-
公开(公告)号:US20090328134A1
公开(公告)日:2009-12-31
申请号:US12163548
申请日:2008-06-27
申请人: Kenneth D. Ray , Pankaj M. Kamat , Charles W. Kaufman , Paul J. Leach , William R. Tipton , Andrew Herron , Krassimir E. Karamifilov , Duncan G. Bryce , Jonathan D. Schwartz , Matthew C. Setzer , John McDowell
发明人: Kenneth D. Ray , Pankaj M. Kamat , Charles W. Kaufman , Paul J. Leach , William R. Tipton , Andrew Herron , Krassimir E. Karamifilov , Duncan G. Bryce , Jonathan D. Schwartz , Matthew C. Setzer , John McDowell
IPC分类号: G06F17/00
CPC分类号: G06F21/105
摘要: The present invention extends to methods, systems, and computer program products for licensing protected content to application sets. Embodiments of the invention permit a local machine to increase its participation in authorizing access to protected content. For example, an operating system within an appropriate computing environment is permitted to determine if an application is authorized to access protected content. Thus, the application is relieved from having to store a publishing license. Further, authorization decisions are partially distributed, easing the resource burden on a protection server. Accordingly, embodiments of the invention can facilitate more robust and efficient authorization decisions when access to protected content is requested.
摘要翻译: 本发明扩展到用于将受保护内容授权给应用集的方法,系统和计算机程序产品。 本发明的实施例允许本地机器增加其对授权对受保护内容的访问的参与。 例如,允许在适当的计算环境内的操作系统来确定应用程序是否被授权访问受保护的内容。 因此,应用程序不必存储发布许可证。 此外,授权决定部分分配,减轻了保护服务器的资源负担。 因此,当请求访问受保护内容时,本发明的实施例可以促进更强大和有效的授权决定。
-
公开(公告)号:US08225390B2
公开(公告)日:2012-07-17
申请号:US12163548
申请日:2008-06-27
申请人: Kenneth D. Ray , Pankaj M. Kamat , Charles W. Kaufman , Paul J. Leach , William R. Tipton , Andrew Herron , Krassimir E. Karamfilov , Duncan G. Bryce , Jonathan D. Schwartz , Matthew C. Setzer , John McDowell
发明人: Kenneth D. Ray , Pankaj M. Kamat , Charles W. Kaufman , Paul J. Leach , William R. Tipton , Andrew Herron , Krassimir E. Karamfilov , Duncan G. Bryce , Jonathan D. Schwartz , Matthew C. Setzer , John McDowell
IPC分类号: G06F21/00
CPC分类号: G06F21/105
摘要: The present invention extends to methods, systems, and computer program products for licensing protected content to application sets. Embodiments of the invention permit a local machine to increase its participation in authorizing access to protected content. For example, an operating system within an appropriate computing environment is permitted to determine if an application is authorized to access protected content. Thus, the application is relieved from having to store a publishing license. Further, authorization decisions are partially distributed, easing the resource burden on a protection server. Accordingly, embodiments of the invention can facilitate more robust and efficient authorization decisions when access to protected content is requested.
摘要翻译: 本发明扩展到用于将受保护内容授权给应用集的方法,系统和计算机程序产品。 本发明的实施例允许本地机器增加其对授权对受保护内容的访问的参与。 例如,允许在适当的计算环境内的操作系统来确定应用程序是否被授权访问受保护的内容。 因此,应用程序不必存储发布许可证。 此外,授权决定部分分配,减轻了保护服务器的资源负担。 因此,当请求访问受保护内容时,本发明的实施例可以促进更强大和有效的授权决定。
-
公开(公告)号:US20090260054A1
公开(公告)日:2009-10-15
申请号:US12101688
申请日:2008-04-11
申请人: Duncan G. Bryce , Scott C. Cottrille , Pankaj Mohan Kamat , Krassimir Karamfilov , Gregory Kostal , Kenneth D. Ray , Vladimir Yarmolenko , Yuhui Zhong
发明人: Duncan G. Bryce , Scott C. Cottrille , Pankaj Mohan Kamat , Krassimir Karamfilov , Gregory Kostal , Kenneth D. Ray , Vladimir Yarmolenko , Yuhui Zhong
IPC分类号: H04L9/00
CPC分类号: H04L63/0227
摘要: The secure application of content protection policies to content. The secure application of content protection polices is accomplished by having an enforcement mechanism monitor policy application points to detect the transfer of content. The enforcement mechanism accesses the content and a determination is made to protect the content. A usage policy is then identified by the enforcement mechanism to apply to the content and the usage policy is then applied to the content, resulting in a usage policy for the content.
