专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

111. 发明授权

US09246942B2 Platform authentication strategy management method and device for trusted connection architecture 有权
标题翻译：平台认证策略管理方法和可信连接体系结构的设备
公开(公告)号：US09246942B2
公开(公告)日：2016-01-26
申请号：US13813291
申请日：2011-05-26
申请人： Yonggang Xue , Runtian Kan , Yuelei Xiao , Jun Cao , Zhenhai Huang , Ke Wang , Guoqiang Zhang , Kelong Yuan , Lin Zhu , Xiaoyong Liu
发明人： Yonggang Xue , Runtian Kan , Yuelei Xiao , Jun Cao , Zhenhai Huang , Ke Wang , Guoqiang Zhang , Kelong Yuan , Lin Zhu , Xiaoyong Liu
IPC分类号： H04L29/06 , G06F21/57
CPC分类号： H04L63/20 , G06F21/57 , H04L63/0876 , H04L63/10 , H04L63/1433
摘要： Provided are a platform authentication strategy management method for trusted connection architecture (TCA), and the trusted network connection (TNC) client, TNC access point and evaluation strategy service provider for implementing the method in the TCA. In the embodiments of the present invention, the platform authentication strategy for the access requester can be configured in the TNC access point or the evaluation strategy service provider, and the platform authentication strategy for the access requester configured in the evaluation strategy service provider can be delivered to the TNC access point. Moreover, a component-type-level convergence platform evaluation strategy can be executed in the TNC access point or the evaluation strategy service provider, to ensure that the realization of the TCA platform authentication has good application extensibility.
摘要翻译：提供了一种用于可信连接架构（TCA）和可信网络连接（TNC）客户端，TNC接入点和评估策略服务提供商的平台认证策略管理方法，用于在TCA中实现该方法。在本发明的实施例中，可以在TNC接入点或评估策略服务提供者中配置用于接入请求者的平台认证策略，并且可以在评估策略服务提供商中配置的接入请求者的平台认证策略到TNC接入点。此外，TNC接入点或评估策略服务提供商可以执行组件级融合平台评估策略，确保TCA平台认证的实现具有良好的应用可扩展性。

112. 发明授权

US08789134B2 Method for establishing trusted network connect framework of tri-element peer authentication 有权
标题翻译：建立三元对等认证可信网络连接框架的方法
公开(公告)号：US08789134B2
公开(公告)日：2014-07-22
申请号：US13264683
申请日：2009-12-09
申请人： Yuelei Xiao , Jun Cao , Li Ge , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Li Ge , Zhenhai Huang
IPC分类号： H04L29/06
CPC分类号： H04L67/104 , G06F21/57 , H04L63/08 , H04L63/0876 , H04L63/105 , H04L63/20
摘要： The present invention provides a method for establishing the trusted network connect framework of tri-element peer authentication. The method includes: the implement of trusted network transport interface (IF-TNT); the implement of authentication policy service interface (IF-APS); the implement of trusted network connect (TNC) client-TNC access point interface (IF-TNCCAP); the implement of evaluation policy service interface (IF-EPS); the implement of integrity measurement collector interface (IF-IMC); the implement of integrity measurement verifier interface (IF-IMV); and the implement of integrity measurement (IF-IM). The embodiments of the present invention can establish the trust of the terminals, implement the trusted network connect of the terminals, implement the trusted authentication among the terminals, implement the trusted management of the terminals, and establish the TNC framework based on tri-element peer authentication (TePA) by defining the interfaces.
摘要翻译：本发明提供了一种建立三元对等认证的可信网络连接框架的方法。该方法包括：实现可信网络传输接口（IF-TNT）; 认证策略服务接口（IF-APS）的实现; 可信网络连接（TNC）客户端 - TNC接入点接口（IF-TNCCAP）的实现; 评估政策服务界面（IF-EPS）的实施; 完整性测量采集器接口（IF-IMC）的实现; 完整性测量验证器接口（IF-IMV）的实现; 和完整性测量（IF-IM）的实施。本发明的实施例可以建立终端的信任，实现终端的可信网络连接，在终端之间实现可信认证，实现终端的可信管理，并建立基于三元对等体的TNC框架认证（TePA）通过定义接口。

