专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明申请

US20120213370A1 SECURE MANAGEMENT AND PERSONALIZATION OF UNIQUE CODE SIGNING KEYS 审中-公开
标题翻译：安全管理和个性化独特的代码签名
公开(公告)号：US20120213370A1
公开(公告)日：2012-08-23
申请号：US13150636
申请日：2011-06-01
申请人： Stuart P. Moskovics , Xin Qiu , Joel D. Voss , Alexander Medvinsky
发明人： Stuart P. Moskovics , Xin Qiu , Joel D. Voss , Alexander Medvinsky
IPC分类号： H04L9/08
CPC分类号： G06F21/57
摘要： A method and system generates and distributes unique cryptographic device keys. The method includes generating at least a first device key and encrypting the first device key with a first encrypting key to produce a first encrypted copy of the device key. The method also includes encrypting the first device key with a second encrypting key to produce a second encrypted copy of the device key. The second encrypting key is different from said first encrypting key. The first and second encrypted copies of the device keys are associated with a device ID identifying a computing device being manufactured. The second encrypted copy of the device key is loaded onto the computing device. The first encrypted copy of the device key and the device ID with which it is associated are stored onto at least one server for subsequent use after the computing device has been deployed to a customer.
摘要翻译：方法和系统生成和分发唯一的加密设备密钥。该方法包括至少生成第一设备密钥并用第一加密密钥加密第一设备密钥以产生设备密钥的第一加密副本。该方法还包括用第二加密密钥加密第一设备密钥以产生设备密钥的第二加密副本。第二加密密钥与所述第一加密密钥不同。设备密钥的第一和第二加密副本与标识正在制造的计算设备的设备ID相关联。设备密钥的第二个加密副本被加载到计算设备上。在将计算设备部署到客户之后，设备密钥的第一加密副本和与其相关联的设备ID被存储在至少一个服务器上用于随后的使用。

12. 发明授权

US08370626B2 Method and apparatus for a configurable online public key infrastructure (PKI) management system 有权
标题翻译：可配置在线公钥基础设施（PKI）管理系统的方法和装置
公开(公告)号：US08370626B2
公开(公告)日：2013-02-05
申请号：US12854922
申请日：2010-08-12
申请人： Jiajing Liu , Thomas J. Barbour , Liqiang Chen , Ying Chen , Wei Lin Chou , Christopher P. Gardner , Stuart P. Moskovics , Xin Qiu , Chia Ling Tsai , Ting Yao
发明人： Jiajing Liu , Thomas J. Barbour , Liqiang Chen , Ying Chen , Wei Lin Chou , Christopher P. Gardner , Stuart P. Moskovics , Xin Qiu , Chia Ling Tsai , Ting Yao
IPC分类号： H04L9/00
CPC分类号： H04L9/3265 , H04L9/007
摘要： A method and apparatus are provided for generating identity data to be provisioned in product devices that are a part of a project. The method includes establishing a template associated with each CA in a hierarchical chain of CAs having a root CA at a highest level in the chain and a signing CA at a lowest level in the chain. The template associated with the signing CA inherits mandatory attribute fields specified in the root CA and any intermediate CA in the hierarchical chain. The mandatory attribute fields are user-specifiable fields to be populated with PKI data. A configuration file is generated upon receipt of an order for digital certificates using PKI data provided by a user to populate the mandatory attribute fields of the template associated with the signing CA. The digital certificates requested in the order are generated using the PKI data in the configuration file.
摘要翻译：提供了一种用于生成作为项目的一部分的产品设备中提供的身份数据的方法和装置。该方法包括在具有链中最高级别的根CA的CA的分级链中建立与每个CA相关联的模板以及链中最低级的签名CA。与签名CA相关联的模板继承根CA中指定的强制属性字段和层级链中的任何中间CA。强制属性字段是要填充PKI数据的用户指定字段。使用由用户提供的PKI数据接收到数字证书的订单时，生成配置文件来填充与签名CA相关联的模板的强制属性字段。使用配置文件中的PKI数据生成订单中请求的数字证书。

13. 发明申请

US20110047374A1 METHOD AND APPARATUS FOR A CONFIGURABLE ONLINE PUBLIC KEY INFRASTRUCTURE (PKI) MANAGEMENT SYSTEM 有权
标题翻译：可配置在线公钥基础设施（PKI）管理系统的方法与装置
公开(公告)号：US20110047374A1
公开(公告)日：2011-02-24
申请号：US12854922
申请日：2010-08-12
申请人： Jiajing Liu , Thomas J. Barbour , Liqiang Chen , Ying Chen , Wei Lin Chou , Christopher P. Gardner , Stuart P. Moskovics , Xin Qiu , Chia Ling Tsai , Ting Yao
发明人： Jiajing Liu , Thomas J. Barbour , Liqiang Chen , Ying Chen , Wei Lin Chou , Christopher P. Gardner , Stuart P. Moskovics , Xin Qiu , Chia Ling Tsai , Ting Yao
IPC分类号： H04L9/00
CPC分类号： H04L9/3265 , H04L9/007
摘要： A method and apparatus are provided for generating identity data to be provisioned in product devices that are a part of a project. The method includes establishing a template associated with each CA in a hierarchical chain of CAs having a root CA at a highest level in the chain and a signing CA at a lowest level in the chain. The template associated with the signing CA inherits mandatory attribute fields specified in the root CA and any intermediate CA in the hierarchical chain. The mandatory attribute fields are user-specifiable fields to be populated with PKI data. A configuration file is generated upon receipt of an order for digital certificates using PKI data provided by a user to populate the mandatory attribute fields of the template associated with the signing CA. The digital certificates requested in the order are generated using the PKI data in the configuration file.
摘要翻译：提供了一种用于生成作为项目的一部分的产品设备中提供的身份数据的方法和装置。该方法包括在具有链中最高级别的根CA的CA的分级链中建立与每个CA相关联的模板以及链中最低级的签名CA。与签名CA相关联的模板继承根CA中指定的强制属性字段和层级链中的任何中间CA。强制属性字段是要填充PKI数据的用户指定字段。使用由用户提供的PKI数据接收到数字证书的订单时，生成配置文件来填充与签名CA相关联的模板的强制属性字段。使用配置文件中的PKI数据生成订单中请求的数字证书。

