-
公开(公告)号:US20070152035A1
公开(公告)日:2007-07-05
申请号:US11319783
申请日:2005-12-29
CPC分类号: G06Q20/3227 , G06Q20/105 , G06Q20/204 , G06Q20/32 , G06Q20/327 , G06Q20/352 , G06Q50/265
摘要: The present disclosure relates generally to the authentication of contactless payments attempted by a device having embedded contactless payment functionality. In particular, the disclosure is directed to systems and methods that utilize authentication schemes that already exist on a device in which the contactless payment functionality is embedded. One example of such authentication schemes is the use of password protection to lock or unlock the device in which the contactless payment functionality is embedded. Using the password protection functionality may provide varying levels of authentication protection based on the desires of the user. A number of exemplary uses of such a method and apparatus are disclosed herein.
摘要翻译: 本公开一般涉及具有嵌入式非接触式支付功能的设备尝试的非接触支付的认证。 具体地,本公开涉及利用已经存在于其中嵌入非接触式支付功能的设备的认证方案的系统和方法。 这种认证方案的一个示例是使用密码保护来锁定或解锁嵌入非接触式支付功能的设备。 使用密码保护功能可以基于用户的期望来提供不同级别的认证保护。 这里公开了这种方法和装置的许多示例性用途。
-
公开(公告)号:US07929702B2
公开(公告)日:2011-04-19
申请号:US11058259
申请日:2005-02-16
IPC分类号: H04L9/00
CPC分类号: H04L9/0825 , H04L9/0861 , H04L2209/80
摘要: A system and method for generating reproducible session keys in a wireless messaging system. The session key is generated based on a hash of a message itself, optionally concatenated with additional information. Since the local server stores the message, it can easily regenerate the same session key in response to each MORE request. The method of the invention can be implemented with the stored original message, a public key, and an algorithm for generating the session key based on a hash of the message.
摘要翻译: 一种用于在无线消息收发系统中产生可再现会话密钥的系统和方法。 会话密钥基于消息本身的散列生成,可选地与附加信息连接。 由于本地服务器存储消息,因此可以根据每个MORE请求轻松地重新生成相同的会话密钥。 本发明的方法可以利用存储的原始消息,公共密钥和用于基于消息的散列来生成会话密钥的算法来实现。
-
公开(公告)号:US07646872B2
公开(公告)日:2010-01-12
申请号:US11118236
申请日:2005-04-29
申请人: Michael K. Brown , Herbert A. Little , David Victor MacFarlane , Michael S. Brown , Dinah Lea Marie Davis
发明人: Michael K. Brown , Herbert A. Little , David Victor MacFarlane , Michael S. Brown , Dinah Lea Marie Davis
IPC分类号: H04K1/00
CPC分类号: H04L9/08 , H04L9/002 , H04L9/0841 , H04L9/0844 , H04L9/3066 , H04L9/3215 , H04L9/3226 , H04L63/061 , H04L63/083 , H04L63/18 , H04L2209/80 , H04W12/04 , H04W12/06
摘要: A method for secure bidirectional communication between two systems is described. A first key pair and a second key pair are generated, the latter including a second public key that is generated based upon a shared secret. First and second public keys are sent to a second system, and third and fourth public keys are received from the second system. The fourth public key is generated based upon the shared secret. A master key for encrypting messages is calculated based upon a first private key, a second private key, the third public key and the fourth public key. For re-keying, a new second key pair having a new second public key and a new second private key is generated, and a new fourth public key is received. A new master key is calculated using elliptic curve calculations using the new second private key and the new fourth public key.
摘要翻译: 描述了两个系统之间的安全双向通信的方法。 产生第一密钥对和第二密钥对,后者包括基于共享秘密生成的第二公钥。 第一和第二公钥被发送到第二系统,并且从第二系统接收第三和第四公钥。 第四个公钥是基于共享的秘密生成的。 基于第一私钥,第二私钥,第三公钥和第四公钥来计算用于加密消息的主密钥。 为了重新键入,生成具有新的第二公钥和新的第二私钥的新的第二密钥对,并接收新的第四公钥。 使用新的第二私钥和新的第四公钥,使用椭圆曲线计算来计算新的主密钥。
-
124.发明授权公开(公告)号:US07543122B2
公开(公告)日:2009-06-02
申请号:US11202786
申请日:2005-08-11
IPC分类号: G06F12/00
CPC分类号: G06F21/79 , G06F12/0802 , G06F12/1408
摘要: Increasing security for a hand-held data processing device with communication functionality where such a device includes an access-ordered memory cache relating to communications carried out by the device. The hand-held data processing device has a locked state that is entered by the device receiving or initiating a trigger. On occurrence of the trigger to enter the locked state the memory cache is reordered so as to disrupt the access-ordering of the cache to obscure device traffic information and thus increase the security of the device in the locked state.
