专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07519178B1 Method, system and apparatus for ensuring a uniform distribution in key generation 失效
标题翻译：用于确保密钥生成中均匀分布的方法，系统和装置
公开(公告)号：US07519178B1
公开(公告)日：2009-04-14
申请号：US09256796
申请日：1999-02-24
申请人： Stephen Michael Matyas, Jr. , Allen Roginsky
发明人： Stephen Michael Matyas, Jr. , Allen Roginsky
IPC分类号： H04L9/00 , H04K1/00 , G06F7/58 , G06F15/16
CPC分类号： G06F7/72 , G06F2207/7204 , H04L9/302 , H04L9/3249 , H04L9/3263
摘要： A method, system and apparatus are described for ensuring a uniform random distribution of keys generated for cryptography. These generated keys, are depicted utilizing a trusted third party, or Certification Authority (CA) in the generation of a reliable seed to be used in the generation of prime numbers used in public key cryptography. The inclusion of the trusted third party allows for an independent third party to police against first party attacks on the security of the system without increasing the overhead of the system significantly.
摘要翻译：描述了用于确保为密码学生成的密钥的均匀随机分布的方法，系统和装置。这些生成的密钥在生成可用于公钥密码学中使用的素数的可靠种子时利用受信任的第三方或认证中心（CA）进行描绘。包含可信赖的第三方允许独立的第三方警告不要对系统的安全性进行第一方攻击，而不会显着地增加系统的开销。

2. 发明申请

US20070016456A1 System, method and program product for reporting status of contract performance or a process 审中-公开
标题翻译：用于报告合同履约情况或流程的系统，方法和程序产品
公开(公告)号：US20070016456A1
公开(公告)日：2007-01-18
申请号：US11179429
申请日：2005-07-12
申请人： Kevin Himberger , Clark Jeffries , Allen Roginsky , Charles Lingafelt , Phillip Singleton
发明人： Kevin Himberger , Clark Jeffries , Allen Roginsky , Charles Lingafelt , Phillip Singleton
IPC分类号： G06F9/44
CPC分类号： G06Q10/06 , G06Q10/103
摘要： System, method and program product for reporting status of a process. A flow chart illustrates steps of the process and an order for performance of the steps. Then, a determination is made whether any of the steps has been performed. In response to a determination that any of the steps has been performed, graphically representing on the flow chart that the step has been performed. The graphical representation can be color-coding of the step. The determination that a step has been performed can be made based on user input that the step has been performed, or automatically by a program checking a record indicating that the step has been performed. Also, a program can automatically determine that a deadline for performing one of the steps has passed without performance of the one step. In response, the program initiates a graphical representation on the one step in the flowchart that the deadline has passed without performance of the one step. A program can also automatically determine that a problem has occurred in performing one of the steps, and in response, graphically represent on the one step in the flowchart that a problem has occurred with the one step.
摘要翻译：用于报告进程状态的系统，方法和程序产品。流程图说明了该过程的步骤和步骤的执行顺序。然后，确定是否执行了任何步骤。响应于已经执行了任何步骤的确定，在流程图上以图形方式表示步骤已被执行。图形表示可以是步骤的颜色编码。已经执行步骤的确定可以基于已经执行步骤的用户输入，或者通过程序自动检查指示已经执行了步骤的记录。此外，程序可以自动确定执行其中一个步骤的最后期限已经过去，而不执行一个步骤。作为响应，程序在流程图的一个步骤中启动图形表示，即截止日期已经过去，而不执行一个步骤。程序还可以自动确定在执行其中一个步骤中出现问题，并且作为响应，在流程图的一个步骤中以图形方式表示在该步骤中出现问题。

