专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2013133840A1 MULTI-FACTOR CERTIFICATE AUTHORITY 审中-公开
标题翻译：多因素认证机构
公开(公告)号：WO2013133840A1
公开(公告)日：2013-09-12
申请号：PCT/US2012/028321
申请日：2012-03-08
申请人： INTEL CORPORATION , BEN-SHALOM, Omer , NAYSHTUT, Alex
发明人： BEN-SHALOM, Omer , NAYSHTUT, Alex
IPC分类号： H04L9/32 , H04L9/30
CPC分类号： H04L63/0823 , H04L9/3268 , H04L63/0876 , H04L63/205
摘要： Disclosed herein is a certificate authority server configured to provide multi-factor digital certificates. A processor readable medium may include a plurality of instructions configured to enable a certificate authority server of a certificate authority, in response to execution of the instructions by a processor, to receive a request to provide a multi-factor digital security certificate by digitally signing a certificate request having a plurality of factors and a cryptographic key, wherein a first of the plurality of factors is an identifier of a device and a second of the plurality of factors is an identifier of a user of the device. The instructions are also configured to enable the certificate authority server to associate the cryptographic key with the plurality of factors and issue the digital security certificate based on the certificate request. Also disclosed is a method of using a multi-factor digital certificate as part of the authorization process to implicitly bind the plurality of factors. Other embodiments may be described and claimed.
摘要翻译：这里公开了配置为提供多因素数字证书的证书颁发机构服务器。处理器可读介质可以包括多个指令，其被配置为使得证书颁发机构的证书颁发机构服务器响应于处理器的指令的执行而接收通过数字签名来提供多因素数字安全证书的请求具有多个因素的证书请求和密码密钥，其中所述多个因素中的第一个因素是设备的标识符，并且所述多个因素中的第二个因素是设备的用户的标识符。指令还被配置为使得证书颁发机构服务器能够将加密密钥与多个因素相关联，并且基于证书请求发布数字安全证书。还公开了一种使用多因素数字证书作为授权过程的一部分来隐式地绑定多个因素的方法。可以描述和要求保护其他实施例。

2. 发明申请

WO2014158604A1 COMMUNITY-BASED DE-DUPLICATION FOR ENCRYPTED DATA 审中-公开
标题翻译：用于加密数据的基于社区的去重复
公开(公告)号：WO2014158604A1
公开(公告)日：2014-10-02
申请号：PCT/US2014/018669
申请日：2014-02-26
申请人： INTEL CORPORATION , NAYSHTUT, Alex , BEN-SHALOM, Omer , YOSHII, Terry H.
发明人： NAYSHTUT, Alex , BEN-SHALOM, Omer , YOSHII, Terry H.
IPC分类号： G06F21/60 , G06F15/16
CPC分类号： G06F21/60 , G06F11/1453 , G06F21/6227 , H04L9/083 , H04L9/0894 , H04L9/14 , H04L9/3242 , H04L63/0435 , H04L63/061 , H04L63/062 , H04L63/0876 , H04L2209/60
摘要： Technologies for de-duplicating encrypted content include fragmenting a file into blocks on a computing device, encrypting each block, and storing each encrypted block on a content data server with associated keyed hashes and member identifications. The computing device additionally transmits each encrypted block with an associated member encryption key and member identification to a key server. As part of the de-duplication process, the content data server stores only one copy of the encrypted data for a particular associated keyed hash, and the key server similarly associates a single member encryption key with the keyed hash. To retrieve the file, the computing device receives the encrypted blocks with their associated keyed hashes and member identifications from the content data server and receives the corresponding member decryption key from the key server. The computing device decrypts each block using the member decryption keys and combines to blocks to generate the file.
摘要翻译：用于解密加密内容的技术包括将文件分解成计算设备上的块，加密每个块，以及将每个加密的块存储在具有相关联的密钥哈希和成员标识的内容数据服务器上。计算设备另外向密钥服务器发送具有相关联的成员加密密钥和成员标识的每个加密块。作为重复数据删除过程的一部分，内容数据服务器仅存储用于特定关联密钥哈希的加密数据的一个副本，并且密钥服务器类似地将单个成员加密密钥与密钥哈希相关联。为了检索文件，计算设备从内容数据服务器接收具有相关联的密钥哈希和成员标识的加密块，并从密钥服务器接收相应的成员解密密钥。计算设备使用成员解密密钥对每个块进行解密，并组合到块以生成该文件。

