公开(公告)号：US20110307937A1

公开(公告)日：2011-12-15

申请号：US13213172

申请日：2011-08-19

申请人： Hal S. Hildebrand ,  Denis Jacques Paul Garcia

发明人： Hal S. Hildebrand ,  Denis Jacques Paul Garcia

IPC分类号： G06F17/00

CPC分类号： G06F21/6218 ,  H04L9/0825 ,  H04L9/3226

摘要： Improved system and approaches for decentralized key generation are disclosed. The keys that can be generated include both public keys and private keys. The public keys are arbitrary strings that embed or encode access restrictions. The access restrictions are used to enforce access control policies. The public keys are used to encrypt some or all portions of files. The private keys can be generated to decrypt the portions of the files that have been encrypted with the public keys. By generating keys in a decentralized manner, not only are key distribution burdens substantially eliminated but also off-line access to encrypted files is facilitated.

摘要翻译： 披露了改进的分散密钥生成系统和方法。 可以生成的密钥包括公钥和私钥。 公钥是嵌入或编码访问限制的任意字符串。 访问限制用于强制访问控制策略。 公钥用于加密文件的一些或所有部分。 可以生成私钥来解密用公钥加密的文件的部分。 通过以分散的方式生成密钥，不仅基本上消除了密钥分发负担，而且促进了对加密文件的离线访问。

公开(公告)号：US07921450B1

公开(公告)日：2011-04-05

申请号：US10295363

申请日：2002-11-15

申请人： Klimenty Vainstein ,  Hal S. Hildebrand

发明人： Klimenty Vainstein ,  Hal S. Hildebrand

IPC分类号： G06F17/00

CPC分类号： H04L63/105 ,  G06F21/6209 ,  G06F2221/2117 ,  G06F2221/2141 ,  H04L63/0428 ,  H04L63/06 ,  H04L63/102

摘要： Improved system and approaches for centralized storage of access restrictions which are associated with public keys are disclosed. The access restrictions serve to limit access to files secured by a security system. According to one aspect of the present invention, identifiers, or encoded versions thereof, are used as public keys to identify particular access restrictions. The identifiers to the access restrictions are used in a decentralized manner for public keys, while the access restrictions themselves are maintained in a centralized manner. As compared to the access restrictions, the public keys based on identifiers tend to be smaller and more uniform in size. The centralized storage of the access restrictions also facilitates subsequent changes to access restrictions for previously secured files. The improved system and approaches is particularly suitable in an enterprise environment.

摘要翻译： 公开了用于集中存储与公共密钥相关联的访问限制的改进的系统和方法。 访问限制用于限制对由安全系统保护的文件的访问。 根据本发明的一个方面，使用标识符或其编码版本作为公钥来识别特定的访问限制。 访问限制的标识符以分散的方式用于公共密钥，而访问限制本身以集中的方式保持。 与访问限制相比，基于标识符的公开密钥的大小更小，更均匀。 访问限制的集中存储还有助于随后更改先前安全文件的访问限制。 改进的系统和方法在企业环境中特别适用。

公开(公告)号：US07921288B1

公开(公告)日：2011-04-05

申请号：US10105532

申请日：2002-03-20

申请人： Hal S. Hildebrand

发明人： Hal S. Hildebrand

IPC分类号： H04L29/06

CPC分类号： H04L63/04 ,  H04L63/06 ,  H04L63/08

摘要： With files secured by encryption techniques, keys are often required to gain access to the secured files. Techniques for providing and using multiple levels of keystores for securing the keys are disclosed. The keystores store keys that are needed by users in order to access secured files. The different levels of keystores offer compromises between security and flexibility/ease of use.

摘要翻译： 对于通过加密技术保护的文件，通常需要密钥才能访问受保护的文件。 公开了用于提供和使用多级密钥库来保护密钥的技术。 密钥库存储用户需要的密钥以访问安全文件。 不同级别的密钥库在安全性和灵活性/易用性之间提供了妥协。

公开(公告)号：US07783765B2

公开(公告)日：2010-08-24

申请号：US10076181

申请日：2002-02-12

申请人： Hal S. Hildebrand ,  Klimenty Vainstein

发明人： Hal S. Hildebrand ,  Klimenty Vainstein

IPC分类号： G06F15/16 ,  G06F15/173 ,  G06F7/04

CPC分类号： H04L63/20 ,  G06F21/6209 ,  G06F21/6218 ,  G06F21/6227 ,  G06F2221/2107 ,  G06F2221/2111 ,  G06F2221/2113 ,  G06F2221/2137 ,  G06F2221/2141 ,  H04L63/04 ,  H04L63/08 ,  H04L63/101 ,  H04L63/102 ,  H04L63/105 ,  H04L63/107 ,  H04L63/12 ,  H04L67/42

摘要： A system and method for providing distributed access control are disclosed. A number of local servers are employed to operate largely on behalf of a central server responsible for centralized access control management. Such a distributed fashion ensures the dependability, reliability and scalability of the access control management undertaking by the central server. According to one embodiment, a distributed access control system that restricts access to secured items can include at least a central server having a server module that provides overall access control, and a plurality of local servers. Each of the local servers can include a local module that provides local access control. The access control, performed by the central server or the local servers, operates to permit or deny access requests to the secured items by requestors.

