专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20060129797A1 Hardware-supported secure network boot 审中-公开
标题翻译：硬件支持的安全网络引导
公开(公告)号：US20060129797A1
公开(公告)日：2006-06-15
申请号：US11012513
申请日：2004-12-15
申请人： Glenn Durfee , Dirk Balfanz , Diana Kathryn Smetters , Paul Joseph Stewart
发明人： Glenn Durfee , Dirk Balfanz , Diana Kathryn Smetters , Paul Joseph Stewart
IPC分类号： G06F9/24
CPC分类号： G06F21/575
摘要： Systems and methods for establishing an authenticated and encrypted network connection in a boot protocol, and specifying the boot image to be loaded by a client, are disclosed. A hardware token or other portable medium, such as a USB drive or device, CD, mini-CD, or floppy diskette, is used to store authentication and/or identification information for a server. A client uses the information on the token to authenticate the network server upon initial connection to the network and request a boot image. Furthermore, the client and server may use the authentication information from the token to establish secure communications and mutually authenticate each other.
摘要翻译：公开了用于在引导协议中建立经认证和加密的网络连接以及指定由客户机加载的引导映像的系统和方法。使用诸如USB驱动器或设备，CD，mini-CD或软盘的硬件令牌或其他便携式介质来存储用于服务器的认证和/或识别信息。客户端使用令牌上的信息在初始连接到网络并验证启动映像时对网络服务器进行身份验证。此外，客户端和服务器可以使用来自令牌的认证信息来建立安全通信并相互认证。

2. 发明申请

US20050129240A1 Method and apparatus for establishing a secure ad hoc command structure 审中-公开
标题翻译：用于建立安全的自组织命令结构的方法和装置
公开(公告)号：US20050129240A1
公开(公告)日：2005-06-16
申请号：US10736323
申请日：2003-12-15
申请人： Dirk Balfanz , Diana Smetters , Glenn Durfee , Rebecca Grinter , Paul Stewart
发明人： Dirk Balfanz , Diana Smetters , Glenn Durfee , Rebecca Grinter , Paul Stewart
IPC分类号： H04L9/32 , H04L29/06 , H04K1/00
CPC分类号： H04L63/06 , H04L9/006 , H04L9/3265 , H04L63/0823 , H04L63/20 , H04L2209/80
摘要： We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used to quickly establish a secure credential infrastructure that can be used to secure ad-hoc and/or dynamic command and control operations such are needed for Incident Command Systems or other emergency response systems that require simplicity and rapid deployment among disparate responder teams.
摘要翻译：我们提供的技术允许外行电脑用户简单地创建，配置和维护安全的基础设施 - 即时PKI。该技术可用于快速建立安全凭证基础架构，可用于保护事件命令系统或其他紧急响应系统所需的临时和/或动态命令和控制操作，这些应急系统需要在不同响应者之间进行简单和快速部署团队

3. 发明申请

US20060085633A1 Using a portable security token to facilitate cross-certification between ceritification authorities 有权
标题翻译：使用便携式安全令牌来促进化学当局之间的交叉认证
公开(公告)号：US20060085633A1
公开(公告)日：2006-04-20
申请号：US10966749
申请日：2004-10-14
申请人： Dirk Balfanz , Glenn Durfee , Diana Smetters
发明人： Dirk Balfanz , Glenn Durfee , Diana Smetters
IPC分类号： H04L9/00
CPC分类号： G07F7/1008 , G06Q20/02 , G06Q20/341 , G06Q20/3829 , G06Q20/40975 , G07F7/1016 , H04L9/007 , H04L9/3234 , H04L9/3268
摘要： One embodiment of the present invention provides a system that uses a portable security token (PST) to facilitate cross-certification between a first certification authority (CA) and a second CA, wherein the first CA and associated subscriber devices constitute a first public-key infrastructure (PKI) domain, and wherein the second CA and associated subscriber devices constitute a second PKI domain. During operation, the system uses the PST to transfer certification information between the first CA and the second CA, wherein the PST communicates with the first CA and the second CA through a location-limited communication channel. Next, the system uses the certification information to issue a cross-certificate to the first CA. Note that the cross-certificate is signed by the second CA. Finally, the system propagates the cross-certificate from the first CA to the associated subscriber devices in the first PKI domain, thereby allowing the associated subscriber devices in the first PKI domain to authenticate themselves to the devices in the second PKI domain.
摘要翻译：本发明的一个实施例提供了一种使用便携式安全令牌（PST）来促进第一认证机构（CA）和第二CA之间的交叉认证的系统，其中第一CA和相关联的订户设备构成第一公钥基础设施（PKI）域，并且其中所述第二CA和相关联的订户设备构成第二PKI域。在操作期间，系统使用PST在第一CA和第二CA之间传送认证信息，其中PST通过位置限制通信信道与第一CA和第二CA通信。接下来，系统使用认证信息向第一CA发布交叉证书。请注意，交叉证书由第二个CA签署。最后，系统将交叉证书从第一CA传播到第一PKI域中的相关联的订户设备，从而允许第一PKI域中的相关联的订户设备向第二PKI域中的设备认证自身。

