专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07305555B2 Smart card mating protocol 有权
标题翻译：智能卡配对协议
公开(公告)号：US07305555B2
公开(公告)日：2007-12-04
申请号：US10109111
申请日：2002-03-27
申请人： John I. Okimoto , Eric J. Sprunk , Lawrence W. Tang , Annie On-yee Chen , Bridget Kimball , Douglas Petty
发明人： John I. Okimoto , Eric J. Sprunk , Lawrence W. Tang , Annie On-yee Chen , Bridget Kimball , Douglas Petty
IPC分类号： H04L9/00 , H04K1/00 , G06F11/30 , G06F12/14 , G06Q40/00 , H04L9/32 , H04N7/167 , H04N1/44 , H04K1/02
CPC分类号： H04N21/254 , H04N7/163 , H04N21/2543 , H04N21/26609 , H04N21/4181 , H04N21/4367 , H04N21/4623
摘要： A system is described for uniquely mating components of a communication network such as a smartcard and a set-top box. When mated, the smartcard and set-top box are tied together and have a single identity. Further, the smartcard operates properly only when inserted into an authorized set-top box. Exchanges of information between both components are secured by encryption and authentication to guard against piracy of the exchanged information. The system provides the same authentication key to the set-top box and the smartcard. This key is used for authenticating communication between the set-top box and the smartcard. First, the authentication key is encrypted by a set-top box mating key. The set-top box employs this mating key to decrypt the authentication key. After it is derived, the authentication key is stored in the set-top box's memory. Further, the same authentication key is encrypted by a smartcard mating key. Thereafter, the smartcard employs the smartcard mating key to extract the authentication key. The clear authentication key is stored in the smartcard's memory as well. In this manner, the authentication key is used for securing all communication between the set-top box and the smart-card. For example, the set-top box may request control words from the smartcard. Only after authenticating the request, are the control words for decrypting digital content provided to the set-top box. If the smartcard authentication key is different from the set-top box key, the request for control words is denied.
摘要翻译：描述了用于唯一地匹配诸如智能卡和机顶盒之类的通信网络的组件的系统。当配对时，智能卡和机顶盒被捆绑在一起并具有单一身份。此外，仅当插入授权的机顶盒时，智能卡才能正常运行。通过加密和认证来确保两个组件之间的信息交换，以防止所交换信息的盗版。系统向机顶盒和智能卡提供相同的认证密钥。该密钥用于认证机顶盒和智能卡之间的通信。首先，认证密钥由机顶盒配对密钥加密。机顶盒采用这种配对密钥来解密认证密钥。导出后，身份验证密钥存储在机顶盒的内存中。此外，相同的认证密钥由智能卡配对密钥加密。此后，智能卡采用智能卡配对密钥来提取认证密钥。清除认证密钥也存储在智能卡的存储器中。以这种方式，认证密钥用于保护机顶盒和智能卡之间的所有通信。例如，机顶盒可以从智能卡请求控制字。只有在认证请求之后，才是解密提供给机顶盒的数字内容的控制字。如果智能卡认证密钥与机顶盒密钥不同，则拒绝对控制字的请求。

2. 发明授权

US07929483B2 Method and apparatus for providing a secure system time 有权
标题翻译：提供安全系统时间的方法和装置
公开(公告)号：US07929483B2
公开(公告)日：2011-04-19
申请号：US11026413
申请日：2004-12-30
申请人： Bridget D. Kimball , Michael T. Habrat , John I. Okimoto , Douglas M. Petty , Eric J. Sprunk , Lawrence W. Tang
发明人： Bridget D. Kimball , Michael T. Habrat , John I. Okimoto , Douglas M. Petty , Eric J. Sprunk , Lawrence W. Tang
IPC分类号： H04B7/212
CPC分类号： G06F21/10 , G06F21/725 , H04L63/123 , H04L2463/121
摘要： The present invention discloses a system and method for providing a secured system time reference to a subscriber device, e.g., a set top box or a receiver. In one embodiment, the system time reference is provided in a secure system time message that is broadcasted to a plurality of subscriber devices. Each subscriber device has a security device or software application that is capable of determining whether the received system time reference is legitimate. If the system time reference is determined to be legitimate, a local time reference is synchronized with said received system time reference.
摘要翻译：本发明公开了一种用于向订户设备（例如机顶盒或接收机）提供安全系统时间参考的系统和方法。在一个实施例中，在广播到多个订户设备的安全系统时间消息中提供系统时间参考。每个用户设备具有能够确定所接收的系统时间参考是否合法的安全设备或软件应用。如果确定系统时间参考是合法的，则将本地时间基准与所接收的系统时间参考同步。

