公开(公告)号：US20100235900A1

公开(公告)日：2010-09-16

申请号：US12716845

申请日：2010-03-03

申请人： Mark Robinton ,  Scott B. Guthery

发明人： Mark Robinton ,  Scott B. Guthery

IPC分类号： H04L9/32

CPC分类号： G06F21/34

摘要： Methods, devices, and systems are provided for an efficient two-factor authentication process. In particular, a card challenge is combined with a user-provided password or similar user-based credential before a transformation of the data is performed. Once the combined challenge and user-provided credential have been transformed, the transformed data is used as a basis for authentication verification.

摘要翻译： 提供了方法，设备和系统，用于有效的双因素身份验证过程。 特别地，在执行数据变换之前，卡挑战与用户提供的密码或类似的基于用户的证书组合。 一旦组合的挑战和用户提供的凭证已被变换，变换的数据被用作认证验证的基础。

公开(公告)号：US20100235622A1

公开(公告)日：2010-09-16

申请号：US12724078

申请日：2010-03-15

申请人： Mark Robinton ,  Scott Haigh ,  Scott B. Guthery

发明人： Mark Robinton ,  Scott Haigh ,  Scott B. Guthery

IPC分类号： H04L29/06 ,  H04L12/56

CPC分类号： G06F21/82 ,  G06F21/606

摘要： Mechanisms are provided for transferring sensitive information, such as cryptographic keys, between entities. Particularly, a device is provided with a user input connected directly to a secure element. The device enables a user to enter sensitive information in the user input which is then passed directly to the secure element without traversing any other element such that the secure element can encode and/or encrypt the sensitive information. Once the sensitive information has been encoded and/or encrypted by the secure element, the now secure sensitive information can be shared with other entities using familiar and popular, yet relatively unsecure, transfer methods.

摘要翻译： 提供了用于在实体之间传送敏感信息（例如加密密钥）的机制。 特别地，设备具有直接连接到安全元件的用户输入。 该设备使得用户能够输入用户输入中的敏感信息，然后将该信息直接传递到安全元件，而不会遍历任何其他元素，使得安全元件可以对敏感信息进行编码和/或加密。 一旦敏感信息被安全元素编码和/或加密，现在的安全敏感信息可以使用熟悉且流行但相对不安全的传输方法与其他实体共享。

公开(公告)号：US20090320104A1

公开(公告)日：2009-12-24

申请号：US12507036

申请日：2009-07-21

申请人： Scott B. Guthery

发明人： Scott B. Guthery

IPC分类号： G06F15/173 ,  H04L9/00 ,  H04L9/32

CPC分类号： H04L63/08 ,  G06F21/606 ,  G06F2221/2153 ,  H04L29/06 ,  H04L63/0853 ,  H04L67/04 ,  H04L69/22 ,  H04L69/329 ,  H04W12/08

摘要： Methods and systems are disclosed to enable a smart card having relatively low data rate and low computational power to control a high data rate communications channel without degradation of performance. The smart card and an associated monitor/interface, which can be implemented in a network access device, are interposed between transmitting and receiving nodes in a network, and configured to intervene when conditions of rules stored in the smart card are met. For example, the smart card can intervene when a packet header indicates sufficient change in information, such as the exceeding of a predefined threshold or a requirement for user authorization/authentication. In one mode of regulating packet flow, the smart card selectively enables or disables packet transmission, reception, or both, according to the rules stored therein. In another mode, the smart card, upon activation, provides rules and modifications for packet data, headers, or both. The rules and modifications can implement communication policies of the entity providing communication services to the user of the services, and can be stored in the smart card to prevent alteration or tampering.

