利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

273 条记录 (耗时 0.034 秒)

    Entity authentication method with introduction of online third party
    21.
    发明授权
    Entity authentication method with introduction of online third party 有权
    实体认证方式,引入在线第三方

    公开(公告)号:US08763100B2

    公开(公告)日:2014-06-24

    申请号:US13392915

    申请日:2009-12-29

    申请人: Manxia Tie Jun Cao Xiaolong Lai Zhenhai Huang

    发明人: Manxia Tie Jun Cao Xiaolong Lai Zhenhai Huang

    IPC分类号: G06F21/00

    CPC分类号: H04L63/08 H04L9/3213 H04L9/3247 H04L9/3263 H04L9/3271 H04L9/3297

    摘要: An entity authentication method by introducing an online third party includes the following steps: 1) an entity B sends a message 1 to an entity A; 2) the entity A sends a message 2 to a trusted third party TP after receiving the message 1; 3) the trusted third party TP checks the validity of the entity A after receiving the message 2; 4) the trusted third party TP returns a message 3 to the entity A after checking the validity of the entity A; 5) the entity A sends a message 4 to the entity B after receiving the message 3; 6) and the entity B performs validation after receiving the message 4. The online retrieval and authentication mechanism of the public key simplifies the operating condition of a protocol, and realizes validity identification of the network for the user through the authentication of the entity B to the entity A.

    摘要翻译: 通过引入在线第三方的实体认证方法包括以下步骤:1)实体B向实体A发送消息1; 2)实体A在接收到消息1之后向可信第三方TP发送消息2; 3)受信任的第三方TP在接收到消息2后检查实体A的有效性; 4)可信第三方TP在检查实体A的有效性之后向实体A返回消息3; 5)实体A在接收到消息3之后向实体B发送消息4; 6),实体B在接收到消息4后进行验证。公钥的在线检索和认证机制简化了协议的工作状态,通过对实体B认证实现了用户对网络的有效性识别 实体A.

    Trusted network management method of trusted network connections based on tri-element peer authentication
    22.
    发明授权
    Trusted network management method of trusted network connections based on tri-element peer authentication 有权
    基于三元对等认证的可信网络连接的可信网络管理方法

    公开(公告)号:US08756654B2

    公开(公告)日:2014-06-17

    申请号:US13059798

    申请日:2009-08-20

    申请人: Yuelei Xiao Jun Cao Xiaolong Lai Zhenhai Huang

    发明人: Yuelei Xiao Jun Cao Xiaolong Lai Zhenhai Huang

    IPC分类号: G06F17/00 G06F7/04 G06F17/30 G06F15/16 H04L29/06

    CPC分类号: H04L41/28 H04L9/3234 H04L9/3263 H04L63/0823 H04L63/0876 H04L63/105 H04L63/20 H04L2209/127 H04L2209/76

    摘要: A trusted network management method of trusted network connections based on tri-element peer authentication. A trusted management proxy and a trusted management system are respectively installed and configured on a host to be managed and a management host, and are verified as local trusted. When the host to be managed and the management host are not connected to the trusted network, they use the trusted network connection method based on the tri-element peer authentication to connect to the trusted network respectively, and subsequently perform the authentications and the cipher key negotiations of the trusted management proxy and the trusted management system; when the host to be managed and the management host have not completed the user authentication and the cipher key negotiation process, they use the tri-element peer authentication protocol to complete the user authentication and the cipher key negotiation process, then use the tri-element peer authentication protocol to implement the remote trust of the trusted management proxy and the trusted management system, and finally perform network management. The present invention can actively defend attacks, reinforce the safety of the trusted network management architecture, and realize the trusted network management of distributed control and centralized management.

    摘要翻译: 基于三元对等认证的可信网络连接的可信网络管理方法。 分别在要管理的主机和管理主机上安装和配置可信管理代理和可信管理系统,并将其验证为本地可信。 当要管理的主机和管理主机没有连接到可信网络时,他们使用基于三元对等认证的可信网络连接方法分别连接到可信网络,然后执行认证和密码密钥 可信管理代理和可信管理系统的协商; 当要管理的主机和管理主机尚未完成用户认证和密钥协商过程时,他们使用三元素对等体认证协议完成用户认证和密钥协商过程,然后使用三元素 对等体认证协议,实现可信管理代理和可信管理系统的远程信任,最终执行网络管理。 本发明可以积极防御攻击,加强可信网管理架构的安全性,实现分布式控制和集中管理的可信网络管理。