3. 发明申请

WO2015084305A1 METHODS, SYSTEMS, AND APPARATUS TO PROTECT CONTENT BASED ON PERSONA 审中-公开
标题翻译：方法，系统和设备保护基于人的内容
公开(公告)号：WO2015084305A1
公开(公告)日：2015-06-11
申请号：PCT/US2013/072625
申请日：2013-12-02
申请人： INTEL CORPORATION , BEN-SHALOM, Omer , GOLDBERG, Avishai , NAYSHTUT, Alex
发明人： BEN-SHALOM, Omer , GOLDBERG, Avishai , NAYSHTUT, Alex
IPC分类号： G06F21/10
CPC分类号： G06F21/6245 , G06F21/6218 , G06F21/6227 , G06F2221/2105 , G06F2221/2149
摘要： Example methods, systems, apparatus and articles of manufacture to protect content based on persona are disclosed. An example system includes a content encryption manager to encrypt a first content with an unencrypted first content key in response to identifying a first persona mode of a computing device, a persona encryption manager to encrypt the unencrypted first content key with a first public key to generate an encrypted first content key, and a metadata integrator to embed the encrypted first content key into the encrypted first content.
摘要翻译：公开了用于保护基于人物的内容的示例性方法，系统，装置和制品。一个示例系统包括内容加密管理器，用于响应于识别计算设备的第一人称模式来加密具有未加密的第一内容密钥的第一内容，角色层加密管理器，用第一公钥加密未加密的第一内容密钥以产生加密的第一内容密钥和元数据集成器，以将加密的第一内容密钥嵌入加密的第一内容。

4. 发明申请

WO2015094223A1 TECHNIQUES FOR INTEGRATED ENDPOINT AND NETWORK DETECTION AND ERADICATION OF ATTACKS 审中-公开
标题翻译：综合端点和网络检测和攻击的消除技术
公开(公告)号：WO2015094223A1
公开(公告)日：2015-06-25
申请号：PCT/US2013/076107
申请日：2013-12-18
申请人： INTEL CORPORATION , BEN-SHALOM, Omer , MUTTIK, Igor , NAYSHTUT, Alex , AVIDAN, Yaniv
发明人： BEN-SHALOM, Omer , MUTTIK, Igor , NAYSHTUT, Alex , AVIDAN, Yaniv
IPC分类号： G06F21/56
CPC分类号： H04L63/145 , G06F21/55 , G06F21/56 , G06F21/567 , H04L63/107 , H04L63/1416 , H04L63/1441
摘要： Various embodiments are generally directed to techniques to detect and eradicate malware attacks by employing information indicative of malware activity received from both endpoint devices and network devices proving network services to endpoint devices. An apparatus to detect malware includes a processor component, an analysis component for execution by the processor component to employ a trust level assigned to a device in a network as a factor in an analysis of an indication received from the device of a malware attack, and an eradication component for execution by the processor component to determine an action to take through the network to eradicate the malware attack based on the analysis. Other embodiments are described and claimed.
摘要翻译：各种实施例通常涉及通过采用指示从端点设备和网络设备接收的恶意软件活动的信息来检测和消除恶意软件攻击的技术，以证明网络服务到端点设备。用于检测恶意软件的装置包括处理器组件，用于由处理器组件执行的分析组件，以采用分配给网络中的设备的信任级别作为对从恶意软件攻击的设备接收的指示的分析的因素;以及用于由处理器组件执行以根据分析来确定通过网络以消除恶意软件攻击的动作的根除组件。描述和要求保护其他实施例。

