专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08458483B1 Techniques for message-passing using shared memory of an RF tag 有权
标题翻译：使用RF标签的共享存储器进行消息传递的技术
公开(公告)号：US08458483B1
公开(公告)日：2013-06-04
申请号：US12495447
申请日：2009-06-30
申请人： Daniel Bailey , Marco Ciaffi , William Duane , Ari Juels , John O'Brien
发明人： Daniel Bailey , Marco Ciaffi , William Duane , Ari Juels , John O'Brien
IPC分类号： G06F21/00 , G06F12/14
CPC分类号： H04B5/0037 , G06F1/3287 , G06F21/35 , G06F21/74 , G06F21/81 , G06F2221/2105 , H04B5/0056 , H04L63/0838 , H04W4/80 , H04W12/06 , H04W52/0229 , Y02D10/171 , Y02D70/166 , Y02D70/42
摘要： A technique of message-passing using shared memory of an RF tag involves storing a message in the shared memory while a security processor of the RF tag is in a sleep mode, the security processor being constructed and arranged to access the shared memory when the security processor is in a wakened mode. The technique further involves transitioning the security processor from the sleep mode to the wakened mode, and processing the message from the shared memory using the security processor after the security processor has transitioned from the sleep mode to the wakened mode. If the security processor is awakened only as needed (rather than remain in the wakened mode), lifetime of a battery which powers the security processor can be maximized.
摘要翻译：使用RF标签的共享存储器的消息传递的技术涉及在RF标签的安全处理器处于睡眠模式的同时将消息存储在共享存储器中，所述安全处理器被构造和布置成在安全性时访问共享存储器处理器处于唤醒模式。该技术还包括将安全处理器从睡眠模式转换到唤醒模式，以及在安全处理器从睡眠模式转换到唤醒模式之后，使用安全处理器处理来自共享存储器的消息。如果仅根据需要唤醒安全处理器（而不是保持在唤醒模式），则可以最大化为安全处理器供电的电池的寿命。

2. 发明授权

US08601588B1 Method and system for detection of clone authenticator 有权
标题翻译：检测克隆鉴别器的方法和系统
公开(公告)号：US08601588B1
公开(公告)日：2013-12-03
申请号：US13173726
申请日：2011-06-30
申请人： Robert Black , William Duane , Robert S. Philpott
发明人： Robert Black , William Duane , Robert S. Philpott
IPC分类号： G06F11/00
CPC分类号： G06F21/577 , G06F11/008 , G06F21/34 , G06F21/44 , G06F21/55 , G06Q40/02 , G06Q2220/00 , H04L63/1433 , H04L63/1441
摘要： A method includes engaging in authentication operations each involving apparent use of a legitimate authenticator. Values of one or more authenticator variables are received and stored, where the authenticator variable(s) normally change in a known authenticator-specific way during the authentication operations, such as being calculated from a monotonically increasing dynamic variable. A risk analysis function is applied to the stored values to generate a risk indicator signal indicating a level of risk that the clone authenticator is in use. The risk analysis function includes detection of an abnormal change of the authenticator variable(s), such as use of non-monotonic dynamic variable values. The risk indicator signal is output to an access controller that operates, based on the level of risk indicated by the risk indicator signal, to selectively inhibit an otherwise successful authentication operation involving apparent use of the legitimate authenticator.
摘要翻译：一种方法包括参与认证操作，每个认证操作包括明确使用合法认证器。接收和存储一个或多个验证器变量的值，其中验证器变量在认证操作期间通常以已知的认证器特定方式改变，诸如从单调递增的动态变量计算。对存储的值应用风险分析功能，以生成指示克隆认证器正在使用的风险级别的风险指示符信号。风险分析功能包括检测认证者变量的异常变化，例如使用非单调动态变量值。该风险指示信号被输出到一个接入控制器，该接入控制器基于风险指示信号所指示的风险水平来选择性地禁止涉及明确使用合法验证器的另外成功的认证操作。

