专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明授权

US08621649B1 Providing a security-sensitive environment 有权
标题翻译：提供安全敏感的环境
公开(公告)号：US08621649B1
公开(公告)日：2013-12-31
申请号：US13077153
申请日：2011-03-31
申请人： Marten Van Dijk , Ari Juels , Brian William Fitzgerald , George Matthews
发明人： Marten Van Dijk , Ari Juels , Brian William Fitzgerald , George Matthews
IPC分类号： H04L29/06
CPC分类号： H04L29/06 , G06F21/60 , G06F2221/2149 , H04L63/102
摘要： A technique provides a security-sensitive environment. The technique involves establishing a first secure channel from a trusted server to a first data source DA. The technique further involves establishing a second secure channel from the trusted server to a second data source DB. The technique further involves, while the trusted server performs a set of collaborative operations in which the trusted server (i) accesses the first data source through the first secure channel (ii) accesses the second data source through the second secure channel, and (iii) generates a set of collaborative results based on information from the first and second data sources (i.e., the output of f(DA,DB)), running a set of security policy compliance operations in the trusted server to inhibit unauthorized leakage of data in the set of collaborative results.
摘要翻译：技术提供了一个安全敏感的环境。该技术涉及从可信服务器建立到第一数据源DA的第一安全通道。该技术还涉及建立从可信服务器到第二数据源DB的第二安全通道。该技术还涉及当可信服务器执行一组协作操作时，可信服务器（i）通过第一安全信道访问第一数据源（ii）通过第二安全信道访问第二数据源，并且（iii ）基于来自第一和第二数据源（即，f（DA，DB）的输出）的信息生成一组协作结果，在可信服务器中运行一组安全策略合规性操作，以防止未经授权的数据泄漏一套合作成果。

12. 发明授权

US08601552B1 Personal identification pairs 有权
标题翻译：个人识别对
公开(公告)号：US08601552B1
公开(公告)日：2013-12-03
申请号：US12748690
申请日：2010-03-29
申请人： Kevin D. Bowers , Ari Juels
发明人： Kevin D. Bowers , Ari Juels
IPC分类号： G06F21/00
CPC分类号： G06F21/36
摘要： A method by which a computer system authenticates a user is provided. The method includes (a) displaying a plurality of unique elements to a user on a display device, (b) receiving a set of points corresponding to a sweeping motion performed by the user with respect to the display device, (c) determining a pair of unique elements of the plurality of unique elements defined by endpoints of the sweeping motion, and (d) authenticating the user only if the pair of unique elements is associated for authentication purposes with the user. An apparatus and computer program product for performing the method are also provided.
摘要翻译：提供了计算机系统认证用户的方法。该方法包括：（a）在显示设备上向用户显示多个唯一元素，（b）接收与用户相对于显示设备执行的扫描运动相对应的一组点，（c）确定一对由扫描运动的端点定义的多个唯一元素的唯一元素，以及（d）只有当该对唯一元素与用户的认证目的相关联时才对用户进行认证。还提供了一种用于执行该方法的装置和计算机程序产品。

13. 发明授权

US08378786B2 Security provision in standards-compliant RFID systems 有权
标题翻译：符合标准的RFID系统的安全提供
公开(公告)号：US08378786B2
公开(公告)日：2013-02-19
申请号：US11671275
申请日：2007-02-05
申请人： Daniel Vernon Bailey , Ari Juels
发明人： Daniel Vernon Bailey , Ari Juels
IPC分类号： H04Q5/22 , G05B19/00 , H04K1/00 , H04L9/00
CPC分类号： H04L9/321 , H04L9/3271 , H04L2209/56 , H04L2209/805 , Y02P90/265
摘要： Enhanced security is provided in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices. In one aspect of the invention, a first command is transmitted from the reader to write a first data unit to a memory of given one of the RFID devices. A reply is received in the reader from the given RFID device indicating that a second data unit determined based on contents of the first data unit is available in the memory to be accessed by the reader. A second command is transmitted from the reader to the given RFID device to allow the reader to read the memory to thereby obtain the second data unit. The first and second data units comprise information exchanged as part of a cryptographic protocol carried out between the reader and the given RFID device. In an illustrative embodiment, the cryptographic protocol may comprise a challenge-response authentication protocol.
摘要翻译： RFID系统中提供了增强的安全性，RFID系统包括多个RFID设备和与一个或多个设备通信的至少一个读取器。在本发明的一个方面，从读取器发送第一命令以将第一数据单元写入给定的一个RFID设备的存储器。在读取器中从给定的RFID装置接收到答复，指示基于第一数据单元的内容确定的第二数据单元在读取器要访问的存储器中可用。第二命令从读取器发送到给定的RFID设备，以允许读取器读取存储器，从而获得第二数据单元。第一和第二数据单元包括作为在读取器和给定RFID设备之间执行的密码协议的一部分交换的信息。在说明性实施例中，密码协议可以包括询问 - 响应认证协议。

