专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07243231B2 Sensory verification of shared data 有权
标题翻译：共享数据的感官验证
公开(公告)号：US07243231B2
公开(公告)日：2007-07-10
申请号：US10210341
申请日：2002-07-31
申请人： Carl M. Ellison , Stephen H. Dohrmann , Edward C. Epp
发明人： Carl M. Ellison , Stephen H. Dohrmann , Edward C. Epp
IPC分类号： H04L9/00
CPC分类号： H04L63/0428 , H04L63/0861
摘要： In one embodiment, a method for sensory verification comprises exchanging at least one data item with a computing unit and selecting a sequence number. Such selection may be accomplished by generation of the sequence number or manual entry by the user. Thereafter, a transformation is periodically performed on the data item, the sequence number and optionally a random value to produce a sequence of values, each value being used to produce a perceivable sensory element for comparison with another sensory element produced by another computing unit.
摘要翻译：在一个实施例中，用于感觉验证的方法包括与计算单元交换至少一个数据项并选择序列号。这种选择可以通过生成用户的序列号或手动输入来实现。此后，对数据项，序列号和可选的随机值周期性地执行变换以产生值序列，每个值用于产生用于与由另一计算单元产生的另一感觉元素进行比较的可感知感觉元素。

2. 发明授权

US07246235B2 Time varying presentation of items based on a key hash 有权
标题翻译：基于密钥散列的时间变化表示项目
公开(公告)号：US07246235B2
公开(公告)日：2007-07-17
申请号：US09896088
申请日：2001-06-28
申请人： Carl M. Ellison , Stephen H. Dohrmann
发明人： Carl M. Ellison , Stephen H. Dohrmann
IPC分类号： H04L9/32 , H04L9/00
CPC分类号： H04L9/3297 , H04L2209/043 , H04L2209/80
摘要： A method for key verification through time varying item presentation based on a key hash result comprises generating a key hash result partially based on both a global identifier provided from a source and an estimated current time at that source. After generating the key hash result, a first time-varying item is produced using the key hash result as an index for a table lookup or generated based on Certain bit patterns forming the key hash result. Thereafter, the first time-varying item is presented for comparison with a second time-varying item being contemporaneously presented at the source. These computations are repeated, giving the impression of two views or instances of the same time-varying item. An attacker might be able to match one small portion of such a time sequence of presentations, by luck, but not any large portion of the sequence.
摘要翻译：基于密钥散列结果的通过时变项目呈现的密钥验证的方法包括部分地基于从源提供的全局标识符和在该源处的估计当前时间两者来产生密钥散列结果。在产生密钥散列结果之后，使用密钥哈希结果作为表查找的索引或基于形成密钥哈希结果的某些位模式生成的第一时变项目。此后，提供第一时变项目以与在源处同时呈现的第二时变项目进行比较。这些计算被重复，给出了两个视图或同一时间变化项目的实例的印象。攻击者可能能够匹配这样一个时间序列的一小部分，通过运气，但不是序列的任何大部分。

3. 发明授权

US09106629B2 Distributed algorithm for changing a shared value 有权
标题翻译：用于更改共享值的分布式算法
公开(公告)号：US09106629B2
公开(公告)日：2015-08-11
申请号：US12543326
申请日：2009-08-18
申请人： Carl M. Ellison , Larry Zhu , Tore L. Sundelin , Gleb Kholodov
发明人： Carl M. Ellison , Larry Zhu , Tore L. Sundelin , Gleb Kholodov
IPC分类号： G06F15/16 , H04L29/06 , G06F21/40 , H04L9/08 , H04L29/08
CPC分类号： H04L63/061 , G06F21/40 , H04L9/0869 , H04L9/0891 , H04L63/083 , H04L67/10
摘要： Each member of a group contributes to and calculates a new shared value. A distributed shared value algorithm is used to reach unanimous agreement on a shared value, such that every group member can use the new shared value as soon as it is changed. The distributed shared value agreement methodology operates without the selection of a leader. Each group member performs the distributed shared value agreement methodology and computes the new shared value using one or more of the contributions from the group members in such a way that no one member coerces the resulting shared value.
摘要翻译：组中的每个成员都贡献并计算新的共享值。使用分布式共享值算法来达成对共享值的一致协议，使得每个组成员都可以在更改后立即使用新的共享值。分配的共享价值协议方法运行而不选择领导者。每个组成员执行分布式共享价值协议方法，并使用来自组成员的一个或多个贡献来计算新的共享值，使得没有一个成员强制所得到的共享值。

