会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明申请
    • Method and system for using a portable computing device as a smart key device
    • 使用便携式计算设备作为智能钥匙设备的方法和系统
    • US20060133615A1
    • 2006-06-22
    • US11014067
    • 2004-12-16
    • Steven BadeChing-Yun Chao
    • Steven BadeChing-Yun Chao
    • H04L9/00
    • G06F21/33G06F21/34G06F21/445H04L9/3265H04L9/3273H04L2209/56H04L2209/805
    • A first data processing system, which includes a first cryptographic device, is communicatively coupled with a second data processing system, which includes a second cryptographic device. The cryptographic devices then mutually authenticate themselves. The first cryptographic device stores a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair that is associated with the second data processing system. The second cryptographic device stores a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair that is associated with the first data processing system. In response to successfully performing the mutual authentication operation between the two cryptographic systems, the first data processing system is enabled to invoke sensitive cryptographic functions on the first cryptographic device while the first data processing system remains communicatively coupled with the second data processing system.
    • 包括第一密码装置的第一数据处理系统与包括第二密码装置的第二数据处理系统通信地耦合。 然后密码设备会自己相互认证。 第一加密设备存储与第二数据处理系统相关联的第一非对称密码密钥对和第二非对称密码密钥对的公钥的私钥。 第二加密设备存储第二非对称密码密钥对的私钥和与第一数据处理系统相关联的第一非对称密码密钥对的公开密钥。 响应于成功地执行两个加密系统之间的相互认证操作,第一数据处理系统能够在第一数据处理系统保持与第二数据处理系统通信耦合的同时在第一密码装置上调用敏感的加密功能。
    • 2. 发明申请
    • Method and system for using a compact disk as a smart key device
    • 使用光盘作为智能钥匙装置的方法和系统
    • US20060136748A1
    • 2006-06-22
    • US11014559
    • 2004-12-16
    • Steven BadeChing-Yun Chao
    • Steven BadeChing-Yun Chao
    • G06F12/14
    • H04L9/3265G06F21/33G06F21/34G06F21/445H04L9/0897H04L9/3247H04L9/3273H04L2209/805
    • A data processing system accepts a removable storage media, which becomes electrically engaged with a system unit within the data processing system, after which the removable storage media and the hardware security unit mutually authenticate themselves. The removable storage media stores a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair that is associated with the hardware security unit, and the hardware security unit stores a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair that is associated with the removable storage media. In response to successfully performing the mutual authentication operation between the removable storage media and the hardware security unit, the system unit is enabled to invoke cryptographic functions on the hardware security unit while the removable storage media remains engaged with the system unit.
    • 数据处理系统接受与数据处理系统内的系统单元电接合的可移动存储介质,之后可拆卸存储介质和硬件安全单元相互认证自身。 可移动存储介质存储与硬件安全单元相关联的第一非对称加密密钥对和第二非对称密码密钥对的公钥的私钥,并且硬件安全单元存储第二非对称密码密钥的私钥 对和与可移动存储介质相关联的第一非对称加密密钥对的公开密钥。 响应于成功地执行可移动存储介质和硬件安全单元之间的相互认证操作,系统单元能够在可移动存储介质保持与系统单元接合的同时在硬件安全单元上调用加密功能。
    • 4. 发明授权
    • Method and apparatus for preventing rogue implementations of a security-sensitive class interface
    • 防止安全敏感类接口的恶意实现的方法和装置
    • US07337318B2
    • 2008-02-26
    • US10376113
    • 2003-02-27
    • Peter Daniel BirkChing-Yun ChaoHyen Vui Chung
    • Peter Daniel BirkChing-Yun ChaoHyen Vui Chung
    • H04L9/00
    • G06F21/64
    • A method and apparatus for preventing rogue implementations of a security-sensitive class interface are provided. With the method and apparatus, a unique identifier (UID) is created by a server process when the server process is started. Anytime the server process, i.e. a server runtime environment, instantiates a new credential object following start-up of the server process, the encrypted UID is placed into a private field within the new credential object. In addition, the UID is encrypted and stored in a private class of the server runtime environment. A verification class is provided within the server runtime environment which includes one or more methods that receive the credential object as a parameter and return true or false as to the validity of the credential object. These one or more methods determine the validity of the credential object by retrieving the encrypted UID from the private class stored in the server runtime environment, decrypting the UID and comparing it to the decrypted UID stored in the private field of the credential object. If the two UIDs match, a determination is made that the credential object was created by the server runtime environment rather than a rogue application. If the two UIDs do not match, or if there is no UID in the credential object, then a false result will be returned by the verification class.