14. 发明授权

US07848746B2 Authentication methods and apparatus utilizing hash chains 有权
标题翻译：使用哈希链的认证方法和设备
公开(公告)号：US07848746B2
公开(公告)日：2010-12-07
申请号：US11768608
申请日：2007-06-26
申请人： Ari Juels
发明人： Ari Juels
IPC分类号： H04W24/00 , H04L9/00
CPC分类号： H04L9/0861 , H04L9/3228 , H04L9/3234 , H04L63/0492 , H04L63/08 , H04L63/0838 , H04L2209/805 , H04W12/06
摘要： A first processing device, which may be, for example, a wireless authentication token or an RFID tag, comprises a memory, a processor coupled to the memory, and interface circuitry coupled to the processor. The processor is operative to control the output of authentication information via the interface circuitry, where the authentication information comprises a sequence of values corresponding to images of a hash chain. A given one of the values of the sequence is utilized by a second processing device to generate a modified value suitable for providing joint authentication of the first and second processing devices.
摘要翻译：可以是例如无线认证令牌或RFID标签的第一处理设备包括存储器，耦合到存储器的处理器和耦合到处理器的接口电路。处理器可操作以经由接口电路来控制认证信息的输出，其中认证信息包括对应于散列链的图像的一系列值。序列的给定值之一被第二处理装置利用以产生适于提供第一和第二处理装置的联合认证的修改值。

15. 发明申请

US20090125084A1 Access Control for Implanted Medical Devices 有权
标题翻译：植入医疗器械的门禁控制
公开(公告)号：US20090125084A1
公开(公告)日：2009-05-14
申请号：US12251036
申请日：2008-10-14
申请人： Ari Juels , Daniel Vernon Bailey
发明人： Ari Juels , Daniel Vernon Bailey
IPC分类号： A61N1/08
CPC分类号： A61N1/37252 , A61B5/0031 , A61B90/98 , A61B2560/0271 , A61N1/37235 , A61N1/37282 , G06F19/00 , G06F21/31 , G06F21/6245 , G06Q50/24 , G16H40/63
摘要： Enhanced security is provided in a system comprising a medical device and a monitoring device. The medical device is configured for implantation into a living organism, and comprises processing circuitry and an interface for communicating with the monitoring device. Access to the medical device by the monitoring device is controlled based on measurement of one or more physiological values of the living organism by at least one of the two devices. In an illustrative embodiment, the medical device and the monitoring device are configured to include respective physiological value sensors for measuring respective dynamic physiological values of the living organism. The medical device is further configured to determine if the dynamic physiological values are sufficiently similar to one another and to grant or deny the monitoring device access to the medical device based on the determination.
摘要翻译：在包括医疗装置和监视装置的系统中提供增强的安全性。医疗装置被配置为植入生物体，并且包括处理电路和用于与监视装置通信的接口。基于由两个装置中的至少一个测量生物体的一个或多个生理值来控制由监视装置对医疗装置的访问。在说明性实施例中，医疗装置和监视装置被配置为包括用于测量活体的各个动态生理值的各自的生理值传感器。医疗设备还被配置为确定动态生理值是否彼此足够相似，并且基于该确定来授予或拒绝监视设备对医疗设备的访问。

