专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20080310624A1 Encryption Apparatus and Method for Providing an Encrypted File System 有权
标题翻译：加密装置和提供加密文件系统的方法
公开(公告)号：US20080310624A1
公开(公告)日：2008-12-18
申请号：US12194610
申请日：2008-08-20
申请人： Ufuk Celikkan , William C. Conklin , Shawn P. Mullen , Ravi A. Shankar
发明人： Ufuk Celikkan , William C. Conklin , Shawn P. Mullen , Ravi A. Shankar
IPC分类号： H04L9/06
CPC分类号： G06F21/602 , G06F21/6218 , H04L9/0637
摘要： An encryption apparatus and method for providing an encrypted file system are provided. The encryption apparatus and method of the illustrative embodiments uses a combination of encryption methodologies so as to reduce the amount of decryption and re-encryption that is necessary to a file in the Encrypted File System in the event that the file needs to be modified. The encryption methodologies are interleaved, or alternated, with regard to each block of plaintext. In one illustrative embodiment, Plaintext Block Chaining (PBC) and Cipher Block Chaining (CBC) encryption methodologies are alternated for encrypting a sequence of blocks of data. The encryption of a block of plaintext is dependent upon the plaintext or a cipher generated for the plaintext of a previous block of data in the sequence of blocks of data so that the encryption is more secure than known Electronic Code Book encryption methodologies.
摘要翻译：提供了一种用于提供加密文件系统的加密装置和方法。说明性实施例的加密装置和方法使用加密方法的组合，以便在需要修改文件的情况下减少加密文件系统中的文件所需的解密和重新加密的量。关于每个明文块，加密方法被交织或交替。在一个说明性实施例中，替代了明文块链接（PBC）和密码块链接（CBC）加密方法来加密数据块序列。明文块的加密取决于明文或为数据块序列中的先前数据块的明文生成的密码，使得加密比已知的电子代码簿加密方法更安全。

2. 发明授权

US07428306B2 Encryption apparatus and method for providing an encrypted file system 失效
标题翻译：用于提供加密文件系统的加密装置和方法
公开(公告)号：US07428306B2
公开(公告)日：2008-09-23
申请号：US11406184
申请日：2006-04-18
申请人： Ufuk Celikkan , William C. Conklin , Shawn P. Mullen , Ravi A. Shankar
发明人： Ufuk Celikkan , William C. Conklin , Shawn P. Mullen , Ravi A. Shankar
IPC分类号： H04L9/14
CPC分类号： G06F21/602 , G06F21/6218 , H04L9/0637
摘要： An encryption apparatus and method for providing an encrypted file system are provided. The encryption apparatus and method of the illustrative embodiments uses a combination of encryption methodologies so as to reduce the amount of decryption and re-encryption that is necessary to a file in the Encrypted File System in the event that the file needs to be modified. The encryption methodologies are interleaved, or alternated, with regard to each block of plaintext. In one illustrative embodiment, Plaintext Block Chaining (PBC) and Cipher Block Chaining (CBC) encryption methodologies are alternated for encrypting a sequence of blocks of data. The encryption of a block of plaintext is dependent upon the plaintext or a cipher generated for the plaintext of a previous block of data in the sequence of blocks of data so that the encryption is more secure than known Electronic Code Book encryption methodologies.
摘要翻译：提供了一种用于提供加密文件系统的加密装置和方法。说明性实施例的加密装置和方法使用加密方法的组合，以便在需要修改文件的情况下减少加密文件系统中的文件所必需的解密和重新加密的量。关于每个明文块，加密方法被交织或交替。在一个说明性实施例中，替代了明文块链接（PBC）和密码块链接（CBC）加密方法来加密数据块序列。明文块的加密取决于明文或为数据块序列中的先前数据块的明文生成的密码，使得加密比已知的电子代码簿加密方法更安全。

