利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

26 条记录 (耗时 0.018 秒)

    Secure key management
    1.
    发明授权
    Secure key management 有权
    安全密钥管理

    公开(公告)号:US09264230B2

    公开(公告)日:2016-02-16

    申请号:US13047344

    申请日:2011-03-14

    申请人: Todd W. Arnold Elizabeth A. Dames Thomas J. Dewkett Carsten D. Frehr Michael J. Kelly Kenneth B. Kerr Richard V. Kisley Eric D. Rossman Eric B. Smith

    发明人: Todd W. Arnold Elizabeth A. Dames Thomas J. Dewkett Carsten D. Frehr Michael J. Kelly Kenneth B. Kerr Richard V. Kisley Eric D. Rossman Eric B. Smith

    IPC分类号: G06F7/04 H04L9/08

    CPC分类号: H04L9/0897

    摘要: A system for implementing computer security is provided. The system includes a computer processor and an application configured to execute on the computer processor, the application implementing a method that includes creating a token and populating a payload section of the token with key material and selecting a wrapping method that specifies how the key material is securely bound to key control information. A structure of the key control information in the token is independent of the wrapping method. Implementing computer security also includes wrapping the key material and binding key control information to the key material in the token. The key control information includes information relating to usage and management of the key material.

    摘要翻译: 提供了一种实现计算机安全的系统。 该系统包括计算机处理器和被配置为在计算机处理器上执行的应用程序,该应用程序实现一种方法,该方法包括使用密钥材料创建令牌和填充令牌的有效载荷部分,并且选择包装方法,该方法指定密钥材料 安全地绑定到关键控制信息。 令牌中的关键控制信息的结构与包装方法无关。 实施计算机安全还包括将密钥材料和密钥控制信息绑定到令牌中的密钥材料。 关键控制信息包括与密钥材料的使用和管理有关的信息。

    PROTECTING A CONTROL VECTOR IN AN OPTIONAL BLOCK OF A STANDARD KEY BLOCK
    2.
    发明申请
    PROTECTING A CONTROL VECTOR IN AN OPTIONAL BLOCK OF A STANDARD KEY BLOCK 有权
    在标准键盘的可选块中保护控制矢量

    公开(公告)号:US20120307999A1

    公开(公告)日:2012-12-06

    申请号:US13118951

    申请日:2011-05-31

    申请人: Todd W. Arnold Carsten D. Frehr Richard V. Kisley

    发明人: Todd W. Arnold Carsten D. Frehr Richard V. Kisley

    IPC分类号: H04L9/00

    CPC分类号: H04L9/0894

    摘要: A computer program product is provided and includes a tangible storage medium readable by a processing circuit and on which instructions are stored for execution by the processing circuit for validating parameters passed to a parameter database, computing a length required for control vector CV data, preparing an optional block in accordance with a result of the computation, converting the CV to a format for a standardized key block while copying the converted CV into the optional block and updating optional block data in the standardized key block.

    摘要翻译: 提供了一种计算机程序产品,并且包括可由处理电路读取的有形存储介质,并在其上存储指令以供处理电路执行以验证传递给参数数据库的参数,计算控制向量CV数据所需的长度, 根据计算结果将可选块转换为标准化密钥块的格式,同时将转换的CV复制到可选块中并更新标准化密钥块中的可选块数据。

    Combining key control information in common cryptographic architecture services
    4.
    发明授权
    Combining key control information in common cryptographic architecture services 有权
    将密钥控制信息结合在通用的密码体系结构服务中

    公开(公告)号:US08953789B2

    公开(公告)日:2015-02-10

    申请号:US13150448

    申请日:2011-06-01

    申请人: Todd W. Arnold Carsten D. Frehr Richard V. Kisley

    发明人: Todd W. Arnold Carsten D. Frehr Richard V. Kisley

    IPC分类号: H04L9/00

    CPC分类号: H04L9/088 H04L9/0877 H04L2209/56

    摘要: A system includes a processor configured to perform a method, the method comprising receiving a first key token, second key token and a request to combine the first key token with the second key token, identifying a key type of the first key token and a key type of the second key token, determining whether the key type of the first key token may be combined with the key type of the second key token, combining the first key token with the second key token to create a third key token responsive to determining that the key type of the first key token may be combined with the key type of the second key token, and outputting the third key token.

    摘要翻译: 系统包括被配置为执行方法的处理器,该方法包括:接收第一密钥令牌,第二密钥令牌和将第一密钥令牌与第二密钥令牌组合的请求,识别第一密钥令牌的密钥类型和密钥 类型的第二密钥令牌,确定第一密钥令牌的密钥类型是否可以与第二密钥令牌的密钥类型组合,将第一密钥令牌与第二密钥令牌组合以创建第三密钥令牌,以响应于确定 可以将第一密钥令牌的密钥类型与第二密钥令牌的密钥类型组合,并输出第三密钥令牌。

    Secure Key Management
    6.
    发明申请
    Secure Key Management 有权
    安全密钥管理

    公开(公告)号:US20120237023A1

    公开(公告)日:2012-09-20

    申请号:US13047344

    申请日:2011-03-14

    申请人: Todd W. Arnold Elizabeth A. Dames Thomas J. Dewkett Carsten D. Frehr Michael J. Kelly Kenneth B. Kerr Richard V. Kisley Eric D. Rossman Eric B. Smith

    发明人: Todd W. Arnold Elizabeth A. Dames Thomas J. Dewkett Carsten D. Frehr Michael J. Kelly Kenneth B. Kerr Richard V. Kisley Eric D. Rossman Eric B. Smith

    IPC分类号: H04L9/00

    CPC分类号: H04L9/0897

    摘要: A system for implementing computer security is provided. The system includes a computer processor and an application configured to execute on the computer processor, the application implementing a method that includes creating a token and populating a payload section of the token with key material and selecting a wrapping method that specifies how the key material is securely bound to key control information. A structure of the key control information in the token is independent of the wrapping method. Implementing computer security also includes wrapping the key material and binding key control information to the key material in the token. The key control information includes information relating to usage and management of the key material.

