专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

91. 发明申请

WO2011079872A1 METHOD AND SYSTEM FOR USER AUTHENTICATION 审中-公开
标题翻译：用户认证的方法和系统
公开(公告)号：WO2011079872A1
公开(公告)日：2011-07-07
申请号：PCT/EP2009/068039
申请日：2009-12-30
申请人： NEC EUROPE LTD. , GRUSCHKA, Nils , LO IACONO, Luigi , KOHRING, Gregory Allen , RAJASEKARAN, Hariharan
发明人： GRUSCHKA, Nils , LO IACONO, Luigi , KOHRING, Gregory Allen , RAJASEKARAN, Hariharan
IPC分类号： G06F21/00 , H04L29/06
CPC分类号： G06F21/35 , G06F2221/2103 , H04L63/067
摘要： The present invention relates to a method for user authentication for accessing from a client (100) to a server (200) over a packet based network using an one-time password (120), wherein the client (100) comprises a first secret (40, 45), and the server comprises a database (70) for storing a second secret (41, 46) and a chosen username (21) associated with the second secret (41, 46), wherein the method comprises the steps of providing the second secret (41, 46) associated with the first secret (40, 45) by the client (100) to the server (200) and storing the second secret and the chosen username (21) in the database (70); transmitting a challenge (80) from the server (200) to the client (100), wherein the challenge is encoded by the server and comprises a random data (110); computing the one-time password (120) by the client (100) using the second secret (41, 46) and the random data decoded from the challenge (80); submitting the one-time password (120) and the chosen username on the client (110) to access the server (200); validating the one time password (120) received from the client with the one-time password (120) computed by the server using the random data and the server secret stored in the database. The present invention also relate to a system for performing the steps of method.
摘要翻译：本发明涉及一种用于通过使用一次性密码（120）从基于分组的网络从客户机（100）到服务器（200）的用户认证的方法，其中所述客户端（100）包括第一秘密（ 40,45），并且所述服务器包括用于存储与所述第二秘密（41,46）相关联的第二秘密（41,46）和所选择的用户名（21）的数据库（70），其中所述方法包括以下步骤：与所述客户端（100）向所述服务器（200）的所述第一秘密（40,45）相关联并将所述第二秘密和所选择的用户名（21）存储在所述数据库（70）中的所述第二秘密（41,46）; 从所述服务器（200）向所述客户机（100）发送挑战（80），其中所述挑战由所述服务器编码并包括随机数据（110）; 使用第二秘密（41,46）和从挑战（80）解码的随机数据，计算客户机（100）的一次性密码（120）; 在客户端（110）上提交一次性密码（120）和所选择的用户名以访问服务器（200）; 使用服务器使用随机数据计算的一次性密码（120）和存储在数据库中的服务器秘密来验证从客户端接收的一次性密码（120）。本发明还涉及一种用于执行方法步骤的系统。

92. 发明申请

WO2010147894A1 SHARED REGISTRATION SYSTEM MULTI-FACTOR AUTHENTICATION 审中-公开
标题翻译：共享注册系统多因素认证
公开(公告)号：WO2010147894A1
公开(公告)日：2010-12-23
申请号：PCT/US2010/038517
申请日：2010-06-14
申请人： VERISIGN, INC. , ESSAWI, Tarik , GOULD, James , KANE, Pat , SCHONFELD, Dan , WALDRON, Joe
发明人： ESSAWI, Tarik , GOULD, James , KANE, Pat , SCHONFELD, Dan , WALDRON, Joe
IPC分类号： H04L9/32
CPC分类号： H04L9/3226 , G06F21/62 , H04L9/3234 , H04L61/1511 , H04L61/302 , H04L63/067 , H04L2209/38 , H04L2209/56
摘要： A system and method for establishing a chain of trust from a registrant to a registry. A registrant request to a registrar to change a domain name record includes at least one registrant factor, such as a one time password. The registrar can formulate an extended EPP command that includes the factor to effectuate the change and send it to a registry. The registry can verify the at least one factor using at least one validation server. If the factor is successfully verified, the EPP can be processed by the registry. If the factor is not verified, the EPP command may not be processed and an error message may be generated and sent to the registrar.
摘要翻译：建立从注册人到注册管理机构的信任链的系统和方法。注册商要求更改域名记录至少包括一个注册人因素，如一次性密码。注册商可以制定一个扩展EPP命令，其中包括实现更改并将其发送到注册表的因素。注册表可以使用至少一个验证服务器来验证至少一个因素。如果该因素成功验证，EPP可以由注册表处理。如果该因素未被验证，可能不会处理EPP命令，并且可能会生成错误消息并将其发送到注册商。

