-
公开(公告)号:US08532303B2
公开(公告)日:2013-09-10
申请号:US11957184
申请日:2007-12-14
IPC分类号: H04L9/08
CPC分类号: H04L63/0435 , H04L9/083 , H04L63/0428 , H04L63/062 , H04L63/20
摘要: A method, device, and system are disclosed. In one embodiment the method includes receiving measured health information from a client on a key distribution server. Once the measured health information is received the server is capable of validating the measured health information to see if it is authentic. The server is also capable of sending a session key to the client when the measured health information is validated. When the client receives the session key, the client is capable of initiating an encrypted and authenticated connection with an application server in the domain using the session key.
摘要翻译: 公开了一种方法,装置和系统。 在一个实施例中,该方法包括从密钥分发服务器上的客户端接收测量的健康信息。 一旦接收到测量的健康信息,服务器就能够验证测量的健康信息,看它是否可信。 当测量的健康信息被验证时,服务器还能够向客户端发送会话密钥。 当客户端接收会话密钥时,客户端能够使用会话密钥发起与域中的应用服务器的加密和认证连接。
-
公开(公告)号:US08498420B2
公开(公告)日:2013-07-30
申请号:US11957184
申请日:2007-12-14
IPC分类号: H04L9/08
摘要: A method, device, and system are disclosed. In one embodiment the method includes receiving measured health information from a client on a key distribution server. Once the measured health information is received the server is capable of validating the measured health information to see if it is authentic. The server is also capable of sending a session key to the client when the measured health information is validated. When the client receives the session key, the client is capable of initiating an encrypted and authenticated connection with an application server in the domain using the session key.
-
公开(公告)号:US09319220B2
公开(公告)日:2016-04-19
申请号:US12032618
申请日:2008-02-15
申请人: Karanvir Grewal , Men Long , Prashant Dewan
发明人: Karanvir Grewal , Men Long , Prashant Dewan
CPC分类号: H04L63/061 , H04L9/083 , H04L9/321 , H04L9/3247
摘要: Methods and apparatus are disclosed to provide for security within a network enclave. In one embodiment authentication logic initiates authentication with a central network authority. Packet processing logic receives a key and an identifier from the central network authority. Security protocol logic then establishes a client-server security association through a communication that includes a client identifier and an encrypted portion and/or an authorization signature, wherein a client authorization key allocated by the central network authority can be reproduced by a server, other than said central network authority, from the client identifier and a derivation key provided to the server by the central network authority to decrypt the encrypted portion and/or to validate the communication using the authorization signature. The server may also provide the client with new session keys and/or new client session identifiers using server-generated derivation keys if desired, protecting these with the client authorization key.
摘要翻译: 公开了提供网络飞地内的安全性的方法和装置。 在一个实施例中,认证逻辑启动与中央网络授权机构的认证。 分组处理逻辑从中央网络机构接收密钥和标识符。 然后,安全协议逻辑通过包括客户端标识符和加密部分和/或授权签名的通信来建立客户机 - 服务器安全关联,其中由中央网络机构分配的客户机授权密钥可以由服务器再现,除了 所述中央网络机构根据客户端标识符和由中央网络机构提供给服务器的导出密钥来解密加密部分和/或使用授权签名验证通信。 如果需要,服务器还可以使用服务器生成的导出密钥向客户端提供新的会话密钥和/或新的客户端会话标识符,并用客户端授权密钥来保护它们。
-
公开(公告)号:US09276745B2
公开(公告)日:2016-03-01
申请号:US13976298
申请日:2011-12-15
申请人: David M. Durham , Men Long , Karanvir S. Grewal , Prashant Dewan , Xiaozhu Kang
发明人: David M. Durham , Men Long , Karanvir S. Grewal , Prashant Dewan , Xiaozhu Kang
IPC分类号: H04L29/06 , G06F21/10 , H04L9/28 , H04L9/06 , H04N1/44 , G06F21/62 , H04N21/2743 , H04N21/4405 , H04N21/4408 , H04N21/4788 , H04N21/81
CPC分类号: H04L9/28 , G06F21/6263 , G06F2221/2107 , H04L9/065 , H04L63/0428 , H04N1/4486 , H04N21/2743 , H04N21/4405 , H04N21/4408 , H04N21/4788 , H04N21/8153
摘要: An apparatus and method for preserving image privacy when manipulated by cloud services includes middleware for receiving an original image, splitting the original image into two sub-images, where the RGB pixel values of the sub-images have a bit value that is less than RGB pixel values of the original image. The sub-images are encrypted by adding a keystream to the RGB pixel values of the sub-images. The sub-image data is transmitted to a cloud service such as a social network or photo-sharing site, which manipulate the images by resizing, cropping, filtering, or the like. The sub-image data is received by the middleware and is successfully decrypted irrespective of the manipulations performed by the cloud services. In an alternative embodiment, the blocks of the original image are permutated when encrypted, and then reverse-permutated when decrypted.
