公开(公告)号：US20070005955A1

公开(公告)日：2007-01-04

申请号：US11170523

申请日：2005-06-29

申请人： Harry Pyle ,  Bruce Lieberman ,  Daniel Simon ,  Guillaume Simonnet ,  William Dollar

发明人： Harry Pyle ,  Bruce Lieberman ,  Daniel Simon ,  Guillaume Simonnet ,  William Dollar

IPC分类号： H04L9/00

CPC分类号： H04L9/3228 ,  H04L9/3263 ,  H04L9/3273

摘要： A process for establishing secure mutual trust includes generating a one-time-password. The one-time-password is transferred between the devices in a communication occurring off of the network. Each device generates a set of authenticators by hashing a plurality of sub-strings of the password and the device's authentication certificate with a respective set of nonces. The devices exchange the respective sets of authenticators. Each device then alternates revealing its respective set of nonces and its authentication certificate in a multi-stage process. The devices re-calculate the authenticators based upon the respective set of nonces and authentication certificate revealed by the other device along with the one-time-password sub-strings that it posses. If each device determines that the authenticators re-calculated by the given device matches the authenticators previously received from the other device, secure mutual trust is established.

摘要翻译： 建立安全互信的过程包括生成一次性密码。 一次性密码在网络中发生的通信中在设备之间传输。 每个设备通过用相应的一组随机数散列密码的多个子串和设备的认证证书来生成一组认证者。 设备交换相应的认证器组。 然后，每个设备在多阶段过程中交替显示其相应的一组随机数及其认证证书。 设备根据由其他设备显示的相应的一组密钥和认证证书及其拥有的一次性密码子字符串重新计算认证者。 如果每个设备确定由给定设备重新计算的认证者与先前从另一设备接收到的认证者匹配，则建立安全的相互信任。

公开(公告)号：US09164796B2

公开(公告)日：2015-10-20

申请号：US13603206

申请日：2012-09-04

申请人： Patrick Andrianiaina ,  Alexandre Seuret ,  Daniel Simon

发明人： Patrick Andrianiaina ,  Alexandre Seuret ,  Daniel Simon

IPC分类号： G06F9/46 ,  G06F9/50 ,  G05B19/042 ,  G06F9/48 ,  G06F11/00

CPC分类号： G06F9/50 ,  G05B19/0426 ,  G06F9/4887 ,  G06F11/008

摘要： A method of controlling a system includes the steps of launching a task having associated therewith a worst case execution time, and monitoring the end of the task after the end of a time slot allocated to the execution of the task, wherein the time slot is shorter than the worst case execution time. The task may be launched periodically according to a fixed period of time, and when the execution of the task ends before the allocated time slot, the method may further include outputting a value calculated based on a current input value but when the execution of the task does not end before the allocated time slot, the method may further include outputting a value calculated based on a previous input value and stopping the task and launching the task again at the next period of time with a next input value.

摘要翻译： 一种控制系统的方法包括以下步骤：启动具有与其相关联的最坏情况执行时间的任务，以及在分配给任务的执行的时隙结束之后监视任务的结束，其中时隙较短 比最糟糕的执行时间。 该任务可以根据固定的时间段周期性地启动，并且当任务的执行在分配的时隙之前结束时，该方法还可以包括输出基于当前输入值计算的值，但是当任务的执行 在分配的时隙之前不结束，该方法还可以包括输出基于先前输入值计算的值并停止任务并在下一个时间段再次启动任务并具有下一个输入值。

公开(公告)号：US20060268354A1

公开(公告)日：2006-11-30

申请号：US11385468

申请日：2006-03-21

申请人： Stephane Rodgers ,  Daniel Simon

发明人： Stephane Rodgers ,  Daniel Simon

IPC分类号： H04N1/00

CPC分类号： H04N21/434 ,  H04N9/7921 ,  H04N21/2389 ,  H04N21/4147 ,  H04N21/426 ,  H04N21/4341 ,  H04N21/4347 ,  H04N21/4385

