-
公开(公告)号:US09755838B2
公开(公告)日:2017-09-05
申请号:US15194849
申请日:2016-06-28
发明人: Bret W. Dixon , Jonathan L. Rumsey
CPC分类号: H04L9/3247 , H04L9/006 , H04L9/14 , H04L9/30 , H04L9/3263 , H04L9/3265 , H04L63/06 , H04L63/0823 , H04L63/20 , H04L2209/64 , H04L2209/72
摘要: A message including a digital signature of a message originator is received at a processor. In response to determining that the message originator is authorized by a data protection policy to originate the message, a determination is made as to whether a specific authorized certificate issuer is configured for the message originator within a data protection policy. In response to determining that the specific authorized certificate issuer is configured for the message originator within the data protection policy, a determination is made as to whether a message originator certificate used to generate the digital signature of the message originator is issued by the specific authorized certificate issuer configured for the message originator within the data protection policy.
-
公开(公告)号:US20170208044A1
公开(公告)日:2017-07-20
申请号:US15354629
申请日:2016-11-17
申请人: Encryptics, LLC
发明人: Vlad Pigin
CPC分类号: H04L63/0428 , G06F21/6209 , G06F21/64 , H04L9/083 , H04L9/3247 , H04L9/3263 , H04L63/0823 , H04L2209/603 , H04L2209/64 , H04L2463/101
摘要: An improved method and system for digital rights management is described.
-
公开(公告)号:US20170141927A1
公开(公告)日:2017-05-18
申请号:US14942096
申请日:2015-11-16
发明人: Ajay A. Apte , John Yow-Chun Chang , Ching-Yun Chao , Patrick L. Davis , Rohan Gandhi , Hugh E. Hockett , Yuhsuke Kaneyasu , Lewis Lo , Matthew D. McClintock , Scott C. Moonen , Ki H. Park , Ankit Patel , Kin Ueng , Iqbal M. Umair , Leonardo A. Uzcategui , Barbara J. Vander Weele
CPC分类号: H04L9/3263 , H04L63/0823 , H04L67/1097 , H04L2209/24 , H04L2209/64
摘要: A first management node of a first rack can be registered to a shared file storage system by establishing a mutual trust relationship between the first management node and the shared file storage system. The first management node can access a plurality of respective public keys and a plurality of respective certificates of authority that are stored in the shared file storage system and associated with a plurality of respective registered management nodes. The first management node can store a public key and a certificate of authority in the shared file storage system. The first management node can form mutual trust relationships with other registered management nodes. The first management node can validate authenticity of messages received from registered management nodes of the plurality of registered management nodes using a respective public key and a respective certificate of authority associated with a respective registered management node sending a message.
-
公开(公告)号:US20170085535A1
公开(公告)日:2017-03-23
申请号:US15367588
申请日:2016-12-02
发明人: Brian David Gross
CPC分类号: H04L9/3263 , G06F19/00 , G06F21/6245 , G06F2221/2147 , G06Q50/22 , H04L9/083 , H04L9/14 , H04L9/321 , H04L63/0428 , H04L2209/24 , H04L2209/64 , H04L2209/88
摘要: A method for controlling access to data being processed by a remote computing resource includes issuing a public encryption key for a data creator from a public certificate authority, detecting an encounter with a data owner, creating private encryption keys for the data creator and the data owner in response to detecting the encounter, encrypting data being sent to the remote computing resource with the public encryption key, the data creator's private encryption key, and the data owner's private encryption key, decrypting the data based on public verification of the public encryption key and local verification of the data creator's private encryption key and the data owner's private encryption key at the remote computing resource, and controlling the data creator's access to the data by altering the permission of at least one of the public encryption key and data creator's private encryption key.
-
公开(公告)号:US20160373262A1
公开(公告)日:2016-12-22
申请号:US15184997
申请日:2016-06-16
申请人: VELLITAS LLC
CPC分类号: H04L9/3263 , G06F16/951 , G06F21/45 , G06F21/577 , G06F2221/2101 , H04L2209/64
摘要: Embodiments describe apparatuses, systems, and methods for analyzing digital certificates. A system may scan the internet to identify all publicly available digital certificates. The system may further determine external information for individual digital certificates that is not found within the digital certificate. The system may store the external information and internal information that is found within the digital certificates. The system may run one or more queries on the stored information to identify one or more vulnerable digital certificates among a set of digital certificates associated with a client. For example, the system may identify differences between the internal information and/or external information among the digital certificates of the set and/or may compare the internal information and/or external information for the digital certificates of the set to expected information. Other embodiments may be described and claimed.