摘要翻译： 公开了方法和系统，以使具有相对较低数据速率和低计算能力的智能卡能够在不降低性能的情况下控制高数据速率通信信道。 可以在网络访问设备中实现的智能卡和相关联的监视器/接口被插入在网络中的发送和接收节点之间，并且被配置为在满足存储在智能卡中的规则的条件时进行干预。 例如，当数据包头表示信息的充分变化，例如超过预定阈值或用户授权/认证要求时，智能卡可以进行干预。 在一种调节分组流的模式中，智能卡根据其中存储的规则选择性地启用或禁用分组传输，接收或两者。 在另一种模式下，智能卡在激活时为分组数据，报头或两者提供规则和修改。 规则和修改可以实现向服务用户提供通信服务的实体的通信策略，并且可以存储在智能卡中以防止改变或篡改。

公开(公告)号：US07571257B2

公开(公告)日：2009-08-04

申请号：US10470128

申请日：2002-03-25

申请人： Scott B. Guthery

发明人： Scott B. Guthery

IPC分类号： G06F15/16

CPC分类号： H04L63/08 ,  G06F21/606 ,  G06F2221/2153 ,  H04L29/06 ,  H04L63/0853 ,  H04L67/04 ,  H04L69/22 ,  H04L69/329 ,  H04W12/08

摘要： Methods and systems are disclosed to enable a smart card having relatively low data rate and low computational power to control a high data rate communications channel without degradation of performance. The smart card and an associated monitor/interface, which can be implemented in a network access device, are interposed between transmitting and receiving nodes in a network, and configured to intervene when conditions of rules stored in the smart card are met. For example, the smart card can intervene when a packet header indicates sufficient change in information, such as the exceeding of a predefined threshold or a requirement for user authorization/authentication. In one mode of regulating packet flow, the smart card selectively enables or disables packet transmission, reception, or both, according to the rules stored therein. In another mode, the smart card, upon activation, provides rules and modifications for packet data, headers, or both. The rules and modifications can implement communication policies of the entity providing communication services to the user of the services, and can be stored in the smart card to prevent alteration or tampering.

摘要翻译： 公开了方法和系统，以使具有相对较低数据速率和低计算能力的智能卡能够在不降低性能的情况下控制高数据速率通信信道。 可以在网络访问设备中实现的智能卡和相关联的监视器/接口被插入在网络中的发送和接收节点之间，并且被配置为在满足存储在智能卡中的规则的条件时进行干预。 例如，当数据包头表示信息的充分变化，例如超过预定阈值或用户授权/认证要求时，智能卡可以进行干预。 在一种调节分组流的模式中，智能卡根据其中存储的规则选择性地启用或禁用分组传输，接收或两者。 在另一种模式下，智能卡在激活时为分组数据，报头或两者提供规则和修改。 规则和修改可以实现向服务用户提供通信服务的实体的通信策略，并且可以存储在智能卡中以防止改变或篡改。

公开(公告)号：US07097107B1

公开(公告)日：2006-08-29

申请号：US10448450

申请日：2003-05-29

申请人： Scott B. Guthery

发明人： Scott B. Guthery

IPC分类号： G06K19/06

CPC分类号： G07F7/1008 ,  G06Q20/341 ,  G06Q20/40975

摘要： An integrated circuit card includes a microprocessor, an integral memory element, and a pseudo-random number sequence file stored therein. The pseudo-random number sequence file includes a pseudo-random number sequence generator operable to generate an instance of a sequence of apparently random numbers when executed, values for the parameters of the pseudo-random number sequence generator, and an Initial Value for the sequence of random numbers. The microprocessor is operable to execute an operation on the pseudo-random number sequence file in response to a predetermined input from an external source.

摘要翻译： 集成电路卡包括存储在其中的微处理器，整体存储元件和伪随机数序列文件。 伪随机数序列文件包括伪随机数序列发生器，其可操作以在执行时产生明显随机数的序列的实例，伪随机数序列发生器的参数的值和序列的初始值 的随机数。 微处理器可操作以响应于来自外部源的预定输入而对伪随机数序列文件执行操作。

