专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09002750B1 Methods and systems for secure user authentication 有权
标题翻译：用于安全用户认证的方法和系统
公开(公告)号：US09002750B1
公开(公告)日：2015-04-07
申请号：US11789054
申请日：2007-04-23
申请人： Ronald King-Hang Chu , Mark Kogen , Warren Tan , Simon Ma , Yosif Smushkovich , Gerry Glindro , Jeffrey William Coyte Nicholas
发明人： Ronald King-Hang Chu , Mark Kogen , Warren Tan , Simon Ma , Yosif Smushkovich , Gerry Glindro , Jeffrey William Coyte Nicholas
IPC分类号： G06Q20/00 , G06Q20/40 , G06F21/12
CPC分类号： G06Q20/4012 , G06F21/123 , G06F21/31 , H04L63/0838 , H04L63/168 , H04L2463/102 , H04W12/04 , H04W12/06 , H04W88/02
摘要： For secure user authentication using a one-time password (OTP) application is pre-stored on a device for generating a OTP value responsive to entry of a valid PIN, no part of the PIN is stored on the device and pre-storing on a server the PIN and a valid shared secret for the user. Upon receiving entry a purported PIN, a purported shared secret is dynamically synthesized on the device by the OTP application based on the purported PIN of the user and a purported OTP value is generated based on the purported shared secret. When entry of the purported OTP value is received by the server in an attempt to log on the server from another device, the server cryptographically calculates a purported shared secret based on the purported OTP value, and log on to the server from the other device is allowed if the calculated purported shared secret corresponds to the pre-stored shared secret.
摘要翻译：对于使用一次性密码（OTP）应用程序的安全用户认证，预先存储在用于响应于输入有效PIN的生成OTP值的设备上，不将PIN的一部分存储在设备上并预存在为用户服务PIN和有效的共享密钥。在接收到输入的声称的PIN后，根据用户的所声称的PIN由OTP应用在设备上动态合成所声称的共享秘密，并且基于所声明的共享秘密生成所声称的OTP值。当服务器接收到所声称的OTP值的输入以尝试从另一设备登录服务器时，服务器根据所声称的OTP值加密地计算出所声称的共享密钥，并且从其他设备登录到服务器如果计算出的所声称的共享秘密对应于预先存储的共享密钥，则允许该数据。

2. 发明授权

US09768963B2 Methods and systems for secure user authentication 有权
公开(公告)号：US09768963B2
公开(公告)日：2017-09-19
申请号：US13019333
申请日：2011-02-02
申请人： Ronald King-Hang Chu , Mark Kogen , Warren Tan , Simon Ma , Yosif Smushkovich , Gerry Glindro , Jeffrey William Coyte Nicholas
发明人： Ronald King-Hang Chu , Mark Kogen , Warren Tan , Simon Ma , Yosif Smushkovich , Gerry Glindro , Jeffrey William Coyte Nicholas
IPC分类号： G06Q20/00 , H04L9/32
CPC分类号： H04L9/3228
摘要： Methods and systems for secure user authentication using a OTP involve, for example, pre-storing a OTP application on a first computing device for generating a valid OTP value for the user responsive to receiving entry of a valid PIN value of the user, no part of the valid PIN value is stored on the first computing device and pre-storing on a back-end server the valid PIN value and a valid shared secret for the user. Upon receiving entry of a purported PIN value of the user, a purported shared secret is dynamically synthesized on the first computing device by the OTP application based on the purported PIN value of the user and a purported OTP value is generated on the first computing device. When entry of the purported OTP value is received by the back-end server in an attempt to log on the back-end server from a second computing device, the back-end server cryptographically calculates a window of OTP values, and log on to the back-end server from the second computing device is allowed if the calculated window of OTP values corresponds to the received OTP value.

3. 发明申请

US20110197266A1 METHODS AND SYSTEMS FOR SECURE USER AUTHENTICATION 有权
标题翻译：确保用户认证的方法和系统
公开(公告)号：US20110197266A1
公开(公告)日：2011-08-11
申请号：US13019333
申请日：2011-02-02
申请人： Ronald King-Hang CHU , Mark Kogen , Warren Tan , Simon Ma , Yosif Smushkovich , Gerry Glindro , Jeffrey William Coyte Nicholas
发明人： Ronald King-Hang CHU , Mark Kogen , Warren Tan , Simon Ma , Yosif Smushkovich , Gerry Glindro , Jeffrey William Coyte Nicholas
IPC分类号： H04L9/32
CPC分类号： H04L9/3228
摘要： Methods and systems for secure user authentication using a OTP involve, for example, pre-storing a OTP application on a first computing device for generating a valid OTP value for the user responsive to receiving entry of a valid PIN value of the user, no part of the valid PIN value is stored on the first computing device and pre-storing on a back-end server the valid PIN value and a valid shared secret for the user. Upon receiving entry of a purported PIN value of the user, a purported shared secret is dynamically synthesized on the first computing device by the OTP application based on the purported PIN value of the user and a purported OTP value is generated on the first computing device. When entry of the purported OTP value is received by the back-end server in an attempt to log on the back-end server from a second computing device, the back-end server cryptographically calculates a window of OTP values, and log on to the back-end server from the second computing device is allowed if the calculated window of OTP values corresponds to the received OTP value.
摘要翻译：用于使用OTP的安全用户认证的方法和系统涉及例如在第一计算设备上预先存储OTP应用，用于响应于接收到用户的有效PIN值的输入而生成用户的有效OTP值，的有效PIN值存储在第一计算设备上，并且在后端服务器上预存储用户的有效PIN值和有效的共享秘密。在接收到用户的所声明的PIN值的输入时，基于所声称的用户的PIN值，OTP应用在第一计算设备上动态地合成所声称的共享秘密，并且在第一计算设备上生成所声称的OTP值。当后端服务器接收到所声称的OTP值的输入以尝试从第二计算设备登录后端服务器时，后端服务器密码地计算OTP值的窗口，并登录到如果所计算的OTP值的窗口对应于接收到的OTP值，则允许来自第二计算设备的后端服务器。

