公开(公告)号：US20090025080A1

公开(公告)日：2009-01-22

申请号：US12212959

申请日：2008-09-18

申请人： Craig Lund ,  Garret Grajek ,  Stephen Moore ,  Mark Lambiase

发明人： Craig Lund ,  Garret Grajek ,  Stephen Moore ,  Mark Lambiase

IPC分类号： H04L29/06

CPC分类号： H04L9/3215 ,  H04L9/3228 ,  H04L9/3263 ,  H04L9/3273 ,  H04L63/0272 ,  H04L63/0823 ,  H04L63/166 ,  H04L2209/56

摘要： Authenticating a client to a server accessible through an Internet Protocol Security (IPSec) Virtual Private Network (VPN) appliance. The IPSec VPN appliance and an SSL VPN appliance are configured to receive an initialization command from the client. The SSL VPN appliance is in communication with an authentication appliance for authenticating the client to the server. In response to the initialization command, the authentication appliance generates a client key pair including a client private key and a client public key. The authentication appliance generates a client certificate and a client IPSec profile. The authentication appliance transmits the client key pair, the client certificate and the client IPSec profile to the client. A secure communication session between the client and the server is established. The secure communication session is established through the IPSec VPN appliance. Upon receipt of the IPSec profile, the communication session between the client and the server is encrypted.

摘要翻译： 将客户端验证到可通过Internet协议安全（IPSec）虚拟专用网（VPN）设备访问的服务器。 IPSec VPN设备和SSL VPN设备配置为从客户端接收初始化命令。 SSL VPN设备与认证设备通信，用于向服务器认证客户端。 响应于初始化命令，认证装置产生包括客户端私钥和客户端公钥的客户端密钥对。 身份验证设备生成客户端证书和客户端IPSec配置文件。 认证设备将客户端密钥对，客户端证书和客户端IPSec配置文件发送给客户端。 建立客户端与服务器之间的安全通信会话。 安全通信会话通过IPSec VPN设备建立。 在接收到IPSec配置文件之后，客户端和服务器之间的通信会话被加密。

公开(公告)号：US20100138907A1

公开(公告)日：2010-06-03

申请号：US12326002

申请日：2008-12-01

申请人： Garret Grajek ,  Stephen Moore ,  Mark Lambiase

发明人： Garret Grajek ,  Stephen Moore ,  Mark Lambiase

IPC分类号： H04L9/32 ,  G06F15/16 ,  G06F17/00

CPC分类号： H04L9/3263 ,  H04L63/0823

摘要： A certificate server is provided for issuing digital certificates to be used by a network resource and/or a client resource. The certificate server is configured to communicate with the network resource or the client resource to receive a certificate request. Upon receiving the certificate request, the certificate server may automate the process for authenticating the certificate request, validating the terms of the certificate request and digitally signing the certificate request. An authentication appliance may communicate with or be integrated within the certificate server. The certificate server includes a web service server, a certificate authority component, and a database that enable communication with either the network resource, client resource, or the authentication appliance to automate the administration process typically involved in receiving and signing a certificate request. The certificate authority component may sign the certificate request with a trusted root chain associated with the network resource.

摘要翻译： 提供证书服务器用于发行要由网络资源和/或客户端资源使用的数字证书。 证书服务器被配置为与网络资源或客户端资源通信以接收证书请求。 证书服务器在收到证书请求后，可自动执行认证证书请求的过程，验证证书请求的条款并对证书请求进行数字签名。 身份验证设备可以与证书服务器通信或集成在证书服务器中。 证书服务器包括Web服务服务器，证书颁发机构组件和能够与网络资源，客户端资源或身份验证设备通信的数据库，以自动执行通常涉及到接收和签署证书请求的管理过程。 证书颁发机构组件可以使用与网络资源相关联的受信任的根链对证书请求进行签名。

公开(公告)号：US20090307486A1

公开(公告)日：2009-12-10

申请号：US12135466

申请日：2008-06-09

申请人： Garret Grajek ,  Stephen Moore ,  Mark Lambiase

发明人： Garret Grajek ,  Stephen Moore ,  Mark Lambiase

IPC分类号： H04L9/32

CPC分类号： H04L9/3273 ,  H04L9/3263 ,  H04L63/0272 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/0823 ,  H04L63/123 ,  H04L2209/56

