利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

12 条记录 (耗时 0.016 秒)

    Server mediated security token access
    1.
    发明申请
    Server mediated security token access 审中-公开
    服务器介绍的安全令牌访问

    公开(公告)号:US20050138421A1

    公开(公告)日:2005-06-23

    申请号:US10743323

    申请日:2003-12-23

    申请人: Dominique Fedronic Eric Le Saint

    发明人: Dominique Fedronic Eric Le Saint

    IPC分类号: G06F21/00 G07F7/10 H04L29/06 H04L9/00

    CPC分类号: G06F21/32 G06F21/335 G06F21/34 G06F2221/2101 G06Q20/341 G06Q20/3576 G06Q20/40975 G07F7/1008 H04L63/083 H04L63/0853 H04L63/0861

    摘要: A method, system and computer program product for accessing one or more security token resources using an authentication server as an intermediary before access is permitted to the security token resources. The server intermediary performs an initial authentication based on a user supplied critical security parameter. To ensure confidentiality of transported critical security parameters, a secure messaging session is established which provides end-to-end security between the authentication server and the security token. A second critical security parameter is then sent to the security token. The security token authenticates the second critical security parameter and allows access token resources. Alternate secure communications mechanisms and an invalid entry counter reset capability are also described.

    摘要翻译: 用于在允许访问之前使用认证服务器作为中介来访问一个或多个安全令牌资源的方法,系统和计算机程序产品到安全令牌资源。 服务器中介根据用户提供的关键安全参数执行初始认证。 为了确保运输的关键安全参数的机密性,建立安全消息会话,提供认证服务器和安全令牌之间的端到端安全性。 然后将第二个关键安全参数发送到安全令牌。 安全令牌验证第二个关键安全参数,并允许访问令牌资源。 还描述了备用安全通信机制和无效的入口计数器复位能力。

    EFFICIENT METHODS FOR AUTHENTICATED COMMUNICATION
    2.
    发明申请
    EFFICIENT METHODS FOR AUTHENTICATED COMMUNICATION 审中-公开
    有效的通信方法

    公开(公告)号:US20150372811A1

    公开(公告)日:2015-12-24

    申请号:US14743874

    申请日:2015-06-18

    申请人: Eric Le Saint Upendra Mardikar Dominique Fedronic

    发明人: Eric Le Saint Upendra Mardikar Dominique Fedronic

    IPC分类号: H04L9/08 H04L9/32 G06Q20/38 H04L29/06

    摘要: Embodiments of the invention relate to efficient methods for authenticated communication. In one embodiment, a first computing device can generate an ephemeral key pair comprising an ephemeral public key and an ephemeral private key. The first computing device can generate a first shared secret using the ephemeral private key and a static second device public key. The first computing device can encrypt request data using the first shared secret to obtain encrypted request data. The first computing device can send a request message including the encrypted request data and the ephemeral public key to a server computer. Upon receiving a response message from the server computer, the first computing device can determine a second shared secret using the ephemeral private key and the blinded static second device public key. The first computing device can then decrypt the encrypted response data from the response message to obtain response data.

    摘要翻译: 本发明的实施例涉及用于认证通信的有效方法。 在一个实施例中,第一计算设备可以生成包括短暂公钥和临时私钥的短暂密钥对。 第一计算设备可以使用临时私钥和静态第二设备公钥来生成第一共享秘密。 第一计算设备可以使用第一共享秘密加密请求数据以获得加密的请求数据。 第一计算设备可以向服务器计算机发送包括加密请求数据和临时公钥的请求消息。 在从服务器计算机接收到响应消息时,第一计算设备可以使用临时私钥和盲静态第二设备公钥来确定第二共享秘密。 然后,第一计算设备可以从响应消息中解密加密的响应数据,以获得响应数据。

    Method, system, personal security device and computer program product for cryptographically secured biometric authentication
    3.
    发明申请
    Method, system, personal security device and computer program product for cryptographically secured biometric authentication 有权
    方法,系统,个人安全设备和用于加密安全生物认证的计算机程序产品

