专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20120308001A1 SECURE KEY CREATION 有权
标题翻译：安全关键创建
公开(公告)号：US20120308001A1
公开(公告)日：2012-12-06
申请号：US13150592
申请日：2011-06-01
申请人： Todd W. Arnold , Elizabeth A. Dames , Richard V. Kisley , Michael J. Miele , James W. Sweeny
发明人： Todd W. Arnold , Elizabeth A. Dames , Richard V. Kisley , Michael J. Miele , James W. Sweeny
IPC分类号： H04L9/06
CPC分类号： H04L9/0841 , H04L9/0877 , H04L9/088 , H04L2209/20
摘要： Key creation includes sending a first public key part from a first system to a second system, receiving a second public key part sent by the second system to the first system and establishing a first secret material in the first system using the first and second public key parts, wherein the first secret material is identical to a second secret material established on the second system using the first and second key parts. Key creation also includes binding key control information to the first secret material in the first system, wherein the key control information includes information relating to key type and key management and deriving a first key material from the combination of the key control information and the first secret material, wherein the first key material is identical to a second key material derived by the second system.
摘要翻译：密钥创建包括将第一公钥部分从第一系统发送到第二系统，接收由第二系统发送给第一系统的第二公共密钥部分，并使用第一和第二公钥在第一系统中建立第一秘密资料其中所述第一秘密材料与使用所述第一和第二关键部分在所述第二系统上建立的第二秘密材料相同。密钥创建还包括将密钥控制信息绑定到第一系统中的第一秘密资料，其中密钥控制信息包括与密钥类型和密钥管理有关的信息，并从密钥控制信息和第一密钥的组合中导出第一密钥资料材料，其中所述第一密钥材料与由所述第二系统导出的第二密钥材料相同。

2. 发明授权

US08615081B2 Secure key creation 有权
标题翻译：安全密钥创建
公开(公告)号：US08615081B2
公开(公告)日：2013-12-24
申请号：US13150592
申请日：2011-06-01
申请人： Todd W. Arnold , Elizabeth A. Dames , Richard V. Kisley , Michael J. Miele , James W. Sweeny
发明人： Todd W. Arnold , Elizabeth A. Dames , Richard V. Kisley , Michael J. Miele , James W. Sweeny
IPC分类号： H04L9/00
CPC分类号： H04L9/0841 , H04L9/0877 , H04L9/088 , H04L2209/20
摘要： Key creation includes sending a first public key part from a first system to a second system, receiving a second public key part sent by the second system to the first system and establishing a first secret material in the first system using the first and second public key parts, wherein the first secret material is identical to a second secret material established on the second system using the first and second key parts. Key creation also includes binding key control information to the first secret material in the first system, wherein the key control information includes information relating to key type and key management and deriving a first key material from the combination of the key control information and the first secret material, wherein the first key material is identical to a second key material derived by the second system.
摘要翻译：密钥创建包括将第一公钥部分从第一系统发送到第二系统，接收由第二系统发送给第一系统的第二公共密钥部分，并且使用第一和第二公钥在第一系统中建立第一秘密资料其中所述第一秘密材料与使用所述第一和第二关键部分在所述第二系统上建立的第二秘密材料相同。密钥创建还包括将密钥控制信息绑定到第一系统中的第一秘密资料，其中密钥控制信息包括与密钥类型和密钥管理有关的信息，并从密钥控制信息和第一密钥的组合中导出第一密钥资料材料，其中所述第一密钥材料与由所述第二系统导出的第二密钥材料相同。