3. 发明授权

US08107621B2 Encrypted file system mechanisms 有权
标题翻译：加密文件系统机制
公开(公告)号：US08107621B2
公开(公告)日：2012-01-31
申请号：US12194610
申请日：2008-08-20
申请人： Ufuk Celikkan , William C. Conklin , Shawn P. Mullen , Ravi A. Shankar
发明人： Ufuk Celikkan , William C. Conklin , Shawn P. Mullen , Ravi A. Shankar
IPC分类号： H04L9/14
CPC分类号： G06F21/602 , G06F21/6218 , H04L9/0637
摘要： Mechanisms for providing an encrypted file system are provided. The mechanisms use a combination of encryption methodologies so as to reduce the amount of decryption and re-encryption that is necessary to a file in the Encrypted File System in the event that the file needs to be modified. The encryption methodologies are interleaved, or alternated, with regard to each block of plaintext. In one illustrative embodiment, Plaintext Block Chaining (PBC) and Cipher Block Chaining (CBC) encryption methodologies are alternated for encrypting a sequence of blocks of data. The encryption of a block of plaintext is dependent upon the plaintext or a cipher generated for the plaintext of a previous block of data in the sequence of blocks of data so that the encryption is more secure than known Electronic Code Book encryption methodologies.
摘要翻译：提供了提供加密文件系统的机制。这些机制使用加密方法的组合，以便在需要修改文件的情况下减少加密文件系统中的文件所需的解密和重新加密的数量。关于每个明文块，加密方法被交织或交替。在一个说明性实施例中，替代了明文块链接（PBC）和密码块链接（CBC）加密方法来加密数据块序列。明文块的加密取决于明文或为数据块序列中的先前数据块的明文生成的密码，使得加密比已知的电子代码簿加密方法更安全。

4. 发明申请

US20090110198A1 METHOD AND APPARATUS FOR RESTORING ENCRYPTED FILES TO AN ENCRYPTING FILE SYSTEM BASED ON DEPRECATED KEYSTORES 失效
标题翻译：将加密文件恢复到基于删除键盘的加密文件系统的方法和装置
公开(公告)号：US20090110198A1
公开(公告)日：2009-04-30
申请号：US11929103
申请日：2007-10-30
申请人： Neeta Garimella , Alexei Kojenov , Shawn P. Mullen , Ravi A. Shankar , John Viksne
发明人： Neeta Garimella , Alexei Kojenov , Shawn P. Mullen , Ravi A. Shankar , John Viksne
IPC分类号： H04L9/00
CPC分类号： G06F21/6218 , G06F21/6209
摘要： The present invention provides a computer implemented method, data processing system, and computer program product to restore an encrypted file. A computer receives a command to restore an encrypted file, wherein the encrypted file was previously backed up. The computer identifies a user associated with the encrypted file. The computer looks up a first keystore of the user based on the user, the first keystore having an active private key. The computer determines that a public key of the encrypted file fails to match an active public key of the first keystore. The computer restores a second keystore of the user to form a restored private key, wherein the second keystore was previously backed up. The computer responsive to a determination that the public key of the encrypted file fails to match the active public key of the first keystore, decrypts the encrypted file encryption key based on the restored private key to form a file encryption key. The computer encrypts the file encryption key with the active private key of the first keystore.
摘要翻译：本发明提供了一种计算机实现的方法，数据处理系统和用于恢复加密文件的计算机程序产品。计算机接收恢复加密文件的命令，其中先前备份了加密文件。计算机识别与加密文件相关联的用户。计算机基于用户查找用户的第一密钥库，第一密钥库具有活动的私钥。计算机确定加密文件的公钥不能匹配第一密钥库的活动公钥。计算机恢复用户的第二密钥库以形成恢复的私钥，其中先前备份了第二密钥库。该计算机响应于确定加密文件的公开密钥与第一密钥库的活动公钥匹配的确定，基于恢复的私钥对加密的文件加密密钥进行解密以形成文件加密密钥。计算机使用第一个密钥库的活动私钥对文件加密密钥进行加密。