3. 发明申请

US20070256123A1 Detecting and preventing replay in authentication systems 有权
标题翻译：检测和防止认证系统中的重放
公开(公告)号：US20070256123A1
公开(公告)日：2007-11-01
申请号：US11607836
申请日：2006-12-01
申请人： William Duane , Lawrence Friedman , Alexander Volanis
发明人： William Duane , Lawrence Friedman , Alexander Volanis
IPC分类号： H04L9/32
CPC分类号： H04L63/0838 , H04L63/1441
摘要： A system for detecting and preventing replay attacks includes a plurality of interconnected authentication servers, and one or more tokens for generating a one-time passcode and providing the one-time passcode to one of the authentication servers for authentication. The system includes an adjudicator function associated with each authentication server. The adjudicator evaluates a high water mark value associated with a token seeking authentication, allows authentication to proceed for the token if the high water mark evaluation indicates that the one-time passcode was not used in a previous authentication, and prevents authentication if the high water mark evaluation indicates that the one-time passcode was used in a previous authentication. The token is associated with a home authentication server that maintains a current high water mark of the token. The home authentication server validates the current high water mark on behalf of the adjudicator function evaluating the token for authentication.
摘要翻译：用于检测和防止重放攻击的系统包括多个互连的认证服务器，以及用于生成一次性密码并将一次性密码提供给认证服务器之一用于认证的一个或多个令牌。该系统包括与每个认证服务器相关联的裁判员功能。审判员评估与令牌寻求认证相关联的高水位值，如果高水位评估指示在先前认证中未使用一次性密码，则允许认证进行令牌，并且如果高水位则防止认证标记评估表示在以前的认证中使用一次性密码。令牌与维护令牌当前高水位的家庭认证服务器相关联。家庭认证服务器代表评估用于认证的令牌的裁判员功能验证当前的高水位标记。

4. 发明授权

US08370638B2 Derivative seeds 有权
标题翻译：衍生种子
公开(公告)号：US08370638B2
公开(公告)日：2013-02-05
申请号：US11357724
申请日：2006-02-17
申请人： William Duane , Jeffrey Hamel
发明人： William Duane , Jeffrey Hamel
IPC分类号： H04L29/06 , H04L9/32
CPC分类号： H04L9/0833 , G06F21/31 , G06F21/34 , G07C9/00015 , H04L9/0866 , H04L9/0869 , H04L9/0877 , H04L9/3213
摘要： A method of generating authentication seeds for a plurality of users, the method involving: based on a single master seed, generating a plurality of derivative seeds, each one for a corresponding different one of a plurality of users; and distributing the plurality of derivative seeds to a verifier for use in individually authenticating each of the plurality of users to that verifier, wherein generating each one of the plurality of derivative seeds involves mathematically combining the master seed and a unique identifier identifying the corresponding user.
摘要翻译：一种为多个用户生成认证种子的方法，所述方法包括：基于单个母种，生成多个衍生种子，每个种子种类用于多个用户中的相应不同的一个; 以及将所述多个衍生种子分发到验证器以用于将所述多个用户中的每一个单独认证用于所述验证者，其中生成所述多个衍生种子中的每一个的数学上涉及所述主种子和识别相应用户的唯一标识符。

5. 发明授权

US07831837B1 Encoding token commands/data within data streams for standard interfaces 有权
标题翻译：在标准接口的数据流内编码令牌命令/数据
公开(公告)号：US07831837B1
公开(公告)日：2010-11-09
申请号：US11424427
申请日：2006-06-15
申请人： William Duane , Eric A. Silva , Jeffrey Hamel
发明人： William Duane , Eric A. Silva , Jeffrey Hamel
IPC分类号： G06F21/00
CPC分类号： G06F21/34 , G06F21/629 , G06F21/74 , G06F2221/2105 , H04L63/0838 , H04L63/0853
摘要： A method of communicating within a system that includes a device, a controller for the device, a token, and a driver which implements a predefined interface for enabling communication with and/or control of the device through the controller, the method involving: via the predefined interface, receiving instructions and/or data at the controller from the driver for controlling the device; via the predefined interface, receiving at the controller a preselected control parameter indicating that communication with the token is desired; and in response to receiving the preselected control parameter, directing communications to the token.
摘要翻译：一种在系统内进行通信的方法，所述系统包括设备，用于所述设备的控制器，令牌和驱动器，所述驱动器实现用于通过所述控制器与所述设备进行通信和/或控制的预定界面，所述方法包括：预定义接口，从控制器接收指令和/或数据从驱动器控制设备; 通过预定义的接口，在控制器处接收指示与令牌进行通信的预选控制参数; 并且响应于接收到预选的控制参数，将通信指向令牌。