4. 发明申请

US20050287985A1 Using a portable security token to facilitate public key certification for devices in a network 有权
标题翻译：使用便携式安全令牌来促进网络中设备的公钥认证
公开(公告)号：US20050287985A1
公开(公告)日：2005-12-29
申请号：US10877477
申请日：2004-06-24
申请人： Dirk Balfanz , Glenn Durfee , Diana Smetters
发明人： Dirk Balfanz , Glenn Durfee , Diana Smetters
IPC分类号： G06F21/00 , H04M1/66
CPC分类号： G06F21/33 , G06F21/35 , G06F2221/2111 , G06F2221/2115 , G06F2221/2129
摘要： One embodiment of the present invention provides a system that uses a portable security token to facilitate public key certification for a target device in a network. During system operation, the portable security token is located in close physical proximity to the target device to allow the portable security token to communicate with the target device through a location-limited communication channel. During this communication, the portable security token receives an authenticator for the target device, and forms a ticket by digitally signing the authenticator with a key previously agreed upon by the portable security token and a certification authority (CA). Next, the portable security token sends the ticket to the target device, whereby the target device can subsequently present the ticket to the CA to prove that the target device is authorized to receive a credential from the CA.
摘要翻译：本发明的一个实施例提供了一种使用便携式安全令牌来促进网络中的目标设备的公钥认证的系统。在系统操作期间，便携式安全令牌位于与目标设备紧密物理接近处，以允许便携式安全令牌通过位置限制通信信道与目标设备进行通信。在该通信期间，便携式安全令牌接收用于目标设备的认证器，并通过使用便携式安全令牌和认证机构（CA）先前约定的密钥对认证器进行数字签名来形成机票。接下来，便携式安全令牌将票据发送到目标设备，由此目标设备可以随后向CA呈现票据，以证明目标设备被授权从CA接收证书。

5. 发明申请

US20070266164A1 PERSONAL DOMAIN CONTROLLER 有权
标题翻译：个人域控制器
公开(公告)号：US20070266164A1
公开(公告)日：2007-11-15
申请号：US11383144
申请日：2006-05-12
申请人： Dirk Balfanz , Diana Smetters , Glenn Durfee , Trevor Smith
发明人： Dirk Balfanz , Diana Smetters , Glenn Durfee , Trevor Smith
IPC分类号： G06F15/16
CPC分类号： H04L63/101 , H04L12/2803 , H04L12/2818 , H04L63/0823
摘要： A method of accessing a data resource identifies the data resource, the data resource accessible through a first device and associated with a resource locator, the first device configured to provide access to the data resource responsive to possession of a whitelisted credential. The method includes receiving a second-device credential from a second device by a personal domain controller, the personal domain controller and the first device within a first trusted relationship and provides, by the personal domain controller, the second-device credential to the first device for whitelisting subject to the first trusted relationship. The method uses, by the second device, the second-device credential to access the data resource responsive to the resource locator.
摘要翻译：访问数据资源的方法标识数据资源，数据资源可通过第一设备访问并与资源定位符相关联，第一设备被配置为响应于拥有白名单凭证提供对数据资源的访问。该方法包括由个人域控制器，个人域控制器和第一信任关系中的第一设备从第二设备接收第二设备凭证，并且由个人域控制器将第二设备凭证提供给第一设备将白名单列入第一个信任关系。该方法由第二设备使用第二设备凭证来响应于资源定位器来访问数据资源。

