公开(公告)号：US20150242616A1

公开(公告)日：2015-08-27

申请号：US14190195

申请日：2014-02-26

申请人： Alina Oprea ,  Kevin D. Bowers ,  Nikolaos Triandopoulos ,  Ting-Fang Yen ,  Ari Juels

发明人： Alina Oprea ,  Kevin D. Bowers ,  Nikolaos Triandopoulos ,  Ting-Fang Yen ,  Ari Juels

IPC分类号： G06F21/44

CPC分类号： G06F21/445 ,  G06F21/32 ,  G06F21/34 ,  G06F2221/2113 ,  G06F2221/2131

摘要： There is disclosed a method for use in credential recovery. In one exemplary embodiment, the method comprises determining a policy that requires at least one trusted entity to verify the identity of a first entity in order to facilitate credential recovery. The method also comprises receiving at least one communication that confirms verification of the identity of the first entity by at least one trusted entity. The method further comprises permitting credential recovery based on the received verification.

摘要翻译： 公开了用于证书恢复的方法。 在一个示例性实施例中，该方法包括确定需要至少一个可信实体来验证第一实体的身份以便于凭证恢复的策略。 该方法还包括接收由至少一个可信实体验证第一实体的身份的至少一个通信。 该方法还包括基于所接收的验证允许凭证恢复。

公开(公告)号：US08984384B1

公开(公告)日：2015-03-17

申请号：US12827097

申请日：2010-06-30

申请人： Ari Juels ,  Kevin D. Bowers ,  Alina Oprea

发明人： Ari Juels ,  Kevin D. Bowers ,  Alina Oprea

IPC分类号： G06F21/62 ,  H04L29/08

CPC分类号： G06F21/6218 ,  G06F21/64 ,  H04L67/1097

摘要： A client device or other processing device comprises a file encoding module, with the file encoding module being configured to separate a file into a plurality of sets of file blocks, to assign sets of the file blocks to respective ones of a plurality of servers, to define a plurality of parity groups each comprising a different subset of the plurality of servers, to assign, for each of the servers, each of its file blocks to at least one of the defined parity groups, and to compute one or more parity blocks for each of the parity groups. The file blocks are stored on their associated servers, and the parity blocks computed for each of the parity groups are stored on respective ones of the servers other than those within that parity group. Such an arrangement advantageously ensures that only a limited number of parity block recomputations are required in response to file block updates.

摘要翻译： 客户端设备或其他处理设备包括文件编码模块，文件编码模块被配置为将文件分离成多组文件块，以将多个文件块的集合分配给多个服务器中的相应的服务器， 定义多个奇偶校验组，每个奇偶校验组包括多个服务器的不同子集，为每个服务器将其每个文件块分配给所定义的奇偶校验组中的至少一个，并计算一个或多个奇偶校验块用于 每个奇偶校验组。 文件块存储在其相关联的服务器上，并且为每个奇偶校验组计算的奇偶校验块存储在除了该奇偶校验组内的那些服务器之外的相应服务器上。 这种安排有利地确保了响应于文件块更新仅需要有限数量的奇偶校验块重新计算。

公开(公告)号：US11511312B2

公开(公告)日：2022-11-29

申请号：US16276764

申请日：2019-02-15

申请人： Nick Dimakos ,  Steven Henry Fyke ,  Tim MacKay ,  Alina Oprea

发明人： Nick Dimakos ,  Steven Henry Fyke ,  Tim MacKay ,  Alina Oprea

IPC分类号： B05C17/005 ,  B65D83/00 ,  B65D47/04 ,  A61K8/02 ,  B05B11/06 ,  A45D44/00 ,  B05B7/14 ,  B05B7/00 ,  B05B11/00

摘要： An applicator for applying fibers to a surface is described herein. The applicator includes a body having a first end and a second end. The first end has a first opening configured to couple to a container housing the fibers and to receive the fibers from the container. The second end has a second opening for dispensing the fibers from the body. The applicator also includes an air flow generating member for creating an air current for propelling the fibers through the second opening as the fibres pass along a pathway between the first opening and the second opening. The fibers are directed along the pathway from the first opening towards the second opening and into the air current by gravity.