摘要： A method for self-service authentication of a client and a server. The method includes the server receiving an initialization command from the client. The initialization command may be transmitted to the server via a client web browser over an unsecured data transfer link. The method continues with requesting authentication information from the client. In response to receiving the authentication information from the client, the server transmits a client software component to the client. The client software component utilizes a client-side library installed on the operating system of the client to generate the various client credentials described above. Thereafter, the certificate signing request may be transmitted to a certificate server for signing the certificate signing request. The signed certificate signing request is then received by the client via the client web browser. The client utilizes the information associated with the signed certificate signing request with the client-side library installed on the client to generate a client certificate.

摘要翻译： 一种用于客户端和服务器的自服务认证的方法。 该方法包括服务器从客户端接收初始化命令。 初始化命令可以经由客户端web浏览器通过不安全的数据传输链路传送到服务器。 该方法继续请求来自客户端的认证信息。 响应于从客户端接收认证信息，服务器向客户端发送客户端软件组件。 客户端软件组件利用安装在客户机操作系统上的客户端库生成上述各种客户端证书。 此后，证书签发请求可以被发送到证书服务器以签署证书签名请求。 然后，客户端通过客户端Web浏览器接收签名的证书签名请求。 客户端使用与签名的证书签名请求相关联的信息与安装在客户端上的客户端库生成客户端证书。

公开(公告)号：US20090240936A1

公开(公告)日：2009-09-24

申请号：US12052630

申请日：2008-03-20

申请人： MARK LAMBIASE ,  Garret Grajek ,  Stephen Moore

发明人： MARK LAMBIASE ,  Garret Grajek ,  Stephen Moore

IPC分类号： H04L9/00

CPC分类号： H04L9/3263 ,  H04L63/0272 ,  H04L63/0823 ,  H04L63/123 ,  H04L2209/56

摘要： A method and system is provided for storing a plurality of client certificate credentials via a client web browser into one or more keystore file(s). The client web browser is used to establish the secure data transfer link between the client and the server. The client web browser includes a plug-in software component. The plug-in software component is configured to generate the keystore file and a key pair. The method may continue with generating a certificate request on the client. The certificate request generated is then transmitted to a certificate server. The certificate server is configured to digitally sign the certificate request generated. The method continues with the client receiving a signed certificate request. The signed certificate request is received by the client via the client web browser. The method may conclude by storing the plurality of client certificate credentials associated with the signed certificate request in one or more keystore file(s).

摘要翻译： 提供了一种方法和系统，用于经由客户端web浏览器将多个客户端证书凭证存储到一个或多个密钥库文件中。 客户端Web浏览器用于建立客户端和服务器之间的安全数据传输链路。 客户端Web浏览器包括一个插件软件组件。 插件软件组件配置为生成密钥库文件和密钥对。 该方法可以继续在客户端上生成证书请求。 然后生成的证书请求被发送到证书服务器。 证书服务器被配置为对所生成的证书请求进行数字签名。 方法继续，客户端接收签名的证书请求。 签名的证书请求由客户端通过客户端Web浏览器接收。 该方法可以通过将与签名的证书请求相关联的多个客户端证书凭证存储在一个或多个密钥库文件中来得出。

公开(公告)号：US20100217975A1

公开(公告)日：2010-08-26

申请号：US12392760

申请日：2009-02-25

申请人： Garret Grajek ,  Stephen Moore ,  Mark Lambiase

发明人： Garret Grajek ,  Stephen Moore ,  Mark Lambiase

IPC分类号： H04L9/32

CPC分类号： G06F21/445 ,  H04L9/3226 ,  H04L9/3263 ,  H04L9/3271 ,  H04L63/0823 ,  H04L63/083 ,  H04L63/168 ,  H04L2209/56

摘要： A method and system for authenticating a client and a server is disclosed. In one contemplated embodiment, the client has a client certificate and the server have a server certificate. The client is validated to an authentication module based upon a certificate request identifier generated thereby, a secure data link certificate, and an authentication module Uniform Resource Locator. The authentication module is validated to the client based upon the client certificate and the certificate request identifier. A password associated with a user identifier that is encrypted with a private client key and signed with a public server key is transmitted to the authentication module. The password is then validated.

