公开(公告)号：US6061671A

公开(公告)日：2000-05-09

申请号：US62058

申请日：1998-04-17

申请人： Walter J. Baker ,  Robert A. Cordery ,  Joseph L. Gargiulo ,  Richard W. Heiden ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr.

发明人： Walter J. Baker ,  Robert A. Cordery ,  Joseph L. Gargiulo ,  Richard W. Heiden ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr.

IPC分类号： B65G61/00 ,  G06Q20/34 ,  G06Q20/40 ,  G07B17/00 ,  G07F7/10 ,  G07B17/02

CPC分类号： G07F7/1008 ,  G06Q20/341 ,  G06Q20/401 ,  G06Q20/4093 ,  G07B17/0008 ,  G07B17/00193 ,  G07F7/082 ,  G07B2017/00177 ,  G07B2017/00201 ,  G07B2017/00322 ,  G07B2017/0033 ,  G07B2017/00411 ,  G07B2017/0075 ,  G07B2017/00766 ,  G07B2017/00774 ,  G07B2017/00967

摘要： System and method for securely backing up and reliably retrieving vault data in a metering system that includes a host processor operatively coupled to a vault. Whenever a transaction is completed by the vault, the vault cryptographically signs the vault data, including ascending register, descending register and piece count and sends the cryptographically signed vault data to the host processor where it is stored in a data file assigned to the vault. Each storage of the cryptographically signed vault data is indexed to create a historical log of vault transactions. If the vault is lost or damaged so that vault data cannot be retrieved from the vault, the cryptographically signed vault data is retrieved from the host processor data file and verified.

摘要翻译： 用于在计量系统中安全地备份和可靠地检索保管库数据的系统和方法，所述计量系统包括可操作地耦合到保管库的主机处理器。 无论何时通过保管库完成事务，保管库将密码地签署保管库数据，包括升序寄存器，降序寄存器和块数，并将加密签名的保管库数据发送到主机处理器，并将其存储在分配给保管库的数据文件中。 对加密签名的保管库数据的每个存储进行索引，以创建保管库事务的历史日志。 如果保管库丢失或损坏，从而无法从保管库检索保管库数据，则从主处理器数据文件中检索加密签名的保管库数据并进行验证。

公开(公告)号：US5793867A

公开(公告)日：1998-08-11

申请号：US574743

申请日：1995-12-19

申请人： Robert A. Cordery ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Walter J. Baker ,  Joseph Gargiulo ,  Richard W. Heiden

发明人： Robert A. Cordery ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Walter J. Baker ,  Joseph Gargiulo ,  Richard W. Heiden

IPC分类号： B65G61/00 ,  G06Q20/34 ,  G06Q20/40 ,  G07B17/00 ,  G07F7/10 ,  H04K1/00

CPC分类号： G07F7/1008 ,  G06Q20/341 ,  G06Q20/401 ,  G06Q20/4093 ,  G07B17/0008 ,  G07B17/00193 ,  G07F7/082 ,  G07B2017/00177 ,  G07B2017/00201 ,  G07B2017/00322 ,  G07B2017/0033 ,  G07B2017/00411 ,  G07B2017/0075 ,  G07B2017/00766 ,  G07B2017/00774 ,  G07B2017/00967

摘要： System and method for securely backing up and reliably retrieving vault data in a metering system that includes a host processor operatively coupled to a vault. Whenever a transaction is completed by the vault, the vault cryptographically signs the vault data, including ascending register, descending register and piece count and sends the cryptographically signed vault data to the host processor where it is stored in a data file assigned to the vault. Each storage of the cryptographically signed vault data is indexed to create a historical log of vault transactions. If the vault is lost or damaged so that vault data cannot be retrieved from the vault, the cryptographically signed vault data is retrieved from the host processor data file and verified.

