利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

68 条记录 (耗时 0.031 秒)

    Content alteration for prevention of unauthorized scripts
    1.
    发明授权
    Content alteration for prevention of unauthorized scripts 有权
    内容改变,以防止未经授权的脚本

    公开(公告)号:US07624277B1

    公开(公告)日:2009-11-24

    申请号:US10373926

    申请日:2003-02-25

    申请人: Patrice Y. Simard Richard Stephen Szeliski Josh Benaloh Iulian D. Calinov Julien D. Couvreur

    发明人: Patrice Y. Simard Richard Stephen Szeliski Josh Benaloh Iulian D. Calinov Julien D. Couvreur

    IPC分类号: G06F21/00

    CPC分类号: H04L63/14 G06F21/31 G06F2221/2133

    摘要: Methods for preventing unauthorized scripting. The invention generates a human interactive proof to distinguish a human from a machine by generating a random set of characters and altering each of the characters individually to inhibit computerized character recognition. The invention also includes concatenating the altered characters into a character string to be rendered to a user as a test. The character string may be altered to further inhibit computerized character recognition. Other aspects of the invention are directed to computer-readable media for use with the methods.

    摘要翻译: 防止未经授权的脚本的方法。 本发明通过生成随机的一组字符并且单独改变每个字符以产生计算机化字符识别,从而产生人与人之间的区别的机会。 本发明还包括将改变的字符连接成要呈现给用户的字符串作为测试。 可以改变字符串以进一步禁止计算机化字符识别。 本发明的其它方面涉及用于该方法的计算机可读介质。

    Prevention of unauthorized scripts
    2.
    发明授权
    Prevention of unauthorized scripts 有权
    防止未经授权的脚本

    公开(公告)号:US07606915B1

    公开(公告)日:2009-10-20

    申请号:US10374036

    申请日:2003-02-25

    申请人: Iulian D. Calinov Danpo Zhang Jonathan Wilkins Julien Couvreur Josh Benaloh

    发明人: Iulian D. Calinov Danpo Zhang Jonathan Wilkins Julien Couvreur Josh Benaloh

    IPC分类号: G06F15/16 G06F7/04

    CPC分类号: H04L63/08 G06F21/36 H04L63/0428

    摘要: Methods and system of preventing unauthorized scripting. The invention includes providing one or more tests to a user for distinguishing the user from a machine when the user requests access to the server. By storing information on a correct solution to the test in a block of data and sending the block of data together with the test, the invention provides stateless operation. Moreover, maintaining a database of previously used correct responses prevents replay attacks. The invention also includes providing combinations of alternative tests, such as visually altered textual character strings, audible character strings, and computational puzzles. Other aspects of the invention are directed to computer-readable media for use with the methods and system.

    摘要翻译: 防止未经授权的脚本的方法和系统。 本发明包括当用户请求访问服务器时向用户提供一个或多个测试以区分用户与机器。 通过在数据块中存储关于正确解决方案的信息并发送数据块以及测试,本发明提供无状态操作。 此外,维护先前使用正确响应的数据库可防止重放攻击。 本发明还包括提供替代测试的组合,例如视觉上改变的文本字符串,可听话字符串和计算拼图。 本发明的其它方面涉及用于方法和系统的计算机可读介质。

    System and method for non-interactive human answerable challenges
    4.
    发明授权
    System and method for non-interactive human answerable challenges 有权
    非交互式人为责任挑战的系统和方法

    公开(公告)号:US07337324B2

    公开(公告)日:2008-02-26

    申请号:US10725243

    申请日:2003-12-01

    申请人: Josh Benaloh Ismail Cem Paya

    发明人: Josh Benaloh Ismail Cem Paya

    IPC分类号: H04L9/32

    CPC分类号: H04L63/12 G06F21/31 H04L63/0435 H04L63/0442

    摘要: A system and method for automatically determining if a computer user is a human or an automated script. Human interactive proofs (HIPs) are currently used to deter automated registration for web services by automated computer scripts. Unfortunately, HIPs entail multiple steps (request service, receive challenge, respond to challenge) that can be burdensome. The system and method of the invention in one embodiment provides a “black-box” to potential users consisting of a challenge generator and a secret key. The challenge is generated for the user and the response can be provided as part of the service request, eliminating the need for a separate challenge from a service provider and response to the challenge.