6. 发明申请

US20070130617A1 System and method for establishing temporary and permanent credentials for secure online commerce 有权
标题翻译：建立用于安全在线商务的临时和永久证书的系统和方法
公开(公告)号：US20070130617A1
公开(公告)日：2007-06-07
申请号：US11293402
申请日：2005-12-02
申请人： Glenn Durfee , Dirk Balfanz , Diana Smetters
发明人： Glenn Durfee , Dirk Balfanz , Diana Smetters
IPC分类号： H04L9/32
CPC分类号： G06F21/34 , G06F21/33 , G06Q20/12 , G06Q30/0603 , H04L9/321 , H04L9/3234 , H04L9/3265 , H04L9/3268 , H04L63/0823 , H04L63/0853 , H04L2209/56
摘要： One embodiment of the present invention provides a system for establishing temporary and permanent credentials for secure remote data access. The system includes a temporary smart card configured to provide a temporary credential for a first device, thereby providing the first device with temporary secure access to a remote data source when the temporary smart card is used with the first device. Additionally, the system includes an enrollment smart card configured to provide a permanent credential for a second device, thereby providing the second device with permanent secure access to the remote data source without presence of the enrollment smart card or the temporary smart card.
摘要翻译：本发明的一个实施例提供了一种用于建立用于安全远程数据访问的临时和永久凭证的系统。该系统包括被配置为为第一设备提供临时证书的临时智能卡，从而当临时智能卡与第一设备一起使用时，向第一设备提供对远程数据源的临时安全访问。此外，该系统包括被配置为为第二设备提供永久凭证的注册智能卡，从而在不存在注册智能卡或临时智能卡的情况下向第二设备提供对远程数据源的永久安全访问。

7. 发明申请

US20070019806A1 System and method for establishing secondary channels 有权
标题翻译：建立二级渠道的制度和方法
公开(公告)号：US20070019806A1
公开(公告)日：2007-01-25
申请号：US11528904
申请日：2006-09-28
申请人： Kenneth Conley , Dirk Balfanz , Bryan Pendleton , Diana Smetters , Glenn Durfee
发明人： Kenneth Conley , Dirk Balfanz , Bryan Pendleton , Diana Smetters , Glenn Durfee
IPC分类号： H04K1/10
CPC分类号： H04L63/061 , H04L63/18
摘要： A method for establishing a secondary communication channel between at least two computing devices over a network medium through use of a primary channel connects a first computing device with a first telephonic unit and a second computing device with a second telephonic unit. If the two telephonic units are in communication with each other over a primary channel, and communication channels are established between the computing devices and their respective telephonic units, then the first computing device transmits its location information to the second computing device over the primary channel. A connection is then established between the second computing device and the first computing device over a secondary communication channel.
摘要翻译：通过使用主信道在网络介质上在至少两个计算设备之间建立辅助通信信道的方法将第一计算设备与第一电话单元和第二计算设备与第二电话单元相连接。如果两个电话单元在主信道上彼此通信，并且在计算设备和它们各自的电话单元之间建立通信信道，则第一计算设备通过主信道将其位置信息发送到第二计算设备。然后通过辅助通信信道在第二计算设备和第一计算设备之间建立连接。

