公开(公告)号：US20070192825A1

公开(公告)日：2007-08-16

申请号：US11353675

申请日：2006-02-14

申请人： Alexander Frank ,  Curt Steeb ,  Isaac Ahdout ,  Richard Thompson ,  Thomas Phillips ,  William Westerinen ,  Zhangwei Xu

发明人： Alexander Frank ,  Curt Steeb ,  Isaac Ahdout ,  Richard Thompson ,  Thomas Phillips ,  William Westerinen ,  Zhangwei Xu

IPC分类号： H04L9/00

CPC分类号： H04L9/00 ,  G06F21/55 ,  G06F21/554 ,  G06F2221/2135

摘要： An electronic device, such as, a computer, may be adapted for self-monitoring for compliance to an operating policy. The operating policy may specify a pay-per-use or subscription business model and measurements associated with compliant usage. A secure execution environment may measure usage in accordance with the business model as well as monitor and enforce compliance to the operating policy. To increase the difficulty of attacking or otherwise disabling the secure execution environment, elements of the secure execution environment may be distributed. The distribution points may include other functional elements of the computer, such as interface circuits, or may even be remotely located over a network. An implementation method for disaggregating the secure execution environment is also disclosed.

摘要翻译： 诸如计算机的电子设备可以适于自我监视以符合操作策略。 操作策略可以指定按使用付费或订阅业务模式以及与合规使用相关联的测量。 安全执行环境可以根据业务模式来测量使用情况，并监视和实施对操作策略的遵守。 为了增加攻击或以其他方式禁用安全执行环境的难度，可以分发安全执行环境的元素。 分发点可以包括计算机的其他功能元件，例如接口电路，或者甚至可以远程位于网络上。 还公开了用于分解安全执行环境的实现方法。

公开(公告)号：US20070061268A1

公开(公告)日：2007-03-15

申请号：US11224651

申请日：2005-09-12

申请人： Jeffrey Herold ,  Munisamy Prabu ,  Thomas Phillips ,  James Duffus ,  Curt Steeb ,  Paul Sutton ,  Zeyong Xu ,  Zhangwei Xu ,  Alexander Frank

发明人： Jeffrey Herold ,  Munisamy Prabu ,  Thomas Phillips ,  James Duffus ,  Curt Steeb ,  Paul Sutton ,  Zeyong Xu ,  Zhangwei Xu ,  Alexander Frank

IPC分类号： G06Q99/00

CPC分类号： G06Q30/04

摘要： A computer participates in a system for licensing use in a metered fashion using individual licenses cryptographically linked to the computer and a particular service provider or underwriter. The computer may have a cryptographic unit, secure memory, sanction and metering functions as part of a secure execution environment for enabling metered operation and conformance to a security policy. Payment for licenses may be made through a payment system with licenses generated at a server with access to cryptographic functions for verification of requests, certificate/key pair generation, and signing licenses.

摘要翻译： 计算机使用与计算机和特定服务提供商或承销商密码相关联的个人许可来参与用于以计量方式许可使用的系统。 计算机可以具有加密单元，安全存储器，制裁和计量功能，作为用于实现计量操作和符合安全策略的安全执行环境的一部分。 许可证的支付可以通过支付系统进行，该系统具有在具有用于验证请求，证书/密钥对生成和签名许可证的加密功能的服务器上生成的许可证。

公开(公告)号：US20100293607A1

公开(公告)日：2010-11-18

申请号：US12466103

申请日：2009-05-14

申请人： Martin Hall ,  Ali Khan ,  Mark McNulty ,  Zhangwei Xu

发明人： Martin Hall ,  Ali Khan ,  Mark McNulty ,  Zhangwei Xu

IPC分类号： G06F21/00

CPC分类号： G06F21/35 ,  G06F21/31 ,  H04W12/06

摘要： Systems and methods are provided for linking a web identity and a portable device to provide web access to a user from a vehicle. An example system includes a presence agent that may be configured to validate the presence of the portable device in the vehicle by recognizing a device identifier saved on the portable device. After the presence of the portable device is validated, a security manager may receive a user identifier, and to verify if the user identifier corresponds with a known user value. Then, the security manager may send a user identity secure proxy to a credential manager. The credential manager may be configured to receive the user identity secure proxy, and in response, pass one or more credentials to a computing device onboard the vehicle. The credentials may indicate that the user is authorized to access one or more web services from the computing device.

