-
公开(公告)号:US07929701B1
公开(公告)日:2011-04-19
申请号:US10049812
申请日:2000-01-28
Applicant: Eric J. Sprunk , Paul Moroney
Inventor: Eric J. Sprunk , Paul Moroney
CPC classification number: H04L29/06027 , G06F12/1408 , G06F21/606 , G06F2207/7219 , G06F2211/008 , G06F2221/2129 , H04L9/3263 , H04L63/0435 , H04L63/062 , H04L63/30 , H04L65/1043 , H04L2209/56 , Y02E50/17
Abstract: Multiple public/private key pairs of varying levels of security are used to provide a high level of security while still allowing fast processing of encrypted information. The lower-security level includes keys that are small in length, that are changed relatively often, and that require less or fewer resources to implement their functions. When it is required to change key pairs of low security, a key pair at a higher security level (i.e., longer length keys) than the lower-security level keys is used to transfer the new lower-security public keys to devices using those keys. The higher-security keys can, in turn, be changed at a frequency lower than the lower-security keys. The higher-security keys require a higher level of resources to perform their coding operations. This approach of using keys of escalating levels of security to replace lower-security keys, where the higher-security keys require more resources, are more secure, and are replaced less often than the lower-security keys, can be followed as many times as is desired to create a hierarchy of public key uses with the result that the lower-security operations can be performed quickly while the overall system security is high.
Abstract translation: 使用不同级别的安全性的多个公钥/私钥对来提供高水平的安全性,同时仍然允许加密信息的快速处理。 较低安全级别包括长度较小的密钥,相对频繁地更改,并且需要较少或较少的资源来实现其功能。 当需要更改低安全性的密钥对时,使用比较低安全级别密钥更高的安全级别的密钥对(即较长的密钥)将新的较低安全性的公钥传输到使用这些密钥的设备 。 更高安全性的密钥又可以以低于较低安全密钥的频率进行更改。 较高安全性的密钥需要更高级别的资源来执行编码操作。 使用升级级别的安全性的密钥替代较低安全性密钥(其中较高安全性密钥需要更多资源)的方法更安全,并且被替换的次数低于较低安全密钥,可以跟随多次 需要创建公共密钥使用的层次结构,结果是可以在整个系统安全性较高的情况下快速执行较低安全性的操作。
-
公开(公告)号:US06711684B1
公开(公告)日:2004-03-23
申请号:US09394765
申请日:1999-09-13
Applicant: Paul Moroney , Eric J. Sprunk , Adam L. Rappoport , Lawrence W. Tang
Inventor: Paul Moroney , Eric J. Sprunk , Adam L. Rappoport , Lawrence W. Tang
IPC: G06F1214
CPC classification number: G06F21/572 , G06F8/66 , G06F12/1408 , G06F21/64 , G06F21/71 , G06F21/72 , G06F21/73 , G06F21/74 , G06F2207/7219 , G06F2221/2105 , G06F2221/2129 , G06F2221/2147
Abstract: Methods and an apparatus for storing information in a processing device with flexible security are disclosed. In one embodiment, a method stores information within the processing device. The method receives a download via a first input path which includes a first breakable link and stores the download within the processing device. At some point, a key is also stored within the processing device. A ciphertext download is received via a second input path which includes a second breakable link. The ciphertext download is decrypted utilizing the key and the resulting plaintext download is stored within the processing device.
Abstract translation: 公开了一种在具有灵活安全性的处理设备中存储信息的方法和装置。 在一个实施例中,方法将信息存储在处理设备内。 该方法经由包括第一可破坏链路的第一输入路径接收下载,并将该下载存储在处理设备内。 在某一点上,密钥也存储在处理设备内。 经由包括第二可破坏链路的第二输入路径接收密文下载。 使用密钥对密文下载进行解密,并将所得到的明文下载存储在处理设备内。
-
公开(公告)号:US08544077B2
公开(公告)日:2013-09-24
申请号:US12490124
申请日:2009-06-23
Applicant: Eric J. Sprunk , Paul Moroney , Alexander Medvinsky , Steven E. Anderson , Jonathan A. Fellows
Inventor: Eric J. Sprunk , Paul Moroney , Alexander Medvinsky , Steven E. Anderson , Jonathan A. Fellows
IPC: G06F7/04
CPC classification number: H04L29/06027 , G06F12/1408 , G06F21/606 , G06F2207/7219 , G06F2211/008 , G06F2221/2129 , H04L9/083 , H04L9/0841 , H04L9/3213 , H04L9/3263 , H04L63/0435 , H04L63/0442 , H04L63/061 , H04L63/062 , H04L63/0807 , H04L63/12 , H04L65/1043
Abstract: A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.