5. 发明授权

US08494167B2 Method and apparatus for restoring encrypted files to an encrypting file system based on deprecated keystores 失效
标题翻译：基于不推荐的密钥库将加密文件恢复到加密文件系统的方法和装置
公开(公告)号：US08494167B2
公开(公告)日：2013-07-23
申请号：US11929103
申请日：2007-10-30
申请人： Neeta Garimella , Alexei Kojenov , Shawn P. Mullen , Ravi A. Shankar , John Viksne
发明人： Neeta Garimella , Alexei Kojenov , Shawn P. Mullen , Ravi A. Shankar , John Viksne
IPC分类号： H04K1/04 , H04K1/10
CPC分类号： G06F21/6218 , G06F21/6209
摘要： The present invention provides a computer implemented method, data processing system, and computer program product to restore an encrypted file. A computer receives a command to restore an encrypted file, wherein the encrypted file was previously backed up. The computer identifies a user associated with the encrypted file. The computer looks up a first keystore of the user based on the user, the first keystore having an active private key. The computer determines that a public key of the encrypted file fails to match an active public key of the first keystore. The computer restores a second keystore of the user to form a restored private key, wherein the second keystore was previously backed up. The computer responsive to a determination that the public key of the encrypted file fails to match the active public key of the first keystore, decrypts the encrypted file encryption key based on the restored private key to form a file encryption key. The computer encrypts the file encryption key with the active private key of the first keystore.
摘要翻译：本发明提供了一种计算机实现的方法，数据处理系统和用于恢复加密文件的计算机程序产品。计算机接收恢复加密文件的命令，其中先前备份了加密文件。计算机识别与加密文件相关联的用户。计算机基于用户查找用户的第一密钥库，第一密钥库具有活动的私钥。计算机确定加密文件的公钥不能匹配第一密钥库的活动公钥。计算机恢复用户的第二密钥库以形成恢复的私钥，其中先前备份了第二密钥库。该计算机响应于确定加密文件的公开密钥与第一密钥库的活动公钥匹配的确定，基于恢复的私钥对加密的文件加密密钥进行解密以形成文件加密密钥。计算机使用第一个密钥库的活动私钥对文件加密密钥进行加密。

6. 发明授权

US09009777B2 Automatic role activation 有权
标题翻译：自动角色激活
公开(公告)号：US09009777B2
公开(公告)日：2015-04-14
申请号：US11565249
申请日：2006-11-30
申请人： Saurabh Desai , Niteesh Kumar Dubey , Yantian Tom Lu , Ravi A. Shankar , Murali Vaddagiri , Drew Thomas Walters , Xinya Wang
发明人： Saurabh Desai , Niteesh Kumar Dubey , Yantian Tom Lu , Ravi A. Shankar , Murali Vaddagiri , Drew Thomas Walters , Xinya Wang
IPC分类号： G06F21/00 , G06F21/30 , G06F21/62
CPC分类号： G06F21/30 , G06F21/6218
摘要： A method, apparatus, and computer usable program product for automatic activation of roles is provided. When a user initiates an action, a set of roles needed for the action is identified. A set of roles assigned to the user is also identified. From the two sets of roles, all roles that are common to both sets are identified in a subset of roles. Roles in this subset are assigned to the user and are sufficient for the action. One or more roles from this subset of roles is selected for activation depending on system policies in effect. Selected roles are automatically activated without requiring any intervention from the user. Once the selected roles are activated, they can become inactive upon completion of the current action, or remain active for subsequent actions by the user during all or part of a user session. System policies can decide how the roles are selected for activation, and the duration of which the roles remain active once activated.
摘要翻译：提供了一种用于自动激活角色的方法，设备和计算机可用程序产品。当用户发起一个动作时，确定该动作所需的一组角色。还识别分配给用户的一组角色。从两组角色中，两个集合共同的所有角色都在角色的一个子集中标识。该子集中的角色被分配给用户，并且对于该动作是足够的。根据有效的系统策略，选择此角色子集中的一个或多个角色进行激活。所选角色将自动激活，无需用户干预。一旦所选择的角色被激活，它们可以在完成当前动作时变为不活动，或者在用户会话的全部或部分期间对用户的后续动作保持活动状态。系统策略可以决定如何激活角色，激活角色保持活动的持续时间。

