专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

91. 发明授权

US08336083B2 Trusted network access control system based ternary equal identification 有权
标题翻译：基于可信网络访问控制系统的三元等效识别
公开(公告)号：US08336083B2
公开(公告)日：2012-12-18
申请号：US12743170
申请日：2008-11-14
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： G06F21/00
CPC分类号： H04L63/20 , H04L41/0893 , H04L63/0823 , H04L63/0876 , H04L63/102 , H04L63/126
摘要： A trusted network access control system based on ternary equal identification is provided. The system includes access requestor AR, access controller AC and policy manager PM as well as the protocol interface among them. The protocol interface between the AR and AC includes a trusted network transmission interface (IF-TNT) and IF-TNACCS interface between TNAC client and TNAC server. The protocol interface between the AC and PM includes an identification policy service interface IF-APS, evaluation policy service interface IF-EPS and a trust measurement interface IF-TM. The protocol interface between the AR and PM includes a trust measurement interface IF-TM.
摘要翻译：提供了基于三元等同识别的可信网络访问控制系统。该系统包括访问请求者AR，访问控制器AC和策略管理器PM以及它们之间的协议接口。 AR和AC之间的协议接口包括TNAC客户端和TNAC服务器之间的可信网络传输接口（IF-TNT）和IF-TNACCS接口。 AC和PM之间的协议接口包括识别策略服务接口IF-APS，评估策略服务接口IF-EPS和信任测量接口IF-TM。 AR和PM之间的协议接口包括信任测量接口IF-TM。

92. 发明授权

US08306229B2 Method for managing network key and updating session key 有权
标题翻译：管理网络密钥和更新会话密钥的方法
公开(公告)号：US08306229B2
公开(公告)日：2012-11-06
申请号：US12442513
申请日：2007-07-17
申请人： Liaojun Pang , Jun Cao , Haibo Tian , Zhenhai Huang , Bianling Zhang
发明人： Liaojun Pang , Jun Cao , Haibo Tian , Zhenhai Huang , Bianling Zhang
IPC分类号： H04L29/06
CPC分类号： H04L9/0891 , H04L2209/80 , H04W12/04 , H04W12/10
摘要： A method for managing network key and updating session key is provided. The step of the key management includes: constructing key request group, constructing key negotiation response group, and constructing key negotiation acknowledgement group. The step of multicasting key management method includes multicasting main key negotiation protocol and multicasting session key distribution protocol. The multicasting main key negotiation protocol comprises key updating informs group, constructing encryption key negotiation request group, constructing key negotiation response group and constructing key negotiation acknowledgement group. The multicasting session key distribution protocol comprises multicasting session key request and multicasting session key distribution.
摘要翻译：提供了一种管理网络密钥和更新会话密钥的方法。密钥管理的步骤包括：构建密钥请求组，建立密钥协商响应组，建立密钥协商确认组。组播密钥管理方法的步骤包括组播主密钥协商协议和组播会话密钥分发协议。组播主密钥协商协议包括密钥更新通知组，构建加密密钥协商请求组，建立密钥协商响应组，构建密钥协商确认组。组播会话密钥分发协议包括组播会话密钥请求和组播会话密钥分发。