14. 发明申请

US20090006852A1 Method and Apparatus for Securing Unlock Password Generation and Distribution 有权
标题翻译：用于保护解密密码生成和分发的方法和装置
公开(公告)号：US20090006852A1
公开(公告)日：2009-01-01
申请号：US11768523
申请日：2007-06-26
申请人： Xin Qiu , Liqiang Chen , Stuart P. Moskovics , Kent D. Rager
发明人： Xin Qiu , Liqiang Chen , Stuart P. Moskovics , Kent D. Rager
IPC分类号： H04L9/32
CPC分类号： H04L9/3226 , H04L9/3247 , H04W12/04 , H04W12/08
摘要： A process may be utilized for securing unlock password generation and distribution. A first set of exclusive responsibilities, assigned to a trusted authority, includes random generation and encryption of an unlock password to compose a randomly generated encrypted unlock password. Further, a second set of exclusive responsibilities, assigned to a security agent, includes sending information associated with the unlock password and a digital signature of information associated with the unlock password to a communication device configured for a network in order to mate the unlock password to the communication device, and sending the randomly generated and encrypted unlock password along with mating data to a password processing center. In addition, a third set of exclusive responsibilities, assigned to a password processing center, includes decrypting the randomly generated and encrypted unlock password.
摘要翻译：可以利用一个过程来确保密码生成和分发。分配给受信任的机构的第一套独家责任包括随机生成和加密解锁密码，以组成随机生成的加密解密密码。此外，分配给安全代理的第二组独占责任包括将与解锁密码相关联的信息和与解锁密码相关联的信息的数字签名发送到为网络配置的通信设备，以便将解锁密码与通信设备，并将随机生成和加密的解密密码以及匹配数据发送到密码处理中心。另外，分配给密码处理中心的第三组独占责任包括解密随机产生和加密的解锁密码。

15. 发明授权

US08171527B2 Method and apparatus for securing unlock password generation and distribution 有权
标题翻译：用于确保密码生成和分发的方法和装置
公开(公告)号：US08171527B2
公开(公告)日：2012-05-01
申请号：US11768523
申请日：2007-06-26
申请人： Xin Qiu , Liqiang Chen , Stuart P. Moskovics , Kent D. Rager
发明人： Xin Qiu , Liqiang Chen , Stuart P. Moskovics , Kent D. Rager
IPC分类号： H04L29/06
CPC分类号： H04L9/3226 , H04L9/3247 , H04W12/04 , H04W12/08
摘要： A process may be utilized for securing unlock password generation and distribution. A first set of exclusive responsibilities, assigned to a trusted authority, includes random generation and encryption of an unlock password to compose a randomly generated encrypted unlock password. Further, a second set of exclusive responsibilities, assigned to a security agent, includes sending information associated with the unlock password and a digital signature of information associated with the unlock password to a communication device configured for a network in order to mate the unlock password to the communication device, and sending the randomly generated and encrypted unlock password along with mating data to a password processing center. In addition, a third set of exclusive responsibilities, assigned to a password processing center, includes decrypting the randomly generated and encrypted unlock password.
摘要翻译：可以利用一个过程来确保密码生成和分发。分配给受信任的机构的第一套独家责任包括随机生成和加密解锁密码，以组成随机生成的加密解密密码。此外，分配给安全代理的第二组独占责任包括将与解锁密码相关联的信息和与解锁密码相关联的信息的数字签名发送到为网络配置的通信设备，以便将解锁密码与通信设备，并将随机生成和加密的解密密码以及匹配数据发送到密码处理中心。另外，分配给密码处理中心的第三组独占责任包括解密随机产生和加密的解锁密码。

16. 发明申请

US20130219166A1 HARDWARE BASED IDENTITY MANAGER 审中-公开
标题翻译：基于硬件的身份认证经理
公开(公告)号：US20130219166A1
公开(公告)日：2013-08-22
申请号：US13400217
申请日：2012-02-20
申请人： Todor Ristov , Stuart P. Moskovics
发明人： Todor Ristov , Stuart P. Moskovics
IPC分类号： H04L9/32
CPC分类号： H04L63/0823 , H04L63/0853
摘要： A method for providing authentication credentials to a server over a communications network includes initiating communication with a server over a communications network. The communication is to be established using a secure connection. A message is received from the server over the communications network as well as a request for a digital certificate associated with a first user account accessible to the server. An encrypted private key is decrypted in a secure hardware module to obtain a decrypted private key. The decrypted private key is associated with the first user account. The message received from the server is passed to the secure hardware module. The message is digitally signed in the secure hardware module using the decrypted private key. The digital certificate and the digitally signed message are sent to the server over the communication network.
摘要翻译：通过通信网络向服务器提供认证证书的方法包括通过通信网络发起与服务器的通信。通信将通过安全连接建立。通过通信网络从服务器接收到消息，以及对与服务器可访问的第一用户帐户相关联的数字证书的请求。加密的私钥在安全硬件模块中被解密以获得解密的私钥。解密的私钥与第一用户帐户相关联。从服务器接收的消息传递到安全硬件模块。该消息使用解密的私钥在安全硬件模块中进行数字签名。数字证书和数字签名消息通过通信网络发送到服务器。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式