专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07930332B2 Weighted entropy pool service 有权
标题翻译：加权熵池服务
公开(公告)号：US07930332B2
公开(公告)日：2011-04-19
申请号：US11690758
申请日：2007-03-23
申请人： Tolga Acar , Daniel B. Shumow , Andrew S. Tucker , Carl M. Ellison
发明人： Tolga Acar , Daniel B. Shumow , Andrew S. Tucker , Carl M. Ellison
IPC分类号： G06F1/02
CPC分类号： G06F7/58
摘要： A weighted entropy pool service system and methods. Weights are associated with entropy sources and are used to estimate a quantity of entropy contained in data from the entropy sources. An interface is optionally provided to facilitate connecting user entropy sources to the entropy pool service. The quantity of entropy contained in the system is tracked as entropy is distributed to entropy consumers. A persistent entropy pool state file stores entropy across system restarts.
摘要翻译：一种加权熵池服务系统及方法。权重与熵源相关联，用于估计来自熵源的数据中包含的熵量。可选地提供接口以便于将用户熵源连接到熵池服务。随着熵被分配给熵消费者，系统中包含的熵量被跟踪。持续熵池状态文件在系统重新启动之间存储熵。

2. 发明申请

US20080256151A1 WEIGHTED ENTROPY POOL SERVICE 有权
标题翻译：加权入场服务
公开(公告)号：US20080256151A1
公开(公告)日：2008-10-16
申请号：US11690758
申请日：2007-03-23
申请人： Tolga Acar , Daniel B. Shumow , Andrew S. Tucker , Carl M. Ellison
发明人： Tolga Acar , Daniel B. Shumow , Andrew S. Tucker , Carl M. Ellison
IPC分类号： G06F7/58
CPC分类号： G06F7/58
摘要： A weighted entropy pool service system and methods. Weights are associated with entropy sources and are used to estimate a quantity of entropy contained in data from the entropy sources. An interface is optionally provided to facilitate connecting user entropy sources to the entropy pool service. The quantity of entropy contained in the system is tracked as entropy is distributed to entropy consumers. A persistent entropy pool state file stores entropy across system restarts.
摘要翻译：一种加权熵池服务系统及方法。权重与熵源相关联，用于估计来自熵源的数据中包含的熵量。可选地提供接口以便于将用户熵源连接到熵池服务。随着熵被分配给熵消费者，系统中包含的熵量被跟踪。持续熵池状态文件在系统重新启动之间存储熵。

3. 发明授权

US08588421B2 Cryptographic key containers on a USB token 有权
标题翻译： USB令牌上的加密密钥容器
公开(公告)号：US08588421B2
公开(公告)日：2013-11-19
申请号：US11627466
申请日：2007-01-26
申请人： Tolga Acar , Carl M. Ellison
发明人： Tolga Acar , Carl M. Ellison
IPC分类号： G06F21/00
CPC分类号： G06F21/6209 , G06F21/79 , H04L9/0897
摘要： A Universal Serial Bus (USB) compatible storage device is utilized as a security token for storage of cryptographic keys. A cryptographic subsystem of a processor accesses cryptographic keys in containers on the USB compatible storage device. Accessing includes storing and/or retrieving. The processor does not include an infrastructure dedicated to the USB compatible storage device. Cryptographic key storage is redirected from an in-processor container to the USB compatible storage device. No password or PIN is required to access the cryptographic keys, yet enhanced security is provided. Utilizing a USB compatible storage device for a cryptographic key container provides a convenient, portable, mechanism for carrying the cryptographic key, and additional security is provided via physical possession of the device.
摘要翻译：通用串行总线（USB）兼容存储设备被用作存储加密密钥的安全令牌。处理器的加密子系统访问USB兼容存储设备上的容器中的加密密钥。访问包括存储和/或检索。处理器不包括专用于USB兼容存储设备的基础设施。加密密钥存储从处理器内容器重定向到USB兼容的存储设备。不需要密码或密码来访问加密密钥，但提供了增强的安全性。利用用于加密密钥容器的USB兼容存储设备提供用于携带加密密钥的便利的便携式机制，并且通过物理拥有该设备来提供额外的安全性。

