-
公开(公告)号:US07502933B2
公开(公告)日:2009-03-10
申请号:US10724034
申请日:2003-11-26
IPC分类号: H04L9/00
CPC分类号: G07F7/1008 , G06Q20/341 , G06Q20/40975 , H04L9/3226 , H04L2209/60 , H04L2209/80
摘要: A method and system for generating an authentication code that depends at least in part on a dynamic value that changes over time, an event state associated with the occurrence of an event, and a secret associated with an authentication device. By generating the authentication code responsive to an event state, an identity authentication code can be used to verify identity and to communicate event state information, and to do so in a secure manner.
摘要翻译: 一种用于生成认证码的方法和系统,所述认证码至少部分取决于随时间变化的动态值,与事件发生相关联的事件状态以及与认证设备相关联的秘密。 通过响应于事件状态生成认证码,可以使用身份认证码来验证身份并传达事件状态信息,并以安全的方式进行。
-
公开(公告)号:US07197639B1
公开(公告)日:2007-03-27
申请号:US09496824
申请日:2000-02-02
申请人: Ari Juels , John Brainard
发明人: Ari Juels , John Brainard
IPC分类号: H04L9/00
CPC分类号: H04L9/002 , H04L9/0643 , H04L9/3271 , H04L9/3297 , H04L63/08 , H04L63/1458
摘要: This invention relates to cryptographic communications methods and systems that protect a server from a connection depletion attack. Specifically, the invention presents a method for allocating a resource comprising the steps of receiving a resource allocation request from a client, imposing a computational task and a time limit for correct completion of the task upon the client, verifying that the task was performed correctly within the time limit, and allocating the resource if the task was correctly performed within the time limit.
摘要翻译: 本发明涉及保护服务器免受连接耗尽攻击的密码通信方法和系统。 具体地说,本发明提出了一种分配资源的方法,包括以下步骤:从客户端接收资源分配请求,对客户端进行任务的正确完成,对计算任务进行计算任务和时间限制,验证任务是否在 时间限制,如果任务在时间限制内正确执行,则分配资源。
-
公开(公告)号:USD534448S1
公开(公告)日:2007-01-02
申请号:US29243882
申请日:2005-11-30
-
公开(公告)号:US20060041759A1
公开(公告)日:2006-02-23
申请号:US11172378
申请日:2005-06-30
申请人: Burton Kaliski , Magnus Nystrom
发明人: Burton Kaliski , Magnus Nystrom
IPC分类号: H04K1/00
CPC分类号: H04L63/0869 , G06F21/31 , G06F21/445 , H04L63/083
摘要: A method of protecting a password being used to establish interaction between a user and an application includes detecting a request for the password from the application by receiving a notification from the user indicating the request. The method further includes combining the password with information identifying the application, so as to produce a protected password, and authenticating to the application using the protected password. The method may also include a mutual authentication capability between user and the application.
摘要翻译: 保护用于建立用户和应用之间的交互的密码的方法包括通过从用户接收指示该请求的通知来检测来自应用的密码请求。 该方法还包括将密码与识别应用的信息相结合,以产生受保护的密码,并使用受保护的密码对应用进行认证。 该方法还可以包括用户和应用之间的相互认证能力。
-
公开(公告)号:USD511983S1
公开(公告)日:2005-11-29
申请号:US29195343
申请日:2003-12-09
-
公开(公告)号:US6157920A
公开(公告)日:2000-12-05
申请号:US134012
申请日:1998-08-14
申请人: Bjorn Markus Jakobsson , Ari Juels
发明人: Bjorn Markus Jakobsson , Ari Juels
CPC分类号: G06Q30/06 , G06Q20/06 , G06Q20/367 , G06Q20/3674 , G06Q20/3678 , G06Q20/382 , G06Q20/3821 , G06Q20/38215 , G06Q20/383 , G06Q50/188
摘要: The invention provides techniques for implementing secure transactions using an instrument referred to as "executable digital cash." In an illustrative embodiment, a first user generates a piece of digital cash representing an offer made by that user. The piece of digital cash includes a digital certificate authorizing the first user to make specified transfers, and an offer program characterizing the offer. The piece of digital cash is broadcast or otherwise transmitted to one or more additional users, utilizing a mobile agent or other suitable mechanism, such that a given one of these users can evaluate the offer using the offer program. For example, a second user could execute the offer program with a specific bid as an input to determine what that user would receive upon acceptance of his bid. If the result is acceptable to the second user, that user generates a bid capsule including the bid, the corresponding output of the offer program, and another certificate authorizing the second user to make the transfer specified in the bid. The bid capsule is submitted to an institution for processing in accordance with a policy which may be specified in the piece of digital cash. The institution selects one or more winning bids and implements the corresponding transactions. Digital signatures generated using secret keys associated with the certificates of the first and second users are utilized to ensure adequate security for the transmitted offer and bid information.