摘要翻译： 公开了一种用于认证客户机和服务器的方法和系统。 在一个预期的实施例中，客户端具有客户端证书，并且服务器具有服务器证书。 基于由此产生的证书请求标识符，安全数据链路证书和认证模块统一资源定位符，验证客户端到认证模块。 验证模块根据客户端证书和证书请求标识符对客户端进行验证。 与用私人客户端密钥加密并用公共服务器密钥签名的用户标识符相关联的密码被发送到认证模块。 密码然后验证。

公开(公告)号：US20080077796A1

公开(公告)日：2008-03-27

申请号：US11702371

申请日：2007-02-05

申请人： Craig Lund ,  Garret Grajek ,  Stephen Moore

发明人： Craig Lund ,  Garret Grajek ,  Stephen Moore

IPC分类号： H04L9/32

CPC分类号： H04L9/3273 ,  H04L9/0643 ,  H04L9/3239 ,  H04L9/3263 ,  H04L63/0823 ,  H04L63/0869 ,  H04L63/166

摘要： A method and system for mutually authenticating a client and a server is provided in accordance with an aspect of the present invention. The method commences with transmitting a token from the server to the client. Thereafter, the method continues with establishing a secure data transfer link between the server and the client. A server certificate is transmitted to the client during the establishment of the secure data transfer link. The method continues with transmitting a response packet to the server, which is validated thereby upon receipt. The system includes a client authentication module that initiates the secure data transfer link and transmits the response packet, and a server authentication module that transmits the token and validates the response packet.

摘要翻译： 根据本发明的一个方面提供一种用于相互认证客户机和服务器的方法和系统。 该方法开始于从服务器向客户端发送令牌。 此后，该方法继续在服务器和客户端之间建立安全的数据传输链路。 在建立安全数据传输链路期间，向客户端发送服务器证书。 该方法继续向服务器发送响应分组，由此在接收到该响应分组时被验证。 系统包括发起安全数据传输链路并发送响应分组的客户端认证模块，以及发送令牌并验证响应分组的服务器认证模块。

公开(公告)号：US20080077791A1

公开(公告)日：2008-03-27

申请号：US11880599

申请日：2007-07-23

申请人： Craig Lund ,  Garret Grajek ,  Stephen Moore

发明人： Craig Lund ,  Garret Grajek ,  Stephen Moore

IPC分类号： H04L9/32

CPC分类号： H04L63/0823 ,  H04L9/3215 ,  H04L9/3263 ,  H04L9/3273 ,  H04L63/0272 ,  H04L63/166 ,  H04L2209/56

摘要： A method and system for secured network access is provided in accordance with the present invention. The method begins with receiving a login request from a client on a router. Thereafter, a certificate transfer instruction for the router to an authentication appliance is generated where the client lacks a copy of a client certificate. The client is authenticated with a challenge-response sequence, the response to which is deliverable through an out-of-band communications channel. Upon authentication, the client certificate and the client private key are transmitted to the client, which are used to authenticate the client to the network.

摘要翻译： 根据本发明提供了一种用于安全网络访问的方法和系统。 该方法开始于从路由器上的客户端接收登录请求。 此后，生成用于认证设备的路由器的证书传送指令，其中客户端缺少客户端证书的副本。 客户端通过质询 - 响应序列进行身份验证，其响应可通过带外通信通道传递。 在认证时，将客户端证书和客户端私钥传输到客户端，客户端用于向客户端认证网络。

公开(公告)号：US08327142B2

公开(公告)日：2012-12-04

申请号：US11702371

申请日：2007-02-05

申请人： Craig Lund ,  Garret Grajek ,  Stephen Moore

发明人： Craig Lund ,  Garret Grajek ,  Stephen Moore

IPC分类号： H04L29/06

CPC分类号： H04L9/3273 ,  H04L9/0643 ,  H04L9/3239 ,  H04L9/3263 ,  H04L63/0823 ,  H04L63/0869 ,  H04L63/166

摘要： A method and system for mutually authenticating a client and a server is provided in accordance with an aspect of the present invention. The method commences with transmitting a token from the server to the client. Thereafter, the method continues with establishing a secure data transfer link between the server and the client. A server certificate is transmitted to the client during the establishment of the secure data transfer link. The method continues with transmitting a response packet to the server, which is validated thereby upon receipt. The system includes a client authentication module that initiates the secure data transfer link and transmits the response packet, and a server authentication module that transmits the token and validates the response packet.