4. 发明授权

US08325924B2 Managing group keys 有权
标题翻译：管理组密钥
公开(公告)号：US08325924B2
公开(公告)日：2012-12-04
申请号：US12389217
申请日：2009-02-19
申请人： Tolga Acar , Josh Benaloh , Niels Thomas Ferguson , Carl M. Ellison , Mira Belenkiy , Duy Lan Nguyen
发明人： Tolga Acar , Josh Benaloh , Niels Thomas Ferguson , Carl M. Ellison , Mira Belenkiy , Duy Lan Nguyen
IPC分类号： H04L9/00
CPC分类号： H04L9/0891 , H04L9/0833
摘要： In an example, one or more cryptographic keys may be associated with a group. Any member of the group may use the key to encrypt and decrypt information, thereby allowing members of the group to share encrypted information. Domain controllers (DCs) maintain copies of the group's keys. The DCs may synchronize with each other, so that each DC may have a copy of the group's keys. Keys may have expiration dates, and any client connected to a DC may generate a new key when a key is nearing expiration. The various clients may create new keys at differing amounts of time before expiration on various DCs. DCs that store keys early thus may have time to propagate the newly-created keys through synchronization before other DCs are requested to store keys created by other clients. In this way, the creation of an excessive number of new keys may be avoided.
摘要翻译：在一个示例中，一个或多个加密密钥可以与组相关联。该组的任何成员可以使用密钥来加密和解密信息，从而允许该组的成员共享加密的信息。域控制器（DC）维护组的密钥副本。 DC可以彼此同步，使得每个DC可以具有组的密钥的副本。密钥可能有过期日期，连接到DC的任何客户端可能在密钥接近到期时生成新密钥。各种客户端可以在不同的时间段之前以不同的时间量创建新的密钥。因此，早期存储密钥的DC可能有时间通过同步传播新创建的密钥，而其他DC被请求存储由其他客户端创建的密钥。以这种方式，可以避免创建过多的新密钥。

5. 发明申请

US20080181412A1 CRYPTOGRAPHIC KEY CONTAINERS ON A USB TOKEN 有权
标题翻译： USB TOKEN上的CRYPTOGRAPHIC KEY CONTAINERS
公开(公告)号：US20080181412A1
公开(公告)日：2008-07-31
申请号：US11627466
申请日：2007-01-26
申请人： Tolga Acar , Carl M. Ellison
发明人： Tolga Acar , Carl M. Ellison
IPC分类号： H04L9/08
CPC分类号： G06F21/6209 , G06F21/79 , H04L9/0897
摘要： A Universal Serial Bus (USB) compatible storage device is utilized as a security token for storage of cryptographic keys. A cryptographic subsystem of a processor accesses cryptographic keys in containers on the USB compatible storage device. Accessing includes storing and/or retrieving. The processor does not include an infrastructure dedicated to the USB compatible storage device. Cryptographic key storage is redirected from an in-processor container to the USB compatible storage device. No password or PIN is required to access the cryptographic keys, yet enhanced security is provided. Utilizing a USB compatible storage device for a cryptographic key container provides a convenient, portable, mechanism for carrying the cryptographic key, and additional security is provided via physical possession of the device.
摘要翻译：通用串行总线（USB）兼容存储设备被用作存储加密密钥的安全令牌。处理器的加密子系统访问USB兼容存储设备上的容器中的加密密钥。访问包括存储和/或检索。处理器不包括专用于USB兼容存储设备的基础设施。加密密钥存储从处理器内容器重定向到USB兼容的存储设备。不需要密码或密码来访问加密密钥，但提供了增强的安全性。利用用于加密密钥容器的USB兼容存储设备提供用于携带加密密钥的便利的便携式机制，并且通过物理拥有该设备来提供额外的安全性。