3. 发明申请

US20100037065A1 Method and Apparatus for Transitive Program Verification 有权
标题翻译：传递程序验证的方法和装置
公开(公告)号：US20100037065A1
公开(公告)日：2010-02-11
申请号：US12186198
申请日：2008-08-05
申请人： John C. Dayka , Walter Barlett Farrell , Richard Henry Guski , James W. Sweeny
发明人： John C. Dayka , Walter Barlett Farrell , Richard Henry Guski , James W. Sweeny
IPC分类号： G06F11/30
CPC分类号： G06F21/445 , G06F21/57
摘要： A method, apparatus and program storage device for program verification in an information handling system in which an application program runs on an operating system having a signature verification function for verifying a digital signature of the application program. Upon loading of the application program, the signature verification function of the operating system verifies the digital signature of the application program and, if the digital signature is verified, initiates execution of the application program. Upon initiation of execution of the application program, a verification testing function associated with the application program tests the signature verification function of the operating system by presenting to it a sequence of test digital signatures in a specified pattern of true and false signatures. If its test of the signature verification function of the operating system is successful, the application program initiates normal execution. Otherwise, the application program terminates without initiating normal execution.
摘要翻译：一种在信息处理系统中用于程序验证的方法，装置和程序存储装置，其中应用程序在具有用于验证应用程序的数字签名的签名验证功能的操作系统上运行。在加载应用程序时，操作系统的签名验证功能验证应用程序的数字签名，并且如果数字签名被验证，则启动应用程序的执行。在开始执行应用程序时，与应用程序相关联的验证测试功能通过向其呈现指定的真假签名模式的测试数字签名序列来测试操作系统的签名验证功能。如果对操作系统的签名验证功能的测试成功，应用程序启动正常执行。否则，应用程序终止而不启动正常执行。

4. 发明授权

US07543147B2 Method, system, and storage medium for creating a proof of possession confirmation for inclusion into an attribute certificate 失效
标题翻译：方法，系统和存储介质，用于创建包含在属性证书中的拥有确认证明
公开(公告)号：US07543147B2
公开(公告)日：2009-06-02
申请号：US10975955
申请日：2004-10-28
申请人： Messaoud B. Benantar , Thomas L. Gindin , James W. Sweeny
发明人： Messaoud B. Benantar , Thomas L. Gindin , James W. Sweeny
IPC分类号： H04L9/00
CPC分类号： H04L63/0823 , G06F21/33 , H04L63/164
摘要： A method for creating a proof of possession confirmation for inclusion by an attribute certificate authority into an attribute certificate, the attribute certificate for use by an end user. The method includes receiving from the attribute certificate authority in response to a request by the end user, a plurality of data fields corresponding to a target system, the identity of the end user, and a proof of identity possession by the end user. The method further includes preparing a data structure corresponding to an authorization attribute of the attribute certificate, the data structure including a target system name, the identity of the end user, and the key identifier of the end user. Using a private key associated with the target system, the method includes signing the data structure resulting in a proof of possession confirmation, and sending the proof of possession confirmation to the attribute certificate authority for inclusion into the attribute certificate.
摘要翻译：一种用于创建属性确认的证明的方法，用于将属性证书颁发机构包含在属性证书中，该属性证书由终端用户使用。该方法包括响应于最终用户的请求，从属性认证机构接收与目标系统相对应的多个数据字段，终端用户的身份以及最终用户的身份证明。该方法还包括准备与属性证书的授权属性对应的数据结构，数据结构包括目标系统名称，最终用户的身份以及最终用户的密钥标识符。使用与目标系统相关联的私钥，该方法包括签署数据结构，从而得到拥有确认证明，并将属性认证机构的证明证明发送给属性证书。

5. 发明授权

US07143285B2 Password exposure elimination for digital signature coupling with a host identity 有权
公开(公告)号：US07143285B2
公开(公告)日：2006-11-28
申请号：US09862797
申请日：2001-05-22
申请人： Thomas L. Gindin , Messaoud Benantar , James W. Sweeny , John C. Dayka
发明人： Thomas L. Gindin , Messaoud Benantar , James W. Sweeny , John C. Dayka
IPC分类号： H04L9/00
CPC分类号： G06F21/33
摘要： A method for creating a proof of possession confirmation for inclusion by a certification authority into a digital certificate, the digital certificate for use by an end user, is disclosed. In an exemplary embodiment of the invention, the method includes receiving from the certification authority, in response to a certificate request by the end user, a plurality of data fields corresponding to a target host system, the end user, and a form of proof of identity possession by the end user. The content of the plurality of data fields is analyzed and the accuracy thereof is verified. If the plurality of data fields is verified as accurate, then a signed object is sent to the certification authority, the signed object comprising the proof of possession confirmation.

