专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

71. 发明授权

US08015369B2 Updating data entries stored on a data storage unit from an authority 有权
标题翻译：从授权机构更新存储在数据存储单元上的数据条目
公开(公告)号：US08015369B2
公开(公告)日：2011-09-06
申请号：US12019237
申请日：2008-01-24
申请人： Helen Balinsky , Thomas Rathbone , Liqun Chen , Keith Harrison
发明人： Helen Balinsky , Thomas Rathbone , Liqun Chen , Keith Harrison
IPC分类号： G06F13/00
CPC分类号： G06F21/6209 , G06F21/606 , G06F21/77
摘要： A method of updating a data entry stored on a data storage unit, the data entry including data elements that are unique to the data storage unit and the data entry, may begin with generating, at the data storage unit, an update request that includes the data entry for transmission to an authority authorized to update the data entry. The authority then extracts extracting at the authority the unique data elements from the update request and verifies the authenticity of the data storage unit and data entry from the unique data elements. The authority then generates an updated data entry including a further data element unique to the updated data entry and derived from the updated data. The authority then transmits the updated data entry to the data storage unit. The method may then include storing the updated data entry on the data storage unit.
摘要翻译：一种更新存储在数据存储单元上的数据条目的方法，包括数据存储单元唯一的数据元素和数据输入的数据输入可以开始于在数据存储单元处生成包括用于传输给授权更新数据条目的机构的数据条目。然后，授权机构从更新请求中提取提取唯一数据元素，并从唯一数据元素验证数据存储单元的真实性和数据输入。然后，权限生成更新的数据条目，其包括更新的数据条目唯一的另外的数据元素，并从更新的数据导出。然后，权限将更新的数据条目发送到数据存储单元。该方法然后可以包括将更新的数据条目存储在数据存储单元上。

72. 发明授权

US07986778B2 Cryptographic method and apparatus 有权
标题翻译：密码方法和装置
公开(公告)号：US07986778B2
公开(公告)日：2011-07-26
申请号：US11166921
申请日：2005-06-23
申请人： Keith Alexander Harrison , Liqun Chen
发明人： Keith Alexander Harrison , Liqun Chen
IPC分类号： H04K1/00
CPC分类号： H04L9/3073 , H04L9/321 , H04L9/3247 , H04L2209/04
摘要： A cryptographic method and apparatus is provided in which an identifier-based encryption process is used to encrypt a message with an identifier string that specifies conditions to be checked by a trusted entity before providing a decrypted form of the encrypted message, or enabling its decryption. A further trusted entity is used to verify the identity of the message sender as indicated by a further identifier string, and to provide the sender with a secret key that the sender uses to generate complimentary signature components. These signature components are sent along with the encrypted message and are used, along with other data including the first identifier string and a public key of the further trusted entity, to authenticate the identity of the message sender.
摘要翻译：提供了一种加密方法和装置，其中使用基于标识符的加密过程来加密具有标识符串的消息，所述标识符字符串在提供加密消息的解密形式之前指定由受信任实体检查的条件，或使其能够进行解密。另一受信任的实体用于验证由另外的标识符字符串指示的消息发送者的身份，并向发送者提供发送者用于生成互补签名组件的秘密密钥。这些签名组件与加密消息一起发送，并与包括第一标识符串和另外可信实体的公开密钥的其他数据一起使用，以验证消息发送者的身份。