93. 发明申请

WO2010145273A1 移动终端越区切换的方法和系统审中-公开
公开(公告)号：WO2010145273A1
公开(公告)日：2010-12-23
申请号：PCT/CN2010/071642
申请日：2010-04-08
申请人：中兴通讯股份有限公司 , 周伟
发明人：周伟
IPC分类号： H04W12/04
CPC分类号： H04W12/06 , H04L63/067 , H04L2463/062 , H04W12/04 , H04W36/0016 , H04W36/0038 , H04W36/08

94. 发明申请

WO2009000223A3 DEVICE AND METHOD FOR TAP-PROOF AND MANIPULATION-PROOF ENCODING OF ONLINE ACCOUNTS 审中-公开
标题翻译：用于保护和操纵在线账户安全加密的设备和方法
公开(公告)号：WO2009000223A3
公开(公告)日：2009-10-01
申请号：PCT/DE2008000885
申请日：2008-05-27
申请人： UNIV TUEBINGEN , BORCHERT BERND , REINHARDT KLAUS
发明人： BORCHERT BERND , REINHARDT KLAUS
IPC分类号： G06F3/03 , G06F21/34 , G06F21/36
CPC分类号： H04L63/067 , G06F21/34 , G06F21/36 , G06Q20/341 , G06Q20/40975 , G07F7/1008
摘要： The invention relates to a method and a device for the tap-proof and manipulation-proof transmission of messages between a server and the computer of a client, over a computer network, and for the decoding of encoded messages by clients. The method and the device can be especially used for encoding online accounts, especially for online banking. The device, described as a cryptocard, is preferably a flat appliance comprising photosensory elements on the rear side and a display on the front side. The device also contains a logic element/processor and an electronic memory containing codes. It is placed on the screen of the computer of the client, on which the following is displayed in image format: (1) an encoded message, (2) the number of the code required for the decoding, and (3) the co-ordinates of the actual position of the indicator symbol. This information received by the photosensors is decoded by the logic element/processor by means of the code, and the message is decoded and displayed in a clearly visible manner on the display. The indicator symbol on the screen is simulated on the display. By clicking buttons marked with characters on the cryptocard, a message can be transmitted from the client to the server. As the marking of the buttons by the characters is fixed previously at random by the server and transmitted in a tap-proof manner to the cryptocard, the transmission of the message from the client to the server is also tap-proof. The tap-proofness in both directions allows a protocol for online banking to be implemented, which renders the PIN tap-proof and prevents the falsification of transfers.
摘要翻译：本发明涉及一种通过计算机网络在服务器和客户机的计算机之间防止篡改传输消息并且用于由客户机解密加密消息的方法和装置。该方法和设备尤其可用于在线账户的加密，特别是用于在线银行业务。该装置在下文中被称为钥匙卡，其优选为背面具有光电传感器元件且正面具有显示器的扁平装置。此外，它还包含一个逻辑电路/处理器和一个带有按键的电子记忆。它被放置在客户机的计算机的屏幕上，显示在下面的图像格式：（1）一个编码消息;（2）用于解密密钥的必要的数，和（3）的指针符号的当前位置的坐标。由光电传感器接收的这些信息由逻辑电路/处理器使用密钥解码，并且消息在显示器上未加密显示并清晰可见。屏幕上模拟屏幕上的指针图标。通过点击钥匙卡上标有字符的按钮，相反，可以将消息从客户端传送到服务器。由于字符按钮的标记以前是由服务器随机确定的并且已经以无声的方式发送到了钥匙卡，所以从客户端到服务器的这个消息的传输也是不可闻的。两个方向上的非可听性允许网上银行协议使得PIN不可用，并且使得不可能传送失败。

