公开(公告)号：US20090055649A1

公开(公告)日：2009-02-26

申请号：US12255200

申请日：2008-10-21

申请人： Osamu TAKATA ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Kazuyoshi Hoshino

发明人： Osamu TAKATA ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Kazuyoshi Hoshino

IPC分类号： H04L9/28

CPC分类号： H04L63/0428 ,  H04L63/062

摘要： Both a management server and a validation server are installed. Both a terminal and a terminal register setting information which is usable in an encrypted communication in the management server. When carrying out the encrypted communication, the management server searches the registered setting information for coincident setting information. The management server generates keys for the encrypted communications which can be used by the terminals, and delivers these generated keys in combination with the coincident setting information. The management server authenticates both the terminals in conjunction with the validation server. Since the terminals trust such results that the management server has authenticated the terminals respectively, these terminals need not authenticate the respective communication counter terminals.

摘要翻译： 管理服务器和验证服务器均已安装。 终端和终端注册设置信息可用于管理服务器中的加密通信。 当执行加密通信时，管理服务器搜索登记的设置信息以获得一致的设置信息。 管理服务器生成可由终端使用的加密通信的密钥，并将这些生成的密钥与重合的设置信息相结合。 管理服务器与验证服务器一起认证两个终端。 由于终端信任这样的结果，管理服务器分别对终端进行认证，所以这些终端不需要对相应的通信计数器终端进行认证。

公开(公告)号：US20080301457A1

公开(公告)日：2008-12-04

申请号：US12149026

申请日：2008-04-25

申请人： Tadaoki Uesugi ,  Takahiro Fujishiro ,  Takeshi Akutsu ,  Hisanori Mishima

发明人： Tadaoki Uesugi ,  Takahiro Fujishiro ,  Takeshi Akutsu ,  Hisanori Mishima

IPC分类号： H04L9/00

CPC分类号： H04L9/3263 ,  G06F21/645 ,  H04L9/3247 ,  H04L2209/60 ,  H04L2209/80

摘要： When a document creation unit 1 is started, it calculates a hash value of each software piece therein and stores the hash value in a hash value holder 71 and a measurement log document holder 44. The document creation unit 1 accesses a time distribution unit plural times to receive time information therefrom, and records the time information in a log document and a measurement log document. The document creation unit 1 transmits the log document, the measurement log document, and digital signature-embedded hash value information (measurement auxiliary document) in a tamper-resistant device 63 to a document reception device. The document reception device verifies matching of the hash values or digital signature in the document group, confirms software operating environments in the document creation unit 1 from the hash values, and determines whether the time information is correctly managed within the unit 1.

摘要翻译： 当文档创建单元1启动时，它计算每个软件的哈希值，并将散列值存储在散列值保持器71和测量日志文档保持器44中。文档创建单元1多次访问时间分配单元 从其接收时间信息，并将时间信息记录在日志文档和测量日志文档中。 文档创建单元1将防篡改设备63中的日志文档，测量日志文档和数字签名嵌入散列值信息（测量辅助文档）发送到文档接收设备。 文档接收装置验证文档组中的哈希值或数字签名的匹配，从哈希值确认文档创建单元1中的软件操作环境，并确定在单元1内是否正确地管理时间信息。

公开(公告)号：US07409553B2

公开(公告)日：2008-08-05

申请号：US10076624

申请日：2002-02-19

申请人： Yoko Kumagai ,  Takahiro Fujishiro ,  Satoru Tezuka ,  Takanobu Oikawa ,  Izumi Anayama

发明人： Yoko Kumagai ,  Takahiro Fujishiro ,  Satoru Tezuka ,  Takanobu Oikawa ,  Izumi Anayama

IPC分类号： H04L9/00 ,  H04K1/00 ,  H04L9/30

CPC分类号： G06Q20/40 ,  G06Q20/3821 ,  G06Q20/401 ,  H04L9/3268 ,  H04L2209/60

摘要： A public key certificate generation method includes the steps of: sending a certificate issuing request including a registration contents of a public key certificate and an information content guaranteed by the registration authority, to the issuing authority in a registration authority and generating a public key certificate including the registration contents described in the certificate issuing request the information guaranteed by the registration authority issuing contents issued by the issuing authority, and a signature to the issuing contents in the issuing authority.

