专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US5224163A Method for delegating authorization from one entity to another through the use of session encryption keys 失效
标题翻译：通过使用会话加密密钥将授权从一个实体委派给另一个实体的方法
公开(公告)号：US5224163A
公开(公告)日：1993-06-29
申请号：US589925
申请日：1990-09-28
申请人： Morrie Gasser , Andrew C. Goldstein , Charles W. Kaufman , Butler W. Lampson
发明人： Morrie Gasser , Andrew C. Goldstein , Charles W. Kaufman , Butler W. Lampson
IPC分类号： G06F21/00 , H04L9/32
CPC分类号： H04L9/3271 , G06F21/335 , G06F21/6218 , H04L9/3247 , H04L9/3263 , G06F2221/2141 , G06F2221/2153 , H04L2209/38
摘要： A method for delegating authorization from one entity in a distributed computing system to another for a computing session is disclosed wherein a session public/private encryption key pair is utilized for each computing session. The private encryption key is erased to terminate the computing session.
摘要翻译：公开了一种用于将分配计算系统中的一个实体授权给用于计算会话的另一个实体的方法，其中会话公共/专用加密密钥对用于每个计算会话。专用加密密钥被擦除以终止计算会话。

2. 发明授权

US5220604A Method for performing group exclusion in hierarchical group structures 失效
标题翻译：在分层组结构中执行组排除的方法
公开(公告)号：US5220604A
公开(公告)日：1993-06-15
申请号：US589924
申请日：1990-09-28
申请人： Morrie Gasser , Andrew C. Goldstein , Charles W. Kaufman
发明人： Morrie Gasser , Andrew C. Goldstein , Charles W. Kaufman
IPC分类号： G06F1/00 , G06F21/00 , H04L9/30
CPC分类号： G06F21/6281 , H04L9/3249 , H04L9/3263 , H04L9/3271 , Y10S707/99939
摘要： A method for denying a first group access to a system resource wherein a second group is selected such that the first group is a subgroup of the second group. Access is granted only to those members of the second group who do not derive their membership in the second group through their membership in the first group.
摘要翻译：一种拒绝对系统资源的第一组访问的方法，其中选择第二组以使得第一组是第二组的子组。访问权仅授予第二组通过其第一组成员组成第二组的成员的成员。

3. 发明授权

US5418854A Method and apparatus for protecting the confidentiality of passwords in a distributed data processing system 失效
标题翻译：用于在分布式数据处理系统中保护密码的机密性的方法和装置
公开(公告)号：US5418854A
公开(公告)日：1995-05-23
申请号：US875050
申请日：1992-04-28
申请人： Charles W. Kaufman , Morrie Gasser , Butler W. Lampson , Joseph J. Tardo , Kannan Alagappan
发明人： Charles W. Kaufman , Morrie Gasser , Butler W. Lampson , Joseph J. Tardo , Kannan Alagappan
IPC分类号： G06F1/00 , G06F21/00 , H04K1/00
CPC分类号： G06F21/79 , G06F21/335 , G06F21/85 , H04L9/0822 , H04L9/0825 , H04L9/0863 , H04L9/3226 , H04L9/3236 , G06F2221/2143
摘要： Apparatus for protecting the confidentiality of a user's password during a remote login authentication exchange between a user node and a directory service node of a distributed, public key cryptography system includes a specialized server application functioning as an intermediary agent for the login procedure. The login agent has responsibility for approving the user's login attempt and distributing a private key to the user. However, the login agent is not trusted with the user's password and is therefore a "semi-trusted" node. In another aspect of the invention, a login protocol enables remote authentication of the user password without transmitting the password over the network.
摘要翻译：在用户节点和分布式公钥密码系统的目录服务节点之间的远程登录认证交换期间保护用户密码的机密性的装置包括用作登录过程的中介代理的专用服务器应用。登录代理有责任批准用户登录尝试并向用户分配私钥。但是，登录代理不被用户的密码信任，因此是“半信任”节点。在本发明的另一方面，登录协议允许远程认证用户密码，而不通过网络传输密码。

