专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07516321B2 Method, system and device for enabling delegation of authority and access control methods based on delegated authority 有权
标题翻译：方法，系统和设备，用于授权和基于授权的访问控制方法
公开(公告)号：US07516321B2
公开(公告)日：2009-04-07
申请号：US10797715
申请日：2004-03-08
申请人： Liqun Chen , Stephen James Crane , Cheh Goh
发明人： Liqun Chen , Stephen James Crane , Cheh Goh
IPC分类号： H04L9/00
CPC分类号： H04L9/0847 , H04L9/3073 , H04L2209/127 , H04L2209/38
摘要： A trusted authority delegates authority to a device. This delegation of authority is effected by providing a yet-to-be completed chain of public/private cryptographic key pairs linked in a subversion-resistant manner. The chain terminates with a penultimate key pair formed by public/private data, and a link towards an end key pair to be formed by an encryption/decryption key pair of an Identifier-Based Encryption, IBE, scheme. The private data is securely stored in the device for access only by an authorized key-generation process that forms the link to the end key pair and is arranged to provide the IBE decryption key generated using the private data and encryption key. This key generation/provision is normally only effected if at least one condition, for example specified in the encryption key, is satisfied. Such a condition may be one tested against data provided by the trusted authority and stored in the device.
摘要翻译：受信任的权威机构将权限委托给设备。这种权力的授权是通过提供一个尚未完成的公开/私人加密密钥对链，以颠覆性的方式连接起来。链终止于由公共/私有数据形成的倒数第二个密钥对，以及通过基于标识符的加密（IBE）方案的加密/解密密钥对形成的终端密钥对的链接。专用数据被安全地存储在设备中，仅由形成到终端密钥对的链接的授权密钥生成过程访问，并且被设置为提供使用专用数据和加密密钥生成的IBE解密密钥。这种密钥生成/提供通常仅在满足例如在加密密钥中指定的至少一个条件时才有效。这样的条件可以针对由可信管理机构提供并存储在设备中的数据进行测试。

2. 发明申请

US20050058294A1 Method, system and device for enabling delegation of authority and access control methods based on delegated authority 有权
标题翻译：方法，系统和设备，用于授权和基于授权的访问控制方法
公开(公告)号：US20050058294A1
公开(公告)日：2005-03-17
申请号：US10797715
申请日：2004-03-08
申请人： Liqun Chen , Stephen Crane , Cheh Goh
发明人： Liqun Chen , Stephen Crane , Cheh Goh
IPC分类号： H04L9/08 , H04L9/30 , H04L9/00
CPC分类号： H04L9/0847 , H04L9/3073 , H04L2209/127 , H04L2209/38
摘要： A trusted authority delegates authority to a device. This delegation of authority is effected by providing a yet-to-be completed chain of public/private cryptographic key pairs linked in a subversion-resistant manner. The chain terminates with a penultimate key pair formed by public/private data, and a link towards an end key pair to be formed by an encryption/decryption key pair of an Identifier-Based Encryption, IBE, scheme. The private data is securely stored in the device for access only by an authorized key-generation process that forms the link to the end key pair and is arranged to provide the IBE decryption key generated using the private data and encryption key. This key generation/provision is normally only effected if at least one condition, for example specified in the encryption key, is satisfied. Such a condition may be one tested against data provided by the trusted authority and stored in the device.
摘要翻译：受信任的权威机构将权限委托给设备。这种权力的授权是通过提供一个尚未完成的公开/私人加密密钥对链，以颠覆性的方式连接起来。链终止于由公共/私有数据形成的倒数第二个密钥对，以及通过基于标识符的加密（IBE）方案的加密/解密密钥对形成的终端密钥对的链接。专用数据被安全地存储在设备中，仅由形成到终端密钥对的链接的授权密钥生成过程访问，并且被设置为提供使用专用数据和加密密钥生成的IBE解密密钥。这种密钥生成/提供通常仅在满足例如在加密密钥中指定的至少一个条件时才有效。这样的条件可以针对由可信管理机构提供并存储在设备中的数据进行测试。

