公开(公告)号：US08516265B2

公开(公告)日：2013-08-20

申请号：US12892588

申请日：2010-09-28

申请人： Masato Suzuki ,  Seigo Kotani

发明人： Masato Suzuki ,  Seigo Kotani

IPC分类号： G06F21/00

CPC分类号： H04L63/105 ,  G06F21/32 ,  G06F21/40 ,  G06F21/44 ,  G06F2221/2101 ,  G06F2221/2129 ,  G06F2221/2151 ,  H04L63/0861

摘要： An authentication method of performing authentication for an information processing device connected via a communication network by an authentication device, including: receiving information related to biometric authentication concerning the information processing device; receiving information related to identification information for identifying the information processing device; receiving information related to environment of the information processing device; receiving an electronic signature by a secret key which is paired with an electronic certification transmitted from the information processing device; and determining, by a control unit, a biometric level based on the received information related to biometric authentication, a device level based on the received information related to identification information and an environment level based on the received information related to environment; correcting, by the control unit, the determined level based on validity of the received electronic signature.

摘要翻译： 一种认证方法，用于通过认证设备经由通信网络连接的信息处理设备进行认证，包括：接收与所述信息处理设备相关的生物认证相关的信息; 接收与用于识别信息处理设备的识别信息相关的信息; 接收与信息处理装置的环境有关的信息; 通过与从信息处理设备发送的电子认证配对的秘密密钥接收电子签名; 以及基于与所述接收到的与环境有关的信息，基于与所述接收到的与识别信息有关的信息和环境级别，基于所接收到的与生物体认证有关的信息，确定生物特征级别; 由所述控制单元基于所接收的电子签名的有效性来校正所确定的等级。

公开(公告)号：US08438385B2

公开(公告)日：2013-05-07

申请号：US12048096

申请日：2008-03-13

申请人： Zhexuan Song ,  Seigo Kotani ,  Sung Lee ,  Keishiro Tanaka ,  Houcheng Lee ,  Jesus Molina ,  Ryusuke Masuoka ,  Tomihiro Yamazaki

发明人： Zhexuan Song ,  Seigo Kotani ,  Sung Lee ,  Keishiro Tanaka ,  Houcheng Lee ,  Jesus Molina ,  Ryusuke Masuoka ,  Tomihiro Yamazaki

IPC分类号： H04L29/06 ,  G06F7/04

CPC分类号： H04L9/3231 ,  H04L9/3263 ,  H04L2209/80

摘要： A method for identity verification includes receiving a request for proof of identity from a service provider and receiving biometric information associated with a user of a communication device. The method also includes determining that the received biometric information matches a biometric profile that contains biometric information associated with a registered user of the communication device. The method also includes unlocking a private key associated with the registered user in response to determining that the received biometric information matches a biometric profile and sending a request for a digital certificate that is signed with the private key associated with the registered user. The method further includes receiving the digital certificate that includes a public key associated with the registered user and satisfies the request for proof of identity. The method also includes with forwarding the digital certificate to the service provider.

摘要翻译： 用于身份验证的方法包括从服务提供商接收身份证明请求并接收与通信设备的用户相关联的生物特征信息。 该方法还包括确定所接收的生物特征信息与包含与通信设备的注册用户相关联的生物特征信息的生物特征信息匹配。 该方法还包括响应于确定所接收的生物测定信息与生物特征谱匹配并且发送用与注册用户相关联的私钥签名的数字证书的请求来解锁与注册用户相关联的私钥。 该方法还包括接收包括与注册用户相关联的公钥的数字证书，并且满足身份证明请求。 该方法还包括将数字证书转发到服务提供商。

公开(公告)号：US20130055228A1

公开(公告)日：2013-02-28

申请号：US13220298

申请日：2011-08-29

申请人： Zhexuan Song ,  Seigo Kotani

发明人： Zhexuan Song ,  Seigo Kotani

IPC分类号： G06F9/445 ,  G06F9/44

CPC分类号： G06F8/654

摘要： According to one embodiment, a system includes a memory and a processor. The processor receives a message that includes a patch for installation and one or more requirements to be satisfied before the patch can be installed. The patch is configured to update the computing system. The processor also repeatedly collects information from one or more sensors until it is determined, based on the collected information, that the one or more requirements have been satisfied. Upon determining that the one or more requirements have been satisfied, the processor further conducts an installation process of the patch on the computing system. Upon determining that the installation process of the patch is finished, the processor further transmits a confirmation report indicating whether the patch was successfully installed. The confirmation report is generated and signed by a unique element associated with the computing system.

