-
1.发明申请Enforcing time-based transaction policies on devices lacking independent clocks 有权对缺乏独立时钟的设备执行基于时间的交易策略公开(公告)号:US20070058812A1
公开(公告)日:2007-03-15
申请号:US11216363
申请日:2005-08-31
IPC分类号: H04K1/00
CPC分类号: G06F1/14 , H04J3/0638 , H04L9/3234 , H04L9/3271 , H04L9/3297 , H04L63/0846 , H04L63/166 , H04L2209/56
摘要: A system and a method for operating a device that is not capable of independently maintaining a local time clock to enforce a time-based transaction policy that requires a reliable time reference. The device establishes a secure communications channel to one or more network-attached time sources and inquires of each of the network-attached time-sources as to the current time using the secure communications channel. The device receives the current time from the network-attached time-sources and uses the received current times to estimate a current calendar time and to compute a reliability index associated with the estimated current calendar time. The device uses the estimated current calendar time and reliability index to enforce the time-based transaction policy.
摘要翻译: 一种用于操作不能独立地维护本地时钟的设备的系统和方法,以执行需要可靠时间参考的基于时间的事务策略。 设备建立到一个或多个网络连接的时间源的安全通信信道,并且使用安全通信信道查询关于当前时间的网络连接的时间源中的每一个。 设备从网络连接的时间源接收当前时间,并使用接收到的当前时间来估计当前日历时间,并计算与估计的当前日历时间相关联的可靠性指标。 该设备使用估计的当前日历时间和可靠性指数来执行基于时间的交易策略。
-
2.发明授权Enforcing time-based transaction policies on devices lacking independent clocks 有权对缺乏独立时钟的设备执行基于时间的交易策略公开(公告)号:US07926096B2
公开(公告)日:2011-04-12
申请号:US11216363
申请日:2005-08-31
IPC分类号: H04L29/06
CPC分类号: G06F1/14 , H04J3/0638 , H04L9/3234 , H04L9/3271 , H04L9/3297 , H04L63/0846 , H04L63/166 , H04L2209/56
摘要: A system and a method for operating a device that is not capable of independently maintaining a local time clock to enforce a time-based transaction policy that requires a reliable time reference. The device establishes a secure communications channel to one or more network-attached time sources and inquires of each of the network-attached time-sources as to the current time using the secure communications channel. The device receives the current time from the network-attached time-sources and uses the received current times to estimate a current calendar time and to compute a reliability index associated with the estimated current calendar time. The device uses the estimated current calendar time and reliability index to enforce the time-based transaction policy.
摘要翻译: 一种用于操作不能独立地维护本地时钟的设备的系统和方法,以执行需要可靠时间参考的基于时间的事务策略。 设备建立到一个或多个网络连接的时间源的安全通信信道,并且使用安全通信信道查询关于当前时间的网络连接的时间源中的每一个。 设备从网络连接的时间源接收当前时间,并使用接收到的当前时间来估计当前日历时间,并计算与估计的当前日历时间相关联的可靠性指标。 该设备使用估计的当前日历时间和可靠性指数来执行基于时间的交易策略。
-
3.发明授权Method for secure delegation of trust from a security device to a host computer application for enabling secure access to a resource on the web 有权将信任从安全设备安全地委派给主计算机应用程序以实现对网络上的资源的安全访问的方法公开(公告)号:US07565536B2
公开(公告)日:2009-07-21
申请号:US11219466
申请日:2005-09-02
申请人: Apostol Vassilev , Kapil Sachdeva
发明人: Apostol Vassilev , Kapil Sachdeva
CPC分类号: H04L9/3234 , H04L9/3263 , H04L63/0823 , H04L63/0853
摘要: Secure authentication of a user on a host computer to a web server including a security device acquiring trust or a security context from the web server. The security device is operable of providing an X.509 certificate to a browser plug-in on the host computer. The browser plug-in on the host computer performing authentication of the security device and in response providing user credentials to the security device. The security device performing authentication of the user and requests a security context from the web server. In response, the web server provides a security context to the security device. The security device delegates the web server trust by transmitting the context to the host computer and enabling the user to securely access resources on the web server.