16. 发明申请

US20080009345A1 Gaming Systems with Authentication Token Support 有权
标题翻译：具有认证令牌支持的游戏系统
公开(公告)号：US20080009345A1
公开(公告)日：2008-01-10
申请号：US11774857
申请日：2007-07-09
申请人： Daniel Bailey , Burton Kaliski , Ari Juels , Ronald Rivest
发明人： Daniel Bailey , Burton Kaliski , Ari Juels , Ronald Rivest
IPC分类号： G06F17/00
CPC分类号： G07F17/3251 , G07F17/32
摘要： Techniques for providing authentication functionality in a gaming system are disclosed. In one aspect, a gaming system is configured such that, at a given point during a current session of a game in progress that involves at least one user previously granted access by the system to participate in the current session, information available from an authentication token associated with the user is obtained prior to allowing the user to take a particular action in the game. A determination is made as to whether or not the user will be allowed to take the particular action in the game, based on the obtained information. The obtained information may comprise, for example, at least a portion of a one-time password generated by a hardware or software authentication token.
摘要翻译：公开了一种用于在游戏系统中提供认证功能的技术。在一个方面，游戏系统被配置为使得在正在进行的游戏的当前会话期间的给定点处涉及至少一个用户先前被系统授权参与当前会话的访问，来自认证令牌的信息在允许用户在游戏中采取特定动作之前获得与用户相关联。根据所获得的信息确定用户是否将被允许在游戏中采取特定动作。获得的信息可以包括例如由硬件或软件认证令牌生成的一次性密码的至少一部分。

17. 发明申请

US20060037073A1 PIN recovery in a smart card 有权
标题翻译：智能卡中的PIN恢复
公开(公告)号：US20060037073A1
公开(公告)日：2006-02-16
申请号：US10903898
申请日：2004-07-30
申请人： Ari Juels , Ryan Culbertson , Andrea Doherty , Darren Dupre , Norik Kocharyan
发明人： Ari Juels , Ryan Culbertson , Andrea Doherty , Darren Dupre , Norik Kocharyan
IPC分类号： H04L9/32 , G06F12/14 , G06K19/06
CPC分类号： G07F7/1008 , G06F21/31 , G06F21/34 , G06F21/40 , G06F21/77 , G06F2221/2103 , G06F2221/2131 , G06Q20/341 , G06Q20/367 , G06Q20/40145
摘要： A method of controlling access to resources on a smart card, the method involving: providing a list of n questions for presentation to the user, where n is an integer; receiving from the user answers to questions among the list of n questions; determining how many of the received answers are correct; and if a sufficient number of the n questions was answered correctly, granting access to the resources on the smart card.
摘要翻译：一种控制对智能卡上的资源的访问的方法，所述方法包括：提供用于呈现给用户的n个问题的列表，其中n是整数; 从用户那里收到n个问题列表中的问题的答案; 确定接收到的答案中有多少是正确的; 并且如果正确答复了足够数量的n个问题，则授予访问智能卡上的资源的权限。

18. 发明申请

US20060033608A1 Proxy device for enhanced privacy in an RFID system 有权
标题翻译：用于RFID系统中增强隐私的代理设备
公开(公告)号：US20060033608A1
公开(公告)日：2006-02-16
申请号：US11193729
申请日：2005-07-29
申请人： Ari Juels , Daniel Bailey
发明人： Ari Juels , Daniel Bailey
IPC分类号： H04Q5/22 , G06K7/00 , G08B13/14
CPC分类号： G06K19/07336
摘要： A proxy device is disclosed for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with the proxy device and one or more of the RFID devices. The proxy device acquires information characterizing at least a given one of the RFID devices, controls the given RFID device so as to at least partially prevent the given RFID device from being read by the reader, and communicates with the reader in a manner which simulates the given RFID device. This advantageously allows the proxy device to implement privacy policies of arbitrary sophistication on behalf of the given RFID device. The proxy device subsequently releases control of the given RFID device so as to permit the given RFID device to again be read by the reader.
摘要翻译：公开了用于RFID系统中的代理设备，该RFID系统包括多个RFID设备和至少一个与代理设备和一个或多个RFID设备通信的读取器。代理设备获取表征至少一个给定的RFID设备的信息，控制给定的RFID设备，以至少部分地防止给定的RFID设备被读取器读取，并以模拟该设备的方式与读取器通信给定RFID设备。这有利地允许代理设备代表给定的RFID设备实现任意复杂的隐私策略。代理设备随后释放给定RFID设备的控制，以便允许读取器再次读取给定的RFID设备。