    公开(公告)号:US20070195998A1

    公开(公告)日:2007-08-23

    申请号:US11391473

    申请日:2006-03-29

    申请人: Eric Le Saint Dominique Fedronic John Boyer Hong Liu

    发明人: Eric Le Saint Dominique Fedronic John Boyer Hong Liu

    IPC分类号: G06K9/00

    CPC分类号: G06F21/34 G06F21/32 G06F2221/2153 G07C9/00039 G07C9/00087

    摘要: A system is used for authorizing access to a Personal Security Device. This system comprises a Personal Security Device 75 and another device 105 which is in functional communication with said Personal Security Device. Said Personal Security Device comprises identification information retrieval data and a biometric authentication application 200 which transfers said identification information retrieval data to said other device 105 in response to an identified match between biometric data sent by said other device and a predetermined biometric reference. Said other device 105 comprises a security executive application 230 for retrieving an Identification Information with at least said identification information retrieval data, thus generating a retrieved Identification Information, and transferring said retrieved Identification Information to said Personal Security Device 75. Said Personal Security Device comprises a security executive application 215 for authorizing access in response to an identified match between said transferred retrieved Identification Information and a predetermined Identification Information stored in said Personal Security Device.

    摘要翻译: 系统用于授权访问个人安全设备。 该系统包括个人安全设备75和与所述个人安全设备功能性通信的另一设备105。 所述个人安全设备包括识别信息检索数据和生物测定认证应用程序200,其响应于由所述另一设备发送的生物测定数据与预定生物测定参考之间的所识别的匹配将所述识别信息检索数据传送到所述另一设备105。 所述另一设备105包括用于使用至少所述识别信息检索数据检索识别信息的安全执行应用程序230,从而生成检索到的标识信息,并将所检索的标识信息传送到所述个人安全设备75。 所述个人安全设备包括安全执行应用215,用于响应于所述传送的所检索的识别信息与存储在所述个人安全设备中的预定标识信息之间的所识别的匹配来授权访问。

    Entry control system
    4.
    发明申请
    Entry control system 审中-公开
    进入控制系统

    公开(公告)号:US20050138380A1

    公开(公告)日:2005-06-23

    申请号:US10740518

    申请日:2003-12-22

    申请人: Dominique Fedronic Wu Wen

    发明人: Dominique Fedronic Wu Wen

    IPC分类号: G07C9/00 H04L29/06 H04L9/00

    CPC分类号: G07C9/00103 H04L63/08 H04L63/10

    摘要: An integrated security system which seamlessly assimilates with current generation logical security systems. The integrated security system incorporates a security controller having standard network interface capabilities including EEE 802.x and takes advantage of the convenience and security offered by smart cards and related devices for both physical and logical security purposes. The invention is based on standard remote authentication dial-in service (RADIUS) protocols or TCP/IP using SSL, TLS, PCT or IPsec and stores a shared secret required by the secure communication protocols in a secure access module coupled to the security controller. The security controller is intended to be a networked client or embedded intelligent device controlled remotely by to an authentication server. In another embodiment of the invention one or more life cycle management transactions are performed with the secure access module. These transactions allow for the updating, replacement, deletion and creation of critical security parameters, cryptographic keys, user data and applications used by the secure access module and/or security token. In another embodiment of the invention a security access module associated with the security controller locally performs local authentication transactions which are recorded in a local access list used to update a master access list maintained by the authentication server.

    摘要翻译: 与当代逻辑安全系统无缝融合的集成安全系统。 集成安全系统包含具有包括EEE 802.x在内的标准网络接口能力的安全控制器,并利用智能卡和相关设备为物理和逻辑安全目的而提供的便利性和安全性。 本发明基于标准远程认证拨入服务(RADIUS)协议或使用SSL,TLS,PCT或IPsec的TCP / IP,并且将安全通信协议所需的共享秘密存储在耦合到安全控制器的安全访问模块中。 安全控制器旨在成为由认证服务器远程控制的网络客户端或嵌入式智能设备。 在本发明的另一个实施例中,使用安全访问模块执行一个或多个生命周期管理事务。 这些事务允许更新,替换,删除和创建安全访问模块和/或安全令牌使用的关键安全参数,密码密钥,用户数据和应用程序。 在本发明的另一个实施例中,与安全控制器相关联的安全访问模块本地执行本地认证事务,其记录在用于更新认证服务器维护的主访问列表的本地访问列表中。

