公开(公告)号：US06715072B1

公开(公告)日：2004-03-30

申请号：US09666699

申请日：2000-09-21

Applicant: Isao Kobayashi

Inventor： Isao Kobayashi

IPC: G06F124

CPC classification number: G06F9/44505 ,  G06F9/4406

Abstract: A setup data rewriting device has a nonvolatile memory device that stores rewriting data including registry data. Before the operating system refers to the registry data, the rewriting data is read from the storage device and stored in a memory region of a RAM different from a region where the operating system generates the registry data. Also, before the operating system refers to the registry data, the rewriting data stored in the RAM is used to rewrite the registry data stored in the RAM to the registry data included in the rewriting data.

Abstract translation: 安装数据重写装置具有存储包括注册表数据的重写数据的非易失性存储装置。 在操作系统引用注册表数据之前，从存储设备读取重写数据并存储在与操作系统生成注册表数据的区域不同的RAM的存储器区域中。 此外，在操作系统引用注册表数据之前，存储在RAM中的重写数据用于将存储在RAM中的注册表数据重写到重写数据中包括的注册表数据。

公开(公告)号：US06668327B1

公开(公告)日：2003-12-23

申请号：US09332775

申请日：1999-06-14

Applicant: Harish Prabandham ,  Vivek Nagar

Inventor： Harish Prabandham ,  Vivek Nagar

IPC: G06F124

CPC classification number: G06F21/33

Abstract: Methods and computer systems for providing access to a protected resource are described. In an enterprise computer system, an authentication server provides a client requesting access to the protected resource a credential. In order to access the protected resource, the requesting client presents a protected resource access request in combination with the credential to a server coupled to the protected resource. The server, in turn, requests the authentication server to validate the credential. After the authentication server has validated the credential, the server grants the requesting client access to the protected resource.

Abstract translation: 描述了用于提供对受保护资源的访问的方法和计算机系统。 在企业计算机系统中，认证服务器提供请求访问受保护资源的客户端凭证。 为了访问受保护的资源，请求的客户端将与该证书相结合的受保护资源访问请求呈现给耦合到受保护资源的服务器。 服务器又要求认证服务器验证凭据。 验证服务器验证凭据后，服务器授予请求客户端对受保护资源的访问权限。

公开(公告)号：US06668321B2

公开(公告)日：2003-12-23

申请号：US10060630

申请日：2002-01-29

Applicant: Donald F. Nendell ,  David L. Hunter, Sr. ,  Eric D. Wade

Inventor： Donald F. Nendell ,  David L. Hunter, Sr. ,  Eric D. Wade

IPC: G06F124

CPC classification number: H04L63/0428 ,  G06F21/31 ,  G06F2221/2103 ,  H04L63/0853

Abstract: Verifying and authenticating the identity of participants in electronic communication. A primary key generated from a master key is stored at a sending device and a recipient device. Based on the primary key, the sending device generates a passphrase and an associated secondary key, which includes an encrypted form of data enabling the passphrase to be reconstructed. The secondary key is transmitted to the recipient device, which can reconstruct the passphrase by decrypting the secondary key using the primary key. By reconstructing the passphrase, the secondary key verifies that it has used the correct primary key. The identity of a user of a communication device can be verified and authenticated, as well. The user is issued an authorization key, a copy of which is stored at a remote communication device with respect to the user. Using the authorization code, the user selects specified character positions of the passphrase and enters the resulting input code to the local communication device. The input code is transmitted to the remote communication device. Entering the appropriate input code verifies that the user possesses the authorization code.

公开(公告)号：US06665796B1

公开(公告)日：2003-12-16

申请号：US09377299

申请日：1999-08-18

Applicant: Alan Folmsbee

Inventor： Alan Folmsbee

IPC: G06F124

CPC classification number: G06F9/3017 ,  G06F9/30145 ,  G06F9/30174 ,  G06F21/14 ,  G06F21/32

Abstract: A CPU executes program instructions which result in valid and invalid intermediate results. By selecting the desired intermediate results, a program is able to be successfully executed. Analysis of the intermediate results must avoid plausible wrong results. A programmable feature allows the instruction decoder to provide plural answers, including plausible wrong answers. Instruction output selection logic selects a predetermined buffer, and this permits further microprocessor operation with the correct intermediate result.