    • 提供了用于防止安全敏感类接口的流氓实现的方法和装置。 使用该方法和装置,当服务器进程启动时,由服务器进程创建唯一标识符(UID)。 服务器进程(即服务器运行时环境)在服务器进程启动后实例化新的凭据对象时,加密的UID将被放置在新凭证对象内的私有字段中。 此外,UID被加密并存储在服务器运行时环境的私有类中。 在服务器运行时环境中提供了一个验证类,其中包括一个或多个接收凭证对象作为参数的方法,并返回true或false作为证书对象的有效性。 这些一个或多个方法通过从存储在服务器运行时环境中的私有类中检索加密的UID来确定凭证对象的有效性,解密UID并将其与存储在证书对象的私有字段中的解密的UID进行比较。 如果两个UID匹配,则确定凭据对象是由服务器运行时环境创建的,而不是流氓应用程序。 如果两个UID不匹配,或者如果凭证对象中没有UID,那么验证类将返回一个错误的结果。
    • 5. 发明申请
    • METHOD AND APPARATUS FOR PREVENTING ROGUE IMPLEMENTATIONS OF A SECURITY-SENSITIVE CLASS INTERFACE
    • US20080034202A1
    • 2008-02-07
    • US11867015
    • 2007-10-04
    • Peter BirkChing-Yun ChaoHyen Chung
    • Peter BirkChing-Yun ChaoHyen Chung
    • H04L9/00
    • G06F21/64
    • A method and apparatus for preventing rogue implementations of a security-sensitive class interface are provided. With the method and apparatus, a unique identifier (UID) is created by a server process when the server process is started. Anytime the server process, i.e. a server runtime environment, instantiates a new credential object following start-up of the server process, the encrypted UID is placed into a private field within the new credential object. In addition, the UID is encrypted and stored in a private class of the server runtime environment. A verification class is provided within the server runtime environment which includes one or more methods that receive the credential object as a parameter and return true or false as to the validity of the credential object. These one or more methods determine the validity of the credential object by retrieving the encrypted UID from the private class stored in the server runtime environment, decrypting the UID and comparing it to the decrypted UID stored in the private field of the credential object. If the two UIDs match, a determination is made that the credential object was created by the server runtime environment rather than a rogue application. If the two UIDs do not match, or if there is no UID in the credential object, then a false result will be returned by the verification class.
    • 8. 发明申请
    • Method and system for protecting master secrets using smart key devices
    • 使用智能钥匙装置保护主机秘密的方法和系统
    • US20050154898A1
    • 2005-07-14
    • US10753818
    • 2004-01-08
    • Ching-Yun Chao
    • Ching-Yun Chao
    • G06F21/00H04K1/00H04L9/32
    • G06F21/445G06F21/602G06F2221/2153H04L9/3247H04L9/3265H04L9/3273H04L2209/805
    • A data processing system accepts a removable hardware device, which becomes electrically engaged with a system unit within the data processing system, after which the removable hardware device and the hardware security unit mutually authenticate themselves. The removable hardware device stores a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair that is associated with the hardware security unit, and the hardware security unit stores a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair that is associated with the removable hardware device. In response to successfully performing the mutual authentication operation between the removable hardware device and the hardware security unit, the system unit is enabled to invoke cryptographic functions on the hardware security unit while the removable hardware device remains electrically engaged with the system unit.
    • 数据处理系统接受与数据处理系统内的系统单元电接合的可移动硬件设备,之后可拆卸硬件设备和硬件安全单元相互认证自身。 可拆卸硬件设备存储与硬件安全单元相关联的第一非对称加密密钥对和第二非对称密码密钥对的公钥的私钥,并且硬件安全单元存储第二非对称密码密钥的私钥 对和与可移除硬件设备相关联的第一非对称加密密钥对的公开密钥。 响应于成功地执行可移动硬件设备和硬件安全单元之间的相互认证操作,系统单元能够在硬件安全单元处调用密码功能,同时可拆卸硬件设备保持与系统单元电气接合。