公开(公告)号：US5812666A

公开(公告)日：1998-09-22

申请号：US553812

申请日：1995-10-23

申请人： Walter J. Baker ,  Feliks Bator ,  Robert A. Cordery ,  Kevin D. Hunter ,  Kathryn V. Lawton ,  Louis J. Loglisci ,  Steven J. Pauly ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr. ,  Gary M. Heiden

发明人： Walter J. Baker ,  Feliks Bator ,  Robert A. Cordery ,  Kevin D. Hunter ,  Kathryn V. Lawton ,  Louis J. Loglisci ,  Steven J. Pauly ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr. ,  Gary M. Heiden

IPC分类号： G07B17/00 ,  G09C1/00 ,  H04L9/08 ,  H04L9/10 ,  H04L9/06

CPC分类号： H04L9/083 ,  G07B17/00733 ,  H04L9/0825 ,  H04L9/3213 ,  G07B17/0008 ,  G07B2017/00846 ,  G07B2017/00854 ,  G07B2017/00862 ,  G07B2017/0087 ,  G07B2017/00895 ,  G07B2017/00967

摘要： A Key Management System for generating, distributing and managing cryptographic keys used by an information transaction system that employs cryptographic means to produce evidence of information integrity. The system comprises a plurality of functionally distinct secure boxes operatively coupled to each other. Each of the secure boxes performs functions for key generation, key installation, key verification or validation of tokens. Computers, operatively coupled to the secure boxes, provide system control and facilitate communication among the secure boxes. A plurality of separate logical security domains provide domain processes for key generation, key installation, key verification and validation of tokens produced by the transaction evidencing device within the domain using the key management functions. A plurality of domain archives, corresponding respectively to each of the security domains, securely and reliably record key status records and master keys for each domain. The Key Management System installs the master keys in the transaction evidencing device and validates the tokens. The secure boxes include a key generation box for generating, encrypting and signing a master key; a key installation box for receiving, verifying and decrypting the signed master key and for installing the master key into the transaction evidencing device; a key verification box for verifying the installation of the master key in the transaction evidencing device, a token verification box for verifying the tokens, and at least one manufacturing box for generating domain keys and distributing the domain keys among the secure boxes for each of the domains.

摘要翻译： 一种密钥管理系统，用于生成，分发和管理信息交易系统使用的加密密钥，该信息交易系统采用加密手段来产生信息完整性的证据。 该系统包括可操作地彼此耦合的多个功能不同的安全盒。 每个安全盒都执行密钥生成，密钥安装，密钥验证或令牌验证的功能。 可操作地耦合到安全盒的计算机提供系统控制并促进安全盒之间的通信。 多个单独的逻辑安全域提供用于密钥生成，密钥安装，密钥验证和使用密钥管理功能由域内的交易证明设备产生的令牌的验证的域过程。 分别对应于每个安全域的多个域归档安全可靠地记录每个域的密钥状态记录和主密钥。 密钥管理系统将主密钥安装在事务证明设备中，并验证令牌。 安全盒包括用于生成，加密和签名主密钥的密钥生成盒; 用于接收，验证和解密签名的主密钥并将主密钥安装到交易证明设备中的密钥安装箱; 用于验证主密钥在交易证明设备中的安装的关键验证框，用于验证令牌的令牌验证盒，以及用于生成域密钥的至少一个制造盒，以及在每个的安全盒中分配域密钥 域名

公开(公告)号：US07539648B1

公开(公告)日：2009-05-26

申请号：US09650177

申请日：2000-08-29

申请人： Robert A. Cordery ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

发明人： Robert A. Cordery ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

IPC分类号： H04K1/00 ,  H04L9/00

CPC分类号： G07B17/00733 ,  G06F7/725 ,  G06Q20/382 ,  G06Q20/3821 ,  G06Q30/0283 ,  G07B17/00362 ,  G07B2017/00096 ,  G07B2017/00161 ,  G07B2017/00395 ,  G07B2017/00427 ,  G07B2017/00758 ,  G07B2017/00766 ,  G07B2017/00782 ,  G07B2017/00806 ,  G07B2017/0083 ,  G07B2017/00854 ,  G07B2017/00927 ,  H04L9/3213 ,  H04L9/3268 ,  H04L2209/56

摘要： A system and method include means for processing a cryptographic certificate adapted to provide security functionality. A register means is provided and means for adjusting the register means to account for services when the cryptographic certificate is processed. In accordance with another aspect, a system and method include a register means for storing funds. Means are provided for processing a digital token providing proof of postage payment and means are also provided for processing a cryptographic certificate adapted to provide security functionality. Means debit funds stored in the register means when the digital token is processed and when the cryptographic certificate is processed. Processing the cryptographic certificate may involve many functions such as providing security services and/or certificate management functions (including generating and verifying cryptographic certificates) and/or key management functions and/or access to any needed private keys to perform security services. Processing the digital token may include generating the digital token or issuing the digital token.

