公开(公告)号：US08369524B2

公开(公告)日：2013-02-05

申请号：US10532193

申请日：2003-10-30

Applicant: Alain Durand ,  Jean-Pierre Andreaux

Inventor： Alain Durand ,  Jean-Pierre Andreaux

IPC: H04L29/06

CPC classification number: H04L63/0435 ,  H04L9/0891 ,  H04L29/06027 ,  H04L63/0442 ,  H04N7/163 ,  H04N7/1675 ,  H04N21/4181 ,  H04N21/43632 ,  H04N21/4367 ,  H04N21/63345

Abstract: The invention concerns a method implemented in a communication network comprising a source device including: a first symmetrical key for encrypting data to be transmitted to a display device connected to the network; and the first symmetrical key encrypted with a second symmetrical network key known only to at least one display device connected to the network. When the source device needs to renew its first symmetrical key to encrypt new data, it generates a random number, then it calculates a new symmetrical key based on the first symmetrical key and on the random number. It then encrypts the data to be transmitted with the new symmetrical key and transmits to a display device, via the network: the data encrypted with the new symmetrical key, the random number, and the first encrypted symmetrical key with the second symmetrical network key.

Abstract translation: 本发明涉及一种在包括源设备的通信网络中实现的方法，包括：第一对称密钥，用于加密要发送到连接到网络的显示设备的数据; 以及用仅连接到网络的至少一个显示设备已知的第二对称网络密钥加密的第一对称密钥。 当源设备需要更新其第一个对称密钥来加密新数据时，它产生一个随机数，然后根据第一个对称密钥和随机数计算一个新的对称密钥。 然后，利用新的对称密钥对要发送的数据进行加密，并经由网络向显示装置发送：利用新的对称密钥加密的数据，随机数和具有第二对称网络密钥的第一加密对称密钥。

公开(公告)号：US08219828B2

公开(公告)日：2012-07-10

申请号：US12002691

申请日：2007-12-18

Applicant: Yves Maetz ,  Eric Diehl ,  Alain Durand ,  Michel Morvan

Inventor： Yves Maetz ,  Eric Diehl ,  Alain Durand ,  Michel Morvan

IPC: G06F21/00

CPC classification number: G06F21/123 ,  G06F2221/0797 ,  G06F2221/2137

Abstract: A method for secure installation of software applications. The user receives the software, partly encrypted, and an installation token for a number of licenses from the software provider, plugs the software and the installation token into a computer, and launches the installation application. A Secure Authenticated Channel is established between the installation application and the installation token and a unique identifier of the computer is sent thereon to the installation token. The installation token verifies that there are remaining licenses, decreases the remaining licenses, authorizes the installation and sends the decryption key and a certificate/key pair to the installation application that decrypts and installs the software, preferably linking the installation to the computer's identifier. A variant allows (virtually) unlimited installations of time limited programs that are transformed into time unlimited programs once the installation token has reported the number to the software provider and paid for the necessary licenses. Also provided is the installation token.

Abstract translation: 一种用于安全安装软件应用程序的方法。 用户从软件提供商接收部分加密的软件和许可证的安装令牌，将软件和安装令牌插入计算机，并启动安装应用程序。 在安装应用程序和安装令牌之间建立安全认证通道，并将计算机的唯一标识符发送到安装令牌。 安装令牌验证是否剩余许可证，减少剩余许可证，授权安装并将解密密钥和证书/密钥对发送到解密和安装软件的安装应用程序，最好将安装与计算机的标识符相链接。 一个变体允许（虚拟）无限制地安装时间有限的程序，一旦安装令牌向软件提供商报告了数量并支付了必要的许可证，就会将其转换为无限制的程序。 还提供了安装令牌。

公开(公告)号：US08195791B2

公开(公告)日：2012-06-05

申请号：US11883042

申请日：2006-01-16

Applicant: Alain Durand ,  Yan-Mei Tang-Talpin ,  Olivier Heen

Inventor： Alain Durand ,  Yan-Mei Tang-Talpin ,  Olivier Heen

IPC: G06F15/173

CPC classification number: H04N5/775 ,  G11B20/00086 ,  G11B20/00173 ,  H04L63/08 ,  H04L2463/101

Abstract: Distinguishing between live and recorded content in a network comprising a rendering device, an access device, and a storage device. The rendering device broadcasts a message requesting devices in the network to respond if they diffuse a content, and sets a timer. The devices respond if they diffuse the content. The rendering device then determines that the content is: live, if it has received a response from the access device; recorded, if it has received a response from the storage device, but not from the access device; and illegal, if it has not received a response before time-out of the timer. There is further a “still live delay” after diffusion of the content during which the access device responds that it is diffusing the content, and following which it may send a content release message to the storage device that may then respond to request messages.