摘要翻译： 系统和方法被提供用于链接网络标识和便携式设备以从车辆提供对用户的网络访问。 示例系统包括可以被配置为通过识别保存在便携式设备上的设备标识来验证车辆中的便携式设备的存在的存在代理。 在便携式设备的存在被验证之后，安全管理器可以接收用户标识符，并且验证用户标识符是否与已知的用户值相对应。 然后，安全管理员可以向凭证管理器发送用户身份安全代理。 证书管理器可以被配置为接收用户身份安全代理，并且作为响应，将一个或多个凭证传递给车辆上的计算设备。 证书可以指示用户被授权从计算设备访问一个或多个web服务。

公开(公告)号：US20060165227A1

公开(公告)日：2006-07-27

申请号：US11040968

申请日：2005-01-21

申请人： Curt Steeb ,  Jeffrey Herold ,  Paul Sutton ,  Zeyong Xu ,  Zhangwei Xu

发明人： Curt Steeb ,  Jeffrey Herold ,  Paul Sutton ,  Zeyong Xu ,  Zhangwei Xu

IPC分类号： H04M3/42

CPC分类号： G06F21/725 ,  G06F21/10 ,  G06F2221/2137

摘要： A software provisioning method and apparatus use a provisioning packet delivery mechanism having a database, a distribution service, and a confirmation service to receive, queue, and confirm delivery of provisioning packet to a computer. When the number of unconfirmed delivery requests exceeds a limit the distribution service may remove the provisioning packet from the database, for example, to limit denial of service attacks.

摘要翻译： 软件配置方法和装置使用具有数据库，分发服务和确认服务的供应分组传送机制来接收，排队和确认向计算机传送供应分组。 当未确认的传递请求的数量超过限制时，分发服务可能会从数据库中删除配置数据包，例如限制拒绝服务攻击。

公开(公告)号：US20060136747A1

公开(公告)日：2006-06-22

申请号：US11210611

申请日：2005-08-24

申请人： Isaac Ahdout ,  Martin Hall ,  Zhangwei Xu

发明人： Isaac Ahdout ,  Martin Hall ,  Zhangwei Xu

IPC分类号： G06F12/14

CPC分类号： G06Q20/123 ,  G06F21/71 ,  G06F2221/0742

摘要： A computer or other electronic device uses a cryptographic capability and hardware identifier to verify a provisioning packet for changing the mode of operation of the device or a licensed component. A secure memory stores the provisioning packet for future reference. A sequence number may be used to limit replay attacks. An exemplary use is conversion of a computer from metered use during a subscription period to unlimited use when the subscription terms have been satisfied.

摘要翻译： 计算机或其他电子设备使用加密能力和硬件标识符来验证用于改变设备或许可组件的操作模式的供应包。 安全存储器存储供应数据包以备将来参考。 序列号可用于限制重放攻击。 示例性用途是在订阅期间将计算机从计量使用转换为当订阅条件已被满足时的无限制使用。

公开(公告)号：US08656473B2

公开(公告)日：2014-02-18

申请号：US12466103

申请日：2009-05-14

申请人： Martin Hall ,  Ali Khan ,  Mark McNulty ,  Zhangwei Xu

发明人： Martin Hall ,  Ali Khan ,  Mark McNulty ,  Zhangwei Xu

IPC分类号： G06F7/04

CPC分类号： G06F21/35 ,  G06F21/31 ,  H04W12/06

摘要： Systems and methods are provided for linking a web identity and a portable device to provide web access to a user from a vehicle. An example system includes a presence agent that may be configured to validate the presence of the portable device in the vehicle by recognizing a device identifier saved on the portable device. After the presence of the portable device is validated, a security manager may receive a user identifier, and verify if the user identifier corresponds with a known user value. Then, the security manager may send a user identity secure proxy to a credential manager. The credential manager may be configured to receive the user identity secure proxy, and in response, pass one or more credentials to a computing device onboard the vehicle. The credentials may indicate that the user is authorized to access one or more web services from the computing device.

