专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明授权

US09015489B2 Securing passwords against dictionary attacks 有权
标题翻译：保护密码免受字典攻击
公开(公告)号：US09015489B2
公开(公告)日：2015-04-21
申请号：US12755426
申请日：2010-04-07
申请人： Mira Belenkiy , Tolga Acar , Henry Nelson Jerez Morales , Alptekin Kupcu
发明人： Mira Belenkiy , Tolga Acar , Henry Nelson Jerez Morales , Alptekin Kupcu
IPC分类号： G06F21/00 , G06F7/04 , H04L29/06 , H04L9/08 , H04L9/32
CPC分类号： H04L63/0428 , H04L9/0841 , H04L9/3226 , H04L9/3271 , H04L63/06 , H04L63/083 , H04L63/0853
摘要： Described herein are various technologies pertaining to constructions of a password-based authentication protocol that are configured to allow a user to register with and authenticate to an online service without the online service receiving a password or a deterministic function of the password of the user. When registering with an online service, a client computing device establishes a cryptographically strong random secret and stores an encryption of such secret with a data storage device. The storage device also never receives the password or a deterministic function of the password. When the user wishes to authenticate to the online service, the user employs her password to retrieve the encrypted secret from the storage device, decrypts such secret, and utilizes the decrypted secret to answer a cryptographically strong challenge provided to the user by the online service upon the online service receiving a username pertaining to such user.
摘要翻译：这里描述的是涉及基于密码的认证协议的构造的各种技术，其被配置为允许用户在没有在线服务接收密码或用户的密码的确定性功能的情况下向在线服务注册和认证。当在线服务注册时，客户端计算设备建立密码强的随机秘密，并将这种秘密的加密存储在数据存储设备中。存储设备也从不接收密码或密码的确定性功能。当用户希望对在线服务进行身份验证时，用户使用她的密码从存储设备中取回加密的秘密，解密这样的秘密，并利用解密的秘密来回答由在线服务提供给用户的加密强大的挑战，该在线服务接收与该用户有关的用户名。

12. 发明申请

US20110252229A1 SECURING PASSWORDS AGAINST DICTIONARY ATTACKS 有权
标题翻译：安全口令反对字典攻击
公开(公告)号：US20110252229A1
公开(公告)日：2011-10-13
申请号：US12755426
申请日：2010-04-07
申请人： Mira Belenkiy , Tolga Acar , Henry Nelson Jerez Morales , Alptekin Kupcu
发明人： Mira Belenkiy , Tolga Acar , Henry Nelson Jerez Morales , Alptekin Kupcu
IPC分类号： H04L29/06 , H04L9/32
CPC分类号： H04L63/0428 , H04L9/0841 , H04L9/3226 , H04L9/3271 , H04L63/06 , H04L63/083 , H04L63/0853
摘要： Described herein are various technologies pertaining to constructions of a password-based authentication protocol that are configured to allow a user to register with and authenticate to an online service without the online service receiving a password or a deterministic function of the password of the user. When registering with an online service, a client computing device establishes a cryptographically strong random secret and stores an encryption of such secret with a data storage device. The storage device also never receives the password or a deterministic function of the password. When the user wishes to authenticate to the online service, the user employs her password to retrieve the encrypted secret from the storage device, decrypts such secret, and utilizes the decrypted secret to answer a cryptographically strong challenge provided to the user by the online service upon the online service receiving a username pertaining to such user.
摘要翻译：这里描述的是涉及基于密码的认证协议的构造的各种技术，其被配置为允许用户在没有在线服务接收密码或用户的密码的确定性功能的情况下向在线服务注册和认证。当在线服务注册时，客户端计算设备建立密码强的随机秘密，并将这种秘密的加密存储在数据存储设备中。存储设备也从不接收密码或密码的确定性功能。当用户希望对在线服务进行身份验证时，用户使用她的密码从存储设备中取回加密的秘密，解密这样的秘密，并利用解密的秘密来回答由在线服务提供给用户的加密强大的挑战，该在线服务接收与该用户有关的用户名。