93. 发明授权

US08204218B2 High-efficient encryption and decryption processing method for implementing SMS4 algorithm 有权
标题翻译：实现SMS4算法的高效加密和解密处理方法
公开(公告)号：US08204218B2
公开(公告)日：2012-06-19
申请号：US12375095
申请日：2007-07-19
申请人： Jiayin Lu , Jun Cao , Zhenhai Huang , Xiang Yan
发明人： Jiayin Lu , Jun Cao , Zhenhai Huang , Xiang Yan
IPC分类号： H04K1/00
CPC分类号： H04L9/0625 , H04L2209/80
摘要： An encrypting/decrypting processing method for implementing SMS4 algorithm in high efficiency is provided. After preparing constant array, input external data into register section, firstly make primary data conversion and then make secondary data conversion, finally repeat data conversion course until complete all specified data conversion courses and obtain processing result of circulating data encryption/decryption. And it solves the technical problems of data conversion in the background technique that number of circulating times is large and encrypting efficiency is low, simplifying the chip design, largely optimizing integrity of chip signal and being able to improve interference immunity of system and reduce system cost.
摘要翻译：提供了一种以高效率实现SMS4算法的加密/解密处理方法。准备常数阵列后，将外部数据输入到寄存器部分，首先进行主数据转换，然后进行二次数据转换，最后重复数据转换过程，直到完成所有指定的数据转换课程，并获得循环数据加密/解密的处理结果。解决了循环次数大，加密效率低的背景技术数据转换技术问题，简化了芯片设计，大大提高了芯片信号的完整性，提高了系统的抗干扰能力，降低了系统成本。

94. 发明授权

US08191113B2 Trusted network connect system based on tri-element peer authentication 有权
标题翻译：基于三元素对等认证的可信网络连接系统
公开(公告)号：US08191113B2
公开(公告)日：2012-05-29
申请号：US12628903
申请日：2009-12-01
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： G06F7/04 , G06F15/16 , G06F17/30 , H04L29/06 , G06F15/173
CPC分类号： H04L63/20 , H04L9/321 , H04L9/3263 , H04L63/061 , H04L63/08 , H04L63/0869 , H04L63/0876 , H04L63/10 , H04L2209/127
摘要： A trusted network connect (TNC) system based on tri-element peer authentication (TePA) is provided. An network access requestor (NAR) of an access requestor (AR) is connected to a TNC client (TNCC), and the TNCC is connected to and integrity measurement collector (IMC1) through a integrity measurement collector interface (IF-IMC). An network access controller (NAC) of an access controller (AC) is connected to a TNC server (TNCS) in a data bearer manner. The TNCS is connected to an IMC2 through the IF-IMC. A user authentication service unit (UASU) of a policy manager (PM) is connected to a platform evaluation service unit (PESU) through an integrity measurement verifier interface (IF-IMV). Thus, the technical problems in the prior art of poor extensibility, complex key agreement process, and low security are solved. TePA is adopted in both the network access layer and the integrity evaluation layer to implement mutual user authentication and platform integrity evaluation, so that the security of the entire TNC architecture is improved.
摘要翻译：提供了基于三元素对等认证（TePA）的可信网络连接（TNC）系统。访问请求者（AR）的网络接入请求者（NAR）连接到TNC客户端（TNCC），TNCC通过完整性测量收集器接口（IF-IMC）连接到完整性测量收集器（IMC1）。接入控制器（AC）的网络接入控制器（NAC）以数据承载方式连接到TNC服务器（TNCS）。 TNCS通过IF-IMC连接到IMC2。策略管理器（PM）的用户认证服务单元（UASU）通过完整性测量验证器接口（IF-IMV）连接到平台评估服务单元（PESU）。因此，解决了现有技术中可扩展性差，复杂密钥协商过程和低安全性的技术问题。 TePA被采用于网络接入层和完整性评估层，实现了互用用户认证和平台完整性评估，从而提高了整个TNC架构的安全性。

