专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07437568B2 Apparatus and method for establishing trust 有权
标题翻译：用于建立信任的设备和方法
公开(公告)号：US07437568B2
公开(公告)日：2008-10-14
申请号：US09931526
申请日：2001-08-16
申请人： Arindam Das-Purkayastha , Siani Lynne Pearson , Liqun Chen
发明人： Arindam Das-Purkayastha , Siani Lynne Pearson , Liqun Chen
IPC分类号： G06F11/30 , G06F12/14 , H04L9/32 , H04L9/00
CPC分类号： G06F21/57 , G06F21/552 , G06F21/6218 , G06F2211/009 , G06F2221/2103 , G06F2221/2151 , G06F2221/2153
摘要： Computer apparatus comprising a receiver for receiving an integrity metric for a computer entity via a trusted device associated with the computer entity, the integrity metric having values for a plurality of characteristics associated with the computer entity; a controller for assigning a trust level to the computer entity from a plurality of trust levels, wherein the assigned trust level is based upon the value of at least one of the characteristics of the received integrity metric.
摘要翻译：计算机设备包括：接收机，用于经由与计算机实体相关联的可信设备接收用于计算机实体的完整性度量，所述完整性度量具有与所述计算机实体相关联的多个特征的值; 用于从多个信任级别向所述计算机实体分配信任级别的控制器，其中，所分配的信任级别基于所接收的完整性度量的所述特性中的至少一个的值。

2. 发明授权

US06988250B1 Trusted computing platform using a trusted device assembly 有权
标题翻译：使用可信设备组件的可信计算平台
公开(公告)号：US06988250B1
公开(公告)日：2006-01-17
申请号：US09913452
申请日：2000-02-15
申请人： Graeme John Proudler , Dipankar Gupta , Liqun Chen , Siani Lynne Pearson , Boris Balacheff , Bruno Edgard Van Wilder , David Chan
发明人： Graeme John Proudler , Dipankar Gupta , Liqun Chen , Siani Lynne Pearson , Boris Balacheff , Bruno Edgard Van Wilder , David Chan
IPC分类号： G06F17/50
CPC分类号： G06F21/445 , G06F21/34 , G06F21/57 , G06F21/606 , G06F21/64 , G06F21/85 , G06F2207/7219 , G06F2211/009 , G06F2221/2103
摘要： In a computing platform, a trusted hardware device (24) is added to the motherboard (20). The trusted hardware device (24) is configured to acquire an integrity metric, for example a hash of the BIOS memory (29), of the computing platform. The trusted hardware device (24) is tamper-resistant, difficult to forge and inaccessible to other functions of the platform. The hash can be used to convince users that that the operation of the platform (hardware or software) has not been subverted in some way, and is safe to interact with in local or remote applications.In more detail, the main processing unit (21) of the computing platform is directed to address the trusted hardware device (24), in advance of the BIOS memory, after release from ‘reset’. The trusted hardware device (24) is configured to receive memory read signals from the main processing unit (21) and, in response, return instructions, in the native language of the main processing unit (21), that instruct the main processing unit to establish the hash and return the value to be stored by the trusted hardware device (24). Since the hash is calculated in advance of any other system operations, this is a relatively strong method of verifying the integrity of the system. Once the hash has been returned, the final instruction calls the BIOS program and the system boot procedure continues as normal.Whenever a user wishes to interact with the computing platform, he first requests the integrity metric, which he compares with an authentic integrity metric that was measured by a trusted party. If the metrics are the same, the platform is verified and interactions can continue. Otherwise, interaction halts on the basis that the operation of the platform may have been subverted.
摘要翻译：在计算平台中，将可信硬件设备（24）添加到主板（20）。可信硬件设备（24）被配置为获取计算平台的完整性度量，例如BIOS存储器（29）的散列。受信任的硬件设备（24）是防篡改的，难以伪造并且不能访问平台的其他功能。该哈希可以用于说服用户，平台（硬件或软件）的操作没有以某种方式颠覆，并且可以安全地与本地或远程应用程序进行交互。更详细地说，计算平台的主处理单元（21）在从“复位”释放之后被引导以在BIOS存储器之前对可信硬件设备（24）进行寻址。可信硬件设备（24）被配置为从主处理单元（21）接收存储器读取信号，并响应于主处理单元（21）的母语的返回指令，其指示主处理单元建立散列并返回由可信硬件设备（24）存储的值。由于散列是在任何其他系统操作之前计算出来的，所以这是验证系统完整性的相对较强的方法。一旦散列已经返回，最后的指令调用BIOS程序，并且系统引导过程正常进行。每当用户希望与计算平台进行交互时，他首先请求完整性度量，其与被可信方测量的真实完整性度量进行比较。如果指标相同，则会验证平台并继续进行交互。否则，交互停止，基于平台的操作可能已被颠覆。