3. 发明申请

US20050102512A1 Data output method, system and apparatus 有权
标题翻译：数据输出方式，系统和装置
公开(公告)号：US20050102512A1
公开(公告)日：2005-05-12
申请号：US10664069
申请日：2003-09-16
申请人： Cheh Goh , Liqun Chen , Stephen Crane , Marco Mont , Keith Harrison
发明人： Cheh Goh , Liqun Chen , Stephen Crane , Marco Mont , Keith Harrison
IPC分类号： G06F21/60 , H04L9/08 , H04L9/30 , H04L9/00
CPC分类号： G06F21/608 , G06F2221/2107 , G06F2221/2115 , H04L9/3073
摘要： Data to be output to a removable storage medium is encrypted for sending to an output device by an encryption process based on encryption parameters comprising public data of a trusted party and an encryption key string comprising a policy for allowing the output of the data. The trusted party provides a decryption key to the output device but only after being satisfied that the policy has been met. The decryption key is generated in dependence on the encryption key string and private data of the trusted party. The output device uses the decryption key in decrypting the data to be output. Embodiments are provided that involve multiple policies and trusted parties.
摘要翻译：要输出到可移动存储介质的数据被加密，用于通过基于包括可信方的公共数据的加密参数的加密处理和包括用于允许输出数据的策略的加密密钥串来发送到输出设备。可信方向输出设备提供解密密钥，但只有在满足该策略已被满足之后。解密密钥根据加密密钥串和可信方的专用数据生成。输出设备在解密要输出的数据时使用解密密钥。提供涉及多个策略和受信任方的实施例。

4. 发明授权

US08510789B2 Data output method, system and apparatus 有权
标题翻译：数据输出方式，系统和装置
公开(公告)号：US08510789B2
公开(公告)日：2013-08-13
申请号：US10664069
申请日：2003-09-16
申请人： Cheh Goh , Liqun Chen , Stephen James Crane , Marco Casassa Mont , Keith Alexander Harrison
发明人： Cheh Goh , Liqun Chen , Stephen James Crane , Marco Casassa Mont , Keith Alexander Harrison
IPC分类号： G06F17/00
CPC分类号： G06F21/608 , G06F2221/2107 , G06F2221/2115 , H04L9/3073
摘要： Data to be output to a removable storage medium is encrypted for sending to an output device by an encryption process based on encryption parameters comprising public data of a trusted party and an encryption key string comprising a policy for allowing the output of the data. The trusted party provides a decryption key to the output device but only after being satisfied that the policy has been met. The decryption key is generated in dependence on the encryption key string and private data of the trusted party. The output device uses the decryption key in decrypting the data to be output. Embodiments are provided that involve multiple policies and trusted parties.
摘要翻译：要输出到可移动存储介质的数据被加密，用于通过基于包括可信方的公共数据的加密参数的加密处理和包括用于允许输出数据的策略的加密密钥串来发送到输出设备。可信方向输出设备提供解密密钥，但只有在满足该策略已被满足之后。解密密钥根据加密密钥串和可信方的专用数据生成。输出设备在解密要输出的数据时使用解密密钥。提供涉及多个策略和受信任方的实施例。

5. 发明授权

US07650498B2 Secure data provision method and apparatus and data recovery method and system 有权
标题翻译：安全的数据提供方法和设备及数据恢复方法和系统
公开(公告)号：US07650498B2
公开(公告)日：2010-01-19
申请号：US10825596
申请日：2004-04-14
申请人： Cheh Goh , Liqun Chen
发明人： Cheh Goh , Liqun Chen
IPC分类号： H04L29/06 , G06F7/04
CPC分类号： G06F21/6245 , G06F19/00 , G16H10/60
摘要： To control access to target data whilst relieving the data provider of policing obligations, the data provider provides the target data in encrypted form to a requesting party as part of a data set with which first and second trusted authorities are associated in a non-subvertible manner. Recovery of the target data in clear by the party requires the first trusted authority to verify that a specific individual is a professional accredited with it, the second trusted authority to verify that a particular organisation is accredited with it, the particular organisation to verify that the specific individual is engaged by it, and at least one of the particular organisation and the first trusted authority to verify that the party is the specific individual. Various ways of encrypting the target data are provided, the preferred ways being based on Identifier-Based Encryption schemas.
摘要翻译：为了控制对目标数据的访问，同时缓解数据提供者的监管义务，数据提供者将加密形式的目标数据提供给请求方，作为数据集的一部分，第一和第二信任机构以不可颠覆的方式与之相关联。由缔约方明确恢复目标数据要求第一个受信任的机构核实具体个人是否是经过认证的专业人员，第二个受信任的机构核实特定组织是否被认证，特定机构要验证具体个人由其参与，以及至少一个特定组织和第一个受信任的机构来验证该方是具体个人。提供了加密目标数据的各种方法，优选的方式是基于基于标识符的加密模式。