摘要翻译: 本发明提供了使用称为“可执行数字现金”的仪器实现安全交易的技术。 在说明性实施例中,第一用户生成表示该用户提供的报价的数字现金片。 该数字现金包括授权第一个用户进行指定的转账的数字证书,以及表征报价的报价方案。 使用移动代理或其他合适的机制将该数字现金广播或以其他方式传送到一个或多个附加用户,使得这些用户中的给定的一个可以使用提供程序来评估报价。 例如,第二用户可以以特定出价作为输入来执行报价方案,以确定在接受投标时用户将收到什么。 如果第二用户的结果是可接受的,则该用户生成包括出价的出价胶囊,要约程序的相应输出,以及授权第二用户进行投标中指定的转移的另一证书。 投标胶囊根据可以在数字现金中指定的政策提交给机构进行处理。 该机构选择一个或多个中标并实施相应的交易。 使用与第一和第二用户的证书相关联的密钥生成的数字签名用于确保所传送的报价和投标信息的足够的安全性。
-
公开(公告)号:US6085320A
公开(公告)日:2000-07-04
申请号:US845196
申请日:1997-04-21
IPC分类号: G06F1/00 , G06F21/00 , G06Q20/04 , G06Q20/34 , G06Q20/38 , G06Q20/40 , G07F7/10 , G09C1/00 , H04L9/32 , H04L29/06 , H04L9/00
CPC分类号: H04L63/0428 , G06F21/33 , G06Q20/04 , G06Q20/341 , G06Q20/38215 , G06Q20/4097 , G07F7/1008 , H04L63/0823 , H04L9/0841 , H04L9/3247 , H04L9/3268 , H04L9/3297 , G06F2211/008 , G06F2211/009 , H04L2209/30 , H04L2209/38 , H04L2209/56
摘要: A protocol for establishing the authenticity of a client to a server in an electronic transaction by encrypting a certificate with a key known only to the client and the server. The trust of the server, if necessary, can be established by a public key protocol. The client generates and sends over a communications channel a message containing at least a part of a certificate encrypted with the server's public key or a secret session key. The server receives and processes the message to recover at least part of the certificate, verifies and accepts it as proof of the client's authenticity.
摘要翻译: 一种用于通过使用仅对客户机和服务器已知的密钥加密证书来建立电子交易中的客户机对服务器的真实性的协议。 如果需要,服务器的信任可以通过公钥协议来建立。 客户端通过通信信道产生包含使用服务器的公钥或秘密会话密钥加密的证书的至少一部分的消息。 服务器接收并处理该消息至少部分证书,验证并接受它作为客户端真实性的证明。
-
28.发明授权公开(公告)号:US07516492B1
公开(公告)日:2009-04-07
申请号:US10949539
申请日:2004-09-24
IPC分类号: G06F11/30
CPC分类号: H04L63/105 , G06F21/554 , H04L63/101 , Y10S707/99931 , Y10S707/99932 , Y10S707/99933
摘要: In one embodiment, documents accessible via a designated public account are classified as public. In another embodiment, documents accessible according to a designated public access control list are classified as public. In some embodiments, all documents not classified as public are classified as private. Content in the public documents is linguistically analyzed, resulting in a set of keys for use in subsequent full and partial content matching. The keys and associated file names are stored in a public-content identification repository. Similarly, content in the private documents is linguistically analyzed, and the results are stored in a private-content identification repository. Subsequently, full and partial content matching is performed on monitored content according to information in the public and private repositories. In a related aspect, monitored content found to correspond to private content is selectively flagged during electronic transmission or optionally prevented from distribution according to a set of defined monitoring policies.