95. 发明申请

WO2009025905A2 REMOTE AUTHENTICATION AND TRANSACTION SIGNATURES 审中-公开
标题翻译：远程认证和交易签名
公开(公告)号：WO2009025905A2
公开(公告)日：2009-02-26
申请号：PCT/US2008/065216
申请日：2008-05-30
申请人： VASCO DATA SECURITY, INC. , VASCO DATA SECURITY INTERNATIONAL GMBH , COULIER, Frank , HOORNAERT, Frank
发明人： COULIER, Frank , HOORNAERT, Frank
IPC分类号： H04L9/00
CPC分类号： G06F21/34 , G06F21/31 , G06F21/33 , G06F2221/2103 , G06Q20/3823 , G06Q20/388 , H04L9/006 , H04L9/3228 , H04L9/3242 , H04L9/3271 , H04L63/067 , H04L2209/56
摘要： The invention provides a method, apparatus, computer readable medium and signal which allows the usage of devices containing PKl private keys such as PKI- enabled smart cards or USB sticks to authenticate users and to sign transactions. The authenticity of the user and/or the message is verified. Furthermore the operation (authentication and/or signing) occurs without the need for an application to have some kind of a direct or indirect digital connection with the device containing the private key. In other words a digital connection that would allow an application to submit data to the card for signing by the card's private key and that would allow retrieving the entire resulting signature from the card is not required. In addition the operation occurs without the need for the PKI-enabled device containing the private key (e.g. a PKI smart card or USB stick) to either support symmetric cryptographic operations or to have been personalized with some secret or confidential data element that can be read by a suitable reader.
摘要翻译：本发明提供了一种方法，设备，计算机可读介质和信号，其允许使用包含PKI私钥的设备（例如启用PKI的智能卡或USB棒）来认证用户并对交易进行签名。用户和/或消息的真实性得到验证。此外，操作（认证和/或签名）不需要应用程序与包含私钥的设备进行某种直接或间接的数字连接。换句话说，允许应用程序向卡提交数据以供卡的私钥签名并且允许从卡中检索整个签名的数字连接不是必需的。此外，该操作不需要包含私钥的PKI设备（例如PKI智能卡或USB棒）就可以支持对称加密操作，或者通过一些可以读取的秘密或机密数据元素进行个性化由适当的读者。

96. 发明申请

WO2008122918A2 SECURE CLIENT-SIDE EMBEDDING USING MULTIPLE ONE-TIME-PADS 审中-公开
标题翻译：使用多个一次性安全的安全的客户端嵌入
公开(公告)号：WO2008122918A2
公开(公告)日：2008-10-16
申请号：PCT/IB2008051209
申请日：2008-04-01
申请人： KONINKL PHILIPS ELECTRONICS NV , CELIK MEHMET U , LEMMA AWEKE N , VAN DER VEEN MINNE
发明人： CELIK MEHMET U , LEMMA AWEKE N , VAN DER VEEN MINNE
CPC分类号： H04L63/0457 , G11B20/00086 , G11B20/0021 , G11B20/00884 , G11B2220/2545 , G11B2220/2562 , H04L9/0656 , H04L63/067 , H04L2209/608 , H04L2463/061 , H04L2463/103
摘要： The present invention relates to a method and a unit for securely providing watermarking data for watermarking a content. Watermarking data consists of cipher texts that are generated based on the content, a watermark and a number of encryption parameters. The invention also provides a method and a unit for securely watermarking a content at an untrusted location, such as at the location of a content consumer. The watermarking unit receives a number of cipher texts provided for instance by a watermarking data unit in accordance with the invention, and calculates the watermarked signal based on the cipher texts.
摘要翻译：本发明涉及一种用于安全地提供用于对内容进行水印处理的水印数据的方法和单元。水印数据由基于内容生成的密码，水印和多个加密参数组成。本发明还提供了一种用于在诸如在内容消费者的位置处的不信任位置处安全地水印内容的方法和单元。水印单元接收根据本发明的例如由水印数据单元提供的多个密文，并且基于密文来计算加水印的信号。

97. 发明申请

WO2008025272A1 初始会话协议应用系统及建立安全通道的装置和方法审中-公开
公开(公告)号：WO2008025272A1
公开(公告)日：2008-03-06
申请号：PCT/CN2007/070392
申请日：2007-07-31
申请人：华为技术有限公司 , 文楷 , 顾炯炯
发明人：文楷 , 顾炯炯
IPC分类号： H04L9/32 , H04L29/06
CPC分类号： H04L29/06027 , H04L63/0435 , H04L63/067 , H04L65/1006
摘要： A Session Initiated Protocol system, i.e. a SIP system, a means for establishing a security channel and the method thereof are provided. The SIP system includes a terminal and a web server, wherein the terminal is for sending a register request, calculating an :ncryption key same as the encryption key of a web server based on the corresponding information from the web server and the information stored in the said terminal, and establishing a security channel with the web server based on the said encryption keys, and the web server is for receiving the register request from the terminal, calculating and storing the encryption key same as the encryption key of the terminal based on the request of the terminal and the information stored in the web server, establishing the security channel with the terminal based on the said encryption keys, and sending the subsequently respond information to the terminal. During the SIP system performs the authentication process through the HTTP Digest mechanism, the web server and the terminal calculate the respective encryption keys respectively, thereby a security channel can be established between the web server and the terminal.