3. 发明申请

US20070157308A1 Fail-safe network authentication 审中-公开
标题翻译：故障安全网络认证
公开(公告)号：US20070157308A1
公开(公告)日：2007-07-05
申请号：US11324868
申请日：2006-01-03
申请人： Jeffrey Bardsley , Nathaniel Kim , Charles Lingafelt , Allen Roginsky
发明人： Jeffrey Bardsley , Nathaniel Kim , Charles Lingafelt , Allen Roginsky
IPC分类号： G06F15/16
CPC分类号： H04W12/06 , H04L63/08
摘要： An authenticator is configured with intelligence for the purpose of providing a “failsafe” mode for port-based authentication (802.1x). This failsafe mode enables end users to access a network when communication between the authenticator and the authentication server has temporarily failed, but keeps security measures in place so that unauthorized users cannot gain network access. An 802.1x access control point (e.g., a switch) is enabled to continue to authenticate certain users onto the network during periods of temporary communication failure with the authentication server, by locally storing alternative authentication information limited to historical authentication information of clients that have previously accessed the network via the authentication server. Subsequent revalidation of specific users using the primary authentication information follows restoration of communication with the authentication server.
摘要翻译：认证器配置有智能，目的是为基于端口的认证（802.1x）提供“故障安全”模式。这种故障安全模式使最终用户能够在认证器和认证服务器之间的通信暂时失败时访问网络，但保持安全措施，使得未经授权的用户无法获得网络访问。 802.1x访问控制点（例如，交换机）能够通过本地存储限于先前已经存在的客户端的历史认证信息的替代认证信息，在认证服务器发生临时通信故障期间，继续将特定用户认证到网络上通过认证服务器访问网络。使用主认证信息对特定用户的后续重新验证与恢复与认证服务器的通信恢复。

4. 发明申请

US20060156408A1 Method of assuring enterprise security standards compliance 有权
标题翻译：确保企业安全标准合规的方法
公开(公告)号：US20060156408A1
公开(公告)日：2006-07-13
申请号：US11033436
申请日：2005-01-11
申请人： Kevin Himberger , Clark Jeffries , Charles Lingafelt , Allen Roginsky , Phillip Singleton
发明人： Kevin Himberger , Clark Jeffries , Charles Lingafelt , Allen Roginsky , Phillip Singleton
IPC分类号： H04L9/32 , G06F15/16 , G06F11/00 , G06F17/00 , G06F11/22 , G06F17/30 , G06F9/00 , G06F11/30 , G06F7/04 , G06F11/32 , G06F7/58 , G06F11/34 , G06K19/00 , G06F11/36 , G06K9/00 , G06F12/14 , G06F12/16 , G06F15/18 , G08B23/00
CPC分类号： G06F21/552 , G06F21/577 , G06Q40/08 , G08B21/22
摘要： A method, apparatus, and computer instructions for providing a current and complete security compliance view of an enterprise system. The present invention provides the ability to gain a real-time security posture and security compliance view of an enterprise and to assess the risk impact of known threats and attacks to continued business operations at various levels is provided. Responsive to a change to an enterprise environment, a request, or an external threat, an administrator loads or updates at least one of a Critical Application Operations database, a Historical database, an Access Control database, a Connectivity database, and a Threat database. Based on a comparison of information in the databases against similar security data elements from company or external policies, the administrator may generate a Security Compliance view of the enterprise. A Security Posture view may also be generated by comparing the Security Compliance view against data in the Threat database.
摘要翻译：一种用于提供企业系统的当前和完整的安全合规性视图的方法，装置和计算机指令。本发明提供获得企业的实时安全状态和安全合规性视图的能力，并且评估已知威胁和攻击对于各个级别的持续业务操作的风险影响。响应企业环境，请求或外部威胁的更改，管理员加载或更新关键应用程序操作数据库，历史数据库，访问控制数据库，连接数据库和威胁数据库中的至少一个。基于数据库中的信息与公司或外部策略中类似的安全数据元素的比较，管理员可以生成企业的安全合规性视图。通过将安全合规性视图与威胁数据库中的数据进行比较，也可以生成安全性状态视图。