    Intelligent remote device
    5.
    发明申请
    Intelligent remote device 有权
    智能远程设备

    公开(公告)号:US20050136964A1

    公开(公告)日:2005-06-23

    申请号:US10740497

    申请日:2003-12-22

    申请人: Eric Le Saint Dominique Fedronic

    发明人: Eric Le Saint Dominique Fedronic

    IPC分类号: G06F21/00 G07F7/10 H04L29/06 H04B7/00

    CPC分类号: H04L63/0853 G06F21/31 G06F21/34 H04L63/166 H04W12/06 H04W12/08

    摘要: An intelligent remote device equipped with a security token operatively coupled thereto is processing communications with a security token enabled computer system over a wireless private network. The intelligent remote device is adapted to emulate a local security device peripheral connected to the computer system. Multiple computer systems may be authenticated to using the intelligent remote device. Additionally, various secure communications connections mechanisms are described which are intended to augment existing security protocols available using wireless network equipment. Authentication of a user supplied critical security parameter is performed by the security token. The critical security parameter may be provided locally via the intelligent remote device or received from the wireless network and routed to the security token. Aural, visual or vibratory feedback may be provided to the user to signal a successful authentication transaction.

    摘要翻译: 配备有可操作地耦合到其上的安全令牌的智能远程设备正在通过无线专用网络处理与启用安全令牌的计算机系统的通信。 智能远程设备适于模拟连接到计算机系统的本地安全设备外围设备。 多台计算机系统可以通过智能远程设备进行认证。 另外,描述了旨在增加使用无线网络设备可用的现有安全协议的各种安全通信连接机制。 用户提供的关键安全参数的验证由安全令牌执行。 关键的安全参数可以经由智能远程设备本地提供或者从无线网络接收并被路由到安全令牌。 可以向用户提供听觉,视觉或振动反馈来发信号通知成功的认证交易。

    Method and system for storing a key in a remote security module
    6.
    发明授权
    Method and system for storing a key in a remote security module 有权
    用于将密钥存储在远程安全模块中的方法和系统

    公开(公告)号:US08522014B2

    公开(公告)日:2013-08-27

    申请号:US12282782

    申请日:2007-03-15

    申请人: Dominique Fedronic Eric Le Saint John Babbidge Hong Liu

    发明人: Dominique Fedronic Eric Le Saint John Babbidge Hong Liu

    IPC分类号: H04L29/06 H04L9/32 H04L9/08 G06K5/00

    CPC分类号: H04L9/0825 G06F21/602 G06F21/606

    摘要: A system obtains assurance by a content provider that a content control key is securely stored in a remote security module for further secure communications between the content provider and the security module. A security module manufacturer, which has a pre-established trustful relation with the security module, imports a symmetric transport key into the security module. The symmetric transport key is unique to the security module. The content provider shares the symmetric transport key with the security module manufacturer. The content provider exchanging messages with the security module through a security module communication manager in order to get the proof that the security module stores the content control key. At least a portion of the messages exchanged between the content provider and the security module are protected using the symmetric transport key. The symmetric transport key is independent of said content control key.

    摘要翻译: 系统获得内容提供商的保证,内容控制密钥被安全地存储在远程安全模块中,用于内容提供商和安全模块之间的进一步的安全通信。 与安全模块预先建立的可信关系的安全模块制造商将对称的传输密钥导入到安全模块中。 对称传输密钥对安全模块是唯一的。 内容提供商与安全模块制造商共享对称传输密钥。 内容提供者通过安全模块通信管理器与安全模块交换消息,以获得安全模块存储内容控制密钥的证据。 使用对称传输密钥来保护在内容提供商和安全模块之间交换的消息的至少一部分。 对称传输密钥与所述内容控制密钥无关。