6. 发明申请

US20100208898A1 MANAGING GROUP KEYS 有权
标题翻译：管理组织
公开(公告)号：US20100208898A1
公开(公告)日：2010-08-19
申请号：US12389217
申请日：2009-02-19
申请人： Tolga Acar , Josh Benaloh , Niels Thomas Ferguson , Carl M. Ellison , Mira Belenkiy , Duy Lan Nguyen
发明人： Tolga Acar , Josh Benaloh , Niels Thomas Ferguson , Carl M. Ellison , Mira Belenkiy , Duy Lan Nguyen
IPC分类号： H04L9/08
CPC分类号： H04L9/0891 , H04L9/0833
摘要： In an example, one or more cryptographic keys may be associated with a group. Any member of the group may use the key to encrypt and decrypt information, thereby allowing members of the group to share encrypted information. Domain controllers (DCs) maintain copies of the group's keys. The DCs may synchronize with each other, so that each DC may have a copy of the group's keys. Keys may have expiration dates, and any client connected to a DC may generate a new key when a key is nearing expiration. The various clients may create new keys at differing amounts of time before expiration on various DCs. DCs that store keys early thus may have time to propagate the newly-created keys through synchronization before other DCs are requested to store keys created by other clients. In this way, the creation of an excessive number of new keys may be avoided.
摘要翻译：在一个示例中，一个或多个加密密钥可以与组相关联。该组的任何成员可以使用密钥来加密和解密信息，从而允许该组的成员共享加密的信息。域控制器（DC）维护组的密钥副本。 DC可以彼此同步，使得每个DC可以具有组的密钥的副本。密钥可能有过期日期，连接到DC的任何客户端可能在密钥接近到期时生成新密钥。各种客户端可以在不同的时间段之前以不同的时间量创建新的密钥。因此，早期存储密钥的DC可能有时间通过同步传播新创建的密钥，而其他DC被请求存储由其他客户端创建的密钥。以这种方式，可以避免创建过多的新密钥。

7. 发明授权

US09106629B2 Distributed algorithm for changing a shared value 有权
标题翻译：用于更改共享值的分布式算法
公开(公告)号：US09106629B2
公开(公告)日：2015-08-11
申请号：US12543326
申请日：2009-08-18
申请人： Carl M. Ellison , Larry Zhu , Tore L. Sundelin , Gleb Kholodov
发明人： Carl M. Ellison , Larry Zhu , Tore L. Sundelin , Gleb Kholodov
IPC分类号： G06F15/16 , H04L29/06 , G06F21/40 , H04L9/08 , H04L29/08
CPC分类号： H04L63/061 , G06F21/40 , H04L9/0869 , H04L9/0891 , H04L63/083 , H04L67/10
摘要： Each member of a group contributes to and calculates a new shared value. A distributed shared value algorithm is used to reach unanimous agreement on a shared value, such that every group member can use the new shared value as soon as it is changed. The distributed shared value agreement methodology operates without the selection of a leader. Each group member performs the distributed shared value agreement methodology and computes the new shared value using one or more of the contributions from the group members in such a way that no one member coerces the resulting shared value.
摘要翻译：组中的每个成员都贡献并计算新的共享值。使用分布式共享值算法来达成对共享值的一致协议，使得每个组成员都可以在更改后立即使用新的共享值。分配的共享价值协议方法运行而不选择领导者。每个组成员执行分布式共享价值协议方法，并使用来自组成员的一个或多个贡献来计算新的共享值，使得没有一个成员强制所得到的共享值。