Abstract translation: CPU执行程序指令，导致有效和无效的中间结果。 通过选择所需的中间结果，可以成功执行程序。 对中间结果的分析必须避免出现合理的错误结果。 可编程功能允许指令解码器提供复数答案，包括合理的错误答案。 指令输出选择逻辑选择预定的缓冲器，并且这允许以正确的中间结果进一步的微处理器操作。

公开(公告)号：US06662299B1

公开(公告)日：2003-12-09

申请号：US09429217

申请日：1999-10-28

Applicant: William F. Price, III

Inventor： William F. Price, III

IPC: G06F124

CPC classification number: G06F21/31 ,  G06F21/6209 ,  G06F2221/2131

Abstract: One embodiment of the present invention provides a system that facilitates encrypting and decrypting a data item. The system operates by encrypting a data item with a session key using a symmetric encryption mechanism to produce an encrypted data item. Next, the system splits the session key into a plurality of shares so that the session key can be reconstituted from a predefined number of shares. The system also receives a plurality of responses from the user (which may be responses to questions), and encrypts the plurality of shares with the plurality of responses using the symmetric encryption mechanism to generate a plurality of encrypted shares. The plurality of encrypted shares are stored for later retrieval. In one embodiment of the present invention, the system decrypts the data item by, receiving a plurality of new responses from the user, and attempting to decrypt the plurality of encrypted shares with the plurality of new responses. Note that a share will be successfully decrypted if a new response matches a response that was previously used to encrypt the share. If the predefined number of shares are successfully decrypted, the system uses the successfully decrypted shares to reconstitute the session key, and then uses the session key to decrypt the encrypted data item.

Abstract translation: 本发明的一个实施例提供了一种便于加密和解密数据项的系统。 该系统通过使用对称加密机制用会话密钥加密数据项来产生加密数据项来进行操作。 接下来，系统将会话密钥分解成多个共享，使得会话密钥可以从预定义数量的共享重构。 系统还从用户接收多个响应（其可能是对问题的响应），并且使用对称加密机制用多个响应来加密多个共享，以生成多个加密的共享。 存储多个加密的共享以供稍后检索。 在本发明的一个实施例中，系统通过从用户接收多个新的响应并尝试用多个新的响应来解密多个加密的共享来对数据项进行解密。 请注意，如果新的响应匹配先前用于加密共享的响应，则共享将被成功解密。 如果预定义的份数成功解密，则系统使用成功解密的共享重构会话密钥，然后使用会话密钥解密加密的数据项。

公开(公告)号：US06654882B1

公开(公告)日：2003-11-25

申请号：US10153645

申请日：2002-05-24

Applicant: Paul Froutan ,  Eric Evans

Inventor： Paul Froutan ,  Eric Evans

IPC: G06F124

CPC classification number: H04L63/1416

Abstract: A network security system provides a complete, reactive, Network Intrusion Detection System (NIDS) designed to stop a would-be hacker from gaining unauthorized access by blocking their connectivity to a protected network at the first sign of malicious activity. The network security system utilizes a commercially available or open source NIDS that can detect patterns in TCP/IP activity as well as examining packet headers to detect probes and attempts to compromise systems. The network security system then modifies the return route from the “victim” protected network so that outbound packets are never returned to the attacker.

Abstract translation: 网络安全系统提供了一个完整的，反应式的网络入侵检测系统（NIDS），旨在通过在恶意活动的第一个迹象上阻止其与受保护网络的连接，阻止未来的黑客获取未经授权的访问。 网络安全系统使用可以检测TCP / IP活动中的模式的商业可用或开源NIDS，以及检查数据包头以检测探测和企图破坏系统。 网络安全系统然后修改“受害者”受保护网络的返回路由，以便出站数据包不会返回给攻击者。

公开(公告)号：US06636967B1

公开(公告)日：2003-10-21

申请号：US09435776

申请日：1999-11-08

Applicant: Hiroki Koyano

Inventor： Hiroki Koyano

IPC: G06F124

CPC classification number: G06T1/0071 ,  H04N1/32144

Abstract: An information control apparatus includes a superposition circuit for superposing a plurality of elements, each having electronic-watermark information, to provide a set of data, a determination circuit for determining, prior to superposition, a state of respective sets of electronic-watermark information after the superposition, and a notification circuit for notifying of the determined state.

Abstract translation: 一种信息控制装置，包括叠加多个元素的叠加电路，每个元件具有电子水印信息以提供一组数据;确定电路，用于在叠加之前确定各组电子水印信息之后的状态 叠加，以及用于通知所确定的状态的通知电路。

公开(公告)号：US06633985B2

公开(公告)日：2003-10-14

申请号：US10364963

申请日：2003-02-11

Applicant: David Drell

Inventor： David Drell

IPC: G06F124

CPC classification number: H04L63/0281 ,  H04L63/029

Abstract: A multimedia firewall adapter supplements a conventional firewall to allow transmission of videoconferencing data (e.g., audio and video data) associated with a protocol, such as the H.323 protocol. The multimedia firewall adapter supplements the conventional firewall so that audio and video data associated with the H.323 protocol are allowed to pass through the multimedia firewall adapter, thus circumventing the conventional firewall. The multimedia firewall adapter receives signals from an intranet and Internet, decomposes the signals, and attempts to authenticate the decomposed signals according to the H.323 protocol. If the decomposed signals are authenticated to contain videoconferencing data, the multimedia firewall adapter negotiates and establishes a connection, and allows the videoconferencing data to pass through. However, if the signal is not authenticated, then the signal is blocked from passing. The blocked signal is redirected to the conventional firewall for analysis.

