利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

63 条记录 (耗时 0.026 秒)

    METHOD AND SYSTEM FOR GENERATING DIGITAL CERTIFICATES AND CERTIFICATE SIGNING REQUESTS
    1.
    发明申请
    METHOD AND SYSTEM FOR GENERATING DIGITAL CERTIFICATES AND CERTIFICATE SIGNING REQUESTS 审中-公开
    产生数字证书和证书签名要求的方法和系统

    公开(公告)号:US20100138907A1

    公开(公告)日:2010-06-03

    申请号:US12326002

    申请日:2008-12-01

    申请人: Garret Grajek Stephen Moore Mark Lambiase

    发明人: Garret Grajek Stephen Moore Mark Lambiase

    IPC分类号: H04L9/32 G06F15/16 G06F17/00

    CPC分类号: H04L9/3263 H04L63/0823

    摘要: A certificate server is provided for issuing digital certificates to be used by a network resource and/or a client resource. The certificate server is configured to communicate with the network resource or the client resource to receive a certificate request. Upon receiving the certificate request, the certificate server may automate the process for authenticating the certificate request, validating the terms of the certificate request and digitally signing the certificate request. An authentication appliance may communicate with or be integrated within the certificate server. The certificate server includes a web service server, a certificate authority component, and a database that enable communication with either the network resource, client resource, or the authentication appliance to automate the administration process typically involved in receiving and signing a certificate request. The certificate authority component may sign the certificate request with a trusted root chain associated with the network resource.

    摘要翻译: 提供证书服务器用于发行要由网络资源和/或客户端资源使用的数字证书。 证书服务器被配置为与网络资源或客户端资源通信以接收证书请求。 证书服务器在收到证书请求后,可自动执行认证证书请求的过程,验证证书请求的条款并对证书请求进行数字签名。 身份验证设备可以与证书服务器通信或集成在证书服务器中。 证书服务器包括Web服务服务器,证书颁发机构组件和能够与网络资源,客户端资源或身份验证设备通信的数据库,以自动执行通常涉及到接收和签署证书请求的管理过程。 证书颁发机构组件可以使用与网络资源相关联的受信任的根链对证书请求进行签名。

    SYSTEM AND METHOD FOR SECURED NETWORK ACCESS UTILIZING A CLIENT .NET SOFTWARE COMPONENT
    2.
    发明申请
    SYSTEM AND METHOD FOR SECURED NETWORK ACCESS UTILIZING A CLIENT .NET SOFTWARE COMPONENT 审中-公开
    使用客户端软件组件的安全网络访问的系统和方法

    公开(公告)号:US20090307486A1

    公开(公告)日:2009-12-10

    申请号:US12135466

    申请日:2008-06-09

    申请人: Garret Grajek Stephen Moore Mark Lambiase

    发明人: Garret Grajek Stephen Moore Mark Lambiase

    IPC分类号: H04L9/32

    CPC分类号: H04L9/3273 H04L9/3263 H04L63/0272 H04L63/0428 H04L63/062 H04L63/0823 H04L63/123 H04L2209/56

    摘要: A method for self-service authentication of a client and a server. The method includes the server receiving an initialization command from the client. The initialization command may be transmitted to the server via a client web browser over an unsecured data transfer link. The method continues with requesting authentication information from the client. In response to receiving the authentication information from the client, the server transmits a client software component to the client. The client software component utilizes a client-side library installed on the operating system of the client to generate the various client credentials described above. Thereafter, the certificate signing request may be transmitted to a certificate server for signing the certificate signing request. The signed certificate signing request is then received by the client via the client web browser. The client utilizes the information associated with the signed certificate signing request with the client-side library installed on the client to generate a client certificate.