    Method and system for entity public key acquiring, certificate validation and authentication by introducing an online credible third party
    23.
    发明授权
    Method and system for entity public key acquiring, certificate validation and authentication by introducing an online credible third party 有权
    通过引入在线可信的第三方,实体公钥获取,证书验证和认证的方法和系统

    公开(公告)号:US08751792B2

    公开(公告)日:2014-06-10

    申请号:US13499126

    申请日:2009-12-14

    申请人: Manxia Tie Jun Cao Zhenhai Huang Xiaolong Lai

    发明人: Manxia Tie Jun Cao Zhenhai Huang Xiaolong Lai

    IPC分类号: H04L29/06

    CPC分类号: H04L9/3213 H04L9/3268 H04L63/0823

    摘要: A method and system for entity public key acquiring, certificate validation and authentication by introducing an online credible third party is disclosed. The method includes the following steps: 1) an entity B transmits a message 1 to an entity A; 2) the entity A transmits a message 2 to a credible third party TP after receiving the message 1; 3) the credible third party TP determines the response RepTA after receiving the message 2; 4) the credible third party TP returns a message 3 to the entity A; 5) the entity A returns a message 4 to the entity B after receiving the message 3; 6) the entity B receives the message 4; 7) the entity B transmits a message 5 to the entity A; 8) the entity A receives the message 5. The present invention can achieve public key acquisition, certificate validation and authentication of the entity by integrating them in one protocol, thereby facilitate the execution efficiency and the effect of the protocol and facilitate the combination with various public key acquisition and public key certificate state enquiry protocols. The present invention suits with a “user-access point-server” access network structure to meet the authentication requirement of the access network.

    摘要翻译: 公开了通过引入在线可信第三方实体公钥获取,证书验证和认证的方法和系统。 该方法包括以下步骤:1)实体B向实体A发送消息1; 2)实体A在接收到消息1之后向可信第三方TP发送消息2; 3)可靠的第三方TP确定收到消息后的回复RepTA 2; 4)可信第三方TP向实体A返回消息3; 5)实体A在接收到消息3之后向实体B返回消息4; 6)实体B接收消息4; 7)实体B向实体A发送消息5; 8)实体A接收消息5.本发明可以通过在一个协议中集成实现公钥获取,证书验证和认证,从而促进协议的执行效率和效果,并促进与各种协议的组合 公开密钥获取和公钥证书状态查询协议。 本发明适用于“用户接入点 - 服务器”接入网络结构,以满足接入网络的认证要求。

    Security access control method and system for wired local area network
    24.
    发明授权
    Security access control method and system for wired local area network 有权
    有线局域网的安全访问控制方法和系统

    公开(公告)号:US08689283B2

    公开(公告)日:2014-04-01

    申请号:US13391051

    申请日:2009-12-23

    申请人: Manxia Tie Jun Cao Li Ge Xiaolong Lai Zhenhai Huang Qin Li Zhiqiang Du

    发明人: Manxia Tie Jun Cao Li Ge Xiaolong Lai Zhenhai Huang Qin Li Zhiqiang Du

    IPC分类号: H04L29/06

    CPC分类号: H04L63/20 H04L63/061 H04L63/0823 H04L63/205

    摘要: The present invention relates to a security access control method and system for wired local area network, the method includes the following steps: 1) a requester (REQ) negotiates the security policy with an authentication access controller (AAC); 2) the requester (REQ) and the authentication access controller (AAC) authenticate the identity; 3) the requester (REQ) negotiates the key with the authentication access controller (AAC). The direct identity authentication between the user and the network access control device is realized by the present invention; the negotiation and the dynamic update of the session key for the link layer data protection are realized; a variety of network architectures such as the enterprise network, the telecommunication network are supported; the scalability is good, the multiple authentication methods are supported; the authentication protocols with different security levels are supported, the requirements of the various subscribers are satisfied; the sub-modules of the protocol are independent, flexible, and easy to be accepted or rejected.

    摘要翻译: 本发明涉及有线局域网的安全访问控制方法和系统,该方法包括以下步骤:1)请求者(REQ)与认证接入控制器(AAC)协商安全策略; 2)请求者(REQ)和认证访问控制器(AAC)认证身份; 3)请求者(REQ)与认证接入控制器(AAC)协商密钥。 用户和网络访问控制设备之间的直接身份认证是通过本发明实现的; 实现了链路层数据保护的会话密钥的协商和动态更新; 支持企业网络,电信网络等各种网络架构; 可扩展性好,支持多种认证方式; 支持不同安全级别的认证协议,满足各种用户的要求; 协议的子模块是独立的,灵活的,易于被接受或拒绝。

