-
公开(公告)号:US20070280483A1
公开(公告)日:2007-12-06
申请号:US11447179
申请日:2006-06-06
IPC分类号: H04L9/00
CPC分类号: H04L9/0822 , H04L9/0897
摘要: Methods, systems and computer readable mediums are provided for recovering keys. A key transport session key is generated, and a key encryption key is derived based on a server master key and an identification associated with a token. The key transport session key is encrypted with the key encryption key as a first wrapped key transport session key. An encrypted storage session key and an encrypted private key are retrieved from an archive. The encrypted storage session key is decrypted with a server storage key as a storage session key. The encrypted private key is decrypted with the storage session key. The decrypted private key is encrypted with the key transport session key as a wrapped private key. The wrapped private key and the first wrapped key transport session key are forwarded.
摘要翻译: 提供方法,系统和计算机可读介质用于恢复密钥。 生成密钥传输会话密钥,并且基于服务器主密钥和与令牌相关联的标识来导出密钥加密密钥。 密钥传输会话密钥通过密钥加密密钥加密,作为第一个包装密钥传输会话密钥。 从归档中检索加密的存储会话密钥和加密的私钥。 加密存储会话密钥用服务器存储密钥解密为存储会话密钥。 加密的私钥用存储会话密钥解密。 解密的私钥用密钥传输会话密钥作为包装的私钥加密。 包裹的私钥和第一个包裹密钥传输会话密钥被转发。
-
公开(公告)号:US07822209B2
公开(公告)日:2010-10-26
申请号:US11447179
申请日:2006-06-06
CPC分类号: H04L9/0822 , H04L9/0897
摘要: Methods, systems and computer readable mediums are provided for recovering keys. A key transport session key is generated, and a key encryption key is derived based on a server master key and an identification associated with a token. The key transport session key is encrypted with the key encryption key as a first wrapped key transport session key. An encrypted storage session key and an encrypted private key are retrieved from an archive. The encrypted storage session key is decrypted with a server storage key as a storage session key. The encrypted private key is decrypted with the storage session key. The decrypted private key is encrypted with the key transport session key as a wrapped private key. The wrapped private key and the first wrapped key transport session key are forwarded.
摘要翻译: 提供了用于恢复密钥的方法,系统和计算机可读介质。 生成密钥传输会话密钥,并且基于服务器主密钥和与令牌相关联的标识来导出密钥加密密钥。 密钥传输会话密钥通过密钥加密密钥加密,作为第一个包装密钥传输会话密钥。 从归档中检索加密的存储会话密钥和加密的私钥。 加密存储会话密钥用服务器存储密钥解密为存储会话密钥。 加密的私钥用存储会话密钥解密。 解密的私钥用密钥传输会话密钥作为包装的私钥加密。 包裹的私钥和第一个包裹密钥传输会话密钥被转发。
-
公开(公告)号:US08495380B2
公开(公告)日:2013-07-23
申请号:US11446957
申请日:2006-06-06
IPC分类号: H04L9/3294 , H04L9/08
CPC分类号: H04L9/3263 , H04L9/0822 , H04L63/061 , H04L63/0853 , H04L2209/603
摘要: A method and system for generating credentials for a token. A server detects a token, determines that the token is to be enrolled, and generates a subject key pair that includes a subject public key and subject private key. The server encrypts the subject private key with a key transport session key to obtain a wrapped private key and forwards the wrapped private key to the token.
摘要翻译: 用于生成令牌的凭据的方法和系统。 服务器检测令牌,确定令牌将被注册,并生成包含主题公钥和主体私钥的主题密钥对。 服务器使用密钥传输会话密钥加密主体私钥以获得包装的私钥,并将包装的私钥转发到令牌。
-
公开(公告)号:US08098829B2
公开(公告)日:2012-01-17
申请号:US11447196
申请日:2006-06-06
IPC分类号: H04L9/08
CPC分类号: H04L9/0897 , H04L9/0822
摘要: An embodiment pertains generally to a method of delivering keys in a server. The method includes generating a subject key pair, where the subject key pair includes a subject public key and a subject private key. The method also includes retrieving a storage key and encrypting the subject private key with the storage key as a wrapped storage private key. The method further includes storing the wrapped storage private key.
摘要翻译: 实施例一般涉及在服务器中传递密钥的方法。 该方法包括生成主体密钥对,其中主体密钥对包括对象公钥和对象私钥。 该方法还包括检索存储密钥并使用存储密钥作为包装存储私钥对主体私钥进行加密。 该方法还包括存储封装的存储私钥。
-
公开(公告)号:US20080022088A1
公开(公告)日:2008-01-24
申请号:US11446956
申请日:2006-06-06
IPC分类号: H04L9/00
CPC分类号: H04L9/0822 , H04L9/0897 , H04L9/3263 , H04L2209/603
摘要: An embodiment pertains generally to a method of storing keys. The method includes receiving a request for generating a subject private key at a token processing system and generating a subject key pair, where the subject key pair includes a subject public and the subject private key. The method also includes archiving the subject private key within the token processing system.