摘要翻译： 公开了一种用于提供分布式访问控制的系统和方法。 许多本地服务器被用来代表负责集中访问控制管理的中央服务器。 这种分布式方式确保了中央服务器访问控制管理承担的可靠性，可靠性和可扩展性。 根据一个实施例，限制对安全项目的访问的分布式访问控制系统可以至少包括具有提供总体访问控制的服务器模块的中央服务器和多个本地服务器。 每个本地服务器可以包括提供本地访问控制的本地模块。 由中央服务器或本地服务器执行的访问控制操作用于允许或拒绝请求者对安全项目的访问请求。

公开(公告)号：US07555558B1

公开(公告)日：2009-06-30

申请号：US10642041

申请日：2003-08-15

申请人： Michael Frederick Kenrich ,  Hal S. Hildebrand ,  Senthilvasan Supramaniam

发明人： Michael Frederick Kenrich ,  Hal S. Hildebrand ,  Senthilvasan Supramaniam

IPC分类号： G06F15/16

CPC分类号： H04L67/06

摘要： Improved techniques for transferring files through a multi-tier computing environment are disclosed. The transfer of files across the multiple tiers of the computing environment can use staging at intermediate tiers to facilitate the file transfer. Each tier can include at least one computing machine that includes a file transfer manager. The file transfer managers at the computing machines in each of the multiple tiers serve to effectuate the file transfer through the multi-tier computing environment. In one embodiment, the multi-tier computing environment is a multi-tier file security system and the files being transferred are audit files.

摘要翻译： 公开了通过多层计算环境传送文件的改进技术。 文件跨越计算环境的多层传输可以使用中间层的分段来方便文件传输。 每个层可以包括至少一个包括文件传输管理器的计算机。 多层中的每个计算机中的文件传输管理器用于通过多层计算环境实现文件传输。 在一个实施例中，多层计算环境是多层文件安全系统，正在传输的文件是审计文件。

公开(公告)号：US08341406B2

公开(公告)日：2012-12-25

申请号：US13079583

申请日：2011-04-04

申请人： Hal S. Hildebrand

发明人： Hal S. Hildebrand

IPC分类号： H04L29/06

CPC分类号： H04L63/04 ,  H04L63/06 ,  H04L63/08

摘要： With files secured by encryption techniques, keys are often required to gain access to the secured files. Techniques for providing and using multiple levels of keystores for securing the keys are disclosed. The keystores store keys that are needed by users in order to access secured files. The different levels of keystores offer compromises between security and flexibility/ease of use.

摘要翻译： 对于通过加密技术保护的文件，通常需要密钥才能访问受保护的文件。 公开了用于提供和使用多级密钥库来保护密钥的技术。 密钥库存储用户需要的密钥以访问安全文件。 不同级别的密钥库在安全性和灵活性/易用性之间提供了妥协。

公开(公告)号：US08006280B1

公开(公告)日：2011-08-23

申请号：US10246079

申请日：2002-09-17

申请人： Hal S. Hildebrand ,  Denis Jacques Paul Garcia

发明人： Hal S. Hildebrand ,  Denis Jacques Paul Garcia

IPC分类号： H04L9/14

CPC分类号： G06F21/6218 ,  H04L9/0825 ,  H04L9/3226

摘要： Improved system and approaches for decentralized key generation are disclosed. The keys that can be generated include both public keys and private keys. The public keys are arbitrary strings that embed or encode access restrictions. The access restrictions are used to enforce access control policies. The public keys are used to encrypt some or all portions of files. The private keys can be generated to decrypt the portions of the files that have been encrypted with the public keys. By generating keys in a decentralized manner, not only are key distribution burdens substantially eliminated but also off-line access to encrypted files is facilitated.

摘要翻译： 披露了改进的分散密钥生成系统和方法。 可以生成的密钥包括公钥和私钥。 公钥是嵌入或编码访问限制的任意字符串。 访问限制用于强制访问控制策略。 公钥用于加密文件的一些或所有部分。 可以生成私钥来解密用公钥加密的文件的部分。 通过以分散的方式生成密钥，不仅基本上消除了密钥分发负担，而且促进了对加密文件的离线访问。