-
公开(公告)号:US06577734B1
公开(公告)日:2003-06-10
申请号:US08550909
申请日:1995-10-31
IPC分类号: H04L900
CPC分类号: H04L9/0822 , H04L9/0838 , H04L9/0894
摘要: The secure management of encryption keys is obtained by preventing external access thereto and ensuring that the keys do not leave an encryption unit in their original form. This result is obtained via a facility which (a) generates a unique device encryption key and at least one program encryption key, (b) encrypts the program encryption key using the device encryption key, and (c) stores the result in local memory. Thereafter, responsive to receipt of an indication to encrypt data, the program encryption key is retrieved from memory and is decrypted using the unique device encryption key. The data is then encrypted using the decrypted program encryption key and the encrypted data is stored in a server for distribution to a user who enters a request for the data. When there is a need to transport the latter key to another element, then the program key is encrypted using a symmetrical encryption key that the facility shares with the other element and the result is supplied to that element. The element then decrypts the encrypted program key using its own version of the symmetrical key.
摘要翻译: 通过防止外部访问并确保密钥不以其原始形式离开加密单元来获得加密密钥的安全管理。 该结果通过(a)生成唯一的设备加密密钥和至少一个程序加密密钥的设施获得,(b)使用设备加密密钥对程序加密密钥进行加密,以及(c)将结果存储在本地存储器中。 此后,响应于接收到加密数据的指示,从存储器检索程序加密密钥,并使用唯一的设备加密密钥进行解密。 然后使用解密的程序加密密钥对数据进行加密,并且将加密的数据存储在服务器中以分发给输入对数据的请求的用户。 当需要将后一个密钥传输到另一个元素时,程序密钥使用设备与其他元素共享的对称加密密钥进行加密,并将结果提供给该元素。 该元素然后使用其自己的版本的对称密钥解密加密的程序密钥。
-
公开(公告)号:US6005943A
公开(公告)日:1999-12-21
申请号:US739371
申请日:1996-10-29
申请人: Joshua L. Cohen , Cecil A. Dean , Thomas L. du Breuil , Daniel Nelson Heer , David P. Maher , Vance Eugene Poteat , Robert John Rance
发明人: Joshua L. Cohen , Cecil A. Dean , Thomas L. du Breuil , Daniel Nelson Heer , David P. Maher , Vance Eugene Poteat , Robert John Rance
CPC分类号: H04L9/0877
摘要: The generation of electronic identifiers for network interface units connected to a data network for use in detecting unauthorized decryption of encrypted data transmitted over the data network. A random number is generated for use as a private key decryption code and is stored in memory in each network interface unit. A public key is calculated from the stored private key using a non-invertible mathematical formula. If the calculated public key is unique, then a portion of the public key (e.g. a subset of its bits) is stored in a data provider database as an electronic identifier for use in detecting unauthorized decryption of data by the interface unit.
摘要翻译: 生成连接到数据网络的网络接口单元的电子标识符,以用于检测通过数据网络发送的加密数据的未经授权的解密。 生成随机数用作私钥解密码,并存储在每个网络接口单元的存储器中。 使用非可逆数学公式从存储的私钥计算公钥。 如果所计算的公开密钥是唯一的,那么公共密钥的一部分(例如其比特的一个子集)作为电子标识符存储在数据提供者数据库中,用于检测由接口单元对未经授权的数据解密。
-
公开(公告)号:US5999629A
公开(公告)日:1999-12-07
申请号:US550910
申请日:1995-10-31
申请人: Daniel Nelson Heer , David P. Maher
发明人: Daniel Nelson Heer , David P. Maher
CPC分类号: G06Q20/3829 , H04L9/0847 , H04L2209/60
摘要: We have recognized that there is a strong need to control and maintain the secrecy of the intelligence that may be used by computers to communicate with another, for example, by encrypting the messages that they exchange with one another. Thus, the encryption keys used to encrypt such messages need to be managed in a highly secure manner. Accordingly, we provide an encryption module, which, in accord with an aspect of the invention, generates a unique device encryption key (S.sub.local), a cryptographic key formed from a unique identification key (S.sub.id) and an associated public key (KP.sub.id), and at least one program encryption key, in which the public key is generated as a function of the unique identification key. The module then encrypts the unique identification key and program encryption key using said device encryption key and stores the encrypted result in memory internal to security module, thereby securing the keys against misappropriation. In addition, the module provides a mechanism for using the program encryption key to encrypt information that it receives from an external source and store the encrypted information in memory external to the security module, and responsive to receiving from a requester a request for the program encryption key, encrypting the program encryption key, in accord with an aspect of the invention, using a symmetrical encryption key generated as a function of a public key generated by a security module associated with the requester. The former security module then supplies the encrypted program encryption key to the requester.
