Key distribution method and system in secure broadcast communication
    1.
    发明授权
    Key distribution method and system in secure broadcast communication 失效
    安全广播通信中的密钥分发方法和系统

    公开(公告)号:US06512829B1

    公开(公告)日:2003-01-28

    申请号:US09520627

    申请日:2000-03-07

    IPC分类号: H04L900

    CPC分类号: H04L9/083 H04L2209/601

    摘要: A key distribution method and system are disclosed in which a sender and receivers share a common key information for performing a secure broadcast communication. By use of a center side apparatus, a center generates key information of a receiver in association with a subset inclusive of two or more elements of a proper finite set S1 on the basis of a space determined by a subset inclusive of two or more elements of another finite set S2. A sender side apparatus, a sender makes the multi-address transmission of key distribution data W inclusive of data generated corresponding to each element of the finite set S1 and data generated corresponding to a set of plural receivers through a communication network. By use of a receiver side apparatus, a receiver generates common key information between the sender and the receiver from the key distribution data W and the key information of the receiver.

    摘要翻译: 公开了一种密钥分配方法和系统,其中发送方和接收方共享用于执行安全广播通信的公共密钥信息。 通过使用中心侧装置,中心基于由包括两个或更多个元素的子集确定的空间的空间来生成与包括适当有限集合S1的两个或更多个元素的子集相关联的接收机的密钥信息 另一个有限集S2。 发送方装置,发送方通过通信网络进行密钥分发数据W的多地址传输,包括对应于有限集合S1的每个元素产生的数据和对应于一组多个接收者生成的数据。 通过使用接收机侧设备,接收机从密钥分发数据W和接收者的密钥信息生成发送方和接收方之间的公共密钥信息。

    Key distribution method and system in secure broadcast communication

    公开(公告)号:US6041408A

    公开(公告)日:2000-03-21

    申请号:US882339

    申请日:1997-06-25

    IPC分类号: H04L9/08 H04K1/00

    CPC分类号: H04L9/083 H04L2209/601

    摘要: A key distribution method and system are disclosed in which a sender and receivers share a common key information for performing a secure broadcast communication. By use of a center side apparatus, a center generates key information of a receiver in association with a subset inclusive of two or more elements of a proper finite set S1 on the basis of a space determined by a subset inclusive of two or more elements of another finite set S2. A sender side apparatus, a sender makes the multi-address transmission of key distribution data W inclusive of data generated corresponding to each element of the finite set S1 and data generated corresponding to a set of plural receivers through a communication network. By use of a receiver side apparatus, a receiver generates common key information between the sender and the receiver from the key distribution data W and the key information of the receiver.

    Vulnerability countermeasure device and vulnerability countermeasure method
    3.
    发明授权
    Vulnerability countermeasure device and vulnerability countermeasure method 有权
    脆弱性对策设备和漏洞对策方法

    公开(公告)号:US09372995B2

    公开(公告)日:2016-06-21

    申请号:US14237152

    申请日:2011-09-08

    IPC分类号: G06F21/00 G06F21/57

    CPC分类号: G06F21/577 G06F2221/033

    摘要: A vulnerability countermeasure device stores configuration information associating multiple computers connected via a network and software possessed by each computer, vulnerability information associating the software with information related to the vulnerability of the software, and countermeasure policy information associating the software with a countermeasure policy to be executed if there is a vulnerability in the software; calculates the computer that data will reach based on information related to a route of the data included in the data received from a used terminal; acquires software existing in the computer based on the calculated computer and configuration information; assesses whether or not there is a vulnerability in the acquired software based on the acquired software and the vulnerability information; and is provided with countermeasure unit for executing a countermeasure to a vulnerability in accordance with a countermeasure policy with respect to the software assessed to have the vulnerability.

    摘要翻译: 漏洞对策装置存储将通过网络连接的多台计算机与各计算机拥有的软件相关联的配置信息,将软件与软件的脆弱性相关的信息关联的脆弱性信息以及将软件与要执行的对策策略相关联的对策策略信息 如果软件有一个漏洞; 基于与从使用终端接收到的数据中包含的数据的路径有关的信息计算数据将到达的计算机; 基于计算机和配置信息获取计算机中存在的软件; 根据获取的软件和漏洞信息,评估所获取的软件是否存在漏洞; 并且设置有对应单元,用于根据针对被评估为具有该脆弱性的软件的对策策略来执行对脆弱性的对策。

    SECURITY LEVEL VISUALIZATION DEVICE
    4.
    发明申请
    SECURITY LEVEL VISUALIZATION DEVICE 审中-公开
    安全级别可视化设备

    公开(公告)号:US20130333045A1

    公开(公告)日:2013-12-12

    申请号:US14000489

    申请日:2011-12-08

    IPC分类号: G06F21/57

    摘要: A security level of each service is calculated and visualized. The device includes a security level calculation unit and a security level visualization unit. The security level calculation unit receives information regarding security of the service from a plurality of sensors as observation information, and calculates a security level of each service based on the received observation information and a security level calculation policy. The security level visualization unit outputs the security level of each service, based on the security level calculated by the security level calculation unit and configuration information of the service. Further, the security level calculation policy has a service, a user using the service, and an observation item to be observed in the service. The security level calculation unit calculates the security level in association with the user of the service and the service, based on the security level calculation policy.

