专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07673134B2 Backup restore in a corporate infrastructure 有权
标题翻译：企业基础架构中的备份还原
公开(公告)号：US07673134B2
公开(公告)日：2010-03-02
申请号：US11101290
申请日：2005-04-07
申请人： Ryan Charles Catherman , David Carroll Challener , Scott Thomas Elliott , James Patrick Hoff
发明人： Ryan Charles Catherman , David Carroll Challener , Scott Thomas Elliott , James Patrick Hoff
IPC分类号： H04L29/06 , G06F9/00
CPC分类号： H04L63/0428 , G06F11/1446 , G06F21/6209 , H04L9/0822 , H04L2209/60 , H04L2463/062
摘要： A method and system for remotely storing a user's admin key to gain access to an intranet is presented. The user's admin key and intranet user identification (ID) are encrypted using an enterprise's public key, and together they are concatenated into a single backup admin file, which is stored in the user's client computer. If the user needs his admin file and is unable to access it in a backup client computer, he sends the encrypted backup admin file to a backup server and his unencrypted intranet user ID to an intranet authentication server. The backup server decrypts the user's single backup admin file to obtain the user's admin key and intranet user ID. If the unencrypted intranet user ID in the authentication server matches the decrypted intranet user ID in the backup server, then the backup server sends the backup client computer the decrypted admin key.
摘要翻译：介绍一种用于远程存储用户管理密钥以访问内联网的方法和系统。用户的管理密钥和内部网用户标识（ID）使用企业的公钥进行加密，并将它们并入一个备份管理文件，该文件存储在用户的客户端计算机中。如果用户需要他的管理员文件，并且无法在备份客户端计算机中访问它，则他将加密的备份管理文件发送到备份服务器，并将其未加密的内部网用户ID发送到内部网认证服务器。备份服务器解密用户的单备份管理文件，获取用户的管理密钥和内部网用户ID。如果身份验证服务器中未加密的Intranet用户ID与备份服务器中的解密内网用户ID匹配，则备份服务器将备份客户端计算机发送解密的管理密钥。

2. 发明授权

US08495361B2 Securely creating an endorsement certificate in an insecure environment 失效
标题翻译：在不安全的环境中安全地创建背书证书
公开(公告)号：US08495361B2
公开(公告)日：2013-07-23
申请号：US11858971
申请日：2007-09-21
申请人： Ryan Charles Catherman , David Carroll Challener , James Patrick Hoff
发明人： Ryan Charles Catherman , David Carroll Challener , James Patrick Hoff
IPC分类号： H04L29/06
CPC分类号： G06F21/57
摘要： A method and system for ensuring security-compliant creation and signing of endorsement keys of manufactured TPMs. The endorsement keys are generated for the TPM. The TPM vendor selects an N-byte secret and stores the N-byte secret in the TPM along with the endorsement keys. The secret number cannot be read outside of the TPM. The secret number is also provided to the OEM's credential server. During the endorsement key (EK) credential process, the TPM generates an endorsement key, which comprises both the public key and a hash of the secret and the public key. The credential server matches the hash within the endorsement key with a second hash of the received public key (from the endorsement key) and the vendor provided secret. The EK certificate is generated and inserted into the TPM only when a match is confirmed.
摘要翻译：一种用于确保制造TPM的签注密钥的安全兼容创建和签名的方法和系统。为TPM生成认可密钥。 TPM供应商选择一个N字节的秘密，并将N字节的秘密与支持密钥一起存储在TPM中。无法在TPM之外读取密码。秘密编号也提供给OEM的凭据服务器。在认可密钥（EK）凭证处理过程中，TPM产生一个签名密钥，其包括公开密钥和密钥的散列以及公开密钥。凭证服务器将签名密钥内的散列与接收到的公钥（来自认可密钥）和供应商提供的秘密的第二散列进行匹配。仅当匹配确认时，EK证书才会生成并插入到TPM中。

