公开(公告)号：US20080049942A1

公开(公告)日：2008-02-28

申请号：US11846045

申请日：2007-08-28

Applicant: Eric Sprunk ,  Alexander Medvinsky ,  Xin Qiu ,  Stuart Moskovics ,  Liqiang Chen

Inventor： Eric Sprunk ,  Alexander Medvinsky ,  Xin Qiu ,  Stuart Moskovics ,  Liqiang Chen

IPC: H04L9/08

CPC classification number: H04L9/0844 ,  H04L9/006 ,  H04L9/0822 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/0823 ,  H04L63/166

Abstract: A system and method for securely distributing PKI data, such as one or more private keys or other confidential digital information, from a PKI data generation facility to a product in a product personalization facility that is not connected to the PKI data generation facility and is assumed to be a non-secure product personalization facility. The system includes a PKI data loader for securely transmitting the encrypted PKI data transferred from the PKI data generator to a PKI server at the product personalization facility. The PKI server then transfers the PKI data to the product of interest, typically via a PKI station acting as a proxy between the PKI server and the product. In each communication step, PKI data being transferred is encrypted multiple times and the system is designed such that if any intermediate node is compromised with all of its keys, the overall system has not yet been compromised.

Abstract translation: 用于将PKI数据（例如一个或多个私钥或其他机密数字信息）的PKI数据安全地分发到不连接到PKI数据生成设备并被假定的产品个性化设施中的产品的系统和方法 成为不安全的产品个性化设施。 该系统包括PKI数据加载器，用于将从PKI数据发生器传送的加密的PKI数据安全地发送到产品个性化设施的PKI服务器。 PKI服务器然后将PKI数据传送到感兴趣的产品，通常通过充当PKI服务器和产品之间代理的PKI站。 在每个通信步骤中，正在传送的PKI数据被加密多次，并且系统被设计成使得如果任何中间节点与其所有密钥相冲突，则整个系统尚未被破坏。

公开(公告)号：US20070091345A1

公开(公告)日：2007-04-26

申请号：US11255113

申请日：2005-10-20

Applicant: Xin Qiu ,  Bridget Kimball ,  Eric Sprunk ,  Lawrence Tang

Inventor： Xin Qiu ,  Bridget Kimball ,  Eric Sprunk ,  Lawrence Tang

IPC: G06K15/00

CPC classification number: H04L9/083 ,  H04L9/0841 ,  H04L63/0428 ,  H04L2463/062

Abstract: According to one embodiment of the invention a system is utilized to leverage the security arrangement between a first and second device to establish a secure link between the first device and a third device. One embodiment of the invention is particularly suitable for loading security data on a set top box, such as that utilized in the cable television industry.

Abstract translation: 根据本发明的一个实施例，利用系统利用第一和第二设备之间的安全布置来建立第一设备和第三设备之间的安全链路。 本发明的一个实施例特别适合于将安全数据加载在诸如有线电视工业中使用的机顶盒上。

公开(公告)号：US09130916B2

公开(公告)日：2015-09-08

申请号：US13087843

申请日：2011-04-15

Applicant: Xin Qiu ,  Ting Yao

Inventor： Xin Qiu ,  Ting Yao

IPC: H04L29/06

CPC classification number: H04L63/08 ,  H04L63/10

Abstract: A method for managing identifiers associated with network-enabled devices and used in an identity data system provisioning the network-enabled devices with identity data includes receiving a first set data that includes a previously assigned identifier for one or more of the network-enabled devices that are authorized to be provisioned with new identity data. If identity data is currently installed on the one or more network-enabled devices, each of the previously assigned identifiers in the first set of data is associated with a corresponding identifier linked to the identity data currently installed on the one or more network-enabled devices to establish a second set of data. New identity data is bound to each of the one or more network-enabled devices by assigning a new identifier linked with the new identity data to each of the one or more network-enabled devices to establish a whitelist. The whitelist specifies, for each of the one or more network-enabled devices, its previously assigned identifier, its corresponding identifier and its new identifier that is linked with the new identity data.