4. 发明授权

US09026571B2 Random number generation failure detection and entropy estimation 有权
标题翻译：随机数生成失败检测和熵估计
公开(公告)号：US09026571B2
公开(公告)日：2015-05-05
申请号：US12258997
申请日：2008-10-27
申请人： Carl M. Ellison
发明人： Carl M. Ellison
IPC分类号： G06F7/58
CPC分类号： H04L9/3242 , G06F7/58 , H04L9/0869 , H04L2209/24
摘要： In accordance with one or more aspects, an initial output string is generated by a random number generator. The initial output string is sent to a random number service, and an indication of failure is received from the random number service if the initial output string is the same as a previous initial output string received by the random number service. Operation of the device is ceased in response to the indication of failure. Additionally, entropy estimates for hash values of an entropy source can be generated by an entropy estimation service based on hash values of various entropy source values received by the entropy estimation service. The hash values can be incorporated into an entropy pool of the device, and the entropy estimate of the pool being updated based on the estimated entropy of the entropy source.
摘要翻译：根据一个或多个方面，初始输出字符串由随机数生成器生成。如果初始输出字符串与由随机数服务接收的先前初始输出字符串相同，则将初始输出字符串发送到随机数服务，并且从随机数服务接收到失败指示。响应于故障指示停止设备的操作。此外，可以通过基于由熵估计服务接收的各种熵源值的哈希值的熵估计服务来生成熵源的散列值的熵估计。哈希值可以被合并到设备的熵池中，并且基于熵源的估计熵更新池的熵估计。

5. 发明申请

US20140108814A1 CRYPTOGRAPHIC KEY MANAGEMENT 有权
标题翻译： CRYPTOGRAPHIC主要管理
公开(公告)号：US20140108814A1
公开(公告)日：2014-04-17
申请号：US12978266
申请日：2010-12-23
申请人： Vijay G. Bharadwaj , Niels T. Ferguson , Carl M. Ellison , Magnus Bo Gustaf Nyström , Dayi Zhou , Denis Issoupov , Octavian T. Ureche , Peter J. Novotney , Cristian M. Ilac
发明人： Vijay G. Bharadwaj , Niels T. Ferguson , Carl M. Ellison , Magnus Bo Gustaf Nyström , Dayi Zhou , Denis Issoupov , Octavian T. Ureche , Peter J. Novotney , Cristian M. Ilac
IPC分类号： G06F21/60
CPC分类号： G06F21/602 , G06F2221/2141 , H04L9/0836 , H04L9/0866
摘要： Cryptographic key management techniques are described. In one or more implementations, an access control rule is read that includes a Boolean expression having a plurality of atoms. The cryptographic keys that corresponds each of the plurality of atoms in the access control rule are requested. One or more cryptographic operations are then performed on data using one or more of the cryptographic keys.
摘要翻译：描述密码密钥管理技术。在一个或多个实现中，读取包括具有多个原子的布尔表达式的访问控制规则。请求与访问控制规则中的多个原子对应的密码密钥。然后使用一个或多个密码密钥对数据执行一个或多个加密操作。

6. 发明授权

US08504838B2 Integrity protected smart card transaction 有权
公开(公告)号：US08504838B2
公开(公告)日：2013-08-06
申请号：US13072677
申请日：2011-03-26
申请人： Stefan Thom , Erik Lee Holt , Shivaram H. Mysore , Valerie Kathleen Bays , Carl M. Ellison
发明人： Stefan Thom , Erik Lee Holt , Shivaram H. Mysore , Valerie Kathleen Bays , Carl M. Ellison
IPC分类号： H04L29/06
CPC分类号： G06F21/34 , G06Q20/341 , G06Q20/388 , G06Q20/40975 , G07F7/1008 , H04L9/0897
摘要： Systems, methods, and technologies for configuring a conventional smart card and a client machine, and for performing a smart card authorization using the configured smart card and client. Further, the combination of methods provides for mutual authentication—authentication of the client to the user, and authentication of the user to the client. The authentication methods include presenting a specified token to the user sufficient to authenticate the client to the user and thus protect the user-provided PIN. Security is strengthened by using an integrity key based on approved client system configurations. Security is further strengthened by calculating a PIN′ value based on a user-specified PIN and a modifier and using the PIN′ value for unlocking the smart card.

7. 发明授权

US08006295B2 Domain ID service 失效
标题翻译：域ID服务
公开(公告)号：US08006295B2
公开(公告)日：2011-08-23
申请号：US11770677
申请日：2007-06-28
申请人： Carl M. Ellison , Paul J. Leach , Butler W. Lampson , Melissa W. Dunn , Ravindra N. Pandya , Charles W. Kaufman
发明人： Carl M. Ellison , Paul J. Leach , Butler W. Lampson , Melissa W. Dunn , Ravindra N. Pandya , Charles W. Kaufman
IPC分类号： G06F7/04
CPC分类号： H04L63/145 , G06F21/445 , G06F2221/2115 , G06F2221/2129 , H04L9/0891 , H04L63/0442 , H04L63/0823
摘要： The subject disclosure pertains to a domain identification system, comprising a principal that has a key and a mnemonically meaningless identifier, the mnemonically meaningless identifier is used to identify the component in a networked environment. The mnemonically meaningless identifier can be bound to the public key by a binding. The component may be part of a neighborhood of components, and each member component knows the members' binding.
摘要翻译：主题公开涉及域识别系统，其包括具有密钥和经验无意义的标识符的主体，用于识别网络环境中的组件的经典无意义的标识符。可以通过绑定将符号无意义的标识符绑定到公钥。组件可以是组件邻域的一部分，并且每个成员组件都知道成员的绑定。

