-
公开(公告)号:US10764067B2
公开(公告)日:2020-09-01
申请号:US15599249
申请日:2017-05-18
摘要: An on-ledger certificate authority operates a node of a distributed ledger that controls a certificate issuance store and a certificate revocation store. When the certificate authority issues a certificate, the node issues a ledger transaction with an instruction to store a validation hash of the certificate in the issuance store, and when a certificate is revoked, a ledger transaction with an instruction to store the serial number of the certificate in the revocation store. As such transactions propagate throughout the ledger, the instructions are executed by on-ledger verifiers in their local replicas of the stores. An on-ledger verifier validates a certificate by verifying that its serial number is not in the revocation store while its validation hash is in the verifier's replica of the issuance store.
-
公开(公告)号:US20170339138A1
公开(公告)日:2017-11-23
申请号:US15468100
申请日:2017-03-23
CPC分类号: H04L63/0861 , H04L9/3239 , H04L9/3268 , H04L63/0823 , H04L63/083 , H04L63/126 , H04L63/205 , H04L2463/082
摘要: A method and system are provided for multifactor identification of a subject over a network using a rich credential, with selective disclosure of attributes and selective presentation of verification factors. A credential presentation application negotiates with a verifying server to agree on attributes to be disclosed and verification factors to be presented, and removes unneeded attributes and verification data from the rich credential by pruning subtrees from a typed hash tree without invalidating a signature that covers the root label of the tree. The credential presentation application proves knowledge of a private key, and as agreed upon may prove knowledge of a password and may arrange for biometric presentation applications to present one or more biometric samples to the verifier, which performs presentation attack detection and verifies the samples against verification data in the rich credential.
-
公开(公告)号:US09069854B2
公开(公告)日:2015-06-30
申请号:US12581851
申请日:2009-10-19
CPC分类号: G06F17/30864 , G06F17/30675 , G06Q30/0256
摘要: A method of facilitating the browsing of a plurality of result sets by a user. The method includes displaying a plurality of queries on a computer display, each query having a corresponding result set, the plurality of queries thereby constituting a set of displayed queries, and displaying the result set of a selected displayed query in response to the user selecting the query from the set of displayed queries via a user interface procedure, while continuing to display the set of displayed queries so the user can subsequently select other queries from the set of displayed queries to thereby interleave browsing the result sets of the queries in the set of displayed queries.
摘要翻译: 一种便于用户浏览多个结果集的方法。 该方法包括在计算机显示器上显示多个查询,每个查询具有相应的结果集,所述多个查询从而构成一组显示的查询,并响应于用户选择显示的查询显示所选择的显示查询的结果集 通过用户界面过程从显示的查询集中进行查询,同时继续显示所显示的查询集合,使得用户随后可以从所显示的查询集合中选择其他查询,从而将浏览查询的结果集进行交织 显示查询。
-
公开(公告)号:US20150113283A1
公开(公告)日:2015-04-23
申请号:US14588413
申请日:2015-01-01
CPC分类号: H04L9/3247 , G06F21/32 , G06F21/41 , H04L9/3236
摘要: A method of activating credentials that are stored encrypted while inactive. In one embodiment a decryption key is retrieved from a key storage service after the device authenticates to the service by sending a passcode and/or a biometric key, a public key and a signature computed with a private key, the service verifying the signature and comparing a hash of the public key and the passcode and/or biometric key to a reference hash.
摘要翻译: 激活在非活动状态下加密的凭据的方法。 在一个实施例中,在设备通过发送密码和/或生物特征密钥,公开密钥和使用私钥计算的签名来验证签名并比较之后,从密钥存储服务中检索解密密钥 公钥的密钥和密码和/或生物测定密钥的哈希值作为引用散列。
-
公开(公告)号:US20120254776A1
公开(公告)日:2012-10-04
申请号:US13437927
申请日:2012-04-02
IPC分类号: G06F3/048
CPC分类号: G06F3/0481
摘要: A method for visiting a results page of a time-varying result set of a search query. The method includes displaying to a user a list of results belonging to the visited page, each result comprising a hyperlink to a document, a result being de-emphasized if the URL used in its hyperlink is present in a set of URLs of results that are deemed to have been seen by the user. When the user clicks or taps a page menu button to navigate to a different page, the method further includes adding to that set the URLs of the results of the visited page. Page menu buttons are highlighted if they pertain to pages containing results deemed to have been seen by the user.
摘要翻译: 一种用于访问搜索查询的时变结果集的结果页面的方法。 该方法包括向用户显示属于被访问页面的结果的列表,每个结果包括到文档的超链接,如果在其超链接中使用的URL存在于一组结果的URL中,那么结果将被减弱 被视为已被用户看到。 当用户点击或点击页面菜单按钮以导航到不同的页面时,该方法还包括添加到设置访问页面的结果的URL。 如果页面菜单按钮属于包含被用户看到的结果的页面,则会突出显示。
-
公开(公告)号:US20080313721A1
公开(公告)日:2008-12-18
申请号:US12138407
申请日:2008-06-12
申请人: Francisco Corella
发明人: Francisco Corella
IPC分类号: H04L9/32
CPC分类号: G06F21/31 , G06F2221/2101 , G06F2221/2105 , G06F2221/2145 , H04L9/3226 , H04L63/0846 , H04L63/10 , H04L63/1441
摘要: A method of controlling access to an interaction context of a multi-user application includes receiving and tracking over time login requests pertaining to one of a plurality of user accounts of a virtual application instance of the multi-user application, each login request including a login password and each user account including a user password. A login request for the user account is rejected when the login password fails to match the user password of the user account. Access to the user account is denied when a consecutive number of times a login request for the user account is rejected reaches a selected limit. The user is prompted to change the user password of the user account and given limited access to the user account to do so when the user password is a permanent password and a cumulative number of rejected login requests for the user account reaches a selected threshold.