4. 发明授权

US5373559A System for increasing the difficulty of password guessing attacks in a distributed authentication scheme employing authentication tokens 失效
标题翻译：在采用认证令牌的分布式认证方案中增加密码猜测攻击难度的系统
公开(公告)号：US5373559A
公开(公告)日：1994-12-13
申请号：US34225
申请日：1993-03-18
申请人： Charles W. Kaufman , Radia J. Pearlman , Morrie Gasser
发明人： Charles W. Kaufman , Radia J. Pearlman , Morrie Gasser
IPC分类号： G06F1/00 , G06F21/33 , G06F21/34 , H04L9/08 , H04L9/32 , H04K1/00
CPC分类号： G06F21/34 , G06F21/335 , G06F2221/2103 , G06F2221/2151 , H04L9/0877 , H04L9/3226 , H04L9/3234 , H04L9/3236 , H04L9/3271
摘要： An improved security system inhibits eavesdropping, dictionary attacks, and intrusion into stored password lists. In one implementation, the user provides a workstation with a "password", and a "token" obtained from a passive authentication token generator. The workstation calculates a "transmission code" by performing a first hashing algorithm upon the password and token. The workstation sends the transmission code to the server. Then, the server attempts to reproduce the transmission code by combining passwords from a stored list with tokens generated by a second identical passive authentication token generator just prior to receipt of the transmission code. If any password/token combination yields the transmission code, the workstation is provided with a message useful in communicating with a desired computing system; the message is encrypted with a session code calculated by applying a different hashing algorithm to the password and token. In another embodiment, the workstation transmits a user name to the authentication server. The server verifies the user name's validity, and uses an active authentication token generator to obtain a "response" to an arbitrarily selected challenge. The server generates a session code by performing a hashing algorithm upon the response and the password. The server sends the challenge and a message encrypted with the session code to the workstation. The workstation generates the session code by performing the hashing algorithm on the password and the received challenge, and uses the session code to decrypt the encrypted message. The message is useful in communicating with a desired computing system.
摘要翻译：改进的安全系统禁止窃听，字典攻击和入侵存储的密码列表。在一个实现中，用户向工作站提供“密码”和从被动认证令牌生成器获得的“令牌”。工作站通过对密码和令牌执行第一散列算法来计算“传输代码”。工作站将传输代码发送到服务器。然后，服务器尝试通过将来自存储的列表的密码与在接收到传输代码之前由第二相同的被动认证令牌发生器产生的令牌组合来再现传输代码。如果任何密码/令牌组合产生传输代码，则工作站被提供有用于与期望的计算系统进行通信的消息; 使用通过对密码和令牌应用不同散列算法计算的会话代码来加密该消息。在另一实施例中，工作站向认证服务器发送用户名。服务器验证用户名的有效性，并使用活动的认证令牌生成器来获得对任意选择的挑战的“响应”。服务器通过响应和密码执行散列算法生成会话代码。服务器将该挑战和使用会话代码加密的消息发送到工作站。工作站通过对密码和接收到的质询执行散列算法来生成会话代码，并使用会话代码解密加密的消息。该消息在与期望的计算系统通信中是有用的。

5. 发明授权

US5497421A Method and apparatus for protecting the confidentiality of passwords in a distributed data processing system 失效
公开(公告)号：US5497421A
公开(公告)日：1996-03-05
申请号：US314181
申请日：1994-09-28
申请人： Charles W. Kaufman , Morrie Gasser , Butler W. Lampson , Joseph J. Tardo , Kannan Alagappan
发明人： Charles W. Kaufman , Morrie Gasser , Butler W. Lampson , Joseph J. Tardo , Kannan Alagappan
IPC分类号： G06F1/00 , G06F21/00 , H04K1/00
CPC分类号： G06F21/79 , G06F21/335 , G06F21/85 , H04L9/0822 , H04L9/0825 , H04L9/0863 , H04L9/3226 , H04L9/3236 , G06F2221/2143
摘要： Apparatus for protecting the confidentiality of a user's password during a remote login authentication exchange between a user node and a directory service node of a distributed, public key cryptography system includes a specialized server application functioning as an intermediary agent for the login procedure. The login agent has responsibility for approving the user's login attempt and distributing a private key to the user. However, the login agent is not trusted with the user's password and is therefore a "semi-trusted" node. In another aspect of the invention, a login protocol enables remote authentication of the user password without transmitting the password over the network.

