公开(公告)号：US06654886B1

公开(公告)日：2003-11-25

申请号：US09356189

申请日：1999-07-16

申请人： David Carroll Challener ,  Daryl Carvis Cromer ,  Dhruv Manmohandas Desai ,  Howard Jeffrey Locker ,  Andy Lloyd Trotter ,  James Peter Ward

发明人： David Carroll Challener ,  Daryl Carvis Cromer ,  Dhruv Manmohandas Desai ,  Howard Jeffrey Locker ,  Andy Lloyd Trotter ,  James Peter Ward

IPC分类号： G06F1130

CPC分类号： H04L63/0853 ,  G06F21/31 ,  G06F2221/2129

摘要： A data processing system and method are disclosed for permitting only preregistered client computer hardware to access a service executing on a remote server computer system. A log-in token is established including a unique identifier which identifies a particular client computer hardware. The client computer hardware logs-on to the server computer system. Subsequent to the client computer hardware logging-on to the server computer system, the client computer hardware attempts to access the service. During the attempt, the client computer hardware transmits the log-in token to the server computer system. The server computer system utilizes the unique identifier included within the log-in token to determine if the client computer hardware is registered to access the service. In response to a determination that the client computer hardware is registered to access the service, the server computer system permits the client computer hardware to access the service. In response to a determination that the client computer hardware is not registered to access the service, the server computer system prohibits the client computer hardware from accessing the service.

摘要翻译： 公开了一种用于仅允许预注册的客户端计算机硬件访问在远程服务器计算机系统上执行的服务的数据处理系统和方法。 建立登录令牌，其包括标识特定客户端计算机硬件的唯一标识符。 客户端计算机硬件登录到服务器计算机系统。 在客户端计算机硬件登录到服务器计算机系统之后，客户端计算机硬件尝试访问该服务。 在尝试期间，客户端计算机硬件将登录令牌传输到服务器计算机系统。 服务器计算机系统利用包括在登录令牌内的唯一标识符来确定客户端计算机硬件是否被注册以访问该服务。 响应于确定客户端计算机硬件被注册以访问服务，服务器计算机系统允许客户端计算机硬件访问该服务。 响应于确定客户端计算机硬件未被注册以访问服务，服务器计算机系统禁止客户端计算机硬件访问服务。

公开(公告)号：US06959390B1

公开(公告)日：2005-10-25

申请号：US09262123

申请日：1999-03-03

申请人： David Carroll Challener ,  Daryl Carvis Cromer ,  Mark Charles Davis ,  Scott Thomas Elliott ,  Howard Jeffrey Locker ,  Andy Lloyd Trotter ,  James Peter Ward

发明人： David Carroll Challener ,  Daryl Carvis Cromer ,  Mark Charles Davis ,  Scott Thomas Elliott ,  Howard Jeffrey Locker ,  Andy Lloyd Trotter ,  James Peter Ward

IPC分类号： G06F11/30 ,  H04L9/00 ,  H04L9/08 ,  H04L9/30

CPC分类号： H04L9/0894

摘要： A data processing system and method are disclosed for maintaining secure user private keys in a non-secure storage device. A master key pair is established for the system. The master key pair includes a master private key and a master public key. The master key pair is stored in a protected storage device. A unique user key pair is established for each user. The user key pair includes a user private key and a user public key. The user private key is encrypted utilizing the master public key. The encrypted user private key is stored in the non-secure storage device, wherein the encrypted user private key is secure while stored in the non-secure storage device.

摘要翻译： 公开了一种用于在非安全存储设备中维护安全用户私钥的数据处理系统和方法。 为系统建立主密钥对。 主密钥对包括主密钥和主公钥。 主密钥对存储在受保护的存储设备中。 为每个用户建立一个独特的用户密钥对。 用户密钥对包括用户私钥和用户公钥。 使用主公钥加密用户专用密钥。 加密的用户私钥存储在非安全存储设备中，其中加密的用户私钥在存储在非安全存储设备中时是安全的。

公开(公告)号：US06978385B1

公开(公告)日：2005-12-20

申请号：US09516430

申请日：2000-03-01

申请人： Richard W. Cheston ,  Daryl Carvis Cromer ,  Richard Alan Dayan ,  Dhruv Manmohandas Desai ,  Jan M. Janick ,  Howard Jeffery Locker ,  Andy Lloyd Trotter ,  James Peter Ward

发明人： Richard W. Cheston ,  Daryl Carvis Cromer ,  Richard Alan Dayan ,  Dhruv Manmohandas Desai ,  Jan M. Janick ,  Howard Jeffery Locker ,  Andy Lloyd Trotter ,  James Peter Ward