摘要翻译: 一种用于在由云服务操作时保护图像隐私的装置和方法包括用于接收原始图像的中间件,将原始图像分割成两个子图像,其中子图像的RGB像素值具有小于RGB的比特值 原始图像的像素值。 通过向子图像的RGB像素值添加密钥流来加密子图像。 子图像数据被发送到诸如社交网络或照片共享站点的云服务,其通过调整大小,裁剪,过滤等来操纵图像。 子图像数据由中间件接收,并且被成功解密,而与云服务执行的操作无关。 在替代实施例中,原始图像的块在加密时被置换,然后在被解密时反向排列。
-
公开(公告)号:US20140032924A1
公开(公告)日:2014-01-30
申请号:US13562046
申请日:2012-07-30
申请人: David M. Durham , Xiaozhu Kang , Prashant Dewan , Men Long , Karanvir S. Grewal
发明人: David M. Durham , Xiaozhu Kang , Prashant Dewan , Men Long , Karanvir S. Grewal
IPC分类号: G06F21/00
CPC分类号: G06F21/10 , G06F21/32 , H04L9/0866 , H04L63/045 , H04L63/0861
摘要: Embodiments of techniques and systems for biometric-data-based media encryption are described. In embodiments, an encryption key may be created for a recipient user based at least in part on biometric data of the recipient user. This encryption key may be maintained on a key maintenance component and used by a sharing user to encrypt a media file for access by the recipient user. One or more access policies associated with recipient user may be encrypted in the encrypted media file as well. In embodiments, the media file may be encrypted for use by multiple recipient users. When a recipient user desires to access the encrypted media file, a decryption key may be generated in real time based on contemporaneously captured biometric data and used to provide access to the encrypted media file. Other embodiments may be described and claimed.
摘要翻译: 描述了用于基于生物特征数据的媒体加密的技术和系统的实施例。 在实施例中,可以至少部分地基于接收者用户的生物特征数据为接收者用户创建加密密钥。 该加密密钥可以维护在密钥维护组件上,并由共享用户使用以加密媒体文件以供接收用户访问。 与接收者用户相关联的一个或多个访问策略也可以在加密的媒体文件中被加密。 在实施例中,媒体文件可以被加密以供多个接收者用户使用。 当收件人用户希望访问加密的媒体文件时,可以基于同时捕获的生物特征数据实时地生成解密密钥,并且用于提供对加密的媒体文件的访问。 可以描述和要求保护其他实施例。
-
公开(公告)号:US07778166B2
公开(公告)日:2010-08-17
申请号:US11946722
申请日:2007-11-28
申请人: Prashant Dewan , Men Long
发明人: Prashant Dewan , Men Long
IPC分类号: H04J1/16
CPC分类号: H04L47/10 , H04L47/283 , H04L47/32 , H04L63/06 , H04L63/08 , H04L63/0846 , H04L63/164
摘要: A method and system are disclosed. In one embodiment the method includes a first device sending a stream of packets in a sequence across a network to a second device. In the sequence of packets there are a number of data packets and one or more synchronization packets. The synchronization packets are interspersed throughout the data packets. The method also includes the second device being capable of dropping any of the received data packets in the sequence arriving more than a first delta of time threshold value after the arrival of the most recent synchronization packet.
摘要翻译: 公开了一种方法和系统。 在一个实施例中,该方法包括第一设备,以跨序列的方式将分组流发送到网络到第二设备。 在分组的顺序中,存在多个数据分组和一个或多个同步分组。 同步数据包散布在整个数据包中。 该方法还包括第二设备能够在最近的同步分组到达之后,在到达多于时间阈值的第一增量的序列中丢弃任何接收到的数据分组。
-
公开(公告)号:US20130311777A1
公开(公告)日:2013-11-21
申请号:US13953594
申请日:2013-07-29
IPC分类号: H04L29/06
CPC分类号: H04L63/0435 , H04L9/083 , H04L63/0428 , H04L63/062 , H04L63/20
摘要: A method, device, and system are disclosed. In one embodiment the method includes receiving measured health information from a client on a key distribution server. Once the measured health information is received the server is capable of validating the measured health information to see if it is authentic. The server is also capable of sending a session key to the client when the measured health information is validated. When the client receives the session key, the client is capable of initiating an encrypted and authenticated connection with an application server in the domain using the session key.