公开(公告)号：US08510566B1

公开(公告)日：2013-08-13

申请号：US12568722

申请日：2009-09-29

申请人： Alina Oprea

发明人： Alina Oprea

IPC分类号： H04L9/00

CPC分类号： H04L9/3236 ,  H04L9/3297

摘要： A computer system to authenticate documents periodically appending a hash representing a document to a data structure, the data structure configured to store one or more hashes and creating a commitment for the data structure at pre-established intervals by creating a digest of the one or more hashes of the of the data structure, wherein the size of the commitment is constant regardless of the number of hashes in the data structure. A method, system, and computer product for verifying the existence of a document comprising postulating a state of existence of the document, obtaining, from a server, a proof of existence of the document at a time T, obtaining, from a trusted medium, a commitment for time T, and testing the postulate by determining whether there is a pre-established correspondence between the proof obtained from the server and the commitment obtained from the trusted medium, wherein a successful determination establishes the postulate is true and wherein a negative comparison establishes the postulate is false.

摘要翻译： 用于认证文档的计算机系统周期性地将表示文档的哈希附加到数据结构，所述数据结构被配置为存储一个或多个哈希，并且以预先建立的间隔为数据结构创建承诺，通过创建一个或多个 数据结构的散列，其中承诺的大小是恒定的，而与数据结构中的散列数量无关。 一种用于验证文档的存在的方法，系统和计算机产品，包括假设文档的存在状态，从服务器获得在时间T的文档的存在证明，从可信介质获得， 对时间T的承诺，并且通过确定从服务器获得的证明与从可信介质获得的承诺之间是否存在预先建立的对应关系来测试假设，其中成功的确定确定假设是真实的，并且其中负比较 建立假设是假的。

公开(公告)号：US08132073B1

公开(公告)日：2012-03-06

申请号：US12495189

申请日：2009-06-30

申请人： Kevin D. Bowers ,  Ari Juels ,  Alina Oprea

发明人： Kevin D. Bowers ,  Ari Juels ,  Alina Oprea

IPC分类号： H03M13/00

CPC分类号： H03M13/3761 ,  G06F21/6227 ,  H03M13/1515 ,  H04L9/085 ,  H04L9/0894 ,  H04L9/3242 ,  H04L9/3271

摘要： A client device or other processing device separates a file into blocks and distributes the blocks across multiple servers for storage. In one aspect, subsets of the blocks are allocated to respective primary servers, a code of a first type is applied to the subsets of the blocks to expand the subsets by generating one or more additional blocks for each subset, and the expanded subsets of the blocks are stored on the respective primary servers. A code of a second type is applied to groups of blocks each including one block from each of the expanded subsets to expand the groups by generating one or more additional blocks for each group, and the one or more additional blocks for each expanded group are stored on respective secondary servers. The first and second codes are advantageously configured to provide security against an adversary that is able to corrupt all of the servers over multiple periods of time but fewer than all of the servers within any particular one of the periods of time.

摘要翻译： 客户端设备或其他处理设备将文件分成块并将块分布在多个服务器上进行存储。 在一个方面，将块的子集分配给相应的主服务器，将第一类型的代码应用于块的子集，以通过为每个子集生成一个或多个附加块来扩展子集，并且扩展子集 块存储在相应的主服务器上。 第二类型的代码被应用于每个包括来自每个扩展子集的一个块的块组，以通过为每个组生成一个或多个附加块来扩展组，并且存储每个扩展组的一个或多个附加块 在相应的辅助服务器上。 有利地，第一和第二代码被配置为提供抵御对手的安全性，所述对手能够在多个时间段内破坏所有服务器，但是比所述时间段内的任何特定时间段内的所有服务器更少。