    摘要翻译: 一种用于客户端和服务器的自服务认证的方法。 该方法包括服务器从客户端接收初始化命令。 初始化命令可以经由客户端web浏览器通过不安全的数据传输链路传送到服务器。 该方法继续请求来自客户端的认证信息。 响应于从客户端接收认证信息,服务器向客户端发送客户端软件组件。 客户端软件组件利用安装在客户机操作系统上的客户端库生成上述各种客户端证书。 此后,证书签发请求可以被发送到证书服务器以签署证书签名请求。 然后,客户端通过客户端Web浏览器接收签名的证书签名请求。 客户端使用与签名的证书签名请求相关联的信息与安装在客户端上的客户端库生成客户端证书。

    SYSTEM AND METHOD FOR STORING CLIENT-SIDE CERTIFICATE CREDENTIALS
    3.
    发明申请
    SYSTEM AND METHOD FOR STORING CLIENT-SIDE CERTIFICATE CREDENTIALS 审中-公开
    存储客户端证书凭证的系统和方法

    公开(公告)号:US20090240936A1

    公开(公告)日:2009-09-24

    申请号:US12052630

    申请日:2008-03-20

    申请人: MARK LAMBIASE Garret Grajek Stephen Moore

    发明人: MARK LAMBIASE Garret Grajek Stephen Moore

    IPC分类号: H04L9/00

    CPC分类号: H04L9/3263 H04L63/0272 H04L63/0823 H04L63/123 H04L2209/56

    摘要: A method and system is provided for storing a plurality of client certificate credentials via a client web browser into one or more keystore file(s). The client web browser is used to establish the secure data transfer link between the client and the server. The client web browser includes a plug-in software component. The plug-in software component is configured to generate the keystore file and a key pair. The method may continue with generating a certificate request on the client. The certificate request generated is then transmitted to a certificate server. The certificate server is configured to digitally sign the certificate request generated. The method continues with the client receiving a signed certificate request. The signed certificate request is received by the client via the client web browser. The method may conclude by storing the plurality of client certificate credentials associated with the signed certificate request in one or more keystore file(s).

    摘要翻译: 提供了一种方法和系统,用于经由客户端web浏览器将多个客户端证书凭证存储到一个或多个密钥库文件中。 客户端Web浏览器用于建立客户端和服务器之间的安全数据传输链路。 客户端Web浏览器包括一个插件软件组件。 插件软件组件配置为生成密钥库文件和密钥对。 该方法可以继续在客户端上生成证书请求。 然后生成的证书请求被发送到证书服务器。 证书服务器被配置为对所生成的证书请求进行数字签名。 方法继续,客户端接收签名的证书请求。 签名的证书请求由客户端通过客户端Web浏览器接收。 该方法可以通过将与签名的证书请求相关联的多个客户端证书凭证存储在一个或多个密钥库文件中来得出。

    SYSTEM AND METHOD FOR AUTHENTICATING A CLIENT TO A SERVER VIA AN IPSEC VPN AND FACILITATING A SECURE MIGRATION TO SSL VPN REMOTE ACCESS
    4.
    发明申请
    SYSTEM AND METHOD FOR AUTHENTICATING A CLIENT TO A SERVER VIA AN IPSEC VPN AND FACILITATING A SECURE MIGRATION TO SSL VPN REMOTE ACCESS 审中-公开
    通过IPSEC VPN验证服务器的客户端的系统和方法,并为SSL VPN远程访问提供安全移动

    公开(公告)号:US20090025080A1

    公开(公告)日:2009-01-22

    申请号:US12212959

    申请日:2008-09-18

    申请人: Craig Lund Garret Grajek Stephen Moore Mark Lambiase

    发明人: Craig Lund Garret Grajek Stephen Moore Mark Lambiase

    IPC分类号: H04L29/06

    CPC分类号: H04L9/3215 H04L9/3228 H04L9/3263 H04L9/3273 H04L63/0272 H04L63/0823 H04L63/166 H04L2209/56

    摘要: Authenticating a client to a server accessible through an Internet Protocol Security (IPSec) Virtual Private Network (VPN) appliance. The IPSec VPN appliance and an SSL VPN appliance are configured to receive an initialization command from the client. The SSL VPN appliance is in communication with an authentication appliance for authenticating the client to the server. In response to the initialization command, the authentication appliance generates a client key pair including a client private key and a client public key. The authentication appliance generates a client certificate and a client IPSec profile. The authentication appliance transmits the client key pair, the client certificate and the client IPSec profile to the client. A secure communication session between the client and the server is established. The secure communication session is established through the IPSec VPN appliance. Upon receipt of the IPSec profile, the communication session between the client and the server is encrypted.