    摘要翻译: 用于自动确定计算机用户是人或自动脚本的系统和方法。 人类交互式证明(HIP)目前用于通过自动计算机脚本来阻止Web服务的自动注册。 不幸的是,HIP需要多重步骤(请求服务,接收挑战,应对挑战),这可能是繁重的。 在一个实施例中,本发明的系统和方法为由挑战发生器和秘密密钥组成的潜在用户提供“黑箱”。 为用户生成挑战,并且响应可以作为服务请求的一部分提供,消除了对来自服务提供商的单独挑战的需求以及对挑战的响应。

    Using hierarchical identity based cryptography for authenticating outbound mail
    5.
    发明申请
    Using hierarchical identity based cryptography for authenticating outbound mail 有权
    使用基于层次标识的加密技术来验证出站邮件

    公开(公告)号:US20070124578A1

    公开(公告)日:2007-05-31

    申请号:US11291946

    申请日:2005-11-30

    申请人: Cem Paya Josh Benaloh

    发明人: Cem Paya Josh Benaloh

    IPC分类号: H04L9/00

    CPC分类号: H04L63/06 H04L9/3073 H04L9/3247 H04L9/3271 H04L51/00 H04L63/12

    摘要: A hierarchical identity based cryptographic system (“HIBC”) is integrated with the domain name system (“DNS”). A private key is assigned to each of the top level domain name authorities responsible for assigning the top level domain names (e.g., net, .com, etc.). The private key is generated according to an HIBC system, wherein the corresponding public key is based on the identity of the particular domain authority. When user requests a domain name from one of the top level domain name authorities, the user is issued a private key that is generated by the top level domain authority using its private key and the identity of the user according to the particular HIBC system implemented. The user's corresponding public key can be derived from the identity of the user and the public key of the top level domain name authority. Similarly, when the user adds servers and accounts to the users domain, the user can generate private keys for the servers and accounts using the users private key according to the particular HIBC system. Later, emails originating from the users domain can be authenticated by recipients using the public key associated with the top level domain name authority.

    摘要翻译: 基于层次标识的加密系统(“HIBC”)与域名系统(“DNS”)集成。 私钥分配给负责分配顶级域名(例如,net,.com等)的顶级域名权限。 私钥根据HIBC系统生成,其中相应的公钥基于特定域权限的身份。 当用户从顶级域名权限之一请求域名时,将使用其私有密钥和根据实施的特定HIBC系统的用户身份由顶级域机构生成的私钥。 用户的相应公钥可以从用户的身份和顶级域名权限的公钥中导出。 类似地,当用户将服务器和帐户添加到用户域时,用户可以使用根据特定HIBC系统的用户私钥为服务器和帐户生成私钥。 之后,来自用户域的电子邮件可以由收件人使用与顶级域名权限关联的公钥进行身份验证。

    Challenge response systems
    7.
    发明申请
    Challenge response systems 有权
    挑战响应系统

    公开(公告)号:US20060031338A1

    公开(公告)日:2006-02-09

    申请号:US10914325

    申请日:2004-08-09

    申请人: Nina Kang Joshua Goodman Robert Rounthwaite Josh Benaloh Elissa Murphy Manav Mishra Gopalakrishnan Seshadrinathan Derek Hazeur Ryan Colvin

    发明人: Nina Kang Joshua Goodman Robert Rounthwaite Josh Benaloh Elissa Murphy Manav Mishra Gopalakrishnan Seshadrinathan Derek Hazeur Ryan Colvin