5. 发明授权

US07487359B2 Time stamping method employing a separate ticket and stub 失效
标题翻译：时间戳方法采用单独的机票和存根
公开(公告)号：US07487359B2
公开(公告)日：2009-02-03
申请号：US11846562
申请日：2007-08-29
申请人： Mohammad Peyravian , Allen Roginsky , Nevenko Zunic , Stephen M. Matyas, Jr.
发明人： Mohammad Peyravian , Allen Roginsky , Nevenko Zunic , Stephen M. Matyas, Jr.
IPC分类号： H04L9/00 , G06F7/04 , H04K1/00
CPC分类号： H04L9/3297 , H04L9/3242
摘要： A time stamping protocol has two stages referred to as the ticketing stage and the certification stage. During the ticketing stage, the document or other identifying data is sent to the TSA. The TSA generates a “ticket” based on the document or other identifying data and a time indication derived from a trusted clock. The ticket, which serves as an unsigned time stamp receipt, is transmitted back to the document originator. During the certification stage, the holder of the ticket requests a certified time stamp receipt by presenting the ticket to the TSA. The TSA verifies the ticket and generates a signed time stamp receipt, called the ticket stub, which is then transmitted back to the document originator. The ticket stub serves as a “universal time-stamp” that the holder of the ticket stub can use to prove the date of the document.
摘要翻译：时间戳协议有两个阶段，称为票务阶段和认证阶段。在票务阶段，文件或其他识别数据被发送到TSA。 TSA根据文档或其他标识数据和从可信时钟导出的时间指示生成“票证”。作为未签名的时间戳收据的票据被传回给文件发起者。在认证阶段，机票持有人通过向TSA提供机票来申请经过认证的时间戳收据。 TSA验证票据并生成一个称为票据存根的签名时间戳收据，然后将其传回给文档发起者。票据桩作为票据存根的持有者可以用来证明文件的日期的“通用时间戳”。

6. 发明授权

US06307938B1 Method, system and apparatus for generating self-validating prime numbers 失效
标题翻译：用于生成自验证素数的方法，系统和装置
公开(公告)号：US06307938B1
公开(公告)日：2001-10-23
申请号：US09114024
申请日：1998-07-10
申请人： Stephen M. Matyas, Jr. , Allen Roginsky
发明人： Stephen M. Matyas, Jr. , Allen Roginsky
IPC分类号： H04L930
CPC分类号： G06F7/72 , G06F2207/7204 , H04L9/3033 , H04L2209/043 , H04L2209/08 , H04L2209/26 , H04L2209/34
摘要： A method, system and apparatus for generating primes (p and q) for use in cryptography from secret random numbers and an initialization value whereby the initial secret random numbers are encoded into the generated primes. This eliminates the need to retain the initial secret random numbers for auditing purposes. The initialization value may also be generated from information readily available, if so desired, resulting in additional entropy without the requirement of storing additional information.
摘要翻译：一种用于从秘密随机数生成用于加密的素数（p和q）的方法，系统和装置，以及初始值，由此初始秘密随机数被编码到所生成的素数中。这样就无需保留用于审计目的的初始秘密随机数。如果需要，也可以从容易获得的信息产生初始化值，导致额外的熵而不需要存储附加信息。

7. 发明授权

US07519824B1 Time stamping method employing multiple receipts linked by a nonce 失效
标题翻译：采用多个收据连结的时间戳的时间戳方法
公开(公告)号：US07519824B1
公开(公告)日：2009-04-14
申请号：US09458410
申请日：1999-12-10
申请人： Mohammad Peyravian , Allen Roginsky , Nevenko Zunic , Stephen M. Matyas, Jr.
发明人： Mohammad Peyravian , Allen Roginsky , Nevenko Zunic , Stephen M. Matyas, Jr.
IPC分类号： H04L9/00 , G06F7/04 , H04K1/00
CPC分类号： H04L9/3297 , H04L2209/60
摘要： A method for time stamping a digital document employs a two-part time stamp receipt. The first part of the time stamp receipt includes identifying data associated with a document and a nonce. The second part of the time stamp receipt includes a time indication and the nonce. The nonce serves as a link between the first and second parts.
摘要翻译：用于时间戳数字文档的方法采用两部分时间戳收据。时间戳收据的第一部分包括与文档和随机数相关联的识别数据。时间戳收据的第二部分包括时间指示和随机数。该随机数作为第一和第二部分之间的链接。