IPC分类号： G06F1/00 ,  G06F9/445 ,  G06F15/00 ,  G06F21/00 ,  G06F21/20 ,  H04L9/32 ,  H04L29/06

CPC分类号： H04L63/083 ,  G06F21/31 ,  G06F21/575 ,  G06F2221/2131

摘要： A data processing system and method are disclosed for remotely recovering a client computer system's primary password. The primary password be correctly entered prior to the client computer system becoming fully accessible to a user. The client computer system is coupled to a server computer system utilizing a network. Prior to the client computer system completing a boot process, a user is prompted to enter the primary password. An interrogative password method is provided in response to an incorrect entry of the primary password. The primary password is recoverable in response to a successful execution of the interrogative password method. The primary password is recoverable from the server computer system by the client computer system prior to said client computer system completing said boot process utilizing the interrogative password method.

摘要翻译： 公开了用于远程恢复客户端计算机系统的主密码的数据处理系统和方法。 在客户端计算机系统完全访问用户之前，主密码被正确输入。 客户端计算机系统利用网络耦合到服务器计算机系统。 在客户端计算机系统完成启动过程之前，会提示用户输入主密码。 响应主密码的输入错误提供询问密码方法。 响应成功执行询问密码方法，可以恢复主密码。 在所述客户端计算机系统利用询问密码方法完成所述引导过程之前，客户计算机系统可以从服务器计算机系统恢复主密码。

公开(公告)号：US06754826B1

公开(公告)日：2004-06-22

申请号：US09282713

申请日：1999-03-31

申请人： David Carroll Challener ,  Daryl Carvis Cromer ,  Dhruv M. Desai ,  Brandon Jon Ellison ,  Howard Locker ,  Andy Lloyd Trotter ,  James Peter Ward

发明人： David Carroll Challener ,  Daryl Carvis Cromer ,  Dhruv M. Desai ,  Brandon Jon Ellison ,  Howard Locker ,  Andy Lloyd Trotter ,  James Peter Ward

IPC分类号： H04L932

CPC分类号： H04L63/0823 ,  H04L63/10

摘要： A data processing system and method are disclosed for providing an access connector which limits access to a network to only authorized client computer systems. The network is controlled by a server computer system. The access connector is provided for physically coupling a client computer system to the network. The access connector is physically coupled to the network. Prior to permitting the client computer system to attempt to establish a client communication link with the network, the client computer system attempts to authenticate itself to the server computer system. In response to the client computer system being unable to authenticate itself to the server computer system, the access connector prohibits the client computer system from establishing a client communication link between the client computer system and the network.

摘要翻译： 公开了一种用于提供访问连接器的数据处理系统和方法，其将对网络的访问限于仅授权的客户端计算机系统。 网络由服务器计算机系统控制。 提供接入连接器用于将客户端计算机系统物理耦合到网络。 接入连接器物理耦合到网络。 在允许客户端计算机系统尝试与网络建立客户端通信链路之前，客户端计算机系统尝试向服务器计算机系统认证自身。 响应于客户端计算机系统无法向服务器计算机系统认证自身，访问连接器禁止客户端计算机系统在客户端计算机系统和网络之间建立客户端通信链路。

公开(公告)号：US06880095B2

公开(公告)日：2005-04-12

申请号：US10055054

申请日：2002-01-23

申请人： Daryl Carvis Cromer ,  Howard Jeffrey Locker ,  Andy Lloyd Trotter ,  James Peter Ward

发明人： Daryl Carvis Cromer ,  Howard Jeffrey Locker ,  Andy Lloyd Trotter ,  James Peter Ward

IPC分类号： G06F1/26 ,  G06F1/32

CPC分类号： G06F1/3287 ,  G06F1/266 ,  G06F1/3203 ,  Y02D10/171 ,  Y10T307/724 ,  Y10T307/729

摘要： A computing system includes a motherboard including one or more connection subsystems, each of which includes a port connector and a device interface circuit conditioning signals transmitted or received through the port connector. The port connector includes a connection-sensing terminal, which is connected to ground through a cable, and which is allowed to float to a voltage supplied through a pull-up resistor when the cable is disconnected. The motherboard also includes a main voltage plane supplying electrical power to a separate voltage plane for each device interface circuit only when a cable is connected to the port connector which is also connected to the device interface circuit.