    Authentication access method and authentication access system for wireless multi-hop network
    25.
    发明授权
    Authentication access method and authentication access system for wireless multi-hop network 有权
    无线多跳网络的认证接入方式和认证接入系统

    公开(公告)号:US08656153B2

    公开(公告)日:2014-02-18

    申请号:US12810374

    申请日:2008-12-26

    申请人: Yuelei Xiao Jun Cao Xiaolong Lai Zhenhai Huang

    发明人: Yuelei Xiao Jun Cao Xiaolong Lai Zhenhai Huang

    IPC分类号: H04L29/06

    CPC分类号: H04W12/06 H04L9/0844 H04L9/3226 H04L9/3263 H04L63/061 H04L63/0807 H04L2209/80 H04W12/04 H04W88/02

    摘要: Authentication access method and authentication access system for wireless multi-hop network. Terminal equipment and coordinator have the capability of port control, the coordinator broadcasts a beacon frame, and the terminal equipment selects an authentication and key management suite and transmits a connecting request command to the coordinator. The coordinator performs authentication with the terminal equipment according to the authentication and key management suite which is selected by the terminal equipment, after authenticated, transmits a connecting response command to the terminal equipment. The terminal equipment and the coordinator control the port according to the authentication result, therefore the authenticated access for the wireless multi-hop network is realized. The invention solves the security problem of the wireless multi-hop network authentication method.

    摘要翻译: 无线多跳网络的认证接入方式和认证接入系统。 终端设备和协调器具有端口控制能力,协调器广播信标帧,终端设备选择认证和密钥管理套件,并向协调器发送连接请求命令。 协调器根据由终端设备选择的认证和密钥管理套件与终端设备进行认证,经过认证,向终端设备发送连接响应命令。 终端设备和协调器根据认证结果对端口进行控制,实现了无线多跳网络的认证接入。 本发明解决了无线多跳网络认证方法的安全问题。

    Pipeline architecture for a network device
    26.
    发明授权
    Pipeline architecture for a network device 有权
    网络设备的管道架构

    公开(公告)号:US08566337B2

    公开(公告)日:2013-10-22

    申请号:US12550053

    申请日:2009-08-28

    申请人: Brandon Carl Smith Jun Cao

    发明人: Brandon Carl Smith Jun Cao

    IPC分类号: G06F17/30

    CPC分类号: H04L45/742 H04L49/3063

    摘要: Various example embodiments are disclosed. According to an example embodiment, an apparatus may include a plurality of search engine pipeline stages, each of the plurality of search engine pipeline stages being configured to submit a particular search request to a plurality of search engines. The apparatus may also include the plurality of search engines, each of said plurality of search engines being configured to provide search results to one or more of the plurality of search engine pipeline stages.

    摘要翻译: 公开了各种示例性实施例。 根据示例实施例,装置可以包括多个搜索引擎流水线级,多个搜索引擎流水线阶段中的每一个被配置为向多个搜索引擎提交特定的搜索请求。 该装置还可以包括多个搜索引擎,所述多个搜索引擎中的每一个被配置为向多个搜索引擎流水线级中的一个或多个提供搜索结果。

    Dynamic table sharing of memory space within a network device
    27.
    发明授权
    Dynamic table sharing of memory space within a network device 失效
    网络设备内存空间的动态表共享

    公开(公告)号:US08457131B2

    公开(公告)日:2013-06-04

    申请号:US11084482

    申请日:2005-03-21

    申请人: Brandon Carl Smith Jun Cao

    发明人: Brandon Carl Smith Jun Cao

    IPC分类号: H04L12/56

    CPC分类号: H04L45/745 H04L45/00 H04L45/742 H04L69/12 H04L69/22

    摘要: A network device for processing data on a data network includes a port interface configured to receive a data packet from a data network and to send a processed data packet to an egress port of the plurality of ports, a packet evaluation module configured to parse the received data packet and modify the received data packet to form the processed data packet and a search engine configured to perform searches of lookup tables using parsed data packet values and to return search results to the packet evaluation module to assist in modifying the received data packet. At least one lookup table shares at least two different types of entries in that same at least one lookup table, where the search engine is configured to distinguish between the at least two different types of entries in that same at least one lookup table.