    摘要翻译: 计算和可视化每个服务的安全级别。 该设备包括安全级别计算单元和安全级别可视化单元。 安全级别计算单元从多个传感器接收关于服务的安全性的信息作为观察信息,并且基于接收到的观察信息和安全级别计算策略来计算每个服务的安全级别。 安全级别可视化单元基于由安全级别计算单元计算的安全级别和服务的配置信息输出每个服务的安全级别。 此外,安全级别计算策略具有服务,使用该服务的用户以及要在服务中观察的观察项目。 安全级别计算单元基于安全级别计算策略计算与服务和服务的用户相关联的安全级别。

    ENCRYPTED TRAFFIC TEST SYSTEM
    5.
    发明申请
    ENCRYPTED TRAFFIC TEST SYSTEM 审中-公开
    加强交通测试系统

    公开(公告)号:US20120210125A1

    公开(公告)日:2012-08-16

    申请号:US13368620

    申请日:2012-02-08

    IPC分类号: H04L29/06

    CPC分类号: H04L63/1408 H04L63/0428

    摘要: An encrypted traffic test system is disclosed which tests whether or not traffic involving packets over a network is encrypted, the encrypted traffic test system including: a test data acquisition portion configured to receive each of the packets on the network so as to acquire test data from the received packet; an encrypted traffic test portion configured to evaluate the test data acquired by the test data acquisition portion for randomness using a random number testing scheme and, if the test data is evaluated to have randomness, to further determine that the traffic involving the packets including the test data is encrypted traffic; and a test result display portion configured to display a test result from the encrypted traffic test portion on a test result display screen.

    摘要翻译: 公开了一种加密流量测试系统,其测试是否对通过网络进行分组的流量进行加密,所述加密流量测试系统包括:测试数据获取部分,被配置为接收网络上的每个分组,以便从 收到的包; 被配置为使用随机数测试方案来评估由测试数据获取部分获取的随机性的测试数据的加密流量测试部分,并且如果测试数据被评估为具有随机性,则进一步确定涉及包括测试的分组的流量 数据是加密流量; 以及测试结果显示部分,被配置为在测试结果显示屏幕上显示来自加密的流量测试部分的测试结果。

    Client-server system for controlling access rights to certain services by a user of a client terminal
    6.
    发明授权
    Client-server system for controlling access rights to certain services by a user of a client terminal 失效
    客户机 - 服务器系统,用于控制客户端的用户对特定服务的访问权限

    公开(公告)号:US06189032B1

    公开(公告)日:2001-02-13

    申请号:US09015220

    申请日:1998-01-29

    IPC分类号: G06F15173

    CPC分类号: G06F21/40 G06F21/31

    摘要: A client-server system is provided in which access to a service by a user can properly be controlled, even if an approval by another user is required for receiving the service. First, the server 2 executes a log-in processing by using a user identifier and password transmitted from the client terminal 2, and a user control file 202. Next, the server 2 executes a service control by using a service supply request transmitted from the client terminal 1 and a service control file 42 provided with the server. When the server determines that an approval by another user is required for providing the service, the server executes the approval request to the client terminal 1 that the concerned user uses. When the reply to the approval request is affirmative, the server executes the processing in accordance with the foregoing service supply request. When the reply is negative, the server informs to the user who made the foregoing service supply request that the approval is rejected.

    摘要翻译: 提供了一种客户机 - 服务器系统,其中即使需要其他用户的批准来接收服务,用户可以正确地控制对服务的访问。 首先,服务器2通过使用从客户终端2发送的用户标识符和密码以及用户控制文件202来执行登录处理。接下来,服务器2通过使用从服务器2发送的服务提供请求来执行服务控制 客户终端1和提供有服务器的服务控制文件42。 当服务器确定需要其他用户的批准来提供服务时,服务器向相关用户使用的客户终端1执行批准请求。 当对批准请求的答复是肯定的时,服务器根据上述服务提供请求执行处理。 当答复为否定的时候,服务器向用户通知上述服务提供请求是否拒绝批准。

    TOKENIZATION SYSTEM
    7.
    发明申请
    TOKENIZATION SYSTEM 审中-公开
    制导系统

    公开(公告)号:US20120272326A1

    公开(公告)日:2012-10-25

    申请号:US13360569

    申请日:2012-01-27

    IPC分类号: G06F21/24

    CPC分类号: G06Q10/00 G06Q20/363

    摘要: A tokenization unit that tokenizes a real name ID to a different tokenized ID according to a user's service usage situation, a service history analyzing unit that analyzes service history data, a tokenized ID checking unit that determines whether different tokenized IDs are the same in analyzing a plurality of items of service history data including the different tokenized IDs, and a tokenization change management unit that manages a service usage situation the same as that of tokenization by the tokenization unit. The service history analyzing unit performs: a predetermined service history analysis if a target is a service usage situation in which the same tokenized ID appears; and a predetermined service history analysis as different tokenized IDs are considered to be the same user by the tokenized ID checking unit if a target is a service usage situation in which a different tokenized ID appears.

    摘要翻译: 一种令牌化单元,其根据用户的服务使用情况将真实姓名ID标记为不同的标识ID,服务历史分析单元,其分析服务历史数据;令牌化ID检查单元,用于在分析服务历史数据时确定不同的令牌化ID是否相同 多个服务历史数据项目,包括不同的标记化ID,以及令牌化改变管理单元,其管理与令牌化单元的令牌化相同的服务使用情况。 服务历史分析单元执行:如果目标是出现相同标识ID的服务使用情况,则进行预定的服务历史分析; 并且如果目标是出现不同的令牌化ID的服务使用情况,则由令牌化ID检查单元将作为不同标记化ID的预定服务历史分析视为是相同的用户。