-
1.发明授权Method of negotiating security parameters and authenticating users interconnected to a network 有权协商安全参数和认证与网络互连的用户的方法公开(公告)号:US08275989B2
公开(公告)日:2012-09-25
申请号:US12500381
申请日:2009-07-09
IPC分类号: H04L29/06
CPC分类号: H04L63/061 , H04L9/0844 , H04L63/0823 , H04L63/164 , H04L63/20
摘要: A method for authenticating and negotiating security parameters among two or more network devices is disclosed. The method has a plurality of modes including a plurality of messages exchanged between the two or more network devices. In a main mode, the two or more network devices establish a secure channel and select security parameters to be used during a quick mode and a user mode. In the quick mode, the two or more computers derive a set of keys to secure data sent according to a security protocol. The optional user mode provides a means of authenticating one or more users associated with the two or more network devices. A portion of the quick mode is conducted during the main mode thereby minimizing the plurality of messages that need to be exchanged between the initiator and the responder.
摘要翻译: 公开了一种用于在两个或多个网络设备之间认证和协商安全参数的方法。 该方法具有多个模式,包括在两个或多个网络设备之间交换的多个消息。 在主模式中,两个或多个网络设备建立安全通道并选择在快速模式和用户模式期间使用的安全参数。 在快速模式下,两台或多台计算机派生一组密钥来保护根据安全协议发送的数据。 可选的用户模式提供了认证与两个或多个网络设备相关联的一个或多个用户的手段。 快速模式的一部分在主模式期间进行,从而最小化需要在启动器和应答器之间交换的多个消息。
-
2.发明申请公开(公告)号:US20090276828A1
公开(公告)日:2009-11-05
申请号:US12500381
申请日:2009-07-09
IPC分类号: G06F21/00
CPC分类号: H04L63/061 , H04L9/0844 , H04L63/0823 , H04L63/164 , H04L63/20
摘要: A method for authenticating and negotiating security parameters among two or more network devices is disclosed. The method has a plurality of modes including a plurality of messages exchanged between the two or more network devices. In a main mode, the two or more network devices establish a secure channel and select security parameters to be used during a quick mode and a user mode. In the quick mode, the two or more computers derive a set of keys to secure data sent according to a security protocol. The optional user mode provides a means of authenticating one or more users associated with the two or more network devices. A portion of the quick mode is conducted during the main mode thereby minimizing the plurality of messages that need to be exchanged between the initiator and the responder.
摘要翻译: 公开了一种用于在两个或多个网络设备之间认证和协商安全参数的方法。 该方法具有多个模式,包括在两个或多个网络设备之间交换的多个消息。 在主模式中,两个或多个网络设备建立安全通道并选择在快速模式和用户模式期间使用的安全参数。 在快速模式下,两台或多台计算机派生一组密钥来保护根据安全协议发送的数据。 可选的用户模式提供了认证与两个或多个网络设备相关联的一个或多个用户的手段。 快速模式的一部分在主模式期间进行,从而最小化需要在启动器和应答器之间交换的多个消息。
-
3.发明授权Method of negotiating security parameters and authenticating users interconnected to a network 有权协商安全参数和认证与网络互连的用户的方法公开(公告)号:US07574603B2
公开(公告)日:2009-08-11
申请号:US10713980
申请日:2003-11-14
IPC分类号: H04L9/00
CPC分类号: H04L63/061 , H04L9/0844 , H04L63/0823 , H04L63/164 , H04L63/20
摘要: A method for authenticating and negotiating security parameters among two or more network devices is disclosed. The method has a plurality of modes including a plurality of messages exchanged between the two or more network devices. In a main mode, the two or more network devices establish a secure channel and select security parameters to be used during a quick mode and a user mode. In the quick mode, the two or more computers derive a set of keys to secure data sent according to a security protocol. The optional user mode provides a means of authenticating one or more users associated with the two or more network devices. A portion of the quick mode is conducted during the main mode thereby minimizing the plurality of messages that need to be exchanged between the initiator and the responder.