摘要： A method and system are provided for sharing AV/record resources in a programmable transport/demultiplexer and personal video recorder (PVR) engine. The method may involve utilizing hardware assist architecture to partially process incoming packets, retrieve information about the packets, and write the retrieved information to a memory. A processor programmed with firmware may then utilize the information in memory to perform further processing on the packet data. The processor programmed with firmware may then set up configuration parameters that may be used by the hardware assist architecture to further process the packet. The parameters may be configured such that they may be independent of the format of the packet, where the hardware assist architecture functions may be utilized for processing packets regardless of their format. The system may comprise the hardware assist architecture, the processor programmed with firmware, and a memory.

摘要翻译： 提供了一种用于在可编程传输/解复用器和个人录像机（PVR）引擎中共享AV /记录资源的方法和系统。 该方法可以涉及利用硬件辅助架构来部分地处理传入分组，检索关于分组的信息，以及将检索到的信息写入存储器。 用固件编程的处理器然后可以利用存储器中的信息来对分组数据执行进一步的处理。 用固件编程的处理器然后可以设置可由硬件辅助架构使用以进一步处理分组的配置参数。 参数可以被配置为使得它们可以独立于分组的格式，其中硬件辅助架构功能可以被用于处理分组，而不管其格式如何。 该系统可以包括硬件辅助架构，用固件编程的处理器和存储器。

公开(公告)号：US20060059091A1

公开(公告)日：2006-03-16

申请号：US11263673

申请日：2005-10-31

申请人： Yi-Min Wang ,  Qixiang Sun ,  Daniel Simon ,  Wilfred Russell ,  Lili Qiu ,  Venkata Padmanabhan

发明人： Yi-Min Wang ,  Qixiang Sun ,  Daniel Simon ,  Wilfred Russell ,  Lili Qiu ,  Venkata Padmanabhan

IPC分类号： H04L9/00

CPC分类号： H04L63/0407 ,  G06F2221/2107 ,  G06F2221/2119 ,  G06Q20/10 ,  G06Q20/102 ,  G06Q20/1085 ,  G06Q20/40 ,  H04L63/1408

摘要： A system and method is provided for evaluating the effectiveness of data encryption for hiding the identity of the source of Web traffic. A signature is constructed from encrypted Web traffic for a Web page sent by a target Web site, and the signature is compared with archived traffic signatures obtained by accessing various Web pages of interest in advance. If the signature of the detected encrypted Web traffic matches a stored traffic signature beyond a pre-set statistical threshold, a positive match is found, and the source of the traffic is identified. Countermeasures for reducing the reliability of source identification based on traffic signature matching are provided.

公开(公告)号：US20050278477A1

公开(公告)日：2005-12-15

申请号：US11207081

申请日：2005-08-18

申请人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

发明人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

IPC分类号： G06F21/00 ,  G06F12/00

CPC分类号： G06F21/54 ,  G06F21/53 ,  G06F21/57

摘要： Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.

摘要翻译： 在受信任的操作系统环境中的基于清单的可信代理管理包括接收接收到的执行进程的请求，并为进程设置虚拟内存空间。 此外，访问对应于进程的清单，并且可以基于二进制文件中包括在清单中的指示符限制在虚拟存储器空间中执行多个二进制文件中的哪一个。

公开(公告)号：US20050198110A1

公开(公告)日：2005-09-08

申请号：US10955963

申请日：2004-09-30

申请人： Jason Garms ,  Chuanxiong Guo ,  Daniel Simon ,  Jiahe Wang ,  Alf Zugenmaier

发明人： Jason Garms ,  Chuanxiong Guo ,  Daniel Simon ,  Jiahe Wang ,  Alf Zugenmaier

IPC分类号： G06F21/22 ,  H04L12/26 ,  H04L29/06 ,  G06F15/16 ,  G06F11/30

CPC分类号： H04L63/1408 ,  H04L63/1433

摘要： A method and system for protecting an application that implements a communication protocol against exploitation of a communication-based vulnerability is provided. A protection system provides a protection policy that specifies how to recognize messages that expose a specific vulnerability and specifies actions to take when the vulnerability is exposed. A protection policy specifies the sequence of messages and their payload characteristics that expose a vulnerability. The protection system may specify the sequences of messages using a message protocol state machine. A message protocol state machine of an application represents the states that the application transitions through as it receives various messages. The message protocol state machine of the protection policy may be a portion of the message protocol state machine of the application relating to the vulnerability. The protection system uses the message protocol state machine to track the states that lead up to the exposing of the vulnerability.