摘要翻译: 我们已经认识到,强烈需要控制和维护计算机可能用于与另一个通信的智能的秘密,例如通过加密彼此交换的消息。 因此,用于加密这些消息的加密密钥需要以高度安全的方式进行管理。 因此,我们提供一种加密模块,其根据本发明的一个方面,生成独特的设备加密密钥(Slocal),由独特的识别密钥(Sid)和相关的公钥(KPid)形成的加密密钥, 以及至少一个程序加密密钥,其中根据唯一标识密钥生成公钥。 然后,该模块使用所述设备加密密钥加密唯一识别密钥和程序加密密钥,并将加密结果存储在安全模块内部的存储器中,从而保护密钥免于盗用。 另外,该模块提供了一种使用程序加密密钥加密其从外部源接收的信息并将加密信息存储在安全模块外部的存储器中的机制,并且响应于从请求者接收对程序加密的请求 密钥,加密程序加密密钥,根据本发明的一个方面,使用根据与请求者相关联的安全模块生成的公共密钥生成的对称加密密钥。 之前的安全模块然后将加密的程序加密密钥提供给请求者。
-
公开(公告)号:US5455861A
公开(公告)日:1995-10-03
申请号:US113155
申请日:1993-08-27
IPC分类号: H04Q3/545 , H04K1/00 , H04L9/10 , H04L9/14 , H04M11/00 , H04Q3/00 , H04L9/00 , H04M1/19 , H04N1/44
CPC分类号: H04K1/00 , H04Q3/0016
摘要: A security node disposed in the telecommunications network connecting calling and called parties transforms information (which can be voice, data, facsimile, video and other types of calls or messages) encrypted in a first format to (a) encrypted information in a different format or to (b) non-encrypted information, and vice-versa. The node is accessible from any location connected to the network. By routing calls or messages originated by the calling party and destined for the called party via the security node, and providing appropriate control signals to the node, the information may be encrypted only over a portion of the transmission path between the parties, and clear over the remainder of the transmission path. Alternatively, the information may be encrypted in different portions of the path using different encryption algorithms. This arrangement enables the parties to obtain relatively secure communications even if only one party has a security device at the originating or terminating end, or if the parties have security devices using different handshaking protocols and encryption algorithms.
摘要翻译: 设置在连接主叫和被叫方的电信网络中的安全节点将以第一格式加密的信息(可以是语音,数据,传真,视频和其他类型的呼叫或消息)转换为(a)不同格式的加密信息, 到(b)非加密信息,反之亦然。 该节点可从连接到网络的任何位置访问。 通过路由由主叫方发起并通过安全节点发往被叫方的呼叫或消息,并向节点提供适当的控制信号,该信息可以仅在双方之间的传输路径的一部分上被加密,并且清除 传输路径的其余部分。 或者,可以使用不同的加密算法在路径的不同部分中加密该信息。 这种安排使得即使只有一方在始发或终端具有安全设备,或者如果各方具有使用不同的握手协议和加密算法的安全设备,则各方可以获得相对安全的通信。
-
公开(公告)号:US20090037732A1
公开(公告)日:2009-02-05
申请号:US12178588
申请日:2008-07-23
IPC分类号: H04L9/06
CPC分类号: G06Q50/184 , G06F21/10 , G06F2221/0708 , G06F2221/0717 , G06F2221/0759 , G06Q20/3829 , H04L63/061
摘要: Systems and methods are described for applying digital rights management techniques to tethered devices. In one embodiment, a host device is operable to translate a relatively sophisticated license into a simpler format for use on a relatively low-capability device. In another embodiment, a method of using extended SCSI commands to communicate over a USB connection is provided.
摘要翻译: 描述了将数字版权管理技术应用于系留设备的系统和方法。 在一个实施例中,主机设备可操作以将相对复杂的许可证转换成更简单的格式,以在相对较低能力的设备上使用。 在另一个实施例中,提供了使用扩展SCSI命令通过USB连接进行通信的方法。
-
公开(公告)号:US07043441B1
公开(公告)日:2006-05-09
申请号:US09521685
申请日:2000-03-09
申请人: David P. Maher
发明人: David P. Maher
IPC分类号: G06F17/60
CPC分类号: G06Q20/38215 , G06Q20/00 , G06Q20/04 , G06Q20/085 , G06Q20/10 , G06Q20/102 , G06Q20/382 , G06Q20/3821 , G06Q20/40 , G06Q20/401 , G06Q20/4016 , G06Q20/403 , G06Q30/04 , G06Q40/025 , G06Q40/04 , G06Q40/128 , H04L9/3268 , H04L2209/56
摘要: A method for performing electronic transactions, comprising receiving a long-term certificate, authenticating a user associated with the long-term certificate, and then sending a short-term certificate to the authenticated user. In addition, risk associated with the user can be evaluated, and this risk information, as well as other information, can be included in the short-term certificate.
