-
公开(公告)号:US20060037073A1
公开(公告)日:2006-02-16
申请号:US10903898
申请日:2004-07-30
申请人: Ari Juels , Ryan Culbertson , Andrea Doherty , Darren Dupre , Norik Kocharyan
发明人: Ari Juels , Ryan Culbertson , Andrea Doherty , Darren Dupre , Norik Kocharyan
CPC分类号: G07F7/1008 , G06F21/31 , G06F21/34 , G06F21/40 , G06F21/77 , G06F2221/2103 , G06F2221/2131 , G06Q20/341 , G06Q20/367 , G06Q20/40145
摘要: A method of controlling access to resources on a smart card, the method involving: providing a list of n questions for presentation to the user, where n is an integer; receiving from the user answers to questions among the list of n questions; determining how many of the received answers are correct; and if a sufficient number of the n questions was answered correctly, granting access to the resources on the smart card.
摘要翻译: 一种控制对智能卡上的资源的访问的方法,所述方法包括:提供用于呈现给用户的n个问题的列表,其中n是整数; 从用户那里收到n个问题列表中的问题的答案; 确定接收到的答案中有多少是正确的; 并且如果正确答复了足够数量的n个问题,则授予访问智能卡上的资源的权限。
-
公开(公告)号:US07461399B2
公开(公告)日:2008-12-02
申请号:US10903898
申请日:2004-07-30
申请人: Ari Juels , Ryan Culbertson , Andrea Doherty , Darren Dupre , Norik Kocharyan
发明人: Ari Juels , Ryan Culbertson , Andrea Doherty , Darren Dupre , Norik Kocharyan
IPC分类号: H04L9/00
CPC分类号: G07F7/1008 , G06F21/31 , G06F21/34 , G06F21/40 , G06F21/77 , G06F2221/2103 , G06F2221/2131 , G06Q20/341 , G06Q20/367 , G06Q20/40145
摘要: A method of controlling access to resources on a smart card, the method involving: providing a list of n questions for presentation to the user, where n is an integer; receiving from the user answers to questions among the list of n questions; determining how many of the received answers are correct; and if a sufficient number of the n questions was answered correctly, granting access to the resources on the smart card.
摘要翻译: 一种控制对智能卡上的资源的访问的方法,所述方法包括:提供用于呈现给用户的n个问题的列表,其中n是整数; 从用户那里收到n个问题列表中的问题的答案; 确定接收到的答案中有多少是正确的; 并且如果正确答复了足够数量的n个问题,则授予访问智能卡上的资源的权限。
-
3.发明授权公开(公告)号:US09471777B1
公开(公告)日:2016-10-18
申请号:US13404839
申请日:2012-02-24
CPC分类号: G06F21/55 , G06F21/45 , H04L9/002 , H04L63/1441
摘要: A processing device is configured to identify a plurality of defensive security actions to be taken to address a persistent security threat to a system comprising information technology infrastructure, and to determine a schedule for performance of the defensive security actions based at least in part on a selected distribution derived from a game-theoretic model, such as a delayed exponential distribution or other type of modified exponential distribution. The system subject to the persistent security threat is configured to perform the defensive security actions in accordance with the schedule in order to deter the persistent security threat. The distribution may be selected so as to optimize defender benefit in the context of the game-theoretic model, where the game-theoretic model may comprise a stealthy takeover game in which attacker and defender entities can take actions at any time but cannot determine current game state without taking an action.
摘要翻译: 处理设备被配置为识别要采取的多个防御性安全措施以解决对包括信息技术基础设施的系统的持续安全威胁,并且至少部分地基于所选择的确定用于执行防御性安全动作的调度 衍生自游戏理论模型的分布,例如延迟指数分布或其他类型的修改指数分布。 受到持续安全威胁的系统被配置为根据时间表执行防御性安全措施,以便阻止持续的安全威胁。 可以选择分配,以便在游戏理论模型的上下文中优化后卫利益,其中游戏理论模型可以包括隐形收购游戏,其中攻击者和后卫实体可以随时采取行动但不能确定当前游戏 状态而不采取行动。
-
公开(公告)号:US09467293B1
公开(公告)日:2016-10-11
申请号:US12975474
申请日:2010-12-22
申请人: John G. Brainard , Ari Juels
发明人: John G. Brainard , Ari Juels
CPC分类号: H04L9/3234 , G06Q20/3823 , G06Q20/40 , H04L9/3228 , H04L9/3231
摘要: A method and system for use in generating authentication codes associated with devices is disclosed. In at least one embodiment, the method and system may generate a secret value that depends on event state data that specifies an operating condition of a device, and may generate a series of authentication codes that depends on the secret value and a series of dynamic values.
