会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明申请
    • SOFTWARE RUN-TIME PROVENANCE
    • 软件运行时间
    • WO2013015910A1
    • 2013-01-31
    • PCT/US2012/043064
    • 2012-06-19
    • ALCATEL LUCENTMC LELLAN, Hubert, R.KOLESNIKOV, Vladimir
    • MC LELLAN, Hubert, R.KOLESNIKOV, Vladimir
    • G06F21/00
    • G06F21/575
    • An executing first computing module verifies the run-time provenance of an unverified second computing module. A signed certificate identifying an author of the second computing module is received at the first computing module. An association between the signed certificate and the second computing module is verified. A first provenance certificate and associated private key signed by the first computing module and identifying a runtime provenance of the second computing module is then generated, and the first provenance certificate is published to the second computing module. A chain of signed certificates, including provenance certificates and a static identification certificates, can be published. Each provenance certificate in the chain verifies the integrity of a layer of execution, and the plurality of static identification certificates identifies a respective author of the computing module associated with each layer of software. The provenance of the second computing module can be recursively traced through the published chain of certificates.
    • 执行的第一计算模块验证未验证的第二计算模块的运行时间来源。 在第一计算模块处接收识别第二计算模块的作者的签名证书。 验证签名证书和第二计算模块之间的关联。 然后生成由第一计算模块签名并识别第二计算模块的运行时源的第一来源证书和相关联的私钥,并且将第一来源证书发布到第二计算模块。 可以发布一系列签名证书,包括出货凭证和静态认证证书。 链中的每个来源证书验证执行层的完整性,并且多个静态识别证书识别与每层软件相关联的计算模块的相应作者。 第二个计算模块的来源可以通过发布的证书链递归地追踪。
    • 2. 发明申请
    • EMBEDDED SFE: OFFLOADING SERVER AND NETWORK USING HARDWARE TOKEN
    • 嵌入式SFE:使用硬件TOKEN卸载服务器和网络
    • WO2011068719A1
    • 2011-06-09
    • PCT/US2010/057769
    • 2010-11-23
    • ALCATEL-LUCENT USA INC.KOLESNIKOV, Vladimir
    • KOLESNIKOV, Vladimir
    • H04L9/08
    • G09C1/00H04L9/0838H04L9/0877H04L9/3234H04L2209/12H04L2209/56
    • An improved secure transaction system for facilitating secure transactions between devices in a network is set forth. The system includes a first device. A secure agent, adapted for encrypting and delivering a message on behalf of the first device, is provided. The secure agent has a secret key drawn at random from a large domain embedded in the agent by the first device. A second device, adapted to obtain the message, based on a session ID, from the secure agent, is provided. The second device can selectively test the truth of a corresponding message from the agent, based on querying of the first device. The testing is unknown and unpredictable to the secure agent during the transaction. In this manner, the first device and agent are kept separate to deter cheating.
    • 阐述了一种改进的安全交易系统,用于促进网络中设备之间的安全交易。 该系统包括第一设备。 提供了适于代表第一设备加密和传递消息的安全代理。 安全代理具有由第一设备从代理中嵌入的大域中随机绘制的秘密密钥。 提供了一种适于从安全代理获得基于会话ID的消息的第二设备。 第二设备可以基于对第一设备的查询来选择性地测试来自代理的对应消息的真实性。 在交易过程中,安全代理程序的测试是未知的和不可预知的。 以这种方式,第一设备和代理被保持分开以阻止作弊。
    • 3. 发明申请
    • EFFICIENT KEY MANAGEMENT SYSTEM AND METHOD
    • 有效的密钥管理系统和方法
    • WO2011005569A2
    • 2011-01-13
    • PCT/US2010/039647
    • 2010-06-23
    • ALCATEL-LUCENT USA INC.KOLESNIKOV, VladimirGURBANI, Vijay
    • KOLESNIKOV, VladimirGURBANI, Vijay
    • H04L29/06
    • H04L63/061H04L9/083H04L63/18H04L65/1006H04L65/105H04L2209/76
    • A system for providing cost effective, secure key exchange from at least one first device to at least one second device through at least one proxy server is provided. The system includes a first key exchange message from the at least one first device to the at least one second device via the at least one proxy server. A second key exchange message from the at least one second device to the at least one first device via a media stream of the Internet is required to complete the computation of the session key. A method of securing a communication system is also set forth. The method includes the steps of providing a routing device for identifying a subscriber, and providing a master key exchange session, the master key exchange session including a key k to find a subscriber and a nonce r to answer a query to the subscriber, wherein the master key exchange session includes both the key k and the nonce r.