公开(公告)号：US20190255558A1

公开(公告)日：2019-08-22

申请号：US16276764

申请日：2019-02-15

申请人： Nick Dimakos ,  Steven Henry Fyke ,  Tim MacKay ,  Alina Oprea

发明人： Nick Dimakos ,  Steven Henry Fyke ,  Tim MacKay ,  Alina Oprea

IPC分类号： B05C17/005 ,  B65D83/00 ,  A61K8/02 ,  B65D47/04

摘要： An applicator for applying fibers to a surface is described herein. The applicator includes a body having a first end and a second end. The first end has a first opening configured to couple to a container housing the fibers and to receive the fibers from the container. The second end has a second opening for dispensing the fibers from the body. The applicator also includes an air flow generating member for creating an air current for propelling the fibers through the second opening as the fibres pass along a pathway between the first opening and the second opening. The fibers are directed along the pathway from the first opening towards the second opening and into the air current by gravity.

公开(公告)号：US08751804B1

公开(公告)日：2014-06-10

申请号：US13173448

申请日：2011-06-30

申请人： Magnus Nyström ,  Alina Oprea ,  Adam Back

发明人： Magnus Nyström ,  Alina Oprea ,  Adam Back

IPC分类号： H04L29/06

CPC分类号： H04L63/10 ,  H04L63/0428 ,  H04L63/083

摘要： A technique controls access to a file. The technique involves creating a file encryption key based on (i) a user input parameter (e.g., a user password) from a user of the client device and (ii) an automatically generated salt parameter (e.g., a random number). The technique further involves encrypting the file using the file encryption key to form an encrypted copy of the file, and providing the salt parameter to an external storage system to externally store the salt parameter. Access to data within the encrypted copy of the file requires the salt parameter provided to the external storage system.

摘要翻译： 一种技术控制对文件的访问。 该技术涉及基于（i）来自客户端设备的用户的用户输入参数（例如，用户密码）和（ii）自动生成的盐参数（例如，随机数）来创建文件加密密钥。 该技术还涉及使用文件加密密钥来加密文件以形成文件的加密副本，并将盐参数提供给外部存储系统以外部存储salt参数。 访问文件的加密副本中的数据需要提供给外部存储系统的salt参数。

公开(公告)号：US08346742B1

公开(公告)日：2013-01-01

申请号：US13075848

申请日：2011-03-30

申请人： Ari Juels ,  Marten Erik van Dijk ,  Alina Oprea ,  Ronald L. Rivest ,  Emil P. Stefanov

发明人： Ari Juels ,  Marten Erik van Dijk ,  Alina Oprea ,  Ronald L. Rivest ,  Emil P. Stefanov

IPC分类号： G06F17/00

CPC分类号： G06F21/577

摘要： A client device or other processing device comprises a file processing module, with the file processing module being operative to request proof from a file system that a file having a first format is stored by the file system in a second format different than the first format, to receive the proof from the file system, and to verify that the file is stored in the second format using the proof provided by the file system responsive to the request. The proof is based at least in part on application of a function to the file in the second format, and the function imposes a minimum resource requirement on generation of the proof. The file system may comprise one or more servers associated with a cloud storage provider. Advantageously, one or more illustrative embodiments allow a client device to verify that its files are stored by a cloud storage provider in encrypted form or with other appropriate protections.

摘要翻译： 客户端设备或其他处理设备包括文件处理模块，文件处理模块可操作以从文件系统请求证明文件系统以不同于第一格式的第二格式存储具有第一格式的文件， 从文件系统接收证明，并使用响应于该请求的文件系统提供的证明来验证文件是否以第二格式存储。 该证明至少部分地基于第二格式的文件的应用功能，并且该功能对生成证明施加了最低资源要求。 文件系统可以包括与云存储提供商相关联的一个或多个服务器。 有利地，一个或多个说明性实施例允许客户端设备验证其文件由加密形式的云存储提供商或其他适当的保护来存储。