73. 发明授权

US07865876B2 Multiple trusted computing environments 有权
标题翻译：多个可信计算环境
公开(公告)号：US07865876B2
公开(公告)日：2011-01-04
申请号：US10175542
申请日：2002-06-18
申请人： Jonathan Griffin , Christopher I. Dalton , Michael Child , Liqun Chen , Andrew Patrick Norman
发明人： Jonathan Griffin , Christopher I. Dalton , Michael Child , Liqun Chen , Andrew Patrick Norman
IPC分类号： G06F9/44 , G06F9/455 , H04L9/32
CPC分类号： G06F21/64 , G06F21/57 , G06F2211/009 , G06F2211/1097 , G06F2221/2101 , G06F2221/2103 , G06F2221/2129 , G06F2221/2141 , G06F2221/2149 , G06F2221/2153
摘要： A computing platform 20 provides multiple computing environments 24 each containing a guest operating system 25 provided by a virtual machine application 26. Optionally, each computing environment 24 is formed in a compartment 220 of a compartmented host operating system 22. A trusted device 213 verifies that the host operating system 22 and each guest operating system 25 operates in a secure and trusted manner by forming integrity metrics which can be interrogated by a user 10. Each computing environment is isolated and secure, and can be verified as trustworthy independent of any other computing environment.
摘要翻译：计算平台20提供多个计算环境24，每个计算环境包含由虚拟机应用程序26提供的客户机操作系统25.可选地，每个计算环境24形成在分隔的主机操作系统22的隔室220中。可信设备213验证主机操作系统22和每个客户操作系统25通过形成可由用户10询问的完整性度量以安全和可靠的方式操作。每个计算环境是隔离和安全的，并且可以被验证为独立于任何其他计算环境。

74. 发明授权

US07801302B2 Cryptographic method and apparatus 有权
标题翻译：密码方法和装置
公开(公告)号：US07801302B2
公开(公告)日：2010-09-21
申请号：US11150623
申请日：2005-06-10
申请人： Keith Alexander Harrison , Liqun Chen
发明人： Keith Alexander Harrison , Liqun Chen
IPC分类号： H04K1/00 , H04L9/00 , H04L29/06 , H04L9/32 , G06F17/00 , G07F7/10 , G07F7/06 , H04L9/08
CPC分类号： H04L9/3013 , H04L9/321 , H04L2209/046
摘要： A cryptographic method and apparatus is provided in which a first party receives and modifies a public key for which there exists a corresponding private key held by a second party. The public key is modified by exponentiating at least one element of the received public key using as exponent a hash of a string that comprises information concerning at least one action to be taken by the second party. The string is made available to the second party to enable the latter to modify its private key to compliment the modified public key. In a preferred embodiment, the method and apparatus are applied to the use of the ElGamal encryption/decryption scheme, with the second party acting as a trusted authority that only releases the decrypted message to a third party if the latter satisfies an identity condition specified in the string.
摘要翻译：提供了一种加密方法和装置，其中第一方接收并修改存在由第二方保存的对应私钥的公钥。通过使用作为指数的字符串的散列来指示所接收的公钥的至少一个元素来修改公钥，该字符串的散列包括关于第二方要采取的至少一个动作的信息。该字符串可用于第二方，以使后者修改其私钥以补充修改的公钥。在优选实施例中，该方法和装置被应用于ElGamal加密/解密方案的使用，其中第二方充当信任机构，只有当解密消息满足以下规定的身份条件时才将解密的消息释放到第三方：字符串。

75. 发明授权

US07779267B2 Method and apparatus for using a secret in a distributed computing system 有权
标题翻译：在分布式计算系统中使用秘密的方法和装置
公开(公告)号：US07779267B2
公开(公告)日：2010-08-17
申请号：US09946323
申请日：2001-09-04
申请人： Liqun Chen , Graeme John Proudler
发明人： Liqun Chen , Graeme John Proudler
IPC分类号： G06F12/14 , G06F7/04 , H04L29/06 , H04L9/32 , G08B29/00
CPC分类号： G06F21/445 , G06F21/602 , G06F21/62 , G06F21/78
摘要： There are many times when a secret needs to be used in a distributed computing system—these are often held in security tokens, such as smart cards. It may be desirable for another device, such as a computer platform, to act in place of the security token as the repository of a secret, particularly for operations within a distributed computing system. Within the distributed computing system there is located a trusted entity, physically and logically resistant to unauthorized modification—this may be a trusted device located within a specific computing platform. This contains validation information which can be communicated to the security token. The security token then carries out a validation process on this validation information—if successful, the security token then provides a secret to the trusted device for use within the distributed computing system. The trusted device may be required to use this secret only for a specified period of time, or for a specific purpose or task.
摘要翻译：有许多时候，在分布式计算系统中需要使用一个秘密 - 这些秘密通常都是安全的令牌，例如智能卡。可能希望另一设备（例如计算机平台）代替安全令牌作为秘密的存储库，特别是用于分布式计算系统内的操作。在分布式计算系统中，存在物理上和逻辑上抵御未经授权的修改的受信任实体 - 这可能是位于特定计算平台内的受信任的设备。这包含可以传递给安全令牌的验证信息。然后，安全令牌对该验证信息执行验证过程 - 如果成功，则安全令牌然后向可信设备提供在分布式计算系统内使用的秘密。受信任的设备可能需要在指定的时间段内使用此秘密，或者用于特定目的或任务。