13. 发明申请

US20080263361A1 Cryptographically strong key derivation using password, audio-visual and mental means 审中-公开
标题翻译：使用密码，视听和心理手段的密码型强密码派生
公开(公告)号：US20080263361A1
公开(公告)日：2008-10-23
申请号：US11788687
申请日：2007-04-20
申请人： Tanmoy Dutta , Sunil Kadam , Tolga Acar
发明人： Tanmoy Dutta , Sunil Kadam , Tolga Acar
IPC分类号： H04L9/00
CPC分类号： H04L9/0863 , H04L9/0891 , H04L2209/60 , H04L2209/80
摘要： A security system that uses a cryptographic key derived from human interaction with media. The system employs a set of parameters that includes user responses to graphical media and/or audio data, among other parameters. The architecture adds a fourth dimension to the conventional authentication means in order to make at least an offline attack on the key much more difficult. In addition to a standard set of parameters such as password, salt (random bits inserted into the encryption process) and iteration count, the system further utilizes information in the form of “what the user does” by presenting and prompting the user to interact with media in some way. The media can include audio information, video information, and/or image information, for example.
摘要翻译：一种安全系统，它使用与媒体进行人工交互导出的加密密钥。系统采用一组参数，其中包括用户对图形媒体和/或音频数据的响应以及其他参数。该体系结构为常规认证手段增加了第四个维度，以便至少使密钥的脱机攻击更加困难。除了密码，盐（插入加密过程中的随机位）和迭代计数等一系列参数之外，系统还通过呈现和提示用户进行交互来进一步利用“用户所做的”形式的信息媒体在某种程度上媒体可以包括例如音频信息，视频信息和/或图像信息。

14. 发明申请

US20080181412A1 CRYPTOGRAPHIC KEY CONTAINERS ON A USB TOKEN 有权
标题翻译： USB TOKEN上的CRYPTOGRAPHIC KEY CONTAINERS
公开(公告)号：US20080181412A1
公开(公告)日：2008-07-31
申请号：US11627466
申请日：2007-01-26
申请人： Tolga Acar , Carl M. Ellison
发明人： Tolga Acar , Carl M. Ellison
IPC分类号： H04L9/08
CPC分类号： G06F21/6209 , G06F21/79 , H04L9/0897
摘要： A Universal Serial Bus (USB) compatible storage device is utilized as a security token for storage of cryptographic keys. A cryptographic subsystem of a processor accesses cryptographic keys in containers on the USB compatible storage device. Accessing includes storing and/or retrieving. The processor does not include an infrastructure dedicated to the USB compatible storage device. Cryptographic key storage is redirected from an in-processor container to the USB compatible storage device. No password or PIN is required to access the cryptographic keys, yet enhanced security is provided. Utilizing a USB compatible storage device for a cryptographic key container provides a convenient, portable, mechanism for carrying the cryptographic key, and additional security is provided via physical possession of the device.
摘要翻译：通用串行总线（USB）兼容存储设备被用作存储加密密钥的安全令牌。处理器的加密子系统访问USB兼容存储设备上的容器中的加密密钥。访问包括存储和/或检索。处理器不包括专用于USB兼容存储设备的基础设施。加密密钥存储从处理器内容器重定向到USB兼容的存储设备。不需要密码或密码来访问加密密钥，但提供了增强的安全性。利用用于加密密钥容器的USB兼容存储设备提供用于携带加密密钥的便利的便携式机制，并且通过物理拥有该设备来提供额外的安全性。

15. 发明授权

US08588421B2 Cryptographic key containers on a USB token 有权
标题翻译： USB令牌上的加密密钥容器
公开(公告)号：US08588421B2
公开(公告)日：2013-11-19
申请号：US11627466
申请日：2007-01-26
申请人： Tolga Acar , Carl M. Ellison
发明人： Tolga Acar , Carl M. Ellison
IPC分类号： G06F21/00
CPC分类号： G06F21/6209 , G06F21/79 , H04L9/0897
摘要： A Universal Serial Bus (USB) compatible storage device is utilized as a security token for storage of cryptographic keys. A cryptographic subsystem of a processor accesses cryptographic keys in containers on the USB compatible storage device. Accessing includes storing and/or retrieving. The processor does not include an infrastructure dedicated to the USB compatible storage device. Cryptographic key storage is redirected from an in-processor container to the USB compatible storage device. No password or PIN is required to access the cryptographic keys, yet enhanced security is provided. Utilizing a USB compatible storage device for a cryptographic key container provides a convenient, portable, mechanism for carrying the cryptographic key, and additional security is provided via physical possession of the device.
摘要翻译：通用串行总线（USB）兼容存储设备被用作存储加密密钥的安全令牌。处理器的加密子系统访问USB兼容存储设备上的容器中的加密密钥。访问包括存储和/或检索。处理器不包括专用于USB兼容存储设备的基础设施。加密密钥存储从处理器内容器重定向到USB兼容的存储设备。不需要密码或密码来访问加密密钥，但提供了增强的安全性。利用用于加密密钥容器的USB兼容存储设备提供用于携带加密密钥的便利的便携式机制，并且通过物理拥有该设备来提供额外的安全性。

