公开(公告)号：US07877600B2

公开(公告)日：2011-01-25

申请号：US11616348

申请日：2006-12-27

Applicant: Xin Qiu ,  Petr Peterka ,  Eric J. Sprunk

Inventor： Xin Qiu ,  Petr Peterka ,  Eric J. Sprunk

IPC: H04L29/06 ,  H04L9/32 ,  G06F15/16 ,  G06F7/00

CPC classification number: H04L9/3268 ,  H04L2209/603

Abstract: An apparatus and method for providing at least one root certificate are disclosed. Specifically, a plurality of root certificates is received and stored. Afterwards, a request is received from a first endpoint device for a desired root certificate, where the desired root certificate is used by the first endpoint device to verify an identity of a second endpoint device. Furthermore, the first endpoint device and the second endpoint device are associated with different certificate hierarchies. The desired root certificate is then sent to at least the first endpoint device.

Abstract translation: 公开了一种用于提供至少一个根证书的设备和方法。 具体地，接收并存储多个根证书。 之后，从第一端点设备接收针对所需根证书的请求，其中期望的根证书由第一端点设备用于验证第二端点设备的身份。 此外，第一端点设备和第二端点设备与不同的证书层级相关联。 然后将期望的根证书发送到至少第一端点设备。

公开(公告)号：US07764793B2

公开(公告)日：2010-07-27

申请号：US11255113

申请日：2005-10-20

Applicant: Xin Qiu ,  Bridget D. Kimball ,  Eric J. Sprunk ,  Lawrence W. Tang

Inventor： Xin Qiu ,  Bridget D. Kimball ,  Eric J. Sprunk ,  Lawrence W. Tang

IPC: H04L29/06 ,  H04K1/00 ,  H04N7/16 ,  H04N7/167

CPC classification number: H04L9/083 ,  H04L9/0841 ,  H04L63/0428 ,  H04L2463/062

Abstract: According to one embodiment of the invention a system is utilized to leverage the security arrangement between a first and second device to establish a secure link between the first device and a third device. One embodiment of the invention is particularly suitable for loading security data on a set top box, such as that utilized in the cable television industry.

Abstract translation: 根据本发明的一个实施例，利用系统利用第一和第二设备之间的安全布置来建立第一设备和第三设备之间的安全链路。 本发明的一个实施例特别适合于将安全数据加载在诸如有线电视工业中使用的机顶盒上。

公开(公告)号：US07707406B2

公开(公告)日：2010-04-27

申请号：US10703104

申请日：2003-11-05

Applicant: Xin Qiu

Inventor： Xin Qiu

IPC: H04L29/06

CPC classification number: G06F21/33 ,  H04L9/0891 ,  H04L9/3265 ,  H04L63/0823 ,  H04L2209/60

Abstract: A system using digital certificates having overlapping validity intervals. The overlapping certificates can be used in a hierarchical certificate authorities network in order to obtain benefits such as to increase the usage of all the certificates in the certificate chain; reduce/eliminate the certificate updates/downloads to a large population; only replace the minimum number of certificates in the trust hierarchy to re-establish the certificate chain; reduce the complexity of maintaining certificate nesting in certificate generation process; reduce the risk of service interruption; and control the extent of older technology in circulation and to reduce the risk associated with older products being more susceptible to attack. The certificate renewal process of a preferred embodiment is described.

Abstract translation: 使用具有重叠有效间隔的数字证书的系统。 重叠的证书可以用于分级证书机构网络，以获得诸如增加证书链中所有证书的使用的优点; 减少/消除证书更新/下载到大量人口; 仅替换信任层次结构中的最小证书数量来重新建立证书链; 降低证书生成过程中维护证书嵌套的复杂性; 降低服务中断的风险; 并控制旧技术流通的程度，并降低与老年产品相关的风险更容易受到攻击。 描述优选实施例的证书更新过程。

公开(公告)号：US07660986B1

公开(公告)日：2010-02-09

申请号：US09576516

申请日：2000-05-23

Applicant: Xin Qiu ,  Eric J. Sprunk ,  Paul Moroney

Inventor： Xin Qiu ,  Eric J. Sprunk ,  Paul Moroney

IPC: H04L9/32 ,  H04N7/167

CPC classification number: H04N21/4623 ,  H04L9/002 ,  H04L9/088 ,  H04N7/1675 ,  H04N21/26606

Abstract: A system to change security levels is used to change the level of security used in a secured processing system. The system uses a status indicator to designate the security level being implemented. The security level can be upgraded to allow a higher level of security to be implemented with relative ease. However, in order to change from a higher level of security to a lower level of security, an authorization code is utilized to confirm that the change in security is authorized.