    摘要翻译: 将客户端验证到可通过Internet协议安全(IPSec)虚拟专用网(VPN)设备访问的服务器。 IPSec VPN设备和SSL VPN设备配置为从客户端接收初始化命令。 SSL VPN设备与认证设备通信,用于向服务器认证客户端。 响应于初始化命令,认证装置产生包括客户端私钥和客户端公钥的客户端密钥对。 身份验证设备生成客户端证书和客户端IPSec配置文件。 认证设备将客户端密钥对,客户端证书和客户端IPSec配置文件发送给客户端。 建立客户端与服务器之间的安全通信会话。 安全通信会话通过IPSec VPN设备建立。 在接收到IPSec配置文件之后,客户端和服务器之间的通信会话被加密。

    METHOD AND SYSTEM FOR SECURE ONLINE TRANSACTIONS WITH MESSAGE-LEVEL VALIDATION
    5.
    发明申请
    METHOD AND SYSTEM FOR SECURE ONLINE TRANSACTIONS WITH MESSAGE-LEVEL VALIDATION 审中-公开
    使用消息级验证安全在线交易的方法和系统

    公开(公告)号:US20100217975A1

    公开(公告)日:2010-08-26

    申请号:US12392760

    申请日:2009-02-25

    申请人: Garret Grajek Stephen Moore Mark Lambiase

    发明人: Garret Grajek Stephen Moore Mark Lambiase

    IPC分类号: H04L9/32

    CPC分类号: G06F21/445 H04L9/3226 H04L9/3263 H04L9/3271 H04L63/0823 H04L63/083 H04L63/168 H04L2209/56

    摘要: A method and system for authenticating a client and a server is disclosed. In one contemplated embodiment, the client has a client certificate and the server have a server certificate. The client is validated to an authentication module based upon a certificate request identifier generated thereby, a secure data link certificate, and an authentication module Uniform Resource Locator. The authentication module is validated to the client based upon the client certificate and the certificate request identifier. A password associated with a user identifier that is encrypted with a private client key and signed with a public server key is transmitted to the authentication module. The password is then validated.

    摘要翻译: 公开了一种用于认证客户机和服务器的方法和系统。 在一个预期的实施例中,客户端具有客户端证书,并且服务器具有服务器证书。 基于由此产生的证书请求标识符,安全数据链路证书和认证模块统一资源定位符,验证客户端到认证模块。 验证模块根据客户端证书和证书请求标识符对客户端进行验证。 与用私人客户端密钥加密并用公共服务器密钥签名的用户标识符相关联的密码被发送到认证模块。 密码然后验证。

    System and method for facilitating secure online transactions
    6.
    发明申请
    System and method for facilitating secure online transactions 有权
    用于促进安全在线交易的系统和方法

    公开(公告)号:US20080077796A1

    公开(公告)日:2008-03-27

    申请号:US11702371

    申请日:2007-02-05

    申请人: Craig Lund Garret Grajek Stephen Moore

    发明人: Craig Lund Garret Grajek Stephen Moore

    IPC分类号: H04L9/32

    CPC分类号: H04L9/3273 H04L9/0643 H04L9/3239 H04L9/3263 H04L63/0823 H04L63/0869 H04L63/166

    摘要: A method and system for mutually authenticating a client and a server is provided in accordance with an aspect of the present invention. The method commences with transmitting a token from the server to the client. Thereafter, the method continues with establishing a secure data transfer link between the server and the client. A server certificate is transmitted to the client during the establishment of the secure data transfer link. The method continues with transmitting a response packet to the server, which is validated thereby upon receipt. The system includes a client authentication module that initiates the secure data transfer link and transmits the response packet, and a server authentication module that transmits the token and validates the response packet.

