专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

61. 发明申请

US20120005718A1 TRUSTED NETWORK CONNECT SYSTEM FOR ENHANCING THE SECURITY 有权
标题翻译：用于增强安全性的有效网络连接系统
公开(公告)号：US20120005718A1
公开(公告)日：2012-01-05
申请号：US12672860
申请日：2008-07-21
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： G06F21/20
CPC分类号： H04L63/0876 , H04L9/0844 , H04L9/3263 , H04L41/0893 , H04L63/0823 , H04L63/102 , H04L63/126 , H04L63/20
摘要： Disclosed is a trusted network connect system for enhancing the security, the system including an access requester of the system network that connects to a policy enforcement point in the manner of authentication protocol, and network-connects to the access authorizer via a network authorization transport protocol interface, an integrity evaluation interface and an integrity measurement interface, a policy enforcement point network-connects to the access authorizer via a policy enforcement interface, an access authorizer network-connects to the policy manager via a user authentication authorization interface, a platform evaluation authorization interface and the integrity measurement interface, and an access requester network-connects to a policy manager via the integrity measurement interface.
摘要翻译：公开了一种用于增强安全性的可靠的网络连接系统，该系统包括以认证协议的方式连接到策略执行点的系统网络的访问请求者，并通过网络授权传输协议网络连接到接入授权器接口，完整性评估接口和完整性测量接口，策略执行点网络 - 通过策略执行接口连接到接入授权器，接入授权器网络 - 经由用户认证授权接口连接到策略管理器，平台评估授权接口和完整性测量接口，以及访问请求者网络 - 通过完整性测量界面连接到策略管理器。

62. 发明申请

US20100293370A1 AUTHENTICATION ACCESS METHOD AND AUTHENTICATION ACCESS SYSTEM FOR WIRELESS MULTI-HOP NETWORK 有权
标题翻译：无线多业务网络认证接入方法及认证接入系统
公开(公告)号：US20100293370A1
公开(公告)日：2010-11-18
申请号：US12810374
申请日：2008-12-26
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： H04L9/32
CPC分类号： H04W12/06 , H04L9/0844 , H04L9/3226 , H04L9/3263 , H04L63/061 , H04L63/0807 , H04L2209/80 , H04W12/04 , H04W88/02
摘要： Authentication access method and authentication access system for wireless multi-hop network. Terminal equipment and coordinator have the capability of port control, the coordinator broadcasts a beacon frame, and the terminal equipment selects an authentication and key management suite and transmits a connecting request command to the coordinator. The coordinator performs authentication with the terminal equipment according to the authentication and key management suite which is selected by the terminal equipment, after authenticated, transmits a connecting response command to the terminal equipment. The terminal equipment and the coordinator control the port according to the authentication result, therefore the authenticated access for the wireless multi-hop network is realized. The invention solves the security problem of the wireless multi-hop network authentication method.
摘要翻译：无线多跳网络的认证接入方式和认证接入系统。终端设备和协调器具有端口控制能力，协调器广播信标帧，终端设备选择认证和密钥管理套件，并向协调器发送连接请求命令。协调器根据由终端设备选择的认证和密钥管理套件与终端设备进行认证，经过认证，向终端设备发送连接响应命令。终端设备和协调器根据认证结果对端口进行控制，实现了无线多跳网络的认证接入。本发明解决了无线多跳网络认证方法的安全问题。

63. 发明申请

US20080288777A1 A Peer-to-Peer Access Control Method Based on Ports 有权
标题翻译：基于端口的对等访问控制方法
公开(公告)号：US20080288777A1
公开(公告)日：2008-11-20
申请号：US11816715
申请日：2006-02-21
申请人： Xiaolong Lai , Jun Cao , Bianling Zhang , Zhenhai Huang , Hong Guo
发明人： Xiaolong Lai , Jun Cao , Bianling Zhang , Zhenhai Huang , Hong Guo
IPC分类号： H04L9/32
CPC分类号： H04L63/0869 , H04L9/0894 , H04L9/321 , H04L2209/80
摘要： A port based peer access control method, comprises the steps of: 1) enabling the authentication control entity; 2) two authentication control entities authenticating each other; 3) setting the status of the controlled port. The method may further comprise the steps of enabling the authentication server entity, two authentication subsystems negotiating the key. By modifying the asymmetry of background technique, the invention has advantages of peer control, distinguishable authentication control entity, good scalability, good security, simple key negotiation process, relatively complete system, high flexibility, thus the invention can satisfy the requirements of central management as well as resolve the technical issues of the prior network access control method, including complex process, poor security, poor scalability, so it provides essential guarantee for secure network access.
摘要翻译：一种基于端口的对等接入控制方法，包括步骤：1）启用认证控制实体; 2）两个认证控制实体相互认证; 3）设置受控端口的状态。该方法还可以包括以下步骤：启用认证服务器实体，两个认证子系统协商该密钥。通过修改背景技术的不对称性，本发明具有对等控制，可区分认证控制实体，良好的可扩展性，良好的安全性，简单的密钥协商过程，系统相对完整，灵活性高等优点，因此本发明可以满足中央管理的要求解决现有网络访问控制方法的技术问题，包括复杂过程，安全性差，可扩展性差，为安全网络访问提供了必要的保证。

