专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US5982898A Certification process 失效
标题翻译：认证过程
公开(公告)号：US5982898A
公开(公告)日：1999-11-09
申请号：US812640
申请日：1997-03-07
申请人： Yung-Kao Hsu , Stephen Seymour
发明人： Yung-Kao Hsu , Stephen Seymour
IPC分类号： H04L9/32 , H04L9/00
CPC分类号： H04L9/321 , H04L9/3226 , H04L9/3263
摘要： An improved secure communication arrangement separates the tasks of identity verification and certificate issuing, which allows a disassociating of the long-term binding between Alice and her public/private key pair. This is accomplished by a registration authority issuing a password to Alice once it is satisfied of Alice's bona fide. Thereafter, whenever Alice wishes to communicate with Bob, she contacts a certification authority, identifies herself with the password and obtains a private key and a corresponding short-lived certificate. The certificate typically includes Alice's name and a public key in plaintext, and a signature. The signature is derived by hashing the plaintext portion of the certificate to obtain a value, and encrypting the value with the CA's private key. She then contacts Bob, submits her certificate, Bob performs the same hashing function to obtain a value, decrypts the signature with CA's public key to obtain a decrypted value, and compares the value Bob created with the decrypted value. If the two match, Bob is assured that the person submitting the certificate may be communicated with by using the public key included in the certificate.
摘要翻译：改进的安全通信安排分离了身份验证和证书颁发的任务，这允许将Alice与其公钥/私钥对之间的长期绑定分离。这是由注册机构向Alice发出密码完成的，一旦满足爱丽丝的真诚。此后，每当爱丽丝希望与鲍勃沟通时，她都会与认证机构联系，识别自己的密码，并获得私钥和相应的短命的证书。证书通常包括Alice的名称和明文中的公钥，以及签名。签名是通过散列证书的明文部分来获得一个值，并用CA的私钥加密该值来导出的。然后她联系Bob，提交证书，Bob执行相同的哈希函数获取值，用CA的公钥解密签名以获取解密的值，并将Bob创建的值与解密的值进行比较。如果两者匹配，Bob保证提交证书的人可以通过使用证书中包含的公开密钥进行通信。

2. 发明授权

US06996716B1 Dual-tier security architecture for inter-domain environments 失效
公开(公告)号：US06996716B1
公开(公告)日：2006-02-07
申请号：US09460897
申请日：1999-12-14
申请人： Yung-Kao Hsu
发明人： Yung-Kao Hsu
IPC分类号： H04L9/00
CPC分类号： H04L63/08 , H04L63/06 , H04L63/123 , H04M7/006 , H04M7/0078
摘要： A two-tier security architecture that provides balance between the use of public and secret-key cryptography to realize cost-effectiveness and scalability of security. One tier is an intra-zone tier and the other tier is an inter-zone tier. The intra-zone tier addresses communication between users employing endpoints within a prescribed Security Zone and is designed to achieve cost-effectiveness. The inter-zone tier specifies how communication between users employing endpoints from different Security Zones can be established and is designed to provide scalability for intra-enterprise and/or inter-enterprise communications. Specifically, each Security Zone has a “Zone Keeper” and one or more endpoints that may be employed by users. The Zone Keeper authenticates, i.e., validates, users employing an endpoint in the Security Zone and determines whether a caller and a callee are security compatible. When setting up a communication, the caller provides the Zone Keeper security information in order for the caller to prove its identity. The callee supplies to the caller information confirming its identity. A proposal on how the communication is to be Set-up is sent from the caller to the callee, and if they agree to the proposal and their security is authenticated, the communication is started. For inter-zone, inter-domain, communications, the caller provides information as described above to its Zone Keeper. Then, the caller's Zone Keeper forwards the caller's request to the Zone Keeper of the security associated with the callee. Additionally, the caller's Zone Keeper also supplies the callee's Zone Keeper with its security identity so that the callee's Zone Keeper may authenticate that the request is from the caller's Zone Keeper. Then, the callee's Zone Keeper sends back an authorization to the Caller's Zone Keeper. This authorization includes the callee's Zone Keeper security identity so that the caller's Zone Keeper can authenticate that the authorization is from the callee's Zone Keeper.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式