公开(公告)号：EP0854447A3

公开(公告)日：2000-02-23

申请号：EP97122856.4

申请日：1997-12-23

申请人： PITNEY BOWES INC.

发明人： Pauly, Steven J.

IPC分类号： G07B17/00

CPC分类号： G07B17/00733 ,  G07B17/00024 ,  G07B17/00508 ,  G07B2017/00032 ,  G07B2017/00596 ,  G07B2017/00967

摘要： A method for detecting the relocation of a postage metering system includes initializing the postage metering system with a user postal code which is stored in the postage metering system. When a mailpiece is prepared (400), its return address postal code (405) is compared to the user postal code. When the return address postal code is different from the user postal code, the user is alerted to the difference. When the user postal code is confirmed (420) as being allowable, the envelope is printed (415). When the user postal code is not allowable according to postal regulations, the user postal code is reset to correspond to a licensing post office for the return address of the mailpiece.

公开(公告)号：EP0735721A3

公开(公告)日：1999-10-06

申请号：EP96105234.7

申请日：1996-04-01

申请人： PITNEY BOWES INC.

发明人： Baker, Walter J. ,  Bator, Feliks ,  Cordery, Robert A. ,  D'Ippolito, Frank M. ,  Hunter, Kevin D. ,  Lawton, Kathryn V. ,  Lee, David K. ,  Loglisci, Louis J. ,  Pauly, Steven J. ,  Pintsov, Leon A. ,  Siveyer, Ian A.

IPC分类号： H04L9/08 ,  G07B17/04

CPC分类号： G07B17/00733 ,  G06Q20/3829 ,  G07B17/00024 ,  G07B17/00435 ,  G07B2017/00427 ,  G07B2017/0075 ,  G07B2017/00758 ,  G07B2017/00766 ,  G07B2017/0079 ,  G07B2017/00798 ,  G07B2017/00806 ,  G07B2017/0083 ,  G07B2017/00846 ,  G07B2017/00854 ,  G07B2017/00887 ,  G07B2017/00895 ,  G07B2017/00919 ,  G07B2017/00951 ,  G07B2017/00967 ,  H04L9/0825 ,  H04L9/083 ,  H04L9/321

摘要： A method of manufacturing transaction evidencing devices, such as digital postage meters, includes the steps of generating a master key in a logical security domain of a Key Management System (10); installing the master key into a digital postage meter (36); verifying the installation of the master key; and registering the master key to a logical security sub-domain in the Key Management System. The step of generating the master key further includes the steps of generating a domain; generating at least one sub-domain; installing the domain in secure boxes of the Key Management System; generating a master key and test token within the domain; and recording the master key in the domain archive. The step of installing the master key further includes the steps of installing the master key into a digital meter (36);and associating the master key with a unique device identifier. The step of registering the master key to a logical security sub-domain in the Key Management System (10) further includes the steps of assigning a sub-domain to the digital meter; installing a postal identifier into the digital meter; associating the postal identifier to the unique device identifier; generating a registration token in the digital meter based on the postal identifier and the unique device identifier; generating registration tokens using the master key recorded in the archives (25); verifying that the registration tokens are identical; and recording the master key in the sub-domain. The steps are repeated for each domain assigned to the digital postage meter.

公开(公告)号：EP0735719A3

公开(公告)日：1999-10-06

申请号：EP96105223.0

申请日：1996-04-01

申请人： PITNEY BOWES INC.

发明人： Baker, Walter J. ,  Cordery, Robert A. ,  D'Ippolito, Frank M. ,  Heiden, Gary M. ,  Lawton, Kathryn V. ,  Pauly, Steven J.

IPC分类号： H04L9/08 ,  G07B17/04

CPC分类号： H04L9/0825 ,  G07B17/00435 ,  G07B17/00733 ,  G07B2017/00096 ,  G07B2017/00443 ,  G07B2017/00887 ,  G07B2017/00967 ,  H04L9/083 ,  H04L9/3213

摘要： A method of manufacturing a secure box in a Key Management System (10) that includes a plurality of functionally distinct secure boxes initializes a first manufacturing box it one does not exist. The method creates in a manufacturing box at least one logical security domain including encryption keys needed to perform Key Management System processes within the domain, and provides a target secure box with the capability to perform at least one Key Management System function from a plurality of functions required by the Key Management System. The method authenticates the target secure box to the manufacturing box, installs a unique secure box identification in the target secure box, and creates at least one logical security domain in the target secure box corresponding to a logical security domain in the manufacturing box. The method sends a command from a Key Management System computer (24) to initialize the target secure box to perform a domain process for at least one of Key Management System functions provided within the target secure box, and initializes the target secure box in each domain process indicated in the command from the Key Management System computer (24). The method installs in the target secure box the encryption keys required to perform a key generation process within the domain. For example, target secure box may be provided with at least one of a key verification function, a key installation function, a token verification function, a key registration function, or a secure box manufacturing function.

