公开(公告)号：US07778152B2

公开(公告)日：2010-08-17

申请号：US12031372

申请日：2008-02-14

申请人： Tat Keung Chan

发明人： Tat Keung Chan

IPC分类号： H04J11/00

CPC分类号： H04B3/54 ,  H01R13/6463 ,  H01R13/6473 ,  H04B3/56 ,  H04B2203/5408 ,  H04B2203/5441 ,  H04B2203/5445 ,  H04B2203/5454 ,  H04B2203/5466 ,  H04B2203/5483

摘要： In one embodiment, a powerline system includes a data connection, a powerline module coupled to the data connection, a physical socket coupled to the powerline module and including a female connector device, a male connector device inserted into the female connector device, and a pair of wires coupled to and extending from the male connector device. The female connector device comprises a first female connector and a second female connector. The male connector device comprises a first male connector coupled to the first female connector and a second male connector coupled to the second female connector. The first wire of the pair of wires is coupled to and extending from the first male connector, and the second wire of the pair of wires is coupled to and extending from the second male connector respectively.

摘要翻译： 在一个实施例中，电力线系统包括数据连接，耦合到数据连接的电力线模块，耦合到电力线模块的物理插座，并且包括阴连接器装置，插入到母连接器装置中的公连接器装置和一对 耦合到阳连接器装置并从阳连接器装置延伸的导线。 阴连接器装置包括第一阴连接器和第二阴连接器。 阳连接器装置包括耦合到第一阴连接器的第一阳连接器和耦合到第二阴连接器的第二阳连接器。 一对电线的第一线耦合到第一阳连接器并从第一阳连接器延伸，并且一对电线的第二线分别耦合到第二阳连接器并从第二阳连接器延伸。

公开(公告)号：US20080205450A1

公开(公告)日：2008-08-28

申请号：US11845019

申请日：2007-08-24

申请人： Tat Keung Chan

发明人： Tat Keung Chan

IPC分类号： G05B11/01 ,  H04L27/00

CPC分类号： H04B3/542 ,  H04B2203/5445 ,  H04B2203/5466

摘要： A power line module and method. In a preferred embodiment, the power line module is adapted to couple to a power line outlet, which is provided on a power line network within a spatial region. A power line chip is within a housing. In a preferred embodiment. the power line chip has an input/output port and is capable of converting a power line telecommunication signal having a data rate of greater than about 80 Megabits per second from the power line network to an Ethernet signal for use in a local area network segment. The module has a coupling device coupled to the input/output port of the power line chip. In a preferred embodiment, the module has a first pin comprising a plurality of first spring members operably coupled the coupling device. The first pin is insertable into a first site of the power outlet. The module has a second pin comprising a plurality of second spring members operably coupled to the coupling device.

摘要翻译： 电力线模块及方法。 在优选实施例中，电力线模块适于耦合到设置在空间区域内的电力线网络上的电力线路出口。 电源线芯片在外壳内。 在优选实施例中。 电力线芯片具有输入/输出端口，并且能够将具有大于约80兆比特每秒的数据速率的电力线电信信号从电力线网络转换成用于局域网段的以太网信号。 该模块具有耦合到电力线芯片的输入/输出端口的耦合装置。 在优选实施例中，模块具有包括可操作地联接耦合装置的多个第一弹簧构件的第一销。 第一个引脚可插入电源插座的第一个位置。 模块具有第二销，其包括可操作地联接到联接装置的多个第二弹簧构件。

公开(公告)号：US20070073858A1

公开(公告)日：2007-03-29

申请号：US11237484

申请日：2005-09-27

申请人： Ram Lakshmi Narayanan ,  Tat Keung Chan

发明人： Ram Lakshmi Narayanan ,  Tat Keung Chan

IPC分类号： G06F15/173

CPC分类号： H04L63/1408 ,  H04L67/2814 ,  H04L67/2871

摘要： The invention relates to a virtual computing platform for providing subscribers of the virtual computing platform with means for running their applications on the platform instead of running the applications on their mobile devices. The virtual computing platform is adapted to route internal communication directed from a first application of the platform to a second application of the platform via a set of external security appliances. The set may include a firewall, a security gateway, an application layer firewall, a web shield, an anti-virus device and an anti-spam device.