3. 发明授权

US07526785B1 Trusted computing platform for restricting use of data 有权
标题翻译：用于限制数据使用的可信计算平台
公开(公告)号：US07526785B1
公开(公告)日：2009-04-28
申请号：US10088258
申请日：2000-09-25
申请人： Siani Lynne Pearson , Liqun Chen
发明人： Siani Lynne Pearson , Liqun Chen
IPC分类号： H04N7/167
CPC分类号： G06F21/84 , G06F21/57 , G06F21/85 , G06F2211/009 , G06F2221/2103 , G06F2221/2153
摘要： A client/server system has a client platform adapted to provide restricted use of data provided by a serve. The client platform comprises a display, secure communications means, and a memory containing image receiving code for receiving data from a server by the secure communication means and for display of such data. The client platform is adapted such that the data received from a server is used for display of the data and not for an unauthorised purpose. A server adapted to provide data to a client platform for restricted use by the client platform comprises a memory containing image sending code for providing an image of data executed on the server, and secure communications means for secure communication of images of data to a client platform. The server is adapted to determine that a client platform is adapted to ensure restricted use of the data before it is sent by the image sending code.
摘要翻译：客户机/服务器系统具有适于提供对服务提供的数据的有限使用的客户端平台。客户平台包括显示器，安全通信装置和包含图像接收代码的存储器，用于通过安全通信装置从服务器接收数据并显示这些数据。适应客户端平台，使得从服务器接收的数据用于显示数据，而不是用于未经授权的目的。适于向客户端平台提供数据以供客户端平台限制使用的服务器包括：包含图像发送代码的存储器，用于提供在服务器上执行的数据的图像;以及安全通信装置，用于将数据图像安全地传送到客户端平台。服务器适于确定客户端平台适于在数据被图像发送代码发送之前确保其受到有限的使用。

4. 发明授权

US07275160B2 Trusted system 有权
标题翻译：可信赖的系统
公开(公告)号：US07275160B2
公开(公告)日：2007-09-25
申请号：US09932476
申请日：2001-08-17
申请人： Siani Lynne Pearson , Liqun Chen
发明人： Siani Lynne Pearson , Liqun Chen
IPC分类号： G06F21/00
CPC分类号： G07F7/1008 , G06Q20/20 , G06Q20/341 , G06Q20/4097 , G06Q40/00 , G07F7/005
摘要： A method for allowing a financial transaction to be performed using a electronic system, the method comprising interrogating an electronic transaction terminal with an electronic security device to obtain an integrity metric for the electronic financial transaction terminal; determining if the transaction terminal is a trusted terminal based upon the integrity metric; allowing financial transaction data to be input into the transaction terminal if the transaction terminal is identified as a trusted terminal.
摘要翻译：一种允许使用电子系统执行金融交易的方法，所述方法包括用电子安全装置询问电子交易终端以获得电子金融交易终端的完整性度量; 基于所述完整性度量确定所述交易终端是否为信任终端; 如果交易终端被识别为可信终端，则允许将金融交易数据输入到交易终端。