95. 发明申请

US20120079561A1 ACCESS CONTROL METHOD FOR TRI-ELEMENT PEER AUTHENTICATION CREDIBLE NETWORK CONNECTION STRUCTURE 有权
标题翻译：三元认证接入控制方法认证网络连接结构
公开(公告)号：US20120079561A1
公开(公告)日：2012-03-29
申请号：US13377098
申请日：2009-12-09
申请人： Yuelei Xiao , Jun Cao , Zhenhai Huang , Li Ge
发明人： Yuelei Xiao , Jun Cao , Zhenhai Huang , Li Ge
IPC分类号： G06F21/20
CPC分类号： H04L63/0869 , H04L63/0876
摘要： An access control method for a TePA-based TNC architecture is provided, including: 1) performing encapsulation of user authentication protocol data and platform authentication protocol data in the TePA-based TNC architecture: 1.1) encapsulating the user authentication protocol data in a Data field of TAEP packets, and interacting with the TAEP packets between an access requestor and an access controller, and between the access controller and a policy manager, to perform mutual user authentication between the access requestor and the access controller, and establish a secure channel between the access requestor and the access controller; and 1.2) encapsulating the platform authentication protocol data in a Data field of TAEP packets, and, for platform authentication protocol data between the access requestor and the access controller, encapsulating a TAEP packet of the platform authentication protocol data in a Data field of another TAEP packet to form a nested encapsulation.
摘要翻译：提供了一种基于TePA的TNC架构的访问控制方法，包括：1）在基于TePA的TNC架构中执行用户认证协议数据和平台认证协议数据的封装：1.1）将用户认证协议数据封装在数据字段的TAEP分组，并且与访问请求者和访问控制器之间的TAEP分组以及访问控制器和策略管理器之间的TAEP分组进行交互，以在接入请求者和接入控制器之间执行相互用户认证，并在接入控制器和接入控制器之间建立安全信道访问请求者和访问控制器; 和1.2）将平台认证协议数据封装在TAEP数据包的数据字段中，并且对于接入请求者和接入控制器之间的平台认证协议数据，将平台认证协议数据的TAEP分组封装在另一个TAEP的数据字段中数据包形成嵌套封装。

96. 发明申请

US20110239271A1 TRUSTED NETWORK CONNECTION IMPLEMENTING METHOD BASED ON TRI-ELEMENT PEER AUTHENTICATION 有权
标题翻译：基于三元认证的有效网络连接实现方法
公开(公告)号：US20110239271A1
公开(公告)日：2011-09-29
申请号：US13133333
申请日：2009-12-01
申请人： Yuelei Xiao , Jun Cao , Li Ge , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Li Ge , Zhenhai Huang
IPC分类号： H04L9/32
CPC分类号： H04L63/0869 , G06F21/31 , G06F21/6209 , G06F2221/2141 , H04L63/0876 , H04L63/10
摘要： A trusted network connection implementing method based on Tri-element Peer Authentication is provided in present invention, the method includes: step 1, configuring and initializing; step 2, requesting for network connection, wherein an access requester sends a network connection request to and access controller, and the access controller receives the network connection request; step 3, authenticating user ID; and step 4, authenticating a platform. The invention enhances the safety of the trusted network connection implementing method, widens the application range of the trusted network connection implementing method based on the Tri-element Peer Authentication, satisfies requirements of different network apparatuses and improves the efficiency of the trusted network connection implementing method based on the Tri-element Peer Authentication. The invention is not only applied to the trusted network connection of entities, but also applied to the trusted communication among the peer entities, and is further applied to the trusted management of the entities, thus the applicability of the trusted network connection implementing method based on the Tri-element Peer Authentication is improved.
摘要翻译：本发明提供了一种基于三元素对等认证的可信网络连接实现方法，该方法包括：步骤1，配置和初始化; 步骤2，请求网络连接，其中访问请求者向网络连接请求发送和访问控制器，并且访问控制器接收网络连接请求; 步骤3，验证用户ID; 步骤4，验证平台。本发明增强了可信网络连接实现方法的安全性，拓宽了基于三元对等认证的可信网络连接实现方法的应用范围，满足不同网络设备的要求，提高了可信网络连接实现方法的效率基于三元素对等体认证。本发明不仅应用于实体的可信网络连接，而且还应用于对等实体之间的可信任通信，并进一步应用于实体的可信管理，从而基于可信网络连接实现方法的适用性三元素对等体验证得到改进。

