SECURE ONLINE BANKING TRANSACTION APPARATUS AND METHOD
    1.
    发明申请
    SECURE ONLINE BANKING TRANSACTION APPARATUS AND METHOD 有权
    安全的在线银行交易设备和方法

    公开(公告)号:US20090248580A1

    公开(公告)日:2009-10-01

    申请号:US12060415

    申请日:2008-04-01

    IPC分类号: G06Q40/00 H04L9/32

    摘要: A secure online banking transaction apparatus to communicate with a server over a non-secure connection is provided and includes a selector configured to allow for a selection of a mode of the apparatus, a processing unit coupled to the selector and including a secure communication unit, which is configured to set up a secure connection, along which a secure transaction occurs, with the server via the non-secure connection in accordance with the mode, an input unit coupled to the processing unit and configured to allow for a input of data into the apparatus, which is at least partly related to the secure transaction, and an interface coupled to the processing unit and configured to convey at least a status of the secure transaction and the contents off the inputted data.

    摘要翻译: 提供了一种用于通过非安全连接与服务器进行通信的安全的网上银行交易装置,并且包括被配置为允许选择所述装置的模式的选择器,耦合到所述选择器并包括安全通信单元的处理单元, 其被配置为根据该模式经由非安全连接与服务器建立安全事务发生的安全连接,输入单元耦合到处理单元并被配置为允许数据输入 所述装置至少部分地与安全事务相关,以及耦合到所述处理单元并被配置为至少传送所述安全事务的状态和所述内容的所述输入数据的接口。

    Providing a user device with a set of a access codes
    2.
    发明申请
    Providing a user device with a set of a access codes 审中-公开
    向用户设备提供一组访问代码

    公开(公告)号:US20060168657A1

    公开(公告)日:2006-07-27

    申请号:US10532195

    申请日:2003-10-24

    IPC分类号: G06F12/14

    摘要: A method for providing a user device with a set of access codes comprises, in the user device, storing an encryption key and an identification code, and sending a message containing the identification code to a server via a communications network. In the server, an encryption key is stored corresponding to the key stored in the user device, allocating the set of access codes on receipt of the identification code from the user device. A look up function is performed based on the identification code received in the message to retrieve the key from storage. The set of access codes is encrypted using the retrieved key to produce an encrypted set. A message containing the encrypted set is sent to the user device via the network. In the user device, the encrypted set received from the server is decrypted using the key in storage, and storing the decrypted set of access codes for use by a user of the user device.

    摘要翻译: 一种向用户设备提供一组接入码的方法,包括在用户设备中存储加密密钥和识别码,以及经由通信网络向服务器发送包含识别码的消息。 在服务器中,对应于存储在用户设备中的密钥存储加密密钥,在从用户设备接收到识别码时分配一组接入码。 基于在消息中接收到的识别码执行查找功能,以从存储中检索密钥。 使用检索到的密钥对访问代码集进行加密以产生加密集。 包含加密集的消息经由网络发送到用户设备。 在用户装置中,使用存储器中的密钥对从服务器接收到的加密集进行解密,并且存储解密的一组访问码以供用户装置的用户使用。

    Secure online banking transaction apparatus and method
    3.
    发明授权
    Secure online banking transaction apparatus and method 有权
    安全的网上银行交易设备和方法

    公开(公告)号:US08799171B2

    公开(公告)日:2014-08-05

    申请号:US12060415

    申请日:2008-04-01

    IPC分类号: G06Q20/00

    摘要: A secure online banking transaction apparatus to communicate with a server over a non-secure connection is provided and includes a selector configured to allow for a selection of a mode of the apparatus, a processing unit coupled to the selector and including a secure communication unit, which is configured to set up a secure connection, along which a secure transaction occurs, with the server via the non-secure connection in accordance with the mode, an input unit coupled to the processing unit and configured to allow for a input of data into the apparatus, which is at least partly related to the secure transaction, and an interface coupled to the processing unit and configured to convey at least a status of the secure transaction and the contents off the inputted data.