113. 发明授权

US08719897B2 Access control method for tri-element peer authentication credible network connection structure 有权
标题翻译：三元对等认证的可访问控制方法可靠的网络连接结构
公开(公告)号：US08719897B2
公开(公告)日：2014-05-06
申请号：US13377098
申请日：2009-12-09
申请人： Yuelei Xiao , Jun Cao , Zhenhai Huang , Li Ge
发明人： Yuelei Xiao , Jun Cao , Zhenhai Huang , Li Ge
IPC分类号： H04L29/06 , G06F17/00
CPC分类号： H04L63/0869 , H04L63/0876
摘要： An access control method for a TePA-based TNC architecture is provided, including: 1) performing encapsulation of user authentication protocol data and platform authentication protocol data in the TePA-based TNC architecture: 1.1) encapsulating the user authentication protocol data in a Data field of TAEP packets, and interacting with the TAEP packets between an access requestor and an access controller, and between the access controller and a policy manager, to perform mutual user authentication between the access requestor and the access controller, and establish a secure channel between the access requestor and the access controller; and 1.2) encapsulating the platform authentication protocol data in a Data field of TAEP packets, and, for platform authentication protocol data between the access requestor and the access controller, encapsulating a TAEP packet of the platform authentication protocol data in a Data field of another TAEP packet to form a nested encapsulation.
摘要翻译：提供了一种基于TePA的TNC架构的访问控制方法，包括：1）在基于TePA的TNC架构中执行用户认证协议数据和平台认证协议数据的封装：1.1）将用户认证协议数据封装在数据字段的TAEP分组，并且与访问请求者和访问控制器之间的TAEP分组以及访问控制器和策略管理器之间的TAEP分组进行交互，以在接入请求者和接入控制器之间执行相互用户认证，并在接入控制器和接入控制器之间建立安全信道访问请求者和访问控制器; 和1.2）将平台认证协议数据封装在TAEP数据包的数据字段中，并且对于接入请求者和接入控制器之间的平台认证协议数据，将平台认证协议数据的TAEP分组封装在另一个TAEP的数据字段中数据包形成嵌套封装。

114. 发明授权

US08605893B2 Encryption and decryption processing method, system and computer-accessible medium for achieving SMS4 cryptographic procedure 有权
标题翻译：加密和解密处理方法，系统和计算机可访问介质，用于实现SMS4加密过程
公开(公告)号：US08605893B2
公开(公告)日：2013-12-10
申请号：US13465411
申请日：2012-05-07
申请人： Jiayin Lu , Jun Cao , Xiang Yan , Zhenhai Huang
发明人： Jiayin Lu , Jun Cao , Xiang Yan , Zhenhai Huang
IPC分类号： H04K1/00
CPC分类号： G09C1/00 , H04L9/0625 , H04L9/14 , H04L2209/125
摘要： An encryption and decryption processing system for achieving SMS4 cryptographic procedure can be provided. The system includes a repeating encryption and decryption data processing device comprising a first constant array storing unit, a first data registering unit and a first data converting unit. The first constant array storing unit stores a first constant array and send it to N-data converting sub-units of the first data converting unit. The first data registering unit registers data, deliver the registered data to a first data converting sub-unit. The N-data converting sub-units perform a data conversion processing, and transmit the obtained conversion data to a next data converting sub-unit for subsequent processing until the data conversion processing processes are completed, a particular number of the completed processed being equal to a value of a data depth.
摘要翻译：可以提供用于实现SMS4密码过程的加密和解密处理系统。该系统包括重复的加密和解密数据处理装置，包括第一常数阵列存储单元，第一数据登记单元和第一数据转换单元。第一常数阵列存储单元存储第一常数阵列并将其发送到第一数据转换单元的N数据转换子单元。第一数据登记单元登记数据，将注册的数据传送到第一数据转换子单元。 N数据转换子单元执行数据转换处理，并将所获得的转换数据发送到下一个数据转换子单元，用于后续处理，直到数据转换处理完成，完成处理的特定数量等于数据深度的值。