摘要翻译： 公钥证书生成方法包括以下步骤：向注册机构的发行机构发送包括公开密钥证明书的登录内容和由注册机构保证的信息内容的证书发行请求，生成包含 在证书发行请求中描述的注册内容由发行机构发布的注册机构发布内容所保证的信息，以及发行机构中的发行内容的签名。

公开(公告)号：US20080082650A1

公开(公告)日：2008-04-03

申请号：US11905433

申请日：2007-10-01

申请人： Osamu Takata ,  Tadashi Kaji ,  Takahiro Fujishiro ,  Kazuyoshi Hoshino ,  Yuko Sawai

发明人： Osamu Takata ,  Tadashi Kaji ,  Takahiro Fujishiro ,  Kazuyoshi Hoshino ,  Yuko Sawai

IPC分类号： G06F15/173 ,  H04L9/00

CPC分类号： H04L67/141 ,  H04L63/0428 ,  H04L67/14 ,  H04L67/143 ,  H04L67/22

摘要： A system is provided that includes session management servers which mediate a secure communication performed between communication apparatuses. The session management servers create and maintain communication logs for recording at a start and end of the secure communication. The system includes log management servers which manage the communication logs of the secure communication. The communication source apparatus, the communication destination apparatus and the session management servers transmit their own communication logs to the corresponding log management server in the same domain to which they belong. One of the log management servers obtains those communication logs from the others based on a request and performs verification of consistency among them. Accordingly, it is possible to create reliable communication logs of the secure communication performed between the communication source apparatus and the communication destination apparatus.

摘要翻译： 提供了一种系统，其包括调停在通信设备之间执行的安全通信的会话管理服务器。 会话管理服务器在安全通信的开始和结束时创建和维护用于记录的通信日志。 该系统包括管理安全通信的通信日志的日志管理服务器。 通信源设备，通信目的地设备和会话管理服务器将他们自己的通信日志发送到与其所属的相同域中的对应的日志管理服务器。 其中一个日志管理服务器根据请求从其他日志管理服务器中获取那些通信日志，并执行它们之间的一致性验证。 因此，可以创建在通信源设备和通信目的地设备之间执行的安全通信的可靠通信日志。

公开(公告)号：US20060242413A1

公开(公告)日：2006-10-26

申请号：US11452299

申请日：2006-06-14

申请人： Takahiro Fujishiro ,  Satoru Tezuka ,  Yoko Kumagai ,  Tomoharu Morio ,  Yutaka Miyazaki

发明人： Takahiro Fujishiro ,  Satoru Tezuka ,  Yoko Kumagai ,  Tomoharu Morio ,  Yutaka Miyazaki

IPC分类号： H04L9/00

CPC分类号： H04L9/3268 ,  H04L9/006 ,  H04L2209/60

摘要： A time period which is expended since a request for the authentication of the validity of a public key certificate till the authentication of the validity, is shortened. A certificate validity authentication center VC periodically searches for and verifies paths which extend from a bridge certification authority CAbridge to individual terminal admitting certification authorities CA, and it registers the paths whose verifications have held good, in a path database in association with the respective terminal admitting certification authorities CA. Besides, in a case where the request for the authentication of the validity of a certificate has been made by an end entity EE, whether or not a path associated with the terminal admitting certification authority CA which admits the end entity, and a path associated with the terminal admitting certification authority CA which has issued the certificate being a subject for the request are registered in the path database is checked, and the subject certificate is judged valid only when both the paths are registered.