76. 发明授权

US07693279B2 Security method and apparatus using biometric data 有权
标题翻译：使用生物特征数据的安全方法和装置
公开(公告)号：US07693279B2
公开(公告)日：2010-04-06
申请号：US10829930
申请日：2004-04-21
申请人： Liqun Chen , Keith Alexander Harrison
发明人： Liqun Chen , Keith Alexander Harrison
IPC分类号： H04L9/00 , H04K1/00
CPC分类号： H04L9/0866 , H04L9/3073
摘要： A security method and apparatus is provided in which a trusted authority is arranged to read in identity data from a memory device presented by an individual. This identity data comprises both biometric data of a specific individual ,and additional identity data concerning the same individual. The trusted authority uses the biometric data as a biometric reference for comparison with biometric characteristics of the individual presenting the memory card in order to determine whether the latter is the individual represented by the biometric data. The trusted authority uses the additional identity data or matching data, together with private data of the trusted authority, to generate a decryption key. This decryption key is apt to decrypt data encrypted using both an encryption key string comprising the additional identity data of the specific individual and public data of the trusted authority.
摘要翻译：提供了一种安全方法和装置，其中可信管理机构被安排为从由个人呈现的存储设备中读取身份数据。该身份数据包括特定个体的生物特征数据和关于相同个体的附加身份数据。信任机构使用生物特征数据作为生物特征参考，用于与呈现存储卡的个体的生物特征进行比较，以便确定后者是否是由生物特征数据表示的个体。受信任的机构使用附加身份数据或匹配数据以及可信管理机构的私有数据来生成解密密钥。该解密密钥易于解密使用包括特定个人的附加身份数据和可信管理机构的公共数据的加密密钥串加密的数据。

77. 发明授权

US07574596B2 Cryptographic method and apparatus 有权
标题翻译：密码方法和装置
公开(公告)号：US07574596B2
公开(公告)日：2009-08-11
申请号：US10831549
申请日：2004-04-22
申请人： Liqun Chen , Martin Sadler , Keith Alexander Harrison
发明人： Liqun Chen , Martin Sadler , Keith Alexander Harrison
IPC分类号： G06F9/00
CPC分类号： H04L9/3073 , H04L9/083 , H04L9/0847
摘要： First data to be sent by a first party to a second party is encrypted using an encryption key string formed using at least a hash value generated using second data and a secret, shared with a trusted party, that serves as identification of the first party. The second data comprises, for example, one or more conditions that serve as identifiers of the second party, and a hash-value element generated by hashing the first data. The encrypted first data and the encryption key string is made available to the second party which forwards the encryption key string to the trusted party with a request for the corresponding decryption key. The trusted party carries out at least one check on the basis of data contained in the encryption key string and, if this at least one check is satisfactory, provides a decryption key to the second party.
摘要翻译：要由第一方发送给第二方的第一数据使用至少使用第二数据生成的散列值形成的加密密钥串进行加密，以及用作第一方的标识的信任方共享的秘密。第二数据包括例如用作第二方的标识符的一个或多个条件以及通过对第一数据进行散列而产生的散列值元素。加密的第一数据和加密密钥串对第二方可用，该第二方通过对相应的解密密钥的请求将加密密钥串转发到信任方。可信方基于加密密钥串中包含的数据执行至少一个检查，并且如果该至少一个检查令人满意，则向第二方提供解密密钥。

