PACKET SOURCE AUTHENTICATION METHOD USING SINGLE-BUFFERED HASH IN MULTICAST ENVIRONMENT AND APPARATUS FOR THE SAME
    1.
    发明申请
    PACKET SOURCE AUTHENTICATION METHOD USING SINGLE-BUFFERED HASH IN MULTICAST ENVIRONMENT AND APPARATUS FOR THE SAME 有权
    在多播环境中使用单缓冲的分组源认证方法及其设备

    公开(公告)号:US20130054974A1

    公开(公告)日:2013-02-28

    申请号:US13593469

    申请日:2012-08-23

    IPC分类号: H04L9/32

    摘要: A source authentication method and apparatus according to the present invention are disclosed. The source authentication method is performed with respect to a transmission packet on a message transmission side, and includes generating a first hash value to which a first hash function is applied using a message to be included in a next packet and a key value, and generating the transmission packet including the first hash value, wherein the key value is one of at least one key value generated in advance by applying a second hash function. Meanwhile, according to the present invention, effective low-cost multicast authentication may be performed by reducing a variety of loads such as buffer management, key calculation costs, and the like.

    摘要翻译: 公开了根据本发明的源认证方法和装置。 针对消息发送侧的发送分组执行源认证方法,并且包括使用要包括在下一个分组中的消息和密钥值来生成应用了第一散列函数的第一散列值,并且生成 所述发送分组包括所述第一哈希值,其中所述键值是通过应用第二哈希函数预先生成的至少一个键值之一。 同时,根据本发明,可以通过减少诸如缓冲器管理,密钥计算成本等的各种负载来执行有效的低成本多播认证。

    SYSTEM AND METHOD FOR MANAGING DIGITAL CONTENTS
    2.
    发明申请
    SYSTEM AND METHOD FOR MANAGING DIGITAL CONTENTS 审中-公开
    用于管理数字内容的系统和方法

    公开(公告)号:US20120117090A1

    公开(公告)日:2012-05-10

    申请号:US13286682

    申请日:2011-11-01

    IPC分类号: G06F17/30

    CPC分类号: G06F16/353 G06F16/3347

    摘要: Disclosed are a system and method for managing digital contents. An exemplary embodiment according to the present invention provides to a system for managing digital contents, including a learning module extracting feature vectors of input digital contents and performing column subspace mapping on the feature vectors to calculate a column subspace projection matrix; an index module using the matrix to perform an index work on the digital contents and then, storing the matrix and the digital contents; and a search module performing the column subspace mapping on the feature vectors of query data when the query data for searching the digital contents are input and searching the digital contents indexed by the matrix having high similarity to the mapped feature vectors of the query data.

    摘要翻译: 公开了一种用于管理数字内容的系统和方法。 根据本发明的示例性实施例提供一种用于管理数字内容的系统,包括学习模块,提取输入数字内容的特征向量,并对特征向量执行列子空间映射以计算列子空间投影矩阵; 使用所述矩阵对所述数字内容执行索引工作,然后存储所述矩阵和所述数字内容的索引模块; 以及搜索模块,当输入用于搜索数字内容的查询数据时,对查询数据的特征向量执行列子空间映射,并且搜索由与查询数据的映射特征向量具有高相似性的矩阵索引的数字内容。

    Packet intrusion detection rule simplification apparatus and method, and packet intrusion detection apparatus and method using simplified intrusion detection rule
    5.
    发明授权
    Packet intrusion detection rule simplification apparatus and method, and packet intrusion detection apparatus and method using simplified intrusion detection rule 失效
    分组入侵检测规则简化装置和方法,以及使用简化入侵检测规则的分组入侵检测装置和方法

    公开(公告)号:US07158024B2

    公开(公告)日:2007-01-02

    申请号:US11004322

    申请日:2004-12-03

    IPC分类号: G08B29/00

    CPC分类号: H04L63/1408 G06F21/55

    摘要: A packet intrusion detection rule simplification apparatus and method and an intrusion detection apparatus and method are provided. Test conditions of at least one intrusion detection rules are rearranged based on test items, and the same test conditions for the same test items are grouped. Group rules having a connection structure of the test conditions are generated so that the test items and orders of the intrusion detection rules are satisfied. A common rule consisting of test conditions existing at the test start positions in the connection structure of the group rules is generated. Next, packet intrusion detection is performed by using the common rule, and the packet intrusion detection is performed by using the group rules. According, it is possible to reduce a load involved in the intrusion detection process by using the grouped and simplified intrusion detection rules.