16. 发明申请

US20120173885A1 KEY MANAGEMENT USING TRUSTED PLATFORM MODULES 有权
标题翻译：使用有争议的平台模块进行关键管理
公开(公告)号：US20120173885A1
公开(公告)日：2012-07-05
申请号：US12982235
申请日：2010-12-30
申请人： Tolga Acar , Brian LaMacchia , Henry Jerez Morales , Lan Duy Nguyen , David Robinson , Talha Bin Tariq
发明人： Tolga Acar , Brian LaMacchia , Henry Jerez Morales , Lan Duy Nguyen , David Robinson , Talha Bin Tariq
IPC分类号： G06F12/14 , H04L9/00 , G06F21/00
CPC分类号： H04L9/0877 , G06F21/602
摘要： Described herein are techniques for distributed key management (DKM) in cooperation with Trusted Platform Modules (TPMs). The use of TPMs strengthens the storage and processing security surrounding management of distributed keys. DKM-managed secret keys are not persistently stored in clear form. In effect, the TPMs of participating DKM nodes provide security for DKM keys, and a DKM key, once decrypted with a TPM, is available to be used from memory for ordinary cryptographic operations to encrypt and decrypt user data. TPM public keys can be used to determine the set of trusted nodes to which TPM-encrypted secret keys can be distributed.
摘要翻译：这里描述的是与可信平台模块（TPM）合作的分布式密钥管理（DKM）技术。 TPM的使用加强了分布式密钥管理周围的存储和处理安全性。 DKM管理的秘密密钥不会以清晰的形式持久存储。实际上，参与的DKM节点的TPM为DKM密钥提供安全性，一旦用TPM解密的DKM密钥可用于从存储器中用于普通加密操作以加密和解密用户数据。可以使用TPM公钥来确定可以分发TPM加密的密钥的可信节点集合。

17. 发明申请

US20120144459A1 REVOKING DELEGATABLE ANONYMOUS CREDENTIALS 有权
标题翻译：取消可取代的匿名证书
公开(公告)号：US20120144459A1
公开(公告)日：2012-06-07
申请号：US12961505
申请日：2010-12-07
申请人： Lan Nguyen , Tolga Acar
发明人： Lan Nguyen , Tolga Acar
IPC分类号： H04L9/32
CPC分类号： H04L9/0891 , H04L9/3218 , H04L2209/38 , H04L2209/42
摘要： The claimed subject matter provides a method for revoking delegatable anonymous credentials. The method includes receiving a request to revoke an anonymous credential. The anonymous credential may be representative of an ability to prove non-membership in an accumulator for a first entity. The method also includes revoking the anonymous credential from the first entity in response to the request to revoke the anonymous credential. Additionally, the method includes revoking the anonymous credential from a second entity in response to the request to revoke the anonymous credential. The first entity delegates the anonymous credential to the second entity.
摘要翻译：所要求保护的主题提供了撤销可委托匿名凭证的方法。该方法包括接收撤销匿名凭证的请求。匿名凭证可以代表证明第一实体的累加器的不隶属的能力。该方法还包括响应于撤销匿名凭证的请求，从第一实体撤销匿名凭证。此外，该方法包括响应于撤销匿名凭证的请求，从第二实体撤销匿名凭证。第一个实体将匿名凭证委托给第二个实体。

18. 发明申请

US20090199299A1 INTEGRATED USER EXPERIENCE WHILE ALLOCATING LICENSES WITHIN VOLUME LICENSING SYSTEMS 审中-公开
标题翻译：在批量许可系统中分配许可证时的集成用户体验
公开(公告)号：US20090199299A1
公开(公告)日：2009-08-06
申请号：US12024099
申请日：2008-01-31
申请人： Casey Alexander John McKinnon , Damien Gallot , Michael Kostersitz , Thomas William Keane , Ashish Sikka , Marc Andrew Walker , Anandhi Somasekaran , Sarang Tekmalkar , Tolga Acar
发明人： Casey Alexander John McKinnon , Damien Gallot , Michael Kostersitz , Thomas William Keane , Ashish Sikka , Marc Andrew Walker , Anandhi Somasekaran , Sarang Tekmalkar , Tolga Acar
IPC分类号： G06F21/00
CPC分类号： G06F21/10
摘要： This description provides tools for providing integrated user experiences while allocating licenses within volume licensing systems. These tools may provide methods that include sending information for presenting licensing portals at recipient organizations. The licensing portals may include representations of properties licensed by the organizations, and may include indications of how many licenses remain available for allocation. The methods may include receiving and validating licensing requests. The tools may provide other methods that include requesting and receiving information for presenting the licensing portals, as well as requesting and receiving licensing-related actions from the licensing systems. The tools may provide still other methods that include receiving requests for information to present launch portals, with these requests incorporating user identifiers for particular end-users. These methods may also populate the launch portals with representations of properties for which the end-users are licensed, and may send the information for the launch portals to licensee organizations.
摘要翻译：该描述提供了在批量许可系统中分配许可证的同时提供集成用户体验的工具。这些工具可能提供方法，包括发送信息，以便在收件人组织中呈现许可门户。许可门户可以包括由组织许可的属性的表示，并且可以包括有多少许可证仍然可用于分配的指示。这些方法可能包括接收和验证许可请求。这些工具可能提供其他方法，其中包括请求和接收许可证门户网站的信息，以及从许可证系统请求和接收许可相关的操作。这些工具可以提供其他方法，其中包括接收用于呈现发射门户的信息的请求，这些请求包含特定最终用户的用户标识符。这些方法还可以使用最终用户许可的属性表示填充启动门户，并且可以向被许可方组织发送启动门户的信息。

