公开(公告)号：US09424439B2

公开(公告)日：2016-08-23

申请号：US13230121

申请日：2011-09-12

申请人： Matthew Z. Tamayo-Rios ,  Saurav Sinha ,  Ruslan Ovechkin ,  Gopinathan Kannan ,  Vijay G. Bharadwaj ,  Christopher R. Macaulay ,  Eric Fleischman ,  Nathan J. Ide ,  Kun Liu

发明人： Matthew Z. Tamayo-Rios ,  Saurav Sinha ,  Ruslan Ovechkin ,  Gopinathan Kannan ,  Vijay G. Bharadwaj ,  Christopher R. Macaulay ,  Eric Fleischman ,  Nathan J. Ide ,  Kun Liu

IPC分类号： H04L29/06 ,  G06F21/62 ,  G06F21/44 ,  H04L29/08

CPC分类号： G06F21/6218 ,  G06F21/44 ,  G06F21/6245 ,  G06F21/6272 ,  G06F2221/2107 ,  H04L63/0428 ,  H04L63/062 ,  H04L67/1095 ,  H04L67/1097

摘要： Techniques for secure data synchronization are described. In one or more implementations, techniques may be employed to conserve high cost data storage by storing larger portions of encrypted data in low cost storage, while storing relatively smaller encryption keys in higher cost storage. A device that is granted access to the encryption keys can retrieve the encrypted data from the low cost storage and use the encryption keys to decrypt the encrypted data.

摘要翻译： 描述了用于安全数据同步的技术。 在一个或多个实现中，可以采用技术来通过将较大部分的加密数据存储在低成本存储中，同时在较高成本存储中存储相对较小的加密密钥来节省高成本数据存储。 授权访问加密密钥的设备可以从低成本存储中检索加密数据，并使用加密密钥对加密数据进行解密。

公开(公告)号：US20130067243A1

公开(公告)日：2013-03-14

申请号：US13230121

申请日：2011-09-12

申请人： Matthew Z. Tamayo-Rios ,  Saurav Sinha ,  Ruslan Ovechkin ,  Gopinathan Kannan ,  Vijay G. Bharadwaj ,  Christopher R. Macaulay ,  Eric Fleischman ,  Nathan J. Ide ,  Kun Liu

发明人： Matthew Z. Tamayo-Rios ,  Saurav Sinha ,  Ruslan Ovechkin ,  Gopinathan Kannan ,  Vijay G. Bharadwaj ,  Christopher R. Macaulay ,  Eric Fleischman ,  Nathan J. Ide ,  Kun Liu

IPC分类号： G06F12/14

CPC分类号： G06F21/6218 ,  G06F21/44 ,  G06F21/6245 ,  G06F21/6272 ,  G06F2221/2107 ,  H04L63/0428 ,  H04L63/062 ,  H04L67/1095 ,  H04L67/1097

摘要： Techniques for secure data synchronization are described. In one or more implementations, techniques may be employed to conserve high cost data storage by storing larger portions of encrypted data in low cost storage, while storing relatively smaller encryption keys in higher cost storage. A device that is granted access to the encryption keys can retrieve the encrypted data from the low cost storage and use the encryption keys to decrypt the encrypted data.

摘要翻译： 描述了用于安全数据同步的技术。 在一个或多个实现中，可以采用技术来通过将较大部分的加密数据存储在低成本存储中，同时在较高成本存储中存储相对较小的加密密钥来节省高成本数据存储。 授权访问加密密钥的设备可以从低成本存储中检索加密数据，并使用加密密钥对加密数据进行解密。

公开(公告)号：US08640210B2

公开(公告)日：2014-01-28

申请号：US13224257

申请日：2011-09-01

申请人： Mark Novak ,  Paul J. Leach ,  Yi Zeng ,  Saurav Sinha ,  K Michiko Short ,  Gopinathan Kannan

发明人： Mark Novak ,  Paul J. Leach ,  Yi Zeng ,  Saurav Sinha ,  K Michiko Short ,  Gopinathan Kannan

