专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

21. 发明申请

US20080127309A1 System and Method for Virtualized Hypervisor to Detect Insertion of Removable Media 有权
标题翻译：虚拟化管理程序的系统和方法，用于检测可移动介质的插入
公开(公告)号：US20080127309A1
公开(公告)日：2008-05-29
申请号：US11564832
申请日：2006-11-29
申请人： David Carroll Challener , Daryl Cromer , Howard Jeffrey Locker , Randall Scott Springfield
发明人： David Carroll Challener , Daryl Cromer , Howard Jeffrey Locker , Randall Scott Springfield
IPC分类号： G06F21/20
CPC分类号： H04L63/10 , G06F21/552 , G06F2221/2153
摘要： A system and method for using a client-side hypervisor in conjunction with a secure network-side monitoring mechanism to detect removable media insertions since a client's last network session with the secure network is presented. The hypervisor uses a “client-side insertion value” to track the number of times that a user inserts removable media into a socket located on the client. When the client is connected to the secure network, the client's hypervisor notifies the secure network of each insertion and the secure network increments a “secure network-side tracker value.” For each login request, the client includes the client-side insertion value, which the secure network compares against its secure network-side tracker value. When the two values are different, the secure network sends an action request to the client, such as a request to perform a full system scan. Once the client performs the action, the client's hypervisor resets its client-side insertion value and attempts to logon to the secure network again.
摘要翻译：提出了客户端管理程序与安全网络侧监视机制结合使用以检测可移动介质插入的系统和方法，因为客户端与安全网络的最后一次网络会话。管理程序使用“客户端插入值”来跟踪用户将可移动媒体插入位于客户端上的套接字的次数。当客户端连接到安全网络时，客户端的管理程序会将安全网络通知每个插入，并且安全网络会增加“安全网络侧跟踪器值”。对于每个登录请求，客户端包括客户端插入值，安全网络与安全网络侧跟踪器值进行比较。当两个值不同时，安全网络向客户端发送动作请求，例如执行完整系统扫描的请求。一旦客户端执行操作，客户端的管理程序将重置其客户端插入值，并尝试再次登录到安全网络。

22. 发明申请

US20080040613A1 APPARATUS, SYSTEM, AND METHOD FOR SECURE PASSWORD RESET 审中-公开
标题翻译：装置，系统和安全密码重置方法
公开(公告)号：US20080040613A1
公开(公告)日：2008-02-14
申请号：US11464416
申请日：2006-08-14
申请人： David Carroll Challener
发明人： David Carroll Challener
IPC分类号： H04L9/00
CPC分类号： G06F21/31 , G06F2221/2143 , H04L9/0863 , H04L9/3226 , H04L2209/127
摘要： An apparatus, system, and method are disclosed for secure password reset. In one embodiment, an authentication module authenticates a user. An authorization key module retrieves an authorization key from a backup key blob using a backup password. In a certain embodiment, the authorization key module retrieves the authorization key in response to receiving the backup password. A user password module receives a user password. An active blob creation module creates an active key blob comprising the authorization key and the user password, allowing a user to retrieve the authorization key and access a secure asset by providing the user password.
摘要翻译：公开了用于安全密码重置的装置，系统和方法。在一个实施例中，认证模块认证用户。授权密钥模块使用备份密码从备份密钥blob检索授权密钥。在某个实施例中，授权密钥模块响应于接收到备份密码而检索授权密钥。用户密码模块接收用户密码。活动blob创建模块创建包括授权密钥和用户密码的活动密钥blob，允许用户通过提供用户密码来检索授权密钥并访问安全资产。