摘要翻译： 本发明涉及一种虚拟计算平台，用于向虚拟计算平台的用户提供在平台上运行其应用的装置，而不是在其移动设备上运行应用。 虚拟计算平台适于将从平台的第一应用引导的内部通信经由一组外部安全设备路由到平台的第二应用。 该集合可以包括防火墙，安全网关，应用层防火墙，网络防火墙，防病毒设备和反垃圾邮件设备。

公开(公告)号：US09646332B2

公开(公告)日：2017-05-09

申请号：US13238850

申请日：2011-09-21

申请人： Jinsong Zheng ,  Tat Keung Chan ,  Liqiang Chen ,  Greg N. Nakanishi ,  Jason A. Pasion ,  Xin Qiu ,  Ting Yao

发明人： Jinsong Zheng ,  Tat Keung Chan ,  Liqiang Chen ,  Greg N. Nakanishi ,  Jason A. Pasion ,  Xin Qiu ,  Ting Yao

IPC分类号： G06F21/00 ,  G06Q30/06

CPC分类号： G06F21/105 ,  G06Q30/06 ,  G06Q2220/18

摘要： Disclosed is a manufacturing process and feature licensing system for provisioning personalized (device-unique) licenses to devices. The secure system uses a secure key wrapping mechanism to deliver the LSK to LPS. Another feature is that various network communication links are secured using standard security protocol. Application messages, license templates, licenses are digitally signed. The system is flexible, configured to allow multiple manufacturers and to allow various feature configurations via the use of License Template; scalable, as it is possible to use multiple LPS hosts to serve multiple programming stations; and available in that the delegation of license signing capability from CLS to LPS eliminates the dependency on unreliable Internet connections. Redundant LPS hosts provide high level of availability required for high volume license provisioning. The system is traceable: license and device association are replicated back to the CLS to provide full license request and generation traceability.

公开(公告)号：US09178869B2

公开(公告)日：2015-11-03

申请号：US13080301

申请日：2011-04-05

申请人： Madjid F. Nakhjiri ,  Tat Keung Chan

发明人： Madjid F. Nakhjiri ,  Tat Keung Chan

IPC分类号： G06F15/173 ,  H04L29/06

CPC分类号： H04L63/0823

摘要： A method and apparatus are provided for locating network resources over a communication network. The method includes receiving a digital certificate identifying a first entity and extracting information from at least one predetermined field of the digital certificate. The extracted information is used as input to a location generation function to create a resource locator (e.g., a URL). The network resource is contacted over the communication network in accordance with a communication protocol using the resource locator to obtain requested information concerning the first entity.

摘要翻译： 提供了一种用于通过通信网络定位网络资源的方法和装置。 该方法包括接收标识第一实体的数字证书，并从数字证书的至少一个预定字段提取信息。 所提取的信息被用作位置生成功能的输入以创建资源定位符（例如，URL）。 根据使用资源定位器的通信协议，通过通信网络联系网络资源，以获得关于第一实体的请求信息。

公开(公告)号：US08484467B2

公开(公告)日：2013-07-09

申请号：US11606910

申请日：2006-12-01

申请人： Tat Keung Chan ,  Gabor Bajko

发明人： Tat Keung Chan ,  Gabor Bajko

IPC分类号： H04L9/32 ,  G06F21/00 ,  G06F7/04

CPC分类号： H04L9/0838 ,  H04L9/08 ,  H04L9/0841 ,  H04L9/3247 ,  H04L9/3265 ,  H04L9/3271 ,  H04L63/061 ,  H04L63/062 ,  H04L63/08 ,  H04L63/0823 ,  H04L63/0869 ,  H04L63/205 ,  H04L2209/38 ,  H04L2209/56 ,  H04L2209/80 ,  H04L2463/061 ,  H04W12/04 ,  H04W12/06 ,  H04W88/02

摘要： The invention relates to a method of authenticating a user equipment in a communications network. The method involves sending a message from a network entity to the user equipment. This message includes a set of options for an authentication procedure for authenticating an internet protocol communication over a first interface between the user equipment and the network entity; said options including a “shared key”-based authentication procedure. The method also involves selecting an option from the set. In the event that the “shared-key”-based authentication procedure is selected, a shared secret from a security key established in a generic bootstrapping architecture (GBA) is generated over a second interface between the user equipment and a bootstrapping service function. The shared secret is then used to compute and verify authentication payloads in the key-based authentication procedure for the communication over the first interface.