摘要翻译： 系统和方法包括用于处理适于提供安全功能的加密证书的装置。 提供了一种寄存器装置和用于调整寄存器装置以在处理加密证书时考虑服务的装置。 根据另一方面，系统和方法包括用于存储资金的寄存器装置。 提供了用于处理提供邮资支付证明的数字令牌的手段，还提供了用于处理适于提供安全功能的加密证书的手段。 存储在寄存器中的借方资金意味着处理数字令牌和处理密码证书时。 处理加密证书可能涉及许多功能，例如提供安全服务和/或证书管理功能（包括生成和验证加密证书）和/或密钥管理功能和/或访问任何所需的私钥以执行安全服务。 处理数字令牌可以包括生成数字令牌或发出数字令牌。

公开(公告)号：US6134328A

公开(公告)日：2000-10-17

申请号：US133706

申请日：1998-08-13

申请人： Robert A. Cordery ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

发明人： Robert A. Cordery ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

IPC分类号： G06F7/72 ,  G06Q20/38 ,  G06Q30/02 ,  G07B17/00 ,  G07F7/02 ,  G07F19/00 ,  H04L9/32 ,  H04L9/00 ,  H04L9/30

CPC分类号： G07B17/00733 ,  G06Q20/382 ,  G06Q20/3821 ,  G06Q30/0283 ,  G07B17/00362 ,  H04L9/3213 ,  H04L9/3268 ,  G06F7/725 ,  G07B2017/00096 ,  G07B2017/00161 ,  G07B2017/00395 ,  G07B2017/00427 ,  G07B2017/00758 ,  G07B2017/00766 ,  G07B2017/00782 ,  G07B2017/00806 ,  G07B2017/0083 ,  G07B2017/00854 ,  G07B2017/00927 ,  H04L2209/56

摘要： A system and method include means for processing a cryptographic certificate adapted to provide security functionality. A register means is provided and means for adjusting the register means to account for services when the cryptographic certificate is processed. In accordance with anther aspect, a system and method include a register means for storing funds. Means are provided for processing a digital token providing proof of postage payment and means are also provided for processing a cryptographic certificate adapted to provide security functionality. Means debit funds stored in the register means when the digital token is processed and when the cryptographic certificate is processed. Processing the cryptographic certificate may involve many functions such as providing security services and/or certificate management functions (including generating and verifying cryptographic certificates) and/or key management functions and/or access to any needed private keys to perform security services. Processing the digital token may include generating the digital token or issuing the digital token.

摘要翻译： 系统和方法包括用于处理适于提供安全功能的加密证书的装置。 提供了一种寄存器装置和用于调整寄存器装置以在处理加密证书时考虑服务的装置。 根据其他方面，系统和方法包括用于存储资金的寄存器装置。 提供了用于处理提供邮资支付证明的数字令牌的手段，还提供了用于处理适于提供安全功能的加密证书的手段。 存储在寄存器中的借方资金意味着处理数字令牌和处理密码证书时。 处理加密证书可能涉及许多功能，例如提供安全服务和/或证书管理功能（包括生成和验证加密证书）和/或密钥管理功能和/或访问任何所需的私钥以执行安全服务。 处理数字令牌可以包括生成数字令牌或发出数字令牌。

公开(公告)号：US06985888B1

公开(公告)日：2006-01-10

申请号：US09650174

申请日：2000-08-29

申请人： Robert A. Cordery ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

发明人： Robert A. Cordery ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

IPC分类号： G06F17/60

CPC分类号： G07B17/00733 ,  G06F7/725 ,  G06Q20/382 ,  G06Q30/018 ,  G06Q30/0283 ,  G07B17/00362 ,  G07B2017/00096 ,  G07B2017/00161 ,  G07B2017/00395 ,  G07B2017/00427 ,  G07B2017/00758 ,  G07B2017/00766 ,  G07B2017/00782 ,  G07B2017/00806 ,  G07B2017/0083 ,  G07B2017/00854 ,  G07B2017/00927 ,  H04L9/3213 ,  H04L9/3268 ,  H04L2209/56

