专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US4924514A Personal identification number processing using control vectors 失效
标题翻译：使用控制向量进行个人识别号码处理
公开(公告)号：US4924514A
公开(公告)日：1990-05-08
申请号：US398300
申请日：1989-08-24
申请人： Stephen M. Matyas , Dennis G. Abraham , Donald B. Johnson , Ramesh K. Karne , An V. Le , Rostislaw Prymak , Julian Thomas , John D. Wilkins , Phil C. Yeh , Ronald M. Smith
发明人： Stephen M. Matyas , Dennis G. Abraham , Donald B. Johnson , Ramesh K. Karne , An V. Le , Rostislaw Prymak , Julian Thomas , John D. Wilkins , Phil C. Yeh , Ronald M. Smith
IPC分类号： G06F9/30 , G07F7/10 , H04L9/32
CPC分类号： G06F9/30018 , G06F9/30007 , G06Q20/3829 , G06Q20/4012 , G07F7/1016 , H04L9/0822 , H04L9/088 , H04L9/0894 , H04L9/3226 , H04L9/3271 , H04L2209/56
摘要： Cryptographic PIN processing is achieved in an improved manner by associating control vectors with the PIN generating (verification) keys and PIN encrypting keys which provide authorization for the uses of the keys intended by the originator of the keys. The originator may be the local cryptographic facility (CF) and a utility program under the control of a security administrator, or the originator may be another network node which uses the key management methods described in the above-referenced copending patent applications to distribute said keys.Among the uses specified by the control vector are limitations on the authority to use the associated key with certain PIN processing instructions, such as PIN generation, verification, translation and PIN block creation. Furthermore, the control vector may limit the authority of certain instructions to process clear PIN inputs (such as in PIN verification). The control vector may contain information identifying and, possibly restricting, PIN processing to a particular PIN format or particular processing algorithm.The control vector implementation provides a flexible method for coupling format, usage, and processing authorization to keys. The system administrator can exercise flexibility in changing the implementation of his security policy by selecting appropriate control vectors in accordance with the invention. Furthermore, a method is provided for the security administrator to restrict certain PIN format translations.
摘要翻译：通过将控制向量与PIN生成（验证）密钥和PIN加密密钥相关联来实现密码PIN处理，该密码提供对使用密钥发起者所期望的密钥的授权。发起者可以是本地加密设施（CF）和在安全管理员的控制下的实用程序，或者发起者可以是使用上述参考的未决专利申请中描述的密钥管理方法的另一个网络节点来分发所述密钥。由控制向量指定的用途之一是对使用相关密钥与某些PIN处理指令（例如PIN生成，验证，翻译和PIN块创建）的权限的限制。此外，控制向量可以限制某些指令的权限来处理明确的PIN输入（例如在PIN验证中）。控制向量可以包含识别并且可能限制对特定PIN格式或特定处理算法的PIN处理的信息。控制向量实现提供了一种用于将格式，使用和处理权限耦合到密钥的灵活方法。系统管理员可以通过根据本发明选择适当的控制向量来灵活地改变其安全策略的实现。此外，提供了一种用于安全管理员限制某些PIN格式转换的方法。

2. 发明授权

US4918728A Data cryptography operations using control vectors 失效
标题翻译：使用控制向量的数据加密操作
公开(公告)号：US4918728A
公开(公告)日：1990-04-17
申请号：US401486
申请日：1989-08-30
申请人： Stephen M. Matyas , Dennis G. Abraham , Donald B. Johnson , Ramesh K. Karne , An V. Le , Rostislaw Prymak , Julian Thomas , John D. Wilkins , Phil C. Yeh
发明人： Stephen M. Matyas , Dennis G. Abraham , Donald B. Johnson , Ramesh K. Karne , An V. Le , Rostislaw Prymak , Julian Thomas , John D. Wilkins , Phil C. Yeh
IPC分类号： G06F9/30 , H04L9/08
CPC分类号： G06F9/3885 , G06F9/30007 , G06F9/30018 , G06F9/3004 , G06F9/3895 , H04L9/0827 , H04L9/088 , H04L2209/12 , H04L2209/20 , H04L2209/38 , H04L2209/56
摘要： Data cryptography is achieved in an improved manner by associating with the data cryptography key, a control vector which provides the authorization for the uses of the key intended by the originator of the key. Among the uses specified by the control vector are limitations on encryption, decryption, authentication code generation and verification, translation of the user's data. Complex combinations of data manipulation functions are possible using the control vectors, in accordance with the invention. The system administrator can exercise flexibility in changing the implementation of his security policy by selecting appropriate control vectors in accordance with the invention. Complex scenarios such as encrypted mail box, session protection, file protection, ciphertext translation center, peer-to-peer ciphertext translation, message authentication, message authentication with non-repudiation and many others can be easily implemented by a system designer using the control vectors, in accordance with the invention.
摘要翻译：通过与数据密码密钥相关联的控制向量来提供数据加密，该控制向量为密钥的发起者使用的密钥的使用提供授权。控制向量指定的用途是对加密，解密，认证码生成和验证，用户数据的翻译的限制。根据本发明，使用控制向量可以实现数据操作功能的复杂组合。系统管理员可以通过根据本发明选择适当的控制向量来灵活地改变其安全策略的实现。复杂场景如加密邮箱，会话保护，文件保护，密文翻译中心，点对点密文翻译，消息认证，具有不可否认性的消息认证等等可以很容易地由系统设计者使用控制向量，根据本发明。