IPC分类号： G06F21/00 ,  H04L9/32 ,  H04L9/00 ,  H04L29/06 ,  G06F15/00

CPC分类号： H04L63/0846

摘要： A distributed system in which time-dependent credentials are supplied by controllers that operate according to different local times. Errors that might arise from the controllers generating inconsistent credentials because of time skew are avoided by identifying credentials generated during transition intervals in which different ones of the controllers may generate different credentials at the same absolute time. During a transition interval, controllers and other devices may use credentials differentially based on the nature of the authentication function. Each controller may periodically renew its credentials based on self-scheduled renewals or based on requests from other devices, such that renewal times are offset by random delays to avoid excessive network traffic. Controllers may determine which credential is valid for any given time, based on a cryptographically secure key associated with that time and information identifying the entity that is associated with that credential.

摘要翻译： 分布式系统，其中根据不同的本地时间操作的控制器提供时间依赖的凭证。 通过识别在过渡间隔期间生成的凭证可以避免控制器因产生时间偏差而产生不一致凭据的错误，其中不同的控制器可能会在同一绝对时间产生不同的凭据。 在转换间隔期间，控制器和其他设备可以基于认证功能的性质差异地使用凭证。 每个控制器可以基于自调度续订或基于来自其他设备的请求来定期更新其凭证，使得更新时间被随机延迟抵消以避免过多的网络流量。 控制器可以基于与该时间相关联的加密安全密钥以及识别与该凭证相关联的实体的信息来确定哪个凭证对于任何给定时间是有效的。

公开(公告)号：US20130061300A1

公开(公告)日：2013-03-07

申请号：US13224255

申请日：2011-09-01

申请人： Mark Novak ,  Paul J. Leach ,  Yi Zeng ,  Saurav Sinha ,  K. Michiko Short ,  Gopinathan Kannan

发明人： Mark Novak ,  Paul J. Leach ,  Yi Zeng ,  Saurav Sinha ,  K. Michiko Short ,  Gopinathan Kannan

IPC分类号： G06F21/00

CPC分类号： G06F21/00 ,  G06F21/6218 ,  H04L9/32 ,  H04L63/0846

摘要： A distributed system in which time-dependent credentials are supplied by controllers that operate according to different local times. Errors that might arise from the controllers generating inconsistent credentials because of time skew are avoided by identifying credentials generated during transition intervals in which different ones of the controllers may generate different credentials at the same absolute time. During a transition interval, controllers and other devices may use credentials differentially based on the nature of the authentication function. Each controller may periodically renew its credentials based on self-scheduled renewals or based on requests from other devices, such that renewal times are offset by random delays to avoid excessive network traffic. Controllers may determine which credential is valid for any given time, based on a cryptographically secure key associated with that time and information identifying the entity that is associated with that credential.

摘要翻译： 分布式系统，其中根据不同的本地时间操作的控制器提供时间依赖的凭证。 通过识别在过渡间隔期间生成的凭证可以避免控制器因产生时间偏差而产生不一致凭据的错误，其中不同的控制器可能会在同一绝对时间产生不同的凭据。 在转换间隔期间，控制器和其他设备可以基于认证功能的性质差异地使用凭证。 每个控制器可以基于自调度续订或基于来自其他设备的请求来定期更新其凭证，使得更新时间被随机延迟抵消以避免过多的网络流量。 控制器可以基于与该时间相关联的加密安全密钥以及识别与该凭证相关联的实体的信息来确定哪个凭证对于任何给定时间是有效的。

公开(公告)号：US09032492B2

公开(公告)日：2015-05-12

申请号：US13224246

申请日：2011-09-01

申请人： Mark Novak ,  Paul J. Leach ,  Yi Zeng ,  Saurav Sinha ,  K Michiko Short ,  Gopinathan Kannan

发明人： Mark Novak ,  Paul J. Leach ,  Yi Zeng ,  Saurav Sinha ,  K Michiko Short ,  Gopinathan Kannan

