-
公开(公告)号:US20070192587A1
公开(公告)日:2007-08-16
申请号:US11504767
申请日:2006-08-16
IPC分类号: H04L9/00
CPC分类号: H04L63/0428 , H04L9/083 , H04L9/0869 , H04L63/20
摘要: Each terminal registers the key generation information into each session management server, the information including a plurality of setting items necessary for determining set values to generated a key to be used by itself, and set value candidates which are stored in the setting items. When the encryption communications are established between the terminals, the individual session management servers and a key generation information management server are associated, so that the key generation information management server selects the algorithm suite based on the key generation information. The session management server generates the parameters based on the selected algorithm suite, acquires the information on the selected algorithm suite from the key generation information management server, generates the key for the encryption communications based on that information and distributes the key to the each terminal.
摘要翻译: 每个终端将密钥生成信息注册到每个会话管理服务器中,该信息包括确定设置值所需的多个设置项目以产生要自己使用的密钥,并设置存储在设置项目中的值候选。 当在终端之间建立加密通信时,各个会话管理服务器和密钥生成信息管理服务器相关联,使得密钥生成信息管理服务器基于密钥生成信息来选择算法套件。 会话管理服务器根据选择的算法套件生成参数,从密钥生成信息管理服务器获取所选算法套件的信息,根据该信息生成加密通信的密钥,并将密钥分配给每个终端。
-
公开(公告)号:US20060277406A1
公开(公告)日:2006-12-07
申请号:US11436048
申请日:2006-05-18
申请人: Yoko Hashimoto , Takahiro Fujishiro , Tadashi Kaji , Osamu Takata , Kazuyoshi Hoshino , Shinji Nakamura
发明人: Yoko Hashimoto , Takahiro Fujishiro , Tadashi Kaji , Osamu Takata , Kazuyoshi Hoshino , Shinji Nakamura
IPC分类号: H04L9/00
CPC分类号: H04L63/029 , H04L9/321 , H04L9/3268 , H04L9/3273 , H04L63/062 , H04L63/0823
摘要: In an encryption communication using VPN technologies, a load on a VPN system becomes large if the number of communication terminals increases. When an external terminal accesses via an internal terminal an application server, processes become complicated because it is necessary to perform authentication at VPN and authentication at the application server. A management server is provided for managing external terminals, internal terminals and application servers. The management server authenticates each communication terminal and operates to establish an encryption communication path between communication terminals. Authentication of each terminal by the management server relies upon a validation server. When the external terminal performs encryption communication with the application server via the internal terminal, two encryption communication paths are established and used between the external terminal and internal terminal and between the internal terminal and application server.
摘要翻译: 在使用VPN技术的加密通信中,如果通信终端的数量增加,则VPN系统的负载变大。 当外部终端通过内部终端访问应用服务器时,由于需要在VPN处进行认证并在应用服务器进行认证,所以处理变得复杂。 提供管理服务器,用于管理外部终端,内部终端和应用服务器。 管理服务器对每个通信终端进行认证,并且操作以在通信终端之间建立加密通信路径。 管理服务器对每个终端的认证依赖于验证服务器。 当外部终端通过内部终端与应用服务器进行加密通信时,在外部终端与内部终端之间以及内部终端与应用服务器之间建立并使用两个加密通信路径。
-
13.发明授权Mediating system and method to establish communication session, allowing private information to be protected 失效中介系统和方法建立通信会话,允许私人信息受到保护公开(公告)号:US08095676B2
公开(公告)日:2012-01-10
申请号:US11504765
申请日:2006-08-16
IPC分类号: G06F15/16
CPC分类号: H04L29/06027 , H04L65/1006 , H04L65/1069 , H04L67/2804 , H04L67/2819 , H04L67/2857
摘要: The present invention is to prevent user's attribute information from being distributed, in the case where it is to be determined whether or not the attribute information (for example, age, address, and the like) of the user satisfies a service providing condition, when a communication session is established across multiple session managing servers.According to the present invention, attribute information of a user who is using a client logging in a session managing server, and attribute information of a service operating on the client are managed, a condition (SEP) to establish a communication session among multiple session managing servers related to the session establishment is shared, and the session managing server which manages the attribute information compares the attribute information and the SEP to make an access judgment, in order to determine whether or not the communication session is to be established.
摘要翻译: 本发明是为了防止用户属性信息的分发,在确定用户的属性信息(例如,年龄,地址等)是否满足服务提供条件的情况下,当 跨多个会话管理服务器建立通信会话。 根据本发明,管理正在使用登录在会话管理服务器中的客户端的用户的属性信息和在客户端上操作的服务的属性信息,在多个会话管理中建立通信会话的条件(SEP) 与会话建立相关的服务器被共享,并且管理属性信息的会话管理服务器将属性信息和SEP进行访问判断,以便确定是否建立通信会话。
-
14.发明授权Communication support server, communication support method, and communication support system 失效通信支持服务器,通信支持方式和通信支持系统公开(公告)号:US08081758B2
公开(公告)日:2011-12-20
申请号:US11317003
申请日:2005-12-27
IPC分类号: H04K1/00
CPC分类号: H04L9/0866 , H04L9/0891
摘要: When a cryptographic communicating part 208 of the communication support server 20 exchanges information with the information processing units 14, if the term of validity of a first key stored in a cryptographic key storing part 200 and corresponding to the identification information of the information processing unit 14 does not expire, the cryptographic communicating part 208 performs the cryptographic communication with the information processing unit 14 using the first key, without performing a process of authenticating the information processing units 14. When the term of validity of the first key expires or the first key corresponding to the identification information of the information processing units 14 is not stored, the key sharing part 202 shares the first key with the information processing units 14, and the cryptographic communicating part 208 performs the cryptographic communication with the information processing units 14 using a newly shared first key.