    摘要翻译: 一种用于在数据网络上处理数据的网络设备包括:端口接口,被配置为从数据网络接收数据分组,并且将经处理的数据分组发送到所述多个端口的出口端口;分组评估模块,被配置为解析所接收的 数据分组,并修改所接收的数据分组以形成经处理的数据分组;以及搜索引擎,其被配置为使用解析的数据分组值执行查找表的搜索,并将搜索结果返回到分组评估模块以帮助修改所接收的数据分组。 至少一个查找表在该相同的至少一个查找表中共享至少两种不同类型的条目,其中搜索引擎被配置为在该相同的至少一个查找表中区分该至少两种不同类型的条目。

    Entity bidirectional-identification method for supporting fast handoff
    29.
    发明授权
    Entity bidirectional-identification method for supporting fast handoff 有权
    实体双向识别方法支持快速切换

    公开(公告)号:US08392710B2

    公开(公告)日:2013-03-05

    申请号:US12994712

    申请日:2009-05-27

    申请人: Manxia Tie Jun Cao Zhenhai Huang Xiaolong Lai

    发明人: Manxia Tie Jun Cao Zhenhai Huang Xiaolong Lai

    IPC分类号: H04L9/32

    CPC分类号: H04L9/0844 H04L9/3213 H04L9/3263 H04L9/3273 H04L63/0823 H04L63/0869 H04W12/06

    摘要: An entity bidirectional-identification method for supporting fast handoff involves three security elements, which includes two identification elements A and B and a trusted third party (TP). All identification entities of a same element share a public key certification or own a same public key. When any identification entity in identification element A and any identification entity in identification element B need to identify each other, if identification protocol has never been operated between the two identification elements that they belong to respectively, the whole identification protocol process will be operated; otherwise, interaction of identification protocol will be acted only between the two identification entities. Application of the present invention not only centralizes management of public key and simplifies protocol operation condition, but also utilizes the concept of security domain so as to reduce management complexity of public key, shorten identification time and satisfy fast handoff requirements on the premises of guaranteeing security characteristics such as one key for every pair of identification entities, one secret key for every identification and forward secrecy.

    摘要翻译: 用于支持快速切换的实体双向识别方法涉及三个安全元件,其包括两个识别元件A和B以及可信第三方(TP)。 同一元素的所有识别实体共享公钥证书或拥有相同的公钥。 当识别元素A中的任何识别实体和识别元素B中的任何识别实体需要彼此识别时,如果识别协议在它们所属的两个识别元素之间从未被操作,则整个标识协议过程将被操作; 否则,识别协议的交互将仅在两个识别实体之间起作用。 本发明的应用不仅集中了公钥的管理,简化了协议的运行状况,而且利用了安全域的概念,降低了公钥的管理复杂度,缩短了识别时间,满足了保证安全性的前提下的快速切换要求 特征如每对识别实体的一个密钥,每个识别和转发保密的一个秘密密钥。

    Method for accessing data safely suitable for electronic tag
    30.
    发明授权
    Method for accessing data safely suitable for electronic tag 有权
    访问安全适合电子标签的数据的方法

    公开(公告)号:US08332628B2

    公开(公告)日:2012-12-11

    申请号:US13055296

    申请日:2009-07-20

    申请人: Liaojun Pang Jun Cao Manxia Tie

    发明人: Liaojun Pang Jun Cao Manxia Tie

    IPC分类号: H04L29/06

    CPC分类号: H04L9/0869 H04L9/083 H04L9/3073 H04L9/321 H04L9/3271 H04L2209/805

    摘要: A method for accessing data safely, which is suitable for the electronic tag with low performance, is provided. The method comprises the following steps: when performing a data writing process, the first read-write device encrypts the message MSG and then writes the message in the electronic tag; when performing a data reading process, the second read-write device sends a data request packet to the electronic tag; the electronic tag sends a data response packet to the second read-write device according to the data request packet; the second read-write device sends a key request packet to a trusted third party; the trusted third party verifies the validity of the identity of the second read-write device according to the key request packet, and sends a key response packet to the second read-write device upon the verification is passed; the second read-write device obtains the plain text of the electronic tag message MSG according to the key response packet. This invention can realize the safe access of the data of the electronic tag with low performance.

    摘要翻译: 提供了一种安全访问数据的方法,适用于低性能的电子标签。 该方法包括以下步骤:当执行数据写入处理时,第一读写装置加密消息MSG,然后将消息写入电子标签; 当执行数据读取处理时,第二读写装置向电子标签发送数据请求包; 电子标签根据数据请求包向第二读写装置发送数据响应包; 第二读写装置向可信第三方发送密钥请求包; 受信任的第三方根据密钥请求分组验证第二读写装置的身份的有效性,并且在验证通过时向第二读写装置发送密钥响应分组; 第二读写装置根据密钥响应包获得电子标签消息MSG的明文。 本发明可以实现低性能电子标签数据的安全访问。