摘要翻译： 缩短了对认证有效期之后的公开密钥证书的有效性的认证请求消耗的时间段。 证书有效性认证中心VC定期搜索并验证从桥接认证机构CA 桥接延伸到接收认证机构CA的个人终端的路径，并将验证已经保持良好的路径注册在路径中 数据库与相应的终端接收认证机构CA。 此外，在由终端实体EE对证书的有效性进行认证的请求的情况下，是否允许与接收终端实体的认证机构CA相关联的路径以及与终端实体相关联的路径 在路径数据库中注册已经发出作为该请求的主题的证书的终端的认证机构CA，并且只有当两个路径都被注册时，被认证证书才被认定为有效。

公开(公告)号：US20050226424A1

公开(公告)日：2005-10-13

申请号：US10931219

申请日：2004-09-01

申请人： Osamu Takata ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Kazuyoshi Hoshino

发明人： Osamu Takata ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Kazuyoshi Hoshino

IPC分类号： H04L9/08 ,  H04L1/00 ,  H04L9/00 ,  H04L9/14 ,  H04L9/32 ,  H04L29/06

CPC分类号： H04L63/0428 ,  H04L63/062

摘要： Both a management server and a validation server are installed. Both a terminal and a terminal register setting information which is usable in an encrypted communication in the management server. When carrying out the encrypted communication, the management server searches the registered setting information for coincident setting information. The management server generates keys for the encrypted communications which can be used by the terminals, and delivers these generated keys in combination with the coincident setting information. The management server authenticates both the terminals in conjunction with the validation server. Since the terminals trust such results that the management server has authenticated the terminals respectively, these terminals need not authenticate the respective communication counter terminals.

摘要翻译： 管理服务器和验证服务器均已安装。 终端和终端注册设置信息可用于管理服务器中的加密通信。 当执行加密通信时，管理服务器搜索登记的设置信息以获得一致的设置信息。 管理服务器生成可由终端使用的加密通信的密钥，并将这些生成的密钥与重合的设置信息相结合。 管理服务器与验证服务器一起认证两个终端。 由于终端信任这样的结果，管理服务器分别对终端进行认证，所以这些终端不需要对相应的通信计数器终端进行认证。

公开(公告)号：US08238555B2

公开(公告)日：2012-08-07

申请号：US12255200

申请日：2008-10-21

申请人： Osamu Takata ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Kazuyoshi Hoshino

发明人： Osamu Takata ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Kazuyoshi Hoshino

IPC分类号： H04L29/06

CPC分类号： H04L63/0428 ,  H04L63/062

摘要： Both a management server and a validation server are installed. Both a terminal and a terminal register setting information which is usable in an encrypted communication in the management server. When carrying out the encrypted communication, the management server searches the registered setting information for coincident setting information. The management server generates keys for the encrypted communications which can be used by the terminals, and delivers these generated keys in combination with the coincident setting information. The management server authenticates both the terminals in conjunction with the validation server. Since the terminals trust such results that the management server has authenticated the terminals respectively, these terminals need not authenticate the respective communication counter terminals.

摘要翻译： 管理服务器和验证服务器均已安装。 终端和终端注册设置信息可用于管理服务器中的加密通信。 当执行加密通信时，管理服务器搜索登记的设置信息以获得一致的设置信息。 管理服务器生成可由终端使用的加密通信的密钥，并将这些生成的密钥与重合的设置信息相结合。 管理服务器与验证服务器一起认证两个终端。 由于终端信任这样的结果，管理服务器分别对终端进行认证，所以这些终端不需要对相应的通信计数器终端进行认证。

公开(公告)号：US07940780B2

公开(公告)日：2011-05-10

申请号：US12205154

申请日：2008-09-05

申请人： Dan Yamamoto ,  Tadashi Kaji ,  Akifumi Yato ,  Takahiro Fujishiro ,  Shinichi Irube

发明人： Dan Yamamoto ,  Tadashi Kaji ,  Akifumi Yato ,  Takahiro Fujishiro ,  Shinichi Irube

IPC分类号： H04L12/56

CPC分类号： H04L63/061 ,  H04L65/1006 ,  H04L65/1069

摘要： A method and a system for speeding up session establishment are provided, wherein the time required to establish a session is reduced, even in the case where a session management server requires a large amount of time to process respective functions required for establishing the session (such as making a decision regarding whether to permit or deny provision of a service, or generating a session key).The session management server is provided with means for conducting, in parallel, processing to issue processing requests for respective functions required for establishing a session (such as making a decision regarding whether to permit or deny provision of a service, or generating a session key) and processing to forward a communication message transmitted by a communications device or another session management server attempting to establish a session.