摘要翻译: 当通信支持服务器20的加密通信部分208与信息处理单元14交换信息时,如果存储在密码密钥存储部分200中并对应于信息处理单元14的识别信息的第一密钥的有效期限 密码通信部208使用第一密钥执行与信息处理单元14的密码通信,而不执行对信息处理单元14进行认证的处理。当第一密钥的有效期到期或第一密钥 与信息处理单元14的识别信息相对应的密钥共享部202与信息处理单元14共享第一密钥,密码通信部208使用新的信息处理部14进行与信息处理部14的密码通信 共享第一个键。
-
15.发明申请公开(公告)号:US20060236091A1
公开(公告)日:2006-10-19
申请号:US11390459
申请日:2006-03-28
IPC分类号: H04L9/00
CPC分类号: H04L29/06027 , H04L9/0838 , H04L65/1006 , H04L65/607
摘要: It takes time for an encryption data communication system to transfer encrypted data, because negotiations of security parameters are necessary prior to communications in order to protect security and integrity of a SIP message or public key cryptography is required to be used for an encryption process, a decryption process., an digital signature process and an digital digital signature verification process each time a SIP message is transmitted/received. When a SIP message is transferred between two entities, the message is encrypted by shared information if the information is being shared between the entities, or the message is encrypted by the public key of the transmission destination entity if the shared information is not being shared. The encrypted message contains shared information to be used for the transmission destination entity of the encrypted data to encrypt or decrypt the message, during communications after the encrypted data is generated.
摘要翻译: 加密数据通信系统需要时间来传送加密数据,因为在通信之前需要安全参数的协商以保护SIP消息的安全性和完整性,或者需要使用公共密钥密码术来进行加密处理, 解密处理,每次发送/接收SIP消息时的数字签名处理和数字数字签名验证处理。 当SIP消息在两个实体之间传输时,如果信息在实体之间共享,则消息由共享信息加密,或者如果共享信息未被共享,则消息由发送目的地实体的公钥加密。 在加密数据生成之后的通信期间,加密消息包含要用于加密数据的发送目的地实体的共享信息,以加密或解密该消息。
-
16.发明授权Management server, communication apparatus and program implementing key allocation system for encrypted communication 失效管理服务器,通信装置和程序实现加密通信的密钥分配系统公开(公告)号:US08238555B2
公开(公告)日:2012-08-07
申请号:US12255200
申请日:2008-10-21
IPC分类号: H04L29/06
CPC分类号: H04L63/0428 , H04L63/062
摘要: Both a management server and a validation server are installed. Both a terminal and a terminal register setting information which is usable in an encrypted communication in the management server. When carrying out the encrypted communication, the management server searches the registered setting information for coincident setting information. The management server generates keys for the encrypted communications which can be used by the terminals, and delivers these generated keys in combination with the coincident setting information. The management server authenticates both the terminals in conjunction with the validation server. Since the terminals trust such results that the management server has authenticated the terminals respectively, these terminals need not authenticate the respective communication counter terminals.
摘要翻译: 管理服务器和验证服务器均已安装。 终端和终端注册设置信息可用于管理服务器中的加密通信。 当执行加密通信时,管理服务器搜索登记的设置信息以获得一致的设置信息。 管理服务器生成可由终端使用的加密通信的密钥,并将这些生成的密钥与重合的设置信息相结合。 管理服务器与验证服务器一起认证两个终端。 由于终端信任这样的结果,管理服务器分别对终端进行认证,所以这些终端不需要对相应的通信计数器终端进行认证。
-
公开(公告)号:US07984290B2
公开(公告)日:2011-07-19
申请号:US11436048
申请日:2006-05-18
申请人: Yoko Hashimoto , Takahiro Fujishiro , Tadashi Kaji , Osamu Takata , Kazuyoshi Hoshino , Shinji Nakamura
发明人: Yoko Hashimoto , Takahiro Fujishiro , Tadashi Kaji , Osamu Takata , Kazuyoshi Hoshino , Shinji Nakamura
IPC分类号: H04L29/06
CPC分类号: H04L63/029 , H04L9/321 , H04L9/3268 , H04L9/3273 , H04L63/062 , H04L63/0823
摘要: In an encryption communication using VPN technologies, a load on a VPN system becomes large if the number of communication terminals increases. When an external terminal accesses via an internal terminal an application server, processes become complicated because it is necessary to perform authentication at VPN and authentication at the application server. A management server is provided for managing external terminals, internal terminals and application servers. The management server authenticates each communication terminal and operates to establish an encryption communication path between communication terminals. Authentication of each terminal by the management server relies upon a validation server. When the external terminal performs encryption communication with the application server via the internal terminal, two encryption communication paths are established and used between the external terminal and internal terminal and between the internal terminal and application server.