Abstract translation: 区分包括呈现设备，访问设备和存储设备的网络中的直播和录制内容。 渲染设备广播请求网络中的设备的消息，如果它们扩散内容并响应，并且设置定时器。 如果扩展内容，设备将作出响应。 然后，渲染设备确定内容是：如果已经从接入设备接收到响应，则该内容是实时的; 如果已经从存储设备接收到响应而不是从接入设备接收到的话; 如果在计时器超时之前没有收到响应，则为非法。 在内容扩散之后，访问设备响应其内容扩散的内容进一步存在“仍然延迟”，随后可以向存储设备发送内容释放消息，然后可以响应请求消息。

公开(公告)号：US20120063595A1

公开(公告)日：2012-03-15

申请号：US12735391

申请日：2009-01-16

Applicant: Ayoub Massoudi ,  Frederic Lefebvre ,  Alain Durand

Inventor： Ayoub Massoudi ,  Frederic Lefebvre ,  Alain Durand

IPC: H04N7/167

CPC classification number: H04N7/1675 ,  H04L9/0844 ,  H04L9/3247 ,  H04L63/08 ,  H04L63/10 ,  H04N19/13 ,  H04N19/147 ,  H04N19/154 ,  H04N19/467 ,  H04N19/63 ,  H04N19/70 ,  H04N21/23476

Abstract: A layered audiovisual packet data stream, such as one obtained by a JPEG2000 encoder, is received together with information (metadata) about the contribution of each packet to the reduction of image distortion. The distortion-to-rate ratio for each packet is calculated and the packets are ordered in descending ratio. The non-encrypted packet having the highest ratio is encrypted until the target distortion is obtained. Also provided is an apparatus. In a variant, the data in the packets are substituted by dummy data instead of encrypted.

Abstract translation: 诸如由JPEG2000编码器获得的分层视听分组数据流与关于每个分组对于减少图像失真的贡献的信息（元数据）一起被接收。 计算每个数据包的失真率比，并按照降序排序数据包。 具有最高比率的非加密分组被加密直到获得目标失真。 还提供了一种装置。 在一个变体中，分组中的数据被虚拟数据替代而不是加密。

公开(公告)号：US20100327743A1

公开(公告)日：2010-12-30

申请号：US12747946

申请日：2008-12-10

Applicant: Alain Durand ,  Alain Le Clair

Inventor： Alain Durand ,  Alain Le Clair

IPC: H01J25/34

CPC classification number: H01J23/0873 ,  H01J23/005

Abstract: The invention relates to a microwave frequency structure for microwave tube comprising a cylindrical vacuum jacket and a device for containing an electron beam in the axis of revolution of the cylindrical jacket. The containing device comprises at least two rows, each containing permanent magnets, each row being aligned either side of and equidistant to the beam-containment axis, the at least two rows containing permanent magnets being of parallelepipedal shapes and having a magnetic polarization parallel to one of its edges in a plane transversal to the axis, their direction of magnetization in the row changing alternately from one containing magnet to another next containing magnet, or preceding containing magnet, to create an alternating periodic magnetic field along the containment axis.

Abstract translation: 本发明涉及一种用于微波管的微波频率结构，其包括圆柱形真空护套和用于在圆筒形套管的旋转轴中容纳电子束的装置。 容纳装置包括至少两排，每排包含永磁体，每排与梁容纳轴线对准并等距离，所述至少两行包含平行六面体形状的永磁体，并且具有平行于一个的磁极化 其边缘在横向于轴线的平面中，其行中的磁化方向从一个包含磁体交替地改变为另一个包含磁体或另一个包含磁体的磁体，以沿着容纳轴产生交替的周期磁场。