摘要翻译: 公开了一种用于在两个或多个网络设备之间认证和协商安全参数的方法。 该方法具有多个模式,包括在两个或多个网络设备之间交换的多个消息。 在主模式中,两个或多个网络设备建立安全通道并选择在快速模式和用户模式期间使用的安全参数。 在快速模式下,两台或多台计算机派生一组密钥来保护根据安全协议发送的数据。 可选的用户模式提供了认证与两个或多个网络设备相关联的一个或多个用户的手段。 快速模式的一部分在主模式期间进行,从而最小化需要在启动器和应答器之间交换的多个消息。
-
4.发明申请Method of negotiating security parameters and authenticating users interconnected to a network 有权协商安全参数和认证与网络互连的用户的方法公开(公告)号:US20050108531A1
公开(公告)日:2005-05-19
申请号:US10713980
申请日:2003-11-14
申请人: Brian Swander , Sara Bitan , Christian Huitema , Paul Mayfield , Daniel Simon
发明人: Brian Swander , Sara Bitan , Christian Huitema , Paul Mayfield , Daniel Simon
CPC分类号: H04L63/061 , H04L9/0844 , H04L63/0823 , H04L63/164 , H04L63/20
摘要: A method for authenticating and negotiating security parameters among two or more network devices is disclosed. The method has a plurality of modes including a plurality of messages exchanged between the two or more network devices. In a main mode, the two or more network devices establish a secure channel and select security parameters to be used during a quick mode and a user mode. In the quick mode, the two or more computers derive a set of keys to secure data sent according to a security protocol. The optional user mode provides a means of authenticating one or more users associated with the two or more network devices. A portion of the quick mode is conducted during the main mode thereby minimizing the plurality of messages that need to be exchanged between the initiator and the responder.
摘要翻译: 公开了一种用于在两个或多个网络设备之间认证和协商安全参数的方法。 该方法具有多个模式,包括在两个或多个网络设备之间交换的多个消息。 在主模式中,两个或多个网络设备建立安全通道并选择在快速模式和用户模式期间使用的安全参数。 在快速模式下,两台或多台计算机派生一组密钥来保护根据安全协议发送的数据。 可选的用户模式提供了认证与两个或多个网络设备相关联的一个或多个用户的手段。 快速模式的一部分在主模式期间进行,从而最小化需要在启动器和应答器之间交换的多个消息。
-
公开(公告)号:US08020197B2
公开(公告)日:2011-09-13
申请号:US11276139
申请日:2006-02-15
申请人: Tomer Shiran , Sara Bitan , Nir Nice , Jeroen de Borst , Dave Field , Shai Herzog
发明人: Tomer Shiran , Sara Bitan , Nir Nice , Jeroen de Borst , Dave Field , Shai Herzog
CPC分类号: H04L9/321 , H04L9/3263 , H04L9/3271 , H04L9/3297
摘要: Systems and methods for performing explicit delegation with strong authentication are described herein. Systems can include one or more clients, one or more end servers, and one or more gateways intermediate or between the client and the end server. The client may include an explicit strong delegation component that is adapted to strongly authenticate the client to the gateway. The explicit strong delegation component may also explicitly delegate to the gateway a right to authenticate on behalf of the client, and to define a period of time over which the explicit delegation is valid. The system may be viewed as being self-contained, in the sense that the system need not access third-party certificate or key distribution authorities. Finally, the client controls the gateways or end servers to which the gateway may authenticate on the client's behalf.