-
公开(公告)号:US20130279690A1
公开(公告)日:2013-10-24
申请号:US13976298
申请日:2011-12-15
申请人: David M. Durham , Men Long , Karanvir S. Grewal , Prashant Dewan , Xiaozhu Kang
发明人: David M. Durham , Men Long , Karanvir S. Grewal , Prashant Dewan , Xiaozhu Kang
IPC分类号: H04L9/28
CPC分类号: H04L9/28 , G06F21/6263 , G06F2221/2107 , H04L9/065 , H04L63/0428 , H04N1/4486 , H04N21/2743 , H04N21/4405 , H04N21/4408 , H04N21/4788 , H04N21/8153
摘要: An apparatus and method for preserving image privacy when manipulated by cloud services includes middleware for receiving an original image, splitting the original image into two sub-images, where the RGB pixel values of the sub-images have a bit value that is less than RGB pixel values of the original image. The sub-images are encrypted by adding a keystream to the RGB pixel values of the sub-images. The sub-image data is transmitted to a cloud service such as a social network or photo-sharing site, which manipulate the images by resizing, cropping, filtering, or the like. The sub-image data is received by the middleware and is successfully decrypted irrespective of the manipulations performed by the cloud services. In an alternative embodiment, the blocks of the original image are permutated when encrypted, and then reverse-permutated when decrypted.
摘要翻译: 一种用于在由云服务操作时保护图像隐私的装置和方法包括用于接收原始图像的中间件,将原始图像分割成两个子图像,其中子图像的RGB像素值具有小于RGB的比特值 原始图像的像素值。 通过向子图像的RGB像素值添加密钥流来加密子图像。 子图像数据被发送到诸如社交网络或照片共享站点的云服务,其通过调整大小,裁剪,过滤等来操纵图像。 子图像数据由中间件接收,并且被成功解密,而与云服务执行的操作无关。 在替代实施例中,原始图像的块在加密时被置换,然后在被解密时反向排列。
-
公开(公告)号:US20090210699A1
公开(公告)日:2009-08-20
申请号:US12032618
申请日:2008-02-15
申请人: Karanvir Grewal , Men Long , Prashant Dewan
发明人: Karanvir Grewal , Men Long , Prashant Dewan
IPC分类号: H04L9/32
CPC分类号: H04L63/061 , H04L9/083 , H04L9/321 , H04L9/3247
摘要: Methods and apparatus are disclosed to provide for security within a network enclave. In one embodiment authentication logic initiates authentication with a central network authority. Packet processing logic receives a key and an identifier from the central network authority. Security protocol logic then establishes a client-server security association through a communication that includes a client identifier and an encrypted portion and/or an authorization signature, wherein a client authorization key allocated by the central network authority can be reproduced by a server, other than said central network authority, from the client identifier and a derivation key provided to the server by the central network authority to decrypt the encrypted portion and/or to validate the communication using the authorization signature. The server may also provide the client with new session keys and/or new client session identifiers using server-generated derivation keys if desired, protecting these with the client authorization key.
摘要翻译: 公开了提供网络飞地内的安全性的方法和装置。 在一个实施例中,认证逻辑启动与中央网络授权机构的认证。 分组处理逻辑从中央网络机构接收密钥和标识符。 然后,安全协议逻辑通过包括客户端标识符和加密部分和/或授权签名的通信来建立客户机 - 服务器安全关联,其中由中央网络机构分配的客户机授权密钥可以由服务器再现,除了 所述中央网络机构根据客户端标识符和由中央网络机构提供给服务器的导出密钥来解密加密部分和/或使用授权签名验证通信。 如果需要,服务器还可以使用服务器生成的导出密钥向客户端提供新的会话密钥和/或新的客户端会话标识符,并用客户端授权密钥来保护它们。
-
公开(公告)号:US20090154708A1
公开(公告)日:2009-06-18
申请号:US11957184
申请日:2007-12-14
IPC分类号: H04L9/08
CPC分类号: H04L63/0435 , H04L9/083 , H04L63/0428 , H04L63/062 , H04L63/20
摘要: A method, device, and system are disclosed. In one embodiment the method includes receiving measured health information from a client on a key distribution server. Once the measured health information is received the server is capable of validating the measured health information to see if it is authentic. The server is also capable of sending a session key to the client when the measured health information is validated. When the client receives the session key, the client is capable of initiating an encrypted and authenticated connection with an application server in the domain using the session key.
摘要翻译: 公开了一种方法,装置和系统。 在一个实施例中,该方法包括从密钥分发服务器上的客户端接收测量的健康信息。 一旦接收到测量的健康信息,服务器就能够验证测量的健康信息,看它是否可信。 当测量的健康信息被验证时,服务器还能够向客户端发送会话密钥。 当客户端接收会话密钥时,客户端能够使用会话密钥发起与域中的应用服务器的加密和认证连接。
-
-
-
-
-
-
-
-
-
搜索结果
80 条记录 (耗时 0.031 秒)