64. 发明授权

US08631232B2 Wireless personal area network accessing method 有权
标题翻译：无线个域网访问方式
公开(公告)号：US08631232B2
公开(公告)日：2014-01-14
申请号：US12863272
申请日：2009-01-14
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang , Bianling Zhang , Zhiqiang Qin , Qizhu Song
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang , Bianling Zhang , Zhiqiang Qin , Qizhu Song
IPC分类号： H04L29/00
CPC分类号： H04W12/04 , H04L63/205 , H04W12/06
摘要： A wireless personal area network accessing method is provided, the method includes that: a coordinator broadcasts a beacon frame, the beacon frame includes the information about whether the coordinator sends an authentication requirement, the beacon frame also includes the authentication supported by the coordinator and key management package when a device receipts the authentication requirement, the device receives the beacon frame, the authentication between the coordinator and the device is made by using a authentication method corresponding to the authentication supported by the coordinator and key management package, when the device determines that the coordinator and the device is directly made according to the authentication result, or the association between the coordinator and the device is made after making session key negotiation.
摘要翻译：提供了无线个人区域网络访问方法，该方法包括：协调器广播信标帧，信标帧包括关于协调器是否发送认证要求的信息，信标帧还包括由协调器和密钥支持的认证管理包，当设备收到认证要求时，设备收到信标帧，协调器和设备之间的认证是通过使用与协调器和密钥管理包所支持的认证相对应的认证方法进行的，当设备确定协调器和设备根据认证结果直接进行，或者在进行会话密钥协商之后进行协调器与设备之间的关联。

65. 发明授权

US08271780B2 Trusted network connect method for enhancing security 有权
标题翻译：可信网络连接方式，增强安全性
公开(公告)号：US08271780B2
公开(公告)日：2012-09-18
申请号：US12671575
申请日：2008-07-21
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： H04L9/00
CPC分类号： H04L63/0869 , H04L9/0844 , H04L9/3247 , H04L9/3263 , H04L41/0893 , H04L63/0876 , H04L63/105 , H04L63/20 , H04L2209/127
摘要： A trusted network connect method for enhancing security, it pre-prepares platform integrity information, sets an integrity verify demand. A network access requestor initiates an access request, a network access authority starts a process for bi-directional user authentication, begins to perform the triplex element peer authentication protocol with a user authentication service unit. After the success of the bi-directional user authentication, a TNC server and a TNC client perform bi-directional platform integrity evaluation. The network access requestor and the network access authority control ports according to their respective recommendations, implement the mutual access control of the access requestor and the access authority. The present invention solves the technical problems in the background technologies: the security is lower relatively, the access requestor may be unable to verify the validity of the AIK credential and the platform integrity evaluation is not parity. The present invention may simplify the management of the key and the mechanism of integrity verification, expand the application scope of the trusted network connect.
摘要翻译：一种可靠的网络连接方法，用于增强安全性，预先准备平台完整性信息，设置完整性验证需求。网络访问请求者发起访问请求，网络访问权限启动用于双向用户认证的过程，开始与用户认证服务单元一起执行三重元素对等认证协议。在双向用户认证成功之后，TNC服务器和TNC客户端执行双向平台完整性评估。网络访问请求者和网络访问权限控制端口根据各自的建议，实现访问请求者和访问权限的相互访问控制。本发明解决了后台技术中的技术问题：安全性相对较低，访问请求者可能无法验证AIK凭据的有效性，平台完整性评估不是奇偶校验。本发明可以简化密钥的管理和完整性验证的机制，扩大可信网络连接的应用范围。

