公开(公告)号：US20150373006A1

公开(公告)日：2015-12-24

申请号：US14835688

申请日：2015-08-25

申请人： Ty Lindteigen ,  James Chester Jones ,  Dipen Patel ,  Anthony Payne

发明人： Ty Lindteigen ,  James Chester Jones ,  Dipen Patel ,  Anthony Payne

IPC分类号： H04L29/06

CPC分类号： H04L63/08 ,  H04L63/02 ,  H04L63/0435 ,  H04L63/0815 ,  H04L63/083 ,  H04L63/0869 ,  H04L67/24

摘要： This invention includes a system and method to enable a device to determine the presence information of another device over a secure communication network. First, the device and a presence server establish a secure connection. Next, while the initial secure connection with the presence server is established, the device generates a randomly created token and provides it to the presence server. The token is used as a shared-secret by the device and the presence server to secure future presence communications over a non-secure connection. Next, without the need to again enter a password or establish a secure connection with the presence server, the device uses the shared-secret to sign, encrypt and convey presence information to the presence server over an arbitrary connection. Finally, the presence server may share the first device's presence information with another device.

摘要翻译： 本发明包括一种使设备能够通过安全通信网络确定另一设备的存在信息的系统和方法。 首先，设备和存在服务器建立安全连接。 接下来，当建立与存在服务器的初始安全连接时，设备生成随机创建的令牌并将其提供给呈现服务器。 令牌由设备和存在服务器用作共享密钥，以通过非安全连接保护未来存在通信。 接下来，不需要再次输入密码或与存在服务器建立安全连接，设备使用共享秘密通过任意连接对存在服务器进行签名，加密和传送存在信息。 最后，存在服务器可以与另一设备共享第一设备的存在信息。

公开(公告)号：US20150163229A1

公开(公告)日：2015-06-11

申请号：US14623497

申请日：2015-02-16

申请人： Ty Lindteigen

发明人： Ty Lindteigen

IPC分类号： H04L29/06 ,  H04L9/06

CPC分类号： H04L63/123 ,  H04L9/0618 ,  H04L63/1441

摘要： The invention includes a system comprising a device, software installed on the device and coupled to the device's hardware and software stack to execute data encryption and remote attestation. The invention includes a process to configure the device for encryption and remote attestation and performing an initial inventory and content scan of the device's hardware and software stack with results transmitted across a communication network to the attestation server. The invention includes periodic inventory and content scans of the device's hardware and software stack with results transmitted again to the server via the network. The attestation server stores the results in a database for comparison to subsequent results sent by devices. The attestation server notes any differences in the most recent results and sends an alert to the device if the device is configured differently based on the previous scan, or configured the same if no differences were noted.

摘要翻译： 本发明包括一种包括设备，安装在设备上的软件并且耦合到设备的硬件和软件栈以执行数据加密和远程认证的系统。 本发明包括一种用于配置用于加密和远程认证的设备的过程，并且利用通过通信网络传输到认证服务器的结果来执行设备的硬件和软件栈的初始清单和内容扫描。 本发明包括对设备的硬件和软件栈的定期清单和内容扫描，其结果经由网络再次发送到服务器。 认证服务器将结果存储在数据库中，以便与设备发送的后续结果进行比较。 认证服务器记录最新结果中的任何差异，如果设备根据以前的扫描配置不同，则会向设备发送警报，或者如果没有注意到差异，则配置相同。

公开(公告)号：US09692605B2

公开(公告)日：2017-06-27

申请号：US15193026

申请日：2016-06-25

申请人： Ty Lindteigen ,  James Chester Jones

发明人： Ty Lindteigen ,  James Chester Jones

IPC分类号： H04L29/06 ,  H04L9/32 ,  H04L9/08 ,  H04L9/14 ,  H04L9/30

CPC分类号： H04L9/3263 ,  H04L9/083 ,  H04L9/0861 ,  H04L9/14 ,  H04L9/30 ,  H04L63/062 ,  H04L63/0823

摘要： This invention includes a solution to enable a digital authentication solution comprising a network. Next, a first device is coupled to the network. The first device may include an authentication key generator that is able to generate both public and private keys in electronic formats. Next, the first device is coupled to a certificate authority gateway. The certificate authority gateway includes devices capable of converting the electronically formatted public key to a non-electronic format, and vice versa. Next, the certificate authority gateway is coupled to a certificate authority server. The certificate authority server includes devices capable of converting the electronically formatted public key to a non-electronic format, and vice versa. The certificate authority server is also contained in a secure area such as a locked room, or a safe. The secure area includes features that allow the non-electronically formatted public key to be passed across the boundary of the secure area. Finally, a second device is coupled to the network.