摘要翻译： 提供了一种用于保护实现通信协议以免利用基于通信的漏洞的应用的方法和系统。 保护系统提供了保护策略，指定如何识别暴露特定漏洞的消息，并指定暴露漏洞时采取的操作。 保护策略规定了暴露漏洞的消息及其有效载荷特征的顺序。 保护系统可以使用消息协议状态机来指定消息的序列。 应用程序的消息协议状态机表示应用程序在接收各种消息时转换的状态。 保护策略的消息协议状态机可以是与该漏洞相关的应用的消息协议状态机的一部分。 保护系统使用消息协议状态机来跟踪导致该漏洞暴露的状态。

公开(公告)号：US20050172120A1

公开(公告)日：2005-08-04

申请号：US11072143

申请日：2005-03-04

申请人： Yi-Min Wang ,  Qixiang Sun ,  Daniel Simon ,  Wilfred Russell

发明人： Yi-Min Wang ,  Qixiang Sun ,  Daniel Simon ,  Wilfred Russell

IPC分类号： H04L29/06 ,  H04L29/08 ,  H04L9/00

CPC分类号： H04L63/0442 ,  G06Q20/3821 ,  H04L29/06 ,  H04L63/062 ,  H04L67/02 ,  H04L67/327 ,  H04L69/329

摘要： A system and method is provided for handling network communications between a client and a target server on the Internet to protect the privacy and anonymity of the client. For a session between the client and the target server, a routing control server sets up a routing chain using a plurality of Web servers randomly selected from a pool of participating Web servers as routers for routing messages between the client and the target server. To prevent traffic analysis, an “onion encryption” scheme is applied to the messages as they are forwarded along the routing chain. A payment service cooperating with the routing control server allows a user to pay for the privacy protection service without revealing her real identity.

摘要翻译： 提供了一种用于处理因特网上的客户机和目标服务器之间的网络通信以保护客户端的隐私和匿名性的系统和方法。 对于客户端和目标服务器之间的会话，路由控制服务器使用从参与的Web服务器池中随机选择的多个Web服务器设置路由链，作为用于在客户端和目标服务器之间路由消息的路由器。 为了防止流量分析，当消息沿着路由链转发时，“洋葱加密”方案被应用于消息。 与路由控制服务器协作的支付服务器允许用户支付隐私保护服务，而不暴露她的真实身份。

公开(公告)号：US20050138359A1

公开(公告)日：2005-06-23

申请号：US10738272

申请日：2003-12-17

申请人： Daniel Simon ,  Paramvir Bahl ,  Helen Wang

发明人： Daniel Simon ,  Paramvir Bahl ,  Helen Wang

IPC分类号： G09C1/00 ,  H04L9/10 ,  H04L9/32 ,  H04L12/28 ,  H04L12/56 ,  H04L29/06 ,  H04L9/00

CPC分类号： H04L63/0823 ,  H04W12/06 ,  H04W12/12 ,  H04W40/00 ,  H04W48/16 ,  H04W76/10 ,  H04W88/14 ,  H04W88/18

摘要： In an exemplary method implementation, a method includes: designating a neighborhood administrator; receiving notification of a delinquent router from the designated neighborhood administrator; and excluding the delinquent router responsive to the notification. In an exemplary mesh router implementation, a mesh router is capable of establishing a wireless mesh network with other mesh routers, the mesh router is further capable of designating a neighborhood administrator mesh router; and the mesh router is adapted to exclude another mesh router that is associated with a particular certificate when the particular certificate has been identified as delinquent by the designated neighborhood administrator. mesh router.