66. 发明授权

US08176325B2 Peer-to-peer access control method based on ports 有权
标题翻译：基于端口的对等访问控制方法
公开(公告)号：US08176325B2
公开(公告)日：2012-05-08
申请号：US11816715
申请日：2006-02-21
申请人： Xiaolong Lai , Jun Cao , Bianling Zhang , Zhenhai Huang , Hong Guo
发明人： Xiaolong Lai , Jun Cao , Bianling Zhang , Zhenhai Huang , Hong Guo
IPC分类号： H04L29/06
CPC分类号： H04L63/0869 , H04L9/0894 , H04L9/321 , H04L2209/80
摘要： A port based peer access control method, comprises the steps of: 1) enabling the authentication control entity; 2) two authentication control entities authenticating each other; 3) setting the status of the controlled port. The method may further comprise the steps of enabling the authentication server entity, two authentication subsystems negotiating the key. By modifying the asymmetry of background technique, the invention has advantages of peer control, distinguishable authentication control entity, good scalability, good security, simple key negotiation process, relatively complete system, high flexibility, thus the invention can satisfy the requirements of central management as well as resolve the technical issues of the prior network access control method, including complex process, poor security, poor scalability, so it provides essential guarantee for secure network access.
摘要翻译：一种基于端口的对等接入控制方法，包括步骤：1）启用认证控制实体; 2）两个认证控制实体相互认证; 3）设置受控端口的状态。该方法还可以包括以下步骤：启用认证服务器实体，两个认证子系统协商该密钥。通过修改背景技术的不对称性，本发明具有对等控制，可区分认证控制实体，良好的可扩展性，良好的安全性，简单的密钥协商过程，系统相对完整，灵活性高等优点，因此本发明可以满足中央管理的要求解决现有网络访问控制方法的技术问题，包括复杂过程，安全性差，可扩展性差，为安全网络访问提供了必要的保证。

67. 发明申请

US20110162042A1 TRUSTED METWORK MANAGEMENT METHOD OF TRUSTED NETWORK CONNECTIONS BASED ON TRI-ELEMENT PEER AUTHENTICATION 有权
标题翻译：基于三元认证的有源网络连接的有效管理方法
公开(公告)号：US20110162042A1
公开(公告)日：2011-06-30
申请号：US13059798
申请日：2009-08-20
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： G06F15/16
CPC分类号： H04L41/28 , H04L9/3234 , H04L9/3263 , H04L63/0823 , H04L63/0876 , H04L63/105 , H04L63/20 , H04L2209/127 , H04L2209/76
摘要： A trusted network management method of trusted network connections based on tri-element peer authentication. A trusted management proxy and a trusted management system are respectively installed and configured on a host to be managed and a management host, and are verified as local trusted. When the host to be managed and the management host are not connected to the trusted network, they use the trusted network connection method based on the tri-element peer authentication to connect to the trusted network respectively, and subsequently perform the authentications and the cipher key negotiations of the trusted management proxy and the trusted management system; when the host to be managed and the management host have not completed the user authentication and the cipher key negotiation process, they use the tri-element peer authentication protocol to complete the user authentication and the cipher key negotiation process, then use the tri-element peer authentication protocol to implement the remote trust of the trusted management proxy and the trusted management system, and finally perform network management. The present invention can actively defend attacks, reinforce the safety of the trusted network management architecture, and realize the trusted network management of distributed control and centralized management.
摘要翻译：基于三元对等认证的可信网络连接的可信网络管理方法。分别在要管理的主机和管理主机上安装和配置可信管理代理和可信管理系统，并将其验证为本地可信。当要管理的主机和管理主机没有连接到可信网络时，他们使用基于三元对等认证的可信网络连接方法分别连接到可信网络，然后执行认证和密码密钥可信管理代理和可信管理系统的协商; 当要管理的主机和管理主机尚未完成用户认证和密钥协商过程时，他们使用三元素对等体认证协议完成用户认证和密钥协商过程，然后使用三元素对等体认证协议，实现可信管理代理和可信管理系统的远程信任，最终执行网络管理。本发明可以积极防御攻击，加强可信网管理架构的安全性，实现分布式控制和集中管理的可信网络管理。