4. 发明授权

US07904946B1 Methods and systems for secure user authentication 有权
标题翻译：用于安全用户认证的方法和系统
公开(公告)号：US07904946B1
公开(公告)日：2011-03-08
申请号：US11636839
申请日：2006-12-11
申请人： Ronald King-Hang Chu , Mark Kogen , Warren Tan , Simon Ma , Yosif Smushkovich , Gerry Glindro , Jeffrey William Coyte Nicholas
发明人： Ronald King-Hang Chu , Mark Kogen , Warren Tan , Simon Ma , Yosif Smushkovich , Gerry Glindro , Jeffrey William Coyte Nicholas
IPC分类号： H04L29/00
CPC分类号： H04L63/067 , H04L63/083 , H04L63/0838 , H04L2463/102 , H04W12/04 , H04W12/06 , H04W88/02
摘要： Methods and systems for secure user authentication utilizes OTP generation and validation techniques in which the shared secret for generating the OTP is not stored in the user's mobile device but instead is dynamically synthesized based on a PIN that activates the OTP generation and the personalized OTP data. The client software has no knowledge of what the correct PIN should be and always generates a normal looking OTP based on whatever PIN is entered, and the only way to learn whether or not the OTP is correct is to submit it during user login. By limiting the number of failed login attempts before the account is locked, brute-force attacks via the online channel will fail, and further, brute-force attacks to uncover the correct PIN for generating the correct OTP offline will also fail even if a hacker steals the user's mobile device and extracts the data inside for offline hacking, because there is nothing on the client that contains the PIN or encrypted by the PIN.
摘要翻译：用于安全用户认证的方法和系统利用OTP生成和验证技术，其中用于生成OTP的共享秘密不存储在用户的移动设备中，而是基于激活OTP生成和个性化OTP数据的PIN来动态合成。客户端软件不知道正确的PIN应该是什么，并且总是基于输入的任何PIN生成正常的OTP，并且了解OTP是否正确的唯一方法是在用户登录期间提交它。通过限制帐户被锁定之前失败的登录尝试次数，通过在线渠道进行的暴力攻击将失败，进一步的是，暴力攻击以发现正确的PIN以生成正确的OTP离线也将失败，即使是黑客窃取用户的移动设备，并提取内部的数据进行脱机黑客攻击，因为客户端上没有包含PIN或PIN码加密的数据。

5. 发明授权

US07484089B1 Method and system for certificate delivery and management 有权
标题翻译：证书交付和管理方法和系统
公开(公告)号：US07484089B1
公开(公告)日：2009-01-27
申请号：US10985414
申请日：2004-11-10
申请人： Mark Kogen , Herve Garcia , Fred Pinn , Elton Lin , Warren Tan
发明人： Mark Kogen , Herve Garcia , Fred Pinn , Elton Lin , Warren Tan
IPC分类号： H04L21/00
CPC分类号： H04L63/062 , H04L63/0823 , H04L63/0853
摘要： A method and system for combining multiple access points and utilizing certificates as an access method to a system from multiple access points enables use of a certificate that is stored within a smart card to access a host system through a browser, such that when the user accesses the application on the server, the application requires that the card and certificate be present for authentication of the individual user, and concurrently allows an external system to access applications on a host server using a certificate stored on the external system for authenticating itself to the host server. A certificate for certificate-based authentication is created and distributed to a choice of storage methods, such as a microcomputer of an integrated chip card, a computer disk of a computing device disposed in a secure environment, or a Hardware Security Module (HSM) associated with the computing device. The certificate is managed over its life span at least partly via a Lightweight Directory Assistance protocol (LDAP) directory shared by a certificate authority (CA) and the host system. Access to the host system is allowed using the certificate for public key-based authentication to the host system.
摘要翻译：用于组合多个接入点并且利用证书作为来自多个接入点的系统的接入方法的方法和系统使得能够使用存储在智能卡内的证书通过浏览器访问主机系统，使得当用户访问服务器上的应用程序，应用程序要求存在用于个人用户认证的卡和证书，并且同时允许外部系统使用存储在外部系统上的证书来访问主机服务器上的应用程序，以便向主机认证自身服务器。创建用于基于证书的认证的证书并将其分配到存储方法的选择，例如集成芯片卡的微型计算机，安置在安全环境中的计算设备的计算机磁盘或相关联的硬件安全模块（HSM）与计算设备。该证书至少部分通过由证书颁发机构（CA）和主机系统共享的轻型目录服务协议（LDAP）目录进行管理。允许使用主机系统的基于公钥身份验证的证书对主机系统进行访问。

