专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20080282315A1 Host control of partial trust accessibility 有权
标题翻译：主机控制部分信任可访问性
公开(公告)号：US20080282315A1
公开(公告)日：2008-11-13
申请号：US11801714
申请日：2007-05-10
申请人： Michael D. Downen , Raja Krishnaswamy , Charles William Kaufman , James S. Miller , Stephen Fisher
发明人： Michael D. Downen , Raja Krishnaswamy , Charles William Kaufman , James S. Miller , Stephen Fisher
IPC分类号： G06F17/00
CPC分类号： G06F21/52
摘要： Various technologies and techniques are disclosed for providing host control of partial trust accessibility. A framework allows libraries to be identified as partial trust callers allowed to indicate that the libraries are allowed to be called from partially trusted code by default. The framework allows libraries to be identified as partial trust callers enabled to indicate the libraries could be called from partially trusted code, but not by default. A hosting application is notified that a particular library has been loaded. If the particular library has been identified as partial trust callers allowed, then a determination is received from the hosting application on whether to remove or keep partial trust accessibility for the particular library. If the particular library has been identified as partial trust callers enabled, then a determination is received from the hosting application on whether or not to enable partial trust accessibility for the particular library.
摘要翻译：公开了各种技术和技术，用于提供部分信任可访问性的主机控制。框架允许将库识别为部分信任调用者，以允许默认情况下允许从部分受信任的代码调用库。框架允许将库识别为启用的部分信任调用者，以指示可以从部分受信任的代码调用库，但不会默认。通知托管应用程序已加载特定的库。如果特定图书馆已经被识别为允许的部分信任来电者，则从托管应用程序接收到是否删除或保留特定图书馆的部分信任可访问性的确定。如果特定库被识别为启用的部分信任调用者，则从托管应用程序接收是否启用特定库的部分信任可访问性的确定。

2. 发明授权

US08402532B2 Host control of partial trust accessibility 有权
标题翻译：主机控制部分信任可访问性
公开(公告)号：US08402532B2
公开(公告)日：2013-03-19
申请号：US11801714
申请日：2007-05-10
申请人： Michael D. Downen , Raja Krishnaswamy , Charles William Kaufman , James S. Miller , Stephen Fisher
发明人： Michael D. Downen , Raja Krishnaswamy , Charles William Kaufman , James S. Miller , Stephen Fisher
IPC分类号： G06F12/14 , G06F7/04 , G06F11/30 , G06F9/44 , H04L29/06
CPC分类号： G06F21/52
摘要： Various technologies and techniques are disclosed for providing host control of partial trust accessibility. A framework allows libraries to be identified as partial trust callers allowed to indicate that the libraries are allowed to be called from partially trusted code by default. The framework allows libraries to be identified as partial trust callers enabled to indicate the libraries could be called from partially trusted code, but not by default. A hosting application is notified that a particular library has been loaded. If the particular library has been identified as partial trust callers allowed, then a determination is received from the hosting application on whether to remove or keep partial trust accessibility for the particular library. If the particular library has been identified as partial trust callers enabled, then a determination is received from the hosting application on whether or not to enable partial trust accessibility for the particular library.
摘要翻译：公开了各种技术和技术，用于提供部分信任可访问性的主机控制。框架允许将库识别为部分信任调用者，以允许默认情况下允许从部分受信任的代码调用库。框架允许将库识别为启用的部分信任调用者，以指示可以从部分受信任的代码调用库，但不会默认。通知托管应用程序已加载特定的库。如果特定图书馆已经被识别为允许的部分信任来电者，则从主机应用程序接收到是否删除或保留特定图书馆的部分信任可访问性的确定。如果特定库被识别为启用的部分信任调用者，则从托管应用程序接收是否启用特定库的部分信任可访问性的确定。

3. 发明申请

US20100023767A1 API for Diffie-Hellman secret agreement 审中-公开
标题翻译： API为Diffie-Hellman秘密协议
公开(公告)号：US20100023767A1
公开(公告)日：2010-01-28
申请号：US11804357
申请日：2007-05-18
申请人： Michael D. Downen , Shawn Farkas , Charles William Kaufman
发明人： Michael D. Downen , Shawn Farkas , Charles William Kaufman
IPC分类号： H04L9/32
CPC分类号： H04L9/0841
摘要： Various technologies and techniques are disclosed for implementing a Diffie-Hellman secret agreement. An application programming interface is provided that is operable to allow a first computer to generate a Diffie-Hellman secret agreement for communicating securely with a second computer over an insecure channel. A get public key operation is performed upon receiving a request to perform the get public key operation. The get public key operation gets a public key of the first computer. A retrieval operation is performed upon receiving a request to perform the retrieval operation. The retrieval operation retrieves the Diffie-Hellman secret agreement upon supplying a public key of the second computer.
摘要翻译：披露了实施Diffie-Hellman秘密协议的各种技术和技术。提供了一种应用编程接口，其可操作以允许第一计算机生成用于通过不安全信道与第二计算机进行安全通信的Diffie-Hellman秘密协议。在接收到执行获取公共密钥操作的请求时执行获取公钥操作。获取公钥操作获得第一台计算机的公钥。在接收到执行检索操作的请求时执行检索操作。检索操作在提供第二台计算机的公钥时检索Diffie-Hellman秘密协议。