摘要翻译: 这里描述了用于执行具有强认证的显式授权的系统和方法。 系统可以包括一个或多个客户端,一个或多个终端服务器,以及在客户端和终端服务器之间中间或之间的一个或多个网关。 客户端可以包括适合于向网关强烈认证客户端的显式强委派组件。 显式强委托组件还可以向网关显式地委托代表客户端进行认证的权限,并定义显式授权有效的时间段。 在系统不需要访问第三方证书或密钥分发机构的意义上,该系统可以被视为是独立的。 最后,客户端代表客户端控制网关可以对其进行身份验证的网关或终端服务器。
-
公开(公告)号:US20060005239A1
公开(公告)日:2006-01-05
申请号:US11172643
申请日:2005-06-30
申请人: Ron Mondri , Sara Bitan
发明人: Ron Mondri , Sara Bitan
CPC分类号: H04L9/0825 , H04L9/3263 , H04L63/0823 , H04L63/166 , H04L2209/76 , H04L2209/80
摘要: A technique for establishing inspected secure communication includes establishing a first secure connection between a client device and a client-side device and a second secure connection between the client-side device and a server device. The client-side device establishes the first secure communication channel by providing a certificate impersonating the server device to the client device. The first and second communication channels enable client-side inspection of communications.
-
公开(公告)号:US20070192836A1
公开(公告)日:2007-08-16
申请号:US11276139
申请日:2006-02-15
申请人: Tomer Shiran , Sara Bitan , Nir Nice , Jeroen de Borst , Dave Field , Shai Herzog
发明人: Tomer Shiran , Sara Bitan , Nir Nice , Jeroen de Borst , Dave Field , Shai Herzog
IPC分类号: H04L9/32 , G06K9/00 , G06F15/16 , H04L9/00 , G06F17/30 , G06F17/00 , G06F9/00 , G06F7/04 , G06F7/58 , G06K19/00 , G06F15/173
CPC分类号: H04L9/321 , H04L9/3263 , H04L9/3271 , H04L9/3297
摘要: Systems and methods for performing explicit delegation with strong authentication are described herein. Systems can include one or more clients, one or more end servers, and one or more gateways intermediate or between the client and the end server. The client may include an explicit strong delegation component that is adapted to strongly authenticate the client to the gateway. The explicit strong delegation component may also explicitly delegate to the gateway a right to authenticate on behalf of the client, and to define a period of time over which the explicit delegation is valid. The system may be viewed as being self-contained, in the sense that the system need not access third-party certificate or key distribution authorities. Finally, the client controls the gateways or end servers to which the gateway may authenticate on the client's behalf.
摘要翻译: 这里描述了用于执行具有强认证的显式授权的系统和方法。 系统可以包括一个或多个客户端,一个或多个终端服务器,以及在客户端和终端服务器之间中间或之间的一个或多个网关。 客户端可以包括适合于向网关强烈认证客户端的显式强委派组件。 显式强委托组件还可以向网关显式地委托代表客户端进行认证的权限,并定义显式授权有效的时间段。 在系统不需要访问第三方证书或密钥分发机构的意义上,该系统可以被视为是独立的。 最后,客户端代表客户端控制网关可以对其进行身份验证的网关或终端服务器。
-
公开(公告)号:US07584505B2
公开(公告)日:2009-09-01
申请号:US11172643
申请日:2005-06-30
申请人: Ron Mondri , Sara Bitan
发明人: Ron Mondri , Sara Bitan
CPC分类号: H04L9/0825 , H04L9/3263 , H04L63/0823 , H04L63/166 , H04L2209/76 , H04L2209/80
摘要: A technique for establishing inspected secure communication includes establishing a first secure connection between a client device and a client-side device and a second secure connection between the client-side device and a server device. The client-side device establishes the first secure communication channel by providing a certificate impersonating the server device to the client device. The first and second communication channels enable client-side inspection of communications.
摘要翻译: 用于建立被检查的安全通信的技术包括在客户端设备和客户机侧设备之间建立第一安全连接以及客户端设备与服务器设备之间的第二安全连接。 客户端设备通过向客户端设备提供模拟服务器设备的证书来建立第一安全通信信道。 第一和第二通信通道使客户端检查通信。
-
-
-
-
-
-
-
搜索结果
8 条记录 (耗时 0.026 秒)