6. 发明授权

US06687714B1 Method and system for managing transaction card data 有权
标题翻译：管理交易卡数据的方法和系统
公开(公告)号：US06687714B1
公开(公告)日：2004-02-03
申请号：US09515313
申请日：2000-02-29
申请人： Mark Kogen , Warren Tan
发明人： Mark Kogen , Warren Tan
IPC分类号： G06F1730
CPC分类号： G07F7/08 , G06Q20/4037
摘要： A method and system for managing transaction card data provides distributed services for use of a transaction card, such as a smart card, on board a ship when shipboard communication with a centralized host system is unavailable. Aspects of the centralized land-based system, such as card issuance, card management, and issuer host authentication are migrated to the shipboard environment, and an on board issuance system, a distributed card management system, and a local monitoring and administration system are introduced to the shipboard environment. When the ship leaves port, an instance of the central system database data for the on board ship personnel is hosted on board the ship and stored in the distributed card management system database. Tracking data representing current transaction information for the transaction cards of the ship personnel is also stored in the distributed card management system database, and at regular intervals, when ship-to-shore communication is available, the land-based and shipboard databases are synchronized with one another.
摘要翻译：用于管理交易卡数据的方法和系统在与集中式主机系统的船上通信不可用时，在船上提供用于使用诸如智能卡之类的交易卡的分布式服务。引进卡片发卡，卡片管理，发卡机构认证等集中式地面系统的方式，迁移到船上环境中，引入了船上发行系统，分布式卡片管理系统和本地监控管理系统到船上环境。当船舶离开港口时，船上人员的中央系统数据库数据实例托管在船上，并存储在分布式卡管理系统数据库中。代表船员的交易卡的当前交易信息的跟踪数据也存储在分布式卡管理系统数据库中，并且在船对岸通信可用时定期地，陆基和船上数据库与另一个。

7. 发明授权

US10102569B1 System, method and apparatus for value exchange utilizing value-storing applications 有权
公开(公告)号：US10102569B1
公开(公告)日：2018-10-16
申请号：US13338841
申请日：2011-12-28
申请人： Joseph C. Kawan , Ramiro Munoz , Mark Kogen
发明人： Joseph C. Kawan , Ramiro Munoz , Mark Kogen
IPC分类号： G06Q40/00
摘要： A system, method and apparatus for exchanging value using a smart card in a financial transaction is disclosed. The system includes a smart card having a contact interface and a contactless interface interactive with a closed purse application and an open purse application controlled by a microprocessor. The closed purse application contains application-specific value, while the open purse contains general value. The application-specific value and general value are each compatible within the system of the invention to perform and settle the financial transaction. The financial transaction may include the smart card communicating with a load terminal or a transaction terminal to add or change the amount of value on the smart card. Further, the present invention include auto-load functionality for adding an amount of value to the smart card. Finally, applications such as a transportation application and a loyalty application are described.

8. 发明授权

US08108307B1 System, method and apparatus for value exchange utilizing value-storing applications 有权
标题翻译：利用价值存储应用进行价值交换的系统，方法和装置
公开(公告)号：US08108307B1
公开(公告)日：2012-01-31
申请号：US09276823
申请日：1999-03-26
申请人： Joseph C. Kawan , Ramiro Munoz , Mark Kogen
发明人： Joseph C. Kawan , Ramiro Munoz , Mark Kogen
IPC分类号： G06Q40/00
CPC分类号： G07F7/0866 , G06Q20/105 , G06Q20/3572 , G06Q20/363
摘要： A system, method and apparatus for exchanging value using a smart card in a financial transaction is disclosed. The system includes a smart card having a contact interface and a contactless interface interactive with a closed purse application and an open purse application controlled by a microprocessor. The closed purse application contains application-specific value, while the open purse contains general value. The application-specific value and general value are each compatible within the system of the invention to perform and settle the financial transaction. The financial transaction may include the smart card communicating with a load terminal or a transaction terminal to add or change the amount of value on the smart card. Further, the present invention include auto-load functionality for adding an amount of value to the smart card. Finally, applications such as a transportation application and a loyalty application are described.
摘要翻译：公开了一种在金融交易中使用智能卡进行价值交换的系统，方法和装置。该系统包括智能卡，其具有与封闭的钱包应用和由微处理器控制的开放钱包应用交互的接触界面和非接触式接口。封闭的钱包应用程序包含应用程序特定的值，而开放的钱包包含通用值。应用特定价值和一般价值在本发明的系统内各自兼容以执行和结算金融交易。金融交易可以包括与负载终端或交易终端通信以增加或改变智能卡上的价值的智能卡。此外，本发明包括用于向智能卡添加一定量的值的自动加载功能。最后描述诸如运输应用和忠诚度应用之类的应用。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式