4. 发明授权

US09124431B2 Evidence-based dynamic scoring to limit guesses in knowledge-based authentication 有权
标题翻译：基于证据的动态评分来限制基于知识的认证中的猜测
公开(公告)号：US09124431B2
公开(公告)日：2015-09-01
申请号：US12466257
申请日：2009-05-14
申请人： Stuart Schechter , Yordan I. Rouskov , Cormac E. Herley , Charles William Kaufman
发明人： Stuart Schechter , Yordan I. Rouskov , Cormac E. Herley , Charles William Kaufman
IPC分类号： H04L9/32 , G06F17/27 , G06F21/31 , H04L12/759
CPC分类号： H04L9/3226 , G06F17/2785 , G06F17/2795 , G06F21/31 , H04L9/3218 , H04L45/028
摘要： Techniques to provide evidence-based dynamic scoring to limit guesses in knowledge based authentication are disclosed herein. In some aspects, an authenticator may receive an input from a user in response to a presentation of a personal question that enables user access to a restricted resource. The authenticator may determine that the input is not equivalent to a stored value, and thus is an incorrect input. The authenticator may then determine whether the input is similar to a previous input received from the user. A score may be assigned to the input. When the input is determined to be similar to the previous input, the score may be reduced. Another request for an input may be transmitted by the authenticator when a sum of the score and any previous scores of the session is less than a threshold.
摘要翻译：本文公开了提供基于证据的动态评分以限制基于知识的认证中的猜测的技术。在一些方面，认证者可以响应于允许用户访问受限资源的个人问题的呈现而从用户接收输入。认证器可以确定输入不等于存储的值，因此是不正确的输入。然后，认证器可以确定输入是否类似于从用户接收的先前输入。可以将分数分配给输入。当输入被确定为类似于先前的输入时，得分可能会降低。当比赛的总和和会话的任何先前得分小于阈值时，由认证者发送另一个输入请求。

5. 发明申请

US20080301780A1 ACCESS CONTROL NEGATION USING NEGATIVE GROUPS 有权
标题翻译：使用负面组的访问控制
公开(公告)号：US20080301780A1
公开(公告)日：2008-12-04
申请号：US11756393
申请日：2007-05-31
申请人： Carl Melvin Ellison , Paul J. Leach , Butler Wright Lampson , Melissa W. Dunn , Ravindra Nath Pandya , Charles William Kaufman
发明人： Carl Melvin Ellison , Paul J. Leach , Butler Wright Lampson , Melissa W. Dunn , Ravindra Nath Pandya , Charles William Kaufman
IPC分类号： G06F17/00
CPC分类号： G06F21/6218
摘要： The subject disclosure pertains to systems and methods that facilitate managing groups entities for access control. A negative group is defined using a base group, where the negative group associated with a base group includes any entities not included in the base group. Negative groups can be implemented using certificates rather than explicit lists of negative group members. A certificate can provide evidence of membership in the negative group and can be presented for evaluation to obtain access to resources. Subtraction groups can also be used to manage access to resources. A subtraction group can be defined as the members of a first group, excluding any members of a second group.
摘要翻译：本发明涉及便于管理组实体以进行访问控制的系统和方法。使用基组定义负组，其中与基组关联的负组包括未包括在基组中的任何实体。负组可以使用证书而不是负组成员的显式列表来实现。证书可以提供负组织成员的证据，并可以提供评估以获得资源。减法组也可用于管理对资源的访问。减法组可以定义为第一组的成员，不包括第二组的任何成员。

