专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

71. 发明授权

US08411868B2 Intruder traceability for shared security associations 有权
标题翻译：共享安全关联的入侵者跟踪
公开(公告)号：US08411868B2
公开(公告)日：2013-04-02
申请号：US11694717
申请日：2007-03-30
申请人： Men Long , David Durham
发明人： Men Long , David Durham
IPC分类号： H04L29/06
CPC分类号： H04L9/0833 , H04L63/0272 , H04L63/062 , H04L63/1408 , H04L63/16
摘要： Various embodiments are directed to systems and techniques for shared security associations. In one or more embodiments, a key distribution server provides shared security associations for clients and servers by assigning a group key to a particular client according to a time-based group key assignment schedule. The key distribution server may comprise a recursive codebook including multiple entries corresponding to group key assignments to be selected by the key distribution server with respect to time intervals. Other embodiments are described and claimed.
摘要翻译：各种实施例涉及用于共享安全关联的系统和技术。在一个或多个实施例中，密钥分发服务器通过根据基于时间的组密钥分配计划向特定客户端分配组密钥来为客户端和服务器提供共享安全关联。密钥分配服务器可以包括递归码本，其包括与密钥分发服务器相对于时间间隔选择的组密钥分配相对应的多个条目。描述和要求保护其他实施例。

72. 发明申请

US20100325729A1 DETERMINATION BY CIRCUITRY OF PRESENCE OF AUTHORIZED AND/OR MALICIOUS DATA 有权
标题翻译：通过电路确定授权和/或恶意数据的存在
公开(公告)号：US20100325729A1
公开(公告)日：2010-12-23
申请号：US12487878
申请日：2009-06-19
申请人： Hormuzd M. Khosravi , Vincent E. Von Bokern , Men Long
发明人： Hormuzd M. Khosravi , Vincent E. Von Bokern , Men Long
IPC分类号： G06F21/00
CPC分类号： G06F21/565
摘要： An embodiment may include circuitry that may be comprised in a host. The host may include memory and a host processor to execute an operating system. The circuitry may be to determine, independently of the operating system and the host processor, the authenticity of signature list information, based at least in part upon authentication information received by the circuitry from a remote server. The circuitry also may be to determine, independently of the operating system and the host processor, based at least in part upon comparison of at least one portion of the signature list information with at least one portion of contents of the memory, whether authorized and/or malicious data are present in the at least one portion of the contents of the memory. Of course, many variations, modifications, and alternatives are possible without departing from this embodiment.
摘要翻译：实施例可以包括可以包括在主机中的电路。主机可以包括存储器和主机处理器来执行操作系统。该电路可以至少部分地基于电路从远程服务器接收的认证信息来独立于操作系统和主处理器来确定签名列表信息的真实性。电路还可以至少部分地基于对签名列表信息的至少一部分与存储器的内容的至少一部分进行比较来独立于操作系统和主处理器来确定是否授权和/ 或恶意数据存在于存储器的内容的至少一部分中。当然，在不偏离本实施例的情况下，可以进行许多变化，修改和替换。

73. 发明申请

US20100135498A1 Efficient Key Derivation for End-To-End Network Security with Traffic Visibility 有权
标题翻译：针对具有流量可见性的端到端网络安全性的高效关键推导
公开(公告)号：US20100135498A1
公开(公告)日：2010-06-03
申请号：US12327137
申请日：2008-12-03
申请人： Men Long , Jesse Walker , Karanvir Grewal
发明人： Men Long , Jesse Walker , Karanvir Grewal
IPC分类号： H04L9/08 , H04L9/00
CPC分类号： H04L9/0866 , H04L9/0631 , H04L63/0428 , H04L63/06 , H04L2209/125
摘要： Both end-to-end security and traffic visibility may be achieved by a system using a controller that derives a cryptographic key that is different for each client based on a derivation key and a client identifier that is conveyed in each data packet. The controller distributes the derivation key to information technology monitoring devices and a server to provide traffic visibility. For large key sizes, the key may be derived using a derivation formula as follows: client_key—MSB=AES128(base_key_1, client_ID), (1) client_key—LSB=AES128(base_key_2, client_ID+pad), and (2) client_key=client_key_MSB∥client_key_LSB, where (1) and (2) are executed in parallel. The client key and a client identifier may be used so that end-to-end security may be achieved.
摘要翻译：端到端安全性和流量可见性可以由使用控制器的系统来实现，所述控制器基于在每个数据分组中传送的导出密钥和客户端标识符来导出每个客户端不同的密码密钥。控制器将派生密钥分发到信息技术监控设备和服务器，以提供流量可视性。对于较大的密钥大小，密钥可以使用以下推导公式导出：client_key-MSB = AES128（base_key_1，client_ID），（1）client_key-LSB = AES128（base_key_2，client_ID + pad）和（2）client_key = client_key_MSB‖client_key_LSB，其中（1）和（2）并行执行。可以使用客户端密钥和客户端标识符，以便可以实现端到端的安全性。

74. 发明申请

US20090038017A1 SECURE VAULT SERVICE FOR SOFTWARE COMPONENTS WITHIN AN EXECUTION ENVIRONMENT 有权
标题翻译：执行环境中软件组件的安全维护服务
公开(公告)号：US20090038017A1
公开(公告)日：2009-02-05
申请号：US11833073
申请日：2007-08-02
申请人： David Durham , Hormuzd Khosravi , Uri Blumenthal , Men Long
发明人： David Durham , Hormuzd Khosravi , Uri Blumenthal , Men Long
IPC分类号： H04L9/32 , G06F12/14
CPC分类号： G06F21/6209 , G06F12/1408 , G06F12/1466 , G06F12/1475 , G06F21/52 , G06F21/53
摘要： Embodiments of apparatuses, articles, methods, and systems for secure vault service for software components within an execution environment are generally described herein. An embodiment includes the ability for a Virtual Machine Monitor, Operating System Monitor, or other underlying platform capability to restrict memory regions for access only by specifically authenticated, authorized and verified software components, even when part of an otherwise compromised operating system environment. The underlying platform to lock and unlock secrets on behalf of the authenticated/authorized/verified software component provided in protected memory regions only accessible to the authenticated/authorized/verified software component. Other embodiments may be described and claimed.
摘要翻译：这里一般地描述用于执行环境中的软件组件的安全保险库服务的装置，物品，方法和系统的实施例。一个实施例包括虚拟机监视器，操作系统监视器或其他底层平台功能的能力，以限制存储器区域，以便仅通过特定认证的，授权的和已验证的软件组件进行访问，即使在其他受损的操作系统环境的一部分。代表被保护的内存区域中提供的经过身份验证/授权/验证的软件组件的锁定和解锁秘密的底层平台只能由经过身份验证/授权/验证的软件组件访问。可以描述和要求保护其他实施例。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式