-
公开(公告)号:US20120143766A1
公开(公告)日:2012-06-07
申请号:US13238850
申请日:2011-09-21
申请人: Jinsong Zheng , Tat Keung Chan , Liqiang Chen , Greg N. Nakanishi , Jason A. Pasion , Xin Qiu , Ting Yao
发明人: Jinsong Zheng , Tat Keung Chan , Liqiang Chen , Greg N. Nakanishi , Jason A. Pasion , Xin Qiu , Ting Yao
IPC分类号: G06F21/22
CPC分类号: G06F21/105 , G06Q30/06 , G06Q2220/18
摘要: Disclosed is a manufacturing process and feature licensing system for provisioning personalized (device-unique) licenses to devices. The secure system uses a secure key wrapping mechanism to deliver the LSK to LPS. Another feature is that various network communication links are secured using standard security protocol. Application messages, license templates, licenses are digitally signed. The system is flexible, configured to allow multiple manufacturers and to allow various feature configurations via the use of License Template; scalable, as it is possible to use multiple LPS hosts to serve multiple programming stations; and available in that the delegation of license signing capability from CLS to LPS eliminates the dependency on unreliable Internet connections. Redundant LPS hosts provide high level of availability required for high volume license provisioning. The system is traceable: license and device association are replicated back to the CLS to provide full license request and generation traceability.
摘要翻译: 公开了一种用于向设备提供个性化(设备唯一)许可证的制造过程和特征许可系统。 安全系统使用安全的钥匙包装机构将LSK传送到LPS。 另一个特征是使用标准安全协议来保护各种网络通信链路。 应用程序消息,许可证模板,许可证都经过数字签名。 该系统灵活,配置为允许多个制造商通过使用许可证模板来允许各种功能配置; 可扩展的,因为可以使用多个LPS主机来服务多个编程站; 并且可用于从CLS到LPS的许可证签名能力的授权消除了对不可靠的因特网连接的依赖。 冗余LPS主机为高容量许可证配置提供了高水平的可用性。 系统是可追溯的:许可证和设备关联被复制回CLS以提供完整的许可证请求和生成可追溯性。
-
公开(公告)号:US09646332B2
公开(公告)日:2017-05-09
申请号:US13238850
申请日:2011-09-21
申请人: Jinsong Zheng , Tat Keung Chan , Liqiang Chen , Greg N. Nakanishi , Jason A. Pasion , Xin Qiu , Ting Yao
发明人: Jinsong Zheng , Tat Keung Chan , Liqiang Chen , Greg N. Nakanishi , Jason A. Pasion , Xin Qiu , Ting Yao
CPC分类号: G06F21/105 , G06Q30/06 , G06Q2220/18
摘要: Disclosed is a manufacturing process and feature licensing system for provisioning personalized (device-unique) licenses to devices. The secure system uses a secure key wrapping mechanism to deliver the LSK to LPS. Another feature is that various network communication links are secured using standard security protocol. Application messages, license templates, licenses are digitally signed. The system is flexible, configured to allow multiple manufacturers and to allow various feature configurations via the use of License Template; scalable, as it is possible to use multiple LPS hosts to serve multiple programming stations; and available in that the delegation of license signing capability from CLS to LPS eliminates the dependency on unreliable Internet connections. Redundant LPS hosts provide high level of availability required for high volume license provisioning. The system is traceable: license and device association are replicated back to the CLS to provide full license request and generation traceability.
-
公开(公告)号:US08374338B2
公开(公告)日:2013-02-12
申请号:US12708171
申请日:2010-02-18
IPC分类号: H04K1/00
CPC分类号: H04L9/088 , H04L2209/60
摘要: In a method for testing a transport packet decrypting module of a client device, a first decryption operation of the transport packet decrypting module is implemented on a test encrypted control word using a content decryption key ladder to derive a test control word, a second decryption operation of the transport packet decrypting module is implemented on one or more test transport packets using the test control word via a predetermined content decryption algorithm, the KIV is derived from the decrypted transport packets, and the derived KIV is compared with a value stored in the client device to verify whether the transport packet decrypting module of the client device is functioning properly.