3. 发明授权

US07751568B2 Method for securely creating an endorsement certificate utilizing signing key pairs 失效
标题翻译：使用签名密钥对安全地创建签注证书的方法
公开(公告)号：US07751568B2
公开(公告)日：2010-07-06
申请号：US10749261
申请日：2003-12-31
申请人： Ryan Charles Catherman , David Carroll Challener , James Patrick Hoff
发明人： Ryan Charles Catherman , David Carroll Challener , James Patrick Hoff
IPC分类号： H04K1/00
CPC分类号： G06F21/602 , G06F21/57
摘要： A method and system for ensuring security-compliant creation and certificate generation for endorsement keys of manufactured TPMs. The endorsement keys are generated by the TPM manufacturer and stored within the TPM. The TPM manufacturer also creates a signing key pair and associated signing key certificate. The signing key pair is also stored within the TPM, while the certificate is provided to the OEM's credential server. During the endorsement key (EK) credential process, the TPM generates a signed endorsement key, which comprises the public endorsement key signed with the public signing key. The credential server matches the public signing key of the endorsement key with a public signing key within the received certificate. The EK certificate is generated and inserted into the TPM only when a match is confirmed.
摘要翻译：一种用于确保制造TPM的认可密钥的安全兼容创建和证书生成的方法和系统。认可密钥由TPM制造商生成并存储在TPM内。 TPM制造商还创建了一个签名密钥对和相关的签名密钥证书。签名密钥对也存储在TPM中，同时将证书提供给OEM的凭据服务器。在认可密钥（EK）凭证过程中，TPM生成签名的背书密钥，其包括用公共签名密钥签名的公开签名密钥。凭证服务器将签名密钥的公共签名密钥与接收到的证书中的公共签名密钥相匹配。仅当匹配确认时，EK证书才会生成并插入到TPM中。

4. 发明授权

US07644278B2 Method for securely creating an endorsement certificate in an insecure environment 失效
标题翻译：在不安全的环境中安全地创建背书证书的方法
公开(公告)号：US07644278B2
公开(公告)日：2010-01-05
申请号：US10750594
申请日：2003-12-31
申请人： Ryan Charles Catherman , David Carroll Challener , James Patrick Hoff
发明人： Ryan Charles Catherman , David Carroll Challener , James Patrick Hoff
IPC分类号： H04L9/32
CPC分类号： G06F21/602 , G06F21/57 , G06F2221/2117 , H04L9/0877 , H04L9/3236 , H04L9/3263
摘要： A Method and system for ensuring security-compliant creation and signing of endorsement keys of manufactured trusted platform modules. The endorsement keys are generated for the trusted platform module (TPM). The TPM vendor selects an N-byte secret and stores the N-type secret in the trusted platform module along with the endorsement keys. The secret number cannot be read outside of the trusted platform module. The secret number is also provided to the credential server of the original equipment manufacturer. During the endorsement key (EK) credential process, the trusted platform module generates an endorsement key, which comprises both the public key and a hash of the secret and the public key. The credential server matches the hash within the endorsement key withy a second hash of the received public key (from the endorsement key) and the vendor provided secret. The EK certificate is generated and inserted into the trusted platform module only when a match is confirmed.
摘要翻译：一种用于确保制造可信平台模块的认可密钥的安全兼容创建和签名的方法和系统。为可信平台模块（TPM）生成认可密钥。 TPM供应商选择N字节的秘密，并将N型秘密与认可密钥一起存储在可信平台模块中。秘密号码不能在受信任的平台模块之外读取。秘密编号也提供给原始设备制造商的凭证服务器。在认可密钥（EK）凭证过程中，可信平台模块生成包括公开密钥和秘密的哈希和公开密钥的认可密钥。凭证服务器使用所接收的公钥（来自认可密钥）和供应商提供的秘密的第二散列表来匹配认可密钥内的散列。仅当匹配确认时，EK证书才会生成并插入可信平台模块。