8. 发明授权

US07979703B2 Determining the reputation of a sender of communications 有权
标题翻译：确定通信发送者的声誉
公开(公告)号：US07979703B2
公开(公告)日：2011-07-12
申请号：US11254076
申请日：2005-10-19
申请人： Carl M. Ellison , Elissa E. S. Murphy , Manav Mishra
发明人： Carl M. Ellison , Elissa E. S. Murphy , Manav Mishra
IPC分类号： H04L9/32
CPC分类号： H04L63/126 , H04L9/3247 , H04L63/101
摘要： A method and system for determining the reputation of a sender for sending desirable communications is provided. The reputation system identifies senders of communications by keys sent along with the communications. The reputation system then may process a communication to determine whether it is a desirable communication. The reputation system then establishes a reputation for the sender of the communication based on the assessment of whether that communication and other communications sent by that sender are desirable. Once the reputation of a sender is established, the reputation system can discard communications from senders with undesired reputations, provide to the recipient communications from senders with desired reputations, and place in a suspect folder communications from senders with an unknown reputation.
摘要翻译：提供了一种用于确定用于发送所需通信的发送者的信誉的方法和系统。信誉系统通过与通信一起发送的密钥来识别通信的发送者。信誉系统然后可以处理通信以确定它是否是期望的通信。信誉系统然后基于对该发送者发送的通信和其他通信是否期望的评估来确定通信发送者的声誉。一旦建立了发送者的声誉，信誉系统就可以丢弃具有不良声誉的发送者的通信，从具有所需信誉的发送者提供给接收方的通信，并将其置于具有未知信誉的发件人的可疑文件夹通信中。

9. 发明申请

US20080244736A1 MODEL-BASED ACCESS CONTROL 审中-公开
标题翻译：基于模型的访问控制
公开(公告)号：US20080244736A1
公开(公告)日：2008-10-02
申请号：US11694014
申请日：2007-03-30
申请人： Butler Lampson , Ravindra Nath Pandya , Paul J. Leach , Muthukrishnan Paramasivam , Carl M. Ellison , Charles William Kaufman
发明人： Butler Lampson , Ravindra Nath Pandya , Paul J. Leach , Muthukrishnan Paramasivam , Carl M. Ellison , Charles William Kaufman
IPC分类号： G06F12/14
CPC分类号： G06F21/604 , G06F21/6218
摘要： Access control as it relates to policies or permissions is provided based on a created model. A security policy is abstracted and can be independent of a mechanism used to protect resources. An asbstract model of a potential user, user role and/or resource is created without associating a specific individual and/or resource with a model. These abstract user models and abstract resource models can be used across applications or within disparate applications. The abstracted security policies can be selectively applied to the model. Specific users and/or resources can be associated with one or more abstract user model or abstract resource model. The models can be nested to provide configurations for larger systems.
摘要翻译：基于创建的模型提供与策略或权限相关的访问控制。安全策略被抽象出来，可以独立于用于保护资源的机制。创建潜在用户，用户角色和/或资源的抽象模型，而不将特定个人和/或资源与模型相关联。这些抽象用户模型和抽象资源模型可以跨应用程序或不同的应用程序使用。抽象的安全策略可以选择性地应用于模型。特定用户和/或资源可以与一个或多个抽象用户模型或抽象资源模型相关联。这些型号可以嵌套，以提供更大系统的配置。

10. 发明申请

US20080022132A1 Storage device controlled access 有权
标题翻译：存储设备控制访问
公开(公告)号：US20080022132A1
公开(公告)日：2008-01-24
申请号：US11449553
申请日：2006-06-07
申请人： Carl M. Ellison , Jamie Hunter , Kenneth D. Ray , Niels T. Ferguson , Philip J. Lafornara , Russell Humphries
发明人： Carl M. Ellison , Jamie Hunter , Kenneth D. Ray , Niels T. Ferguson , Philip J. Lafornara , Russell Humphries
IPC分类号： G06F12/14
CPC分类号： G06F21/85 , G06F21/78 , G06F2221/2113 , H04L9/0836
摘要： Access to a storage device, such as a disk, is controlled by performing a disk operation using a single cryptographic engine. Keys associated with each layer of a layered structure associated with controlling access to the storage device are combined. The resultant of this combination is used as the key to the cryptographic engine. Data to be retrieved from and written to the storage device are operated on by the cryptographic engine utilizing the combined key. Keys are combined by combining functions associated with layers of the layered structure. A combining function can include an exclusive or function, a cryptographic hash function, or a combination thereof.
摘要翻译：通过使用单个密码引擎执行磁盘操作来控制对诸如磁盘的存储设备的访问。与控制对存储设备的访问相关联的分层结构的每个层相关联的密钥被组合。这种组合的结果被用作密码引擎的关键。要从存储装置检索和写入存储装置的数据利用组合密钥由加密引擎进行操作。通过组合与分层结构的层相关联的功能来组合密钥。组合功能可以包括排他或功能，加密散列函数或其组合。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式