摘要翻译: 提高具有通信功能的手持式数据处理设备的安全性,其中这样的设备包括与由设备执行的通信相关的访问有序的存储器高速缓存。 手持式数据处理装置具有被接收或发起触发的装置输入的锁定状态。 在发生触发器进入锁定状态时,存储器高速缓存被重新排序,以便中断高速缓存的访问排序以模糊设备交通信息,从而增加处于锁定状态的设备的安全性。
-
125.发明授权公开(公告)号:US08583056B2
公开(公告)日:2013-11-12
申请号:US13348920
申请日:2012-01-12
IPC分类号: H04B1/40
CPC分类号: H04W88/02
摘要: A mobile wireless communication device also has at least one wired communication port. Enhanced security is achieved by permitting the device to automatically disable one or more wireless ports when connected to a wired port. Specific combinations/permutations of such automatic control may be effected by use of an IT Policy also resident on the device.
摘要翻译: 移动无线通信设备还具有至少一个有线通信端口。 通过允许设备在连接到有线端口时自动禁用一个或多个无线端口来实现增强的安全性。 这种自动控制的具体组合/排列可以通过使用也驻留在设备上的IT策略来实现。
-
公开(公告)号:US08194857B2
公开(公告)日:2012-06-05
申请号:US10493507
申请日:2002-10-24
IPC分类号: H04L29/06
CPC分类号: H04L51/24 , G06Q10/107 , H04L51/38 , H04L63/0442 , H04L63/104 , H04L63/123 , H04W4/12 , H04W12/02 , H04W12/10
摘要: System and methods for processing encoded messages at a message receiver are described. Encoded message processing is performed in multiple stages. In a first stage, a new received message is at least partially decoded by performing any decoding operations that require no user input and a resulting context object is stored in memory, before a user is notified that the new message has been received. When the user accesses the new message, any further required decoding operations are performed on the stored context object in a second stage of processing. The message can subsequently be displayed or otherwise processed relatively quickly, without repeating the first stage decoding operations. Decoding operations may include signature verification, decryption, other types of decoding, or some combination thereof.
摘要翻译: 描述了在消息接收机处理编码消息的系统和方法。 编码消息处理在多个阶段执行。 在第一阶段中,在通知用户已经接收到新消息之前,通过执行不需要用户输入的任何解码操作,并且所得到的上下文对象被存储在存储器中,至少部分解码新的接收到的消息。 当用户访问新消息时,在第二阶段的处理中对存储的上下文对象执行任何进一步的所需解码操作。 随后可以相对快速地显示或以其他方式处理消息,而不重复第一级解码操作。 解码操作可以包括签名验证,解密,其他类型的解码,或其某些组合。
-
公开(公告)号:US08074078B2
公开(公告)日:2011-12-06
申请号:US11383369
申请日:2006-05-15
IPC分类号: G06F11/30
CPC分类号: H04L9/0822 , H04L9/0891 , H04L9/14 , H04L63/00 , H04L2209/24 , H04L2209/60
摘要: A method for securing data and resetting a password using a content protection key is provided, in which the content protection key itself is protected by a password. A content protection key is also protected at a data storage device with a key encryption key generated in collaboration with an additional device such as a server. The server stores a private key required to regenerate the key encryption key, but this private key is not provided from the server to the data storage device; rather, a public key derived from the private key is provided by the server. The data storage device combines the received public key and a further private key to derive the key encryption key; the further private key itself is not stored by the data storage device, but rather its matching public key is stored. The content protection key is then encrypted using a password and the derived key encryption key. If the password is lost, data from the server and from the data storage device may be combined to recreate the key encryption key.