23. 发明授权

US07143287B2 Method and system for verifying binding of an initial trusted device to a secured processing system 有权
标题翻译：用于验证初始可信设备与安全处理系统的绑定的方法和系统
公开(公告)号：US07143287B2
公开(公告)日：2006-11-28
申请号：US10970461
申请日：2004-10-21
申请人： Steven A. Bade , David Carroll Challener
发明人： Steven A. Bade , David Carroll Challener
IPC分类号： G06F17/30
CPC分类号： G06F21/57
摘要： A method and system for verifying binding of an initial trusted device to a secured processing system binds an initial device or replacement when no binding information is available from another device in the system. A platform credential is issued only when a valid binding is verified, by sending a proof of binding to a credential provider, such as the manufacturer. The method secures against security breaches that can occur when a device is removed from the system during the binding process. The binding information is generated in the device upon installation and includes system identification information so that at each initialization, upon return of binding information from the system to the device, the device can ensure that it is installed in the proper system and abort operation if the system does not match.
摘要翻译：用于验证初始可信设备与安全处理系统的绑定的方法和系统在没有绑定信息可用于系统中的另一设备时绑定初始设备或替换。只有当有效的绑定被验证时，才通过发送绑定到证书提供商（如制造商）的证明来颁发平台凭据。该方法可以防止在绑定过程中从系统中删除设备时可能发生的安全漏洞。捆绑信息在安装时在设备中生成，并且包括系统识别信息，使得在每次初始化时，从系统返回到设备的绑定信息，设备可以确保其被安装在适当的系统中并且如果系统不匹配。

24. 发明申请

US20060184785A1 Apparatus, system, and method for securing I/O communications between a blade and a peripheral interface device of a blade-based computer system 审中-公开
标题翻译：用于保护刀片和基于刀片的计算机系统的外围接口设备之间的I / O通信的装置，系统和方法
公开(公告)号：US20060184785A1
公开(公告)日：2006-08-17
申请号：US11058987
申请日：2005-02-16
申请人： David Carroll Challener , Daryl Carvis Cromer , Steven Dale Goodman , Howard Jeffery Locker , Randall Scott Springfield
发明人： David Carroll Challener , Daryl Carvis Cromer , Steven Dale Goodman , Howard Jeffery Locker , Randall Scott Springfield
IPC分类号： H04L9/00
CPC分类号： G06F21/606 , G06F21/85
摘要： An apparatus, system, and method are disclosed for securing I/O communications between a blade and peripheral interface device. The apparatus includes a determination module, a source security module, and a source communication module. The determination module identifies I/O data configured for transmission to a destination module configured to receive secure I/O data. The source security module encrypts the I/O data to generate secured I/O data such that subsequent decryption of the secured I/O data is restricted to a destination module. The source communication module transmits the secured I/O data over a vulnerable communication link to the destination module. The vulnerable communication link comprises a message intercept vulnerability. The destination module is configured to unencrypt the secure I/O data for a destination device such as a display device.
摘要翻译：公开了用于保护刀片和外围接口设备之间的I / O通信的装置，系统和方法。该装置包括确定模块，源安全模块和源通信模块。确定模块识别配置为传输到配置为接收安全I / O数据的目标模块的I / O数据。源安全模块加密I / O数据以产生安全的I / O数据，使得安全I / O数据的后续解密被限制到目的地模块。源通信模块通过易受攻击的通信链路将目标模块的安全I / O数据发送到目标模块。脆弱的通信链路包括消息拦截漏洞。目的地模块被配置为对诸如显示设备的目的地设备的安全I / O数据进行解密。

25. 发明授权

US06704868B1 Method for associating a pass phase with a secured public/private key pair 有权
标题翻译：将通过阶段与安全的公共/私人密钥对相关联的方法
公开(公告)号：US06704868B1
公开(公告)日：2004-03-09
申请号：US09439235
申请日：1999-11-12
申请人： David Carroll Challener , Richard Alan Dayan , James Peter Ward , Michael Vanover
发明人： David Carroll Challener , Richard Alan Dayan , James Peter Ward , Michael Vanover
IPC分类号： H04L900
CPC分类号： H04L9/32 , H04L9/0863 , H04L9/3226
摘要： A method for associating a pass phrase with a secured public/private key pair is disclosed. A user public/private key pair is first established for a user. The user public/private key pair includes a user public key and a user private key. Then, the user public/private key pair is encrypted along with a random password, utilizing a chip public key. Next, a first symmetric key is generated. The random password is encrypted utilizing the first symmetric key. A first password is generated by hashing a first pass phrase. Finally, the first password is encrypted along with the first symmetric key, also utilizing the chip public key. As a result, a user can access the user private key to perform an authentication function by providing the first pass phrase.
摘要翻译：公开了一种将密码短语与安全公钥/私钥对相关联的方法。首先为用户建立用户公钥/私钥对。用户公钥/私钥对包括用户公钥和用户私钥。然后，利用芯片公开密钥对用户公共/私人密钥对以及随机密码进行加密。接下来，生成第一对称密钥。利用第一个对称密钥加密随机密码。通过散列第一个密码短语生成第一个密码。最后，第一个密码与第一个对称密钥一起被加密，也利用芯片公钥。结果，用户可以通过提供第一密码短语来访问用户专用密钥来执行认证功能。