摘要翻译: 控制对多用户应用的交互上下文的访问的方法包括:接收和跟踪与多用户应用的虚拟应用实例的多个用户账户中的一个相关的时间登录请求,每个登录请求包括登录 密码和每个用户帐户包括用户密码。 当登录密码与用户帐户的用户密码无法匹配时,用户帐户的登录请求被拒绝。 当拒绝用户帐户的登录请求的连续次数达到所选择的限制时,对用户帐户的访问被拒绝。 提示用户更改用户帐户的用户密码,并给予用户帐户有限的访问权限,以便用户密码是永久密码,并且用户帐户的拒绝登录请求的累积数量达到所选阈值。
-
公开(公告)号:US07269726B1
公开(公告)日:2007-09-11
申请号:US09483186
申请日:2000-01-14
申请人: Francisco Corella
发明人: Francisco Corella
CPC分类号: H04L9/006 , H04L9/3236 , H04L9/3268 , H04L2209/56 , H04L2209/805
摘要: A public key infrastructure (PKI) includes a subject, a verifier, and certificate authority that issues a first unsigned certificate to the subject that binds a public key of the subject to long-term identification information related to the subject and maintains a certificate database of unsigned certificates in which it stores the first unsigned certificate. The verifier maintains a hash table containing cryptographic hashes of valid unsigned certificates corresponding to the unsigned certificates stored in the certificate database and including a cryptographic hash of the first unsigned certificate. The subject presents the issued first unsigned certificate to the verifier for authentication and demonstrates that the subject has knowledge of a private key corresponding to the public key in the unsigned certificate.
摘要翻译: 公共密钥基础设施(PKI)包括主体,验证者和证书颁发机构,其向主体发布第一个未签名的证书,该主体将主体的公钥绑定到与该主题相关的长期识别信息,并维护一个证书数据库 未签名的证书,用于存储第一个未签名的证书。 验证者维护包含与存储在证书数据库中的未签名证书相对应的有效未签名证书的密码散列的哈希表,并且包括第一个未签名证书的密码散列。 主题向验证者呈现发出的第一个未签名的证书进行身份验证,并证明该主体具有与未签名证书中的公钥对应的私钥知识。
-
8.发明授权公开(公告)号:US06763459B1
公开(公告)日:2004-07-13
申请号:US09483356
申请日:2000-01-14
申请人: Francisco Corella
发明人: Francisco Corella
IPC分类号: G06F124
CPC分类号: H04L9/006 , H04L9/3268 , H04L2209/56 , H04L2209/805
摘要: A PKI includes an off-line registration authority that issues a first unsigned certificate to a subject that binds a public key of the subject to long-term identification information related to the subject and maintains a certificate database of unsigned certificates in which it stores the first unsigned certificate An on-line credentials server issues a short-term disposable certificate to the subject that binds the public key of the subject from the first unsigned certificate to the long-term identification information related to the subject from the first unsigned certificate. The credentials server maintains a table that contains entries corresponding to valid unsigned certificates stored in the certificate database. The subject presents the short-term disposable certificate to a verifier for authentication and demonstrates that the subject has knowledge of a private key corresponding to the public key in the short-term disposable certificate.
摘要翻译: PKI包括离线注册机构,其向主体发布第一个未签名证书,该主体将主体的公钥绑定到与该主题相关的长期识别信息,并维护其中存储第一个的未签名证书的证书数据库 未签名的证书在线凭证服务器向主体发出短期一次性证书,将主体的公钥从第一个未签名的证书绑定到与第一个未签名的证书相关的主题的长期标识信息。 凭证服务器维护一个表,其中包含与存储在证书数据库中的有效未签名证书相对应的条目。 该主题将短期一次性证书提交给验证者进行认证,并证明该主题具有与短期一次性证书中的公钥相对应的私钥的知识。
-
公开(公告)号:US20200153824A1
公开(公告)日:2020-05-14
申请号:US16734316
申请日:2020-01-04
摘要: A method and system are provided for multifactor identification of a subject over a network using a rich credential, with selective disclosure of attributes and selective presentation of verification factors. A credential presentation application negotiates with a verifying server to agree on attributes to be disclosed and verification factors to be presented, and removes unneeded attributes and verification data from the rich credential by pruning subtrees from a typed hash tree without invalidating a signature that covers the root label of the tree. The credential presentation application proves knowledge of a private key, and as agreed upon may prove knowledge of a password and may arrange for biometric presentation applications to present one or more biometric samples to the verifier, which performs presentation attack detection and verifies the samples against verification data in the rich credential.
-
公开(公告)号:US10567377B2
公开(公告)日:2020-02-18
申请号:US15468100
申请日:2017-03-23
摘要: A method and system are provided for multifactor identification of a subject over a network using a rich credential, with selective disclosure of attributes and selective presentation of verification factors. A credential presentation application negotiates with a verifying server to agree on attributes to be disclosed and verification factors to be presented, and removes unneeded attributes and verification data from the rich credential by pruning subtrees from a typed hash tree without invalidating a signature that covers the root label of the tree. The credential presentation application proves knowledge of a private key, and as agreed upon may prove knowledge of a password and may arrange for biometric presentation applications to present one or more biometric samples to the verifier, which performs presentation attack detection and verifies the samples against verification data in the rich credential.
-
-
-
-
-
-
-
-
-
搜索结果
38 条记录 (耗时 0.025 秒)