摘要翻译： 根据一个实施例，系统包括存储器和处理器。 处理器收到包含用于安装的补丁的消息，以及在安装补丁之前要满足的一个或多个要求。 该补丁配置为更新计算系统。 处理器还从一个或多个传感器重复地收集信息，直到基于所收集的信息确定满足一个或多个要求。 当确定满足一个或多个要求时，处理器进一步在计算系统上执行补丁的安装过程。 在确定补丁的安装过程完成后，处理器进一步发送指示补丁是否已成功安装的确认报告。 确认报告由与计算系统相关联的唯一元素生成和签名。

公开(公告)号：US20110238260A1

公开(公告)日：2011-09-29

申请号：US13053670

申请日：2011-03-22

申请人： Seigo Kotani ,  Masato Suzuki

发明人： Seigo Kotani ,  Masato Suzuki

IPC分类号： G06F7/00 ,  G06F21/00 ,  G01C21/00

CPC分类号： G06F21/6218 ,  G06F21/31 ,  G06F21/445 ,  G06F21/606 ,  G06F2221/2129 ,  H04L63/061 ,  H04L63/08

摘要： In certain embodiments, processors may operate to establish trust with trust point systems by performing a user authentication, a platform authentication, and an environment authentication. The processors may communicate information with the trust point systems in response to establishing trust. In certain embodiments, the trust point systems may cooperate to provide a variety of services, such as escorting, battery charging, vehicle security, and/or emissions reporting services.

摘要翻译： 在某些实施例中，处理器可以通过执行用户认证，平台认证和环境认证来操作以与信任点系统建立信任。 响应于建立信任，处理器可以与信任点系统通信信息。 在某些实施例中，信任点系统可以协作以提供各种服务，例如护送，电池充电，车辆安全和/或排放报告服务。

公开(公告)号：US20110237234A1

公开(公告)日：2011-09-29

申请号：US12879175

申请日：2010-09-10

申请人： Seigo Kotani ,  Masato Suzuki

发明人： Seigo Kotani ,  Masato Suzuki

IPC分类号： H04M3/00 ,  G06F9/455 ,  H04L9/32

CPC分类号： G06F9/45533 ,  G06F8/61 ,  G06F8/65 ,  G06F9/45558 ,  G06F16/951 ,  G06F21/32 ,  G06F21/57 ,  G06F21/64 ,  G06F2009/4557 ,  G06F2221/2151 ,  H04L9/0897 ,  H04L9/3231 ,  H04L9/3234 ,  H04L9/3297 ,  H04L63/068 ,  H04L63/123 ,  H04L67/10 ,  H04L67/34 ,  H04L67/42 ,  H04L2209/60 ,  H04L2209/805 ,  H04W12/00502 ,  H04W12/10

摘要： A client supported by remote maintenance in an electronic network configured to serve a plurality of clients may comprise a plurality of nodes, a first virtual machine (VM), a second virtual machine, and a virtual machine manager (VMM). The first VM may handle data associated with an external data center. The second VM may be associated with one of the plurality of nodes. The VMM may be configured to manage data transfer between the first VM and the second VM. The first VM may be configured to assess a state of the client system and identify a software update for installation on the one of the plurality of nodes. The software update may be configured to maintain identity between the data in the one of the plurality of nodes and the data center. The VMM may manage an attestation process prior to delivering or installing the software update on the client system using the first VM.

摘要翻译： 被配置为服务多个客户端的电子网络中的远程维护支持的客户端可以包括多个节点，第一虚拟机（VM），第二虚拟机和虚拟机管理器（VMM）。 第一个VM可以处理与外部数据中心相关联的数据。 第二VM可以与多个节点中的一个相关联。 VMM可以被配置为管理第一VM和第二VM之间的数据传输。 可以将第一虚拟机配置为评估客户端系统的状态，并且识别用于在所述多个节点之一上安装的软件更新。 软件更新可以被配置为维护多个节点中的一个节点和数据中心之间的数据之间的身份。 在使用第一个VM在客户端系统上传送或安装软件更新之前，VMM可以管理证明过程。

公开(公告)号：US07916328B2

公开(公告)日：2011-03-29

申请号：US11622382

申请日：2007-01-11

申请人： Kazutoshi Miyamura ,  Seigo Kotani

发明人： Kazutoshi Miyamura ,  Seigo Kotani

IPC分类号： G06F3/12 ,  G06K15/00 ,  H04N1/44

CPC分类号： H04N1/44 ,  H04N1/4413 ,  H04N1/4426

摘要： A recording unit records an operation log. A storing unit included in a temper-resistant chip stores therein a secret key unique to an image reading apparatus. An encrypting unit included in the temper-resistant chip encrypts recorded operation log with stored secret key. A transmitting unit transmits information including encrypted operation log to a server.