7. 发明授权

US08756429B2 Tunable encryption system 失效
标题翻译：可调加密系统
公开(公告)号：US08756429B2
公开(公告)日：2014-06-17
申请号：US12248982
申请日：2008-10-10
申请人： Dwip N. Banerjee, Jr. , Sandeep Ramesh Patil , Punadikar Sachin Chandrakant , Ravi A. Shankar
发明人： Dwip N. Banerjee, Jr. , Sandeep Ramesh Patil , Punadikar Sachin Chandrakant , Ravi A. Shankar
IPC分类号： H04L29/06
CPC分类号： H04L63/0428 , H04L63/0807 , H04L63/105
摘要： A method, programmed medium and system are provided for enabling a user to choose a user-preferred encryption type from among a plurality of encryption types listed in a user's Kerberos configuration file. During the ticket granting process in a Kerberos system, a user is requested to select a preferred encryption type to be used in the Kerberos communication from among encryption types contained in the user's Kerberos configuration file. The user-selected encryption type is then implemented for use in encrypting a session ticket (as well as generating the session key of user requested encryption type) for use by the user machine in communicating securely with an Kerberized application server when being communicated by that particular user. Thus, the system allows different users to simultaneously communicate with the same Kerberized application server using a supported encryption type of the user's own choice.
摘要翻译：提供了一种方法，编程介质和系统，用于使用户能够从用户的Kerberos配置文件中列出的多种加密类型中选择用户优选的加密类型。在Kerberos系统中的故障单授予过程中，请求用户从用户的Kerberos配置文件中包含的加密类型中选择要在Kerberos通信中使用的首选加密类型。用户选择的加密类型然后被实现以用于加密会话票据（以及生成用户请求的加密类型的会话密钥），以供用户机器在由特定的通信系统通信时与Kerberized应用服务器进行安全通信用户。因此，系统允许不同的用户使用用户自己选择的受支持的加密类型同时与相同的Kerberized应用服务器进行通信。

8. 发明申请

US20120288096A1 SECURITY KEY DISTRIBUTION IN A CLUSTER 有权
公开(公告)号：US20120288096A1
公开(公告)日：2012-11-15
申请号：US13556398
申请日：2012-07-24
申请人： Jes Kiran Chittigala , Ravi A. Shankar , Vidya Ranganathan
发明人： Jes Kiran Chittigala , Ravi A. Shankar , Vidya Ranganathan
IPC分类号： H04L9/08
CPC分类号： H04L9/0825 , H04L63/045
摘要： Provided are techniques for the fast and reliable distribution of security keys within a cluster of computing devices, or computers. One embodiment provides a method for secure distribution of encryption keys, comprising generating a symmetric key for the encryption of communication among a plurality of nodes of a cluster of nodes; encrypting the symmetric key with a plurality of public keys, each public key corresponding to a particular node of the plurality of modes, to generate a plurality of encrypted symmetric keys; storing the plurality of encrypted symmetric keys in a central repository; and distributing the encrypted symmetric keys to the nodes such that each particular node receives an encrypted symmetric key corresponding to a corresponding public key of the particular node.