Abstract translation: 一种用于管理与启用网络的设备相关联并在身份数据系统中配置具有身份数据的启用网络的设备的标识符的方法包括：接收第一组数据，该第一组数据包括先前分配的一个或多个网络使能设备的标识符， 被授权提供新的身份数据。 如果身份数据当前安装在一个或多个启用网络的设备上，则第一组数据中先前分配的标识符中的每一个都与与当前安装在一个或多个启用网络的设备上的身份数据链接的对应标识符相关联 建立第二组数据。 通过将与新的身份数据链接的新标识符分配给一个或多个启用网络的设备中的每一个来建立白名单，将新的身份数据绑定到一个或多个网络启用设备中的每一个。 白名单为一个或多个网络启用设备中的每一个指定其先前分配的标识符，其对应的标识符及其与新的身份数据链接的新标识符。

公开(公告)号：US08387011B2

公开(公告)日：2013-02-26

申请号：US11831347

申请日：2007-07-31

Applicant: Xin Qiu ,  Liqiang Chen ,  Fan Wang

Inventor： Xin Qiu ,  Liqiang Chen ,  Fan Wang

IPC: G06F9/44 ,  G06F15/173

CPC classification number: H04L67/34 ,  H04L67/36

Abstract: A process receives a personalization request to personalize a communication device. Further, the process provides the personalization request to a message controller that composes a message having personalization information with a message composer engine according to a set of rules and configures one or more communication parameters for the message with a message flow control engine according to the set of rules. The set of rules indicates a distributed environment set of files that the message composer engine and the message flow control engine utilize in a distributed environment, and a centralized environment set of files that the message composer engine and the message flow control engine utilize in a centralized environment.

Abstract translation: 进程接收个性化请求以个性化通信设备。 此外，该过程向消息控制器提供个性化请求，该消息控制器根据一组规则向消息组合器引擎组成具有个性化信息的消息，并且根据该集合向消息流控制引擎配置消息的一个或多个通信参数 的规则。 该组规则表示消息编剧引擎和消息流控制引擎在分布式环境中使用的分布式环境文件集，以及消息编剧引擎和消息流控制引擎在集中式中使用的集中式文件集 环境。

公开(公告)号：US08374338B2

公开(公告)日：2013-02-12

申请号：US12708171

申请日：2010-02-18

Applicant: Tat Keung Chan ,  Alexander Medvinsky ,  Stuart P. Moskovics ,  Jason A. Pasion ,  Xin Qiu

Inventor： Tat Keung Chan ,  Alexander Medvinsky ,  Stuart P. Moskovics ,  Jason A. Pasion ,  Xin Qiu

IPC: H04K1/00

CPC classification number: H04L9/088 ,  H04L2209/60

Abstract: In a method for testing a transport packet decrypting module of a client device, a first decryption operation of the transport packet decrypting module is implemented on a test encrypted control word using a content decryption key ladder to derive a test control word, a second decryption operation of the transport packet decrypting module is implemented on one or more test transport packets using the test control word via a predetermined content decryption algorithm, the KIV is derived from the decrypted transport packets, and the derived KIV is compared with a value stored in the client device to verify whether the transport packet decrypting module of the client device is functioning properly.

Abstract translation: 在一种用于测试客户端设备的传输分组解密模块的方法中，使用内容解密密钥梯形图在测试加密控制字上实现传输分组解密模块的第一解密操作，以导出测试控制字，第二解密操作 的传输分组解密模块通过预定的内容解密算法使用测试控制字在一个或多个测试传输分组上实现，从解密的传输分组导出KIV，并将导出的KIV与存储在客户端中的值进行比较 设备来验证客户端设备的传输分组解密模块是否正常工作。

公开(公告)号：US20120143766A1

公开(公告)日：2012-06-07

申请号：US13238850

申请日：2011-09-21

Applicant: Jinsong Zheng ,  Tat Keung Chan ,  Liqiang Chen ,  Greg N. Nakanishi ,  Jason A. Pasion ,  Xin Qiu ,  Ting Yao

Inventor： Jinsong Zheng ,  Tat Keung Chan ,  Liqiang Chen ,  Greg N. Nakanishi ,  Jason A. Pasion ,  Xin Qiu ,  Ting Yao

IPC: G06F21/22

CPC classification number: G06F21/105 ,  G06Q30/06 ,  G06Q2220/18

Abstract: Disclosed is a manufacturing process and feature licensing system for provisioning personalized (device-unique) licenses to devices. The secure system uses a secure key wrapping mechanism to deliver the LSK to LPS. Another feature is that various network communication links are secured using standard security protocol. Application messages, license templates, licenses are digitally signed. The system is flexible, configured to allow multiple manufacturers and to allow various feature configurations via the use of License Template; scalable, as it is possible to use multiple LPS hosts to serve multiple programming stations; and available in that the delegation of license signing capability from CLS to LPS eliminates the dependency on unreliable Internet connections. Redundant LPS hosts provide high level of availability required for high volume license provisioning. The system is traceable: license and device association are replicated back to the CLS to provide full license request and generation traceability.