摘要翻译: 在一个实施例中,可通过指定的公共账户访问的文档被分类为公共的。 在另一个实施例中,根据指定的公共访问控制列表可访问的文档被分类为公共的。 在一些实施例中,未被分类为公共的所有文档被分类为私有的。 在公共文档中的内容进行语言分析,产生一组用于随后的完整和部分内容匹配的密钥。 密钥和相关文件名存储在公共内容标识库中。 类似地,私人文档中的内容被语言分析,结果存储在私有内容标识库中。 随后,根据公共和私人存储库中的信息,对监视的内容执行完整和部分内容匹配。 在相关方面,被发现对应于私人内容的监视内容在电子传输期间被选择性地标记,或者可选地根据一组定义的监视策略来防止分发。
-
公开(公告)号:US07461399B2
公开(公告)日:2008-12-02
申请号:US10903898
申请日:2004-07-30
申请人: Ari Juels , Ryan Culbertson , Andrea Doherty , Darren Dupre , Norik Kocharyan
发明人: Ari Juels , Ryan Culbertson , Andrea Doherty , Darren Dupre , Norik Kocharyan
IPC分类号: H04L9/00
CPC分类号: G07F7/1008 , G06F21/31 , G06F21/34 , G06F21/40 , G06F21/77 , G06F2221/2103 , G06F2221/2131 , G06Q20/341 , G06Q20/367 , G06Q20/40145
摘要: A method of controlling access to resources on a smart card, the method involving: providing a list of n questions for presentation to the user, where n is an integer; receiving from the user answers to questions among the list of n questions; determining how many of the received answers are correct; and if a sufficient number of the n questions was answered correctly, granting access to the resources on the smart card.
摘要翻译: 一种控制对智能卡上的资源的访问的方法,所述方法包括:提供用于呈现给用户的n个问题的列表,其中n是整数; 从用户那里收到n个问题列表中的问题的答案; 确定接收到的答案中有多少是正确的; 并且如果正确答复了足够数量的n个问题,则授予访问智能卡上的资源的权限。
-
公开(公告)号:US07461250B1
公开(公告)日:2008-12-02
申请号:US09359205
申请日:1999-07-22
申请人: William M. Duane , Peter Röstin
发明人: William M. Duane , Peter Röstin
CPC分类号: H04L9/3263
摘要: In an embodiment of a system and method according to the present invention, a chain of one or more certificates certifying a principal's public key is exchanged for a single substitute certificate. The substitute certificate is used as a replacement for the certificate chain. The substitute certificate is useful for authentication of the principal. In one embodiment, an authentication server exchanges the certificates. The substitute certificate is signed by the authentication server and used for authentication and communication with principals that have knowledge of and trust the authentication server. In one embodiment the substitute certificate also includes the principal's access information.
摘要翻译: 在根据本发明的系统和方法的一个实施例中,证明认证委托人的公钥的一个或多个证书的链被交换为单个替代证书。 替代证书用作证书链的替代品。 替代证书对于委托人的身份验证很有用。 在一个实施例中,认证服务器交换证书。 替代证书由认证服务器签名,用于与认证服务器知道并信任的主体进行认证和通信。 在一个实施例中,替代证书还包括委托人的访问信息。
-
-
-
-
-
-
-
-
-
搜索结果
43 条记录 (耗时 0.024 秒)