6. 发明授权

US08468579B2 Transformation of sequential access control lists utilizing certificates 有权
标题翻译：使用证书转换顺序访问控制列表
公开(公告)号：US08468579B2
公开(公告)日：2013-06-18
申请号：US11764034
申请日：2007-06-15
申请人： Carl Melvin Ellison , Paul J. Leach , Butler Wright Lampson , Melissa W. Dunn , Ravindra Nath Pandya , Charles William Kaufman
发明人： Carl Melvin Ellison , Paul J. Leach , Butler Wright Lampson , Melissa W. Dunn , Ravindra Nath Pandya , Charles William Kaufman
IPC分类号： G06F21/00
CPC分类号： H04L63/101 , H04L63/0823
摘要： The subject disclosure pertains to systems and methods that facilitate managing access control utilizing certificates. The systems and methods described herein are directed to mapping an access policy as expressed in an access control list to a set of certificates. The set of certificates can be used to grant access to resources in the manner described by the ACL. The certificates can be distributed to entities for use in obtaining access to resources. Entities can present certificates to resources as evidence of their right to access the resources. The access logic of the sequential ACL can be transformed or mapped to a set of order independent certificates. In particular, each entry, position of the entry in the list and any preceding entries can be analyzed. The analysis can be used to generate order independent certificates that provide access in accordance with the access policy communicated in the ACL.
摘要翻译：本发明涉及利用证书来管理访问控制的系统和方法。本文描述的系统和方法旨在将访问控制列表中表示的访问策略映射到一组证书。该证书集可用于以ACL所描述的方式授予对资源的访问权限。证书可以分发给实体以用于获取资源访问。实体可以向资源提供证书，作为获取资源的权利的证据。顺序ACL的访问逻辑可以转换或映射到一组与订单无关的证书。特别地，可以分析每个条目，列表中的条目的位置和任何前面的条目。该分析可用于生成根据ACL中传达的访问策略提供访问权限的独立凭证。

7. 发明申请

US20100293608A1 EVIDENCE-BASED DYNAMIC SCORING TO LIMIT GUESSES IN KNOWLEDGE-BASED AUTHENTICATION 有权
标题翻译：基于知识的动态评分限制了基于知识的认证
公开(公告)号：US20100293608A1
公开(公告)日：2010-11-18
申请号：US12466257
申请日：2009-05-14
申请人： Stuart Schechter , Yordan I. Rouskov , Cormac E. Herley , Charles William Kaufman
发明人： Stuart Schechter , Yordan I. Rouskov , Cormac E. Herley , Charles William Kaufman
IPC分类号： H04L9/32 , G06F17/30
CPC分类号： H04L9/3226 , G06F17/2785 , G06F17/2795 , G06F21/31 , H04L9/3218 , H04L45/028
摘要： Techniques to provide evidence-based dynamic scoring to limit guesses in knowledge based authentication are disclosed herein. In some aspects, an authenticator may receive an input from a user in response to a presentation of a personal question that enables user access to a restricted resource. The authenticator may determine that the input is not equivalent to a stored value, and thus is an incorrect input. The authenticator may then determine whether the input is similar to a previous input received from the user. A score may be assigned to the input. When the input is determined to be similar to the previous input, the score may be reduced. Another request for an input may be transmitted by the authenticator when a sum of the score and any previous scores of the session is less than a threshold.
摘要翻译：本文公开了提供基于证据的动态评分以限制基于知识的认证中的猜测的技术。在一些方面，认证者可以响应于允许用户访问受限资源的个人问题的呈现而从用户接收输入。认证器可以确定输入不等于存储的值，因此是不正确的输入。然后，认证器可以确定输入是否类似于从用户接收的先前输入。可以将分数分配给输入。当输入被确定为类似于先前的输入时，得分可能会降低。当比赛的总和和会话的任何先前得分小于阈值时，认证者可以发送对输入的另一请求。

8. 发明申请

US20080313712A1 TRANSFORMATION OF SEQUENTIAL ACCESS CONTROL LISTS UTILIZING CERTIFICATES 有权
标题翻译：使用证书的顺序访问控制列表的转换
公开(公告)号：US20080313712A1
公开(公告)日：2008-12-18
申请号：US11764034
申请日：2007-06-15
申请人： Carl Melvin Ellison , Paul J. Leach , Butler Wright Lampson , Melissa W. Dunn , Ravindra Nath Pandya , Charles William Kaufman
发明人： Carl Melvin Ellison , Paul J. Leach , Butler Wright Lampson , Melissa W. Dunn , Ravindra Nath Pandya , Charles William Kaufman
IPC分类号： H04L9/32
CPC分类号： H04L63/101 , H04L63/0823
摘要： The subject disclosure pertains to systems and methods that facilitate managing access control utilizing certificates. The systems and methods described herein are directed to mapping an access policy as expressed in an access control list to a set of certificates. The set of certificates can be used to grant access to resources in the manner described by the ACL. The certificates can be distributed to entities for use in obtaining access to resources. Entities can present certificates to resources as evidence of their right to access the resources. The access logic of the sequential ACL can be transformed or mapped to a set of order independent certificates. In particular, each entry, position of the entry in the list and any preceding entries can be analyzed. The analysis can be used to generate order independent certificates that provide access in accordance with the access policy communicated in the ACL.
摘要翻译：本发明涉及利用证书来管理访问控制的系统和方法。本文描述的系统和方法旨在将访问控制列表中表示的访问策略映射到一组证书。该证书集可用于以ACL所描述的方式授予对资源的访问权限。证书可以分发给实体以用于获取资源访问。实体可以向资源提供证书，作为获取资源的权利的证据。顺序ACL的访问逻辑可以转换或映射到一组与订单无关的证书。特别地，可以分析每个条目，列表中的条目的位置和任何前面的条目。该分析可用于生成根据ACL中传达的访问策略提供访问权限的独立凭证。