摘要翻译: 在使用VPN技术的加密通信中,如果通信终端的数量增加,则VPN系统的负载变大。 当外部终端通过内部终端访问应用服务器时,由于需要在VPN处进行认证并在应用服务器进行认证,所以处理变得复杂。 提供管理服务器,用于管理外部终端,内部终端和应用服务器。 管理服务器对每个通信终端进行认证,并且操作以在通信终端之间建立加密通信路径。 管理服务器对每个终端的认证依赖于验证服务器。 当外部终端通过内部终端与应用服务器进行加密通信时,在外部终端与内部终端之间以及内部终端与应用服务器之间建立并使用两个加密通信路径。
-
18.发明申请Method for encrypted communication with a computer system and system therefor 失效用于与计算机系统及其系统进行加密通信的方法公开(公告)号:US20080098221A1
公开(公告)日:2008-04-24
申请号:US11907260
申请日:2007-10-10
IPC分类号: H04L9/32
CPC分类号: G06Q20/3674 , H04L63/0272 , H04L63/0428 , H04L63/0869 , H04L67/1002 , H04L67/1006 , H04L67/1008 , H04L67/1029
摘要: To solve problems in that a load on a VPN device is large in a case where the number of terminal devices increases in encrypted communication using a VPN technique, and that only communication between the terminal device and the VPN device is encrypted, thus disabling end-to-end encrypted communication, a communication system is provided, including: a terminal device; a plurality of blades; and a management server that manages the blades, in which: the management server selects a blade, authenticates the terminal device and the selected blade, and mediates encrypted communication path establishment between the terminal device and the selected blade; the terminal device and the blade perform encrypted communication without the mediation of the management server; and the management server requests a validation server to authenticate each terminal.
摘要翻译: 为了解决在使用VPN技术的加密通信中终端装置的数量增加,VPN终端装置与VPN装置之间的通信被加密的情况下,VPN装置的负载大的问题, 端到端加密通信,提供通信系统,包括:终端装置; 多个叶片; 以及管理服务器,其中:所述管理服务器选择刀片,对所述终端设备和所选择的刀片进行认证,并且中介所述终端设备与所选刀片之间的加密通信路径建立; 终端设备和刀片在没有管理服务器的中介的情况下执行加密的通信; 并且管理服务器请求验证服务器来认证每个终端。
-
公开(公告)号:US20070288754A1
公开(公告)日:2007-12-13
申请号:US11729947
申请日:2007-03-30
申请人: Tadashi Kaji , Kazuyoshi Hoshino , Keisuke Takeuchi , Osamu Takata , Takahiro Fujishiro , Akifumi Yato
发明人: Tadashi Kaji , Kazuyoshi Hoshino , Keisuke Takeuchi , Osamu Takata , Takahiro Fujishiro , Akifumi Yato
CPC分类号: H04L67/14 , H04L61/15 , H04L63/0428 , H04L63/0823 , H04L65/1006 , H04L65/105
摘要: An encrypted communication method, and a system for the method, can transfer a session control message designated by identification information inherent to an application to a connection destination through a session management server. When an application program of a client or encrypted communication software issues a connection request in the form designating an application server by identification information inherent to each application, the identification information is automatically changed to a desired address-of-record capable of domain identification and a transfer destination domain of a reception message is judged.
摘要翻译: 加密通信方法和该方法的系统可以通过会话管理服务器将由应用所固有的识别信息指定的会话控制消息传送到连接目的地。 当客户端或加密通信软件的应用程序以指定应用服务器的形式的连接请求发布每个应用所固有的标识信息时,识别信息被自动地改变成能够进行域识别的所需地址记录, 判断接收消息的传送目的地域。
-
20.发明申请公开(公告)号:US20070274525A1
公开(公告)日:2007-11-29
申请号:US11711892
申请日:2007-02-28
CPC分类号: H04L63/065
摘要: An encrypted communication system is provided, in which an encryption key for use in encrypted communication and settings information for the encrypted communication are distributed to each of a plurality of communication devices performing encrypted communication within a group, and in which traffic generated by distributing the encryption key and the like can be reduced. In the encrypted communication system according to the present invention, information including a key for use in the intra-group encrypted communication or a seed which generates the key is distributed to the communication devices belonging to the group that are participating (e.g., logged in) in the intra-group encrypted communication.
摘要翻译: 提供了一种加密通信系统,其中将用于加密通信的加密密钥和用于加密通信的设置信息分配给执行组内的加密通信的多个通信设备中的每一个,并且其中通过分发加密 钥匙等可以减少。 在根据本发明的加密通信系统中,包括用于组内加密通信的密钥或生成密钥的种子的信息被分发给属于正在参与(例如登录)的组的通信设备, 在组内加密通信中。
-
-
-
-
-
-
-
-
-
搜索结果
68 条记录 (耗时 0.033 秒)