公开(公告)号：US07809946B2

公开(公告)日：2010-10-05

申请号：US12288795

申请日：2008-10-23

Applicant: Alain Durand ,  Jean-Pierre Andreaux ,  Thomas Sirvent

Inventor： Alain Durand ,  Jean-Pierre Andreaux ,  Thomas Sirvent

IPC: H04L9/06

CPC classification number: H04L9/0844

Abstract: A protocol (i.e. method) and corresponding apparatuses for calculating a session key. Two peers with knowledge of a common Diffie-Hellman permanent key, Kperm, and the identity and public key of the other peer. A first peer chooses a first ephemeral private key x and calculates the first corresponding ephemeral public key gx, which is sent to the second peer. The second peer calculates a second ephemeral public key gy in the same manner, and an ephemeral shared key Keph, hashes gy, Keph, Kperm, and its identity, and sends gy and the hash to the first peer. The first peer calculates Keph, verifies the hash, and hashes gx, Keph, Kperm, and its identity, and sends it to the second peer that verifies this hash. Thereafter, both peers obtain a session key by hashing Keph. The apparatuses may then use the session key to establish a secure authenticated channel (SAC).

Abstract translation: 协议（即方法）和用于计算会话密钥的对应装置。 具有普通Diffie-Hellman永久密钥，Kperm的知识的两个对等体，以及另一个对等体的身份和公钥。 第一对等体选择第一临时私钥x并计算发送到第二对等体的第一对应临时公钥gx。 第二对等体以相同的方式计算第二短暂公钥，并且短暂共享密钥Keph，哈希值，Keph，Kperm及其身份，并将gy和哈希发送给第一对等体。 第一个对等体计算Keph，验证哈希值，并将gx，Keph，Kperm及其身份哈希，并发送给验证此哈希值的第二个对等体。 此后，两个对等体通过散列Keph获得会话密钥。 然后，设备可以使用会话密钥来建立安全认证信道（SAC）。

公开(公告)号：US20100146297A1

公开(公告)日：2010-06-10

申请号：US12590912

申请日：2009-11-16

Applicant: Stephane Onno ,  Eric Diehl ,  Alain Durand

Inventor： Stephane Onno ,  Eric Diehl ,  Alain Durand

IPC: G06F21/24

CPC classification number: H04N7/165 ,  H04N21/4627 ,  H04N21/63345

Abstract: A method of processing digital content according to a workflow. The digital content is received and information for the workflow is checked to decide if a processing device is authorised to process the content, the workflow imposing that the digital content be processed in a process chain comprising at least two nodes, wherein the processing device is authorised to process the content if it corresponds to the node that according to the process chain is the next node to process the digital content. If the processing device is authorised to process the content, the digital content is processed and the information for the workflow is updated. Also provided is a system.

Abstract translation: 根据工作流处理数字内容的方法。 接收数字内容并检查工作流的信息以确定处理设备是否被授权处理内容，该工作流强加在包括至少两个节点的处理链中处理数字内容，其中处理设备被授权 如果它对应于根据进程链的节点是处理数字内容的下一个节点，则处理内容。 如果处理设备被授权处理内容，则处理数字内容并且更新用于工作流的信息。 还提供了一个系统。

公开(公告)号：US20090070600A1

公开(公告)日：2009-03-12

申请号：US12083279

申请日：2006-10-17

Applicant: Jean-Louis Diascorn ,  Alain Durand ,  Sylvain Lelievre

Inventor： Jean-Louis Diascorn ,  Alain Durand ,  Sylvain Lelievre

IPC: G06F21/00

CPC classification number: H04N21/2541 ,  G11B20/00086 ,  G11B20/00188 ,  G11B20/00195 ,  G11B20/0021 ,  G11B20/00449 ,  G11B20/00492 ,  G11B20/0071 ,  G11B20/00731 ,  G11B20/00797 ,  G11B20/00847 ,  G11B20/00855 ,  G11B20/10 ,  H04N21/835

Abstract: The invention relates to a method of receiving and securely recording digital data comprising a step for recording said digital data on a secured disk by a recorder/receiver belonging to a determined secured domain comprising several equipment items and defined by an identifier, a step for recording on the secured disk the identifier of the domain of the recorder/receiver to define this domain as the only domain in which the reproduction/copying of the multimedia content is authorized, wherein it comprises a prior step for recovering a disk key from the secured disk, and in that the domain identifier is encrypted by said disk key and the digital data is scrambled by title keys, said title keys being encrypted by said disk key. The invention also relates to a method of securely distributing digital data, an access device and a recorder/receiver.