摘要翻译: 在一种用于测试客户端设备的传输分组解密模块的方法中,使用内容解密密钥梯形图在测试加密控制字上实现传输分组解密模块的第一解密操作,以导出测试控制字,第二解密操作 的传输分组解密模块通过预定的内容解密算法使用测试控制字在一个或多个测试传输分组上实现,从解密的传输分组导出KIV,并将导出的KIV与存储在客户端中的值进行比较 设备来验证客户端设备的传输分组解密模块是否正常工作。
-
公开(公告)号:US20100215171A1
公开(公告)日:2010-08-26
申请号:US12708171
申请日:2010-02-18
IPC分类号: H04K1/00
CPC分类号: H04L9/088 , H04L2209/60
摘要: In a method for testing a transport packet decrypting module of a client device, a first decryption operation of the transport packet decrypting module is implemented on a test encrypted control word using a content decryption key ladder to derive a test control word, a second decryption operation of the transport packet decrypting module is implemented on one or more test transport packets using the test control word via a predetermined content decryption algorithm, the KIV is derived from the decrypted transport packets, and the derived KIV is compared with a value stored in the client device to verify whether the transport packet decrypting module of the client device is functioning properly.
摘要翻译: 在一种用于测试客户端设备的传输分组解密模块的方法中,使用内容解密密钥梯形图在测试加密控制字上实现传输分组解密模块的第一解密操作,以导出测试控制字,第二解密操作 的传输分组解密模块通过预定的内容解密算法使用测试控制字在一个或多个测试传输分组上实现,从解密的传输分组导出KIV,并将导出的KIV与存储在客户端中的值进行比较 设备来验证客户端设备的传输分组解密模块是否正常工作。
-
公开(公告)号:US08898469B2
公开(公告)日:2014-11-25
申请号:US13021384
申请日:2011-02-04
申请人: Tat Keung Chan , Paul D. Baker , Christopher P. Gardner , Mark E. Gregotski , Ted R. Michaud , Xin Qiu , Jinsong Zheng
发明人: Tat Keung Chan , Paul D. Baker , Christopher P. Gardner , Mark E. Gregotski , Ted R. Michaud , Xin Qiu , Jinsong Zheng
CPC分类号: G06F21/10 , Y10S705/902 , Y10S705/911
摘要: A method enables selected features of a software product residing on an end user electronic device with a license delivered from a licensing provider to a service provider of the end user electronic device. The method includes requesting at least one license to authorize a first service provider. An encrypted installation key uniquely associated with the first service provider is received as well as an authorization agent module for installation on one or more authorization agent devices associated with the first service provider. The encrypted installation key and the authorization agent module are installed on the authorization agent devices. A device-unique identifier (DUID) is generated for each authorization agent device based on hardware characteristics of the respective authorization agent devices. The DUID and the encrypted installation key are sent from the authorization agent device to a licensing provider to obtain the requested license. The requested license is received by the authorization agent devices if the DUID and the encrypted installation key are validated by the licensing provider. The license on authorization agent device authorizes and enables the selected features of the software product on an end user electronic device.
摘要翻译: 一种方法使得驻留在最终用户电子设备上的软件产品的选定特征具有从许可提供者向最终用户电子设备的服务提供商提供的许可证。 该方法包括请求至少一个许可证以授权第一服务提供商。 接收与第一服务提供商唯一相关联的加密安装密钥以及用于安装在与第一服务提供商相关联的一个或多个授权代理设备上的授权代理模块。 加密安装密钥和授权代理模块安装在授权代理设备上。 基于相应的授权代理设备的硬件特性,为每个授权代理设备生成设备唯一标识符(DUID)。 DUID和加密的安装密钥从授权代理设备发送到许可提供商以获取所请求的许可证。 如果DUID和加密安装密钥由许可提供商验证,则授权代理设备将收到所请求的许可证。 授权代理设备的许可证在最终用户电子设备上授权并启用软件产品的选定功能。
-
公开(公告)号:US20130185173A1
公开(公告)日:2013-07-18
申请号:US13353309
申请日:2012-01-18
申请人: Jinsong Zheng , Tat Keung Chan , David B. Prickett , Xin Qiu
发明人: Jinsong Zheng , Tat Keung Chan , David B. Prickett , Xin Qiu
IPC分类号: G06Q30/06
CPC分类号: G06Q30/06
摘要: A method and apparatus for provisioning devices. One method includes authenticating a first customer as an authenticated user and receiving from a first customer a first request to establish a credit record for a specified number of upgraded feature licenses. The upgraded feature licenses are obtainable from a third party supplier and are associated with components available from the third party supplier. The credit record includes feature credits to be made available to the first customer to obtain the upgraded feature licenses from the third party supplier. A second request is received from the first customer to release the feature credits to a credit pool associated with the first customer so that the feature credits are available to the first customer. The upgraded feature licenses are generated and the credit pool associated with the first customer is debited for the number of credits needed to obtain the upgraded feature licenses.