Abstract translation: 多媒体防火墙适配器补充常规防火墙以允许传输与诸如H.323协议的协议相关联的视频会议数据（例如，音频和视频数据）。 多媒体防火墙适配器补充了常规防火墙，使与H.323协议相关的音频和视频数据可以通过多媒体防火墙适配器，从而规避了常规防火墙。 多媒体防火墙适配器从Intranet和Internet接收信号，分解信号，并尝试根据H.323协议对分解的信号进行认证。 如果分解的信号被认证为包含视频会议数据，则多媒体防火墙适配器协商并建立连接，并允许视频会议数据通过。 然而，如果信号未通过认证，则信号被阻止通过。 阻塞信号被重定向到常规防火墙进行分析。

公开(公告)号：US06609201B1

公开(公告)日：2003-08-19

申请号：US09376655

申请日：1999-08-18

Applicant: Alan Folmsbee

Inventor： Alan Folmsbee

IPC: G06F124

CPC classification number: G06F9/3822 ,  G06F9/30145 ,  G06F9/30178 ,  G06F9/30196 ,  G06F9/3836 ,  G06F9/3838 ,  G06F9/3857 ,  G06F21/123 ,  G09C1/00 ,  H04L9/0838 ,  H04L9/0894 ,  H04L2209/125 ,  H04L2209/34

Abstract: A CPU is provided with an ability to modify its operation in accordance with an encryption key. When a program is compiled, the program is modified in order that execution may be performed with the CPU changes with respect to pipelined instruction routing. Logic on the CPU is able to route a subset of the register bits, and selects destination logic gates in the microprocessor in a manner consistent with a programmable instruction decoder. This in turn establishes an instruction buffer interdependency.

Abstract translation: CPU具有根据加密密钥修改其操作的能力。 当编译程序时，修改程序，以便可以执行CPU相对于流水线指令路由的改变。 CPU上的逻辑能够路由寄存器位的子集，并以与可编程指令解码器一致的方式在微处理器中选择目标逻辑门。 这又建立了指令缓冲区相互依赖关系。

公开(公告)号：US06598164B1

公开(公告)日：2003-07-22

申请号：US09290721

申请日：1999-04-12

Applicant: Daniel Robert Shepard

Inventor： Daniel Robert Shepard

IPC: G06F124

CPC classification number: G11B20/0021 ,  G11B20/00086 ,  G11B20/00115 ,  G11B20/00152 ,  G11B20/00413 ,  G11B20/00666 ,  G11B20/00746 ,  G11B20/00753 ,  G11B20/00818 ,  G11B20/0084 ,  G11B23/0042 ,  G11B23/0305 ,  G11B23/08714 ,  G11B23/28

Abstract: As advances continue to be made in the area of high density data storage devices, the storage of such data as music (as is presently stored on audio CD-ROM's), books on tape, videos, movies and the like will become more common. However, when this type of information is stored digitally, the risk of data piracy will increase. What is needed is an integrated copy deterring mechanism for stored digitized information such as audio recordings and the like. The present invention is a digital data storage device which comprises one or more Digital to Analog Converters (DAC's). By incorporating Digital to Analog Converters on the chip or within the chip's packaging (a hybrid device), data being output could be made available in an analog form only (although some portion of the stored information could still be made available in a digital format). A device employing the analog output means disclosed could comprise read only data storage means or writable or one time programmable data storage means. By outputting data in analog format only, successive copies of that data will degrade. This degradation of the quality of the stored data will act as a deterrent to some forms of data piracy.

Abstract translation: 随着高密度数据存储设备领域的进步，存储诸如音乐（如当前存储在音频CD-ROM上的），磁带上的书籍，视频，电影等的数据将变得更加普遍。 但是，当这种信息数字化存储时，数据盗版的风险将会增加。 需要的是用于存储数字化信息（例如音频记录等）的集成复制阻止机制。 本发明是一种包括一个或多个数模转换器（DAC）的数字数据存储装置。 通过在芯片上或芯片封装（混合器件）中集成数模转换器，可以仅以模拟形式提供正在输出的数据（尽管某些部分存储的信息仍然可以以数字格式提供） 。 采用所公开的模拟输出装置的装置可以包括只读数据存储装置或可写或一次可编程数据存储装置。 通过仅以模拟格式输出数据，该数据的连续拷贝将降级。 存储数据的质量下降将对某些形式的数据盗版产生威慑作用。