摘要翻译： 记录单元记录操作日志。 包括在耐温芯片中的存储单元在其中存储图像读取装置独有的秘密密钥。 包含在耐温芯片中的加密单元利用存储的密钥对记录的操作日志进行加密。 发送单元将包括加密操作日志的信息发送到服务器。

公开(公告)号：US20100023755A1

公开(公告)日：2010-01-28

申请号：US11966283

申请日：2007-12-28

申请人： Seigo Kotani ,  Zhexuan Song ,  Sung Lee ,  Jesus Molina ,  Ryusuke Masuoka

发明人： Seigo Kotani ,  Zhexuan Song ,  Sung Lee ,  Jesus Molina ,  Ryusuke Masuoka

IPC分类号： H04L9/00

CPC分类号： H04L9/083 ,  G06F21/33 ,  G06F21/606 ,  G06F2221/2101 ,  H04L9/006 ,  H04L9/0825 ,  H04L9/0897 ,  H04L9/321 ,  H04L9/3234 ,  H04L9/3263 ,  H04L63/0823 ,  H04L2209/127

摘要： A system and method are disclosed for providing and maintaining a high level of security during migration of data from one platform to another. The disclosed system combines user and equipment authentication with equipment environment authorization guaranteed by a security module such as supported by a trusted platform module (TPM) in parallel, for secure information transfer to support migration between platforms.

摘要翻译： 公开了一种系统和方法，用于在将数据从一个平台迁移到另一个平台期间提供和保持高水平的安全性。 所公开的系统将用户和设备认证与由可信平台模块（TPM）并行支持的安全模块所保证的设备环境授权相结合，用于安全信息传输以支持平台之间的迁移。

公开(公告)号：US20090165095A1

公开(公告)日：2009-06-25

申请号：US12394957

申请日：2009-02-27

申请人： Mizuma Ishikawa ,  Seigo Kotani ,  Hidenari Miwa

发明人： Mizuma Ishikawa ,  Seigo Kotani ,  Hidenari Miwa

IPC分类号： G06F21/20

CPC分类号： H04L63/0807 ,  H04L67/14

摘要： A network connection terminal authenticating method that authenticates a terminal device demands communication with other terminal device in a computer network. The network connection terminal authenticating method include authenticating the terminal device outside a communication path between the terminal device and the other terminal device in response to a demand for communication of the terminal device with the other terminal device and determining whether communication with the other terminal device is permitted, and starting data transmission from the terminal device to the other terminal device when the terminal device is authenticated in the authenticating.

摘要翻译： 验证终端设备的网络连接终端认证方法要求与计算机网络中的其他终端设备进行通信。 网络连接终端认证方法包括响应终端设备与另一终端设备的通信需求，确定终端设备与另一终端设备之间的通信路径之外的终端设备的认证，并确定与其他终端设备的通信是否是 允许和启动从终端设备到另一终端设备的数据传输，当终端设备在认证中被认证时。

公开(公告)号：US07513411B2

公开(公告)日：2009-04-07

申请号：US10843310

申请日：2004-05-12

申请人： Nobuo Yoshikawa ,  Seigo Kotani ,  Takayuki Katou ,  Nao Ando

发明人： Nobuo Yoshikawa ,  Seigo Kotani ,  Takayuki Katou ,  Nao Ando

IPC分类号： G06F17/00 ,  H04K1/00

CPC分类号： H04L63/0823 ,  G06F21/645 ,  G06F2221/2153 ,  H04L63/126

摘要： An apparatus for granting electronic signature to a data includes an identification-data acquiring unit that acquires identification data for identifying an owner of a secret key that is used to create the electronic signature, an authorization-data acquiring unit that acquires authorization data corresponding to the identification data acquired, and a signature-granting determining unit that determines whether to grant the electronic signature to the data based on the authorization data acquired.

摘要翻译： 用于向电子签名授予电子签名的装置包括：识别数据获取单元，其获取用于识别用于创建电子签名的秘密密钥的所有者的识别数据;授权数据获取单元，其获取与 识别数据，以及签名授予确定单元，其基于所获取的授权数据，确定是否对电子签名进行授权。

公开(公告)号：US07477742B2

公开(公告)日：2009-01-13

申请号：US09799010

申请日：2001-03-06

申请人： Bintatsu Noda ,  Seigo Kotani ,  Takehiko Hayashi ,  Jun Kamada

发明人： Bintatsu Noda ,  Seigo Kotani ,  Takehiko Hayashi ,  Jun Kamada

IPC分类号： H04N7/167 ,  H04K1/00

CPC分类号： H04N7/1675 ,  G06F21/10 ,  G06F2221/2135 ,  H04N21/4405 ,  H04N21/44204 ,  H04N21/4627 ,  H04N21/8193 ,  H04N21/8355

摘要： A contents utilization control apparatus includes an input unit for inputting a) contents with control module that consist of contents and a control module, and b) a license with control module that consists of a license prepared from contents utilization approval information and a control module. The control module in the contents with control module and the control module in the license with control module cooperate with each other to carry out a control relating to the utilization of the contents.