    摘要翻译: 提供了一种用于通过非安全连接与服务器进行通信的安全的网上银行交易装置,并且包括被配置为允许选择所述装置的模式的选择器,耦合到所述选择器并包括安全通信单元的处理单元, 其被配置为根据该模式经由非安全连接与服务器建立安全事务发生的安全连接,输入单元耦合到处理单元并被配置为允许数据输入 所述装置至少部分地与安全事务相关,以及耦合到所述处理单元并被配置为至少传送所述安全事务的状态和所述内容的所述输入数据的接口。

    SYSTEM AND METHOD OF PERFORMING ELECTRONIC TRANSACTIONS
    4.
    发明申请
    SYSTEM AND METHOD OF PERFORMING ELECTRONIC TRANSACTIONS 审中-公开
    执行电子交易的系统和方法

    公开(公告)号:US20090132808A1

    公开(公告)日:2009-05-21

    申请号:US12274100

    申请日:2008-11-19

    IPC分类号: H04L9/00 H04L29/06

    摘要: A system and method of performing electronic transactions between a server computer and a client computer. The method implements a communication protocol with encrypted data transmission and mutual authentication between a server and a hardware device via a network, performs a decryption of encrypted server responses, forwards the decrypted server responses from the hardware device to the client computer, displays the decrypted server responses on a client display, receives requests to be sent from the client computer to the server, parses the client requests for predefined transaction information by the hardware device, encrypts and forwards client requests, displays the predefined transaction information upon detection, forwards and encrypts the client request containing the predefined transaction information to the server if a user confirmation is received, and cancels the transaction if no user confirmation is received.

    摘要翻译: 在服务器计算机和客户端计算机之间执行电子交易的系统和方法。 该方法通过网络实现具有加密数据传输和服务器与硬件设备之间的相互认证的通信协议,执行加密服务器响应的解密,将解密的服务器响应从硬件设备转发到客户端计算机,显示解密的服务器 在客户端显示器上的响应,接收从客户端计算机发送到服务器的请求,通过硬件设备解析客户端对预定义交易信息的请求,对客户端请求进行加密和转发,检测到显示预定义的事务信息,转发和加密 如果接收到用户确认,则将包含预定义交易信息的客户端请求发送到服务器,如果没有接收到用户确认,则取消该交易。

    SYSTEM AND METHOD FOR DISTRIBUTION OF CREDENTIALS
    5.
    发明申请
    SYSTEM AND METHOD FOR DISTRIBUTION OF CREDENTIALS 有权
    用于分配证书的系统和方法

    公开(公告)号:US20080250244A1

    公开(公告)日:2008-10-09

    申请号:US12062888

    申请日:2008-04-04

    IPC分类号: H04L9/00

    摘要: The invention relates to a method for distribution of a set of credentials from a credential issuer to a credential user. The credential user is provided with a user device. A first channel and a second channel are provided for communication between the user device and the credential issuer. A shared key is distributed between the user device and the credential issuer by means of the second channel. A binary representation of the set of credentials with a predefined maximum level of deviation from a uniform distribution is generated. The binary representation of the set of credentials is encrypted by means of the shared key. The encrypted set of credentials is distributed via the first channel from the credential issuer to the user device. The encrypted set of credentials is decrypted by the user device by means of the shared key.

    摘要翻译: 本发明涉及一种从凭证发行者向证书用户分发一组凭证的方法。 证书用户被提供有用户设备。 第一通道和第二通道被提供用于用户设备和证书发行者之间的通信。 共享密钥通过第二信道在用户设备和证书颁发者之间分配。 生成具有预定的与均匀分布的最大偏差水平的凭证集合的二进制表示。 该凭证集的二进制表示通过共享密钥进行加密。 加密的证书集合经由第一信道从证书颁发者分发到用户设备。 加密的凭证集合由用户设备通过共享密钥解密。

    Distribution of credentials
    6.
    发明授权
    Distribution of credentials 有权
    证书分发

    公开(公告)号:US09112680B2

    公开(公告)日:2015-08-18

    申请号:US13474184

    申请日:2012-05-17

    IPC分类号: H04L9/32 H04L9/08 H04L29/06

    摘要: The invention relates to a method for distribution of a set of credentials from a credential issuer to a credential user. The credential user is provided with a user device. A first channel and a second channel are provided for communication between the user device and the credential issuer. A shared key is distributed between the user device and the credential issuer by means of the second channel. A binary representation of the set of credentials with a predefined maximum level of deviation from a uniform distribution is generated. The binary representation of the set of credentials is encrypted by means of the shared key. The encrypted set of credentials is distributed via the first channel from the credential issuer to the user device. The encrypted set of credentials is decrypted by the user device by means of the shared key.