    • 提供了一种用于通过至少一个代理服务器从至少一个第一设备向至少一个第二设备提供成本有效的安全密钥交换的系统。 该系统包括经由至少一个代理服务器从至少一个第一设备到至少一个第二设备的第一密钥交换消息。 需要经由互联网的媒体流从至少一个第二设备到至少一个第一设备的第二密钥交换消息来完成对话密钥的计算。 还提出了一种保护通信系统的方法。 该方法包括以下步骤:提供用于识别订户的路由​​设备,以及提供主密钥交换会话,所述主密钥交换会话包括密钥k以找到订户并且随机地向订户回答查询,其中所述 主密钥交换会话包括密钥k和随机数r。
    • 6. 发明申请
    • SYSTEM AND METHOD FOR ACCESSING PRIVATE DIGITAL CONTENT
    • 用于访问私有数字内容的系统和方法
    • WO2011067139A1
    • 2011-06-09
    • PCT/EP2010/068027
    • 2010-11-23
    • ALCATEL LUCENTBOSCH, PeterKOLESNIKOV, VladimirMULLENDER, SapeDAENEN, Koen
    • BOSCH, PeterKOLESNIKOV, VladimirMULLENDER, SapeDAENEN, Koen
    • H04L29/06H04L9/08
    • H04L63/06H04L9/0838H04L9/3215H04L9/3263H04L63/0823H04L63/166H04L2209/60
    • Method for providing access to private digital content installed on a content server C (s), wherein a content manager server C (a) has a number of clients potentially interested in the private content; the method comprising the following steps performed at the content management server C (a) : establishing a first communication channel with a client C (b) of the number of clients; receiving a query for private digital content from the client C (b) and sending an appropriate response, causing the client to establish a second communication channel with the content server; establishing a secure session with the content server C (s) over the first and second communication channel; establishing a new session key for the secure session and transmitting said new session key to the client C (b), so that the client can obtain the queried private digital content from the content server as if the client is the content management server.
    • 用于提供对安装在内容服务器C上的私人数字内容的访问的方法,其中内容管理器服务器C(a)具有可能对私人内容感兴趣的客户端数量; 该方法包括在内容管理服务器C(a)执行的以下步骤:与客户端数量的客户端C(b)建立第一通信信道; 从客户端C(b)接收私人数字内容的查询并发送适当的响应,使客户端与内容服务器建立第二通信信道; 在所述第一和第二通信信道上建立与所述内容服务器C的安全会话; 建立用于安全会话的新会话密钥并将所述新的会话密钥发送到客户端C(b),使得客户端可以从内容服务器获得查询的私人数字内容,就像客户端是内容管理服务器一样。
    • 10. 发明申请
    • EFFICIENT KEY MANAGEMENT SYSTEM AND METHOD
    • 高效的关键管理系统和方法
    • WO2011005569A3
    • 2011-03-24
    • PCT/US2010039647
    • 2010-06-23
    • ALCATEL LUCENT USA INCKOLESNIKOV VLADIMIRGURBANI VIJAY
    • KOLESNIKOV VLADIMIRGURBANI VIJAY
    • H04L29/06H04L9/08
    • H04L63/061H04L9/083H04L63/18H04L65/1006H04L65/105H04L2209/76
    • A system for providing cost effective, secure key exchange from at least one first device to at least one second device through at least one proxy server is provided. The system includes a first key exchange message from the at least one first device to the at least one second device via the at least one proxy server. A second key exchange message from the at least one second device to the at least one first device via a media stream of the Internet is required to complete the computation of the session key. A method of securing a communication system is also set forth. The method includes the steps of providing a routing device for identifying a subscriber, and providing a master key exchange session, the master key exchange session including a key k to find a subscriber and a nonce r to answer a query to the subscriber, wherein the master key exchange session includes both the key k and the nonce r.
    • 提供了一种用于通过至少一个代理服务器从至少一个第一设备到至少一个第二设备提供成本有效的安全密钥交换的系统。 系统包括经由至少一个代理服务器从至少一个第一设备到至少一个第二设备的第一密钥交换消息。 需要经由因特网的媒体流从至少一个第二设备到至少一个第一设备的第二密钥交换消息来完成会话密钥的计算。 还阐述了确保通信系统的方法。 该方法包括以下步骤:提供用于识别订户的路由​​设备,以及提供主密钥交换会话,所述主密钥交换会话包括查找订户的密钥k和用户应答查询的随机数,其中, 主密钥交换会话包括密钥k和随机数。