    摘要翻译: 提供了一种实现计算机安全的系统。 该系统包括计算机处理器和被配置为在计算机处理器上执行的应用程序,该应用程序实现一种方法,该方法包括使用密钥材料创建令牌和填充令牌的有效载荷部分,并且选择包装方法,该方法指定密钥材料 安全地绑定到关键控制信息。 令牌中的关键控制信息的结构与包装方法无关。 实施计算机安全还包括将密钥材料和密钥控制信息绑定到令牌中的密钥材料。 关键控制信息包括与密钥材料的使用和管理有关的信息。

    Method for controlling security function execution with a flexible, extendable, and non-forgable block
    7.
    发明授权
    Method for controlling security function execution with a flexible, extendable, and non-forgable block 失效
    用灵活,可扩展和不可阻止的块来控制安全功能执行的方法

    公开(公告)号:US07779258B2

    公开(公告)日:2010-08-17

    申请号:US11534236

    申请日:2006-09-22

    申请人: Todd W. Arnold Elizabeth A. Dames Carsten D. Frehr Kurt S. Jacobsen Michael J. Kelly Mark D. Marik Jesper Wiese

    发明人: Todd W. Arnold Elizabeth A. Dames Carsten D. Frehr Kurt S. Jacobsen Michael J. Kelly Mark D. Marik Jesper Wiese

    IPC分类号: H04N7/16 H04L9/00 H04L9/32 G06F17/30 G06F7/04 G06K9/00 H03M1/68 H04K1/00

    CPC分类号: H04L9/0822 H04L9/088 H04L9/3242 H04L9/3247 H04L2209/04 H04L2209/34

    摘要: A method, article, and system for providing an effective implementation of data structures, and application programming interface (API) functions that allow secure execution of functions behind a secure boundary. The controlling mechanism is a flexible, extendable, and non-forgeable block that details how values and parameters behind the secure boundary can be changed. The invention allows for one entity to execute a security function that will normally require extensive authorizations or dual or multiple control. The method and system comprise instructions that are cryptographically protected against alteration or misuse, wherein the instructions further comprise a trusted block that defines security policies that are permitted when an application program employs the trusted block in APIs. The trusted block has a number of fields containing rules that provide an ability to limit how the trusted block is used, thereby reducing the risk of the trusted block being employed in unintended ways.

    摘要翻译: 一种用于提供有效实施数据结构的方法,文章和系统,以及允许安全执行安全边界后面的功能的应用程序编程接口(API)功能。 控制机制是一个灵活,可扩展和不可伪造的块,详细介绍了安全边界背后的值和参数如何改变。 本发明允许一个实体执行通常需要广泛授权或双重或多重控制的安全功能。 所述方法和系统包括密码保护以防止改变或误用的指令,其中所述指令还包括定义在应用程序在API中使用所述可信块时允许的安全策略的可信块。 可信块具有包含规则的多个字段,这些规则提供了限制如何使用受信任块的能力,从而降低以非预期的方式使用可信块的风险。

    Personal identification number security enhancement
    8.
    发明授权
    Personal identification number security enhancement 失效
    个人识别号码安全增强

    公开(公告)号:US08639938B2

    公开(公告)日:2014-01-28

    申请号:US13099509

    申请日:2011-05-03

    申请人: Todd W. Arnold Elizabeth A. Dames Carsten D. Frehr Clifford L. Hansen Shelia M. Sittinger

    发明人: Todd W. Arnold Elizabeth A. Dames Carsten D. Frehr Clifford L. Hansen Shelia M. Sittinger

    IPC分类号: H04L29/06

    CPC分类号: G06F21/46 G06F21/31 G06Q20/382 G06Q20/4012 G07F7/1016 G07F7/1075 G07F7/1091 G07F19/211

    摘要: A system for enhancing security of a personal identification number is configned for performing a method that includes receiving, from a first entity having an input permission, a first data structure into a HSM, wherein the first data structure maps a first many-to-one mapping between a first and a second PIN numeral system. The method also includes determining whether the content of the first data structure is valid, storing the first data structure in the HSM if the first data structure is valid and marking the stored first data structure as inactive. The method further includes activating the first data structure if a second data structure is input into the HSM by a second entity having an activation permission, wherein the first entity is different from the second entity, the first data structure is identical to the second data structure. The method additionally includes converting from the first to the second PIN numeral system responsive to the activated first data structure.

    摘要翻译: 用于增强个人识别号码的安全性的系统用于执行包括从具有输入许可的第一实体接收第一数据结构到HSM的方法,其中所述第一数据结构映射第一多对一 第一和第二PIN数字系统之间的映射。 该方法还包括确定第一数据结构的内容是否有效,如果第一数据结构有效并将所存储的第一数据结构标记为不活动,则将第一数据结构存储在HSM中。 该方法还包括:如果第二数据结构由具有激活许可的第二实体输入到HSM中,则激活第一数据结构,其中第一实体与第二实体不同,第一数据结构与第二数据结构相同 。 该方法还包括响应于激活的第一数据结构从第一PIN数字系统转换为第二PIN数字系统。