5. 发明申请

WO2014209357A1 SUPERVISED ONLINE IDENTITY 审中-公开
标题翻译：监督的在线身份
公开(公告)号：WO2014209357A1
公开(公告)日：2014-12-31
申请号：PCT/US2013/048545
申请日：2013-06-28
申请人： NAYSHTUT, Alex , BEN-SHALOM, Omer , LI, Hong
发明人： NAYSHTUT, Alex , BEN-SHALOM, Omer , LI, Hong
IPC分类号： H04L12/66 , H04L12/26 , H04L9/32
CPC分类号： H04L63/102 , G06F21/554 , G06F21/629 , G06F2221/2137 , G06F2221/2149 , H04L63/083 , H04L63/101 , H04L63/105 , H04L63/20 , H04L63/205 , H04L67/22 , H04L67/306
摘要： Technologies to facilitate supervision of an online identify include a gateway server to facilitate and monitor access to an online service by a user of a "child" client computer device. The gateway server may include an identity manager to receive a request for access to the online service from the client computing device, retrieve access information to the online service, and facilitate access to the online service for the client computing device using the access information. The access information is kept confidential from the user. The gateway server may also include an activity monitor module to control activity between the client computing device and the online service based on the set of policy rules of a policy database. The gateway server may transmit notifications of such activity to a "parental" client computing device for review and/or approval, which also may be used to update the policy database.
摘要翻译：促进对在线识别的监督的技术包括网关服务器，以方便和监视“儿童”客户端计算机设备的用户对在线服务的访问。网关服务器可以包括身份管理器，以从客户端计算设备接收对在线服务的访问请求，检索对在线服务的访问信息，以及使用访问信息便于访问客户端计算设备的在线服务。访问信息对用户保密。网关服务器还可以包括活动监视器模块，用于基于策略数据库的策略规则集来控制客户端计算设备和在线服务之间的活动。网关服务器可以将这种活动的通知发送给“父母”客户端计算设备以供审查和/或批准，其也可用于更新策略数据库。

6. 发明申请

WO2014210246A1 ROOTKIT DETECTION BY USING HARDWARE RESOURCES TO DETECT INCONSISTENCIES IN NETWORK TRAFFIC 审中-公开
标题翻译：通过使用硬件资源检测网络流量中的不良情况的ROOTKIT检测
公开(公告)号：WO2014210246A1
公开(公告)日：2014-12-31
申请号：PCT/US2014/044227
申请日：2014-06-26
申请人： MCAFEE, INC. , BEN-SHALOM, Omer , NAYSHTUT, Alex , MUTTIK, Igor
发明人： BEN-SHALOM, Omer , NAYSHTUT, Alex , MUTTIK, Igor
IPC分类号： H04L12/26 , H04L12/24
CPC分类号： H04L63/1416 , G06F21/50 , G06F21/55 , G06F21/552 , G06F21/554 , G06F21/556 , H04L63/0227 , H04L63/12 , H04L63/14 , H04L63/1408 , H04L63/1425 , H04L63/145 , H04L63/16
摘要： A technique allows detection of covert malware that attempts to hide network traffic. By monitoring network traffic both in a secure trusted environment and in an operating system environment, then comparing the monitor data, attempts to hide network traffic can be detected, allowing the possibility of performing rehabilitative actions on the computer system to locate and remove the malware hiding the network traffic.
摘要翻译：一种技术允许检测隐藏恶意软件，试图隐藏网络流量。通过监视安全受信任环境和操作系统环境中的网络流量，可以对监视数据进行比较，可以检测到隐藏网络流量的尝试，从而允许在计算机系统上执行恢复操作，以定位和删除恶意软件隐藏网络流量。