摘要翻译: 实施例描述用于分析数字证书的装置,系统和方法。 系统可以扫描互联网以识别所有公开的数字证书。 该系统可以进一步确定在数字证书内未找到的个人数字证书的外部信息。 系统可以存储在数字证书中找到的外部信息和内部信息。 系统可以对存储的信息运行一个或多个查询,以识别与客户端相关联的一组数字证书中的一个或多个易受攻击的数字证书。 例如,系统可以识别集合的数字证书之间的内部信息和/或外部信息之间的差异和/或可以将集合的数字证书与期望信息的内部信息和/或外部信息进行比较。 可以描述和要求保护其他实施例。
-
公开(公告)号:US20160321372A1
公开(公告)日:2016-11-03
申请号:US15211745
申请日:2016-07-15
发明人: Erik Todeschini , Stephen Patrick Deloge , Timothy P. Meier , Donald Anderson , Benjamin Hejl , Thomas J. Koziol
CPC分类号: G06F17/30876 , G06K7/1443 , G06K7/1447 , G06Q20/3274 , G06Q30/04 , G06Q2220/00 , H04L9/0861 , H04L9/3263 , H04L63/06 , H04L63/0823 , H04L63/0869 , H04L2209/24 , H04L2209/64
摘要: A data decoding system can comprise one or more computers communicatively coupled to a network. The computers can execute at least one decoding process. The decoding process can be configured, responsive to receiving a decoding request comprising an image of decodable indicia, to locate the decodable indicia within the image, and to decode the decodable indicia into a decoded message. The decoding process can be further configured, responsive to completing a decoding operation, to transmit to the client the decoded message and/or the decoding operation completion code.
-
公开(公告)号:US20160112207A1
公开(公告)日:2016-04-21
申请号:US14932310
申请日:2015-11-04
CPC分类号: H04L9/3263 , H04L9/08 , H04L9/0816 , H04L9/0819 , H04L9/0838 , H04L63/0428 , H04L63/06 , H04L63/062 , H04L63/0823 , H04L2209/24 , H04L2209/64 , H04L2463/061 , H04W12/04 , H04W36/0055 , H04W84/047
摘要: It is provided an apparatus, comprising property checking means configured to check whether a claimant property information received from a claimant device corresponds to a predefined claimant attribute; obtaining means configured to obtain a result, which is positive only if the claimant property information corresponds to the predefined claimant attribute as checked by the property checking means; key generation means configured to generate a first claimant intermediate key from a predefined claimant permanent key stored in the apparatus; supplying means configured to supply, to the claimant device, the first claimant intermediate key using a secured protocol, wherein at least one of the key generation means and the supplying means is configured to generate and to supply, respectively, the first claimant intermediate key only if the result is positive.
摘要翻译: 提供了一种装置,包括属性检查装置,被配置为检查从索赔装置接收的索赔属性信息是否对应于预定义的索赔人属性; 获取装置,其被配置为获得结果,其仅当所述索赔者属性信息对应于由所述属性检查装置检查的所述预定义的索赔属性时才是正的; 密钥生成装置,被配置为从存储在所述装置中的预定义请求者永久密钥生成第一请求者中间密钥; 供应装置,被配置为使用安全协议向所述索赔人设备提供所述第一请求者中间密钥,其中所述密钥生成装置和所述提供装置中的至少一个被配置为分别产生并仅分别提供所述第一请求者中间密钥 如果结果是肯定的。
-
公开(公告)号:US09288062B2
公开(公告)日:2016-03-15
申请号:US14184775
申请日:2014-02-20
CPC分类号: H04W12/06 , H04L9/3263 , H04L63/0414 , H04L63/0428 , H04L63/0823 , H04L63/18 , H04L2209/24 , H04L2209/64 , H04M1/663 , H04M3/2281 , H04M3/38 , H04M3/42042 , H04M3/42059 , H04M3/436 , H04M2203/6027 , H04M2203/6045 , H04Q3/72 , H04W4/16 , H04W12/02 , H04W12/04 , H04W12/08
摘要: Techniques for authenticating the identity of a caller in a telephone call are disclosed. The device generating the call implements encrypting caller identification information and initiating the telephone call, said initiating comprising providing a voice carrier signal including the caller identification information; and simultaneously providing a data carrier signal including the encrypted caller identification information. The receiving device implements receiving the telephone call; decrypting the encrypted caller identification information at the recipient device; and verifying the identity of at least an unknown caller at the recipient device by at least one of verifying the authenticity of a certificate used to encrypt the caller identification information; and comparing the decrypted caller identification information with the caller identification information from the voice carrier signal. A telephony device implementing such an authentication technique is also disclosed.