    IPC分类号: G06F15/16

    CPC分类号: G06Q20/3674 H04L51/12

    摘要: Disclosed are systems and methods that facilitate securing communication channels used in a challenge-response system to mitigate spammer intrusion or deception. The systems and methods make use of unique IDs that can be added to outbound messages originating from a sender, a recipient, and a third-party server. The IDs can be correlated according to the relevant parties. Thus, for example, a sender can add a signed ID to an outgoing message. A challenge sent back to the sender for that particular message can echo the same ID or a new ID derived from the original ID to allow a sender to verify that the challenge corresponds to an actual message. The IDs can include cookies as well to facilitate correlation of messages and to facilitate the retrieval of messages once a sender is determined to be legitimate.

    摘要翻译: 公开了有助于确保在挑战 - 响应系统中使用的通信信道的系统和方法,以减轻垃圾邮件发送者入侵或欺骗。 系统和方法使用可以添加到源自发件人,收件人和第三方服务器的出站邮件的唯一ID。 ID可以根据相关方关联。 因此,例如,发送者可以向输出消息添加签名的ID。 向该发送者发送的针对该特定消息的挑战可以回显与原始ID相同的ID或新的ID,以允许发送方验证该挑战是否对应于实际的消息。 ID可以包括cookie,以便于消息的相关性,并且一旦发送者被确定为合法,便于检索消息。

    Manifest-based trusted agent management in a trusted operating system environment
    8.
    发明申请
    Manifest-based trusted agent management in a trusted operating system environment 审中-公开
    在受信任的操作系统环境中进行基于清单的可信代理管理

    公开(公告)号:US20050278477A1

    公开(公告)日:2005-12-15

    申请号:US11207081

    申请日:2005-08-18

    申请人: Paul England Marcus Peinado Daniel Simon Josh Benaloh

    发明人: Paul England Marcus Peinado Daniel Simon Josh Benaloh

    IPC分类号: G06F21/00 G06F12/00

    CPC分类号: G06F21/54 G06F21/53 G06F21/57

    摘要: Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.

    摘要翻译: 在受信任的操作系统环境中的基于清单的可信代理管理包括接收接收到的执行进程的请求,并为进程设置虚拟内存空间。 此外,访问对应于进程的清单,并且可以基于二进制文件中包括在清单中的指示符限制在虚拟存储器空间中执行多个二进制文件中的哪一个。

    Exclusive encryption
    10.
    发明申请
    Exclusive encryption 失效
    独家加密

    公开(公告)号:US20050066184A1

    公开(公告)日:2005-03-24

    申请号:US10985201

    申请日:2004-11-10

    申请人: John Douceur Josh Benaloh Gideon Yuval Atul Adya

    发明人: John Douceur Josh Benaloh Gideon Yuval Atul Adya

    IPC分类号: G06F21/00 H04L29/06 H04L9/00

    CPC分类号: H04L63/0428 G06F21/6209 G06F21/6218 G06F2221/2107

    摘要: An exclusive encryption system is established using multiple computing devices. The exclusive encryption system allows for the exclusion of certain plaintext (e.g., by one of the computing devices) and ciphertext (e.g., by another of the computing devices) while at the same time maintaining the privacy created by the encryption (e.g., so the other computing device cannot see the plaintext). The exclusive encryption system may be implemented as part of a serverless distributed file system with directory entries (e.g., file names or folder names) being the plaintext, or alternatively as part of other systems.

    摘要翻译: 使用多个计算设备建立专用加密系统。 专用加密系统允许排除某些明文(例如,由计算设备之一)和密文(例如,由计算设备中的另一个),同时保持由加密产生的隐私(例如,因此, 其他计算设备看不到明文)。 独占加密系统可以被实现为具有目录条目(例如,文件名或文件夹名称)为明文,或作为其他系统的一部分的无服务器分布式文件系统的一部分。