6. 发明授权

US06993653B1 Identity vectoring via chained mapping records 失效
标题翻译：通过链式映射记录进行身份向量化
公开(公告)号：US06993653B1
公开(公告)日：2006-01-31
申请号：US09507882
申请日：2000-02-22
申请人： Richard H. Guski , Walter B. Farrell , James W. Sweeny , Thomas J. Szczygielski , John M. Thompson
发明人： Richard H. Guski , Walter B. Farrell , James W. Sweeny , Thomas J. Szczygielski , John M. Thompson
IPC分类号： H04L9/32
CPC分类号： H04L63/0823
摘要： An identity vectoring method is accomplished by matching a distinguished name or partial distinguished name from a digital certificate with a distinguished name mapping record. A data field in the distinguished name mapping record includes either a variable name or a user ID. The variable name corresponds to any environmental factor. The next mapping record to be considered, the criteria mapping record, is determined by substituting the environmental factor for the variable name in the data field. A data field in the criteria mapping record includes either a variable name or a user ID. The process completes when a mapping record containing only a user ID is encountered or when no matching criteria mapping records are found.
摘要翻译：通过将可分辨名称或部分可分辨名称与数字证书与可分辨名称映射记录相匹配来实现身份向量化方法。可分辨名称映射记录中的数据字段包括变量名或用户标识。变量名称对应于任何环境因素。要考虑的下一个映射记录，标准映射记录，通过在数据字段中用环境因子代替变量名来确定。标准映射记录中的数据字段包括变量名或用户标识。当遇到仅包含用户标识的映射记录或没有找到匹配条件映射记录时，该过程完成。

7. 发明授权

US09251337B2 Scalable, highly available, dynamically reconfigurable cryptographic provider with quality-of-service control built from commodity backend providers 有权
标题翻译：可扩展的，高可用性的动态可重配置加密提供商，具有从商品后端提供商构建的服务质量控制
公开(公告)号：US09251337B2
公开(公告)日：2016-02-02
申请号：US13095471
申请日：2011-04-27
申请人： John C. Dayka , Michael J. Jordan , James W. Sweeny , Tamas Visegrady
发明人： John C. Dayka , Michael J. Jordan , James W. Sweeny , Tamas Visegrady
IPC分类号： G06F9/46 , G06F21/53
CPC分类号： G06F21/53
摘要： A system for remapping subsets of host-centric application programming interfaces to commodity service providers includes a processor configured to receive a commodity service providers object, embed the commodity service providers object with a handle, transform the handle into a serialized object readable by a hardware security module, generate a virtualized handle from the transformed handle, select a target hardware security module based on characteristics of the serialized object and map the virtualized handle to the target hardware security module.
摘要翻译：用于将以主机为中心的应用编程接口的子集重新映射到商品服务提供商的系统包括被配置为接收商品服务提供商对象的处理器，用手柄嵌入商品服务提供商对象，将该句柄转换成硬件安全性可读的串行化对象模块，从变换的句柄生成虚拟化句柄，根据序列化对象的特征选择目标硬件安全模块，并将虚拟化句柄映射到目标硬件安全模块。