    摘要翻译: 提供了一种分组入侵检测规则简化装置和方法以及入侵检测装置和方法。 至少一个入侵检测规则的测试条件基于测试项目进行重新排列,同一测试项目的相同测试条件进行分组。 生成具有测试条件的连接结构的组规则,使得入侵检测规则的测试项目和顺序得到满足。 产生由组规则的连接结构中的测试开始位置存在的测试条件组成的通用规则。 接下来,通过使用公共规则来执行分组入侵检测,并且通过使用组规则来执行分组入侵检测。 据介绍,通过使用分组和简化的入侵检测规则,可以减少入侵检测过程中涉及的负载。

    Masking addition operation device for prevention of side channel attack
    6.
    发明授权
    Masking addition operation device for prevention of side channel attack 失效
    用于防止侧面信道攻击的掩蔽加法运算装置

    公开(公告)号:US08774406B2

    公开(公告)日:2014-07-08

    申请号:US13333324

    申请日:2011-12-21

    摘要: A masking addition operation apparatus for prevention of a side channel attack, includes a random value generation unit generating a first random value for a first input, second random value for a second input, and a summation random value. The masking addition operation apparatus includes an operation part performing an operation on the first and second random values, a previous carry input, and first and second masked random values generated based on the first and second random values. The masking addition operation apparatus includes a carry generator generating a carry input using a result of the operation part; and a summation bit generator generating a summation bit using the summation random value, the first and second random values, the previous carry input and the first and second masked random values.

    摘要翻译: 一种用于防止侧信道攻击的掩蔽加法运算装置,包括产生用于第一输入的第一随机值,第二输入的第二随机值和求和随机值的随机值生成单元。 掩蔽附加运算装置包括对第一和第二随机值执行操作的操作部分,先前进位输入以及基于第一和第二随机值生成的第一和第二屏蔽随机值。 掩蔽加法运算装置包括使用运算部的结果生成进位输入的进位发生器; 以及求和位发生器,其使用求和随机值,第一和第二随机值,先前进位输入和第一和第二屏蔽随机值产生求和位。

    CONDITIONALLY TRACEABLE ANONYMOUS SERVICE SYSTEM
    7.
    发明申请
    CONDITIONALLY TRACEABLE ANONYMOUS SERVICE SYSTEM 审中-公开
    有条件的可追溯性无偿服务系统

    公开(公告)号:US20100138929A1

    公开(公告)日:2010-06-03

    申请号:US12622222

    申请日:2009-11-19

    IPC分类号: G06F21/00

    CPC分类号: H04L63/0407

    摘要: Conditionally traceable anonymous service system is provided. The system respectively separates subject conforming real name, subject conforming anonymity, subject requesting verification for an anonymity certification means, so that privacy of a user is hardly violated, the present invention can acquire real name information for the user only when a trace for a user is surely requested.

    摘要翻译: 提供有条件的可追溯匿名服务系统。 该系统分别分离主体一致的实名,主体符合匿名性,主体请求验证匿名认证手段,使得用户的隐私几乎不被侵犯,本发明可以仅在用户的跟踪时才获取用户的真实姓名信息 肯定要求

    AUTOMATIC MANAGING SYSTEM AND METHOD FOR INTEGRITY REFERENCE MANIFEST
    8.
    发明申请
    AUTOMATIC MANAGING SYSTEM AND METHOD FOR INTEGRITY REFERENCE MANIFEST 审中-公开
    自动管理系统和完整性参考清单的方法

    公开(公告)号:US20100077477A1

    公开(公告)日:2010-03-25

    申请号:US12424771

    申请日:2009-04-16

    IPC分类号: G08B21/00

    摘要: The present invention relates to a system for automatically managing integrity reference information and a method of managing the same. The system includes one or more systems, a system management server, and an integrity management server. The systems are connected over a network and communication with each other. Each of the systems has an integrity measurement program to generate integrity information. The system management server has registration information about each of the systems connected over the network and registration information about a program distributed to each of the systems. Further, the system management server controls network access by each of the systems. If integrity reference information matching integrity information provided from a specific system does not exist in pieces of integrity reference information for verifying integrity of each of the systems, the integrity management server determines whether to register the integrity information as integrity reference information of the specific system depending on whether the specific system has been registered with the system management server.