5. 发明授权

US07861079B2 Method for securely creating an endorsement certificate in an insecure environment 有权
标题翻译：在不安全的环境中安全地创建背书证书的方法
公开(公告)号：US07861079B2
公开(公告)日：2010-12-28
申请号：US11858977
申请日：2007-09-21
申请人： Ryan Charles Catherman , David Carroll Challener , James Patrick Hoff
发明人： Ryan Charles Catherman , David Carroll Challener , James Patrick Hoff
IPC分类号： H04L29/06
CPC分类号： G06F21/602 , G06F21/57 , G06F2221/2117 , H04L9/0877 , H04L9/3236 , H04L9/3263
摘要： A method and system for ensuring security-compliant creation and signing of endorsement keys of manufactured TPMs. The endorsement keys are generated for the TPM. The TPM vendor selects an N-byte secret and stores the N-byte secret in the TPM along with the endorsement keys. The secret number cannot be read outside of the TPM. The secret number is also provided to the OEM's credential server. During the endorsement key (EK) credential process, the TPM generates an endorsement key, which comprises both the public key and a hash of the secret and the public key. The credential server matches the hash within the endorsement key with a second hash of the received public key (from the endorsement key) and the vendor provided secret. The EK certificate is generated and inserted into the TPM only when a match is confirmed.
摘要翻译：一种用于确保制造TPM的签注密钥的安全兼容创建和签名的方法和系统。为TPM生成认可密钥。 TPM供应商选择一个N字节的秘密，并将N字节的秘密与支持密钥一起存储在TPM中。无法在TPM之外读取密码。秘密编号也提供给OEM的凭据服务器。在认可密钥（EK）凭证处理过程中，TPM产生一个签名密钥，其包括公开密钥和密钥的散列以及公开密钥。凭证服务器将签名密钥内的散列与接收到的公钥（来自认可密钥）和供应商提供的秘密的第二散列进行匹配。仅当匹配确认时，EK证书才会生成并插入到TPM中。

6. 发明申请

US20090083539A1 Method for Securely Creating an Endorsement Certificate in an Insecure Environment 失效
标题翻译：在不安全的环境中安全地创建认可证书的方法
公开(公告)号：US20090083539A1
公开(公告)日：2009-03-26
申请号：US11858971
申请日：2007-09-21
申请人： Ryan Charles Catherman , David Carroll Challener , James Patrick Hoff
发明人： Ryan Charles Catherman , David Carroll Challener , James Patrick Hoff
IPC分类号： H04L9/00
CPC分类号： G06F21/57
摘要： A method and system for ensuring security-compliant creation and signing of endorsement keys of manufactured TPMs. The endorsement keys are generated for the TPM. The TPM vendor selects an N-byte secret and stores the N-byte secret in the TPM along with the endorsement keys. The secret number cannot be read outside of the TPM. The secret number is also provided to the OEM's credential server. During the endorsement key (EK) credential process, the TPM generates an endorsement key, which comprises both the public key and a hash of the secret and the public key. The credential server matches the hash within the endorsement key with a second hash of the received public key (from the endorsement key) and the vendor provided secret. The EK certificate is generated and inserted into the TPM only when a match is confirmed.
摘要翻译：一种用于确保制造TPM的签注密钥的安全兼容创建和签名的方法和系统。为TPM生成认可密钥。 TPM供应商选择一个N字节的秘密，并将N字节的秘密与支持密钥一起存储在TPM中。无法在TPM之外读取密码。秘密编号也提供给OEM的凭据服务器。在认可密钥（EK）凭证处理过程中，TPM产生一个签名密钥，其包括公开密钥和密钥的散列以及公开密钥。凭证服务器将签名密钥内的散列与接收到的公钥（来自认可密钥）和供应商提供的秘密的第二散列进行匹配。仅当匹配确认时，EK证书才会生成并插入到TPM中。

7. 发明授权

US07263608B2 System and method for providing endorsement certificate 有权
标题翻译：提供认可证书的制度和方法
公开(公告)号：US07263608B2
公开(公告)日：2007-08-28
申请号：US10735388
申请日：2003-12-12
申请人： David Carroll Challener , James Patrick Hoff , Randall Scott Springfield , James Peter Ward
发明人： David Carroll Challener , James Patrick Hoff , Randall Scott Springfield , James Peter Ward
IPC分类号： H04L9/00
CPC分类号： G06F21/57 , G06F2221/2117
摘要： A Trusted Computing Platform Alliance (TCPA) endorsement certificate is provided by comparing a trusted platform module (TPM) public key transmitted by an owner of the computing device to which the TPM belongs to a copy of the key as originally stored in a remote database prior to vending the device. If a match is found the certificate is created using the public key, and then sent to the owner of the computing device.
摘要翻译：通过将由TPM所属的计算设备的所有者发送的可信平台模块（TPM）公钥与原始存储在远程数据库中的密钥的副本进行比较来提供可信计算平台联盟（TCPA）认可证书自动售货机。如果发现匹配，则使用公钥创建证书，然后发送给计算设备的所有者。