115. 发明授权

US08533806B2 Method for authenticating a trusted platform based on the tri-element peer authentication(TEPA) 有权
标题翻译：基于三元对等认证（TEPA）认证可信平台的方法
公开(公告)号：US08533806B2
公开(公告)日：2013-09-10
申请号：US13119909
申请日：2009-11-03
申请人： Yuelei Xiao , Jun Cao , Li Ge , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Li Ge , Xiaolong Lai , Zhenhai Huang
IPC分类号： G06F7/04 , G06F15/16 , G06F17/30 , H04L29/06
CPC分类号： H04L63/083 , G06F21/33 , H04L9/321 , H04L9/3234 , H04L9/3247 , H04L9/3263 , H04L63/0876 , H04L63/105 , H04L63/20 , H04L2209/80
摘要： A method for authenticating a trusted platform based on the Tri-element Peer Authentication (TePA). The method includes the following steps: A) a second attesting system sends the first message to a first attesting system; B) the first attesting system sends a second message to the second attesting system after receiving the first message; C) the second attesting system sends a third message to a Trusted Third Party (TTP) after receiving the second message; D) the TTP sends a fourth message to the second attesting system after receiving the third message; E) the second attesting system sends a fifth message to the first attesting system after receiving the fourth message; and F) the first attesting system performs an access control after receiving the fifth message. The method for authenticating a trusted platform based on TePA of the present invention adopts the security architecture of TePA, and improves the safety of an evaluation agreement of the trusted platform, realizes the mutual evaluation of the trusted platform between the attesting systems, and extends the application ranges.
摘要翻译：一种基于三元素对等认证（TePA）认证可信平台的方法。该方法包括以下步骤：A）第二证明系统将第一消息发送到第一认证系统; B）第一证明系统在接收到第一消息之后向第二认证系统发送第二消息; C）第二证明系统在接收到第二消息之后向受信任的第三方（TTP）发送第三消息; D）TTP在接收到第三消息之后向第二认证系统发送第四消息; E）第二证明系统在接收到第四消息之后向第一认证系统发送第五消息; 和F）第一认证系统在接收到第五消息之后执行访问控制。本发明基于TePA认证信任平台的方法采用了TePA的安全架构，提高了可信平台评估协议的安全性，实现了认证系统之间信任平台的相互评估，并扩展了应用范围。

116. 发明授权

US08185091B2 Network access authentication and authorization method and an authorization key updating method 有权
标题翻译：网络访问认证授权方法和授权密钥更新方法
公开(公告)号：US08185091B2
公开(公告)日：2012-05-22
申请号：US12441915
申请日：2007-07-16
申请人： Liaojun Pang , Jun Cao , Haibo Tian , Zhenhai Huang , Bianling Zhang
发明人： Liaojun Pang , Jun Cao , Haibo Tian , Zhenhai Huang , Bianling Zhang
IPC分类号： H04W12/08
CPC分类号： H04L9/3263 , H04L9/3268 , H04L9/3271 , H04L9/3273 , H04L63/061 , H04L63/0823 , H04L63/0869 , H04L2209/80 , H04W12/04 , H04W12/06
摘要： A network access authentication and authorization method includes the steps of: constructing an access and authorization request packet; constructing a certificate authentication request packet, constructing a certificate authentication response packet; constructing an access and authorization response packet; constructing an access and authorization acknowledgement packet. And an authorization key updating method includes the steps of: constructing an access and authorization request packet; constructing an access and authorization response packet; constructing an access and authorization acknowledgement packet. The invention resolves the security problem that a mobile terminal accesses a base station in the wideband wireless multimedia network, and realizes both bi-directional identity authentication of a mobile terminal and a base station and unidirectional identity authentication from a base station to a mobile terminal. The authorization key negotiation calculation is simple, and the key management is simply realized by using message acknowledgement manner. The invention is applied to the wired network and the wireless network, such as the wireless local area network, the wireless metropolitan area network, and the broadband wireless multimedia network etc.
摘要翻译：一种网络接入认证授权方法，包括：构建接入和授权请求报文; 构建证书认证请求报文，构建证书认证响应报文; 构建访问和授权响应包; 构建访问和授权确认包。并且授权密钥更新方法包括以下步骤：构建接入和授权请求分组; 构建访问和授权响应包; 构建访问和授权确认包。本发明解决了移动终端访问宽带无线多媒体网络中的基站的安全问题，实现了移动终端和基站的双向身份认证以及从基站到移动终端的单向身份认证。授权密钥协商计算简单，密钥管理简单地通过使用消息确认方式实现。本发明适用于无线局域网，无线城域网，宽带无线多媒体网络等有线网络和无线网络。

