利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

15 条记录 (耗时 0.034 秒)

    Authenticated identity propagation and translation within a multiple computing unit environment
    1.
    发明授权
    Authenticated identity propagation and translation within a multiple computing unit environment 有权
    在多个计算单元环境中的经过身份验证的身份传播和翻译

    公开(公告)号:US07822980B2

    公开(公告)日:2010-10-26

    申请号:US11468139

    申请日:2006-08-29

    申请人: Patrick S. Botz John C. Dayka Donna N. Dillenberger Richard H. Guski Timothy J. Hahn Margaret K. LaBelle Mark A. Nelson

    发明人: Patrick S. Botz John C. Dayka Donna N. Dillenberger Richard H. Guski Timothy J. Hahn Margaret K. LaBelle Mark A. Nelson

    IPC分类号: H04L29/06

    CPC分类号: H04L63/08 G06F21/31 G06F2221/2151

    摘要: An authenticated identity propagation and translation technique is provided based on a trust relationship between multiple user identification and authentication services resident on different computing components of a multi-component transaction processing computing environment including distributed and mainframe computing components. The technique includes, in one embodiment, forwarding, in association with transaction requests, identified and authenticated user identification and authentication information from a distributed component to a mainframe component, facilitating the selection of the appropriate mainframe user identity with which to execute the mainframe portion of the transaction, and creating the appropriate run-time security context.

    摘要翻译: 基于多个用户识别和驻留在包括分布式和大型计算组件的多组件事务处理计算环境的不同计算组件的认证服务之间的信任关系来提供认证身份传播和翻译技术。 在一个实施例中,该技术包括与事务请求相关联地将已识别和认证的用户标识和认证信息从分布式组件转发到主机组件,便于选择适当的主机用户身份,用于执行主机部分的主机部分 事务,并创建适当的运行时安全上下文。

    High-Frequency Entropy Extraction From Timing Jitter
    4.
    发明申请
    High-Frequency Entropy Extraction From Timing Jitter 审中-公开
    定时抖动的高频熵提取

    公开(公告)号:US20110144969A1

    公开(公告)日:2011-06-16

    申请号:US12635830

    申请日:2009-12-11

    申请人: John C. Dayka Tamas Visegrady

    发明人: John C. Dayka Tamas Visegrady

    IPC分类号: G06F17/50 G06F7/58

    CPC分类号: G06G7/12 G06F7/588

    摘要: A method for creating entropy in a virtualized computing environment includes waking one or more samplers, each sampler having a sampling frequency; sampling a sample source with each of the one or more samplers; placing each of the samplers in an inactive state when not sampling; determining a difference between an expected value and a sampled value at each sampler; and providing a function of the difference from each of the one or more samplers to an aggregator.

    摘要翻译: 用于在虚拟化计算环境中创建熵的方法包括唤醒一个或多个采样器,每个采样器具有采样频率; 用一个或多个采样器中的每一个采样样品源; 当不采样时,将每个采样器置于非活动状态; 确定每个采样器的期望值和采样值之间的差; 并且向所述聚合器提供与所述一个或多个采样器中的每一个的差异的功能。

    Password exposure elimination for digital signature coupling with a host identity
    6.
    发明授权
    Password exposure elimination for digital signature coupling with a host identity 有权

    公开(公告)号:US07143285B2

    公开(公告)日:2006-11-28

    申请号:US09862797

    申请日:2001-05-22

    申请人: Thomas L. Gindin Messaoud Benantar James W. Sweeny John C. Dayka

    发明人: Thomas L. Gindin Messaoud Benantar James W. Sweeny John C. Dayka

    IPC分类号: H04L9/00

    CPC分类号: G06F21/33

    摘要: A method for creating a proof of possession confirmation for inclusion by a certification authority into a digital certificate, the digital certificate for use by an end user, is disclosed. In an exemplary embodiment of the invention, the method includes receiving from the certification authority, in response to a certificate request by the end user, a plurality of data fields corresponding to a target host system, the end user, and a form of proof of identity possession by the end user. The content of the plurality of data fields is analyzed and the accuracy thereof is verified. If the plurality of data fields is verified as accurate, then a signed object is sent to the certification authority, the signed object comprising the proof of possession confirmation.