26. 发明授权

US06182212B2 Method and system for automated migration of user settings to a replacement computer system 有权
标题翻译：将用户设置自动迁移到替换计算机系统的方法和系统
公开(公告)号：US06182212B2
公开(公告)日：2001-01-30
申请号：US09211072
申请日：1998-12-14
申请人： Barry Douglas Atkins , David Carroll Challener , Richard Wayne Cheston
发明人： Barry Douglas Atkins , David Carroll Challener , Richard Wayne Cheston
IPC分类号： G06F9445
CPC分类号： G06F9/4451
摘要： A method and system are disclosed for automating migration of user system settings from an existing computer system to a replacement computer system in response to a user input. Selected portions of the registry, or central hierarchial data base within the existing computer system are automatically copied and stored in response a user input. A plurality of application program interface (API) routines are then initiated to retrieve and store selected settings within the existing computer system. Adapter binding information for all adapters within the existing computer system are retrieved and stored. The selected portions of the registry, selected settings and adapter binding information are then transferred to the replacement computer system and copied into appropriate registry keys, directories and files, effectively transferring the system settings from the existing computer system to the replacement computer system.
摘要翻译：公开了一种用于响应于用户输入自动将用户系统设置从现有计算机系统迁移到替换计算机系统的方法和系统。注册表的所选部分或现有计算机系统中的中央分层数据库将自动复制并存储以响应用户输入。然后启动多个应用程序接口（API）例程以检索和存储现有计算机系统内的所选设置。检索并存储现有计算机系统内所有适配器的适配器绑定信息。然后将注册表，选定设置和适配器绑定信息的选定部分传输到替换计算机系统并复制到适当的注册表项，目录和文件中，将系统设置从现有计算机系统有效地传输到更换计算机系统。

27. 发明授权

US5953001A Computer input stylus and texture control system 失效
标题翻译：电脑输入笔和纹理控制系统
公开(公告)号：US5953001A
公开(公告)日：1999-09-14
申请号：US997026
申请日：1997-12-23
申请人： David Carroll Challener , Palmer E. Newman
发明人： David Carroll Challener , Palmer E. Newman
IPC分类号： G06F3/033 , G06T11/00 , G09G5/00
CPC分类号： G06F3/03545 , G06T11/001
摘要： A computer-input stylus which provides texture control when utilized in conjunction with a computer-implemented software-based drawing application. The input stylus includes a cylindrical body in a conical tip. A color display within the stylus is utilized to illuminate the conical tip with a color indicative of a currently selected color within the software-based drawing application, providing visual color feedback. Texture selection is accomplished utilizing a texture selection input actuator mounted to the cylindrical body of the input stylus. The texture selection input actuator, such as a trackpoint device, is utilized to vary the texture of a selected color or pattern.
摘要翻译：与计算机实现的基于软件的绘图应用程序结合使用时提供纹理控制的计算机输入笔。输入触针包括圆锥形端头的圆柱体。使用触控笔内的彩色显示器以在基于软件的绘图应用程序内的指示当前所选颜色的颜色照亮锥形尖端，从而提供视觉颜色反馈。使用安装到输入触控笔的圆柱体的纹理选择输入致动器来完成纹理选择。纹理选择输入致动器（例如轨迹点装置）用于改变所选颜色或图案的纹理。