-
公开(公告)号:US07660986B1
公开(公告)日:2010-02-09
申请号:US09576516
申请日:2000-05-23
Applicant: Xin Qiu , Eric J. Sprunk , Paul Moroney
Inventor: Xin Qiu , Eric J. Sprunk , Paul Moroney
CPC classification number: H04N21/4623 , H04L9/002 , H04L9/088 , H04N7/1675 , H04N21/26606
Abstract: A system to change security levels is used to change the level of security used in a secured processing system. The system uses a status indicator to designate the security level being implemented. The security level can be upgraded to allow a higher level of security to be implemented with relative ease. However, in order to change from a higher level of security to a lower level of security, an authorization code is utilized to confirm that the change in security is authorized.
Abstract translation: 用于更改安全级别的系统用于改变安全处理系统中使用的安全级别。 系统使用状态指示器来指定正在执行的安全级别。 可以升级安全级别,以便相对容易地实现更高级别的安全性。 然而,为了从更高的安全级别改为较低级别的安全性,使用授权码来确认安全性的改变是否被授权。
-
公开(公告)号:US07568223B2
公开(公告)日:2009-07-28
申请号:US10893047
申请日:2004-07-15
Applicant: Eric J. Sprunk , Paul Moroney , Alexander Medvinsky , Steven E. Anderson , Jonathan A. Fellows
Inventor: Eric J. Sprunk , Paul Moroney , Alexander Medvinsky , Steven E. Anderson , Jonathan A. Fellows
IPC: H04L9/00
CPC classification number: H04L29/06027 , G06F12/1408 , G06F21/606 , G06F2207/7219 , G06F2211/008 , G06F2221/2129 , H04L9/083 , H04L9/0841 , H04L9/3213 , H04L9/3263 , H04L63/0435 , H04L63/0442 , H04L63/061 , H04L63/062 , H04L63/0807 , H04L63/12 , H04L65/1043
Abstract: A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.
Abstract translation: 公开了一种安全的因特网协议(IP)电话系统,装置和方法。 通过IP电话系统的通信可以通过保护与有线电话适配器(CTA)的通信来保护。 该系统可以包括一个或多个CTA,网络服务器,配置为信令控制器的服务器,密钥分配中心(KDC),并且可以包括将IP电话系统耦合到公共交换电话网络(PSTN)的网关。 每个CTA都可以配置为安全硬件,并且可以配置多个用于通信信令或承载信道通信的加密密钥。 KDC可以被配置为周期性地分配对称加密密钥以保护已经被提供以在系统和信令控制器中操作的设备之间的通信。 诸如CTA之类的安全设备可以通过建立用由信令控制器分配的对称密钥导出的会话专用对称密钥加密的信令和承载信道来与其他安全设备进行通信。
-
Patent Agency Ranking
公开(公告)号:US20090323954A1
公开(公告)日:2009-12-31
申请号:US12490124
申请日:2009-06-23
Applicant: Eric J. Sprunk , Paul Moroney , Alexander Medvinsky , Steven E. Anderson , Jonathan A. Fellows
Inventor: Eric J. Sprunk , Paul Moroney , Alexander Medvinsky , Steven E. Anderson , Jonathan A. Fellows
CPC classification number: H04L29/06027 , G06F12/1408 , G06F21/606 , G06F2207/7219 , G06F2211/008 , G06F2221/2129 , H04L9/083 , H04L9/0841 , H04L9/3213 , H04L9/3263 , H04L63/0435 , H04L63/0442 , H04L63/061 , H04L63/062 , H04L63/0807 , H04L63/12 , H04L65/1043
Abstract: A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.
Abstract translation: 公开了一种安全的因特网协议(IP)电话系统,装置和方法。 通过IP电话系统的通信可以通过保护与有线电话适配器(CTA)的通信来保护。 该系统可以包括一个或多个CTA,网络服务器,配置为信令控制器的服务器,密钥分配中心(KDC),并且可以包括将IP电话系统耦合到公共交换电话网络(PSTN)的网关。 每个CTA都可以配置为安全硬件,并且可以配置多个用于通信信令或承载信道通信的加密密钥。 KDC可以被配置为周期性地分配对称加密密钥以保护已经被提供以在系统和信令控制器中操作的设备之间的通信。 诸如CTA之类的安全设备可以通过建立用由信令控制器分配的对称密钥导出的会话专用对称密钥加密的信令和承载信道来与其他安全设备进行通信。
-
公开(公告)号:US07058609B2
公开(公告)日:2006-06-06
申请号:US10114898
申请日:2002-04-02
Applicant: Paul Moroney , Eric J. Sprunk
Inventor: Paul Moroney , Eric J. Sprunk
IPC: G06F17/60
CPC classification number: H04L63/04 , G06Q30/018 , H04L63/0428 , H04L63/062 , H04L63/08 , H04L63/10 , H04L2463/101 , H04N7/165 , H04N7/1675 , H04N7/173 , H04N7/17345 , H04N21/25435 , H04N21/4623 , H04N21/4667 , H04N21/6582
Abstract: A system is described for allowing “pay by time” purchasing of digital video programming. The system provides for a variable or metered approach. A user can purchase a fraction of a program for a price different from that required for purchasing the entire program. Records of the user's viewing can be created to record, e.g., when a user started receiving a program, how long the user received a program, and when the user stopped receiving a program.