摘要翻译： 提供了一种用于加速会话建立的方法和系统，其中即使在会话管理服务器需要大量时间来处理建立会话所需的各种功能的情况下，建立会话所需的时间被减少（例如 作为决定是否允许或拒绝提供服务，还是生成会话密钥）。 会话管理服务器被提供有用于并行处理以发出用于建立会话所需的相应功能的处理请求（例如作出关于是否允许或拒绝提供服务的决定或生成会话密钥）的装置， 以及处理以转发由通信设备或尝试建立会话的另一会话管理服务器发送的通信消息。

公开(公告)号：US20090327394A1

公开(公告)日：2009-12-31

申请号：US12391637

申请日：2009-02-24

申请人： Tadashi KAJI ,  Dan Yamamoto ,  Takahiro Fujishiro ,  Shinichi Irube ,  Fumihiko Inoda ,  Akio Ito

发明人： Tadashi KAJI ,  Dan Yamamoto ,  Takahiro Fujishiro ,  Shinichi Irube ,  Fumihiko Inoda ,  Akio Ito

IPC分类号： G06F17/30 ,  G06F15/16

CPC分类号： H04L67/2823 ,  H04L67/28

摘要： Technology is provided for easily converting data for use with a plurality of receiving devices. The structure-specific message generator of an information providing server generates reference information by converting the data structure of information received from a transmitting device into a data structure processable by a plurality of receiving devices. A SOAP notification generator then generates notification information for each of the receiving device by replacing information at predetermined parts in the generated reference information with receiving device-specific information.

摘要翻译： 提供了用于容易地转换数据以用于多个接收装置的技术。 信息提供服务器的结构特定消息生成器通过将从发送装置接收到的信息的数据结构转换成可由多个接收装置处理的数据结构来生成参照信息。 然后，SOAP通知生成器通过用接收设备特定信息替换所生成的参考信息中的预定部分处的信息来生成每个接收设备的通知信息。

公开(公告)号：US20090067439A1

公开(公告)日：2009-03-12

申请号：US12205154

申请日：2008-09-05

申请人： Dan Yamamoto ,  Tadashi Kaji ,  Akifumi Yato ,  Takahiro Fujishiro ,  Shinichi Irube

发明人： Dan Yamamoto ,  Tadashi Kaji ,  Akifumi Yato ,  Takahiro Fujishiro ,  Shinichi Irube

IPC分类号： H04L12/56

CPC分类号： H04L63/061 ,  H04L65/1006 ,  H04L65/1069

摘要： A method and a system for speeding up session establishment are provided, wherein the time required to establish a session is reduced, even in the case where a session management server requires a large amount of time to process respective functions required for establishing the session (such as making a decision regarding whether to permit or deny provision of a service, or generating a session key).The session management server is provided with means for conducting, in parallel, processing to issue processing requests for respective functions required for establishing a session (such as making a decision regarding whether to permit or deny provision of a service, or generating a session key) and processing to forward a communication message transmitted by a communications device or another session management server attempting to establish a session.

摘要翻译： 提供了一种用于加速会话建立的方法和系统，其中即使在会话管理服务器需要大量时间来处理建立会话所需的各种功能的情况下，建立会话所需的时间被减少（例如 作为决定是否允许或拒绝提供服务，还是生成会话密钥）。 会话管理服务器被提供有用于并行处理以发出用于建立会话所需的相应功能的处理请求（例如作出关于是否允许或拒绝提供服务的决定或生成会话密钥）的装置， 以及处理以转发由通信设备或尝试建立会话的另一会话管理服务器发送的通信消息。