed. The security token object is used for accessing a computing resource through a client computer system. A security token object provisioning request may be received from the client computer system. In response, an authentication request may be transmitted. The user is authenticated against a user identity based upon a set of received identity credentials provided by the user. The extraction of a unique token identifier from the security token object is initiated, and completed without intervention from the user. The unique token identifier received from the client computer system is associated with to the user identity in a data store. By providing the security token object, the user can gain access to the computing resource.
摘要翻译：公开了向用户提供安全令牌对象。安全令牌对象用于通过客户端计算机系统访问计算资源。可以从客户端计算机系统接收安全令牌对象供应请求。作为响应，可以发送认证请求。基于用户提供的一组接收到的身份证件，用户对用户身份进行身份验证。启动从安全令牌对象中提取唯一令牌标识符，并在没有用户干预的情况下完成。从客户端计算机系统接收到的唯一令牌标识符与数据存储中的用户身份相关联。通过提供安全令牌对象，用户可以访问计算资源。

8. 发明授权

US08510816B2 Security device provisioning 有权
标题翻译：安全设备配置
公开(公告)号：US08510816B2
公开(公告)日：2013-08-13
申请号：US13035289
申请日：2011-02-25
申请人： Allen Yu Quach , Jeffrey Chiwai Lo , Garret Florian Grajek , Mark Lambiase
发明人： Allen Yu Quach , Jeffrey Chiwai Lo , Garret Florian Grajek , Mark Lambiase
IPC分类号： H04L9/32
CPC分类号： H04L63/10 , H04L9/3215 , H04L9/3228 , H04L63/08 , H04L63/0853 , H04L67/42
摘要： The provisioning of a security token object to a user is disclosed. The security token object is used for accessing a computing resource through a client computer system. A security token object provisioning request may be received from the client computer system. In response, an authentication request may be transmitted. The user is authenticated against a user identity based upon a set of received identity credentials provided by the user. The extraction of a unique token identifier from the security token object is initiated, and completed without intervention from the user. The unique token identifier received from the client computer system is associated with to the user identity in a data store. By providing the security token object, the user can gain access to the computing resource.
摘要翻译：公开了向用户提供安全令牌对象。安全令牌对象用于通过客户端计算机系统访问计算资源。可以从客户端计算机系统接收安全令牌对象供应请求。作为响应，可以发送认证请求。基于用户提供的一组接收到的身份证件，用户对用户身份进行身份验证。启动从安全令牌对象中提取唯一令牌标识符，并在没有用户干预的情况下完成。从客户端计算机系统接收到的唯一令牌标识符与数据存储中的用户身份相关联。通过提供安全令牌对象，用户可以访问计算资源。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式