摘要翻译： 在示例性方法实现中，一种方法包括：指定邻域管理员; 从指定的邻里管理员接收违规路由器的通知; 并根据通知排除违规路由器。 在示例性网状路由器实现中，网状路由器能够与其他网状路由器建立无线网状网络，网状路由器还能够指定邻域管理员网状路由器; 并且网格路由器适于在特定证书被指定的邻域管理员识别为违规时排除与特定证书相关联的另一网状路由器。 网状路由器。

公开(公告)号：US20110059729A1

公开(公告)日：2011-03-10

申请号：US12872836

申请日：2010-08-31

申请人： Daniel Simon ,  Mark Ford Westling ,  Phillip Wherry

发明人： Daniel Simon ,  Mark Ford Westling ,  Phillip Wherry

IPC分类号： H04M3/42

CPC分类号： A63F13/795 ,  A63F13/12 ,  A63F13/332 ,  A63F13/792 ,  A63F13/92 ,  A63F2300/204 ,  A63F2300/406 ,  A63F2300/5506 ,  A63F2300/5546 ,  A63F2300/5566 ,  G06F17/30386 ,  G06Q30/02 ,  H04L67/10 ,  H04L67/28 ,  H04L67/306 ,  H04W4/08

摘要： A system and method of creating affinity groups of portable communication device users, and distributing targeted content to said users is disclosed. The user affinity groups may be formed by comparing user profiles with each other or with a predefined affinity group profile definition.

摘要翻译： 公开了一种创建便携式通信设备用户的亲和组的系统和方法，并且向目标用户分发目标内容。 可以通过将用户简档彼此或预定义的亲和力组简档定义进行比较来形成用户关联组。

公开(公告)号：US20100294365A1

公开(公告)日：2010-11-25

申请号：US12849075

申请日：2010-08-03

申请人： Daniel Simon

发明人： Daniel Simon

IPC分类号： H01L31/04 ,  F24J2/10

CPC分类号： H01L31/0547 ,  Y02E10/52

摘要： A system and method of arranging a solar cell and reflector to replace a typical solar cell oriented normal to the incoming sunlight inside a module (i.e. parallel to a module's transparent cover plate or opening). The present invention in a preferred embodiment uses a solar cell oriented at a 45 degree angle to the incoming sunlight, and a reflective surface oriented perpendicular to the cell and at a 45 degree angle to the incoming sunlight. The solar cell and the mirror are the same length/size and form a V shape where the angle between the sloped sides is 90 degrees. Any light falling normally on the arrangement will hit the solar cell either directly or after reflection. In another embodiment, two adjacent reflectors can be used making angles of around 60 degrees and around 30 degrees with respect to the cover or opening. An alternate embodiment can include a second reflector added to the base of the cell and reflector pairings also at an approximate 45 degree angle with the cover or opening. The second reflector can run along an entire row of cell and first reflector pairs such that the first reflectors form 90 degree angles with both the cells and with the second reflector.

摘要翻译： 一种布置太阳能电池和反射器的系统和方法，以代替与模块内的入射太阳光垂直的典型太阳能电池（即平行于模块的透明盖板或开口）。 在优选实施例中的本发明使用与入射的太阳光成45度角定向的太阳能电池以及垂直于电池定向并与入射的阳光成45度角的反射面。 太阳能电池和反射镜具有相同的长度/尺寸，并形成倾斜侧面之间的角度为90度的V形。 任何正常落在该装置上的光将直接或反射后将击中太阳能电池。 在另一个实施例中，可以使用两个相邻反射器相对于盖或开口形成大约60度和大约30度的角度。 一个替代实施例可以包括第二反射器，该第二反射器还与盖或开口成大约45度的角度加入到电池的底座和反射器配对。 第二反射器可以沿着整行的单元和第一反射器对运行，使得第一反射器与单元和第二反射器形成90度角。