19. 发明授权

US06970070B2 Method and apparatus for selective blocking of radio frequency identification devices 有权
标题翻译：用于选择性地阻断射频识别装置的方法和装置
公开(公告)号：US06970070B2
公开(公告)日：2005-11-29
申请号：US10673540
申请日：2003-09-29
申请人： Ari Juels , Ronald L. Rivest , Michael Szydlo
发明人： Ari Juels , Ronald L. Rivest , Michael Szydlo
IPC分类号： G06K19/07 , H04Q5/22 , G08B13/14
CPC分类号： G06K7/0008 , G06K19/0723 , G06K19/07336
摘要： Techniques are disclosed for providing enhanced privacy in an RFID system comprising a plurality of RFID devices, each having an associated identifier, and at least one reader which communicates with one or more of the devices. A blocker device is operative to receive a communication directed from the reader to one or more of the RFID devices, and to generate, possibly based on information in the received communication, an output transmittable to the reader. The output simulates one or more responses from at least one of the RFID devices in a manner which prevents the reader from determining at least a portion of the identifier of at least one of the RFID devices. The blocker device may itself comprise one of the RFID devices. In an illustrative embodiment, the output generated by the blocker device interferes with the normal operation of a singulation algorithm implemented by the reader.
摘要翻译：公开了用于在RFID系统中提供增强的隐私的技术，其包括多个RFID设备，每个RFID设备具有相关联的标识符，以及至少一个与一个或多个设备通信的读取器。阻止装置可操作以接收从读取器指向一个或多个RFID装置的通信，并且可能基于所接收的通信中的信息生成可读取器的输出。该输出以防止读取器确定RFID设备中的至少一个的标识符的至少一部分的方式来模拟来自至少一个RFID设备的一个或多个响应。阻塞装置本身可以包括RFID装置之一。在说明性实施例中，由阻塞装置产生的输出干扰由读取器实现的分割算法的正常操作。

20. 发明授权

US09471777B1 Scheduling of defensive security actions in information processing systems 有权
标题翻译：在信息处理系统中安排防御性安全措施
公开(公告)号：US09471777B1
公开(公告)日：2016-10-18
申请号：US13404839
申请日：2012-02-24
申请人： Ari Juels , Marten Erik van Dijk , Alina M. Oprea , Ronald L. Rivest
发明人： Ari Juels , Marten Erik van Dijk , Alina M. Oprea , Ronald L. Rivest
IPC分类号： H04L29/06 , G06F21/55
CPC分类号： G06F21/55 , G06F21/45 , H04L9/002 , H04L63/1441
摘要： A processing device is configured to identify a plurality of defensive security actions to be taken to address a persistent security threat to a system comprising information technology infrastructure, and to determine a schedule for performance of the defensive security actions based at least in part on a selected distribution derived from a game-theoretic model, such as a delayed exponential distribution or other type of modified exponential distribution. The system subject to the persistent security threat is configured to perform the defensive security actions in accordance with the schedule in order to deter the persistent security threat. The distribution may be selected so as to optimize defender benefit in the context of the game-theoretic model, where the game-theoretic model may comprise a stealthy takeover game in which attacker and defender entities can take actions at any time but cannot determine current game state without taking an action.
摘要翻译：处理设备被配置为识别要采取的多个防御性安全措施以解决对包括信息技术基础设施的系统的持续安全威胁，并且至少部分地基于所选择的确定用于执行防御性安全动作的调度衍生自游戏理论模型的分布，例如延迟指数分布或其他类型的修改指数分布。受到持续安全威胁的系统被配置为根据时间表执行防御性安全措施，以便阻止持续的安全威胁。可以选择分配，以便在游戏理论模型的上下文中优化后卫利益，其中游戏理论模型可以包括隐形收购游戏，其中攻击者和后卫实体可以随时采取行动但不能确定当前游戏状态而不采取行动。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式