6. 发明授权

US5491752A System for increasing the difficulty of password guessing attacks in a distributed authentication scheme employing authentication tokens 失效
标题翻译：在采用认证令牌的分布式认证方案中增加密码猜测攻击难度的系统
公开(公告)号：US5491752A
公开(公告)日：1996-02-13
申请号：US300576
申请日：1994-09-02
申请人： Charles W. Kaufman , Radia J. Pearlman , Morrie Gasser
发明人： Charles W. Kaufman , Radia J. Pearlman , Morrie Gasser
IPC分类号： G06F1/00 , G06F21/33 , G06F21/34 , H04L9/08 , H04L9/32 , H04K1/00
CPC分类号： G06F21/34 , G06F21/335 , H04L9/0877 , H04L9/3226 , H04L9/3234 , H04L9/3236 , H04L9/3271 , G06F2221/2103 , G06F2221/2151
摘要： An improved security system inhibits eavesdropping, dictionary attacks, and intrusion into stored password lists. In one implementation, the user provides a workstation with a "password", and a "token" obtained from a passive authentication token generator. The workstation calculates a "transmission code" by performing a first hashing algorithm upon the password and token. The workstation sends the transmission code to the server. Then, the server attempts to reproduce the transmission code by combining passwords from a stored list with tokens generated by a second identical passive authentication token generator just prior to receipt of the transmission code. If any password/token combination yields the transmission code, the workstation is provided with a message useful in communicating with a desired computing system; the message is encrypted with a session code calculated by applying a different hashing algorithm to the password and token. In another embodiment, the workstation transmits a user name to the authentication server. The server verifies the user name's validity, and uses an active authentication token generator to obtain a "response" to an arbitrarily selected challenge. The server generates a session code by performing a hashing algorithm upon the response and the password. The server sends the challenge and a message encrypted with the session code to the workstation. The workstation generates the session code by performing the hashing algorithm on the password and the received challenge, and uses the session code to decrypt the encrypted message. The message is useful in communicating with a desired computing system.
摘要翻译：改进的安全系统禁止窃听，字典攻击和入侵存储的密码列表。在一个实现中，用户向工作站提供“密码”和从被动认证令牌生成器获得的“令牌”。工作站通过对密码和令牌执行第一散列算法来计算“传输代码”。工作站将传输代码发送到服务器。然后，服务器尝试通过将来自存储的列表的密码与在接收到传输代码之前由第二相同的被动认证令牌发生器产生的令牌组合来再现传输代码。如果任何密码/令牌组合产生传输代码，则工作站被提供有用于与期望的计算系统进行通信的消息; 使用通过对密码和令牌应用不同散列算法计算的会话代码来加密该消息。在另一实施例中，工作站向认证服务器发送用户名。服务器验证用户名的有效性，并使用活动的认证令牌生成器来获得对任意选择的挑战的“响应”。服务器通过响应和密码执行散列算法生成会话代码。服务器将该挑战和使用会话代码加密的消息发送到工作站。工作站通过对密码和接收到的质询执行散列算法来生成会话代码，并使用会话代码解密加密的消息。该消息在与期望的计算系统通信中是有用的。

7. 发明授权

US5235644A Probabilistic cryptographic processing method 失效
标题翻译：概率密码处理方法
公开(公告)号：US5235644A
公开(公告)日：1993-08-10
申请号：US546614
申请日：1990-06-29
申请人： Amar Gupta , Butler W. Lampson , William R. Hawe , Joseph J. Tardo , Charles W. Kaufman , Mark F. Kempf , Morrie Gasser , B. J. Herbison
发明人： Amar Gupta , Butler W. Lampson , William R. Hawe , Joseph J. Tardo , Charles W. Kaufman , Mark F. Kempf , Morrie Gasser , B. J. Herbison
IPC分类号： H04L29/02
CPC分类号： H04L29/02
摘要： A decryption method, and associated cryptographic processor, for performing in-line decryption of information frames received from a communication network through a first in-line processing stage. As an information packet is streamed into the cryptographic processor, a determination is made to an acceptable level of probability whether the packet contains data that should be decrypted. The decision whether or not decrypt is made by analyzing the incoming packet header, recognizing a limited number of packet formats, and further parsing the packet to locate any encrypted data and to make sure that the packet is not a segment of a larger message. Falsely decrypted packets are looped back through the cryptographic processor, to regenerate the data that was falsely decrypted. Decryption and encryption are performed in such a manner that a false decryption is completely reversible without loss of data. Special treatment is provided for packets containing data that cannot be divided into an integral number of standard blocks required for decryption processing.
摘要翻译：一种解密方法和相关联的密码处理器，用于通过第一串联处理级来执行从通信网络接收的信息帧的在线解密。当信息分组被流传输到密码处理器中时，确定分组是否包含应被解密的数据的可接受概率水平。通过分析进入的分组报头，识别有限数量的分组格式以及进一步解析分组以定位任何加密的数据并确保分组不是更大的消息的分段来进行解密的决定。虚假解密的数据包通过密码处理器环回，以重新生成被错误解密的数据。执行解密和加密，使得假解密完全可逆而不丢失数据。对于包含不能被分解为解密处理所需的整数个标准块的数据的数据包，提供特殊处理。