    ENTRY CONTROL SYSTEM
    7.
    发明申请
    ENTRY CONTROL SYSTEM 有权
    进入控制系统

    公开(公告)号:US20080059798A1

    公开(公告)日:2008-03-06

    申请号:US11856549

    申请日:2007-09-17

    申请人: Dominique Fedronic Wu Wen

    发明人: Dominique Fedronic Wu Wen

    IPC分类号: H04L9/00

    CPC分类号: G07C9/00103 H04L63/08 H04L63/10

    摘要: An integrated security system which seamlessly assimilates with current generation logical security systems. The integrated security system incorporates a security controller having standard network interface capabilities including IEEE 802.x and takes advantage of the convenience and security offered by smart cards and related devices for both physical and logical security purposes. The invention is based on standard remote authentication dial-in service (RADIUS) protocols or TCP/IP using SSL, TLS, PCT or IPsec and stores a shared secret required by the secure communication protocols in a secure access module coupled to the security controller. The security controller is intended to be a networked client or embedded intelligent device controlled remotely by to an authentication server. In another embodiment of the invention one or more life cycle management transactions are performed with the secure access module. These transactions allow for the updating, replacement, deletion and creation of critical security parameters, cryptographic keys, user data and applications used by the secure access module and/or security token. In another embodiment of the invention a security access module associated with the security controller locally performs local authentication transactions which are recorded in a local access list used to update a master access list maintained by the authentication server.

    摘要翻译: 与当代逻辑安全系统无缝融合的集成安全系统。 集成的安全系统包含具有标准网络接口能力的安全控制器,包括IEEE802.x,并利用智能卡和相关设备为物理和逻辑安全目的而提供的便利性和安全性。 本发明基于标准远程认证拨入服务(RADIUS)协议或使用SSL,TLS,PCT或IPsec的TCP / IP,并且将安全通信协议所需的共享秘密存储在耦合到安全控制器的安全访问模块中。 安全控制器旨在成为由认证服务器远程控制的网络客户端或嵌入式智能设备。 在本发明的另一个实施例中,使用安全访问模块执行一个或多个生命周期管理事务。 这些事务允许更新,替换,删除和创建安全访问模块和/或安全令牌使用的关键安全参数,密码密钥,用户数据和应用程序。 在本发明的另一个实施例中,与安全控制器相关联的安全访问模块本地执行本地认证事务,其记录在用于更新认证服务器维护的主访问列表的本地访问列表中。

    Method and System for Storing a Key in a Remote Security Module
    9.
    发明申请
    Method and System for Storing a Key in a Remote Security Module 有权
    将密钥存储在远程安全模块中的方法和系统

    公开(公告)号:US20100023776A1

    公开(公告)日:2010-01-28

    申请号:US12282782

    申请日:2007-03-15

    申请人: Dominique Fedronic Eric Le Saint John Babbidge Hong Liu

    发明人: Dominique Fedronic Eric Le Saint John Babbidge Hong Liu

    IPC分类号: H04L9/00 G06F21/24

    CPC分类号: H04L9/0825 G06F21/602 G06F21/606

    摘要: The invention concerns a method for obtaining assurance that a content control key is securely stored in a remote security module for further secure communications between a content provider and said security. A security module manufacturer, which has a pre-established trustful relation with the security module, imports a symmetric transport key into the security module, wherein the symmetric transport key is unique to the security module. The content provider shares the symmetric transport key with the security module manufacturer and exchanges messages with the security module through a security module communication manager in order to get the proof that the security module stores the content control key. At least a portion of the messages exchanged between the content provider and the security module are protected using the symmetric transport key.

    摘要翻译: 本发明涉及一种用于获得内容控制密钥被安全地存储在远程安全模块中用于内容提供商和所述安全性之间的进一步安全通信的保证的方法。 与安全模块具有预先建立的可信关系的安全模块制造商将对称传输密钥导入到安全模块中,其中对称传输密钥对安全模块是唯一的。 内容提供商与安全模块制造商共享对称传输密钥,并通过安全模块通信管理器与安全模块交换消息,以获得安全模块存储内容控制密钥的证据。 使用对称传输密钥来保护在内容提供商和安全模块之间交换的消息的至少一部分。