Abstract translation: 用于更改安全级别的系统用于改变安全处理系统中使用的安全级别。 系统使用状态指示器来指定正在执行的安全级别。 可以升级安全级别，以便相对容易地实现更高级别的安全性。 然而，为了从更高的安全级别改为较低级别的安全性，使用授权码来确认安全性的改变是否被授权。

公开(公告)号：US20090263271A1

公开(公告)日：2009-10-22

申请号：US12105165

申请日：2008-04-17

Applicant: Jian Meng ,  Daqing Fang ,  Deping Zhang ,  Dingxiang Tang ,  Huayi Lu ,  Lianshan Zhao ,  Wei Sun ,  Xin Qiu ,  Hongjie Zhang

Inventor： Jian Meng ,  Daqing Fang ,  Deping Zhang ,  Dingxiang Tang ,  Huayi Lu ,  Lianshan Zhao ,  Wei Sun ,  Xin Qiu ,  Hongjie Zhang

IPC: C22C23/00

CPC classification number: C22C23/04 ,  C22F1/06

Abstract: A high-strength, high-toughness, weldable and deformable rare earth magnesium alloy comprised of 0.7˜1.7% of Ym, 5.5˜6.4% of Zn, 0.45˜0.8% of Zr, 0.02% or less of the total amount of impurity elements of Si, Fe, Cu and Ni, and the remainder of Mg, based on the total weight of the alloy. During smelting, Y, Ho, Er, Gd and Zr are added in a manner of Mg—Y-rich, Mg—Zr intermediate alloys into a magnesium melt; Zn is added in a manner of pure Zn, and at 690˜720° C., a round bar was cast by a semi-continuous casting or a water cooled mould, then an extrusion molding was performed at 380˜410° C. after cutting. Before the extrusion, the alloy is treated by the solid-solution treatment at 480˜510° C. for 2˜3 hours, however, the alloy can also be extrusion molded directly without the solid-solution treatment. After the extrusion molding, this alloy has a strength of 340 MPa or more and a percentage elongation of 14% or more at room temperature and is a high-strength, high-toughness, weldable and deformable rare earth magnesium alloy.

Abstract translation: 高强度，高韧性，可焊接和可变形的稀土镁合金由Ym的0.7〜1.7％，Zn的5.5〜6.4％，Zr的0.45〜0.8％，杂质元素的总量的0.02％以下 的Si，Fe，Cu和Ni，剩余的Mg基于合金的总重量。 在熔炼过程中，以Mg-Y，Mg-Zr中间合金的方式将Y，Ho，Er，Gd和Zr加入到镁熔体中; 以纯Zn的方式添加Zn，在690〜720℃下，通过半连续浇铸或水冷模具浇铸圆棒，然后在380〜410℃下进行挤出成型 切割。 在挤出前，合金经480〜510℃的固溶处理2〜3小时，然而，该合金也可直接挤出成型，无需固溶处理。 挤出成型后，该合金的室温下的强度为340MPa以上，伸长率为14％以上，为高强度，高韧性，可焊接且可变形的稀土类镁合金。

公开(公告)号：US07607022B1

公开(公告)日：2009-10-20

申请号：US09587932

申请日：2000-06-06

Applicant: Xin Qiu ,  Eric J. Sprunk

Inventor： Xin Qiu ,  Eric J. Sprunk

IPC: H04N7/16 ,  H04N7/167

CPC classification number: H04N7/52 ,  H04L9/088 ,  H04N7/1675 ,  H04N21/2347 ,  H04N21/2365 ,  H04N21/4347 ,  H04N21/4405

Abstract: A system to transmit a set of programs from a transmitter to a receiver is used to accommodate different levels of security used for each program. When a high level of security is necessary for transmitting or receiving a program the transmitter and/or receiver is operable to accommodate that level of security. Thus, both transmitters and receivers are operable to be reconfigured to encrypt or decrypt, respectively, at different levels. Accordingly, differing amounts of programs can be transmitted or received based on the resource requirements needed at any level of security. Consequently, a high level of encryption/decryption requires more resources and allows the processing of fewer services, while a lower level of encryption/decryption allows more services to be transmitted/received.

Abstract translation: 用于将一组程序从发射机发射到接收机的系统被用于适应用于每个节目的不同级别的安全性。 当需要高水平的安全性来发送或接收程序时，发射器和/或接收器可操作以适应该级别的安全性。 因此，发射机和接收机都可以被重新配置以分别在不同的级别进行加密或解密。 因此，可以基于任何安全级别所需的资源要求来发送或接收不同数量的程序。 因此，高级别的加密/解密需要更多的资源并且允许处理较少的服务，而较低级别的加密/解密允许发送/接收更多的服务。

公开(公告)号：USD1069962S1

公开(公告)日：2025-04-08

申请号：US29978513

申请日：2024-12-13

Applicant: Xin Qiu

Designer： Xin Qiu

公开(公告)号：US09246889B2

公开(公告)日：2016-01-26

申请号：US12854925

申请日：2010-08-12

Applicant: Chia Ling Tsai ,  Alexander Medvinsky ,  Xin Qiu ,  Kyle W. Stewart ,  Fan Wang

Inventor： Chia Ling Tsai ,  Alexander Medvinsky ,  Xin Qiu ,  Kyle W. Stewart ,  Fan Wang