    摘要翻译: 根据本发明的一个方面提供一种用于相互认证客户机和服务器的方法和系统。 该方法开始于从服务器向客户端发送令牌。 此后,该方法继续在服务器和客户端之间建立安全的数据传输链路。 在建立安全数据传输链路期间,向客户端发送服务器证书。 该方法继续向服务器发送响应分组,由此在接收到该响应分组时被验证。 系统包括发起安全数据传输链路并发送响应分组的客户端认证模块,以及发送令牌并验证响应分组的服务器认证模块。

    System and method for secured network access
    7.
    发明申请
    System and method for secured network access 审中-公开
    用于安全网络访问的系统和方法

    公开(公告)号:US20080077791A1

    公开(公告)日:2008-03-27

    申请号:US11880599

    申请日:2007-07-23

    申请人: Craig Lund Garret Grajek Stephen Moore

    发明人: Craig Lund Garret Grajek Stephen Moore

    IPC分类号: H04L9/32

    CPC分类号: H04L63/0823 H04L9/3215 H04L9/3263 H04L9/3273 H04L63/0272 H04L63/166 H04L2209/56

    摘要: A method and system for secured network access is provided in accordance with the present invention. The method begins with receiving a login request from a client on a router. Thereafter, a certificate transfer instruction for the router to an authentication appliance is generated where the client lacks a copy of a client certificate. The client is authenticated with a challenge-response sequence, the response to which is deliverable through an out-of-band communications channel. Upon authentication, the client certificate and the client private key are transmitted to the client, which are used to authenticate the client to the network.

    摘要翻译: 根据本发明提供了一种用于安全网络访问的方法和系统。 该方法开始于从路由器上的客户端接收登录请求。 此后,生成用于认证设备的路由器的证书传送指令,其中客户端缺少客户端证书的副本。 客户端通过质询 - 响应序列进行身份验证,其响应可通过带外通信通道传递。 在认证时,将客户端证书和客户端私钥传输到客户端,客户端用于向客户端认证网络。

    System and method for facilitating secure online transactions
    8.
    发明授权
    System and method for facilitating secure online transactions 有权
    用于促进安全在线交易的系统和方法

    公开(公告)号:US08327142B2

    公开(公告)日:2012-12-04

    申请号:US11702371

    申请日:2007-02-05

    申请人: Craig Lund Garret Grajek Stephen Moore

    发明人: Craig Lund Garret Grajek Stephen Moore

    IPC分类号: H04L29/06

    CPC分类号: H04L9/3273 H04L9/0643 H04L9/3239 H04L9/3263 H04L63/0823 H04L63/0869 H04L63/166

    摘要: A method and system for mutually authenticating a client and a server is provided in accordance with an aspect of the present invention. The method commences with transmitting a token from the server to the client. Thereafter, the method continues with establishing a secure data transfer link between the server and the client. A server certificate is transmitted to the client during the establishment of the secure data transfer link. The method continues with transmitting a response packet to the server, which is validated thereby upon receipt. The system includes a client authentication module that initiates the secure data transfer link and transmits the response packet, and a server authentication module that transmits the token and validates the response packet.

    摘要翻译: 根据本发明的一个方面提供一种用于相互认证客户机和服务器的方法和系统。 该方法开始于从服务器向客户端发送令牌。 此后,该方法继续在服务器和客户端之间建立安全的数据传输链路。 在建立安全数据传输链路期间,向客户端发送服务器证书。 该方法继续向服务器发送响应分组,由此在接收到该响应分组时被验证。 系统包括发起安全数据传输链路并发送响应分组的客户端认证模块,以及发送令牌并验证响应分组的服务器认证模块。