19. 发明申请

US20150220927A1 METHOD, APPARATUS AND SYSTEM FOR PROVIDING TRANSACTION INDEMNIFICATION 审中-公开
标题翻译：提供交易赔偿的方法，装置和系统
公开(公告)号：US20150220927A1
公开(公告)日：2015-08-06
申请号：US14129543
申请日：2013-09-25
申请人： Ned M. SMITH , Thomas J. SAWICKI , Rajiv MATHUR , Tolga ACAR , Yuriy BULYGIN , Thomas G. WILLIS , Intel Corporation
发明人： Ned M. Smith , Thomas J. Sawicki , Rajiv Mathur , Tolga Acar , Yuriy Bulygin , Thomas G. Willis
IPC分类号： G06Q20/40 , H04L29/08
CPC分类号： G06Q20/4016 , G06Q30/06 , G06Q40/08 , H04L67/10
摘要： Techniques and mechanisms to provide indemnification for a transaction involving communications between networked devices. In an embodiment, attestation logic of a first device sends to a second device attestation information to indicate a trustworthiness level of first device. Based on the attestation information, indemnification logic of the second device determines an indemnification value representing a cost of an indemnification for a first transaction. Indemnification logic of the first device receives the indemnification value and determines, based on the indemnification value, whether a participation in the transaction is to take place.
摘要翻译：为涉及网络设备之间通信的交易提供赔偿的技术和机制。在一个实施例中，第一设备的认证逻辑发送到第二设备认证信息以指示第一设备的可信赖级别。基于认证信息，第二设备的赔偿逻辑确定代表第一交易的赔偿成本的赔偿价值。第一设备的赔偿逻辑接收赔偿价值，并根据赔偿价值确定是否要进行交易。

20. 发明授权

US09026805B2 Key management using trusted platform modules 有权
标题翻译：使用可信平台模块进行密钥管理
公开(公告)号：US09026805B2
公开(公告)日：2015-05-05
申请号：US12982235
申请日：2010-12-30
申请人： Tolga Acar , Brian LaMacchia , Henry Jerez Morales , Lan Duy Nguyen , David Robinson , Talha Bin Tariq
发明人： Tolga Acar , Brian LaMacchia , Henry Jerez Morales , Lan Duy Nguyen , David Robinson , Talha Bin Tariq
IPC分类号： H04L9/08 , G06F21/60
CPC分类号： H04L9/0877 , G06F21/602
摘要： Described herein are techniques for distributed key management (DKM) in cooperation with Trusted Platform Modules (TPMs). The use of TPMs strengthens the storage and processing security surrounding management of distributed keys. DKM-managed secret keys are not persistently stored in clear form. In effect, the TPMs of participating DKM nodes provide security for DKM keys, and a DKM key, once decrypted with a TPM, is available to be used from memory for ordinary cryptographic operations to encrypt and decrypt user data. TPM public keys can be used to determine the set of trusted nodes to which TPM-encrypted secret keys can be distributed.
摘要翻译：这里描述的是与可信平台模块（TPM）合作的分布式密钥管理（DKM）技术。 TPM的使用加强了分布式密钥管理周围的存储和处理安全性。 DKM管理的秘密密钥不会以清晰的形式持久存储。实际上，参与的DKM节点的TPM为DKM密钥提供安全性，一旦用TPM解密的DKM密钥可用于从存储器中用于普通加密操作以加密和解密用户数据。可以使用TPM公钥来确定可以分发TPM加密的密钥的可信节点集合。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式