68. 发明申请

US20110145425A1 TRUSTED NETWORK MANAGEMENT METHOD BASED ON TCPA/TCG TRUSTED NETWORK CONNECTION 审中-公开
标题翻译：基于TCPA / TCG协议的网络连接的有效网络管理方法
公开(公告)号：US20110145425A1
公开(公告)日：2011-06-16
申请号：US13058988
申请日：2009-08-20
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： G06F15/16
CPC分类号： H04L41/28 , H04L63/0823 , H04L63/0876 , H04L63/105 , H04L63/20
摘要： A trusted network management method based on TCPA/TCG trusted network connection is provided. A trusted management agent and a trusted management system are installed and configured on a managed host and a managing host respectively and verified to be creditable locally; when the managed host and the managing host have not yet connected into a trusted network, they connect into the trusted network separately by using a method based on TCPA/TCG trusted network connection and then performs authentication and key negotiation procedure between the trusted management agent and the trusted management system; when the managed host and the managing host have not yet performed the user authentication and key negotiation procedure, they perform user authentication and key negotiation procedure, then realize the remote creditability of the trusted management agent and the trusted management system, and finally, perform network management.
摘要翻译：提供了基于TCPA / TCG可信网络连接的可信网络管理方法。在受管主机和管理主机上分别安装和配置可信管理代理和可信管理系统，并验证其在本地可信; 当托管主机和管理主机尚未连接到可信网络时，通过使用基于TCPA / TCG可信网络连接的方法，分别连接到可信网络中，然后在可信管理代理和可信管理系统; 当托管主机和管理主机尚未执行用户认证和密钥协商过程时，进行用户认证和密钥协商过程，实现可信管理代理和可信管理系统的远程可信性，最后执行网络管理。

69. 发明申请

US20110055561A1 ACCESS AUTHENTICATION METHOD SUITABLE FOR THE WIRE-LINE AND WIRELESS NETWORK 有权
标题翻译：适用于线路和无线网络的接入认证方法
公开(公告)号：US20110055561A1
公开(公告)日：2011-03-03
申请号：US11816743
申请日：2006-02-21
申请人： Xiaolong Lai , Jun Cao , Hong Guo , Zhenhai Huang , Bianling Zhang
发明人： Xiaolong Lai , Jun Cao , Hong Guo , Zhenhai Huang , Bianling Zhang
IPC分类号： G06F21/00 , H04L9/32
CPC分类号： H04L63/0823 , H04L9/083 , H04L9/0891 , H04L9/3263 , H04L9/3273 , H04L2209/80
摘要： An access authentication method includes pre-establishing a security channel between the authentication server of the access point and the authentication server of the user terminal and performing the authentication process at user terminal and access point. The authentication process includes 1) the access point sending the authentication_activating message; 2) the user terminal sending the authentication server of user terminal request message; 3) the authentication server of the user terminal sending to the user terminal response message; and 4) completing the authentication.
摘要翻译：访问认证方法包括在接入点的认证服务器和用户终端的认证服务器之间预先建立安全信道，并在用户终端和接入点执行认证过程。认证过程包括：1）接入点发送认证激活消息; 2）用户终端发送用户终端请求消息的认证服务器; 3）用户终端的认证服务器发送给用户终端应答消息; 和4）完成认证。

70. 发明申请

US20100083349A1 METHOD FOR REALIZING TRUSTED NETWORK MANAGEMENT 有权
标题翻译：实现可信网络管理的方法
公开(公告)号：US20100083349A1
公开(公告)日：2010-04-01
申请号：US12631491
申请日：2009-12-04
申请人： YUELEI XIAO , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： YUELEI XIAO , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： G06F21/00 , G06F17/30
CPC分类号： H04L63/20
摘要： A method for realizing trusted network management is provided. A trusted management agent resides on a managed host, and a trusted management system resides on a management host. The trusted management agent and the trusted management system are software modules, which are both based on a trusted computing platform and signed after being authenticated by a trusted third party of the trusted management agent and the trusted management system. Trusted platform modules of the managed host and the management host can perform integrity measurement, storage, and report for the trusted management agent and the trusted management system. Therefore, the managed host and the management host can ensure that the trusted management agent and the trusted management system are trustworthy. Then, the trusted management agent and the trusted management system execute a network management function, thus realizing the trusted network management. Therefore, the technical problem in the prior art that the network management security cannot be ensured due to the mutual attack between an agent, a host where the agent resides, and a manager system is solved, and trusted network management is realized.
摘要翻译：提供了一种实现可信网络管理的方法。可信管理代理驻留在受管主机上，可管理系统驻留在管理主机上。信任管理代理和信任管理系统是软件模块，它们都是基于可信计算平台，经信任管理代理和可信管理系统的信任第三方认证后进行签名。托管主机和管理主机的可信平台模块可以对可信管理代理和可信管理系统执行完整性测量，存储和报告。因此，托管主机和管理主机可以确保可信管理代理和可信管理系统是值得信赖的。然后，信任管理代理和信任管理系统执行网络管理功能，从而实现可信网络管理。因此，现有技术的技术问题是解决了代理，代理所在的主机与管理者系统之间的相互攻击而不能确保网络管理安全性，并实现了可信网络管理。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式