Abstract translation: 公开了一种用于向设备提供个性化（设备唯一）许可证的制造过程和特征许可系统。 安全系统使用安全的钥匙包装机构将LSK传送到LPS。 另一个特征是使用标准安全协议来保护各种网络通信链路。 应用程序消息，许可证模板，许可证都经过数字签名。 该系统灵活，配置为允许多个制造商通过使用许可证模板来允许各种功能配置; 可扩展的，因为可以使用多个LPS主机来服务多个编程站; 并且可用于从CLS到LPS的许可证签名能力的授权消除了对不可靠的因特网连接的依赖。 冗余LPS主机为高容量许可证配置提供了高水平的可用性。 系统是可追溯的：许可证和设备关联被复制回CLS以提供完整的许可证请求和生成可追溯性。

公开(公告)号：US07708937B2

公开(公告)日：2010-05-04

申请号：US12105165

申请日：2008-04-17

Applicant: Jian Meng ,  Daqing Fang ,  Deping Zhang ,  Dingxiang Tang ,  Huayi Lu ,  Lianshan Zhao ,  Wei Sun ,  Xin Qiu ,  Hongjie Zhang

Inventor： Jian Meng ,  Daqing Fang ,  Deping Zhang ,  Dingxiang Tang ,  Huayi Lu ,  Lianshan Zhao ,  Wei Sun ,  Xin Qiu ,  Hongjie Zhang

IPC: C22C23/06 ,  C22C23/00

CPC classification number: C22C23/04 ,  C22F1/06

Abstract: A high-strength, high-toughness, weldable and deformable rare earth magnesium alloy comprised of 0.7˜1.7% of Ym, 5.5˜6.4% of Zn, 0.45˜0.8% of Zr, 0.02% or less of the total amount of impurity elements of Si, Fe, Cu and Ni, and the remainder of Mg, based on the total weight of the alloy. During smelting, Y, Ho, Er, Gd and Zr are added in a manner of Mg—Y-rich, Mg—Zr intermediate alloys into a magnesium melt; Zn is added in a manner of pure Zn, and at 690˜720° C., a round bar was cast by a semi-continuous casting or a water cooled mould, then an extrusion molding was performed at 380˜410° C. after cutting. Before the extrusion, the alloy is treated by the solid-solution treatment at 480˜510° C. for 2˜3 hours, however, the alloy can also be extrusion molded directly without the solid-solution treatment. After the extrusion molding, this alloy has a strength of 340 MPa or more and a percentage elongation of 14% or more at room temperature and is a high-strength, high-toughness, weldable and deformable rare earth magnesium alloy.

Abstract translation: 一种高强度，高韧性，可焊接和可变形的稀土镁合金，其含有0.7〜1.7％的Ym，5.5〜6.4％的Zn，0.45〜0.8％的Zr，0.02％以下的杂质元素总量 的Si，Fe，Cu和Ni，剩余的Mg基于合金的总重量。 在熔炼过程中，以Mg-Y，Mg-Zr中间合金的方式将Y，Ho，Er，Gd和Zr加入到镁熔体中; 以纯Zn的方式添加Zn，在690〜720℃下，通过半连续铸造或水冷模具浇铸圆棒，然后在380〜410℃下进行挤出成型 切割。 在挤出前，合金在480〜510℃固溶处理2〜3小时，然而合金也可直接挤出成形而无需固溶处理。 挤出成型后，该合金的室温下的强度为340MPa以上，伸长率为14％以上，为高强度，高韧性，可焊接且可变形的稀土类镁合金。

公开(公告)号：US20100072444A1

公开(公告)日：2010-03-25

申请号：US12236137

申请日：2008-09-23

Applicant: Xin Qiu ,  Meiring Beyers ,  Michael Roth ,  Mark Vanderheyden ,  Scott Shayko

Inventor： Xin Qiu ,  Meiring Beyers ,  Michael Roth ,  Mark Vanderheyden ,  Scott Shayko

IPC: E04H17/16

CPC classification number: E01C1/005

Abstract: A wall assembly for mixing polluted air with less polluted air to provide moderately polluted air. The wall assembly includes means for dividing air from the roadway region into a lower part and an upper part, and means for permitting at least a portion of the upper part to flow substantially in one or more flow directions toward the leeward region. The wall assembly also includes means for directing the lower part substantially upwardly in a direction substantially transverse to the flow direction to intersect with the upper part and to mix the polluted air with said less polluted air, to provide the moderately polluted air proximal to the leeward area.