98. 发明申请

WO2007144842A2 USAGE OF NONCE-BASED AUTHENTICATION SCHEME IN A SESSION-BASED AUTHENTICATION APPLICATION 审中-公开
标题翻译：在基于会话的认证申请中使用基于非核心认证方案
公开(公告)号：WO2007144842A2
公开(公告)日：2007-12-21
申请号：PCT/IB2007052259
申请日：2007-06-14
申请人： NOKIA CORP , LEINONEN ANU , UNGVARI GABOR
发明人： LEINONEN ANU , UNGVARI GABOR
CPC分类号： H04L63/062 , H04L63/067 , H04L63/068 , H04L67/14
摘要： Usage of nonce-based authentication scheme in a session- based authentication application, usable in a communication system comprising a session control server and an authentication server, which are configured to provide for a session-based authentication application, wherein authentication is based on a nonce-based authentication scheme, comprising an indication of an operation mode of the session control server from the session control server to the authentication server in an authentication request, wherein the operation mode included proxy mode and user agent mode.
摘要翻译：在基于会话的认证应用中使用基于会话的认证方案，可用于包括会话控制服务器和认证服务器的通信系统中，其被配置为提供基于会话的认证应用，其中认证基于随机数包括在认证请求中从会话控制服务器到认证服务器的会话控制服务器的操作模式的指示，其中，所述操作模式包括代理模式和用户代理模式。

99. 发明申请

WO2006115741A2 METHOD AND APPARATUS FOR GENERATING SESSION KEYS 审中-公开
标题翻译：用于生成会话的方法和装置
公开(公告)号：WO2006115741A2
公开(公告)日：2006-11-02
申请号：PCT/US2006/013126
申请日：2006-04-07
申请人： MOTOROLA, INC. , VENKITARAMAN, Narayanan , NAKHJIRI, Madjid, F.
发明人： VENKITARAMAN, Narayanan , NAKHJIRI, Madjid, F.
IPC分类号： H04M1/66 , H04Q7/20
CPC分类号： H04L63/067 , H04W12/04 , H04W36/0038
摘要： Nonce exchange with a target BS is performed even when the MS connected to the source BS so when the mobile reaches the new BS, it will be able to create a fresh key quickly. Alternatively, the MS can provide the nonce directly to the target base station immediately (or very soon) upon handing over. In a similar manner, the mobile will receive the target BS nonce via one of several techniques. In a first embodiment of the present invention the target BS will share the BS nonce with the source BS which will provide the nonce to the MS. In a second embodiment of the present invention the target base station will transmit the nonce over-the-air to the MS as part to the initial exchanges leading to the set up of the wireless link between the MS and the target BS.
摘要翻译：即使连接到源BS的MS，当移动台到达新的BS时，即使与目标BS进行永久交换，也能够快速地创建新的密钥。或者，MS可以在交付时立即（或很快）将目标基站直接提供给目标基站。以类似的方式，移动台将通过几种技术之一接收目标BS随机数。在本发明的第一实施例中，目标BS将与将向MS提供随机数的源BS共享BS随机数。在本发明的第二实施例中，目标基站将作为一部分将作为MS和目标BS之间的无线链路建立的初始交换的空中无线传送到MS。

100. 发明申请

WO2004105309A3 ACCESS AUTHENTICATION 审中-公开
标题翻译：访问认证
公开(公告)号：WO2004105309A3
公开(公告)日：2005-02-17
申请号：PCT/EP2004005522
申请日：2004-05-21
申请人： ERICSSON TELEFON AB L M , BJARME JENS , SKOOG MICHAEL , SCHALIN PATRIK , SMEETS BERNARD
发明人： BJARME JENS , SKOOG MICHAEL , SCHALIN PATRIK , SMEETS BERNARD
IPC分类号： H04L9/08 , H04L9/32 , H04L29/06
CPC分类号： H04L63/0442 , H04L63/061 , H04L63/067 , H04L63/08
摘要： A method of authenticating a client for a service on a network, wherein the client is authenticated by a service provider and granted permissions for the service if the client can read a service provider session secret, calculate a client session secret and upon comparison of the service provider and client session secrets grant permissions.
摘要翻译：一种用于对网络上的服务进行认证的方法，其中如果客户端可以读取服务提供者会话秘密，则客户端被服务提供商认证并且授予服务的许可，计算客户会话秘密，并且在服务的比较提供者和客户端会话秘密授予权限。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式