摘要翻译: 实施例一般涉及存储密钥的方法。 该方法包括在令牌处理系统处接收用于生成主体私钥的请求并生成主题密钥对,其中主体密钥对包括对象公共和主体私钥。 该方法还包括在令牌处理系统内归档主体私钥。
-
公开(公告)号:US20070288745A1
公开(公告)日:2007-12-13
申请号:US11448179
申请日:2006-06-07
IPC分类号: H04L9/00
CPC分类号: H04L9/0822 , H04L9/083
摘要: Embodiments of the present invention provide a profile framework for handling enrollment requests. In particular, when a token processing system receives an enrollment request, it selects an applicable profile based on information in the request. The profile may indicate a variety of parameters for fulfilling the enrollment request, such as the locations of the applicable certificate authority, token key service, and the like. The profile may also indicate items, such as the number of keys to generate on a token, a token label, and connection information to securely communicate with other components and the client making the enrollment request.
摘要翻译: 本发明的实施例提供了一种用于处理注册请求的简档框架。 特别地,当令牌处理系统接收到注册请求时,它根据请求中的信息选择适用的简档。 该简档可以指示用于满足注册请求的各种参数,诸如适用的认证机构的位置,令牌密钥服务等。 简档还可以指示项目,例如在令牌上生成的密钥的数量,令牌标签和连接信息,以安全地与其他组件和进行注册请求的客户端通信。
-
公开(公告)号:US08412927B2
公开(公告)日:2013-04-02
申请号:US11448179
申请日:2006-06-07
IPC分类号: H04L29/06
CPC分类号: H04L9/0822 , H04L9/083
摘要: Embodiments of the present invention provide a profile framework for handling enrollment requests. In particular, when a token processing system receives an enrollment request, it selects an applicable profile based on information in the request. The profile may indicate a variety of parameters for fulfilling the enrollment request, such as the locations of the applicable certificate authority, token key service, and the like. The profile may also indicate items, such as the number of keys to generate on a token, a token label, and connection information to securely communicate with other components and the client making the enrollment request.
摘要翻译: 本发明的实施例提供了一种用于处理注册请求的简档框架。 特别地,当令牌处理系统接收到注册请求时,它根据请求中的信息选择适用的简档。 该简档可以指示用于满足注册请求的各种参数,诸如适用的认证机构的位置,令牌密钥服务等。 简档还可以指示项目,例如在令牌上生成的密钥的数量,令牌标签和连接信息,以安全地与其他组件和进行注册请求的客户端通信。
-
公开(公告)号:US20080022121A1
公开(公告)日:2008-01-24
申请号:US11446957
申请日:2006-06-06
IPC分类号: H04L9/00
CPC分类号: H04L9/3263 , H04L9/0822 , H04L63/061 , H04L63/0853 , H04L2209/603
摘要: An embodiment pertains generally to a method of generating credentials for a token. The method includes detecting the token and the server determining that the token is to be enrolled and generating a subject key pair within the server, where the subject key pair includes a subject public key and the subject private key. The method also includes encrypting the subject private key with a key transport session key to arrive at a wrapped private key and forwarding the wrapped private key to the token.
摘要翻译: 实施例一般涉及为令牌生成凭证的方法。 所述方法包括检测所述令牌和所述服务器,所述令牌和所述服务器确定所述令牌将被注册并且在所述服务器内生成主体密钥对,其中所述主题密钥对包括对象公钥和所述对象私钥。 该方法还包括使用密钥传输会话密钥对主体私钥进行加密以得到包装的私钥并将包裹的私钥转发到令牌。
-
公开(公告)号:US20080019526A1
公开(公告)日:2008-01-24
申请号:US11447196
申请日:2006-06-06
IPC分类号: H04L9/00
CPC分类号: H04L9/0897 , H04L9/0822
摘要: An embodiment pertains generally to a method of delivering keys in a server. The method includes generating a subject key pair, where the subject key pair includes a subject public key and a subject private key. The method also includes retrieving a storage key and encrypting the subject private key with the storage key as a wrapped storage private key. The method further includes storing the wrapped storage private key.
摘要翻译: 实施例一般涉及在服务器中传递密钥的方法。 该方法包括生成主体密钥对,其中主体密钥对包括对象公钥和对象私钥。 该方法还包括检索存储密钥并使用存储密钥作为包装存储私钥对主体私钥进行加密。 该方法还包括存储封装的存储私钥。
-
公开(公告)号:US08356342B2
公开(公告)日:2013-01-15
申请号:US11469482
申请日:2006-08-31
CPC分类号: H04L63/0807
摘要: An embodiment relates generally to a method of managing a token. The method includes marking a token to be killed and detecting a presence of the token. The method also includes disabling the token in response to the marking of the token.
摘要翻译: 实施例一般涉及管理令牌的方法。 该方法包括标记要被杀死的标记并检测令牌的存在。 该方法还包括响应标记的标记来禁用令牌。
-
-
-
-
-
-
-
-
-
搜索结果
29 条记录 (耗时 0.048 秒)