97. 发明申请

US20110202992A1 METHOD FOR AUTHENTICATING A TRUSTED PLATFORM BASED ON THE TRI-ELEMENT PEER AUTHENTICATION(TEPA) 有权
标题翻译：基于三元认证（TEPA）认证受信任平台的方法
公开(公告)号：US20110202992A1
公开(公告)日：2011-08-18
申请号：US13119909
申请日：2009-11-03
申请人： Yuelei Xiao , Jun Cao , Li Ge , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Li Ge , Xiaolong Lai , Zhenhai Huang
IPC分类号： H04L9/32 , G06F21/00
CPC分类号： H04L63/083 , G06F21/33 , H04L9/321 , H04L9/3234 , H04L9/3247 , H04L9/3263 , H04L63/0876 , H04L63/105 , H04L63/20 , H04L2209/80
摘要： A method for authenticating a trusted platform based on the Tri-element Peer Authentication (TePA). The method includes the following steps: A) a second attesting system sends the first message to a first attesting system; B) the first attesting system sends a second message to the second attesting system after receiving the first message; C) the second attesting system sends a third message to a Trusted Third Party (TTP) after receiving the second message; D) the TTP sends a fourth message to the second attesting system after receiving the third message; E) the second attesting system sends a fifth message to the first attesting system after receiving the fourth message; and F) the first attesting system performs an access control after receiving the fifth message. The method for authenticating a trusted platform based on TePA of the present invention adopts the security architecture of TePA, and improves the safety of an evaluation agreement of the trusted platform, realizes the mutual evaluation of the trusted platform between the attesting systems, and extends the application ranges.
摘要翻译：一种基于三元素对等认证（TePA）认证可信平台的方法。该方法包括以下步骤：A）第二证明系统将第一消息发送到第一认证系统; B）第一证明系统在接收到第一消息之后向第二认证系统发送第二消息; C）第二证明系统在接收到第二消息之后向受信任的第三方（TTP）发送第三消息; D）TTP在接收到第三消息之后向第二认证系统发送第四消息; E）第二证明系统在接收到第四消息之后向第一认证系统发送第五消息; 和F）第一认证系统在接收到第五消息之后执行访问控制。本发明基于TePA认证信任平台的方法采用了TePA的安全架构，提高了可信平台评估协议的安全性，实现了认证系统之间信任平台的相互评估，并扩展了应用范围。

98. 发明申请

US20110191579A1 TRUSTED NETWORK CONNECT METHOD FOR ENHANCING SECURITY 有权
标题翻译：用于增强安全性的有效网络连接方法
公开(公告)号：US20110191579A1
公开(公告)日：2011-08-04
申请号：US12671575
申请日：2008-07-21
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： H04L9/32 , H04L29/06 , H04L9/08
CPC分类号： H04L63/0869 , H04L9/0844 , H04L9/3247 , H04L9/3263 , H04L41/0893 , H04L63/0876 , H04L63/105 , H04L63/20 , H04L2209/127
摘要： A trusted network connect method for enhancing security, it pre-prepares platform integrity information, sets an integrity verify demand. A network access requestor initiates an access request, a network access authority starts a process for bi-directional user authentication, begins to perform the triplex element peer authentication protocol with a user authentication service unit. After the success of the bi-directional user authentication, a TNC server and a TNC client perform bi-directional platform integrity evaluation. The network access requestor and the network access authority control ports according to their respective recommendations, implement the mutual access control of the access requestor and the access authority. The present invention solves the technical problems in the background technologies: the security is lower relatively, the access requestor may be unable to verify the validity of the AIK credential and the platform integrity evaluation is not parity. The present invention may simplify the management of the key and the mechanism of integrity verification, expand the application scope of the trusted network connect.
摘要翻译：一种可靠的网络连接方法，用于增强安全性，预先准备平台完整性信息，设置完整性验证需求。网络访问请求者发起访问请求，网络访问权限启动用于双向用户认证的过程，开始与用户认证服务单元一起执行三重元素对等认证协议。在双向用户认证成功之后，TNC服务器和TNC客户端执行双向平台完整性评估。网络访问请求者和网络访问权限控制端口根据各自的建议，实现访问请求者和访问权限的相互访问控制。本发明解决了后台技术中的技术问题：安全性相对较低，访问请求者可能无法验证AIK凭据的有效性，平台完整性评估不是奇偶校验。本发明可以简化密钥的管理和完整性验证的机制，扩大可信网络连接的应用范围。