3. 发明授权

US4941176A Secure management of keys using control vectors 失效
标题翻译：使用控制向量安全地管理密钥
公开(公告)号：US4941176A
公开(公告)日：1990-07-10
申请号：US231114
申请日：1988-08-11
申请人： Stephen M. Matyas , Dennis G. Abraham , Donald B. Johnson , Ramesh K. Karne , An V. Le , Rostislaw Prymak , Julian Thomas , John D. Wilkins , Phil C. Yeh
发明人： Stephen M. Matyas , Dennis G. Abraham , Donald B. Johnson , Ramesh K. Karne , An V. Le , Rostislaw Prymak , Julian Thomas , John D. Wilkins , Phil C. Yeh
IPC分类号： G09C1/00 , G06F9/30 , H04L9/00 , H04L9/08 , H04L9/10 , H04L9/32
CPC分类号： G06F9/30076 , G06F9/30007 , G06F9/30018 , H04L9/0827 , H04L9/088 , H04L2209/12 , H04L2209/38
摘要： The invention is an apparatus and method for validating that key management functions requested for a cryptographic key by the program have been authorized by the originator of the key. The invention includes a cryptographic facility characterized by a secure boundary through which passes an input path for receiving the cryptographic service requests, cryptographic keys and their associated control vectors, and an output path for providing responses thereto. There can be included within the boundary a cryptographic instruction storage coupled to the input path, a control vector checking unit and a cryptographic processing unit coupled to the instruction storage, and a master key storage coupled to the processing means, for providing a secure location for executing key management functions in response to the received service requests. The cryptographic instruction storage receives over the input path a cryptographic service request for performing a key management function on a cryptographic key. The control vector checking unit has an input coupled to the input path for receiving a control vector associated with the cryptographic key and an input connected to the cryptographic instruction storage, for receiving control signals to initiate checking that the control vector authorizes the key management function which is requested by the cryptographic service request. The control vector checking unit has an authorization output connected to an input of the cryptographic processing means, for signalling that the key management function is authorized, the receipt of which by the cryptographic processing unit initiates the performance of the requested key management function with the cryptographic key. The invention enables the flexible control of many cryptographic key management functions in the generation, distribution and use of cryptographic keys, while maintaining a high security standard.
摘要翻译：本发明是用于验证由程序所请求的加密密钥的密钥管理功能已被密钥的发起者授权的装置和方法。本发明包括一个加密设施，其特征在于一个安全边界，通过该边界通过用于接收加密服务请求的输入路径，加密密钥及其相关控制向量，以及用于提供响应的输出路径。可以在边界内包括耦合到输入路径的加密指令存储器，耦合到指令存储器的控制向量检查单元和密码处理单元，以及耦合到处理装置的主密钥存储器，用于提供用于响应于所接收的服务请求执行密钥管理功能。加密指令存储器通过输入路径接收用于对加密密钥执行密钥管理功能的密码服务请求。控制向量检查单元具有耦合到输入路径的输入，用于接收与密码密钥相关联的控制向量和连接到密码指令存储器的输入，用于接收控制信号以启动检查控制向量授权密钥管理功能，被加密服务请求请求。控制向量检查单元具有连接到密码处理装置的输入的授权输出，用于发信号通知密钥管理功能被授权，密码处理单元接收密钥管理功能的密码管理功能的密码键。本发明能够灵活地控制密码密钥的生成，分发和使用中的许多加密密钥管理功能，同时保持高安全性的标准。