IPC分类号： G06F21/00 ,  H04L29/06 ,  H04W12/06 ,  H04L9/32 ,  G06F21/34

CPC分类号： G06F21/00 ,  G06F21/34 ,  H04L63/065 ,  H04L63/068 ,  H04L67/10 ,  H04L2463/121 ,  H04W12/06

摘要： A distributed system in which time-dependent credentials are supplied by controllers that operate according to different local times. Errors that might arise from the controllers generating inconsistent credentials because of time skew are avoided by identifying credentials generated during transition intervals in which different ones of the controllers may generate different credentials at the same absolute time. During a transition interval, controllers and other devices may use credentials differentially based on the nature of the authentication function. Each controller may periodically renew its credentials based on self-scheduled renewals or based on requests from other devices, such that renewal times are offset by random delays to avoid excessive network traffic. Controllers may determine which credential is valid for any given time, based on a cryptographically secure key associated with that time and information identifying the entity that is associated with that credential.

公开(公告)号：US20130061301A1

公开(公告)日：2013-03-07

申请号：US13224257

申请日：2011-09-01

申请人： Mark Novak ,  Paul J. Leach ,  Yi Zeng ,  Saurav Sinha ,  K. Michiko Short ,  Gopinathan Kannan

发明人： Mark Novak ,  Paul J. Leach ,  Yi Zeng ,  Saurav Sinha ,  K. Michiko Short ,  Gopinathan Kannan

IPC分类号： G06F21/00

CPC分类号： H04L63/0846

摘要： A distributed system in which time-dependent credentials are supplied by controllers that operate according to different local times. Errors that might arise from the controllers generating inconsistent credentials because of time skew are avoided by identifying credentials generated during transition intervals in which different ones of the controllers may generate different credentials at the same absolute time. During a transition interval, controllers and other devices may use credentials differentially based on the nature of the authentication function. Each controller may periodically renew its credentials based on self-scheduled renewals or based on requests from other devices, such that renewal times are offset by random delays to avoid excessive network traffic. Controllers may determine which credential is valid for any given time, based on a cryptographically secure key associated with that time and information identifying the entity that is associated with that credential.

公开(公告)号：US09058467B2

公开(公告)日：2015-06-16

申请号：US13224255

申请日：2011-09-01

申请人： Mark Novak ,  Paul J. Leach ,  Yi Zeng ,  Saurav Sinha ,  K Michiko Short ,  Gopinathan Kannan

发明人： Mark Novak ,  Paul J. Leach ,  Yi Zeng ,  Saurav Sinha ,  K Michiko Short ,  Gopinathan Kannan

IPC分类号： G06F21/00 ,  H04L29/06 ,  G06F21/62 ,  G06F15/16 ,  H04L9/32

CPC分类号： G06F21/00 ,  G06F21/6218 ,  H04L9/32 ,  H04L63/0846

摘要： A distributed system in which time-dependent credentials are supplied by controllers that operate according to different local times. Errors that might arise from the controllers generating inconsistent credentials because of time skew are avoided by identifying credentials generated during transition intervals in which different ones of the controllers may generate different credentials at the same absolute time. During a transition interval, controllers and other devices may use credentials differentially based on the nature of the authentication function. Each controller may periodically renew its credentials based on self-scheduled renewals or based on requests from other devices, such that renewal times are offset by random delays to avoid excessive network traffic. Controllers may determine which credential is valid for any given time, based on a cryptographically secure key associated with that time and information identifying the entity that is associated with that credential.

摘要翻译： 分布式系统，其中根据不同的本地时间操作的控制器提供时间依赖的凭证。 通过识别在过渡间隔期间生成的凭证可以避免控制器因产生时间偏差而产生不一致凭据的错误，其中不同的控制器可能会在同一绝对时间产生不同的凭据。 在转换间隔期间，控制器和其他设备可以基于认证功能的性质差异地使用凭证。 每个控制器可以基于自调度续订或基于来自其他设备的请求来定期更新其凭证，使得更新时间被随机延迟抵消以避免过多的网络流量。 控制器可以基于与该时间相关联的加密安全密钥以及识别与该凭证相关联的实体的信息来确定哪个凭证对于任何给定时间是有效的。

公开(公告)号：US20130061299A1

公开(公告)日：2013-03-07

申请号：US13224246

申请日：2011-09-01

申请人： Mark Novak ,  Paul J. Leach ,  Yi Zeng ,  Saurav Sinha ,  K. Michiko Short ,  Gopinathan Kannan