    摘要翻译: 本发明涉及一种从凭证发行者向证书用户分发一组凭证的方法。 证书用户被提供有用户设备。 第一通道和第二通道被提供用于用户设备和凭证发行者之间的通信。 共享密钥通过第二信道在用户设备和证书颁发者之间分配。 生成具有预定的与均匀分布的最大偏差水平的凭证集合的二进制表示。 该凭证集的二进制表示通过共享密钥进行加密。 加密的证书集合经由第一信道从证书颁发者分发到用户设备。 加密的凭证集合由用户设备通过共享密钥解密。

    Distribution of Credentials
    7.
    发明申请
    Distribution of Credentials 审中-公开
    证书分发

    公开(公告)号:US20120233465A1

    公开(公告)日:2012-09-13

    申请号:US13474184

    申请日:2012-05-17

    IPC分类号: H04L9/32

    摘要: The invention relates to a method for distribution of a set of credentials from a credential issuer to a credential user. The credential user is provided with a user device. A first channel and a second channel are provided for communication between the user device and the credential issuer. A shared key is distributed between the user device and the credential issuer by means of the second channel. A binary representation of the set of credentials with a predefined maximum level of deviation from a uniform distribution is generated. The binary representation of the set of credentials is encrypted by means of the shared key. The encrypted set of credentials is distributed via the first channel from the credential issuer to the user device. The encrypted set of credentials is decrypted by the user device by means of the shared key.

    摘要翻译: 本发明涉及一种从凭证发行者向证书用户分发一组凭证的方法。 证书用户被提供有用户设备。 第一通道和第二通道被提供用于用户设备和凭证发行者之间的通信。 共享密钥通过第二信道在用户设备和证书颁发者之间分配。 生成具有预定的与均匀分布的最大偏差水平的凭证集合的二进制表示。 该凭证集的二进制表示通过共享密钥进行加密。 加密的证书集合经由第一信道从证书颁发者分发到用户设备。 加密的凭证集合由用户设备通过共享密钥解密。

    System and method for distribution of credentials
    8.
    发明授权
    System and method for distribution of credentials 有权
    用于分发证书的系统和方法

    公开(公告)号:US08214642B2

    公开(公告)日:2012-07-03

    申请号:US12062888

    申请日:2008-04-04

    IPC分类号: H04L9/32

    摘要: The invention relates to a method for distribution of a set of credentials from a credential issuer to a credential user. The credential user is provided with a user device. A first channel and a second channel are provided for communication between the user device and the credential issuer. A shared key is distributed between the user device and the credential issuer by means of the second channel. A binary representation of the set of credentials with a predefined maximum level of deviation from a uniform distribution is generated. The binary representation of the set of credentials is encrypted by means of the shared key. The encrypted set of credentials is distributed via the first channel from the credential issuer to the user device. The encrypted set of credentials is decrypted by the user device by means of the shared key.

    摘要翻译: 本发明涉及一种从凭证发行者向证书用户分发一组凭证的方法。 证书用户被提供有用户设备。 第一通道和第二通道被提供用于用户设备和凭证发行者之间的通信。 共享密钥通过第二信道在用户设备和证书颁发者之间分配。 生成具有预定的与均匀分布的最大偏差水平的凭证集合的二进制表示。 该凭证集的二进制表示通过共享密钥进行加密。 加密的证书集合经由第一信道从证书颁发者分发到用户设备。 加密的凭证集合由用户设备通过共享密钥解密。

    Device and method with reduced information leakage
    9.
    发明申请
    Device and method with reduced information leakage 失效
    减少信息泄漏的装置和方法