摘要翻译: 内容保护策略对内容的安全应用。 内容保护策略的安全应用是通过执行机制监控策略应用点来检测内容传输来实现的。 执行机制访问内容,并确定保护内容。 然后,执行机构识别使用策略以应用于内容,然后将使用策略应用于内容,从而产生内容的使用策略。
-
公开(公告)号:US07987496B2
公开(公告)日:2011-07-26
申请号:US12101688
申请日:2008-04-11
申请人: Duncan G. Bryce , Scott C. Cottrille , Pankaj Mohan Kamat , Krassimir Karamfilov , Gregory Kostal , Kenneth D. Ray , Vladimir Yarmolenko , Yuhui Zhong
发明人: Duncan G. Bryce , Scott C. Cottrille , Pankaj Mohan Kamat , Krassimir Karamfilov , Gregory Kostal , Kenneth D. Ray , Vladimir Yarmolenko , Yuhui Zhong
IPC分类号: H04L9/00
CPC分类号: H04L63/0227
摘要: The secure application of content protection policies to content. The secure application of content protection polices is accomplished by having an enforcement mechanism monitor policy application points to detect the transfer of content. The enforcement mechanism accesses the content and a determination is made to protect the content. A usage policy is then identified by the enforcement mechanism to apply to the content and the usage policy is then applied to the content, resulting in a usage policy for the content.
摘要翻译: 内容保护策略对内容的安全应用。 内容保护策略的安全应用是通过执行机制监控策略应用点来检测内容传输来实现的。 执行机制访问内容,并确定保护内容。 然后,执行机构识别使用策略以应用于内容,然后将使用策略应用于内容,从而产生内容的使用策略。
-
5.发明授权Systems and methods for managing multiple keys for file encryption and decryption 有权用于管理文件加密和解密的多个密钥的系统和方法公开(公告)号:US08798272B2
公开(公告)日:2014-08-05
申请号:US12971157
申请日:2010-12-17
IPC分类号: H04L29/06
CPC分类号: G06F21/602 , G06F21/6209 , G06F21/6281 , G06F2221/2141 , H04L9/0891 , H04L9/0894 , H04L9/16
摘要: Systems and methods for managing multiple keys for file encryption and decryption may provide an encrypted list of previously used keys. The list itself may be encrypted using a current key. To decrypt files that are encrypted in one or more of the previous keys, the list can be decrypted, and the appropriate previous key can be retrieved. To re-key files, an automated process can decrypt any files using previous keys and encrypt them using the current key. If a new current key is introduced, the prior current key can be used to decrypt the list of keys, the prior current key can be added to the list, and the list can be re-encrypted using the new current key.