公开(公告)号：EP0780809A2

公开(公告)日：1997-06-25

申请号：EP96120519.2

申请日：1996-12-19

申请人： PITNEY BOWES INC.

发明人： Cordery, Robert A. ,  Lee, David K. ,  Pauly, Steven J. ,  Pintsov, Leon A. ,  Riley, David W. ,  Ryan, Frederick W., Jr. ,  Weiant, Monroe A., Jr.

IPC分类号： G07B17/02

CPC分类号： G07B17/00193 ,  G07B17/0008 ,  G07B17/00314 ,  G07B2017/00177 ,  G07B2017/00201 ,  G07B2017/00322 ,  G07B2017/0033 ,  G07B2017/00338 ,  G07B2017/00346 ,  G07B2017/00411 ,  G07B2017/00427

摘要： A transaction evidencing system includes a personal computer (PC) comprising a processor, memory and hard drive, with a plurality of non-metering application programs that selectively run on the PC. An unsecured printer is operatively coupled to the PC for printing in accordance with the non-metering application programs. A portable vault card that is removably coupled to the PC is programmed to generate tokens generation and perform transaction accounting. An application interface module in the PC, which interfaces with the non-metering application programs, issues a request for one digital tokens in response to requests for indicia from a non-metering application program. A secure communications module in the PC, which securely communicates with the vault card when the vault card is coupled to the PC, sends the request for digital token to the vault card and receives a digital token generated by the vault card. An indicia bitmap generation module generates an indicia bitmap in the PC from the digital token and stores it in memory. The indicia bitmap is accessed by the non-metering application program when a print indicia operation is selected. A transaction capture module in the PC stores on the hard drive a transaction record corresponding to each issued digital token and associated postal data. The application interface module, the secure communications module, the indicia bitmap generation module and the transaction capture module are part of a dynamic link library module in the PC.

摘要翻译： 交易证明系统包括包括处理器，存储器和硬盘驱动器的个人计算机（PC），其具有选择性地在PC上运行的多个非计量应用程序。 根据非计量应用程序，不安全的打印机可操作地耦合到PC以进行打印。 可拆卸地耦合到PC的便携式存储卡被编程为产生令牌生成并执行事务计费。 与非计费应用程序接口的PC中的应用接口模块响应于来自非测量应用程序的标记请求而发出一个数字令牌的请求。 PC中的安全通信模块，当保险库卡耦合到PC时，与保险库卡安全地通信，向数据库卡发送数字令牌请求并接收由保险库卡产生的数字令牌。 标记位图生成模块从数字令牌在PC中生成标记位图并将其存储在存储器中。 当选择打印标记操作时，非测量应用程序访问标记位图。 PC中的交易捕获模块在硬盘驱动器上存储对应于每个发行的数字令牌和相关联的邮政数据的交易记录。 应用接口模块，安全通信模块，标记位图生成模块和事务捕获模块是PC中动态链接库模块的一部分。

公开(公告)号：EP0735722A2

公开(公告)日：1996-10-02

申请号：EP96105237.0

申请日：1996-04-01

申请人： PITNEY BOWES INC.

发明人： Baker, Walter J. ,  Bator, Feliks ,  Cordery, Robert A. ,  Hunter, Kevin D. ,  Lawton, Kathryn V. ,  Loglisci, Louis J. ,  Pauly, Steven J. ,  Pintsov, Leon A. ,  Ryan, Frederick W., Jr. ,  Weiant, Monroe A., Jr. ,  Heiden, Gary M.

IPC分类号： H04L9/08 ,  G07B17/04

CPC分类号： H04L9/083 ,  G07B17/0008 ,  G07B17/00733 ,  G07B2017/00846 ,  G07B2017/00854 ,  G07B2017/00862 ,  G07B2017/0087 ,  G07B2017/00895 ,  G07B2017/00967 ,  H04L9/0825 ,  H04L9/3213

摘要： A Key Management System (10) for generating, distributing and managing cryptographic keys used by an information transaction system that employs cryptographic means to produce evidence of information integrity. The system comprises a plurality of functionally distinct secure boxes operatively coupled to each other. Each of the secure boxes performs functions for key generation, key installation, key verification or validation of tokens. Computers (24, 30), operatively coupled to the secure boxes, provide system control and facilitate communication among the secure boxes. A plurality of separate logical security domains provide domain processes for key generation, key installation, key verification and validation of tokens produced by the transaction evidencing device within the domain using the key management functions. A plurality of domain archives, corresponding respectively to each of the security domains, securely and reliably record key status records and master keys for each domain. The Key Management System installs the master keys in the transaction evidencing device (36) and validates the tokens. The secure boxes include a key generation box for generating, encrypting and signing a master key; a key installation box (32) for receiving, verifying and decrypting the signed master key and for installing the master key into the transaction evidencing device (36), a key verification box for verifying the installation of the master key in the transaction evidencing device, a token verification box for verifying the tokens, and at least one manufacturing box for generating domain keys and distributing the domain keys among the secure boxes for each of the domains.