6. 发明申请

US20060177056A1 Secure seed generation protocol 有权
标题翻译：安全的种子生成协议
公开(公告)号：US20060177056A1
公开(公告)日：2006-08-10
申请号：US10549542
申请日：2004-07-09
申请人： Peter Rostin , Magnus Nystrom , William Duane
发明人： Peter Rostin , Magnus Nystrom , William Duane
IPC分类号： H04L9/28 , H04L9/00 , H04K1/00
CPC分类号： H04L9/3234 , H04L9/06 , H04L9/0869 , H04L9/3242 , H04L9/3271 , H04L63/061 , H04L63/0823 , H04L63/0853 , H04L2209/20 , H04L2209/56 , H04L2209/80
摘要： Techniques for secure generation of a seed for use in performing one or more cryptographic operations, utilizing a seed generation protocol carried out by a seed generation client (110c) and a seed generation server (110s). The seed generation server (110s) provides a first string to the seed generation client (110c). The seed generation client (110c) generates a second string, encrypts the second string utilizing a key (216), and sends the encrypted second string to the seed generation server (110s). The seed generation client (110c) generates the seed as a function of at leas the first string and the second string. The seed generation server (110s) decrypts the encrypted second string (222) and independently generates the seed as a function of at least the first string an the second string.
摘要翻译：利用由种子生成客户端（110c）和种子生成服务器（110s）执行的种子生成协议，用于安全地生成用于执行一个或多个密码操作的种子的技术。种子生成服务器（110s）向种子生成客户端（110c）提供第一串。种子生成客户端（110c）生成第二串，利用密钥（216）加密第二串，并将加密的第二串发送到种子生成服务器（110s）。种子生成客户端（110c）根据第一串和第二串的函数产生种子。种子生成服务器（110s）对加密的第二串（222）进行解密，并且独立地生成作为第二串的至少第一串的函数的种子。

7. 发明授权

US08966276B2 System and method providing disconnected authentication 有权
标题翻译：提供断开认证的系统和方法
公开(公告)号：US08966276B2
公开(公告)日：2015-02-24
申请号：US10938422
申请日：2004-09-10
申请人： Andrew Nanopoulos , Karl Ackerman , Piers Bowness , William Duane , Markus Jakobsson , Burt Kaliski , Dmitri Pal , Shane D. Rice , Ronald L. Rivest
发明人： Andrew Nanopoulos , Karl Ackerman , Piers Bowness , William Duane , Markus Jakobsson , Burt Kaliski , Dmitri Pal , Shane D. Rice , Ronald L. Rivest
IPC分类号： G06F21/00 , H04L29/06 , G06F21/31 , G06F21/34 , H04L9/32 , H04L9/00
CPC分类号： H04L63/0838 , G06F21/31 , G06F21/34 , G06F2221/2103 , H04L9/002 , H04L9/3228 , H04L9/3234 , H04L9/3236 , H04L9/3271 , H04L63/0853 , H04L2209/38 , H04L2209/80
摘要： In a system for disconnected authentication, verification records corresponding to given authentication token outputs over a predetermined period of time, sequence of events, and/or set of challenges are downloaded to a verifier. The records include encrypted or hashed information for the given authentication token outputs. In one embodiment using time intervals, for each time interval, token output data, a salt value, and a pepper value, are hashed and compared with the verification record for the time interval. After a successful comparison, a user can access the computer. A PIN value can also be provided as an input the hash function. A portion of the hash function output can be used as a key to decrypt an encrypted (Windows) password, or other sensitive information.
摘要翻译：在用于断开认证的系统中，在预定时间段，事件顺序和/或挑战集合上对应于给定认证令牌输出的验证记录被下载到验证者。记录包括给定认证令牌输出的加密或散列信息。在使用时间间隔的一个实施例中，对于每个时间间隔，令牌输出数据，盐值和胡椒值被散列并与时间间隔的验证记录进行比较。成功比较后，用户可以访问计算机。也可以提供PIN值作为输入的散列函数。哈希函数输出的一部分可以用作解密加密（Windows）密码或其他敏感信息的密钥。