摘要翻译: 公开了一种用于生成与设备相关联的认证码的方法和系统。 在至少一个实施例中,该方法和系统可以生成依赖于指定设备的操作条件的事件状态数据的秘密值,并且可以生成取决于秘密值和一系列动态值的一系列认证码 。
-
5.发明授权Methods and apparatus for knowledge-based authentication using historically-aware questionnaires 有权使用历史感知调查表进行知识认证的方法和设备公开(公告)号:US09009844B1
公开(公告)日:2015-04-14
申请号:US13436080
申请日:2012-03-30
IPC分类号: H04L29/06
CPC分类号: H04L9/0675 , H04L9/3271
摘要: Knowledge-based authentication (KBA) is provided using historically-aware questionnaires. The KBA can obtain a plurality of historically different answers from the user to at least one question; challenge the user with the question for a given period of time; receive a response from the user to the question; and grant access to the restricted resource if the response is accurate for the given period of time based on the historically different answers. Alternatively, the KBA can be based on historically aware answers to a set of inter-related questions. The user is challenged with the inter-related questions for a given period of time. Historically different answers can comprise answers with applicable dates, or correct answers to the question over time. Historically aware answers can comprise an answer that is accurate for an indicated date or period of time. An accurate response demonstrates knowledge of multiple related personal events.
摘要翻译: 基于知识的认证(KBA)是使用历史感知的问卷调查表提供的。 KBA可以从用户获得多个历史上不同的答案至少一个问题; 在给定的时间内质疑用户的问题; 接收用户对该问题的回复; 并且如果响应在给定时间段内基于历史上不同的答案准确,则授予对受限资源的访问。 或者,KBA可以基于历史上意识到的一系列相互关联的问题的答案。 用户在给定的时间内受到相互关联的问题的挑战。 历史上不同的答案可以包括适用日期的答案,或者随着时间的推移对问题的正确答案。 历史上意识到的答案可以包含对于指定的日期或时间段的准确的答案。 准确的答复表明了多个相关个人事件的知识。
-
公开(公告)号:US08635465B1
公开(公告)日:2014-01-21
申请号:US13432577
申请日:2012-03-28
申请人: Ari Juels , Alina M. Oprea
发明人: Ari Juels , Alina M. Oprea
IPC分类号: G06F12/14
CPC分类号: H04L63/0428 , G06F21/602 , H04L67/10
摘要: A processing device is configured to maintain counters for respective stored data blocks, and to encrypt a given one of the data blocks utilizing a value of the data block in combination with a value of its associated counter. The encryption may comprise a homomorphic encryption operation performed on the given data block as a function of the value of that data block and the value of its associated counter, with the homomorphic encryption operation comprising an operation such as addition or multiplication performed over a designated field. A given one of the counters is incremented each time the corresponding data block is subject to an update operation. The data block can be encrypted, for example, by combining a value of that data block with an additional value determined using the associated counter value, such as a one-time pad value determined as a function of the counter value.
摘要翻译: 处理设备被配置为维护相应存储的数据块的计数器,并且利用与其相关联的计数器的值相结合的数据块的值来加密给定的一个数据块。 加密可以包括对给定数据块执行的同态加密操作,作为该数据块的值和其相关联的计数器的值的函数,同形加密操作包括在指定字段上执行的加法或乘法 。 每当对应的数据块进行更新操作时,给定的一个计数器递增。 数据块可以被加密,例如通过将该数据块的值与使用相关联的计数器值确定的附加值组合,例如作为计数器值的函数确定的一次性填充值。
-
公开(公告)号:US07472093B2
公开(公告)日:2008-12-30
申请号:US09802278
申请日:2001-03-08
申请人: Ari Juels
发明人: Ari Juels
IPC分类号: G06F17/60
CPC分类号: G06Q30/02 , G06Q40/04 , G06Q50/188
摘要: A system and method for enabling use of detailed consumer profiles for the purposes of targeted information delivery while protecting these profiles from disclosure to information providers or hostile third parties are disclosed herein. Rather than gathering data about a consumer in order to decide which information to send her, an information provider makes use of a client-side executable software module called a negotiant function. The negotiant function acts as a client-side proxy to protect consumer data, and it also directs the targeting of information, requesting items of information from the information provider that are tailored to the profile provided by the consumer.