99. 发明申请

US20110055554A1 WIRELESS PERSONAL AREA NETWORK ACCESSING METHOD 有权
标题翻译：无线个人网络接入方法
公开(公告)号：US20110055554A1
公开(公告)日：2011-03-03
申请号：US12863272
申请日：2009-01-14
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang , Bianling Zhang , Zhiqiang Qin , Qizhu Song
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang , Bianling Zhang , Zhiqiang Qin , Qizhu Song
IPC分类号： H04L9/00 , H04L9/32
CPC分类号： H04W12/04 , H04L63/205 , H04W12/06
摘要： A wireless personal area network accessing method is provided, the method includes that: a coordinator broadcasts a beacon frame, the beacon frame includes the information about whether the coordinator sends an authentication requirement, the beacon frame also includes the authentication supported by the coordinator and key management package when a device receipts the authentication requirement, the device receives the beacon frame, the authentication between the coordinator and the device is made by using a authentication method corresponding to the authentication supported by the coordinator and key management package, when the device determines that the coordinator and the device is directly made according to the authentication result, or the association between the coordinator and the device is made after making session key negotiation.
摘要翻译：提供了无线个人区域网络访问方法，该方法包括：协调器广播信标帧，信标帧包括关于协调器是否发送认证要求的信息，信标帧还包括由协调器和密钥支持的认证管理包，当设备收到认证要求时，设备收到信标帧，协调器和设备之间的认证是通过使用与协调器和密钥管理包所支持的认证相对应的认证方法进行的，当设备确定协调器和设备根据认证结果直接进行，或者在进行会话密钥协商之后进行协调器与设备之间的关联。

100. 发明申请

US20100263023A1 TRUSTED NETWORK ACCESS CONTROLLING METHOD BASED ON TRI-ELEMENT PEER AUTHENTICATION 有权
标题翻译：基于三元认证的有效网络访问控制方法
公开(公告)号：US20100263023A1
公开(公告)日：2010-10-14
申请号：US12742618
申请日：2008-11-14
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： H04L29/06 , H04L9/32 , H04W12/08
CPC分类号： H04L41/0893 , H04L63/0823 , H04L63/0876 , H04L63/102 , H04L63/20
摘要： A trusted network access controlling method based upon tri-element peer authentication comprises: Firstly initializing creditability collectors and a creditability verifier; then carrying out a tri-element peer authentication protocol among a network access requester, a network access controller and an authentication strategy server in a network access control layer to realize bi-directional user authentication between the access requester and the access controller; When authentication is successful or the locale strategy requires to carry out a when a platform creditability evaluation process, the TNC terminal, TNC server and evaluation strategy server in a trusted platform evaluation layer performing the tri-element peer authentication protocol to realize bi-directional platform creditability authentication between the access requester and the access controller; Finally the access requester and the access controller controlling ports according to the recommendation generated by the TNAC client terminal and the TNAC service terminal. The invention solves the technical problem about poor expandability in background, and further solves the problem about complex key negotiation and relatively low safety.
摘要翻译：基于三元素对等认证的可信网络访问控制方法包括：首先初始化信用收集者和信用验证者; 然后在网络访问控制层中的网络访问请求者，网络访问控制器和认证策略服务器之间执行三元素对等认证协议，以实现访问请求者和访问控制器之间的双向用户认证; 当认证成功或者区域设置策略需要在平台可信度评估过程中执行时，TNC终端，TNC服务器和评估策略服务器在可信平台评估层中执行三元素对等认证协议，实现双向平台访问请求者和访问控制器之间的可信度认证; 最后根据由TNAC客户终端和TNAC服务终端生成的建议，访问请求者和访问控制器控制端口。本发明解决了背景下可扩展性差的技术问题，进一步解决了复杂密钥协商和安全性相对较低的问题。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式