8. 发明授权

US09026571B2 Random number generation failure detection and entropy estimation 有权
标题翻译：随机数生成失败检测和熵估计
公开(公告)号：US09026571B2
公开(公告)日：2015-05-05
申请号：US12258997
申请日：2008-10-27
申请人： Carl M. Ellison
发明人： Carl M. Ellison
IPC分类号： G06F7/58
CPC分类号： H04L9/3242 , G06F7/58 , H04L9/0869 , H04L2209/24
摘要： In accordance with one or more aspects, an initial output string is generated by a random number generator. The initial output string is sent to a random number service, and an indication of failure is received from the random number service if the initial output string is the same as a previous initial output string received by the random number service. Operation of the device is ceased in response to the indication of failure. Additionally, entropy estimates for hash values of an entropy source can be generated by an entropy estimation service based on hash values of various entropy source values received by the entropy estimation service. The hash values can be incorporated into an entropy pool of the device, and the entropy estimate of the pool being updated based on the estimated entropy of the entropy source.
摘要翻译：根据一个或多个方面，初始输出字符串由随机数生成器生成。如果初始输出字符串与由随机数服务接收的先前初始输出字符串相同，则将初始输出字符串发送到随机数服务，并且从随机数服务接收到失败指示。响应于故障指示停止设备的操作。此外，可以通过基于由熵估计服务接收的各种熵源值的哈希值的熵估计服务来生成熵源的散列值的熵估计。哈希值可以被合并到设备的熵池中，并且基于熵源的估计熵更新池的熵估计。

9. 发明申请

US20140108814A1 CRYPTOGRAPHIC KEY MANAGEMENT 有权
标题翻译： CRYPTOGRAPHIC主要管理
公开(公告)号：US20140108814A1
公开(公告)日：2014-04-17
申请号：US12978266
申请日：2010-12-23
申请人： Vijay G. Bharadwaj , Niels T. Ferguson , Carl M. Ellison , Magnus Bo Gustaf Nyström , Dayi Zhou , Denis Issoupov , Octavian T. Ureche , Peter J. Novotney , Cristian M. Ilac
发明人： Vijay G. Bharadwaj , Niels T. Ferguson , Carl M. Ellison , Magnus Bo Gustaf Nyström , Dayi Zhou , Denis Issoupov , Octavian T. Ureche , Peter J. Novotney , Cristian M. Ilac
IPC分类号： G06F21/60
CPC分类号： G06F21/602 , G06F2221/2141 , H04L9/0836 , H04L9/0866
摘要： Cryptographic key management techniques are described. In one or more implementations, an access control rule is read that includes a Boolean expression having a plurality of atoms. The cryptographic keys that corresponds each of the plurality of atoms in the access control rule are requested. One or more cryptographic operations are then performed on data using one or more of the cryptographic keys.
摘要翻译：描述密码密钥管理技术。在一个或多个实现中，读取包括具有多个原子的布尔表达式的访问控制规则。请求与访问控制规则中的多个原子对应的密码密钥。然后使用一个或多个密码密钥对数据执行一个或多个加密操作。

10. 发明授权

US08504838B2 Integrity protected smart card transaction 有权
公开(公告)号：US08504838B2
公开(公告)日：2013-08-06
申请号：US13072677
申请日：2011-03-26
申请人： Stefan Thom , Erik Lee Holt , Shivaram H. Mysore , Valerie Kathleen Bays , Carl M. Ellison
发明人： Stefan Thom , Erik Lee Holt , Shivaram H. Mysore , Valerie Kathleen Bays , Carl M. Ellison
IPC分类号： H04L29/06
CPC分类号： G06F21/34 , G06Q20/341 , G06Q20/388 , G06Q20/40975 , G07F7/1008 , H04L9/0897
摘要： Systems, methods, and technologies for configuring a conventional smart card and a client machine, and for performing a smart card authorization using the configured smart card and client. Further, the combination of methods provides for mutual authentication—authentication of the client to the user, and authentication of the user to the client. The authentication methods include presenting a specified token to the user sufficient to authenticate the client to the user and thus protect the user-provided PIN. Security is strengthened by using an integrity key based on approved client system configurations. Security is further strengthened by calculating a PIN′ value based on a user-specified PIN and a modifier and using the PIN′ value for unlocking the smart card.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式