4. 发明授权

US5214698A Method and apparatus for validating entry of cryptographic keys 失效
标题翻译：用于验证加密密钥的输入的方法和装置
公开(公告)号：US5214698A
公开(公告)日：1993-05-25
申请号：US672265
申请日：1991-03-20
申请人： Ronald M. Smith, Sr. , Phil C. Yeh , Randall J. Easter , Donald B. Johnson , An Van Le , Stephen M. Matyas , Julian Thomas , John D. Wilkins
发明人： Ronald M. Smith, Sr. , Phil C. Yeh , Randall J. Easter , Donald B. Johnson , An Van Le , Stephen M. Matyas , Julian Thomas , John D. Wilkins
IPC分类号： G09C1/00 , H04L9/08
CPC分类号： H04L9/088
摘要： A cryptographic facility implements a multiple key part import procedure. The installation manager can verify that a key part has been correctly entered and has not been compromised. The security requirement for the procedure is that no single party can subvert the system security by misusing the procedure. This is accomplished by the use of a control-vector-dependent verification pattern to indicate that each key part has been accepted by using the proper control vector and the use of different key switch positions to specify whether the key part is a master key part or an operational key part and whether the key part is a first part or a subsequent key part. The apparatus provides an automatic reset of the key part register at the completion of each key-entry instruction so that each key part can be imported only once. This prevents the same key part from being imported twice as different key part types. The apparatus also prevents a key part from being combined with itself to create a known key. The procedure is fail-safe so that the program cannot steal a key part from a previously failed procedure.
摘要翻译：密码工具实现了多重关键部分导入过程。安装管理员可以验证关键部件是否已正确输入，并且未被泄露。程序的安全要求是，没有一方可以通过滥用程序颠覆系统安全。这是通过使用控制向量相关的验证模式来实现的，以通过使用适当的控制向量来指示每个关键部分已被接受，并且使用不同的键开关位置来指定关键部分是主键部分还是主键部分操作键部分以及关键部分是第一部分还是随后的关键部分。该装置在完成每个键入指令时提供关键部分寄存器的自动复位，使得每个键部分只能被导入一次。这样可以防止相同的关键部分作为不同的关键部件类型被导入两次。该装置还防止关键部分与其自身组合以创建已知密钥。该过程是故障安全的，以便程序不能从以前失败的过程中窃取关键部分。

5. 发明授权

US5081677A Crypotographic key version control facility 失效
标题翻译： CRYPOTOGRAPHIC KEY VERSION控制设备
公开(公告)号：US5081677A
公开(公告)日：1992-01-14
申请号：US576562
申请日：1990-08-31
申请人： Lucina L. Green , Michael J. Kelly , Ronald M. Smith , Julian Thomas , Phil C. Yeh
发明人： Lucina L. Green , Michael J. Kelly , Ronald M. Smith , Julian Thomas , Phil C. Yeh
IPC分类号： G09C1/00 , G06F12/14 , H04L9/08
CPC分类号： G06F12/1408
摘要： A facility for making dynamic changes to a system master key without stopping the system, and without loss of integrity to ongoing cryptographic operations. A version number is generated and associated with the current master key. A dynamic change is made to the master key, resulting in the then current master key becoming the old master key, and a "new" current master key (with a new version number) being placed into operation. Subsequent cryptographic requests using a supplied key enciphered under the old master key are identified by means of a supplied version number associated with the supplied key. This identification triggers a reencipher operation, reenciphering the supplied key under the now current master key--after which the cryptographic operation proceeds. Unique patterns are generated to verify the contents of the master key registers, and to authorize normal use of the cryptographic facility, and issuers of key-change operations.