摘要翻译: 一种供应设备的方法和装置。 一种方法包括将第一客户认证为经认证的用户,并从第一客户接收针对指定数量的升级特征许可证建立信用记录的第一请求。 升级后的功能许可证可从第三方供应商获得,并与第三方供应商提供的组件相关联。 信用记录包括要向第一客户提供的特征信用以从第三方供应商获得升级的功能许可证。 从第一客户接收到第二请求,以将特征信用释放到与第一客户相关联的信用卡,使得特征信用可用于第一客户。 生成升级的功能许可证,并且与第一个客户相关联的信用额度被扣除获得升级的功能许可证所需的信用点数。
-
公开(公告)号:US20110197077A1
公开(公告)日:2011-08-11
申请号:US13021384
申请日:2011-02-04
申请人: Tat Keung Chan , Paul D. Baker , Christopher P. Gardner , Mark E. Gregotski , Ted R. Michaud , Xin Qiu , Jinsong Zheng
发明人: Tat Keung Chan , Paul D. Baker , Christopher P. Gardner , Mark E. Gregotski , Ted R. Michaud , Xin Qiu , Jinsong Zheng
IPC分类号: G06F21/24
CPC分类号: G06F21/10 , Y10S705/902 , Y10S705/911
摘要: A method enables selected features of a software product residing on an end user electronic device with a license delivered from a licensing provider to a service provider of the end user electronic device. The method includes requesting at least one license to authorize a first service provider. An encrypted installation key uniquely associated with the first service provider is received as well as an authorization agent module for installation on one or more authorization agent devices associated with the first service provider. The encrypted installation key and the authorization agent module are installed on the authorization agent devices. A device-unique identifier (DUID) is generated for each authorization agent device based on hardware characteristics of the respective authorization agent devices. The DUID and the encrypted installation key are sent from the authorization agent device to a licensing provider to obtain the requested license. The requested license is received by the authorization agent devices if the DUID and the encrypted installation key are validated by the licensing provider. The license on authorization agent device authorizes and enables the selected features of the software product on an end user electronic device.
摘要翻译: 一种方法使得驻留在最终用户电子设备上的软件产品的选定特征具有从许可提供者向最终用户电子设备的服务提供商提供的许可证。 该方法包括请求至少一个许可证以授权第一服务提供商。 接收与第一服务提供商唯一相关联的加密安装密钥以及用于安装在与第一服务提供商相关联的一个或多个授权代理设备上的授权代理模块。 加密安装密钥和授权代理模块安装在授权代理设备上。 基于相应的授权代理设备的硬件特性,为每个授权代理设备生成设备唯一标识符(DUID)。 DUID和加密的安装密钥从授权代理设备发送到许可提供商以获取所请求的许可证。 如果DUID和加密安装密钥由许可提供商验证,则授权代理设备将收到所请求的许可证。 授权代理设备的许可证在最终用户电子设备上授权并启用软件产品的选定功能。
-
公开(公告)号:US20110196793A1
公开(公告)日:2011-08-11
申请号:US13021380
申请日:2011-02-04
申请人: Jinsong Zheng , Thomas J. Barbour , Tat Keung Chan , Christopher P. Gardner , Mark E. Gregotski , Xin Qiu
发明人: Jinsong Zheng , Thomas J. Barbour , Tat Keung Chan , Christopher P. Gardner , Mark E. Gregotski , Xin Qiu
CPC分类号: G06Q30/00 , G06Q30/0601 , G06Q30/0641
摘要: A system enables customers to provision devices with feature licenses that enable specified features in the devices. The system includes a feature definition module configured to store product feature information associated with different products available from a plurality of different manufacturers. The system also includes a feature license management module configured to generate, update and revoke feature licenses. The feature licenses that are generated all have a common format. The system further includes a feature credit management module configured to monitor and account for feature credits available to customer organization units. A user management module is also provided in the system, which is configured to authenticate users of the system. A user interface is accessible over a communications network through which authenticated users can request and receive feature licenses.