摘要翻译: 将主机上的用户安全认证到Web服务器,包括从Web服务器获取信任或安全上下文的安全设备。 安全设备可操作以向主机上的浏览器插件提供X.509证书。 主机上的浏览器插件执行安全设备的认证,并响应向安全设备提供用户凭证。 所述安全设备执行所述用户的认证并从所述Web服务器请求安全上下文。 作为响应,Web服务器向安全设备提供安全上下文。 安全设备通过将上下文传送到主计算机来委托Web服务器信任,并使得用户能够安全地访问web服务器上的资源。
-
4.发明申请Method for secure delegation of trust from a security device to a host computer application for enabling secure access to a resource on the web 有权将信任从安全设备安全地委派给主计算机应用程序以实现对网络上的资源的安全访问的方法公开(公告)号:US20070056025A1
公开(公告)日:2007-03-08
申请号:US11219466
申请日:2005-09-02
申请人: Kapil Sachdeva , Apostol Vassilev
发明人: Kapil Sachdeva , Apostol Vassilev
IPC分类号: H04L9/32
CPC分类号: H04L9/3234 , H04L9/3263 , H04L63/0823 , H04L63/0853
摘要: Secure authentication of a user on a host computer to a web server including a security device acquiring trust or a security context from the web server. The security device is operable of providing an X.509 certificate to a browser plug-in on the host computer. The browser plug-in on the host computer performing authentication of the security device and in response providing user credentials to the security device. The security device performing authentication of the user and requests a security context from the web server. In response, the web server provides a security context to the security device. The security device delegates the web server trust by transmitting the context to the host computer and enabling the user to securely access resources on the web server.
摘要翻译: 将主机上的用户安全认证到Web服务器,包括从Web服务器获取信任或安全上下文的安全设备。 安全设备可操作地向主机上的浏览器插件提供X.509证书。 主机上的浏览器插件执行安全设备的认证,并响应向安全设备提供用户凭证。 所述安全设备执行所述用户的认证并从所述Web服务器请求安全上下文。 作为响应,Web服务器向安全设备提供安全上下文。 安全设备通过将上下文传送到主计算机来委托Web服务器信任,并使得用户能够安全地访问web服务器上的资源。
-
5.发明授权Imparting digital uniqueness to the types of a programming language using a unique digital sequence 失效使用独特的数字序列,将数字唯一性传递给编程语言的类型公开(公告)号:US07698703B2
公开(公告)日:2010-04-13
申请号:US11170572
申请日:2005-06-29
申请人: Kapil Sachdeva , Sylvain Prevost
发明人: Kapil Sachdeva , Sylvain Prevost
IPC分类号: G06F9/45
CPC分类号: G06F9/44521 , G06F9/44552
摘要: A system and method for establishing uniqueness in type definition names. Each application vendor has associated therewith a unique data sequence. The data sequence is combined with the type definition name and then a digital operation is performed to produce a unique digital identifier that is used in place of the type name.
摘要翻译: 一种用于在类型定义名称中建立唯一性的系统和方法。 每个应用程序供应商都与其相关联的唯一数据序列。 将数据序列与类型定义名称组合,然后执行数字操作以产生用于代替类型名称的唯一数字标识符。
-
公开(公告)号:US20060047954A1
公开(公告)日:2006-03-02
申请号:US10929208
申请日:2004-08-30
申请人: Kapil Sachdeva , Sylvain Prevost
发明人: Kapil Sachdeva , Sylvain Prevost
IPC分类号: H04L9/00
CPC分类号: G06F21/6218
摘要: Providing application programs the right to access a data item while preventing security breaches, allowing applications and data to be independently updated, and allowing multiple applications to share the data item. Each application program has associated therewith a first public key and each data file has associated therewith a second public key. If these public keys match for a particular application program and data file, the application program is granted access to the data file.
摘要翻译: 为应用程序提供访问数据项的权利,同时防止安全漏洞,允许独立更新应用程序和数据,并允许多个应用程序共享数据项。 每个应用程序已经将第一公共密钥与每个应用程序相关联,并且每个数据文件与其相关联地具有第二公共密钥。 如果这些公共密钥与特定的应用程序和数据文件相匹配,则应用程序被授权访问数据文件。
-
7.发明申请Imparting digital uniqueness to the types of a programming language using a unique digital sequence 失效使用独特的数字序列,将数字唯一性传递给编程语言的类型公开(公告)号:US20070000995A1
公开(公告)日:2007-01-04
申请号:US11170572
申请日:2005-06-29
申请人: Kapil Sachdeva , Sylvain Prevost
发明人: Kapil Sachdeva , Sylvain Prevost
IPC分类号: G06K5/00
CPC分类号: G06F9/44521 , G06F9/44552
摘要: A system and method for establishing uniqueness in type definition names. Each application vendor has associated therewith a unique data sequence. The data sequence is combined with the type definition name and then a digital operation is performed to produce a unique digital identifier that is used in place of the type name.