8. 发明授权

US07490241B1 Time stamping method employing user specified time 失效
标题翻译：使用用户指定时间的时间戳方法
公开(公告)号：US07490241B1
公开(公告)日：2009-02-10
申请号：US09458922
申请日：1999-12-10
申请人： Mohammad Peyravian , Allen Roginsky , Nevenko Zunic , Stephen M. Matyas, Jr.
发明人： Mohammad Peyravian , Allen Roginsky , Nevenko Zunic , Stephen M. Matyas, Jr.
IPC分类号： H04L9/00
CPC分类号： H04L9/3297 , H04L2209/60
摘要： A method for time stamping a digital document is disclosed. The document originator creates a time stamp receipt using the document and the current time. The time stamp receipt is submitted to a time stamping authority having a trusted clock. The time stamping authority validates the time stamp receipt by comparing the time value specified in the time stamp receipt to the current time. If the time value specified in the time stamp receipt is within a predetermined time window, the time stamping authority cryptographically binds the time value and document, or the time value and some representation of the document, e.g., by signing the time stamp receipt with its private signature key.
摘要翻译：公开了一种用于时间戳数字文档的方法。文档创建者使用文档和当前时间创建时间戳收据。时间戳收据提交给具有可信时钟的时间戳机构。时间戳权限通过将时间戳收据中指定的时间值与当前时间进行比较来验证时间戳收据。如果时间戳收据中指定的时间值在预定的时间窗口内，则时间戳机构将时间值和文档加密地绑定，或者时间值和文档的某些表示，例如通过签署时间戳私人签名密钥。

9. 发明申请

US20070297608A1 ENCRYPTING DATA FOR ACCESS BY MULTIPLE USERS 失效
标题翻译：加密数据以供多个用户访问
公开(公告)号：US20070297608A1
公开(公告)日：2007-12-27
申请号：US11766192
申请日：2007-06-21
申请人： Per Jonas , Allen Roginsky , Nevenko Zunic
发明人： Per Jonas , Allen Roginsky , Nevenko Zunic
IPC分类号： H04L9/32
CPC分类号： H04L9/0822 , H04L9/0863
摘要： A method for protecting data for access by a plurality of users. A server encrypts data using a master key and a symmetric encryption algorithm. For each authorized user, a key encryption key (KEK) is derived from a passphrase, and the master key is encrypted using the KEK. The server posts the encrypted data and an ancillary file that includes, for each user, a user identifier and the master key encrypted according to the user's KEK. To access the data, a user enters the passphrase into a client, which re-derives the user's KEK, and finds, in the ancillary file, the master key encrypted using the user's KEK. The client decrypts the master key and then decrypts the data. A KEK may be derived from a natural language passphrase by hashing the passphrase, concatenating the result and a predetermined text, hashing the concatenation, and truncating.
摘要翻译：一种用于保护数据以供多个用户访问的方法。服务器使用主密钥和对称加密算法对数据进行加密。对于每个授权用户，密钥加密密钥（KEK）是从密码短语导出的，并且使用KEK对主密钥进行加密。服务器发布加密数据以及辅助文件，其中包括针对每个用户的根据用户的KEK加密的用户标识符和主密钥。为了访问数据，用户将密码短语输入客户端，重新导出用户的KEK，并在辅助文件中发现使用用户的KEK加密的主密钥。客户端解密主密钥，然后解密数据。 KEK可以从自然语言密码短语中衍生，通过散列密码，连接结果和预定文本，散列连接和截断。

10. 发明申请

US20070038866A1 Control of port based authentication protocols and process to support transfer of connection information 失效
标题翻译：控制基于端口的认证协议和流程来支持传输连接信息
公开(公告)号：US20070038866A1
公开(公告)日：2007-02-15
申请号：US11200762
申请日：2005-08-09
申请人： Jeffrey Bardsley , Nathaniel Kim , Charles Lingafelt , Allen Roginsky , Norman Strole
发明人： Jeffrey Bardsley , Nathaniel Kim , Charles Lingafelt , Allen Roginsky , Norman Strole
IPC分类号： H04L9/00
CPC分类号： H04L63/0272 , H04L63/08 , H04L63/0892
摘要： Method, system, and program product for port based authentication protocols where addresses are dynamically assigned within a network environment, and more particularly to port based authentication in the network environment, where connection information is captured and stored. This facilitates administrator access to information created as a result of protocol exchanges involved in dynamic address assignment, authentication, and connection.
摘要翻译：用于基于端口的认证协议的方法，系统和程序产品，其中在网络环境内动态地分配地址，更具体地，涉及在网络环境中基于端口的认证，其中捕获并存储连接信息。这有助于管理员访问由于动态地址分配，认证和连接所涉及的协议交换而创建的信息。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式