6. 发明授权

US4979098A Multiple address space token designation, protection controls, designation translation and lookaside 失效
标题翻译：多地址空间令牌指定，保护控制，指定翻译和后备
公开(公告)号：US4979098A
公开(公告)日：1990-12-18
申请号：US535248
申请日：1990-06-08
申请人： Richard I. Baum , Terry L. Borden , Justin R. Butwell , Carl E. Clark , Alan G. Ganek , James Lum , Michael G. Mall , Kenneth E. Plambeck , Casper A. Scalzi , Richard J. Schmalz , Ronald M. Smith , Julian Thomas
发明人： Richard I. Baum , Terry L. Borden , Justin R. Butwell , Carl E. Clark , Alan G. Ganek , James Lum , Michael G. Mall , Kenneth E. Plambeck , Casper A. Scalzi , Richard J. Schmalz , Ronald M. Smith , Julian Thomas
IPC分类号： G06F9/46 , G06F12/02 , G06F12/10 , G06F12/14
CPC分类号： G06F9/468 , G06F12/0292 , G06F12/1036 , G06F12/1483
摘要： A method and apparatus is provided to translate the contents of access registers into information for use in performing addressing functions for multiple virtual address spaces. The access registers represent the full addressing capability of the system but do not directly contain the addressing information. The system has a plurality of general purpose registers, a plurality of access registers associated with the general registers, an access list having access list entries which is addressed by the contents of the access register, memory storage for holding address space number second table entries (ASTE), where the contents of the access list entry locate the ASTE and where the ASTE contains the addressing information needed to translate a virtual address when combined with the contents of a general purpose register. Access register translation (ART) consists of the process of determining addressing information by using the access list entry and the ASTE. The results of the ART process are stored in an ART lookaside buffer (ALB) which stores the results of ART while valid for later use.
摘要翻译：提供了一种方法和装置，用于将访问寄存器的内容转换为用于执行多个虚拟地址空间的寻址功能的信息。访问寄存器表示系统的完整寻址能力，但不直接包含寻址信息。该系统具有多个通用寄存器，与通用寄存器相关联的多个访问寄存器，具有由访问寄存器的内容寻址的访问列表条目的访问列表，用于保存地址空间数第二表条目的存储器存储 ASTE），其中访问列表条目的内容定位ASTE，并且ASTE包含当与通用寄存器的内容组合时将虚拟地址翻译所需的寻址信息。访问注册翻译（ART）包括通过使用访问列表条目和ASTE来确定寻址信息的过程。 ART处理的结果存储在ART后视缓冲器（ALB）中，其存储ART的结果，有效期以后使用。

7. 发明申请

US20070005385A1 Dynamically triggering notifications to human participants in an integrated content production process 有权
标题翻译：在集成的内容制作过程中动态触发向参与者发送的通知
公开(公告)号：US20070005385A1
公开(公告)日：2007-01-04
申请号：US11364411
申请日：2006-02-27
申请人： Stephen Deane , Julian Thomas
发明人： Stephen Deane , Julian Thomas
IPC分类号： G06Q99/00
CPC分类号： G06Q10/10 , G06Q10/06 , G06Q20/10
摘要： An integrated content production environment includes a connected services framework providing connectivity to a set of applications that produce content for the media industry. Users in their roles use the integrated environment to perform setting up, ingesting, logging, selecting, editing, reviewing, playout, distributing, and archiving activities. Notifications are dynamically triggered to users when their action is requested. The notifications may be instant messages, e-mails, voice mails, etc. Throughout the production of content, actions by both users the applications are tracked and stored in a log file for processing. The action data in the log file may include payload data from messages. When one or more applications or when one or more users of the environment have excess capacity, that capacity can be leveraged. External users can purchase or bid on the excess capacity and can then access the environment through available web services.
摘要翻译：集成的内容制作环境包括连接服务框架，提供与为媒体行业产生内容的一组应用程序的连接。他们角色中的用户使用集成环境来执行设置，摄取，记录，选择，编辑，查看，播放，分发和归档活动。当请求动作时，通知会动态地触发给用户。通知可以是即时消息，电子邮件，语音邮件等。在整个内容制作过程中，用户和应用程序的动作被跟踪并存储在日志文件中进行处理。日志文件中的动作数据可以包括来自消息的有效载荷数据。当一个或多个应用程序或一个或多个环境用户具有超额容量时，可以利用该容量。外部用户可以购买或出价超额容量，然后可以通过可用的Web服务访问环境。

8. 发明申请

US20070005387A1 Providing excess resources as a service 有权
标题翻译：提供超额资源作为服务
公开(公告)号：US20070005387A1
公开(公告)日：2007-01-04
申请号：US11401985
申请日：2006-04-11
申请人： Stephen Deane , Julian Thomas
发明人： Stephen Deane , Julian Thomas
IPC分类号： G06Q99/00
CPC分类号： H04L67/10 , G06Q10/00
摘要： An integrated content production environment includes a connected services framework providing connectivity to a set of applications that produce content for the media industry. Users in their roles use the integrated environment to perform setting up, ingesting, logging, selecting, editing, reviewing, playout, distributing, and archiving activities. Notifications are dynamically triggered to users when their action is requested. The notifications may be instant messages, e-mails, voice mails, etc. Throughout the production of content, actions by both users the applications are tracked and stored in a log file for processing. The action data in the log file may include payload data from messages. When one or more applications or when one or more users of the environment have excess capacity, that capacity can be leveraged. External users can purchase or bid on the excess capacity and can then access the environment through available web services.
摘要翻译：集成的内容制作环境包括连接服务框架，提供与为媒体行业产生内容的一组应用程序的连接。他们角色中的用户使用集成环境来执行设置，摄取，记录，选择，编辑，查看，播放，分发和归档活动。当请求动作时，通知会动态地触发给用户。通知可以是即时消息，电子邮件，语音邮件等。在整个内容制作过程中，用户和应用程序的动作被跟踪并存储在日志文件中进行处理。日志文件中的动作数据可以包括来自消息的有效载荷数据。当一个或多个应用程序或一个或多个环境用户具有超额容量时，可以利用该容量。外部用户可以购买或出价超额容量，然后可以通过可用的Web服务访问环境。