28. 发明授权

US08706642B2 Apparatus, system, and method for securely authorizing changes to a transaction restriction 有权
标题翻译：用于安全授权更改交易限制的设备，系统和方法
公开(公告)号：US08706642B2
公开(公告)日：2014-04-22
申请号：US11609814
申请日：2006-12-12
申请人： Stacy John Cannady , David Carroll Challener , Daryl Cromer , Mark Charles Davis , David Rivera , Randall Scott Springfield , Rod D. Waltermann
发明人： Stacy John Cannady , David Carroll Challener , Daryl Cromer , Mark Charles Davis , David Rivera , Randall Scott Springfield , Rod D. Waltermann
IPC分类号： G06Q20/00
CPC分类号： G07F7/08 , G06Q20/24 , G06Q20/26 , G06Q20/3674 , G06Q20/3829 , G06Q20/40 , G06Q20/403 , G06Q20/4037 , H04L9/3231 , H04L9/3234 , H04L2209/56 , H04L2209/805
摘要： An apparatus, system, and method are disclosed for securely authorizing changes to a transaction restriction. A security module securely stores encryption keys for a payment instrument. The payment instrument electronically transacts payments and includes a transaction restriction. An authentication module receives an authentication from a user of the payment instrument. The security module validates the authentication with a first encryption key. In addition, the security module authorizes a change to the transaction restriction using a second encryption key if the authentication is valid. The security module resides on a computer that the user designates as authorized to validate the authentication.
摘要翻译：公开了用于安全地授权对交易限制的改变的装置，系统和方法。安全模块安全地存储付款工具的加密密钥。支付工具以电子方式处理付款，并包括交易限制。验证模块从付款工具的用户接收认证。安全模块使用第一个加密密钥验证身份验证。此外，如果认证有效，则安全模块授权使用第二加密密钥更改事务限制。安全模块驻留在用户指定为授权验证身份验证的计算机上。

29. 发明授权

US08499345B2 Blocking computer system ports on per user basis 有权
标题翻译：按用户身份阻止计算机系统端口
公开(公告)号：US08499345B2
公开(公告)日：2013-07-30
申请号：US12243762
申请日：2008-10-01
申请人： David Carroll Challener , Howard Jeffrey Locker , Joseph Michael Pennisi , Randall Scott Springfield
发明人： David Carroll Challener , Howard Jeffrey Locker , Joseph Michael Pennisi , Randall Scott Springfield
IPC分类号： G06F21/00
CPC分类号： G06F21/6218
摘要： An approach is provided that receives a user identifier from a user of the information handling system. The user identifier can include a username as well as a user authentication code, such as a password. Hardware settings that correspond to the user identifier are retrieved from a nonvolatile memory. Hardware devices, such as ports (e.g., USB controller), network interfaces, storage devices, and boot sequences, are configured using the retrieved hardware settings. After the hardware devices have been configured to correspond to the identified user, an operating system is booted.
摘要翻译：提供一种从信息处理系统的用户接收用户标识符的方法。用户标识符可以包括用户名以及诸如密码的用户认证码。从非易失性存储器检索对应于用户标识符的硬件设置。使用检索的硬件设置来配置诸如端口（例如，USB控制器），网络接口，存储设备和引导顺序的硬件设备。在将硬件设备配置为对应于所识别的用户之后，引导操作系统。

30. 发明授权

US08495361B2 Securely creating an endorsement certificate in an insecure environment 失效
标题翻译：在不安全的环境中安全地创建背书证书
公开(公告)号：US08495361B2
公开(公告)日：2013-07-23
申请号：US11858971
申请日：2007-09-21
申请人： Ryan Charles Catherman , David Carroll Challener , James Patrick Hoff
发明人： Ryan Charles Catherman , David Carroll Challener , James Patrick Hoff
IPC分类号： H04L29/06
CPC分类号： G06F21/57
摘要： A method and system for ensuring security-compliant creation and signing of endorsement keys of manufactured TPMs. The endorsement keys are generated for the TPM. The TPM vendor selects an N-byte secret and stores the N-byte secret in the TPM along with the endorsement keys. The secret number cannot be read outside of the TPM. The secret number is also provided to the OEM's credential server. During the endorsement key (EK) credential process, the TPM generates an endorsement key, which comprises both the public key and a hash of the secret and the public key. The credential server matches the hash within the endorsement key with a second hash of the received public key (from the endorsement key) and the vendor provided secret. The EK certificate is generated and inserted into the TPM only when a match is confirmed.
摘要翻译：一种用于确保制造TPM的签注密钥的安全兼容创建和签名的方法和系统。为TPM生成认可密钥。 TPM供应商选择一个N字节的秘密，并将N字节的秘密与支持密钥一起存储在TPM中。无法在TPM之外读取密码。秘密编号也提供给OEM的凭据服务器。在认可密钥（EK）凭证处理过程中，TPM产生一个签名密钥，其包括公开密钥和密钥的散列以及公开密钥。凭证服务器将签名密钥内的散列与接收到的公钥（来自认可密钥）和供应商提供的秘密的第二散列进行匹配。仅当匹配确认时，EK证书才会生成并插入到TPM中。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式