公开(公告)号：US20170126623A1

公开(公告)日：2017-05-04

申请号：US15385843

申请日：2016-12-20

申请人： Ty Lindteigen

发明人： Ty Lindteigen

IPC分类号： H04L29/06

CPC分类号： H04L63/029 ,  G06F9/45558 ,  G06F2009/45587 ,  H04L63/0428 ,  H04L63/0823 ,  H04L63/123 ,  H04L63/1441

摘要： The application illustrates methods, apparatuses, and systems for securely transmitting data between a first endpoint device and a second endpoint device comprising the first endpoint device, a first security gateway, a first network infrastructure, a secure network with the secure network enabled to establish a secure communication link directly between the first security gateway and the second security gateway enabling the first endpoint device to transmit data directly to the second endpoint device via the secure communication link.

公开(公告)号：US08270963B1

公开(公告)日：2012-09-18

申请号：US12896794

申请日：2010-10-01

申请人： Steven R. Hart ,  Ty Lindteigen ,  Phil Mar ,  Christopher Paul Wren

发明人： Steven R. Hart ,  Ty Lindteigen ,  Phil Mar ,  Christopher Paul Wren

IPC分类号： H04M3/00

CPC分类号： H04W12/02 ,  G06F8/65 ,  G06F21/53 ,  H04M1/72519 ,  H04W12/08

摘要： A commercial off-the-shelf smartphone is adapted, through software modifications only, to provide multiple operating domains or domains that provide differing levels of security and reliability. Each operating domain is isolated from the others. Detection of unauthorized modification is provided. Cross domain activity notification is provided.

摘要翻译： 仅通过软件修改来调整商业现成的智能手机，以提供提供不同级别的安全性和可靠性的多个操作域或域。 每个操作域与其他域隔离。 提供未经授权的修改检测。 提供跨域活动通知。

公开(公告)号：US07715563B2

公开(公告)日：2010-05-11

申请号：US11357785

申请日：2006-02-16

申请人： Ty Lindteigen

发明人： Ty Lindteigen

IPC分类号： H04L9/32 ,  H04K1/00 ,  H04L9/00 ,  H04L9/30

CPC分类号： H04L9/12

摘要： A state vector acquisition technique for a counter-based cryptographic data communication system is disclosed. The acquisition technique facilitates receipt of the state vector components (the short component and the long components) in any chronological order. The state vector components are saved upon receipt, and a counter for each long component is initialized upon receipt of the long component. After receipt of all components, the receiver device constructs a current state vector value based upon the received component values and the long component counter values.

摘要翻译： 公开了一种用于基于计数器的密码数据通信系统的状态向量获取技术。 采集技术有助于以任何时间顺序接收状态向量分量（短分量和长分量）。 状态向量分量在收到时被保存，并且在接收到长分量时初始化每个长分量的计数器。 在接收到所有组件之后，接收机设备基于接收到的组件值和长组件计数器值构建当前状态向量值。

公开(公告)号：US20070242828A1

公开(公告)日：2007-10-18

申请号：US11403246

申请日：2006-04-12

申请人： Ty Lindteigen

发明人： Ty Lindteigen

IPC分类号： H04L9/00 ,  H04K1/00

CPC分类号： H04L9/065

摘要： A state vector acquisition technique for a counter-based cryptographic data communication system is disclosed. The acquisition technique facilitates receipt of the state vector components (the short component and the long components) in any chronological order. The state vector components are saved upon receipt, and a counter for each long component is initialized upon receipt of the long component. After receipt of all components, the receiver device constructs a current state vector value based upon the received component values and the long component counter values. The transmitter device may be configured to interleave the state vector components in a dynamic manner that is responsive to the current operating environment or the current channel conditions.