公开(公告)号：US06779112B1

公开(公告)日：2004-08-17

申请号：US09434545

申请日：1999-11-05

申请人： Scott B. Guthery

发明人： Scott B. Guthery

IPC分类号： H04L900

CPC分类号： G07F7/1008 ,  G06F21/31 ,  G06F21/42 ,  G06F21/556 ,  G06F21/77 ,  G06F2221/2105 ,  G06F2221/2107 ,  G06Q20/105 ,  G06Q20/341 ,  G06Q20/3552 ,  G06Q20/3674 ,  G06Q20/40975 ,  G07F7/08 ,  G07F7/12 ,  G07F7/122 ,  H04L29/06 ,  H04L63/08

摘要： This invention concerns an integrated circuit (IC) device, such as smart cards, electronic wallets, PC cards, and the like, and various methods for steganographically authenticating identities and authorizing transactions based on the authenticated identities. The IC device has a memory and a processor. The IC device maintains an identity authentication table in the memory to hold an arbitrary number of identities. The identity authentication table correlates identities with authentication structures. In preferred embodiments, the authentication structures each comprise a collection of commands, such as data processing commands, that are normally associated with data handling capabilities of the IC device. The commands are arranged into unique groupings that serve to identify the identity with which they are associated. Authentication can then take place outside of detectable cryptographic protocols. That is, the authentication structures blend in with other seemingly normal data processing functions thereby reducing the chances of detection.

摘要翻译： 本发明涉及诸如智能卡，电子钱包，PC卡等的集成电路（IC）装置，以及用于对身份进行隐写认证和基于认证身份授权交易的各种方法。 IC器件具有存储器和处理器。 IC设备在存储器中维护身份认证表以保持任意数量的身份。 身份认证表将身份与认证结构相关联。 在优选实施例中，认证结构各自包括通常与IC设备的数据处理能力相关联的命令集合，诸如数据处理命令。 命令被排列成唯一的分组，用于识别与它们相关联的身份。 然后，认证可以在可检测的加密协议之外进行。 也就是说，认证结构与其他看似正常的数据处理功能相结合，从而降低了检测的机会。

公开(公告)号：US06567915B1

公开(公告)日：2003-05-20

申请号：US09178228

申请日：1998-10-23

申请人： Scott B. Guthery

发明人： Scott B. Guthery

IPC分类号： H04L900

CPC分类号： G07C9/00039 ,  G06Q20/105 ,  G06Q20/204 ,  G06Q20/206 ,  G06Q20/367 ,  G06Q20/3674 ,  G06Q20/40

摘要： This invention concerns an integrated circuit (IC) device, such as smart cards, electronic wallets, PC cards, and the like, and various methods for authenticating identities and authorizing transactions based on the authenticated identities. The IC device has a memory and a processor. The IC device maintains an identity authentication table in the memory to hold an arbitrary number of identities. The identity authentication table correlates identities with authentication protocols, so that different protocols can be used to authenticate associated identities. The identity authentication table also correlates counts with the identities. Individual counts specify a number of uses of the IC device for a corresponding identity without requiring the IC device to authenticate the identity for each use. The IC device also maintains an authentication vector in memory. The authentication vector tracks identities in the identity authentication table that are currently authenticated by the IC device. The IC device further maintains authorization tables in the memory and in association with particular files used in transactions. Each authorization table defines authorization for a particular transaction as a Boolean expression of the identities listed in the identity authentication table.

摘要翻译： 本发明涉及诸如智能卡，电子钱包，PC卡等的集成电路（IC）装置，以及用于基于认证身份认证身份和授权交易的各种方法。 IC器件具有存储器和处理器。 IC设备在存储器中维护身份认证表以保持任意数量的身份。 身份认证表将身份与认证协议相关联，使得可以使用不同的协议来认证关联的身份。 身份认证表还与计数与身份相关联。 个别计数指定IC设备对于相应身份的使用次数，而不需要IC设备对每次使用的身份进行认证。 IC设备还在存储器中维护认证向量。 认证向量跟踪当前由IC设备认证的身份认证表中的标识。 IC设备进一步在存储器中维护授权表，并与事务中使用的特定文件相关联。 每个授权表将特定事务的授权定义为身份认证表中列出的身份的布尔表达式。