IPC: H04L29/06 ,  H04L9/00 ,  H04L9/08 ,  H04L9/32 ,  G06F21/62 ,  G06F21/64

CPC classification number: H04L63/045 ,  G06F21/6218 ,  G06F21/64 ,  H04L9/006 ,  H04L9/0825 ,  H04L9/3234 ,  H04L9/3265 ,  H04L63/062 ,  H04L63/0823 ,  H04L63/123 ,  H04L2463/062

Abstract: A method is provided for securely delivering identity data units over a communications network to a client device. The method includes receiving a selection from a customer identifying a final zipped package to be unpacked. The final zipped package is unpacked to obtain a common package and a digital signature file signed by an entity generating identity data requested by the customer. The digital signature in the digital signature file is verified and the common package is unpacked to obtain a plurality of outer packages and an encrypted symmetric key. The symmetric key is decrypted with a private key associated with the customer and each of the outer packages is decrypted with the symmetric key to obtain a plurality of identity data units.

Abstract translation: 提供了一种用于通过通信网络将身份数据单元安全地传送到客户端设备的方法。 该方法包括从客户接收标识要解包的最终压缩包的选择。 最后的压缩包解包以获得由生成客户请求的身份数据的实体签名的公用包和数字签名文件。 验证数字签名文件中的数字签名，并解压缩公用包以获得多个外包和加密对称密钥。 对称密钥用与客户相关联的私钥解密，并且每个外部包被对称密钥解密以获得多个身份数据单元。

公开(公告)号：US09043456B2

公开(公告)日：2015-05-26

申请号：US13407081

申请日：2012-02-28

Applicant: Annie C. Kuramoto ,  Xin Qiu ,  Ting Yao

Inventor： Annie C. Kuramoto ,  Xin Qiu ,  Ting Yao

IPC: G06F15/173 ,  G06F17/30 ,  H04L29/06

CPC classification number: G06F17/30595 ,  H04L63/0823

Abstract: A method and apparatus is provided for maintaining inventory levels of identity data to be provisioned in electronic devices. The method includes monitoring over a communications network inventory levels of identity data records stored on a plurality of identity data personalization servers that each provision electronic devices with an identity data record. Additionally, if the inventory level on at least one of the identity data personalization servers falls below a minimum specified level, a refill request is sent to an identity data management authority requesting that additional identity data records be uploaded to the identity data personalization server.

Abstract translation: 提供了一种用于维护在电子设备中提供的身份数据的库存水平的方法和装置。 该方法包括监视存储在多个身份数据个性化服务器上​​的身份数据记录的通信网络库存水平，每个身份数据记录提供具有身份数据记录的电子设备。 此外，如果至少一个身份数据个性化服务器上​​的库存级别低于最小指定级别，则向身份数据管理机构发送重新填充请求，请求将附加的身份数据记录上传到身份数据个性化服务器。

公开(公告)号：US08392702B2

公开(公告)日：2013-03-05

申请号：US12175444

申请日：2008-07-17

Applicant: Xin Qiu ,  Eric Sprunk ,  Liqiang Chen ,  Jason Pasion

Inventor： Xin Qiu ,  Eric Sprunk ,  Liqiang Chen ,  Jason Pasion

IPC: H04L29/06

CPC classification number: H04L9/006 ,  H04L9/3234 ,  H04L9/3263 ,  H04L63/0442 ,  H04L63/0823 ,  H04L63/0853 ,  H04L63/101 ,  H04L63/123 ,  H04L63/166 ,  H04L2209/56 ,  H04L2209/60 ,  H04L2209/80

Abstract: A system for token-based management of a PKI (public key infrastructure) personalization process includes a token request and management system (TRMS) configured to gather request information from a requestor; and a token personalization system (TPS) configured to personalize a hardware token such that usage of the hardware token is constrained by the request information. A method for token-based management of a PKI personalization process includes: requesting a hardware token; personalizing a hardware token such that the hardware token is confined to operation within limiting parameters; binding the hardware token to a workstation which is configured receive the hardware token and use credentials within the hardware token to request and download PKI data from a PKI server, the workstation being further configured to personalize an end user product by loading the PKI data into internal memory contained within the end user product; and monitoring usage of the hardware token and the PKI data.

Abstract translation: 用于PKI（公共密钥基础设施）个性化过程的基于令牌的管理的系统包括被配置为从请求者收集请求信息的令牌请求和管理系统（TRMS） 以及被配置为个性化硬件令牌的令牌个性化系统（TPS），使得所述硬件令牌的使用被所述请求信息约束。 用于PKI个性化处理的基于令牌的管理的方法包括：请求硬件令牌; 个性化硬件令牌，使得硬件令牌限制在限制参数内的操作; 将硬件令牌绑定到配置的接收硬件令牌并使用硬件令牌内的凭证的工作站，以从PKI服务器请求和下载PKI数据，该工作站进一步配置为通过将PKI数据加载到内部来个性化最终用户产品 包含在最终用户产品中的内存; 并监视硬件令牌和PKI数据的使用情况。