3. 发明授权

US06711684B1 Variable security code download for an embedded processor 有权
标题翻译：用于嵌入式处理器的可变安全代码下载
公开(公告)号：US06711684B1
公开(公告)日：2004-03-23
申请号：US09394765
申请日：1999-09-13
申请人： Paul Moroney , Eric J. Sprunk , Adam L. Rappoport , Lawrence W. Tang
发明人： Paul Moroney , Eric J. Sprunk , Adam L. Rappoport , Lawrence W. Tang
IPC分类号： G06F1214
CPC分类号： G06F21/572 , G06F8/66 , G06F12/1408 , G06F21/64 , G06F21/71 , G06F21/72 , G06F21/73 , G06F21/74 , G06F2207/7219 , G06F2221/2105 , G06F2221/2129 , G06F2221/2147
摘要： Methods and an apparatus for storing information in a processing device with flexible security are disclosed. In one embodiment, a method stores information within the processing device. The method receives a download via a first input path which includes a first breakable link and stores the download within the processing device. At some point, a key is also stored within the processing device. A ciphertext download is received via a second input path which includes a second breakable link. The ciphertext download is decrypted utilizing the key and the resulting plaintext download is stored within the processing device.
摘要翻译：公开了一种在具有灵活安全性的处理设备中存储信息的方法和装置。在一个实施例中，方法将信息存储在处理设备内。该方法经由包括第一可破坏链路的第一输入路径接收下载，并将该下载存储在处理设备内。在某一点上，密钥也存储在处理设备内。经由包括第二可破坏链路的第二输入路径接收密文下载。使用密钥对密文下载进行解密，并将所得到的明文下载存储在处理设备内。

4. 发明授权

US07764793B2 Method to leverage a secure device to grant trust and identity to a second device 有权
标题翻译：利用安全设备向第二设备授予信任和身份的方法
公开(公告)号：US07764793B2
公开(公告)日：2010-07-27
申请号：US11255113
申请日：2005-10-20
申请人： Xin Qiu , Bridget D. Kimball , Eric J. Sprunk , Lawrence W. Tang
发明人： Xin Qiu , Bridget D. Kimball , Eric J. Sprunk , Lawrence W. Tang
IPC分类号： H04L29/06 , H04K1/00 , H04N7/16 , H04N7/167
CPC分类号： H04L9/083 , H04L9/0841 , H04L63/0428 , H04L2463/062
摘要： According to one embodiment of the invention a system is utilized to leverage the security arrangement between a first and second device to establish a secure link between the first device and a third device. One embodiment of the invention is particularly suitable for loading security data on a set top box, such as that utilized in the cable television industry.
摘要翻译：根据本发明的一个实施例，利用系统利用第一和第二设备之间的安全布置来建立第一设备和第三设备之间的安全链路。本发明的一个实施例特别适合于将安全数据加载在诸如有线电视工业中使用的机顶盒上。

5. 发明授权

US08544077B2 Internet protocol telephony security architecture 有权
公开(公告)号：US08544077B2
公开(公告)日：2013-09-24
申请号：US12490124
申请日：2009-06-23
申请人： Eric J. Sprunk , Paul Moroney , Alexander Medvinsky , Steven E. Anderson , Jonathan A. Fellows
发明人： Eric J. Sprunk , Paul Moroney , Alexander Medvinsky , Steven E. Anderson , Jonathan A. Fellows
IPC分类号： G06F7/04
CPC分类号： H04L29/06027 , G06F12/1408 , G06F21/606 , G06F2207/7219 , G06F2211/008 , G06F2221/2129 , H04L9/083 , H04L9/0841 , H04L9/3213 , H04L9/3263 , H04L63/0435 , H04L63/0442 , H04L63/061 , H04L63/062 , H04L63/0807 , H04L63/12 , H04L65/1043
摘要： A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.