    SECURE TRANSPORT OF DOMAIN-SPECIFIC CRYPTOGRAPHIC STRUCTURES OVER GENERAL PURPOSE APPLICATION PROGRAM INTERFACES
    7.
    发明申请
    SECURE TRANSPORT OF DOMAIN-SPECIFIC CRYPTOGRAPHIC STRUCTURES OVER GENERAL PURPOSE APPLICATION PROGRAM INTERFACES 审中-公开
    通用应用程序接口上的特定格式结构的安全运输

    公开(公告)号:US20120177202A1

    公开(公告)日:2012-07-12

    申请号:US12986517

    申请日:2011-01-07

    申请人: John C. Dayka Michael J. Jordan Tamas Visegrady

    发明人: John C. Dayka Michael J. Jordan Tamas Visegrady

    IPC分类号: H04L9/08

    CPC分类号: H04L9/08 H04L9/0822 H04L9/0827 H04L9/088

    摘要: A method of distributing cryptographic keys includes determining functional keys of domain-specific cryptographic service provider (DCSP); providing the functional keys to a fused cryptographic API (FCAPI) provided on a first computing device; encoding the functional keys with key encoding keys to produced encoded keys, the encoded keys including wrap or unwrap restrictions; receiving the encoded keys at a second computing device; unwrapping each encoded key until a first functional key is discovered, the first functional key having not including a wrap template; and providing the first functional key to the DCSP on at the computing device.

    摘要翻译: 分发加密密钥的方法包括:确定域专用加密服务提供商(DCSP)的功能密钥; 向在第一计算设备上提供的融合加密API(FCAPI)提供功能密钥; 使用密钥编码密钥对功能密钥进行编码以产生编码密钥,编码的密钥包括卷积或展开限制; 在第二计算设备处接收所述编码密钥; 展开每个编码的密钥,直到发现第一功能密钥,所述第一功能密钥不包括包装模板; 以及在计算设备上向DCSP提供第一功能密钥。

    Method and Apparatus for Transitive Program Verification
    8.
    发明申请
    Method and Apparatus for Transitive Program Verification 有权
    传递程序验证的方法和装置

    公开(公告)号:US20100037065A1

    公开(公告)日:2010-02-11

    申请号:US12186198

    申请日:2008-08-05

    申请人: John C. Dayka Walter Barlett Farrell Richard Henry Guski James W. Sweeny

    发明人: John C. Dayka Walter Barlett Farrell Richard Henry Guski James W. Sweeny

    IPC分类号: G06F11/30

    CPC分类号: G06F21/445 G06F21/57

    摘要: A method, apparatus and program storage device for program verification in an information handling system in which an application program runs on an operating system having a signature verification function for verifying a digital signature of the application program. Upon loading of the application program, the signature verification function of the operating system verifies the digital signature of the application program and, if the digital signature is verified, initiates execution of the application program. Upon initiation of execution of the application program, a verification testing function associated with the application program tests the signature verification function of the operating system by presenting to it a sequence of test digital signatures in a specified pattern of true and false signatures. If its test of the signature verification function of the operating system is successful, the application program initiates normal execution. Otherwise, the application program terminates without initiating normal execution.