5. 发明授权

US07444601B2 Trusted computing platform 有权
标题翻译：可信计算平台
公开(公告)号：US07444601B2
公开(公告)日：2008-10-28
申请号：US11249820
申请日：2005-10-12
申请人： Graeme John Proudler , Dipankar Gupta , Liqun Chen , Siani Lynne Pearson , Boris Balacheff , Bruno Edgard Van Wilder , David Chan
发明人： Graeme John Proudler , Dipankar Gupta , Liqun Chen , Siani Lynne Pearson , Boris Balacheff , Bruno Edgard Van Wilder , David Chan
IPC分类号： G06F17/50
CPC分类号： G06F21/445 , G06F21/34 , G06F21/57 , G06F21/606 , G06F21/64 , G06F21/85 , G06F2207/7219 , G06F2211/009 , G06F2221/2103
摘要： In a computing platform, a trusted hardware device (24) is added to the motherboard (20). The trusted hardware device (24) is configured to acquire an integrity metric, for example a hash of the BIOS memory (29), of the computing platform. The trusted hardware device (24) is tamper-resistant, difficult to forge and inaccessible to other functions of the platform. The hash can be used to convince users that that the operation of the platform (hardware or software) has not been subverted in some way, and is safe to interact with in local or remote applications.In more detail, the main processing unit (21) of the computing platform is directed to address the trusted hardware device (24), in advance of the BIOS memory, after release from ‘reset’. The trusted hardware device (24) is configured to receive memory read signals from the main processing unit (21) and, in response, return instructions, in the native language of the main processing unit (21), that instruct the main processing unit to establish the hash and return the value to be stored by the trusted hardware device (24). Since the hash is calculated in advance of any other system operations, this is a relatively strong method of verifying the integrity of the system. Once the hash has been returned, the final instruction calls the BIOS program and the system boot procedure continues as normal.Whenever a user wishes to interact with the computing platform, he first requests the integrity metric, which he compares with an authentic integrity metric that was measured by a trusted party. If the metrics are the same, the platform is verified and interactions can continue. Otherwise, interaction halts on the basis that the operation of the platform may have been subverted.
摘要翻译：在计算平台中，将可信硬件设备（24）添加到主板（20）。可信硬件设备（24）被配置为获取计算平台的完整性度量，例如BIOS存储器（29）的散列。受信任的硬件设备（24）是防篡改的，难以伪造并且不能访问平台的其他功能。该哈希可以用于说服用户，平台（硬件或软件）的操作没有以某种方式颠覆，并且可以安全地与本地或远程应用程序进行交互。更详细地说，计算平台的主处理单元（21）在从“复位”释放之后被引导以在BIOS存储器之前对可信硬件设备（24）进行寻址。可信硬件设备（24）被配置为从主处理单元（21）接收存储器读取信号，并响应于主处理单元（21）的母语的返回指令，其指示主处理单元建立散列并返回由可信硬件设备（24）存储的值。由于散列是在任何其他系统操作之前计算出来的，所以这是验证系统完整性的相对较强的方法。一旦散列已经返回，最后的指令调用BIOS程序，并且系统引导过程正常进行。每当用户希望与计算平台进行交互时，他首先请求完整性度量，其与被可信方测量的真实完整性度量进行比较。如果指标相同，则会验证平台并继续进行交互。否则，交互停止，基于平台的操作可能已被颠覆。