摘要： A system and method include means for processing a cryptographic certificate adapted to provide security functionality. A register means is provided and means for adjusting the register means to account for services when the cryptographic certificate is processed. In accordance with anther aspect, a system and method include a register means for storing funds. Means are provided for processing a digital token providing proof of postage payment and means are also provided for processing a cryptographic certificate adapted to provide security functionality. Means debit funds stored in the register means when the digital token is processed and when the cryptographic certificate is processed. Processing the cryptographic certificate may involve many functions such as providing security services and/or certificate management functions (including generating and verifying cryptographic certificates) and/or key management functions and/or access to any needed private keys to perform security services. Processing the digital token may include generating the digital token or issuing the digital token.

公开(公告)号：US6151590A

公开(公告)日：2000-11-21

申请号：US575109

申请日：1995-12-19

申请人： Robert A Cordery ,  David K. Lee ,  Steven J. Pauly ,  Leon A Pintsov ,  David W. Riley ,  Frederick W. Ryan, Jr. ,  Monroe A Weiant, Jr.

发明人： Robert A Cordery ,  David K. Lee ,  Steven J. Pauly ,  Leon A Pintsov ,  David W. Riley ,  Frederick W. Ryan, Jr. ,  Monroe A Weiant, Jr.

IPC分类号： G07B17/00 ,  H04L9/00

CPC分类号： G07B17/0008 ,  G07B17/00193 ,  G07B17/00314 ,  G07B2017/00177 ,  G07B2017/00201 ,  G07B2017/00322 ,  G07B2017/0033 ,  G07B2017/00338 ,  G07B2017/00346 ,  G07B2017/00411 ,  G07B2017/00427

摘要： A transaction evidencing system includes a plurality of computer systems operatively configured to form a network with one of the computer systems functioning as a server and the remaining computer systems functioning as clients. Each of the computer systems includes a processor, memory and storage media. At least some of the storage means includes non-metering application programs that are selectively run on the client computer systems. An unsecured printer is operatively coupled to at least one of the computer systems for printing in accordance with the non-metering application programs. A portable vault card, which is removably coupled to the server computer system, includes digital token generation and transaction accounting processing. The client computer systems issue requests for digital tokens to the server computer system in response to requests for indicia from the non-metering application programs. The requests for digital tokens include predetermined information required by the token generation processing. The server computer system communicates with the vault card when the vault card is coupled to the server computer system, sending the requests for digital tokens to the vault card and receiving from the vault card the generated digital tokens. The server computer system sends each digital token to the client computer system that requested the digital token. The requesting client computer system generates an indicia bitmap from the digital token. The server computer system receives from the vault a transaction record that includes the digital token and the predetermined information and stores the transaction record in its storage media.

摘要翻译： 交易证明系统包括多个计算机系统，可操作地配置为形成网络，其中一个计算机系统用作服务器，其余的计算机系统用作客户端。 每个计算机系统包括处理器，存储器和存储介质。 至少一些存储装置包括选择性地在客户端计算机系统上运行的非计量应用程序。 根据非计量应用程序，不安全的打印机可操作地耦合到至少一个计算机系统进行打印。 可拆卸地耦合到服务器计算机系统的便携式存储卡包括数字令牌生成和事务记帐处理。 响应于来自非计费应用程序的标记的请求，客户端计算机系统向服务器计算机系统发出针对数字令牌的请求。 数字令牌的请求包括令牌生成处理所需的预定信息。 当保险库卡耦合到服务器计算机系统时，服务器计算机系统与保管库卡进行通信，向数据库卡发送数字令牌请求并从保管库卡接收生成的数字令牌。 服务器计算机系统将每个数字令牌发送到请求数字令牌的客户端计算机系统。 请求客户端计算机系统从数字令牌生成标记位图。 服务器计算机系统从存储库接收包括数字令牌和预定信息的事务记录，并将交易记录存储在其存储介质中。