摘要翻译: 提供了一种使用内容保护密钥保护数据和重置密码的方法,其中内容保护密钥本身由密码保护。 在数据存储设备上还保护内容保护密钥,其中使用与诸如服务器的附加设备协作生成的密钥加密密钥。 服务器存储重新生成密钥加密密钥所需的专用密钥,但该私钥没有从服务器提供给数据存储设备; 相反,由私钥导出的公钥由服务器提供。 数据存储装置将接收到的公开密钥和另外的私钥组合以导出密钥加密密钥; 另外的私钥本身不被数据存储设备存储,而是存储其匹配的公钥。 然后使用密码和派生密钥加密密钥对内容保护密钥进行加密。 如果密码丢失,则来自服务器和数据存储设备的数据可以被组合以重新创建密钥加密密钥。
-
公开(公告)号:US08056143B2
公开(公告)日:2011-11-08
申请号:US12016723
申请日:2008-01-18
IPC分类号: G06F7/04 , G06F17/30 , G06F11/00 , G06F17/00 , G06F12/14 , H04N7/16 , G08B13/00 , G08B21/00 , G08B29/00 , H04L29/06 , H04M1/66 , H04M3/16 , G06F7/00
CPC分类号: G06F21/6245 , G06F21/602 , G06F21/6218 , G06F21/88 , G06F2221/2107 , G06F2221/2113 , G06F2221/2143 , H04L63/0428 , H04L63/101 , H04L63/105 , H04W12/02 , H04W12/08
摘要: A system and method for selectively securing data from unauthorized access on a client device storing a plurality of data types with reference to an authorization level indicated in a command. A command is received at a client device comprising an authorization level indicator. Based on at least one predefined rule, which may be implemented in an IT policy stored at the client device, each of the plurality of data types to be secured is determined, and then the data corresponding to those types is secured. The data may be secured by encrypting and/or deleting the data at the client device. The predefined rules associated with each authorization level may be configured by a user or administrator having an authorization level that exceeds the associated authorization level. The system and method thus provide a method for securing only selected data types, depending on the authorization level of the issuer of the command.
摘要翻译: 一种系统和方法,用于参考命令中指示的授权级别选择性地保护存储多种数据类型的客户机设备上的未授权访问的数据。 在包括授权级别指示符的客户端设备处接收到命令。 基于可以在存储在客户端设备的IT策略中实现的至少一个预定规则,确定要保护的多个数据类型中的每一个,然后确保与这些类型对应的数据。 可以通过在客户端设备处加密和/或删除数据来保护数据。 与每个授权级别相关联的预定义规则可以由具有超过相关授权级别的授权级别的用户或管理员配置。 因此,系统和方法提供了一种仅根据命令的发行者的授权级别来保护所选择的数据类型的方法。
-
公开(公告)号:US07603556B2
公开(公告)日:2009-10-13
申请号:US10996369
申请日:2004-11-26
IPC分类号: H04L9/32
CPC分类号: H04L9/3271 , H04L9/3226 , H04L9/3236 , H04L63/083 , H04L2209/80
摘要: A challenge response scheme authenticates a requesting device by an authenticating device. The authenticating device generates and issues a challenge to the requesting device. The requesting device combines the challenge with a hash of a password provided by a user, and the combination is further hashed in order to generate a requesting encryption key used to encrypt the user supplied password. The encrypted user supplied password is sent to the authenticating device as a response to the issued challenge. The authenticating device generates an authenticating encryption key by generating the hash of a combination of the challenge and a stored hash of an authenticating device password. The authenticating encryption key is used to decrypt the response in order to retrieve the user-supplied password. If the user-supplied password hash matches the stored authenticating device password hash, the requesting device is authenticated and the authenticating device is in possession of the password.
摘要翻译: 挑战响应方案通过认证设备认证请求设备。 认证设备生成并向请求设备发出质询。 请求设备将挑战与由用户提供的密码的散列相结合,并且组合进一步进行散列,以便生成用于加密用户提供的密码的请求加密密钥。 加密的用户提供的密码作为对发布的挑战的响应被发送到认证设备。 认证设备通过生成质询的组合和存储的认证设备密码的哈希的散列来生成认证加密密钥。 认证加密密钥用于解密响应,以便检索用户提供的密码。 如果用户提供的密码哈希与存储的认证设备密码散列匹配,则请求设备被认证,认证设备拥有密码。
-
130.发明申请公开(公告)号:US20090240888A1
公开(公告)日:2009-09-24
申请号:US12475986
申请日:2009-06-01
CPC分类号: G06F21/79 , G06F12/0802 , G06F12/1408
摘要: Increasing security for a hand-held data processing device with communication functionality where such a device includes an access-ordered memory cache relating to communications carried out by the device. The hand-held data processing device has a locked state that is entered by the device receiving or initiating a trigger. On occurrence of the trigger to enter the locked state the memory cache is reordered so as to disrupt the access-ordering of the cache to obscure device traffic information and thus increase the security of the device in the locked state.
摘要翻译: 提高具有通信功能的手持式数据处理设备的安全性,其中这样的设备包括与由设备执行的通信相关的访问有序的存储器高速缓存。 手持式数据处理装置具有被接收或发起触发的装置输入的锁定状态。 在发生触发器进入锁定状态时,存储器高速缓存被重新排序,以便中断高速缓存的访问排序以模糊设备交通信息,从而增加处于锁定状态的设备的安全性。
-
-
-
-
-
-
-
-
-
搜索结果
373 条记录 (耗时 0.044 秒)