摘要翻译: 公开了用于在电话呼叫中认证呼叫者的身份的技术。 产生呼叫的装置实现加密呼叫者识别信息并发起电话呼叫,所述发起包括提供包括呼叫者识别信息的话音载波信号; 并且同时提供包括加密的呼叫者识别信息的数据载体信号。 接收设备实现接收电话呼叫; 在接收方设备处解密加密的呼叫者识别信息; 以及通过验证用于加密所述呼叫者识别信息的证书的真实性中的至少一个来验证所述接收者设备上的至少一个未知呼叫者的身份; 以及将来自语音载波信号的解密的呼叫者识别信息与呼叫者识别信息进行比较。 还公开了实现这种认证技术的电话设备。
-
公开(公告)号:US09276754B1
公开(公告)日:2016-03-01
申请号:US14563891
申请日:2014-12-08
CPC分类号: H04L9/3263 , G06F21/6209 , H04L9/0816 , H04L9/0825 , H04L9/083 , H04L9/0891 , H04L2209/24 , H04L2209/64
摘要: A material set, such as an asymmetric keypair, is processed using an associated workflow to prepare the material set for activation and/or use. In one embodiment, a material set is generated and information about the material set is communicated to a workflow manager. Based at least on the information, the workflow manager generates a workflow that when accomplished will allow the material set to be activated and/or used. In another embodiment, a service provider provides a key manager, workflow manager and destination for the key, such as a load balancer that terminates SSL connections. A key can be generated by the key manager, sent through the workflow manager for processing (potentially communicated to third parties such as a certificate authority, if needed) and installed at a destination.
摘要翻译: 使用关联的工作流来处理诸如非对称密钥对的材料集以准备用于激活和/或使用的材料集。 在一个实施例中,生成材料集,并且关于材料集的信息被传送到工作流管理器。 至少基于信息,工作流管理器生成工作流程,当完成时将允许材料集被激活和/或使用。 在另一个实施例中,服务提供商为密钥提供密钥管理器,工作流管理器和目的地,诸如终止SSL连接的负载均衡器。 密钥管理器可以生成一个密钥,通过工作流管理器发送以进行处理(可能会传送给第三方,如果需要的话),并安装在目的地。
-
20.发明申请SYSTEM AND METHOD TO COMMUNICATE SENSITIVE INFORMATION VIA ONE OR MORE UNTRUSTED INTERMEDIATE NODES WITH RESILIENCE TO DISCONNECTED NETWORK TOPOLOGY 有权通过一个或多个无阻碍的中间节点与敏感的网络拓扑结构通信敏感信息的系统和方法公开(公告)号:US20160044000A1
公开(公告)日:2016-02-11
申请号:US14452147
申请日:2014-08-05
申请人: Sean Cunningham
发明人: Sean Cunningham
CPC分类号: H04L63/0428 , H04L9/0825 , H04L9/14 , H04L9/30 , H04L9/3263 , H04L41/22 , H04L63/0272 , H04L63/0823 , H04L63/166 , H04L2209/24 , H04L2209/64
摘要: A system and method to communicate secure information between a plurality of computing machines using an untrusted intermediate with resilience to disconnected network topology. The system and method utilize agnostic endpoints that are generalized to be interoperable among various systems, with their functionality based on their location in a network. The system and method enable horizontal scaling on the network. One or more clusters may be set up in a location within a network or series of networks in electronic communication, e.g., in a cloud or a sub-network, residing between a secure area of the network(s) and an unsecure area such as of an external network or portion of a network. The horizontal scaling allows the system to take advantage of a capacity of a local network. As long as an agent has connectivity to at least one locale of the network, the agent is advantageously operable to move data across the system.
摘要翻译: 一种在多个计算机之间传送安全信息的系统和方法,所述计算机使用具有弹性的断开的网络拓扑的不可信中间体。 该系统和方法利用广义可以在各种系统之间互操作的不可知端点,其功能基于它们在网络中的位置。 该系统和方法能够在网络上进行水平缩放。 可以在位于网络的安全区域和不安全区域之间的电子通信(例如,云或子网络)的网络或一系列网络内的位置中建立一个或多个聚类,例如 的外部网络或网络的一部分。 水平缩放允许系统利用本地网络的容量。 只要代理具有与网络的至少一个区域的连接,则代理有利地可操作地跨越系统移动数据。
-
-
-
-
-
-
-
-
-
搜索结果
226 条记录 (耗时 0.028 秒)