    摘要翻译: 本发明涉及一种用于自动管理完整性参考信息的系统及其管理方法。 系统包括一个或多个系统,系统管理服务器和完整性管理服务器。 系统通过网络连接并进行通信。 每个系统都有一个完整性测量程序来生成完整性信息。 系统管理服务器具有关于通过网络连接的每个系统的注册信息和关于分发给每个系统的程序的注册信息。 此外,系统管理服务器控制每个系统的网络访问。 如果从特定系统提供的完整性信息匹配的完整性参考信息不存在用于验证每个系统的完整性的完整性参考信息,则完整性管理服务器确定是否将完整性信息注册为特定系统的完整性参考信息依赖 关于具体系统是否已经向系统管理服务器注册。

    METHOD AND SYSTEM FOR PROVIDING SINGLE SIGN-ON SERVICE
    9.
    发明申请
    METHOD AND SYSTEM FOR PROVIDING SINGLE SIGN-ON SERVICE 审中-公开
    提供单点登录服务的方法和系统

    公开(公告)号:US20090119763A1

    公开(公告)日:2009-05-07

    申请号:US12182536

    申请日:2008-07-30

    IPC分类号: H04L9/32

    摘要: Provided is a method and system for providing an SSO service enabling the use of Web services in different trusted domains through a one-time authentication process. In the method, mutual authentication information is issued from a trusted third party to each of ID-federation service providers managing each of trusted domains, and an ID federation established between the ID-federation service provider and a user in the trusted domain of the ID-federation service provider. The first ID-federation service provider managing the first trusted domain, to which the user belongs to, is confirmed when a Web service provider in the second trusted domain receives a login request from the user in the first trusted domain. User authentication and mutual authentication arc performed between the first ID-federation service provider and a second ID-federation service provider managing the second trusted domain. The Web service provider authenticates the user in the first trusted domain and provides a corresponding Web service.

    摘要翻译: 提供了一种用于提供SSO服务的方法和系统,其允许通过一次认证过程在不同的可信域中使用Web服务。 在该方法中,从受信任的第三方向管理每个受信任域的每个ID联合服务提供商发出相互认证信息,以及在ID联合服务提供商与ID的可信域中的用户之间建立的ID联合 -federation服务提供商。 当第二受信任域中的Web服务提供商从第一信任域中的用户接收到登录请求时,确认管理用户所属的第一可信域的第一ID-联合服务提供商。 在第一ID联合服务提供商和管理第二可信域的第二ID联合服务提供商之间执行用户认证和相互认证。 Web服务提供商对第一个受信任域中的用户进行身份验证,并提供相应的Web服务。

    ANONYMOUS AUTHENTICATION-BASED PRIVATE INFORMATION MANAGEMENT SYSTEM AND METHOD
    10.
    发明申请
    ANONYMOUS AUTHENTICATION-BASED PRIVATE INFORMATION MANAGEMENT SYSTEM AND METHOD 失效
    基于匿名认证的私人信息管理系统和方法

    公开(公告)号:US20100146603A1

    公开(公告)日:2010-06-10

    申请号:US12465999

    申请日:2009-05-14

    IPC分类号: H04L9/32

    CPC分类号: H04L63/0407 H04L63/0823

    摘要: An anonymous authentication-based private information management (PIM) system and method are provided. The PIM method includes receiving an anonymous certificate not including user information from an anonymous certification authority; generating an anonymous document including the anonymous certificate and some of the user information; and providing the anonymous document to a web service provider so as to be authenticated and thus provided with a web service by the web service provider. Thus, only a minimum of user information may be provided to the web service provider. In addition, it is possible to strengthen a user's right to self-determination and control over the exposure and use of his or her personal information by allowing a user to manage his or her own personal information or entrusting the PIM server to manage user information. Moreover, it is possible to protect the privacy of a user by preventing the exposure of user information.

    摘要翻译: 提供了基于匿名认证的私人信息管理(PIM)系统和方法。 PIM方法包括从匿名认证机构接收不包括用户信息的匿名证书; 生成包括匿名证书和一些用户信息的匿名文档; 以及将该匿名文件提供给web服务提供商,以便被认证,从而由web服务提供商提供Web服务。 因此,可以仅向Web服务提供商提供最少的用户信息。 另外,通过允许用户管理自己的个人信息或委托PIM服务器来管理用户信息,可以加强用户的自我决定权和对自己的个人信息的使用和使用的控制权。 此外,可以通过防止用户信息的暴露来保护用户的隐私。