-
公开(公告)号:US6125349A
公开(公告)日:2000-09-26
申请号:US107785
申请日:1998-06-30
申请人: David P. Maher
发明人: David P. Maher
CPC分类号: G06Q20/38215 , G06Q20/00 , G06Q20/04 , G06Q20/085 , G06Q20/10 , G06Q20/102 , G06Q20/382 , G06Q20/3821 , G06Q20/40 , G06Q20/401 , G06Q20/4016 , G06Q20/403 , G06Q30/04 , G06Q40/025 , G06Q40/04 , G06Q40/128 , H04L9/3268 , H04L2209/56
摘要: A method for performing electronic transactions, comprising receiving a long-term certificate, authenticating a user associated with the long-term certificate, and then sending a short-term certificate to the authenticated user. In addition, risk associated with the user can be evaluated, and this risk information, as well as other information, can be included in the short-term certificate.
-
8.发明申请Systems and Methods for Governing Content Rendering, Protection, and Management Applications 有权管理内容呈现,保护和管理应用的系统和方法公开(公告)号:US20120005764A1
公开(公告)日:2012-01-05
申请号:US13232903
申请日:2011-09-14
申请人: Michael K. MacKay , David P. Maher
发明人: Michael K. MacKay , David P. Maher
IPC分类号: G06F21/20
CPC分类号: G06F21/60 , H04L9/0822 , H04L9/0877 , H04L9/0891 , H04L63/062 , H04L2209/603 , H04L2463/101
摘要: System and methods are disclosed for governing digital rights management systems and other applications through the use of supervisory governance applications and keying mechanisms. Governance is provided by enabling the supervisory applications to revoke access keys and/or to block certain file system calls, thus preventing governed applications from accessing protected electronic content.
摘要翻译: 披露了通过使用监督管理应用程序和键控机制来管理数字版权管理系统和其他应用程序的系统和方法。 通过使监督应用程序能够撤销访问密钥和/或阻止某些文件系统调用,从而防止受管理的应用程序访问受保护的电子内容,从而提供治理。
-
公开(公告)号:US20100293050A1
公开(公告)日:2010-11-18
申请号:US12785412
申请日:2010-05-21
IPC分类号: G06Q30/00
CPC分类号: G06Q30/0251 , G06F16/335 , G06F16/337 , G06F16/9535 , G06Q30/02 , G06Q30/0247
摘要: Systems and methods are described for targeting advertisements to a user of an electronic device. In one embodiment, the user's device receives multiple advertisements and at least one content item. Using a control associated with the content item and controls associated with the advertisements, the user's system dynamically determines the optimum advertisements to render with the content item. Information about the advertisements that were selected can be sent to a remote party to facilitate payment by the provider of the advertisements to the provider of the content.
摘要翻译: 描述了将广告定位到电子设备的用户的系统和方法。 在一个实施例中,用户的设备接收多个广告和至少一个内容项。 使用与内容项相关联的控件和与广告相关联的控件,用户的系统动态地确定要与内容项呈现的最佳广告。 关于所选择的广告的信息可以被发送到远程方,以便于广告提供者向内容的提供者进行支付。
-
公开(公告)号:US20100293049A1
公开(公告)日:2010-11-18
申请号:US12785406
申请日:2010-05-21
CPC分类号: G06F17/30699 , G06F17/30702 , G06F17/30867 , G06Q30/02 , G06Q30/0247 , G06Q30/0251 , G06Q30/0273
摘要: A method for distributing an electronic content item for consumption with advertisements is provided. In one embodiment, a content provider creates a license identifying one or more slots within an electronic content item at which advertisements are to be inserted. The license specifies one or more types of advertisements that are not permitted to be inserted into the slots, and also specifies criteria for dynamically selecting advertisements to insert into the one or more slots. The content provider securely associates the electronic license with the electronic content item and distributes the electronic content item and the electronic license to a third party for consumption or subsequent transfer to an end user.
摘要翻译: 提供了一种用于分发用于广告消费的电子内容项目的方法。 在一个实施例中,内容提供商创建标识要在其中插入广告的电子内容项目中的一个或多个时隙的许可证。 许可证指定不允许插入到插槽中的一种或多种类型的广告,并且还指定用于动态地选择要插入到一个或多个时隙中的广告的标准。 内容提供商将电子许可证与电子内容项目安全地相关联,并将电子内容项目和电子许可证分发给第三方以供消费或随后转移到最终用户。
-
-
-
-
-
-
-
-
-
搜索结果
25 条记录 (耗时 0.037 秒)