7. 发明申请

WO2014142779A1 SECURE USER AUTHENTICATION WITH IMPROVED ONE-TIME-PASSCODE VERIFICATION 审中-公开
标题翻译：安全的用户验证与改进的一次性验证验证
公开(公告)号：WO2014142779A1
公开(公告)日：2014-09-18
申请号：PCT/US2013/030071
申请日：2013-03-09
申请人： INTEL CORPORATION , BIRK, Eran , BEN-SHALOM, Omer
发明人： BIRK, Eran , BEN-SHALOM, Omer
IPC分类号： H04L63/0823 , H04L63/08 , G06F21/31 , G06F21/10 , G06Q20/36 , G06Q20/40
CPC分类号： G06F21/31 , G06F21/33 , G06F21/44 , G06F21/73
摘要： Generally, this disclosure provides systems, devices, methods and computer readable media for secure user authentication with improved OTP verification. The device may include an attribute collection module configured to collect attributes associated with the device; a client trust module configured to identify a user of the device, associate a user ID with the user and transmit the user ID and the collected attributes to a trust broker system; the client trust module further configured to receive a device ID from the trust broker system, the device ID associated with a pairing of the user ID and the attributes; and a client OTP generation module configured to generate an OTP and further configured to transmit the OTP and the device ID to an authentication server.
摘要翻译：通常，本公开提供了用于通过改进的OTP验证进行安全用户认证的系统，设备，方法和计算机可读介质。所述设备可以包括被配置为收集与所述设备相关联的属性的属性收集模块; 客户端信任模块，被配置为识别所述设备的用户，将用户ID与所述用户相关联，并将所述用户ID和所收集的属性发送到信任代理系统; 所述客户端信任模块还被配置为从所述信任代理系统接收设备ID，所述设备ID与所述用户ID的配对和所述属性相关联; 以及客户端OTP生成模块，被配置为生成OTP并进一步被配置为将OTP和设备ID传送到认证服务器。

8. 发明申请

WO2013162492A1 SYSTEMS AND METHODS FOR AVOIDING INTERFERENCE FOR A PEER-TO-PEER NETWORK CONNECTION 审中-公开
标题翻译：用于避免对等网络连接干扰的系统和方法
公开(公告)号：WO2013162492A1
公开(公告)日：2013-10-31
申请号：PCT/US2012/034632
申请日：2012-04-23
申请人： INTEL CORPORATION , BARKAY, Omri , BEN-SHALOM, Omer
发明人： BARKAY, Omri , BEN-SHALOM, Omer
IPC分类号： H04W76/04 , H04W88/02 , H04W84/12
CPC分类号： H04W72/082 , H04W16/14 , H04W76/23 , H04W84/12
摘要： Systems and methods are described herein for avoiding interfering with 5GHZ frequency band signals with a peer-to-peer wireless local area network connection. A peer-to-peer client is notified of radar signals in proximity to the client over a master-to- client wireless local area connection with an enterprise access point. If the notification includes a non-interfering radar channel, the peer-to-peer client resets the peer-to-peer channel to the non-interfering radar channel. If the notification does not provide a non- interfering radar channel, the peer-to-peer client resets the peer-to-peer network connection to a non-dynamic frequency selection channel and may disconnect the Wi-Fi connection with the enterprise access point.
摘要翻译：本文描述了系统和方法，以避免用对等无线局域网连接来干扰5GHZ频带信号。通过与企业接入点的主 - 客户端无线局域网连接，向对等客户端通知接近客户端的雷达信号。如果通知包括无干扰的雷达信道，则对等客户端将对等信道重置到非干扰雷达信道。如果通知不提供非干扰雷达信道，则对等客户端将对等网络连接重置为非动态频率选择信道，并且可以断开与企业接入点的Wi-Fi连接。