6. 发明申请

US20050010760A1 Secure data provision method and apparatus and data recovery method and system 有权
标题翻译：安全的数据提供方法和设备及数据恢复方法和系统
公开(公告)号：US20050010760A1
公开(公告)日：2005-01-13
申请号：US10825596
申请日：2004-04-14
申请人： Cheh Goh , Liqun Chen
发明人： Cheh Goh , Liqun Chen
IPC分类号： G06F19/00 , G06F21/00 , G06F21/62 , H04L9/00
CPC分类号： G06F21/6245 , G06F19/00 , G16H10/60
摘要： To control access to target data whilst relieving the data provider of policing obligations, the data provider provides the target data in encrypted form to a requesting party as part of a data set with which first and second trusted authorities are associated in a non-subvertible manner. Recovery of the target data in clear by the party requires the first trusted authority to verify that a specific individual is a professional accredited with it, the second trusted authority to verify that a particular organisation is accredited with it, the particular organisation to verify that the specific individual is engaged by it, and at least one of the particular organisation and the first trusted authority to verify that the party is the specific individual. Various ways of encrypting the target data are provided, the preferred ways being based on Identifier-Based Encryption schemas.
摘要翻译：为了控制对目标数据的访问，同时缓解数据提供者的监管义务，数据提供者将加密形式的目标数据提供给请求方，作为数据集的一部分，第一和第二信任机构以不可颠覆的方式与之相关联。由缔约方明确恢复目标数据要求第一个受信任的机构核实具体个人是否是经过认证的专业人员，第二个受信任的机构核实特定组织是否被认证，特定机构要验证具体个人由其参与，以及至少一个特定组织和第一个受信任的机构来验证该方是具体个人。提供了加密目标数据的各种方法，优选的方式是基于基于标识符的加密模式。

7. 发明申请

US20130212391A1 ELLIPTIC CURVE CRYPTOGRAPHIC SIGNATURE 有权
公开(公告)号：US20130212391A1
公开(公告)日：2013-08-15
申请号：US13370190
申请日：2012-02-09
申请人： Liqun Chen , Graeme John Proudler
发明人： Liqun Chen , Graeme John Proudler
IPC分类号： H04L9/32
CPC分类号： H04L9/3252 , H04L2209/127 , H04L2209/42
摘要： A method includes generating a randomized base point and causing the randomized base point and a private key to be loaded into a signature engine device. The method also includes signing a message using the randomized base point and the private key as a base point as well as the private key in an elliptic curve cryptographic (ECC) signature.
摘要翻译：一种方法包括生成随机化的基点并使随机化的基点和私钥被加载到签名引擎设备中。该方法还包括使用随机化基点和私钥作为基点以及椭圆曲线密码（ECC）签名中的私钥签署消息。