    摘要翻译: 一种在信息处理系统中用于程序验证的方法,装置和程序存储装置,其中应用程序在具有用于验证应用程序的数字签名的签名验证功能的操作系统上运行。 在加载应用程序时,操作系统的签名验证功能验证应用程序的数字签名,并且如果数字签名被验证,则启动应用程序的执行。 在开始执行应用程序时,与应用程序相关联的验证测试功能通过向其呈现指定的真假签名模式的测试数字签名序列来测试操作系统的签名验证功能。 如果对操作系统的签名验证功能的测试成功,应用程序启动正常执行。 否则,应用程序终止而不启动正常执行。

    Encrypted Tape Access Control via Challenge-Response Protocol
    9.
    发明申请
    Encrypted Tape Access Control via Challenge-Response Protocol 有权
    通过挑战响应协议加密磁带访问控制

    公开(公告)号:US20080123863A1

    公开(公告)日:2008-05-29

    申请号:US11557776

    申请日:2006-11-08

    申请人: STEVEN A. BADE John C. Dayka Glen Alan Jaquette Richard Henry Guski

    发明人: STEVEN A. BADE John C. Dayka Glen Alan Jaquette Richard Henry Guski

    IPC分类号: H04L9/08 H04L9/30

    CPC分类号: G06F21/6209 G06F2221/2107

    摘要: Access to encrypted data on a removable computer media such as a computer tape is controlled via a uniquely-structured header on the medium having a symmetrical key wrapped by asymmetrical encryption plus a public key associated with the asymmetrical encryption. The data on the medium is encrypted using the symmetrical key. Prior to automated reading of the data by a reader, a challenge is issued to a host system including the public key and preferably a nonce value. The host responds by signing the nonce using a private key associated with the public key in order to prove it has rights to decrypt the data. The symmetrical key is unwrapped using the private key, and finally the unwrapped symmetrical key is used to decrypt the data on the medium, thereby allowing automated reading of the tape data without the need or risk of two administrators sharing a symmetrical key value.

    摘要翻译: 在诸如计算机磁带的可移动计算机介质上的加密数据的访问通过介质上的唯一结构化的报头来控制,所述报头具有由非对称加密以及与非对称加密相关联的公钥所包围的对称密钥。 介质上的数据使用对称密钥进行加密。 在读取器自动读取数据之前,向包括公开密钥的主机系统发出挑战,并且优选地是随机数值。 主机通过使用与公钥相关联的私有密钥签名该随机数来进行响应,以证明其具有解密数据的权限。 使用私钥解密对称密钥,最后使用解开的对称密钥来解密介质上的数据,从而允许自动读取磁带数据,而无需两个管理员共享对称密钥值的风险。

    Scalable, highly available, dynamically reconfigurable cryptographic provider with quality-of-service control built from commodity backend providers
    10.
    发明授权
    Scalable, highly available, dynamically reconfigurable cryptographic provider with quality-of-service control built from commodity backend providers 有权
    可扩展的,高可用性的动态可重配置加密提供商,具有从商品后端提供商构建的服务质量控制

    公开(公告)号:US09251337B2

    公开(公告)日:2016-02-02

    申请号:US13095471

    申请日:2011-04-27

    申请人: John C. Dayka Michael J. Jordan James W. Sweeny Tamas Visegrady

    发明人: John C. Dayka Michael J. Jordan James W. Sweeny Tamas Visegrady

    IPC分类号: G06F9/46 G06F21/53

    CPC分类号: G06F21/53

    摘要: A system for remapping subsets of host-centric application programming interfaces to commodity service providers includes a processor configured to receive a commodity service providers object, embed the commodity service providers object with a handle, transform the handle into a serialized object readable by a hardware security module, generate a virtualized handle from the transformed handle, select a target hardware security module based on characteristics of the serialized object and map the virtualized handle to the target hardware security module.

    摘要翻译: 用于将以主机为中心的应用编程接口的子集重新映射到商品服务提供商的系统包括被配置为接收商品服务提供商对象的处理器,用手柄嵌入商品服务提供商对象,将该句柄转换成硬件安全性可读的串行化对象 模块,从变换的句柄生成虚拟化句柄,根据序列化对象的特征选择目标硬件安全模块,并将虚拟化句柄映射到目标硬件安全模块。