6. 发明授权

US07096204B1 Electronic commerce system 有权
标题翻译：电子商务系统
公开(公告)号：US07096204B1
公开(公告)日：2006-08-22
申请号：US10110280
申请日：2000-10-06
申请人： Liqun Chen , Boris Balacheff , Roelf du Toit , Siani Lynne Pearson , David Chan
发明人： Liqun Chen , Boris Balacheff , Roelf du Toit , Siani Lynne Pearson , David Chan
IPC分类号： G06Q99/00
CPC分类号： G06Q30/06 , G06Q20/02 , G06Q20/04 , G06Q20/105 , G06Q20/12 , G06Q20/20 , G06Q20/367 , G06Q20/3674 , G06Q20/383 , G06Q20/385
摘要： A method of brokering a transaction between a consumer and a vendor by a broker, wherein the consumer, the broker and the vendor are all attached to a public network, the consumer having a secure token containing a true consumer identity. The method comprising the steps of: the consumer obtaining a temporary identity from the broker by using the true consumer identity from the secure token; the consumer selecting a purchase to be made from the vendor; the consumer requesting the purchase from the vendor and providing the temporary identity to the vendor; the vendor requesting transaction authorisation from the broker by forwarding the request and the temporary identity to the broker; the broker matching the temporary identity to a current list of temporary identities, and obtaining the true consumer identity; the broker providing authorisation for the transaction based on transaction details and true consumer identity.
摘要翻译：由经纪人代理消费者和供应商之间的交易的方法，其中消费者，经纪商和供应商都连接到公共网络，消费者具有包含真实消费者身份的安全令牌。该方法包括以下步骤：消费者通过使用来自安全令牌的真实消费者身份从代理获取临时身份; 消费者选择从供应商进行的购买; 消费者请求从供应商购买并向供应商提供临时身份; 供应商通过将请求和临时身份转发给经纪人从代理商请求交易授权; 经纪人将临时身份与当前的临时身份列表进行匹配，并获得真实的消费者身份; 经纪人根据交易细节和真实的消费者身份为交易提供授权。

7. 发明授权

US07634656B2 Method and apparatus for identifying a voice caller 有权
标题翻译：用于识别语音呼叫者的方法和装置
公开(公告)号：US07634656B2
公开(公告)日：2009-12-15
申请号：US10241894
申请日：2002-09-12
申请人： Siani Lynne Pearson
发明人： Siani Lynne Pearson
IPC分类号： H04L9/32
CPC分类号： H04L63/0442 , H04L29/06027 , H04L63/0407 , H04L63/08 , H04L63/0823 , H04L65/1006 , H04M1/2535 , H04M1/57 , H04M1/571 , H04M3/42042 , H04M7/006 , H04M2242/22
摘要： A voice call system and a method and apparatus for identifying a voice caller are disclosed. The system includes a call originator apparatus 10 and a called party apparatus 20. At least one trusted user identity is formed at the call originator apparatus 10, ideally in a trusted platform module 12 configured according to a Trusted Computing Platform Alliance (TCPA) specification. The called party apparatus 20 checks the trusted user identity when establishing a new voice call. Advantageously, an identity of the voice caller using the call originator apparatus is confirmed in a reliable and trustworthy manner, even when the voice call is transported over an inherently insecure medium, e.g. an open computing system like the internet 30. Preferred embodiments of the invention use IP telephony, such as SIP (session initiation protocol) or H.323 standard voice telephony.
摘要翻译：公开了用于识别语音呼叫者的语音呼叫系统和方法和装置。该系统包括呼叫发起者装置10和被叫方装置20.在呼叫发起者装置10中形成至少一个可信用户身份，理想地在根据可信计算平台联盟（TCPA）规范配置的信任平台模块12中。被叫方装置20在建立新的语音呼叫时检查可信用户身份。有利的是，即使当语音呼叫通过固有不安全的介质传输时，也可以以可靠和可靠的方式确认语音呼叫者使用呼叫发起者装置的身份。诸如互联网的开放式计算系统30.本发明的优选实施例使用IP电话，例如SIP（会话发起协议）或H.323标准语音电话。