8. 发明申请

US20130198524A1 OBJECT WITH IDENTITY BASED ENCRYPTION 有权
标题翻译：基于加密标识的对象
公开(公告)号：US20130198524A1
公开(公告)日：2013-08-01
申请号：US13361850
申请日：2012-01-30
申请人： Helen Y. Balinsky , Liqun Chen , Steven J. Simske
发明人： Helen Y. Balinsky , Liqun Chen , Steven J. Simske
IPC分类号： G06F12/14
CPC分类号： H04L9/3073 , G06F21/6209 , G06F2221/2107 , H04L9/0825 , H04L9/0866 , H04L9/3297
摘要： A workflow order is created for the object. Public parameters are received from a key generation center at a computer associated with an object master. A public key is generated at the computer system based on a user identifier and the public parameters, wherein the user identifier is comprised of user related information. The object is encrypted using the public key such that the object cannot be opened without the a private key, wherein the object is a composite document comprising multiple elements of documents of different formats, and wherein the private key is generated in response to a request from an authenticated user using the user identifier at the key generation center. Access to the multiple elements of the object is controlled based on workflow order.
摘要翻译：为对象创建工作流顺序。从与对象主机相关联的计算机的密钥生成中心接收公共参数。基于用户标识符和公共参数在计算机系统上生成公钥，其中用户标识符由用户相关信息组成。使用公开密钥对对象进行加密，使得该对象不能在没有私钥的情况下被打开，其中对象是包括不同格式的多个文档元素的复合文档，并且其中响应于来自在密钥生成中心使用用户标识符的认证用户。基于工作流顺序控制对象的多个元素的访问。

9. 发明授权

US08364729B2 Document management system and method 有权
标题翻译：文件管理系统和方法
公开(公告)号：US08364729B2
公开(公告)日：2013-01-29
申请号：US13050888
申请日：2011-03-17
申请人： Helen Balinsky , Liqun Chen , Steven J. Simske
发明人： Helen Balinsky , Liqun Chen , Steven J. Simske
IPC分类号： G06F21/00
CPC分类号： G06F17/2229 , G06F21/6227 , H04L9/14 , H04L2209/60
摘要： A document management system includes a document. One or more of a plurality of map-files of the document correspond(s) with a step of a multi-step workflow associated with the document. A random nonce is generated for each of the steps of the multi-step workflow except for an initial step of the multi-step workflow. Each of the random nonces i) is incorporated as a map-file entry into a respective one of the plurality of map-files corresponding with a step of the multi-step workflow that directly precedes the step of the multi-step workflow for which the random nonce is generated and ii) is used to perform a nonce-based initiating operation a respective one of the plurality of map-files corresponding with the step of the multi-step workflow for which the random nonce is generated.
摘要翻译：文件管理系统包括文件。文档的多个地图文件中的一个或多个对应于具有与文档相关联的多步工作流的步骤。为多步骤工作流程的每个步骤生成随机随机数，除了多步骤工作流程的初始步骤。随机随机i）中的每一个被并入作为地图文件条目到与多步骤工作流的步骤相对应的多个地图文件中的相应一个，其直接在多步骤工作流的步骤之前，其中生成随机随机数，并且ii）用于执行对应于生成随机随机数的多步骤工作流的步骤的多个映射文件中的相应一个映射文件的基于事件的发起操作。

10. 发明授权

US08341429B2 Data transfer device 有权
标题翻译：数据传输设备
公开(公告)号：US08341429B2
公开(公告)日：2012-12-25
申请号：US12239806
申请日：2008-09-28
申请人： Jonathan Peter Buckingham , Liqun Chen , Christopher Williams
发明人： Jonathan Peter Buckingham , Liqun Chen , Christopher Williams
IPC分类号： H04L9/28 , G06F11/30
CPC分类号： G11B20/00086 , G06F21/606 , G06F21/80 , G06F2221/2107 , G11B20/0021 , G11B20/00507 , G11B20/1201 , G11B2220/90 , G11B2220/913 , G11B2220/916 , G11B2220/956
摘要： A data transfer device for transferring data to a removable data storage item. The data transfer device receives content data to be stored to the removable data storage item, encrypts the content data using an encryption key, and transforms at least one of predetermined reference data and the encryption key. The data transfer device also encrypts the transformed predetermined reference data using the encryption key or encrypts the predetermined reference data using the transformed encryption key, and then stores the encrypted content data and the encrypted transformed/predetermined reference data to the removable data storage item.
摘要翻译：一种用于将数据传送到可移动数据存储项目的数据传送装置。数据传送装置接收要存储到可移动数据存储项目的内容数据，使用加密密钥加密内容数据，并转换预定参考数据和加密密钥中的至少一个。数据传送装置还使用加密密钥对转换的预定参考数据进行加密，或者使用变换后的加密密钥来加密预定的参考数据，然后将加密的内容数据和加密的变换/预定参考数据存储到可移动数据存储项目。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式