摘要翻译： 系统和方法被提供用于链接网络标识和便携式设备以从车辆提供对用户的网络访问。 示例系统包括可以被配置为通过识别保存在便携式设备上的设备标识来验证车辆中的便携式设备的存在的存在代理。 在便携式设备的存在被验证之后，安全管理器可以接收用户标识符，并验证用户标识符是否与已知的用户值相对应。 然后，安全管理员可以向凭证管理器发送用户身份安全代理。 证书管理器可以被配置为接收用户身份安全代理，并且作为响应，将一个或多个凭证传递给车辆上的计算设备。 证书可以指示用户被授权从计算设备访问一个或多个web服务。

公开(公告)号：US08244640B2

公开(公告)日：2012-08-14

申请号：US11766598

申请日：2007-06-21

申请人： Rajagopal Venkatachalam ,  Zhangwei Xu ,  Zeyong Xu

发明人： Rajagopal Venkatachalam ,  Zhangwei Xu ,  Zeyong Xu

IPC分类号： G06F21/00

CPC分类号： G06Q50/32

摘要： Methods and a program of instruction provide a packet schema framework for communication between elements of a pay-as-you-go business model including a provisioning server, an adapted electronic device, and a service provider. The packet schema defines provisioning instructions and content types to support service provisioning, including electronic device configuration and state, time-metering, and other types of functional and administrative tasks as well as to provide a foundation for any future messages needed for product evolution. The schema also defines security at multiple levels to guard against malicious users who may try to hook into the system to fraudulently use and/or configure the electronic devices for their own use and gain.

摘要翻译： 方法和指令程序为包括配送服务器，适配电子设备和服务提供商在内的即付即用业务模型的元素之间的通信提供分组模式框架。 分组模式定义了配置指令和内容类型，以支持服务提供，包括电子设备配置和状态，时间计量以及其他类型的功能和管理任务，以及为产品演进所需的任何未来消息提供基础。 该模式还定义了多个级别的安全性，以防止可能尝试挂接到系统中的恶意用户欺骗性地使用和/或配置电子设备以供自己使用和获得。

公开(公告)号：US08151118B2

公开(公告)日：2012-04-03

申请号：US11668446

申请日：2007-01-29

申请人： David James Foster ,  Shon Schmidt ,  David Jaroslav Sebesta ,  Curt Andrew Steeb ,  William J. Westerinen ,  Zhangwei Xu ,  Todd L. Carpenter

发明人： David James Foster ,  Shon Schmidt ,  David Jaroslav Sebesta ,  Curt Andrew Steeb ,  William J. Westerinen ,  Zhangwei Xu ,  Todd L. Carpenter

IPC分类号： H04L29/06

CPC分类号： G06F21/85 ,  G06F21/72

摘要： A computer or other electronic device requiring physical integrity of its components, for example, a pay-per-use computer may use a master security device in communication with a plurality of slave security devices, known as security beans. Each security bean may be given a cryptographic key or keys for use in authenticating communication with the master security device. Each security bean may be coupled to an associated component and may have the ability to disable that associated component. In one embodiment, security bean has an analog switch that may be configured to block or attenuate a critical signal used by the associated component. The security bean may start up in the disable mode and respond to a verified signal from the master security device to enable its corresponding component.

摘要翻译： 需要其组件的物理完整性的计算机或其他电子设备，例如，每次使用付费的计算机可以使用与多个从属安全设备（称为安全性bean）通信的主安全设备。 每个安全bean可以被给予用于认证与主安全设备的通信的加密密钥或密钥。 每个安全bean可以耦合到相关联的组件，并且可以具有禁用该关联组件的能力。 在一个实施例中，安全性bean具有模拟开关，其可被配置为阻止或衰减由相关联的组件使用的关键信号。 安全bean可以在禁用模式下启动，并响应来自主安全设备的已验证信号以启用其相应的组件。