9. 发明授权

US5666415A Method and apparatus for cryptographic authentication 失效
标题翻译：用于加密认证的方法和装置
公开(公告)号：US5666415A
公开(公告)日：1997-09-09
申请号：US508766
申请日：1995-07-28
申请人： Charles William Kaufman
发明人： Charles William Kaufman
IPC分类号： H04L9/32 , H04K1/00
CPC分类号： H04L9/3226 , H04L9/3236 , H04L2209/60
摘要： Method for providing user authentication and a memory for storing a computer program for providing user authentication are described. The method includes the steps of providing a first argument including a one-way cryptographic transformation of a password and a second argument including a one-way cryptographic transformation of a cryptographic combination of the password and a first nonce, computing a first term using the first argument and computing a second term using the first nonce, and comparing the second term with the second argument. The memory storing a computer program, the computer program including, means for providing a first argument including a one-way cryptographic transformation of a password and a second argument including a one-way cryptographic transformation of a cryptographic combination of the password and a first nonce, means for computing a first term using the first argument and computing a second term using the first nonce, and means for comparing the second term with the second argument.
摘要翻译：描述了用于提供用户认证的方法和用于存储用于提供用户认证的计算机程序的存储器。该方法包括以下步骤：提供包括密码的单向加密变换的第一参数和包括密码和第一随机数的密码组合的单向密码变换的第二参数，使用第一个参数，并使用第一个随机数计算第二项，并将第二项与第二个参数进行比较。存储计算机程序的存储器，所述计算机程序包括用于提供第一参数的装置，所述第一参数包括密码的单向密码转换和第二参数，所述第二参数包括密码的密码组合和第一随机数的单向密码变换，用于使用所述第一参数计算第一项并使用所述第一随机数来计算第二项的装置，以及用于将所述第二项与所述第二参数进行比较的装置。

10. 发明授权

US08706635B2 Use of licensed content without identification thereof 有权
标题翻译：使用许可内容而无需识别
公开(公告)号：US08706635B2
公开(公告)日：2014-04-22
申请号：US11247751
申请日：2005-10-11
申请人： Charles William Kaufman
发明人： Charles William Kaufman
IPC分类号： G06F21/00
CPC分类号： H04N21/4627 , G06F21/10 , H04N7/1675 , H04N7/17318 , H04N21/2541 , H04N21/25866 , H04N21/25875 , H04N21/41407 , H04N21/4143 , H04N21/63775 , H04N21/835
摘要： A content key (CK) to decrypt a piece of encrypted content is obtained encrypted according to a public key of a licensor (PU-L) to result in (PU-L(CK)). (PU-L(CK)) is obscured according to (PU-L) and a value R to result in Obs (PU-L(CK)), and Obs (PU-L(CK)) is sent to the licensor, which applies a private key (PR-L) corresponding to (PU-L) to Obs (PU-L(CK)) to result in Obs (CK) as an obscured version of (CK). Obs (CK) is received from the licensor; and (CK) is obtained from Obs (CK) based on applying R thereto. The licensor cannot identify from Obs (PU-L(CK)) or from Obs (CK) the encrypted content or the content key (CK) from which the encrypted content may be identified.
摘要翻译：根据许可方（PU-L）的公开密钥获得加密的内容密钥（CK），以得到（PU-L（CK））。（PU-L（CK））根据（PU-L）被遮蔽，导致Obs（PU-L（CK））和Obs（PU-L（CK））的值R被发送给许可方，其将对应于（PU-L）的私钥（PR-L）应用于Obs（PU-L（CK）），以将Obs（CK）作为（CK）的模糊版本。从许可人那里收到臭名昭着（CK）; 并且（CK）基于向其施加R从Obs（CK）获得。许可人不能从Obs（PU-L（CK））或Obs（CK）识别加密内容或内容密钥（CK），从中可以识别加密内容。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式