摘要翻译: 系统使客户能够为设备提供功能许可证,从而实现设备中的指定功能。 该系统包括功能定义模块,其被配置为存储与多个不同制造商可用的不同产品相关联的产品特征信息。 该系统还包括功能许可证管理模块,用于生成,更新和撤销功能许可证。 生成的功能许可证都具有通用格式。 该系统还包括功能信用管理模块,其被配置为监视和考虑可用于客户组织单元的功能信用。 系统中还提供用户管理模块,该用户管理模块被配置为对系统的用户进行认证。 通过通信网络访问用户界面,通过该网络,经过身份验证的用户可以通过该网络请求和接收功能许
-
公开(公告)号:US20120204269A1
公开(公告)日:2012-08-09
申请号:US13364791
申请日:2012-02-02
申请人: Christopher P. Gardner , Paul D. Baker , Tat Keung Chan , Ted R. Michaud , Xin Qiu , Jinsong Zheng
发明人: Christopher P. Gardner , Paul D. Baker , Tat Keung Chan , Ted R. Michaud , Xin Qiu , Jinsong Zheng
IPC分类号: G06F21/00
CPC分类号: G06F21/10 , G06F2221/0768 , G06F2221/2105
摘要: A method for providing a secure automated feature license update is disclosed. This method may be performed at a central license server. A license template including features for enablement on a device is generated. The license template is sent to an authorized user. A license update request is received from an entity. An updated license is generated by the central license server. A response is sent to the entity.A method for providing a secure automated feature license update is disclosed. This method may be performed at a device, e.g. an end-user device. A first feature set of a current license of a device is compared with a second feature set of a license template received by the device. A license update request is generated when there is a difference between the first feature set and the second feature set. The license update request is sent to a license server.
摘要翻译: 公开了一种用于提供安全的自动功能许可证更新的方法。 该方法可以在中央许可证服务器上执行。 生成包含设备启用功能的许可证模板。 许可证模板发送给授权用户。 从实体收到许可证更新请求。 更新的许可证由中央许可证服务器生成。 响应发送到实体。 公开了一种用于提供安全的自动功能许可证更新的方法。 该方法可以在设备,例如, 终端用户设备。 将设备的当前许可证的第一特征集与由设备接收的许可证模板的第二特征集进行比较。 当第一特征集和第二特征集之间存在差异时,生成许可更新请求。 许可证更新请求被发送到许可证服务器。
-
公开(公告)号:US08589674B2
公开(公告)日:2013-11-19
申请号:US13350072
申请日:2012-01-13
IPC分类号: H04L9/00
CPC分类号: H04L9/0891 , H04L9/12 , H04L9/3268
摘要: In one embodiment, a method includes receiving a revocation request for revoking a model type of a device. A first computing device determines a list of device unit identifiers (UIDs) that are associated with the model type from a database. The device UIDs are for devices of the model type manufactured by a first entity. The method adds the list of device UIDs to a device revocation list and outputs the device revocation list to revoke a validity of secure information associated with devices associated with the list of device UIDs.
摘要翻译: 在一个实施例中,一种方法包括接收用于撤销设备的模型类型的吊销请求。 第一计算设备确定与数据库中的模型类型相关联的设备单元标识符(UID)的列表。 设备UID用于由第一实体制造的型号类型的设备。 该方法将设备UID的列表添加到设备撤销列表,并输出设备撤销列表以撤销与设备UID列表相关联的设备相关联的安全信息的有效性。
-
-
-
-
-
-
-
-
-
搜索结果
53 条记录 (耗时 0.036 秒)