摘要翻译: 用于管理用于文件加密和解密的多个密钥的系统和方法可以提供先前使用的密钥的加密列表。 列表本身可以使用当前密钥进行加密。 要解密在一个或多个先前密钥中加密的文件,可以解密该列表,并且可以检索相应的上一个密钥。 要重新启动文件,自动化过程可以使用先前的密钥解密任何文件,并使用当前密钥进行加密。 如果引入新的当前密钥,则可以使用先前的当前密钥来解密密钥列表,可以将先前的当前密钥添加到列表中,并且可以使用新的当前密钥重新加密列表。
-
6.发明申请SYSTEMS AND METHODS FOR MANAGING MULTIPLE KEYS FOR FILE ENCRYPTION AND DECRYPTION 有权用于管理文件加密和解密的多个核的系统和方法公开(公告)号:US20110085664A1
公开(公告)日:2011-04-14
申请号:US12971157
申请日:2010-12-17
IPC分类号: H04L9/00
CPC分类号: G06F21/602 , G06F21/6209 , G06F21/6281 , G06F2221/2141 , H04L9/0891 , H04L9/0894 , H04L9/16
摘要: Systems and methods for managing multiple keys for file encryption and decryption may provide an encrypted list of previously used keys. The list itself may be encrypted using a current key. To decrypt files that are encrypted in one or more of the previous keys, the list can be decrypted, and the appropriate previous key can be retrieved. To re-key files, an automated process can decrypt any files using previous keys and encrypt them using the current key. If a new current key is introduced, the prior current key can be used to decrypt the list of keys, the prior current key can be added to the list, and the list can be re-encrypted using the new current key.
摘要翻译: 用于管理用于文件加密和解密的多个密钥的系统和方法可以提供先前使用的密钥的加密列表。 列表本身可以使用当前密钥进行加密。 要解密在一个或多个先前密钥中加密的文件,可以解密该列表,并且可以检索相应的上一个密钥。 要重新启动文件,自动化过程可以使用先前的密钥解密任何文件,并使用当前密钥进行加密。 如果引入新的当前密钥,则可以使用先前的当前密钥来解密密钥列表,可以将先前的当前密钥添加到列表中,并且可以使用新的当前密钥重新加密列表。
-
公开(公告)号:US20090208015A1
公开(公告)日:2009-08-20
申请号:US12032279
申请日:2008-02-15
CPC分类号: G06F21/10 , H04L9/0833 , H04L9/0894 , H04L2209/60
摘要: The offline consumption and publication of protected information in a networked environment. The offline consumption of protected information is accomplished by having the consuming user maintain a store of asymmetric encryption keys. The protected information is encrypted by the publishing user using a symmetric key and the symmetric key is then encrypted using a public asymmetric key associated with the consuming user. The consuming user received the protected information and a usage policy containing the encrypted symmetric key. The consuming user verifies that it can decrypt the symmetric key using a private asymmetric key maintained by the consumer. The user then decrypts the symmetric key and accesses the content of the protected information.
摘要翻译: 在网络环境中脱机消费和发布受保护的信息。 受保护信息的离线消耗通过使消费用户维护非对称加密密钥的存储来实现。 受保护的信息由发布用户使用对称密钥加密,然后使用与消费用户相关联的公共非对称密钥对对称密钥。 消费用户接收到受保护信息和包含加密对称密钥的使用策略。 消费用户验证它可以使用由消费者维护的私有非对称密钥来解密对称密钥。 然后,用户解密对称密钥并访问受保护信息的内容。
-
公开(公告)号:US07325115B2
公开(公告)日:2008-01-29
申请号:US10721562
申请日:2003-11-25
申请人: Benjamin A. Leis , David B. Cross , Duncan G. Bryce , Jianrong Gu , Rajeev Y. Nagar , Scott A. Field
发明人: Benjamin A. Leis , David B. Cross , Duncan G. Bryce , Jianrong Gu , Rajeev Y. Nagar , Scott A. Field
IPC分类号: G06F12/00
CPC分类号: G06F12/145 , G06F21/62 , G06F21/6281 , G06F21/80 , G06F2221/2143
摘要: An operating system copies data from memory pages into a paging file on disk, in order to free up space in the memory. A mechanism is disclosed that causes the data to be encrypted as it is copied into the paging file, thereby protecting the paged data from unauthorized (or otherwise undesired) observation. The data that is stored in the paging file is encrypted with a session key, that is generated shortly after the machine on which the paging file exists is started. The session key, which is used both for encryption and decryption of the paging file data, is stored in volatile memory, so that the key is not persisted across boots of the machine. Since the key is not persisted across boots, old paging file data that was stored prior to the most recent boot cannot be recovered in clear text, thereby protecting the data from observation.