摘要翻译： 一种密钥管理系统（10），用于生成，分发和管理信息交易系统使用的加密密钥，该信息交易系统采用加密手段来产生信息完整性的证据。 该系统包括可操作地彼此耦合的多个功能不同的安全盒。 每个安全盒都执行密钥生成，密钥安装，密钥验证或令牌验证的功能。 可操作地耦合到安全盒的计算机（24,30）提供系统控制并促进安全盒之间的通信。 多个单独的逻辑安全域提供用于密钥生成，密钥安装，密钥验证和使用密钥管理功能由域内的事务证明设备产生的令牌的验证的域过程。 分别对应于每个安全域的多个域归档安全可靠地记录每个域的密钥状态记录和主密钥。 密钥管理系统将主密钥安装在事务证明设备（36）中，并验证令牌。 安全盒包括用于生成，加密和签名主密钥的密钥生成盒; 用于接收，验证和解密所签署的主密钥并将主密钥安装到交易证明设备（36）中的密钥安装箱（32），用于验证主密钥在交易证明设备中的安装的密钥验证盒， 用于验证令牌的令牌验证盒，以及用于生成域密钥和在每个域的安全框之间分配域密钥的至少一个制造盒。

公开(公告)号：EP0735721A2

公开(公告)日：1996-10-02

申请号：EP96105234.7

申请日：1996-04-01

申请人： PITNEY BOWES INC.

发明人： Baker, Walter J. ,  Bator, Feliks ,  Cordery, Robert A. ,  D'Ippolito, Frank M. ,  Hunter, Kevin D. ,  Lawton, Kathryn V. ,  Lee, David K. ,  Loglisci, Louis J. ,  Pauly, Steven J. ,  Pintsov, Leon A. ,  Siveyer, Ian A.

IPC分类号： H04L9/08 ,  G07B17/04

CPC分类号： G07B17/00733 ,  G06Q20/3829 ,  G07B17/00024 ,  G07B17/00435 ,  G07B2017/00427 ,  G07B2017/0075 ,  G07B2017/00758 ,  G07B2017/00766 ,  G07B2017/0079 ,  G07B2017/00798 ,  G07B2017/00806 ,  G07B2017/0083 ,  G07B2017/00846 ,  G07B2017/00854 ,  G07B2017/00887 ,  G07B2017/00895 ,  G07B2017/00919 ,  G07B2017/00951 ,  G07B2017/00967 ,  H04L9/0825 ,  H04L9/083 ,  H04L9/321

摘要： A method of manufacturing transaction evidencing devices, such as digital postage meters, includes the steps of generating a master key in a logical security domain of a Key Management System (10); installing the master key into a digital postage meter (36); verifying the installation of the master key; and registering the master key to a logical security sub-domain in the Key Management System. The step of generating the master key further includes the steps of generating a domain; generating at least one sub-domain; installing the domain in secure boxes of the Key Management System; generating a master key and test token within the domain; and recording the master key in the domain archive. The step of installing the master key further includes the steps of installing the master key into a digital meter (36);and associating the master key with a unique device identifier. The step of registering the master key to a logical security sub-domain in the Key Management System (10) further includes the steps of assigning a sub-domain to the digital meter; installing a postal identifier into the digital meter; associating the postal identifier to the unique device identifier; generating a registration token in the digital meter based on the postal identifier and the unique device identifier; generating registration tokens using the master key recorded in the archives (25); verifying that the registration tokens are identical; and recording the master key in the sub-domain. The steps are repeated for each domain assigned to the digital postage meter.

摘要翻译： 制造诸如数字邮资计费器的交易证明设备的方法包括以下步骤：在密钥管理系统（10）的逻辑安全域中生成主密钥; 将主密钥安装到数字邮资计费器（36）中; 验证主密钥的安装; 并将主密钥注册到密钥管理系统中的逻辑安全子域。 产生主密钥的步骤还包括产生域的步骤; 生成至少一个子域; 将域安装在密钥管理系统的安全框中; 在域内生成主密钥和测试令牌; 并将主密钥记录在域归档中。 安装主密钥的步骤还包括将主密钥安装到数字计量器（36）中的步骤;以及将主密钥与唯一的设备标识符相关联。 将主密钥注册到密钥管理系统（10）中的逻辑安全子域的步骤还包括以下步骤：将子域分配给数字仪表; 在数字仪表中安装邮政识别码; 将邮政标识符与唯一的设备标识符相关联; 基于所述邮政标识符和所述唯一设备标识符在所述数字计量表中生成注册令牌; 使用记录在归档（25）中的主密钥来生成注册令牌; 验证注册令牌是否相同; 并将主密钥记录在子域中。 为分配给数字邮资计费器的每个域重复这些步骤。