6. 发明授权

US08356314B2 Object and resource security system 有权
标题翻译：对象和资源安全系统
公开(公告)号：US08356314B2
公开(公告)日：2013-01-15
申请号：US11250352
申请日：2005-10-14
申请人： Eric J. Sprunk
发明人： Eric J. Sprunk
IPC分类号： H04N7/16 , H04N7/167
CPC分类号： H04L63/08 , H04N7/1675 , H04N21/23476 , H04N21/2541 , H04N21/4117 , H04N21/435 , H04N21/4424 , H04N21/4623 , H04N21/8166 , H04N21/835 , H04N21/8355 , H04N2005/91364
摘要： A method for securing a plaintext object within a content receiver is described. In one step, a secure portion of a secure object and a plaintext remainder of the secure object are received. Which portion of the secure object is the secure portion is determined. The secure portion is decrypted to provide a plaintext portion. The plaintext object that comprises the plaintext portion and the plaintext remainder is formed. The plaintext object is stored including authentication and authorization.
摘要翻译：描述了用于保护内容接收器内的明文对象的方法。在一个步骤中，接收安全对象的安全部分和安全对象的明文剩余部分。确定安全对象的哪一部分是安全部分。解密安全部分以提供明文部分。形成包含明文部分和明文余数的明文对象。存储明文对象包括认证和授权。

7. 发明授权

US08321663B2 Enhanced authorization process using digital signatures 有权
标题翻译：增强使用数字签名的授权过程
公开(公告)号：US08321663B2
公开(公告)日：2012-11-27
申请号：US12650943
申请日：2009-12-31
申请人： Alexander Medvinsky , Tat Keung Chan , Eric J. Sprunk
发明人： Alexander Medvinsky , Tat Keung Chan , Eric J. Sprunk
IPC分类号： H04L9/00
CPC分类号： H04L9/3263 , H04L9/3247 , H04L63/0823 , H04L63/162 , H04L2209/60 , H04L2209/80 , H04W12/06
摘要： A method is provided for enhancing security of a communication session between first and second endpoints which employs a key management protocol. The method includes sending a first message to a first end point over a communications network requesting a secure communication session therewith. The message includes an identity of a second end point requesting the authenticated communication session. A digital certificate is received from the first endpoint over the communications network. The digital certificate is issued by a certifying source verifying information contained in the digital certificate. The digital certificate includes a plurality of fields, one or more of which are transformed in accordance with a transformation algorithm. A reverse transform is applied to the one or more transformed fields to obtain the one or more fields. The digital certificate is validated and a second message is sent to the first endpoint indicating that validation is complete.
摘要翻译：提供了一种用于增强使用密钥管理协议的第一和第二端点之间的通信会话的安全性的方法。该方法包括通过通信网络向第一终端发送请求与其的安全通信会话的第一消息。该消息包括请求认证通信会话的第二端点的标识。通过通信网络从第一端点接收数字证书。数字证书由认证来源验证数字证书中包含的信息。数字证书包括多个字段，其中一个或多个字段根据变换算法进行变换。对一个或多个变换字段应用反向变换以获得一个或多个字段。验证数字证书，并将第二个消息发送到第一个端点，表示验证完成。

8. 发明申请

US20110161661A1 ENHANCED AUTHORIZATION PROCESS USING DIGITAL SIGNATURES 有权
标题翻译：使用数字签名的增强授权过程
公开(公告)号：US20110161661A1
公开(公告)日：2011-06-30
申请号：US12650943
申请日：2009-12-31
申请人： Alexander Medvinsky , Tat Keung Chan , Eric J. Sprunk
发明人： Alexander Medvinsky , Tat Keung Chan , Eric J. Sprunk
IPC分类号： H04L9/32 , H04L29/06 , H04L9/28
CPC分类号： H04L9/3263 , H04L9/3247 , H04L63/0823 , H04L63/162 , H04L2209/60 , H04L2209/80 , H04W12/06
摘要： A method is provided for enhancing security of a communication session between first and second endpoints which employs a key management protocol. The method includes sending a first message to a first end point over a communications network requesting a secure communication session therewith. The message includes an identity of a second end point requesting the authenticated communication session. A digital certificate is received from the first endpoint over the communications network. The digital certificate is issued by a certifying source verifying information contained in the digital certificate. The digital certificate includes a plurality of fields, one or more of which are transformed in accordance with a transformation algorithm. A reverse transform is applied to the one or more transformed fields to obtain the one or more fields. The digital certificate is validated and a second message is sent to the first endpoint indicating that validation is complete.
摘要翻译：提供了一种用于增强使用密钥管理协议的第一和第二端点之间的通信会话的安全性的方法。该方法包括通过通信网络向第一终端发送请求与其的安全通信会话的第一消息。该消息包括请求认证通信会话的第二端点的标识。通过通信网络从第一端点接收数字证书。数字证书由认证来源验证数字证书中包含的信息。数字证书包括多个字段，其中一个或多个字段根据变换算法进行变换。对一个或多个变换字段应用反向变换以获得一个或多个字段。验证数字证书，并将第二个消息发送到第一个端点，表示验证完成。