8. 发明授权

US07912995B1 Managing SAS topology 有权
标题翻译：管理SAS拓扑
公开(公告)号：US07912995B1
公开(公告)日：2011-03-22
申请号：US12004167
申请日：2007-12-20
申请人： Matthew Long , Morrie Gasser , Brian Parry
发明人： Matthew Long , Morrie Gasser , Brian Parry
IPC分类号： G06F13/10
CPC分类号： G06F13/385 , G06F11/142 , G06F11/3031 , G06F11/3034 , G06F11/3051 , G06F11/3055 , G06F2201/81 , G06F2213/0028
摘要： SAS topology is managed. Internally within a SAS device on a SAS network, a performance characteristic of a PHY of the SAS device is monitored. Internally within the SAS device, it is determined, based on the performance characteristic, that the PHY has a problem, and, based on the determination, the PHY is affected to help prevent the PHY from adversely affecting communications on the SAS network.
摘要翻译： SAS拓扑被管理。在SAS网络中的SAS设备内部，监视SAS设备的PHY的性能特性。在SAS设备内部，基于性能特性确定PHY具有问题，并且基于该确定，影响PHY以帮助防止PHY对SAS网络上的通信造成不利影响。

9. 发明授权

US07401137B1 Methods and apparatus for application of management actions to resources sharing relationships 有权
标题翻译：管理行动应用于资源共享关系的方法和手段
公开(公告)号：US07401137B1
公开(公告)日：2008-07-15
申请号：US10750336
申请日：2003-12-31
申请人： Morrie Gasser , Jeffrey Alexander , Urayoan Irizarry , Subhash Vanga
发明人： Morrie Gasser , Jeffrey Alexander , Urayoan Irizarry , Subhash Vanga
IPC分类号： G06F15/173
CPC分类号： H04L41/0893 , H04L41/08 , H04L41/12 , H04L41/22
摘要： In a network management application, a system applies a management action to a resource by receiving a selection of a resource representation in a network environment that represents a resource to which a management action is to be applied. The system applies a series of resource traversal functions to a repository containing objects representative of network resources in the network environment. The traversal functions identify a set of action affected resources in the network environment existing along a set of relationship paths extending to at least one storage device that have a current allocation relationship to the selected resource. The system presents a representation of the set of allocated resources in the network environment to a user of the management application. The representation of action-affected resources informs the user of resources within the storage area network that are currently in an functional relationship with the selected resource to which a management action is to be applied and that may be affected if the management action is to be applied to the selected resource.
摘要翻译：在网络管理应用中，系统通过在表示要应用管理动作的资源的网络环境中接收到资源表示的选择来向资源应用管理动作。该系统将一系列资源遍历功能应用于包含网络环境中代表网络资源的对象的资源库。遍历功能识别沿着一组关系路径存在的网络环境中的一组动作受影响的资源，所述一组关系路径延伸到至少一个具有与所选资源的当前分配关系的存储设备。该系统向管理应用的用户呈现网络环境中所分配的资源集合的表示。受行动影响的资源的表示通知用户存储区域网络内当前处于与要应用管理动作的所选资源的功能关系的资源，并且如果要应用管理动作可能会影响资源到所选资源。

10. 发明申请

US20070073909A1 SAS discovery in RAID data storage systems 审中-公开
标题翻译： SAS数据存储系统中的SAS发现
公开(公告)号：US20070073909A1
公开(公告)日：2007-03-29
申请号：US11239594
申请日：2005-09-29
申请人： Morrie Gasser
发明人： Morrie Gasser
IPC分类号： G06F3/00
CPC分类号： G06F1/206
摘要： Serial Attached SCSI (“SAS”) discovery is performed. Probing is performed from first and second ports of a SAS expander device. It is determined that the first port leads to a SAS initiator and that the second port does not lead to any SAS initiator. The first port is set to serve as a subtractive port for the SAS expander device.
摘要翻译：执行串行连接SCSI（“SAS”）发现。从SAS扩展器设备的第一和第二端口执行探测。确定第一个端口通向SAS启动器，第二个端口不会导致任何SAS启动器。第一个端口设置为SAS扩展器设备的减法端口。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式