8. 发明申请

US20050125669A1 Method and apparatus for using a secure credential infrastructure to access vehicle components 失效
标题翻译：用于使用安全凭证基础设施来访问车辆部件的方法和装置
公开(公告)号：US20050125669A1
公开(公告)日：2005-06-09
申请号：US10837323
申请日：2004-04-30
申请人： Paul Stewart , Diana Smetters , Rebecca Grinter , Dirk Balfanz , Glenn Durfee , Hao-Chi Wong
发明人： Paul Stewart , Diana Smetters , Rebecca Grinter , Dirk Balfanz , Glenn Durfee , Hao-Chi Wong
IPC分类号： H04K1/00 , H04L9/00 , H04L29/06 , H04L29/08
CPC分类号： H04L67/125 , H04L63/0492 , H04L63/061 , H04L63/0823 , H04L63/12 , H04W12/04
摘要： We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including enabling secure communications to components of a vehicle, and enabling secure communications between the vehicle and associated infrastructure.
摘要翻译：我们提供的技术允许外行电脑用户简单地创建，配置和维护安全的基础设施 - 即时PKI。该技术可用于各种应用，包括实现与车辆组件的安全通信，以及实现车辆与相关基础设施之间的安全通信。

9. 发明申请

US20050100166A1 Systems and methods for authenticating communications in a network medium 审中-公开
标题翻译：用于在网络介质中认证通信的系统和方法
公开(公告)号：US20050100166A1
公开(公告)日：2005-05-12
申请号：US10703437
申请日：2003-11-10
申请人： Diana Smetters , Kenneth Conley , Bryan Pendleton , Glenn Durfee , Steve Cousins , Dirk Balfanz , Hadar Shemtov
发明人： Diana Smetters , Kenneth Conley , Bryan Pendleton , Glenn Durfee , Steve Cousins , Dirk Balfanz , Hadar Shemtov
IPC分类号： G09C1/00 , B23C5/10 , H04L9/32 , H04L29/06 , H04L9/00 , G06F11/30
CPC分类号： H04L63/08 , H04L63/0492 , H04L63/065 , H04L63/12
摘要： A location-limited channel is implemented using physical exchanges of physical tokens. The physical tokens are implemented using writeable or re-writeable storage media. Location-limited channels, when used to implement pre-authentication protocols, provide demonstrative identification and authenticity. A group originator loads pre-authentication information and a network location from a communication device onto the location-limited physical token channel. The location-limited physical token channel is passed to another participant, who copies the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre-authentication information and network location onto the location-limited physical token channel. This is repeated until the last participant passes the location-limited physical token channel back to the group originator. The originator thus has pre-authentication information and network locations for all other participants. The originator establishes secure communications with each participant based on the originator' and that participant's shared information.
摘要翻译：使用物理令牌的物理交换来实现位置限制信道。物理令牌使用可写或可重写的存储介质实现。位置限制通道用于实现预认证协议时，提供说明性识别和真实性。组发起者将来自通信设备的预认证信息和网络位置加载到位置限制的物理令牌信道上。位置限制物理令牌信道被传递给另一个参与者，他们将发起者的预认证信息和位置复制到该参与者的通信设备上。然后，该参与者将该参与者自己的预认证信息和网络位置添加到位置有限的物理令牌信道上。这是重复的，直到最后一个参与者将位置限制的物理令牌通道返回到组发起者。因此，发起者具有所有其他参与者的预认证信息和网络位置。发起人根据发起人和参与者的共享信息建立与每个参与者的安全通信。

10. 发明授权

US06898579B1 System, method and article of manufacture for contract term certification utilizing a network 失效
标题翻译：使用网络的合同期限认证的制度，方法和制造
公开(公告)号：US06898579B1
公开(公告)日：2005-05-24
申请号：US09544708
申请日：2000-04-06
申请人： Glenn Durfee , Matthew K. Franklin
发明人： Glenn Durfee , Matthew K. Franklin
IPC分类号： H04L9/32 , G06F17/60 , H04K1/00 , H04L9/00
CPC分类号： H04L9/3247 , G06Q50/188 , H04L9/321 , H04L9/3218 , H04L2209/56 , H04L2209/608
摘要： A system, method and article of manufacture are provided for certifying contracts utilizing a network. Initially, a first and second contract is received utilizing a network. Each contract includes a plurality of terms. It is then certified that the terms of the second contract are consistent with the terms of the first contract.
摘要翻译：提供了一种用于使用网络证明合同的系统，方法和制造品。最初，使用网络接收第一和第二契约。每个合同包括多个术语。然后证明第二份合同的条款与第一份合同的条款一致。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式