摘要翻译： 公开了一种用于基于计数器的密码数据通信系统的状态向量获取技术。 采集技术有助于以任何时间顺序接收状态向量分量（短分量和长分量）。 状态向量分量在收到时被保存，并且在接收到长分量时初始化每个长分量的计数器。 在接收到所有组件之后，接收机设备基于接收到的组件值和长组件计数器值构建当前状态向量值。 发射机设备可以被配置为以响应于当前操作环境或当前信道条件的动态方式交织状态向量分量。

公开(公告)号：US20170091463A1

公开(公告)日：2017-03-30

申请号：US14864863

申请日：2015-09-25

申请人： Ty Lindteigen ,  Anthony Payne

发明人： Ty Lindteigen ,  Anthony Payne

IPC分类号： G06F21/60 ,  H04L9/08

CPC分类号： G06F21/602 ,  G06F21/552 ,  G06F21/606 ,  H04L9/0637 ,  H04L9/0816 ,  H04L9/0841 ,  H04L9/088 ,  H04L2209/24

摘要： The invention includes systems and methods to asymmetrically encrypt audit logs, store a limited period of the encrypted audit logs, periodically send the encrypted audit logs to a central location for storage and further process in order to provide tamper-proof evidence of an activity. The system comprises a secure audit client enabled to perform various activities. A secure audit manager logs such activities in an audit log for uploading to a secure audit server. The secure audit server receives the audit logs from the secure audit manager. Finally a secure audit log consumer requests audit log data from the secure audit log manager to review the secure audit log.

公开(公告)号：US08495731B1

公开(公告)日：2013-07-23

申请号：US12896770

申请日：2010-10-01

申请人： Phil Mar ,  Ty Lindteigen ,  Steven R. Hart ,  Franklin David Van Voorhees ,  Christopher Paul Wren

发明人： Phil Mar ,  Ty Lindteigen ,  Steven R. Hart ,  Franklin David Van Voorhees ,  Christopher Paul Wren

IPC分类号： G06F7/04

CPC分类号： G06F9/468 ,  G06F9/545 ,  G06F21/74 ,  G06F2221/2113 ,  H04L63/0272 ,  H04W12/10

摘要： A commercial off-the-shelf smartphone is adapted, through software modifications only, to provide multiple operating domains or domains that provide differing levels of security and reliability. Each operating domain is isolated from the others. Detection of unauthorized modification is provided. Cross domain activity notification is provided.

摘要翻译： 通过仅通过软件修改来调整商业现成的智能手机，以提供提供不同级别的安全性和可靠性的多个操作域或域。 每个操作域与其他域隔离。 提供未经授权的修改检测。 提供跨域活动通知。

公开(公告)号：US08412175B2

公开(公告)日：2013-04-02

申请号：US13588388

申请日：2012-08-17

申请人： Steven R. Hart ,  Ty Lindteigen ,  Phil Mar ,  Christopher Paul Wren

发明人： Steven R. Hart ,  Ty Lindteigen ,  Phil Mar ,  Christopher Paul Wren

IPC分类号： H04M3/00

CPC分类号： H04W12/02 ,  G06F8/65 ,  G06F21/53 ,  H04M1/72519 ,  H04W12/08

摘要： A method for a mobile communication device to indicate activity associated with an operating domain includes establishing a plurality of operating domains for the mobile communication device each operating as an independent virtual machine. The method also includes providing a trusted indicator at the mobile communication device for indicating activity associated with a high-side domain. The method also includes providing an input on the mobile communication device for switching from a low-side domain to the high-side domain. The method also includes providing a trusted element for the mobile communication device that is independent of either the high-side domain or the low-side domain. The trusted element may be configured to receive a signal from the input for switching from the low-side domain to the high-side domain and to perform user authentication for switching from the low-side domain to the high-side domain.

摘要翻译： 用于指示与操作域相关联的活动的移动通信设备的方法包括为每个作为独立虚拟机操作的移动通信设备建立多个操作域。 该方法还包括在移动通信设备处提供可信指示符，用于指示与高侧域相关联的活动。 该方法还包括在移动通信设备上提供用于从低侧域切换到高侧域的输入。 该方法还包括为独立于高侧域或低侧域的移动通信设备提供可信元素。 可信元件可以被配置为从输入接收用于从低侧域切换到高侧域的信号，并且执行用于从低侧域切换到高侧域的用户认证。