9. 发明申请

WO2015099693A1 METHODS AND APPARATUS FOR PAIRING ITEMS FOR SECURITY 审中-公开
标题翻译：配对物品安全的方法和设备
公开(公告)号：WO2015099693A1
公开(公告)日：2015-07-02
申请号：PCT/US2013/077629
申请日：2013-12-23
申请人： INTEL CORPORATION , BIRK, Eran , BEN-SHALOM, Omer , GOVEZENSKY, Yosi , HASSIDIM, Yoram
发明人： BIRK, Eran , BEN-SHALOM, Omer , GOVEZENSKY, Yosi , HASSIDIM, Yoram
IPC分类号： G06F21/00 , G06F13/14 , G06F13/38
CPC分类号： G08B13/1427 , G06F21/445 , G06F2221/2101 , G06F2221/2111 , G06F2221/2115 , G08B21/0261 , G08B21/0269 , G08B21/0277 , H04W4/021
摘要： An item of value comprises an assembly of parts. The parts comprise a component that has value independent of the item, and an assembly security system that is operable to communicate with a central security system via a wide area network. The component comprises a component security system that is operable to communicate with the assembly security system. The assembly security system is operable to perform operations comprising (a) saving component data that identifies the component as part of the item; (b) after saving the component data, monitoring the component, via the component security system, to automatically determine whether the component has left a predetermined zone of proximity, relative to the item; and (c) in response to determining that the component has left the predetermined zone of proximity, automatically notifying the central security system that the component has left the predetermined zone of proximity. Other embodiments are described and claimed.
摘要翻译：价值项包括零件的组装。这些部件包括具有与项目无关的值的组件，以及可操作以经由广域网与中央安全系统通信的组装安全系统。该组件包括可操作以与组装安全系统通信的组件安全系统。组装安全系统可操作以执行操作，包括（a）将组件数据保存为项目的一部分; （b）在保存组件数据之后，通过组件安全系统监视组件以自动确定组件是否已经相对于项目已经离开预定的接近区域; 和（c）响应于确定组件已经离开预定的接近区域，自动通知中央安全系统组件已经离开预定的接近区域。描述和要求保护其他实施例。

10. 发明申请

WO2014052069A1 ALLOWING VARIED DEVICE ACCESS BASED ON DIFFERENT LEVELS OF UNLOCKING MECHANISMS 审中-公开
标题翻译：基于不同层次的解锁机制允许变化的设备访问
公开(公告)号：WO2014052069A1
公开(公告)日：2014-04-03
申请号：PCT/US2013/059895
申请日：2013-09-16
申请人： INTEL CORPORATION , SHIPPY, Keith , KOHLENBERG, Tobias , MIAN, Mubashir , SMITH, Ned , BEN-SHALOM, Omer , VISWANATHAN, Tarun , MORGAN, Dennis , VERRALL, Timothy , DAVE, Manish , BIRK, Eran
发明人： SHIPPY, Keith , KOHLENBERG, Tobias , MIAN, Mubashir , SMITH, Ned , BEN-SHALOM, Omer , VISWANATHAN, Tarun , MORGAN, Dennis , VERRALL, Timothy , DAVE, Manish , BIRK, Eran
IPC分类号： G06F21/30
CPC分类号： H04L63/105 , G06F21/316 , G06F2221/2105 , G06F2221/2113 , H04L63/08 , H04L2463/082 , H04W12/06 , H04W88/02
摘要： Systems and methods may provide for receiving runtime input from one or more unlock interfaces of a device and selecting a level of access with regard to the device from a plurality of levels of access based on the runtime input. The selected level of access may have an associated security policy, wherein an authentication of the runtime input may be conducted based on the associated security policy. In one example, one or more cryptographic keys are used to place the device in an unlocked state with regard to the selected level of access if the authentication is successful. If the authentication is unsuccessful, on the other hand, the device may be maintained in a locked state with regard to the selected level of access.
摘要翻译：系统和方法可以提供用于从设备的一个或多个解锁接口接收运行时间输入，并且基于运行时间输入从多个访问级别中选择关于设备的访问级别。所选择的访问级别可以具有相关联的安全策略，其中可以基于相关联的安全策略来执行运行时输入的认证。在一个示例中，如果认证成功，则使用一个或多个加密密钥来将设备关于所选择的访问级别放置在解锁状态。如果认证不成功，另一方面，相对于所选择的访问级别，设备可以保持在锁定状态。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式