摘要翻译: 操作系统将数据从内存页复制到磁盘上的页面文件中,以释放内存中的空间。 公开了一种机制,使得数据在被复制到寻呼文件中时被加密,从而保护分页数据免受未经授权(或以其他方式不希望的)观察。 存储在页面文件中的数据使用会话密钥进行加密,会话密钥是在启动了分页文件的计算机之后不久生成的。 用于分页文件数据的加密和解密的会话密钥存储在易失性存储器中,使得密钥不会在机器的引导上持久存储。 由于密钥在整个引导过程中不会持久存在,所以在最新引导之前存储的旧页面文件数据无法以明文形式恢复,从而保护数据免受观察。
-
9.发明授权Systems and methods for managing multiple keys for file encryption and decryption 有权用于管理文件加密和解密的多个密钥的系统和方法公开(公告)号:US08045714B2
公开(公告)日:2011-10-25
申请号:US11053212
申请日:2005-02-07
IPC分类号: H04L9/00
CPC分类号: G06F21/602 , G06F21/6209 , G06F21/6281 , G06F2221/2141 , H04L9/0891 , H04L9/0894 , H04L9/16
摘要: Systems and methods for managing multiple keys for file encryption and decryption may provide an encrypted list of previously used keys. The list itself may be encrypted using a current key. To decrypt files that are encrypted in one or more of the previous keys, the list can be decrypted, and the appropriate previous key can be retrieved. To re-key files, an automated process can decrypt any files using previous keys and encrypt them using the current key. If a new current key is introduced, the prior current key can be used to decrypt the list of keys, the prior current key can be added to the list, and the list can be re-encrypted using the new current key.
摘要翻译: 用于管理用于文件加密和解密的多个密钥的系统和方法可以提供先前使用的密钥的加密列表。 列表本身可以使用当前密钥进行加密。 要解密在一个或多个先前密钥中加密的文件,可以解密该列表,并且可以检索相应的上一个密钥。 要重新启动文件,自动化过程可以使用先前的密钥解密任何文件,并使用当前密钥进行加密。 如果引入新的当前密钥,则可以使用先前的当前密钥来解密密钥列表,可以将先前的当前密钥添加到列表中,并且可以使用新的当前密钥重新加密列表。
-
公开(公告)号:US20080022361A1
公开(公告)日:2008-01-24
申请号:US11427660
申请日:2006-06-29
IPC分类号: H04L9/32
CPC分类号: G06F21/6209 , H04L9/0836 , H04L9/088 , H04L2209/38
摘要: In a storage system, multiple information units are individually associated with an access control policy (ACP) of multiple ACPs. Each respective information unit corresponds to a respective information unit encryption key (IUEK). The multiple information units are grouped into encryption zones based on their associated ACPs. In a described implementation, each ACP is associated with a zone root key (ZRK). In another described implementation, each IUEK corresponding to a given information unit is encrypted by an IUEK corresponding to an information unit at a most-proximate linked node of the storage system.
摘要翻译: 在存储系统中,多个信息单元分别与多个ACP的访问控制策略(ACP)相关联。 每个相应的信息单元对应于相应的信息单元加密密钥(IUEK)。 多个信息单元基于其相关联的ACP被分组成加密区域。 在所描述的实现中,每个ACP与区域根密钥(ZRK)相关联。 在另一个描述的实现中,对应于给定信息单元的每个IUEK由对应于存储系统的最靠近的链接节点处的信息单元的IUEK加密。
-
-
-
-
-
-
-
-
-
搜索结果
10 条记录 (耗时 0.039 秒)