8. 发明授权

US07398393B2 Privacy management of personal data 有权
标题翻译：个人资料的隐私管理
公开(公告)号：US07398393B2
公开(公告)日：2008-07-08
申请号：US10767868
申请日：2004-01-28
申请人： Marco Casassa Mont , Keith Alexander Harrison , Martin Sadler , Siani Lynne Pearson
发明人： Marco Casassa Mont , Keith Alexander Harrison , Martin Sadler , Siani Lynne Pearson
IPC分类号： H04L9/32
CPC分类号： H04L63/0435 , H04L9/083 , H04L9/3073 , H04L63/062 , H04L2209/56 , H04L2209/68 , H04L2209/76
摘要： When sending personal data to a recipient, the data owner encrypts the data using both a public data item provided by a trusted party and an encryption key string formed using at least policy data indicative of conditions to be satisfied before access is given to the personal data. The encryption key string is typically also provided to the recipient along with the encrypted personal data. To decrypt the personal data, the recipient sends the encryption key string to the trusted party with a request for the decryption key. The trusted party determines the required decryption key using the encryption key string and private data used in deriving its public data, and provides it to the requesting recipient. However, the decryption key is either not determined or not made available until the trusted party is satisfied that the associated policy conditions have been met by the recipient.
摘要翻译：当向收件人发送个人数据时，数据所有者使用由受信任方提供的公共数据项和至少指示要在个人数据访问之前要满足的条件的策略数据形成的加密密钥串来加密数据。加密密钥字符串通常也与加密的个人数据一起提供给接收者。为了解密个人数据，接收方通过请求解密密钥将加密密钥字符串发送给信任方。可信方使用加密密钥串和用于导出其公共数据的私有数据来确定所需的解密密钥，并将其提供给请求的接收者。然而，解密密钥在被信任方满足接收者已经满足相关联的策略条件之前，未被确定或不被提供。

9. 发明授权

US07353531B2 Trusted computing environment 有权
标题翻译：可信计算环境
公开(公告)号：US07353531B2
公开(公告)日：2008-04-01
申请号：US10080477
申请日：2002-02-22
申请人： Richard Brown , Siani Lynne Pearson , Christopher I. Dalton
发明人： Richard Brown , Siani Lynne Pearson , Christopher I. Dalton
IPC分类号： H04L9/00
CPC分类号： H04L63/105 , G06F21/552 , G06F21/57 , G06F21/6218 , G06F2221/2103 , G06F2221/2153 , H04L63/126
摘要： A trusted computing environment 100, wherein each computing device 112 to 118 holds a policy specifying the degree to which it can trust the other devices in the environment 100. The policies are updated by an assessor 110 which receives reports from trusted components 120 in the computing devices 112 to 118 which identify the trustworthiness of the computing devices 112 to 118.
摘要翻译：可信计算环境100，其中每个计算设备112至118保存指定其可以信任环境100中的其他设备的程度的策略。由评估者110更新策略，评估者110从计算设备112至118中的可信组件120接收报告，其识别计算设备112至118的可信赖性。

10. 发明授权

US07194623B1 Data event logging in computing platform 有权
标题翻译：数据事件记录在计算平台上
公开(公告)号：US07194623B1
公开(公告)日：2007-03-20
申请号：US09979902
申请日：2000-05-25
申请人： Graeme John Proudler , Boris Balacheff , Siani Lynne Pearson , David Chan
发明人： Graeme John Proudler , Boris Balacheff , Siani Lynne Pearson , David Chan
IPC分类号： H04L9/00
CPC分类号： G06F21/57 , G06F21/552 , G06F2211/009 , G06F2221/2101 , G06F2221/2103 , H04L63/0853 , H04L63/1425
摘要： There is disclosed a computer entity having a trusted component which compiles an event log for events occurring on a computer platform. The event log contains event data of types which are pre-specified by a user by inputting details through a dialogue display generated by the trusted component. Items which can be monitored include data files, applications drivers and the like. The trusted component operates through a monitoring agent which may be launched onto the computer platform. The monitoring agent may be periodically interrogated to make sure that it is operating correctly and responding to interrogations by the trusted component.
摘要翻译：公开了一种具有可信组件的计算机实体，该信任组件针对在计算机平台上发生的事件编译事件日志。事件日志包含由用户通过由可信组件生成的对话显示输入细节而预先指定的类型的事件数据。可以监视的项目包括数据文件，应用驱动程序等。受信任的组件通过可以发送到计算机平台上的监视代理来操作。可以定期询问监视代理以确保其正常工作并响应可信部件的询问。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式