9. 发明授权

US06810525B1 Impulse pay per use method and system for data and multimedia services 有权
标题翻译：数据和多媒体服务的使用方法和系统的脉冲支付
公开(公告)号：US06810525B1
公开(公告)日：2004-10-26
申请号：US09631328
申请日：2000-08-03
申请人： Reem Safadi , Eric J. Sprunk , Doug Makofka , Ray Bontempi
发明人： Reem Safadi , Eric J. Sprunk , Doug Makofka , Ray Bontempi
IPC分类号： H04N7173
CPC分类号： H04N21/47211 , G06Q20/12 , G06Q20/145 , G06Q20/3674 , G07F17/16 , H04N7/165 , H04N7/1675 , H04N21/2543 , H04N21/25875 , H04N21/478 , H04N21/6125 , H04N21/63345 , H04N2007/1739
摘要： A method and system are provided for impulse purchasing of services over a communication network, such as a cable or satellite television network. Such services can include games or information accompanying television programming, home-shopping, e-mail services, streaming media and the like. Security is provided through entitlements generated by the access controller 14 and entitlement tokens generated by a secure processor. The secure processor is located at a subscriber terminal 16 through which a subscriber orders and obtains the services. A token is generated when the subscriber either selects the service, if pre-authorized, or when the service is purchased on impulse. The token is secure and signed, and may be used by a policy/proxy server 18 subtending to the Network Operator's ISP and associated services to further facilitate offering these services to the subscribers.
摘要翻译：提供了一种方法和系统，用于通过诸如有线电视或卫星电视网络的通信网络的脉冲购买服务。这样的服务可以包括伴随电视节目，家庭购物，电子邮件服务，流媒体等的游戏或信息。通过由访问控制器14产生的授权和由安全处理器产生的授权令牌来提供安全性。安全处理器位于用户终端16，用户通过该终端订购并获得服务。当用户选择服务时，如果预先授权，或者服务是按冲动购买的，则产生一个令牌。该令牌是安全和签名的，并且可以被对准网络运营商的ISP和相关联的服务的策略/代理服务器18使用，以进一步促进向订户提供这些服务。

10. 发明授权

US06804782B1 Countermeasure to power attack and timing attack on cryptographic operations 有权
标题翻译：电力攻击和加密操作定时攻击的对策
公开(公告)号：US06804782B1
公开(公告)日：2004-10-12
申请号：US09373866
申请日：1999-08-13
申请人： Xin Qiu , Eric J. Sprunk , Daniel Z. Simon , Lawrence Tang , Lawrence R. Cook
发明人： Xin Qiu , Eric J. Sprunk , Daniel Z. Simon , Lawrence Tang , Lawrence R. Cook
IPC分类号： G06F1130
CPC分类号： G06F9/3001 , G06F2207/7219 , H04L9/003 , H04L9/005 , H04L9/3013 , H04L9/302
摘要： A cryptography circuit provides secure processing of data by utilizing countermeasures that combat timing and power attacks. Superfluous operations such as multiplication operations, modular reductions by an integer, storage of data to memory are available for use by a processor to disguise the amount of power usage and the amount of time required to perform a cryptographic operation. A cryptographic key is available for use in order to trigger when these emulated operations occur. The occurrences of the emulated operations is controlled by the user to provide the preferred tradeoff between security and use of resources.
摘要翻译：加密电路通过利用对抗定时和电源攻击的对策来提供对数据的安全处理。多余的操作，例如乘法运算，整数模块化减少，数据存储到存储器可供处理器使用，以掩盖功率使用量和执行加密操作所需的时间。可以使用加密密钥来在这些仿真操作发生时触发。仿真操作的发生由用户控制，以提供资源的安全性和使用之间的首选权衡。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式