摘要翻译: 一种用于在类型定义名称中建立唯一性的系统和方法。 每个应用程序供应商都与其相关联的唯一数据序列。 将数据序列与类型定义名称组合,然后执行数字操作以产生用于代替类型名称的唯一数字标识符。
-
公开(公告)号:US20060047955A1
公开(公告)日:2006-03-02
申请号:US10929221
申请日:2004-08-30
申请人: Sylvain Prevost , Kapil Sachdeva
发明人: Sylvain Prevost , Kapil Sachdeva
IPC分类号: H04L9/00
CPC分类号: G06F21/54
摘要: Protecting an application of a multi-application smart card against unauthorized manipulations. A system and method for guarding against unauthorized modifications includes partitioning the application into a plurality of basic blocks. Basic blocks are programming atomic units that have one entry point and one exit point and comprises a set of data units. For each basic block a check value associated with a basic block is computed wherein the check value is a function of the data units of the basic block. This check value is some how remembered and later recalled and checked either during execution of the corresponding basic block of the application program or prior to execution of the application program. During or prior to execution of the basic block the re-computed check value is verified to be the same as the remembered check value. If not, an error condition is indicated and a corrective action may be taken.
摘要翻译: 保护多应用智能卡的应用免受未经授权的操纵。 用于防止未经授权的修改的系统和方法包括将应用程序划分为多个基本块。 基本块是具有一个入口点和一个出口点并且包括一组数据单元的编程原子单元。 对于每个基本块,计算与基本块相关联的校验值,其中校验值是基本块的数据单元的函数。 该检查值是在应用程序的相应基本块的执行期间之前或在执行应用程序之前的一些如何被记住并且随后被调用和检查。 在执行基本块期间或之前,重新计算的检查值被验证为与记住的检查值相同。 如果没有,则指示错误状况并且可以采取纠正措施。
-
公开(公告)号:US07665667B2
公开(公告)日:2010-02-23
申请号:US11241340
申请日:2005-09-30
申请人: Sylvain Prevost , Kapil Sachdeva
发明人: Sylvain Prevost , Kapil Sachdeva
IPC分类号: G06K19/06
CPC分类号: G07F7/1008 , G06Q20/341 , G06Q20/3552 , G06Q20/35765
摘要: Updating the access control of a smart card at multiple points of the smart card life cycle. The system and method for updating the access control mechanisms during the smart card life cycle includes implementing an interface having a method for providing access control and a method for registering an access manager as an active access manager. In response to a request to register an access manager, the system and method executes the method for determining whether registering the access manager may be allowed.
摘要翻译: 在智能卡生命周期的多个点更新智能卡的访问控制。 用于在智能卡生命周期期间更新访问控制机制的系统和方法包括实现具有用于提供访问控制的方法的接口和用于将访问管理器注册为主动访问管理器的方法。 响应于注册访问管理器的请求,系统和方法执行用于确定是否允许注册访问管理器的方法。
-
公开(公告)号:US20060076420A1
公开(公告)日:2006-04-13
申请号:US11241340
申请日:2005-09-30
申请人: Sylvain Prevost , Kapil Sachdeva
发明人: Sylvain Prevost , Kapil Sachdeva
IPC分类号: G06K19/06
CPC分类号: G07F7/1008 , G06Q20/341 , G06Q20/3552 , G06Q20/35765
摘要: Updating the access control of a smart card at multiple points of the smart card life cycle. The system and method for updating the access control mechanisms during the smart card life cycle includes implementing an interface having a method for providing access control and a method for registering an access manager as an active access manager. In response to a request to register an access manager, the system and method executes the method for determining whether registering the access manager may be allowed.
摘要翻译: 在智能卡生命周期的多个点更新智能卡的访问控制。 用于在智能卡生命周期期间更新访问控制机制的系统和方法包括实现具有用于提供访问控制的方法的接口和用于将访问管理器注册为主动访问管理器的方法。 响应于注册访问管理器的请求,系统和方法执行用于确定是否允许注册访问管理器的方法。
-
-
-
-
-
-
-
-
-
搜索结果
21 条记录 (耗时 0.028 秒)