摘要翻译： 一种计算系统包括：主板，包括一个或多个连接子系统，每个连接子系统包括端口连接器和对通过端口连接器传输或接收的信号进行调理的设备接口电路。 端口连接器包括连接感测端子，其通过电缆连接到地，并且当电缆断开时允许浮动到通过上拉电阻器提供的电压。 主板还包括一个主电压平面，只有当电缆连接到也连接到设备接口电路的端口连接器时，为每个设备接口电路向单独的电压平面供电。

公开(公告)号：US06988196B2

公开(公告)日：2006-01-17

申请号：US09748654

申请日：2000-12-22

申请人： Daryl Carvis Cromer ,  Brandon Jon Ellison ,  Howard Jeffrey Locker ,  Andy Lloyd Trotter ,  James Peter Ward

发明人： Daryl Carvis Cromer ,  Brandon Jon Ellison ,  Howard Jeffrey Locker ,  Andy Lloyd Trotter ,  James Peter Ward

IPC分类号： H04L9/00

CPC分类号： G06F21/31

摘要： A computer system and method are disclosed for generating a certificate that can be validated against a trusted hardware subsystem within a computer system. A security subsystem is established within the computer system. A master key pair including a master public key and master private key are established. The master private key is stored in protected storage within the security subsystem such that the master private key is inaccessible outside of the security subsystem. Generation of a self-verifying certificate is requested. A user of the computer system is then prompted to enter an authentication code in response to the request for generation of the certificate. A certificate is generated utilizing the master key pair only in response to a correct entry of the authentication code. The certificate is used only internally within the computer system.

摘要翻译： 公开了一种计算机系统和方法，用于生成可以针对计算机系统内的可信硬件子系统进行验证的证书。 在计算机系统内建立安全子系统。 建立包括主公钥和主密钥的主密钥对。 主私钥存储在安全子系统内的受保护存储器中，使得主私钥在安全子系统之外是不可访问的。 要求生成自我验证证书。 然后响应于产生证书的请求，提示计算机系统的用户输入认证码。 只有在正确输入验证码时才使用主密钥对生成证书。 该证书仅在计算机系统内部使用。

公开(公告)号：US07146433B2

公开(公告)日：2006-12-05

申请号：US10061479

申请日：2002-02-01

申请人： Daryl Carvis Cromer ,  Howard Jeffrey Locker ,  Andy Lloyd Trotter ,  James Peter Ward

发明人： Daryl Carvis Cromer ,  Howard Jeffrey Locker ,  Andy Lloyd Trotter ,  James Peter Ward

IPC分类号： G06F15/173 ,  H04B7/15

CPC分类号： H04W88/04 ,  H04W76/10 ,  H04W84/12

摘要： A remote mobile unit (MU) including a radio device is provided with an ability to communicate through a LAN by remote association with an access point (AP) that is out of range for communication with the radio device of the remote MU. The remote MU transmits a quest frames that is received and retransmitted by one or more intermediate MUs until a connection is made with the AP. Each of the intermediate MUs adds an identifying address to the request, forming a path that is used in both directions to transmit a response from the AP to the remote MU and to transmit data between the AP and the MU.

公开(公告)号：US06701349B1

公开(公告)日：2004-03-02

申请号：US09356190

申请日：1999-07-16

申请人： Daryl Carvis Cromer ,  Brandon Jon Ellison ,  Eric Richard Kern ,  Howard Jeffery Locker ,  Andy Lloyd Trotter ,  James Peter Ward

发明人： Daryl Carvis Cromer ,  Brandon Jon Ellison ,  Eric Richard Kern ,  Howard Jeffery Locker ,  Andy Lloyd Trotter ,  James Peter Ward

IPC分类号： G06F1300

CPC分类号： H04L63/10 ,  G06F13/385 ,  H04L63/126 ,  H04L67/322 ,  H04L69/329

摘要： A data processing system and method are disclosed for prohibiting an unauthorized user from modifying a priority level associated with a client computer system. The priority level is utilized by a client computer system during transmission of the client's data over a network. One of a plurality of priority levels is associated with the client computer system. The plurality of priority levels includes a higher priority level and a lower priority level. The client computer system associates the priority level with the data transmitted by the client computer system over the network. The data associated with the higher priority level is typically transmitted prior to data associated with the lower priority level. In response to an attempt to modify the associated priority level, the client determines whether the attempt is being made by an approved user. In response to a determination that the attempt is not being made by an approved user, the attempted modification of the priority level is prohibited. In another embodiment, a priority level may be associated with each class of data. When the client computer system transmits a packet, the client determines which class of data is included in the packet. The priority level associated with that class is then associated with the packet including that class of data. The client, then, transmits the packet which is associated with one of the priority levels.