-
公开(公告)号:US08356314B2
公开(公告)日:2013-01-15
申请号:US11250352
申请日:2005-10-14
Applicant: Eric J. Sprunk
Inventor: Eric J. Sprunk
CPC classification number: H04L63/08 , H04N7/1675 , H04N21/23476 , H04N21/2541 , H04N21/4117 , H04N21/435 , H04N21/4424 , H04N21/4623 , H04N21/8166 , H04N21/835 , H04N21/8355 , H04N2005/91364
Abstract: A method for securing a plaintext object within a content receiver is described. In one step, a secure portion of a secure object and a plaintext remainder of the secure object are received. Which portion of the secure object is the secure portion is determined. The secure portion is decrypted to provide a plaintext portion. The plaintext object that comprises the plaintext portion and the plaintext remainder is formed. The plaintext object is stored including authentication and authorization.
Abstract translation: 描述了用于保护内容接收器内的明文对象的方法。 在一个步骤中,接收安全对象的安全部分和安全对象的明文剩余部分。 确定安全对象的哪一部分是安全部分。 解密安全部分以提供明文部分。 形成包含明文部分和明文余数的明文对象。 存储明文对象包括认证和授权。
-
公开(公告)号:US08321663B2
公开(公告)日:2012-11-27
申请号:US12650943
申请日:2009-12-31
Applicant: Alexander Medvinsky , Tat Keung Chan , Eric J. Sprunk
Inventor: Alexander Medvinsky , Tat Keung Chan , Eric J. Sprunk
IPC: H04L9/00
CPC classification number: H04L9/3263 , H04L9/3247 , H04L63/0823 , H04L63/162 , H04L2209/60 , H04L2209/80 , H04W12/06
Abstract: A method is provided for enhancing security of a communication session between first and second endpoints which employs a key management protocol. The method includes sending a first message to a first end point over a communications network requesting a secure communication session therewith. The message includes an identity of a second end point requesting the authenticated communication session. A digital certificate is received from the first endpoint over the communications network. The digital certificate is issued by a certifying source verifying information contained in the digital certificate. The digital certificate includes a plurality of fields, one or more of which are transformed in accordance with a transformation algorithm. A reverse transform is applied to the one or more transformed fields to obtain the one or more fields. The digital certificate is validated and a second message is sent to the first endpoint indicating that validation is complete.
Abstract translation: 提供了一种用于增强使用密钥管理协议的第一和第二端点之间的通信会话的安全性的方法。 该方法包括通过通信网络向第一终端发送请求与其的安全通信会话的第一消息。 该消息包括请求认证通信会话的第二端点的标识。 通过通信网络从第一端点接收数字证书。 数字证书由认证来源验证数字证书中包含的信息。 数字证书包括多个字段,其中一个或多个字段根据变换算法进行变换。 对一个或多个变换字段应用反向变换以获得一个或多个字段。 验证数字证书,并将第二个消息发送到第一个端点,表示验证完成。
-
公开(公告)号:US20110161661A1
公开(公告)日:2011-06-30
申请号:US12650943
申请日:2009-12-31
Applicant: Alexander Medvinsky , Tat Keung Chan , Eric J. Sprunk
Inventor: Alexander Medvinsky , Tat Keung Chan , Eric J. Sprunk
CPC classification number: H04L9/3263 , H04L9/3247 , H04L63/0823 , H04L63/162 , H04L2209/60 , H04L2209/80 , H04W12/06
Abstract: A method is provided for enhancing security of a communication session between first and second endpoints which employs a key management protocol. The method includes sending a first message to a first end point over a communications network requesting a secure communication session therewith. The message includes an identity of a second end point requesting the authenticated communication session. A digital certificate is received from the first endpoint over the communications network. The digital certificate is issued by a certifying source verifying information contained in the digital certificate. The digital certificate includes a plurality of fields, one or more of which are transformed in accordance with a transformation algorithm. A reverse transform is applied to the one or more transformed fields to obtain the one or more fields. The digital certificate is validated and a second message is sent to the first endpoint indicating that validation is complete.
Abstract translation: 提供了一种用于增强使用密钥管理协议的第一和第二端点之间的通信会话的安全性的方法。 该方法包括通过通信网络向第一终端发送请求与其的安全通信会话的第一消息。 该消息包括请求认证通信会话的第二端点的标识。 通过通信网络从第一端点接收数字证书。 数字证书由认证来源验证数字证书中包含的信息。 数字证书包括多个字段,其中一个或多个字段根据变换算法进行变换。 对一个或多个变换字段应用反向变换以获得一个或多个字段。 验证数字证书,并将第二个消息发送到第一个端点,表示验证完成。
-
-
-
-
-
-
-
-
-
Search Results
34
records
(took 0.019 seconds)