摘要翻译： 根据本发明的一个方面提供一种用于相互认证客户机和服务器的方法和系统。 该方法开始于从服务器向客户端发送令牌。 此后，该方法继续在服务器和客户端之间建立安全的数据传输链路。 在建立安全数据传输链路期间，向客户端发送服务器证书。 该方法继续向服务器发送响应分组，由此在接收到该响应分组时被验证。 系统包括发起安全数据传输链路并发送响应分组的客户端认证模块，以及发送令牌并验证响应分组的服务器认证模块。

公开(公告)号：US09262885B2

公开(公告)日：2016-02-16

申请号：US13513994

申请日：2011-06-07

申请人： Stephen Moore ,  Brian Besterman ,  Jeff Bischoff

发明人： Stephen Moore ,  Brian Besterman ,  Jeff Bischoff

IPC分类号： A63F9/24 ,  A63F13/00 ,  G06F17/00 ,  G06F19/00 ,  G07F17/32

CPC分类号： A63F3/00157 ,  A63F1/06 ,  A63F9/24 ,  A63F2003/00164 ,  A63F2009/2429 ,  A63F2009/2489 ,  G07F17/322 ,  G07F17/3237

摘要： A gaming table provides for use of RFID technology to track chip movement on a table game and to infer an association between a wager and a player position based on a chip identifier of a chip placed on a particular position of the table. In some embodiments, previous position history of the chip is also taken into account in determining a player position associated with a wager.

摘要翻译： 游戏桌提供使用RFID技术来跟踪桌面游戏上的筹码运动，并且基于放置在桌子的特定位置上的筹码的筹码标识符来推断投注和玩家位置之间的关联。 在一些实施例中，在确定与下注相关联的玩家位置时也考虑到筹码的先前位置历史。

公开(公告)号：US08817837B2

公开(公告)日：2014-08-26

申请号：US13988521

申请日：2011-11-21

申请人： John Barr ,  Andrew White ,  Stephen Moore

发明人： John Barr ,  Andrew White ,  Stephen Moore

IPC分类号： H01S5/00 ,  H01S3/08 ,  H01S3/091 ,  H01S3/093 ,  H01S3/0933 ,  H01S3/0941 ,  H01S3/102 ,  H01S3/16

CPC分类号： H01S3/08059 ,  H01S3/0606 ,  H01S3/08 ,  H01S3/08095 ,  H01S3/091 ,  H01S3/093 ,  H01S3/0933 ,  H01S3/094084 ,  H01S3/094096 ,  H01S3/0941 ,  H01S3/1022 ,  H01S3/1608 ,  H01S3/1611 ,  H01S3/1643 ,  H01S5/041 ,  H01S5/4025 ,  H01S5/4087

摘要： An exemplary laser system is disclosed which includes a pump laser diode array and laser gain material, in which the array generates optical radiation having a predetermined total linewidth approximately 20 nm wide constructed from a plurality of individual wavelengths with a linewidth of up to 8 nm, the center wavelength of radiation being for example within the absorption band of laser gain material used at the center point of the operating temperature of the array. The system can include a highly reflecting plane mirror with periodic transmitting patches placed between the laser diode array and the laser gain material, the size of the transmitting patches being such that minimal pump radiation is lost.

摘要翻译： 公开了一种示例性的激光系统，其包括泵浦激光二极管阵列和激光增益材料，其中阵列产生由具有高达8nm的线宽的多个单独波长构成的具有约20nm宽的预定总线宽的光辐射， 辐射的中心波长例如在阵列的工作温度的中心点处使用的激光增益材料的吸收带内。 该系统可以包括高反射平面镜，其具有放置在激光二极管阵列和激光增益材料之间的周期性传输片，发射片的尺寸使得最小的泵浦辐射损失。