8. 发明申请

US20080022412A1 System and method for TPM key security based on use count 审中-公开
标题翻译：基于使用次数的TPM密钥安全的系统和方法
公开(公告)号：US20080022412A1
公开(公告)日：2008-01-24
申请号：US11477062
申请日：2006-06-28
申请人： David Carroll Challener , James Patrick Hoff , David Rivera
发明人： David Carroll Challener , James Patrick Hoff , David Rivera
IPC分类号： H04L9/32
CPC分类号： G06F21/62 , G06F21/57 , G06F21/602
摘要： A trusted platform module (TPM) key is assigned a numerical limit for the number of times the key can be used, and once the key has been used the assigned number of times, it is rendered unusable.
摘要翻译：为可信平台模块（TPM）密钥分配了密钥可以使用的次数的数值限制，一旦密钥被使用了分配的次数，它将被使用不可用。

9. 发明授权

US07484241B2 Secure single sign-on to operating system via power-on password 有权
标题翻译：通过开机密码保护对操作系统的单一登录
公开(公告)号：US07484241B2
公开(公告)日：2009-01-27
申请号：US10994620
申请日：2004-11-22
申请人： David Carroll Challener , Steven Dale Goodman , James Patrick Hoff , David Rivera , Randall Scott Springfield
发明人： David Carroll Challener , Steven Dale Goodman , James Patrick Hoff , David Rivera , Randall Scott Springfield
IPC分类号： G06F7/04 , H04L9/32
CPC分类号： G06F21/41
摘要： Methods and arrangements are disclosed for secure single sign on to an operating system using only a power-on password. In many embodiments modified BIOS code prompts for, receives and verifies the power-on password. The power-on password is hashed and stored in a Platform Configuration Register of the Trusted Platform Module. In a setup mode, the trusted platform module encrypts the operating system password using the hashed power-on password. In a logon mode, the trusted platform module decrypts the operating system password using the hashed power-on password.
摘要翻译：公开了仅使用开机密码的安全单点登录到操作系统的方法和布置。在许多实施例中，修改的BIOS代码提示，接收和验证开机密码。开机密码被散列并存储在可信平台模块的平台配置寄存器中。在设置模式下，可信平台模块使用散列开机密码对操作系统密码进行加密。在登录模式下，可信平台模块使用散列开机密码解密操作系统密码。

10. 发明授权

US07412596B2 Method for preventing system wake up from a sleep state if a boot log returned during the system wake up cannot be authenticated 有权
标题翻译：如果在系统唤醒期间返回的引导日志无法验证，则防止系统从睡眠状态唤醒的方法
公开(公告)号：US07412596B2
公开(公告)日：2008-08-12
申请号：US10967760
申请日：2004-10-16
申请人： David Carroll Challener , Daryl Carvis Cromer , Joseph Wayne Freeman , Steven Dale Goodman , James Patrick Hoff , Howard Jeffrey Locker , Randall Scott Springfield , James Peter Ward
发明人： David Carroll Challener , Daryl Carvis Cromer , Joseph Wayne Freeman , Steven Dale Goodman , James Patrick Hoff , Howard Jeffrey Locker , Randall Scott Springfield , James Peter Ward
IPC分类号： G06F9/00 , G06F15/177
CPC分类号： G06F21/575
摘要： A method and system for enabling security attestation for a computing device during a return from an S4 sleep state. When the computing device enters into the S4 state following a successful boot up, the attestation log is appended to the TPM tick count and the log is signed (with a security signature). When the device is awaken from S4 state, the BIOS obtains and verifies the log created during the previous boot. The CRTM maintains a set of virtual PCRs and references these virtual PCRs against the log. If the values do not match, the return from S4 state fails and the device is rebooted.
摘要翻译：一种用于在从S4睡眠状态返回期间为计算设备提供安全认证的方法和系统。当计算设备在成功启动后进入S4状态时，认证日志会追加到TPM刻度计数，并且日志被签名（具有安全签名）。当设备从S4状态唤醒时，BIOS将获取并验证在以前引导过程中创建的日志。 CRTM维护一组虚拟PCR，并将这些虚拟PCR引用到日志中。如果值不匹配，则S4状态返回失败，设备重启。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式