9. 发明申请

US20070005386A1 Content production maintenance tool for human and non-human activity tracking 审中-公开
标题翻译：用于人和非人类活动跟踪的内容制作维护工具
公开(公告)号：US20070005386A1
公开(公告)日：2007-01-04
申请号：US11401778
申请日：2006-04-11
申请人： Stephen Deane , Julian Thomas
发明人： Stephen Deane , Julian Thomas
IPC分类号： G06Q99/00
CPC分类号： G06Q10/00
摘要： An integrated content production environment includes a connected services framework providing connectivity to a set of applications that produce content for the media industry. Users in their roles use the integrated environment to perform setting up, ingesting, logging, selecting, editing, reviewing, playout, distributing, and archiving activities. Notifications are dynamically triggered to users when their action is requested. The notifications may be instant messages, e-mails, voice mails, etc. Throughout the production of content, actions by both users the applications are tracked and stored in a log file for processing. The action data in the log file may include payload data from messages. When one or more applications or when one or more users of the environment have excess capacity, that capacity can be leveraged. External users can purchase or bid on the excess capacity and can then access the environment through available web services.
摘要翻译：集成的内容制作环境包括连接服务框架，提供与为媒体行业产生内容的一组应用程序的连接。他们角色中的用户使用集成环境来执行设置，摄取，记录，选择，编辑，查看，播放，分发和归档活动。当请求动作时，通知会动态地触发给用户。通知可以是即时消息，电子邮件，语音邮件等。在整个内容制作过程中，用户和应用程序的动作被跟踪并存储在日志文件中进行处理。日志文件中的动作数据可以包括来自消息的有效载荷数据。当一个或多个应用程序或一个或多个环境用户具有超额容量时，可以利用该容量。外部用户可以购买或出价超额容量，然后可以通过可用的Web服务访问环境。

10. 发明授权

US5442763A System and method for preventing deadlock in multiprocessor multiple resource instructions 失效
标题翻译：用于防止多处理器多资源指令中的死锁的系统和方法
公开(公告)号：US5442763A
公开(公告)日：1995-08-15
申请号：US350242
申请日：1994-12-06
申请人： Robert F. Bartfai , Barry P. Lubart , Julian Thomas
发明人： Robert F. Bartfai , Barry P. Lubart , Julian Thomas
IPC分类号： G06F15/16 , G06F9/46 , G06F9/52 , G06F15/177 , G06F13/00
CPC分类号： G06F9/524
摘要： A system and method for preventing deadlock in a multiprocessor computer system executing instructions requiring multiple resources. The system detects potential deadlock situations where a multi-resource instruction is blocked from obtaining one of the resources. A multi-resource instruction global lock is provided that can be held by at most one processor. Upon conflict detection, the processor attempts to acquire the multi-resource instruction global lock and, if successful, resumes resource acquisition. The use of a global lock serializes multiple resource requests and assures that the processor holding the lock can eventually acquire all required resources without deadlock with another processor. The preferred embodiment acquires the global lock on an exception basis to minimize the overhead impact. However, an alternate embodiment which uses the global lock in each multiple resource instruction could also be implemented. Synonym detection logic is provided to detect the situation where a conflict is caused by address resolution to a synonymous lock by the processor.
摘要翻译：一种用于防止执行需要多个资源的指令的多处理器计算机系统中的死锁的系统和方法。系统检测潜在的死锁情况，其中多资源指令被阻止获得资源之一。提供可以由至多一个处理器保持的多资源指令全局锁。在冲突检测后，处理器尝试获取多资源指令全局锁定，如果成功，则恢复资源采集。使用全局锁序列化多个资源请求，并确保持有锁的处理器可以最终获取所有必需资源，而不会与另一个处理器发生死锁。优选实施例以异常获取全局锁定以最小化开销影响。然而，也可以实现在每个多资源指令中使用全局锁的替代实施例。提供同义词检测逻辑，以检测由处理器对同义锁定的地址解析造成冲突的情况。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式