8. 发明授权

US08452989B1 Providing security to an electronic device 有权
标题翻译：为电子设备提供安全性
公开(公告)号：US08452989B1
公开(公告)日：2013-05-28
申请号：US12634116
申请日：2009-12-09
申请人： Todd Morneau , William Duane
发明人： Todd Morneau , William Duane
IPC分类号： G06F21/00
CPC分类号： G06F21/86 , G06F2221/2143
摘要： A technique provides security to an electronic device. The technique involves disposing a microprocessor between a printed circuit board and a circuit element to restrict physical access to the microprocessor, the microprocessor having (i) a bottom which faces the printed circuit board in a first direction and (ii) a top which faces the circuit element in a second direction which is opposite the first direction. The technique further involves delivering power to the microprocessor from a power source while the microprocessor is disposed between the printed circuit board and the circuit element, the microprocessor performing electronic operations in response to the power delivered from the power source. The technique further involves electronically altering or preventing the microprocessor from further performing the electronic operations in response to tampering activity on the circuit element. Such detection of the tampering activity may involve monitoring a covert signal for tamper evidence detection.
摘要翻译：一种技术为电子设备提供安全性。该技术涉及将微处理器布置在印刷电路板和电路元件之间以限制对微处理器的物理访问，微处理器具有（i）在第一方向上面向印刷电路板的底部，以及（ii）面向电路元件在与第一方向相反的第二方向上。该技术还包括在微处理器被布置在印刷电路板和电路元件之间时向微处理器供电，微处理器响应于从电源传递的功率执行电子操作。该技术还涉及电子地改变或防止微处理器响应于电路元件上的篡改活动进一步执行电子操作。这种篡改活动的检测可能涉及监视篡改证据检测的隐蔽信号。

9. 发明申请

US20070174614A1 Derivative seeds 有权
标题翻译：衍生种子
公开(公告)号：US20070174614A1
公开(公告)日：2007-07-26
申请号：US11357724
申请日：2006-02-17
申请人： William Duane , Jeffrey Hamel
发明人： William Duane , Jeffrey Hamel
IPC分类号： H04L9/00
CPC分类号： H04L9/0833 , G06F21/31 , G06F21/34 , G07C9/00015 , H04L9/0866 , H04L9/0869 , H04L9/0877 , H04L9/3213
摘要： A method of generating authentication seeds for a plurality of users, the method involving: based on a single master seed, generating a plurality of derivative seeds, each one for a corresponding different one of a plurality of users; and distributing the plurality of derivative seeds to a verifier for use in individually authenticating each of the plurality of users to that verifier, wherein generating each one of the plurality of derivative seeds involves mathematically combining the master seed and a unique identifier identifying the corresponding user.
摘要翻译：一种为多个用户生成认证种子的方法，所述方法包括：基于单个母种，生成多个衍生种子，每个种子种类用于多个用户中的相应不同的一个; 以及将所述多个衍生种子分发到验证器以用于将所述多个用户中的每一个单独认证用于所述验证者，其中生成所述多个衍生种子中的每一个的数学上涉及所述主种子和识别相应用户的唯一标识符。

10. 发明授权

US09860059B1 Distributing token records 有权
公开(公告)号：US09860059B1
公开(公告)日：2018-01-02
申请号：US13336056
申请日：2011-12-23
申请人： Christopher Duane , Robert S. Philpott , William Duane , Gareth Richards
发明人： Christopher Duane , Robert S. Philpott , William Duane , Gareth Richards
IPC分类号： H04L9/32 , H04L9/00 , H04L9/08 , H04L29/06
CPC分类号： H04L9/0869 , H04L9/0866 , H04L63/045 , H04L63/0838
摘要： A method and system for use in distributing token records is disclosed. At least one token record comprises a unique seed associated with a one-time password (OTP) token. An encryption key and a corresponding decryption key are generated for assisting selective encryption and decryption of a token record associated with a OTP token. The encryption key and the decryption key being unique to an end user of the token record. The token record is encrypted with the assistance of the encryption key. One of the decryption key and the encrypted token record is provided to the end user of the token record. The other of the decryption key and the encrypted token record is provided to the end user in response to secure receipt of the one of the decryption key and the encrypted token record by the end user. The encrypted token record can be decrypted with the assistance of the decryption key.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式