公开(公告)号：US20100293033A1

公开(公告)日：2010-11-18

申请号：US12466117

申请日：2009-05-14

申请人： Martin Hall ,  Ali Khan ,  Mark McNulty ,  Zhangwei Xu

发明人： Martin Hall ,  Ali Khan ,  Mark McNulty ,  Zhangwei Xu

IPC分类号： G06Q30/00 ,  G06Q99/00 ,  G06F19/00

CPC分类号： G06Q90/00 ,  G06Q30/02 ,  G06Q30/0207 ,  G06Q30/0255 ,  G06Q30/0266

摘要： Systems and methods are provided for delivering contextual advertising to a vehicle. An example system may include a profiler module executed by an onboard computing device of the vehicle, and configured to aggregate vehicle event data from a plurality of vehicle-based event sources, and to develop user profile data based on the vehicle event data. A communication agent may also be executed by the onboard computing device, and configured to transmit the user profile data to an advertising service executed on an advertising server via a communication network. The communication agent may also be configured to retrieve an advertisement from the advertising service. The advertisement may be selected based on content of the user profile data. The system may also include an interface module executed by the onboard computing device, and configured to present the advertisement via a display, and/or speaker associated with the onboard computing device.

摘要翻译： 系统和方法被提供用于向车辆传送上下文广告。 示例系统可以包括由车辆的车载计算设备执行并且被配置为从多个基于车辆的事件源聚合车辆事件数据并且基于车辆事件数据开发用户简档数据的轮廓仪模块。 通信代理还可以由板载计算设备执行，并且被配置为经由通信网络将用户简档数据发送到在广告服务器上执行的广告服务。 通信代理还可以被配置为从广告服务检索广告。 可以基于用户简档数据的内容来选择广告。 该系统还可以包括由机载计算设备执行的接口模块，并且被配置为经由与车载计算设备相关联的显示器和/或扬声器呈现广告。

公开(公告)号：US09251317B2

公开(公告)日：2016-02-02

申请号：US12408909

申请日：2009-03-23

申请人： Zhangwei Xu ,  Martin Hall ,  Mark McNulty ,  Guruprakash Rao ,  Xiaofeng Gao ,  Fei Chen ,  Ricardo Lopez-Barquilla ,  Martin Holladay

发明人： Zhangwei Xu ,  Martin Hall ,  Mark McNulty ,  Guruprakash Rao ,  Xiaofeng Gao ,  Fei Chen ,  Ricardo Lopez-Barquilla ,  Martin Holladay

IPC分类号： G06F21/10 ,  H04L29/00 ,  H04L12/58 ,  H04L29/08 ,  H04L29/06

CPC分类号： G06F21/10 ,  H04L29/00 ,  H04L51/08 ,  H04L51/10 ,  H04L51/24 ,  H04L63/08 ,  H04L63/126 ,  H04L67/06 ,  H04L2463/101

摘要： Embodiments related to network video messaging are disclosed. One disclosed embodiment provides a method that comprises receiving a video message from a client application of a source client; associating a navigation link with the video message; transmitting a notification message to the recipient client including the navigation link; receiving a retrieval request from the recipient client to access the video content via the navigation link; and transmitting the video content to the recipient client responsive to receiving the retrieval request by providing a persistent download of the video content from the storage server if the download condition indicates that a persistent download of the video content is permissible; and providing a transient download of the video content to the recipient client while prohibiting a persistent download of the video content if the download condition indicates that a persistent download of the video content is not permissible.

摘要翻译： 公开了与网络视频消息相关的实施例。 一个公开的实施例提供了一种方法，包括从源客户端的客户端应用接收视频消息; 将导航链接与视频消息相关联; 向包括导航链路的接收方客户端发送通知消息; 从所述接收方客户接收检索请求，经由所述导航链接访问所述视频内容; 以及如果所述下载条件指示所述视频内容的持续下载是允许的，则通过从所述存储服务器提供所述视频内容的持续下载来响应于接收到所述检索请求而将所述视频内容发送到所述接收者客户端; 以及如果所述下载条件指示所述视频内容的持续下载是不允许的，则向所述接收者客户端提供所述视频内容的暂时下载，同时禁止所述视频内容的持续下载。