摘要翻译： 公开了一种数据处理系统和方法，用于禁止未经授权的用户修改与客户端计算机系统相关联的优先级。 在通过网络传送客户端的数据时，客户端计算机系统利用优先级。 多个优先级中的一个与客户端计算机系统相关联。 多个优先级包括较高优先级和较低优先级。 客户端计算机系统将优先级与客户端计算机系统通过网络发送的数据相关联。 与较高优先级相关联的数据通常在与较低优先级相关联的数据之前传输。 响应于尝试修改相关联的优先级，客户端确定尝试是否由批准​​用户进行。 为了对被许可用户不进行尝试的确定作出回应，禁止尝试修改优先级。 在另一个实施例中，优先级可以与每类数据相关联。 当客户端计算机系统发送数据包时，客户端确定数据包中包含哪一类数据。 然后，与该类相关联的优先级与包括该类数据的分组相关联。 然后，客户端发送与优先级中的一个相关联的分组。

公开(公告)号：US07155605B1

公开(公告)日：2006-12-26

申请号：US09281852

申请日：1999-03-31

申请人： Daryl Carvis Cromer ,  Howard Locker ,  Andy Lloyd Trotter ,  James Peter Ward

发明人： Daryl Carvis Cromer ,  Howard Locker ,  Andy Lloyd Trotter ,  James Peter Ward

IPC分类号： H04K9/00

CPC分类号： G06F21/6263 ,  Y10S707/99939

摘要： A data processing system and method are disclosed for maintaining a secure data block within the system. A block of data is established within the system. The block of data is associated with a particular user and a particular application. A hardware master key pair is established for the system. The hardware master key pair includes a master private key and a master public key. The hardware master key pair is associated with the system for which it was established so that the master private key is known to only that system. The block of data is encrypted utilizing the master public key. The master private key is required to decrypt the encrypted block of data. This data processing system is the only system capable of decrypting the encrypted block of data.

摘要翻译： 公开了一种用于在系统内维护安全数据块的数据处理系统和方法。 在系统内建立一个数据块。 数据块与特定用户和特定应用相关联。 为系统建立了硬件主密钥对。 硬件主密钥对包括主专用密钥和主公钥。 硬件主密钥对与其建立的系统相关联，以便只有该系统才能知道主密钥。 使用主公钥对数据块进行加密。 主密钥需要解密加密的数据块。 该数据处理系统是能够解密加密的数据块的唯一系统。

公开(公告)号：US06567920B1

公开(公告)日：2003-05-20

申请号：US09282892

申请日：1999-03-31

申请人： Daryl Carvis Cromer ,  Dhruv M. Desai ,  Brandon Jon Ellison ,  Eric Richard Kern ,  Howard Locker ,  Andy Lloyd Trotter ,  James Peter Ward

发明人： Daryl Carvis Cromer ,  Dhruv M. Desai ,  Brandon Jon Ellison ,  Eric Richard Kern ,  Howard Locker ,  Andy Lloyd Trotter ,  James Peter Ward

IPC分类号： G06F1130

CPC分类号： G06F21/313 ,  G06F21/31

摘要： A data processing system and method are disclosed for authenticating a client computer system to a secure network prior to permitting the client computer system to attempt to log-on to the network. The secure network is controlled by a server computer system. A unique identifier is established which identifies the client computer system. The unique identifier is encrypted. Prior to permitting the client computer system to attempt to log-on to the secure network, the client computer system transmits the encrypted identifier to the server computer system. Also prior to permitting the client computer system to attempt to log-on to the network, the server computer system utilizes the unique identifier to determine whether to permit the client computer system to attempt to log-on to the network. The client computer system is authenticated prior to permitting the client computer system to attempt to log-on to the network.

摘要翻译： 公开了一种数据处理系统和方法，用于在允许客户端计算机系统尝试登录到网络之前将客户端计算机系统认证到安全网络。 安全网络由服务器计算机系统控制。 建立了识别客户端计算机系统的唯一标识符。 唯一标识符被加密。 在允许客户端计算机系统尝试登录到安全网络之前，客户端计算机系统将加密的标识符发送到服务器计算机系统。 此外，在允许客户端计算机系统尝试登录到网络之前，服务器计算机系统利用唯一标识符来确定是否允许客户端计算机系统尝试登录到网络。 在允许客户端计算机系统尝试登录到网络之前，客户端计算机系统被认证。