117. 发明申请

US20120005718A1 TRUSTED NETWORK CONNECT SYSTEM FOR ENHANCING THE SECURITY 有权
标题翻译：用于增强安全性的有效网络连接系统
公开(公告)号：US20120005718A1
公开(公告)日：2012-01-05
申请号：US12672860
申请日：2008-07-21
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： G06F21/20
CPC分类号： H04L63/0876 , H04L9/0844 , H04L9/3263 , H04L41/0893 , H04L63/0823 , H04L63/102 , H04L63/126 , H04L63/20
摘要： Disclosed is a trusted network connect system for enhancing the security, the system including an access requester of the system network that connects to a policy enforcement point in the manner of authentication protocol, and network-connects to the access authorizer via a network authorization transport protocol interface, an integrity evaluation interface and an integrity measurement interface, a policy enforcement point network-connects to the access authorizer via a policy enforcement interface, an access authorizer network-connects to the policy manager via a user authentication authorization interface, a platform evaluation authorization interface and the integrity measurement interface, and an access requester network-connects to a policy manager via the integrity measurement interface.
摘要翻译：公开了一种用于增强安全性的可靠的网络连接系统，该系统包括以认证协议的方式连接到策略执行点的系统网络的访问请求者，并通过网络授权传输协议网络连接到接入授权器接口，完整性评估接口和完整性测量接口，策略执行点网络 - 通过策略执行接口连接到接入授权器，接入授权器网络 - 经由用户认证授权接口连接到策略管理器，平台评估授权接口和完整性测量接口，以及访问请求者网络 - 通过完整性测量界面连接到策略管理器。

118. 发明申请

US20100293370A1 AUTHENTICATION ACCESS METHOD AND AUTHENTICATION ACCESS SYSTEM FOR WIRELESS MULTI-HOP NETWORK 有权
标题翻译：无线多业务网络认证接入方法及认证接入系统
公开(公告)号：US20100293370A1
公开(公告)日：2010-11-18
申请号：US12810374
申请日：2008-12-26
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： H04L9/32
CPC分类号： H04W12/06 , H04L9/0844 , H04L9/3226 , H04L9/3263 , H04L63/061 , H04L63/0807 , H04L2209/80 , H04W12/04 , H04W88/02
摘要： Authentication access method and authentication access system for wireless multi-hop network. Terminal equipment and coordinator have the capability of port control, the coordinator broadcasts a beacon frame, and the terminal equipment selects an authentication and key management suite and transmits a connecting request command to the coordinator. The coordinator performs authentication with the terminal equipment according to the authentication and key management suite which is selected by the terminal equipment, after authenticated, transmits a connecting response command to the terminal equipment. The terminal equipment and the coordinator control the port according to the authentication result, therefore the authenticated access for the wireless multi-hop network is realized. The invention solves the security problem of the wireless multi-hop network authentication method.
摘要翻译：无线多跳网络的认证接入方式和认证接入系统。终端设备和协调器具有端口控制能力，协调器广播信标帧，终端设备选择认证和密钥管理套件，并向协调器发送连接请求命令。协调器根据由终端设备选择的认证和密钥管理套件与终端设备进行认证，经过认证，向终端设备发送连接响应命令。终端设备和协调器根据认证结果对端口进行控制，实现了无线多跳网络的认证接入。本发明解决了无线多跳网络认证方法的安全问题。