    公开(公告)号:US20060090081A1

    公开(公告)日:2006-04-27

    申请号:US10495345

    申请日:2002-11-05

    IPC分类号: G06F12/14 H04L9/32 G06F11/30

    摘要: The invention is directed to a data-processing system comprising a processor and first encrypted information in a first persistent memory whose level of information leakage is higher than that of a second persistent memory. In the second persistent memory is stored a first cryptographic key for decrypting the first encrypted information, thereby generating therefrom first unencrypted information that is usable by the processor for executing an operation. The same cryptographic key may also be used for encrypting the first unencrypted information, thereby generating the first encrypted information. It is also directed to a method of processing such a data-processing system with an operating system, comprising a writing step for writing first unencrypted information into the first persistent memory, an encryption step for encrypting the first unencrypted information under use of the first cryptographic key, creating therefrom first encrypted information in the first persistent memory, and an access-limitation step for setting the data-processing system to a state in which writing into the first persistent memory is controlled by the operating system. It also relates to a method of executing an operation on such a data-processing system comprising a decryption step for decrypting the first encrypted information under use of the first cryptographic key, thereby generating therefrom first unencrypted information and an execution step for executing an operation by the processor, using the first unencrypted information.

    摘要翻译: 本发明涉及一种数据处理系统,包括处理器和第一持久存储器中的第一加密信息,其信息泄漏级别高于第二持久存储器。 在第二持久存储器中存储用于解密第一加密信息的第一密码密钥,从而由处理器可用于执行操作的第一未加密信息生成。 相同的加密密钥也可以用于加密第一未加密信息,从而生成第一加密信息。 还涉及一种使用操作系统处理这种数据处理系统的方法,包括用于将第一未加密信息写入第一持久存储器的写入步骤,用于在使用第一密码的情况下加密第一未加密信息的加密步骤 密钥,从第一永久存储器中创建第一加密信息,以及访问限制步骤,用于将数据处理系统设置为由操作系统控制对第一永久存储器的写入的状态。 它还涉及对这种数据处理系统执行操作的方法,包括解密步骤,用于在使用第一加密密钥的情况下对第一加密信息进行解密,由此产生第一未加密信息,以及执行步骤,用于执行操作, 处理器,使用第一个未加密的信息。

    SYSTEM AND METHOD FOR RECOVERY OF MEMORY TRANSACTIONS
    10.
    发明申请
    SYSTEM AND METHOD FOR RECOVERY OF MEMORY TRANSACTIONS 有权
    用于恢复存储器交易的系统和方法

    公开(公告)号:US20080168307A1

    公开(公告)日:2008-07-10

    申请号:US11962718

    申请日:2007-12-21

    IPC分类号: G06F11/14

    CPC分类号: G06F11/1441 G06F11/141

    摘要: A method for transactional writing of data into a persistent memory comprising memory cells includes a transactional writing step and a transaction recovery step. The transactional writing step comprises one or more memory cell writing steps comprising the sub-steps of writing in a transaction buffer as transaction buffer entry the current data value and the corresponding address of the respective memory cell, writing a first valid marker for the memory cell in the transaction buffer, and writing a new data value to the memory cell. The transaction recovery step is performed in case of an abortion of the transactional writing step for restoring the current data values of the aborted transaction in the persistent memory, the transaction recovery step comprising the sub-step of writing a transaction recovery marker to the transaction buffer indicating the start of the transaction recovery.

    摘要翻译: 一种用于将数据事务写入包括存储器单元的持久存储器中的方法包括事务写入步骤和事务恢复步骤。 事务写入步骤包括一个或多个存储器单元写入步骤,包括在事务缓冲器中写入事务缓冲器条目当前数据值和相应存储器单元的对应地址的子步骤,为存储器单元写入第一有效标记 在事务缓冲器中,并将新的数据值写入存储单元。 在用于恢复持久存储器中的中止的事务的当前数据值的事务写入步骤的流失的情况下执行事务恢复步骤,该事务恢复步骤包括将事务恢复标记写入事务缓冲器的子步骤 指示事务恢复的开始。