发明人： Mark Novak ,  Paul J. Leach ,  Yi Zeng ,  Saurav Sinha ,  K. Michiko Short ,  Gopinathan Kannan

IPC分类号： G06F21/00

CPC分类号： G06F21/00 ,  G06F21/34 ,  H04L63/065 ,  H04L63/068 ,  H04L67/10 ,  H04L2463/121 ,  H04W12/06

摘要： A distributed system in which time-dependent credentials are supplied by controllers that operate according to different local times. Errors that might arise from the controllers generating inconsistent credentials because of time skew are avoided by identifying credentials generated during transition intervals in which different ones of the controllers may generate different credentials at the same absolute time. During a transition interval, controllers and other devices may use credentials differentially based on the nature of the authentication function. Each controller may periodically renew its credentials based on self-scheduled renewals or based on requests from other devices, such that renewal times are offset by random delays to avoid excessive network traffic. Controllers may determine which credential is valid for any given time, based on a cryptographically secure key associated with that time and information identifying the entity that is associated with that credential.

公开(公告)号：US20090328154A1

公开(公告)日：2009-12-31

申请号：US12146344

申请日：2008-06-25

申请人： Scott A. Field ,  Ramesh Chinta ,  Liqiang Zhu ,  Umit Akkus ,  Siddharth Bhai ,  Gopinathan Kannan ,  James J. Simmons ,  Qi Cao ,  Paul Miller ,  Ryan Fairfax ,  Alexandru Hanganu

发明人： Scott A. Field ,  Ramesh Chinta ,  Liqiang Zhu ,  Umit Akkus ,  Siddharth Bhai ,  Gopinathan Kannan ,  James J. Simmons ,  Qi Cao ,  Paul Miller ,  Ryan Fairfax ,  Alexandru Hanganu

IPC分类号： H04L9/32

CPC分类号： G06F21/46

摘要： This disclosure describes methods, systems, and application programming interfaces for creating a credential managed account. This disclosure describes creating a new password managed account, defining the password managed account, wherein the password managed account is to access a service on a managed computing device, identifying the password managed account for a lifecycle, and automatically managing the password managed account by updating and changing a password for the password managed account on a periodic basis.

摘要翻译： 本公开描述了用于创建凭证管理帐户的方法，系统和应用程序编程接口。 本公开描述了创建新的密码管理帐户，定义密码管理帐户，其中密码管理帐户将访问受管计算设备上的服务，识别生命周期中的密码管理帐户，以及通过更新来自动管理密码管理帐户 并定期更改密码管理帐户的密码。

公开(公告)号：US09501635B2

公开(公告)日：2016-11-22

申请号：US12146344

申请日：2008-06-25

申请人： Ramesh Chinta ,  Scott A. Field ,  Liqiang Zhu ,  Umit Akkus ,  Siddharth Bhai ,  Gopinathan Kannan ,  James J Simmons ,  Qi Cao ,  Paul Miller ,  Ryan Fairfax ,  Alexandru Hanganu

发明人： Ramesh Chinta ,  Scott A. Field ,  Liqiang Zhu ,  Umit Akkus ,  Siddharth Bhai ,  Gopinathan Kannan ,  James J Simmons ,  Qi Cao ,  Paul Miller ,  Ryan Fairfax ,  Alexandru Hanganu

IPC分类号： H04L29/06 ,  G06F21/46

CPC分类号： G06F21/46

摘要： This disclosure describes methods, systems, and application programming interfaces for creating a credential managed account. This disclosure describes creating a new password managed account, defining the password managed account, wherein the password managed account is to access a service on a managed computing device, identifying the password managed account for a lifecycle, and automatically managing the password managed account by updating and changing a password for the password managed account on a periodic basis.

摘要翻译： 本公开描述了用于创建凭证管理帐户的方法，系统和应用程序编程接口。 本公开描述了创建新的密码管理帐户，定义密码管理帐户，其中密码管理帐户将访问受管计算设备上的服务，识别生命周期中的密码管理帐户，以及通过更新来自动管理密码管理帐户 并定期更改密码管理帐户的密码。