119. 发明申请

US20100009656A1 NETWORK ACCESS AUTHENTICATION AND AUTHORIZATION METHOD AND AN AUTHORIZATION KEY UPDATING METHOD 有权
标题翻译：网络访问认证和授权方法和授权密钥更新方法
公开(公告)号：US20100009656A1
公开(公告)日：2010-01-14
申请号：US12441915
申请日：2007-07-16
申请人： Liaojun Pang , Jun Cao , Haibo Tian , Zhenhai Huang , Bianling Zhang
发明人： Liaojun Pang , Jun Cao , Haibo Tian , Zhenhai Huang , Bianling Zhang
IPC分类号： H04M3/16
CPC分类号： H04L9/3263 , H04L9/3268 , H04L9/3271 , H04L9/3273 , H04L63/061 , H04L63/0823 , H04L63/0869 , H04L2209/80 , H04W12/04 , H04W12/06
摘要： A network access authentication and authorization method includes the steps of: constructing an access and authorization request packet; constructing a certificate authentication request packet, constructing a certificate authentication response packet; constructing an access and authorization response packet; constructing an access and authorization acknowledgement packet. And an authorization key updating method includes the steps of: constructing an access and authorization request packet; constructing an access and authorization response packet; constructing an access and authorization acknowledgement packet. The invention resolves the security problem that a mobile terminal accesses a base station in the wideband wireless multimedia network, and realizes both bi-directional identity authentication of a mobile terminal and a base station and unidirectional identity authentication from a base station to a mobile terminal. The authorization key negotiation calculation is simple, and the key management is simply realized by using message acknowledgement manner. The invention is applied to the wired network and the wireless network, such as the wireless local area network, the wireless metropolitan area network, and the broadband wireless multimedia network etc.
摘要翻译：一种网络接入认证授权方法，包括：构建接入和授权请求报文; 构建证书认证请求报文，构建证书认证响应报文; 构建访问和授权响应包; 构建访问和授权确认包。并且授权密钥更新方法包括以下步骤：构建接入和授权请求分组; 构建访问和授权响应包; 构建访问和授权确认包。本发明解决了移动终端访问宽带无线多媒体网络中的基站的安全问题，实现了移动终端和基站的双向身份认证以及从基站到移动终端的单向身份认证。授权密钥协商计算简单，密钥管理简单地通过使用消息确认方式实现。本发明适用于无线局域网，无线城域网，宽带无线多媒体网络等有线网络和无线网络。

120. 发明申请

US20080288777A1 A Peer-to-Peer Access Control Method Based on Ports 有权
标题翻译：基于端口的对等访问控制方法
公开(公告)号：US20080288777A1
公开(公告)日：2008-11-20
申请号：US11816715
申请日：2006-02-21
申请人： Xiaolong Lai , Jun Cao , Bianling Zhang , Zhenhai Huang , Hong Guo
发明人： Xiaolong Lai , Jun Cao , Bianling Zhang , Zhenhai Huang , Hong Guo
IPC分类号： H04L9/32
CPC分类号： H04L63/0869 , H04L9/0894 , H04L9/321 , H04L2209/80
摘要： A port based peer access control method, comprises the steps of: 1) enabling the authentication control entity; 2) two authentication control entities authenticating each other; 3) setting the status of the controlled port. The method may further comprise the steps of enabling the authentication server entity, two authentication subsystems negotiating the key. By modifying the asymmetry of background technique, the invention has advantages of peer control, distinguishable authentication control entity, good scalability, good security, simple key negotiation process, relatively complete system, high flexibility, thus the invention can satisfy the requirements of central management as well as resolve the technical issues of the prior network access control method, including complex process, poor security, poor scalability, so it provides essential guarantee for secure network access.
摘要翻译：一种基于端口的对等接入控制方法，包括步骤：1）启用认证控制实体; 2）两个认证控制实体相互认证; 3）设置受控端口的状态。该方法还可以包括以下步骤：启用认证服务器实体，两个认证子系统协商该密钥。通过修改背景技术的不对称性，本发明具有对等控制，可区分认证控制实体，良好的可扩展性，良好的安全性，简单的密钥协商过程，系统相对完整，灵活性高等优点，因此本发明可以满足中央管理的要求解决现有网络访问控制方法的技术问题，包括复杂过程，安全性差，可扩展性差，为安全网络访问提供了必要的保证。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式