9. 发明申请

US20120204028A1 Secure Kerberized Access of Encrypted File System 有权
标题翻译：加密文件系统的安全Kerberized访问
公开(公告)号：US20120204028A1
公开(公告)日：2012-08-09
申请号：US13449925
申请日：2012-04-18
申请人： Dwip N. Banerjee , Sachin Chandrakant Punadikar , Sandeep Ramesh Patil , Ravi A. Shankar
发明人： Dwip N. Banerjee , Sachin Chandrakant Punadikar , Sandeep Ramesh Patil , Ravi A. Shankar
IPC分类号： H04L29/06 , G06F15/16 , H04L9/08 , G06F17/30
CPC分类号： H04L9/0822 , G06F21/335 , G06F21/6218 , H04L9/083 , H04L9/3213 , H04L63/0428 , H04L63/06 , H04L63/20
摘要： A file server receives a request from a client to mount an encrypted file system. The file server informs the client that the requested file system is encrypted and, in turn, receives a session ticket from the client that includes a security protocol mounting selection. The file server decrypts the client's user's encrypted private key, and then decrypts the requested encrypted file system using the private key. In turn, the file server sends the decrypted file system to the client over a secure channel, which is based upon the security protocol mounting selection. In one embodiment, a key distribution center server receives a request from the client for the client's user to access the encrypted file system at the file server. The key distribution center server retrieves an intermediate key; includes the intermediate key in a session ticket; and sends the session ticket to the client.
摘要翻译：文件服务器从客户端收到一个装载加密文件系统的请求。文件服务器通知客户端所请求的文件系统被加密，并且从客户端接收包括安全协议安装选择的会话凭证。文件服务器解密客户端用户的加密私钥，然后使用私钥对请求的加密文件系统进行解密。反过来，文件服务器通过基于安全协议安装选择的安全通道将解密的文件系统发送到客户端。在一个实施例中，密钥分配中心服务器从客户端接收客户端用户访问文件服务器上的加密文件系统的请求。密钥分配中心服务器检索中间密钥; 在会议票中包括中间密钥; 并将会话凭证发送给客户端。

10. 发明申请

US20110154031A1 Secure Kerberized Access of Encrypted File System 有权
标题翻译：加密文件系统的安全Kerberized访问
公开(公告)号：US20110154031A1
公开(公告)日：2011-06-23
申请号：US12643943
申请日：2009-12-21
申请人： Dwip N. Banerjee , Sachin Chandrakant Punadikar , Sandeep Ramesh Patil , Ravi A. Shankar
发明人： Dwip N. Banerjee , Sachin Chandrakant Punadikar , Sandeep Ramesh Patil , Ravi A. Shankar
IPC分类号： H04L29/06 , H04L9/08 , G06F15/16
CPC分类号： H04L9/0822 , G06F21/335 , G06F21/6218 , H04L9/083 , H04L9/3213 , H04L63/0428 , H04L63/06 , H04L63/20
摘要： A file server receives a request from a client to mount an encrypted file system. The file server informs the client that the requested file system is encrypted and, in turn, receives a session ticket from the client that includes a security protocol mounting selection. The file server decrypts the client's user's encrypted private key, and then decrypts the requested encrypted file system using the private key. In turn, the file server sends the decrypted file system to the client over a secure channel, which is based upon the security protocol mounting selection. In one embodiment, a key distribution center server receives a request from the client for the client's user to access the encrypted file system at the file server. The key distribution center server retrieves an intermediate key; includes the intermediate key in a session ticket; and sends the session ticket to the client.
摘要翻译：文件服务器从客户端收到一个装载加密文件系统的请求。文件服务器通知客户端所请求的文件系统被加密，并且从客户端接收包括安全协议安装选择的会话凭证。文件服务器解密客户端用户的加密私钥，然后使用私钥对请求的加密文件系统进行解密。反过来，文件服务器通过基于安全协议安装选择的安全通道将解密的文件系统发送到客户端。在一个实施例中，密钥分配中心服务器从客户端接收客户端用户访问文件服务器上的加密文件系统的请求。密钥分配中心服务器检索中间密钥; 在会议票中包括中间密钥; 并将会话凭证发送给客户端。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式