78. 发明申请

US20080263672A1 Protecting sensitive data intended for a remote application 审中-公开
标题翻译：保护用于远程应用程序的敏感数据
公开(公告)号：US20080263672A1
公开(公告)日：2008-10-23
申请号：US11788082
申请日：2007-04-18
申请人： Liqun Chen , Wael Ibrahim
发明人： Liqun Chen , Wael Ibrahim
IPC分类号： H04L9/32
CPC分类号： H04L9/0844 , G06F21/83 , H04L9/3271
摘要： A method and apparatus is provided of protecting sensitive data input via an input device of a processing platform from a data logger, the sensitive data being user account data intended for a remote application. To protect the sensitive data, the data is used as a password in a secure, password-authenticated key agreement protocol executed between a security entity and the remote application, the security entity being installed in the input device or in secure communication therewith. In one preferred embodiment the input device is a keyboard and the security entity is a unit installed in the keyboard and selectively operable in a pass-through mode and a security mode.
摘要翻译：提供了一种方法和装置，用于保护经由处理平台的输入装置从数据记录器输入的敏感数据，敏感数据是用于远程应用的用户帐户数据。为了保护敏感数据，数据被用作在安全实体和远程应用程序之间执行的安全，密码认证的密钥协商协议中的密码，安全实体被安装在输入设备中或与其进行安全通信。在一个优选实施例中，输入设备是键盘，安全实体是安装在键盘中的单元，并且选择性地以直通模式和安全模式操作。

79. 发明授权

US07437568B2 Apparatus and method for establishing trust 有权
标题翻译：用于建立信任的设备和方法
公开(公告)号：US07437568B2
公开(公告)日：2008-10-14
申请号：US09931526
申请日：2001-08-16
申请人： Arindam Das-Purkayastha , Siani Lynne Pearson , Liqun Chen
发明人： Arindam Das-Purkayastha , Siani Lynne Pearson , Liqun Chen
IPC分类号： G06F11/30 , G06F12/14 , H04L9/32 , H04L9/00
CPC分类号： G06F21/57 , G06F21/552 , G06F21/6218 , G06F2211/009 , G06F2221/2103 , G06F2221/2151 , G06F2221/2153
摘要： Computer apparatus comprising a receiver for receiving an integrity metric for a computer entity via a trusted device associated with the computer entity, the integrity metric having values for a plurality of characteristics associated with the computer entity; a controller for assigning a trust level to the computer entity from a plurality of trust levels, wherein the assigned trust level is based upon the value of at least one of the characteristics of the received integrity metric.
摘要翻译：计算机设备包括：接收机，用于经由与计算机实体相关联的可信设备接收用于计算机实体的完整性度量，所述完整性度量具有与所述计算机实体相关联的多个特征的值; 用于从多个信任级别向所述计算机实体分配信任级别的控制器，其中，所分配的信任级别基于所接收的完整性度量的所述特性中的至少一个的值。

80. 发明授权

US07397917B2 Method and apparatus for generating a cryptographic key 有权
标题翻译：用于生成加密密钥的方法和装置
公开(公告)号：US07397917B2
公开(公告)日：2008-07-08
申请号：US10613750
申请日：2003-07-03
申请人： Liqun Chen , David Soldera , Keith Alexander Harrison
发明人： Liqun Chen , David Soldera , Keith Alexander Harrison
IPC分类号： H04K1/00 , H04L9/00 , H04L9/30
CPC分类号： H04L9/3013 , H04L9/3073 , H04L9/321
摘要： A method and apparatus are provided for generating a cryptographic key from multiple data sets each related to a respective association of a trusted party and user identity. The cryptographic key is, for example, one of an encryption key, a decryption key, a signature key and a verification key, and is preferably generated by applying Tate or Weil bilinear mappings to the data sets. At least two of the data sets may relate to different user identities and/or different trusted authorities. Where multiple trusted authorities are involved, these authorities may be associated with different elements to which the bilinear mapping can be applied, each trusted authority having an associated public key formed from its associated element and a secret of that trusted authority.
摘要翻译：提供了一种方法和装置，用于从与受信任方和用户身份的相应关联相关联的多个数据集中生成密码密钥。加密密钥例如是加密密钥，解密密钥，签名密钥和验证密钥之一，并且优选地通过将Tate或Weil双线性映射应用于数据集来生成。数据集中的至少两个可以涉及不同的用户身份和/或不同的可信权限。在涉及多个受信任的机构的情况下，这些权限可以与可以应用双线性映射的不同的元素相关联，每个受信任的机构具有由其相关联的元素形成的相关联的公共密钥和该信任授权的秘密。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式