摘要翻译： 本发明涉及一种在通信网络中认证用户设备的方法。 该方法涉及将消息从网络实体发送到用户设备。 该消息包括用于通过用户设备和网络实体之间的第一接口认证互联网协议通信的认证过程的一组选项; 所述选项包括基于“共享密钥”的认证过程。 该方法还涉及从集合中选择一个选项。 在选择基于“共享密钥”的认证过程的情况下，通过在通用引导体系结构（GBA）中建立的安全密钥的共享密钥在用户设备和引导服务功能之间的第二接口上生成。 然后，共享秘密用于在基于密钥的认证过程中通过第一接口进行通信的计算和验证认证有效载荷。

公开(公告)号：US08353011B2

公开(公告)日：2013-01-08

申请号：US11372333

申请日：2006-03-08

申请人： Gabor Bajko ,  Tat Keung Chan

发明人： Gabor Bajko ,  Tat Keung Chan

IPC分类号： H04L29/06

CPC分类号： H04W12/06 ,  G06F21/305 ,  G06F21/31 ,  G06F21/43 ,  G06F21/575 ,  H04L9/3271 ,  H04L63/08 ,  H04L63/14 ,  H04L63/1441 ,  H04L63/1466 ,  H04L63/168 ,  H04L63/205 ,  H04L2209/80 ,  H04W12/10 ,  H04W12/12 ,  H04W80/10

摘要： In one exemplary and non-limiting aspect thereof a method is provided that includes sending a wireless network (WN) a first message that includes a list of authentication mechanisms supported by a node and, in association with each authentication mechanism, a corresponding identity; determining in the WN an authentication mechanism to be used for bootstrapping, based at least on the list received from the node; and including information in a second message that is sent to the node, the information including the determined authentication mechanism in conjunction with a corresponding identity. The method further includes protecting at least the list of authentication mechanisms supported by the node and the corresponding identities and sending a second message to the network, the second message including at least the list of authentication mechanisms and the corresponding identities. The method further includes receiving a second response message from the network that is at least partially integrity protected, where the second response message includes an indication of the selected authentication mechanism and the corresponding identity.

摘要翻译： 在一个示例性和非限制性的方面，提供了一种方法，其包括发送无线网络（WN）第一消息，所述第一消息包括由节点支持的认证机制的列表，并且与每个认证机制相关联地具有对应的身份; 至少基于从节点接收的列表，在WN中确定要用于引导的认证机制; 并且包括发送到节点的第二消息中的信息，所述信息包括结合相应身份的确定的认证机制。 所述方法还包括至少保护所述节点支持的认证机制的列表和对应的身份，并向网络发送第二消息，所述第二消息至少包括认证机制列表和对应的身份。 该方法还包括从网络接收至少部分完整性保护的第二响应消息，其中第二响应消息包括所选择的认证机制的指示和对应的身份。

公开(公告)号：US20110246646A1

公开(公告)日：2011-10-06

申请号：US13080301

申请日：2011-04-05

申请人： Madjid F. Nakhjiri ,  Tat Keung Chan

发明人： Madjid F. Nakhjiri ,  Tat Keung Chan

IPC分类号： G06F15/16

CPC分类号： H04L63/0823

摘要： A method and apparatus are provided for locating network resources over a communication network. The method includes receiving a digital certificate identifying a first entity and extracting information from at least one predetermined field of the digital certificate. The extracted information is used as input to a location generation function to create a resource locator (e.g., a URL). The network resource is contacted over the communication network in accordance with a communication protocol using the resource locator to obtain requested information concerning the first entity.