Abstract translation: 本发明涉及一种接收和安全地记录数字数据的方法，包括用于通过属于确定的安全域的记录器/接收机在安全盘上记录所述数字数据的步骤，所述确定的安全域包括若干设备项目并由标识符定义，记录步骤 在安全盘上，记录器/接收器的域的标识符将该域定义为授权多媒体内容的再现/复制的唯一域，其中包括用于从安全盘恢复磁盘密钥的先前步骤 并且通过所述盘密钥加密域标识符，并且数字数据被标题密钥加扰，所述标题密钥由所述盘密钥加密。 本发明还涉及一种安全地分发数字数据，接入设备和记录器/接收机的方法。

公开(公告)号：US20080114915A1

公开(公告)日：2008-05-15

申请号：US11883989

申请日：2006-01-27

Applicant: Sylvain Lelievre ,  Alain Durand ,  Oliver Courtay ,  Jean-Louis Diascorn

Inventor： Sylvain Lelievre ,  Alain Durand ,  Oliver Courtay ,  Jean-Louis Diascorn

IPC: G06F13/14

CPC classification number: H04L63/10 ,  H04N21/2541 ,  H04N21/835

Abstract: A method for controlling access to content by an Acquisition Point to Presentation Points in clusters in a domain. The AP receives from a PP an access content request comprising the PPs cluster identity and the PP's priority. The AP verifies if access is granted to a PP in the cluster and, if so, grants access to the requesting PP. If not, the AP verifies (603) if access is granted to PPs in a maximum number of clusters. If not, the AP grants access. If the maximum is reached, the AP verifies if the requesting PP's priority is higher than the priority of every PP in another cluster. If not, access is denied; if so, the AP grants access to the requesting PP and denies access to the PPs in the cluster with the lowest priority values. An Acquisition Point is also claimed.

Abstract translation: 一种方法，用于通过采集点将域内的访问控制到集群中的表示点。 AP从PP接收到包含PP群集标识和PP优先级的访问内容请求。 AP验证是否向群集中的PP授予了访问权限，如果是，则授予对请求的PP的访问权限。 如果不是，则AP验证（603）是否允许在最大数量的聚类中对PP进行访问。 如果没有，AP授予访问权限。 如果达到最大值，则AP验证请求PP的优先级是否高于另一个集群中每个PP的优先级。 否则，访问被拒绝; 如果是这样，AP授予对请求的PP的访问，并拒绝对具有最低优先级值的集群中的PP的访问。 还要求收购点。

公开(公告)号：US20080104234A1

公开(公告)日：2008-05-01

申请号：US11883042

申请日：2006-01-16

Applicant: Alain Durand ,  Yan-Mei Tang-Talpin ,  Olivier Heen

Inventor： Alain Durand ,  Yan-Mei Tang-Talpin ,  Olivier Heen

IPC: G06F15/16

CPC classification number: H04N5/775 ,  G11B20/00086 ,  G11B20/00173 ,  H04L63/08 ,  H04L2463/101

Abstract: Distinguishing between live and recorded content in a network comprising a rendering device, an access device, and a storage device. The rendering device broadcasts a message requesting devices in the network to respond if they diffuse a content, and sets a timer. The devices respond if they diffuse the content. The rendering device then determines that the content is: live, if it has received a response from the access device; recorded, if it has received a response from the storage device, but not from the access device; and illegal, if it has not received a response before time-out of the timer. There is further a “still live delay” after diffusion of the content during which the access device responds that it is diffusing the content, and following which it may send a content release message to the storage device that may then respond to request messages.

Abstract translation: 区分包括呈现设备，访问设备和存储设备的网络中的直播和录制内容。 渲染设备广播请求网络中的设备的消息，如果它们扩散内容并响应，并设置定时器。 如果扩展内容，设备将作出响应。 然后，渲染设备确定内容是：如果已经从接入设备接收到响应，则该内容是实时的; 如果已经从存储设备接收到响应而不是从接入设备接收到的话; 如果在计时器超时之前没有收到响应，则为非法。 在内容扩散之后，访问设备响应其内容扩散的内容进一步存在“仍然延迟”，随后可以向存储设备发送内容释放消息，然后可以响应请求消息。