摘要翻译: 本文公开了一种用于为了有针对性的信息传递目的而使用详细的消费者简档的系统和方法,同时保护这些简档免于向信息提供者或敌对的第三方的披露。 信息提供商不是收集关于消费者的数据,以决定哪些信息发送给她,而是使用称为协商功能的客户端可执行软件模块。 协商功能充当客户端代理来保护消费者数据,并且还指导信息的定位,从信息提供商处请求与消费者提供的简档相匹配的信息。
-
公开(公告)号:US07356696B1
公开(公告)日:2008-04-08
申请号:US09630711
申请日:2000-08-01
申请人: Bjorn Markus Jakobsson , Ari Juels
发明人: Bjorn Markus Jakobsson , Ari Juels
CPC分类号: H04L9/3218
摘要: The bread pudding protocol of the present invention represents a novel use of proofs of work and is based upon the same principle as the dish from which it takes its name, namely, that of reuse to minimize waste. Whereas the traditional bread pudding recipe recycles stale bread, our bread pudding protocol recycles the “stale” computations in a POW to perform a separate and useful task, while also maintaining privacy in the task. In one advantageous embodiment of our bread pudding protocol, we consider the computationally intensive operation of minting coins in the MicroMint scheme of Rivest and Shamir and demonstrate how the minting operation can be partitioned into a collection of POWs, which are then used to shift the burden of the minting operation onto a large group of untrusted computational devices. Thus, the computational effort invested in the POWs is recycled to accomplish the minting operation.
摘要翻译: 本发明的面包布丁方案代表了工作证明的新颖用途,并且基于与其名称相同的原理,即重复使用以最小化废物的原理。 而传统的面包布丁配方回收陈旧的面包,我们的面包布丁协议回收了一个POW中的“陈旧”计算,以执行一个单独和有用的任务,同时保持任务中的隐私。 在我们的面包布丁协议的一个有利的实施例中,我们考虑在Rivest和Shamir的MicroMint方案中的铸币的计算密集操作,并且演示了铸造操作如何被划分成一组POWs,然后将其用于转移负担 的铸造操作到一大堆不可信的计算设备上。 因此,投资于战俘的计算工作被循环利用,以完成造币操作。
-
9.发明授权Radio frequency identification system with privacy policy implementation based on device classification 有权基于设备分类的具有隐私策略实现的射频识别系统公开(公告)号:US07298243B2
公开(公告)日:2007-11-20
申请号:US10915189
申请日:2004-08-10
申请人: Ari Juels , John G. Brainard
发明人: Ari Juels , John G. Brainard
IPC分类号: H04Q5/22
CPC分类号: G06K7/10019 , G06K7/0008
摘要: Methods and apparatus are disclosed for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices. In accordance with an aspect of the invention, identifiers transmitted by the RFID devices are received by the reader. The system determines a classification of at least one of the received identifiers, and implements a privacy policy for data associated with one or more of the received identifiers based at least in part on the determined classification. For example, the given RFID device may be configurable into at least a first state indicative of a first classification, such as a private classification, and a second state indicative of a second classification, such as a public classification. The reader may alter a type of query that it issues based at least in part on the determined classification. Alternatively or additionally, response by the given RFID device to a query received from the reader may be conditioned on the state of the RFID device. The reader may be configured, dynamically or otherwise, so as to issue queries causing such selective responses by the RFID devices.
摘要翻译: 公开了用于RFID系统中的方法和装置,所述RFID系统包括多个RFID设备和至少一个与一个或多个设备通信的读取器。 根据本发明的一个方面,读取器接收由RFID设备发送的标识符。 系统确定所接收的标识符中的至少一个的分类,并且至少部分地基于所确定的分类,针对与一个或多个所接收的标识符相关联的数据实施隐私策略。 例如,给定的RFID设备可以被配置为指示诸如私有分类的第一分类的第一状态和指示诸如公共分类的第二分类的第二状态。 读者可以至少部分地基于所确定的分类来改变它所发出的查询的类型。 或者或另外,由给定的RFID设备对从读取器接收的查询的响应可以根据RFID设备的状态进行调节。 可以动态地或以其他方式配置读取器,以便发出引起RFID设备的这种选择性响应的查询。
-
公开(公告)号:US20060022799A1
公开(公告)日:2006-02-02
申请号:US11191633
申请日:2005-07-28
申请人: Ari Juels
发明人: Ari Juels
IPC分类号: H04Q5/22
CPC分类号: G06K7/10019 , G06K7/0008
摘要: Methods and apparatus are disclosed for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices. In one aspect of the invention, an identifier transmitted by a given one of the RFID devices is received by a reader or by an associated verifier via the reader. At least first and second codes are determined, by the reader or verifier, with the first code being a valid code for the identifier, and the second code being an invalid code for the identifier. The reader, or verifier via the reader, communicates with the given device to determine if the device is able to confirm that the first code is a valid code and the second code is an invalid code.
摘要翻译: 公开了用于RFID系统中的方法和装置,所述RFID系统包括多个RFID设备和至少一个与一个或多个设备通信的读取器。 在本发明的一个方面,由RFID读取器中的给定的一个发送的标识符由读取器或相关联的验证器经由读取器接收。 至少第一和第二代码由读取器或验证者确定,第一代码是标识符的有效代码,第二代码是标识符的无效代码。 读取器或验证器经由读取器与给定设备通信以确定设备是否能够确认第一代码是有效代码,而第二代码是无效代码。
-
-
-
-
-
-
-
-
-
搜索结果
85 条记录 (耗时 0.045 秒)