Abstract translation: 用于混合污染空气和较少污染空气的墙壁组件，以提供适度污染的空气。 壁组件包括用于将空气从道路区域分成下部和上部的装置，以及用于允许上部的至少一部分基本上沿着一个或多个流动方向流向背风区域的装置。 壁组件还包括用于沿基本上横向于与上部相交的流动方向的方向基本向上引导下部的装置，并且将污染的空气与所述较少污染的空气混合，以在靠近背风的地方提供适度污染的空气 区。

公开(公告)号：US20090006852A1

公开(公告)日：2009-01-01

申请号：US11768523

申请日：2007-06-26

Applicant: Xin Qiu ,  Liqiang Chen ,  Stuart P. Moskovics ,  Kent D. Rager

Inventor： Xin Qiu ,  Liqiang Chen ,  Stuart P. Moskovics ,  Kent D. Rager

IPC: H04L9/32

CPC classification number: H04L9/3226 ,  H04L9/3247 ,  H04W12/04 ,  H04W12/08

Abstract: A process may be utilized for securing unlock password generation and distribution. A first set of exclusive responsibilities, assigned to a trusted authority, includes random generation and encryption of an unlock password to compose a randomly generated encrypted unlock password. Further, a second set of exclusive responsibilities, assigned to a security agent, includes sending information associated with the unlock password and a digital signature of information associated with the unlock password to a communication device configured for a network in order to mate the unlock password to the communication device, and sending the randomly generated and encrypted unlock password along with mating data to a password processing center. In addition, a third set of exclusive responsibilities, assigned to a password processing center, includes decrypting the randomly generated and encrypted unlock password.

Abstract translation: 可以利用一个过程来确保密码生成和分发。 分配给受信任的机构的第一套独家责任包括随机生成和加密解锁密码，以组成随机生成的加密解密密码。 此外，分配给安全代理的第二组独占责任包括将与解锁密码相关联的信息和与解锁密码相关联的信息的数字签名发送到为网络配置的通信设备，以便将解锁密码与 通信设备，并将随机生成和加密的解密密码以及匹配数据发送到密码处理中心。 另外，分配给密码处理中心的第三组独占责任包括解密随机产生和加密的解锁密码。

公开(公告)号：US20060141410A1

公开(公告)日：2006-06-29

申请号：US11357943

申请日：2006-02-22

Applicant: Xin-qiu Zhu

Inventor： Xin-qiu Zhu

IPC: F23Q1/00

CPC classification number: F23Q3/002

Abstract: A piezoelectric ignition mechanism of a child-resistant lighter that suitable to any piezoelectric lighter is provided, which includes an energy accumulating conduct tube and a core element. A plexor preferably includes an impact shaft disposed in the energy accumulating conduct tube that is roundness. A guiding shaft is positioned on the energy accumulating conduct tube. A guiding slot assembly that controls the movement of the energy accumulating conduct tube is located on the core element, which is associated with the energy accumulating conduct tube. The guiding slot assembly further has a pair of circular control guiding slots and a pair of ignition guiding slots. The energy accumulating conduct tube is positioned in the guiding slot assembly. The guiding shaft and the impact shaft of the energy accumulating conduct tube are positioned respectively in the control guiding slots and in the ignition slots.

Abstract translation: 提供了适用于任何压电打火机的抗儿童打火机的压电点火机构，其包括能量积聚导管和芯元件。 弯曲器优选地包括设置在能量积聚导管中的冲击轴，其是圆度。 引导轴定位在蓄能导管上。 控制蓄能导管的移动的引导槽组件位于与蓄能导管相关联的芯元件上。 引导槽组件还具有一对圆形控制引导槽和一对点火引导槽。 能量积聚导管位于导槽组件中。 蓄能导管的引导轴和冲击轴分别位于控制引导槽和点火槽中。