摘要翻译： 提供了一种用于通过通信网络定位网络资源的方法和装置。 该方法包括接收标识第一实体的数字证书，并从数字证书的至少一个预定字段提取信息。 所提取的信息被用作位置生成功能的输入以创建资源定位符（例如，URL）。 根据使用资源定位器的通信协议，通过通信网络联系网络资源，以获得关于第一实体的请求信息。

公开(公告)号：US20110197077A1

公开(公告)日：2011-08-11

申请号：US13021384

申请日：2011-02-04

申请人： Tat Keung Chan ,  Paul D. Baker ,  Christopher P. Gardner ,  Mark E. Gregotski ,  Ted R. Michaud ,  Xin Qiu ,  Jinsong Zheng

发明人： Tat Keung Chan ,  Paul D. Baker ,  Christopher P. Gardner ,  Mark E. Gregotski ,  Ted R. Michaud ,  Xin Qiu ,  Jinsong Zheng

IPC分类号： G06F21/24

CPC分类号： G06F21/10 ,  Y10S705/902 ,  Y10S705/911

摘要： A method enables selected features of a software product residing on an end user electronic device with a license delivered from a licensing provider to a service provider of the end user electronic device. The method includes requesting at least one license to authorize a first service provider. An encrypted installation key uniquely associated with the first service provider is received as well as an authorization agent module for installation on one or more authorization agent devices associated with the first service provider. The encrypted installation key and the authorization agent module are installed on the authorization agent devices. A device-unique identifier (DUID) is generated for each authorization agent device based on hardware characteristics of the respective authorization agent devices. The DUID and the encrypted installation key are sent from the authorization agent device to a licensing provider to obtain the requested license. The requested license is received by the authorization agent devices if the DUID and the encrypted installation key are validated by the licensing provider. The license on authorization agent device authorizes and enables the selected features of the software product on an end user electronic device.

摘要翻译： 一种方法使得驻留在最终用户电子设备上的软件产品的选定特征具有从许可提供者向最终用户电子设备的服务提供商提供的许可证。 该方法包括请求至少一个许可证以授权第一服务提供商。 接收与第一服务提供商唯一相关联的加密安装密钥以及用于安装在与第一服务提供商相关联的一个或多个授权代理设备上的授权代理模块。 加密安装密钥和授权代理模块安装在授权代理设备上。 基于相应的授权代理设备的硬件特性，为每个授权代理设备生成设备唯一标识符（DUID）。 DUID和加密的安装密钥从授权代理设备发送到许可提供商以获取所请求的许可证。 如果DUID和加密安装密钥由许可提供商验证，则授权代理设备将收到所请求的许可证。 授权代理设备的许可证在最终用户电子设备上授权并启用软件产品的选定功能。

公开(公告)号：US20110196793A1

公开(公告)日：2011-08-11

申请号：US13021380

申请日：2011-02-04

申请人： Jinsong Zheng ,  Thomas J. Barbour ,  Tat Keung Chan ,  Christopher P. Gardner ,  Mark E. Gregotski ,  Xin Qiu

发明人： Jinsong Zheng ,  Thomas J. Barbour ,  Tat Keung Chan ,  Christopher P. Gardner ,  Mark E. Gregotski ,  Xin Qiu

IPC分类号： G06Q30/00 ,  H04L9/28

CPC分类号： G06Q30/00 ,  G06Q30/0601 ,  G06Q30/0641

摘要： A system enables customers to provision devices with feature licenses that enable specified features in the devices. The system includes a feature definition module configured to store product feature information associated with different products available from a plurality of different manufacturers. The system also includes a feature license management module configured to generate, update and revoke feature licenses. The feature licenses that are generated all have a common format. The system further includes a feature credit management module configured to monitor and account for feature credits available to customer organization units. A user management module is also provided in the system, which is configured to authenticate users of the system. A user interface is accessible over a communications network through which authenticated users can request and receive feature licenses.

摘要翻译： 系统使客户能够为设备提供功能许可证，从而实现设备中的指定功能。 该系统包括功能定义模块，其被配置为存储与多个不同制造商可用的不同产品相关联的产品特征信息。 该系统还包括功能许可证管理模块，用于生成，更新和撤销功能许可证。 生成的功能许可证都具有通用格式。 该系统还包括功能信用管理模块，其被配置为监视和考虑可用于客户组织单元的功能信用。 系统中还提供用户管理模块，该用户管理模块被配置为对系统的用户进行认证。 通过通信网络访问用户界面，通过该网络，经过身份验证的用户可以通过该网络请求和接收功能许