8. 发明授权

US09122864B2 Method and apparatus for transitive program verification 有权
标题翻译：用于传递程序验证的方法和装置
公开(公告)号：US09122864B2
公开(公告)日：2015-09-01
申请号：US12186198
申请日：2008-08-05
申请人： John C. Dayka , Walter Barlett Farrell , Richard Henry Guski , James W. Sweeny
发明人： John C. Dayka , Walter Barlett Farrell , Richard Henry Guski , James W. Sweeny
IPC分类号： G06F11/30 , G06F12/14 , G06F21/44 , G06F21/57
CPC分类号： G06F21/445 , G06F21/57
摘要： A method, apparatus and program storage device for program verification in an information handling system in which an application program runs on an operating system having a signature verification function for verifying a digital signature of the application program. Upon loading of the application program, the signature verification function of the operating system verifies the digital signature of the application program and, if the digital signature is verified, initiates execution of the application program. Upon initiation of execution of the application program, a verification testing function associated with the application program tests the signature verification function of the operating system by presenting to it a sequence of test digital signatures in a specified pattern of true and false signatures. If its test of the signature verification function of the operating system is successful, the application program initiates normal execution. Otherwise, the application program terminates without initiating normal execution.
摘要翻译：一种在信息处理系统中用于程序验证的方法，装置和程序存储装置，其中应用程序在具有用于验证应用程序的数字签名的签名验证功能的操作系统上运行。在加载应用程序时，操作系统的签名验证功能验证应用程序的数字签名，并且如果数字签名被验证，则启动应用程序的执行。在开始执行应用程序时，与应用程序相关联的验证测试功能通过向其呈现指定的真假签名模式的测试数字签名序列来测试操作系统的签名验证功能。如果对操作系统的签名验证功能的测试成功，应用程序启动正常执行。否则，应用程序终止而不启动正常执行。

9. 发明申请

US20120278820A1 SCALABLE, HIGHLY AVAILABLE, DYNAMICALLY RECONFIGURABLE CRYPTOGRAPHIC PROVIDER WITH QUALITY-OF-SERVICE CONTROL BUILT FROM COMMODITY BACKEND PROVIDERS 有权
标题翻译：可扩展的，高可用性的可重构的可重新制造的提供商，具有从商品后端供应商提供的服务质量控制
公开(公告)号：US20120278820A1
公开(公告)日：2012-11-01
申请号：US13095471
申请日：2011-04-27
申请人： John C. Dayka , Michael J. Jordan , James W. Sweeny , Tamas Visegrady
发明人： John C. Dayka , Michael J. Jordan , James W. Sweeny , Tamas Visegrady
IPC分类号： G06F9/46
CPC分类号： G06F21/53
摘要： A system for remapping subsets of host-centric application programming interfaces to commodity service providers includes a processor configured to receive a commodity service providers object, embed the commodity service providers object with a handle, transform the handle into a serialized object readable by a hardware security module, generate a virtualized handle from the transformed handle, select a target hardware security module based on characteristics of the serialized object and map the virtualized handle to the target hardware security module.
摘要翻译：用于将以主机为中心的应用编程接口的子集重新映射到商品服务提供商的系统包括被配置为接收商品服务提供商对象的处理器，用手柄嵌入商品服务提供商对象，将该句柄转换成硬件安全性可读的串行化对象模块，从变换的句柄生成虚拟化句柄，根据序列化对象的特征选择目标硬件安全模块，并将虚拟化句柄映射到目标硬件安全模块。

10. 发明授权

US07139911B2 Password exposure elimination for digital signature coupling with a host identity 有权
公开(公告)号：US07139911B2
公开(公告)日：2006-11-21
申请号：US09795203
申请日：2001-02-28
申请人： James W. Sweeny , Messaoud Benantar , John J. Petreshock , Thomas L. Gindin , John C. Dayka
发明人： James W. Sweeny , Messaoud Benantar , John J. Petreshock , Thomas L. Gindin , John C. Dayka
IPC分类号： H04L9/00 , H04K1/00
CPC分类号： H04L9/3263
摘要： A method of certifying a host-identification mapping extension included in a digital certificate, the digital certificate issued and signed by a specific certification authority. In an exemplary embodiment of the invention, the method includes assigning a trust value for each certification authority included in a set of certification authorities. A digital certificate containing the host-identification mapping extension therein is received, with the host-identification mapping extension further containing a plurality of identification attributes therein. The plurality of identification attributes are evaluated, along with the trust value assigned to the specific certification authority issuing the digital certificate. A determination is then made, based upon the plurality of identification attributes and the trust value, as to whether the host-mapping extension is to be certified.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式