公开(公告)号：US06058193A

公开(公告)日：2000-05-02

申请号：US340592

申请日：1999-06-28

申请人： Robert A. Cordery ,  David K. Lee ,  Steven J. Pauly ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

发明人： Robert A. Cordery ,  David K. Lee ,  Steven J. Pauly ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

IPC分类号： G07B17/00 ,  H04L9/00

CPC分类号： G07B17/00733 ,  G07B17/00435 ,  G07B2017/00427 ,  G07B2017/00443 ,  G07B2017/0075 ,  G07B2017/0087 ,  G07B2017/00879 ,  G07B2017/00887 ,  G07B2017/00919

摘要： A method for controlling keys used in the verification of encoded information generated by a transaction evidencing device and printed on a document comprises the steps of generating a plurality of random verifier master keys to obtain a set of verifier master keys consisting of a fixed number of keys; generating at least one pointer by applying a psuedorandom algorithm to data unique to the transaction evidencing device; calculating a plurality of verifier token keys to obtain a verifier token key set corresponding to the set of verifier master keys; encrypting the verifier token key set with a privacy key; and distributing the set verifier token keys and the privacy key to verifiers. The token keys are a function of the verifier master keys and a code valid for a limited time. The pointer algorithm is an appropriate symmetric key cryptographic algorithm and the code is function of a date dependent parameter. The master keys are distributed to postal and vendor data centers.

摘要翻译： 一种用于控制用于验证由交易证明设备产生并被打印在文档上的编码信息的密钥的方法包括以下步骤：生成多个随机验证器主密钥以获得由固定数量的密钥组成的一组验证者主密钥 ; 通过对所述交易证明设备唯一的数据应用伪随机算法来生成至少一个指针; 计算多个验证者令牌密钥以获得与所述验证者主密钥集合相对应的验证者令牌密钥集; 用隐私密钥加密验证者令牌密钥集; 并将设置的验证者令牌密钥和隐私密钥分发给验证者。 令牌密钥是验证者主密钥和有限时间内有效的代码的函数。 指针算法是适当的对称密钥加密算法，代码是日期相关参数的函数。 主密钥分发给邮政和供应商数据中心。

公开(公告)号：US07080044B1

公开(公告)日：2006-07-18

申请号：US09690285

申请日：2000-10-17

申请人： Robert A Cordery ,  David K. Lee ,  Steven J. Pauly ,  Leon A Pintsov ,  David W. Riley ,  Frederick W. Ryan, Jr. ,  Monroe A Weiant, Jr.

发明人： Robert A Cordery ,  David K. Lee ,  Steven J. Pauly ,  Leon A Pintsov ,  David W. Riley ,  Frederick W. Ryan, Jr. ,  Monroe A Weiant, Jr.

IPC分类号： G07B17/60

CPC分类号： G07B17/00314 ,  G07B17/0008 ,  G07B17/00193 ,  G07B2017/00177 ,  G07B2017/00201 ,  G07B2017/00322 ,  G07B2017/0033 ,  G07B2017/00338 ,  G07B2017/00346 ,  G07B2017/00411 ,  G07B2017/00427

摘要： A transaction evidencing system includes a personal computer (PC) comprising a processor, memory and hard drive, with a plurality of non-metering application programs that selectively run on the PC. An unsecured printer is operatively coupled to the PC for printing in accordance with the non-metering application programs. A portable vault card that is removably coupled to the PC is programmed to generate tokens generation and perform transaction accounting. An application interface module in the PC, which interfaces with the non-metering application programs, issues a request for digital tokens in response to requests for indicia from a non-metering application program. A secure communications module in the PC, which securely communicates with the vault card when the vault card is coupled to the PC, sends the request for digital token to the vault card and receives a digital token generated by the vault card. An indicia bitmap generation module generates an indicia bitmap in the PC from the digital token and stores it in memory. The indicia bitmap is accessed by the non-metering application program when a print indicia operation is selected. A transaction capture module in the PC stores on the hard drive a transaction record corresponding to each issued digital token and associated postal data. The application interface module, the secure communications module, the indicia bitmap generation module and the transaction capture module are part of a dynamic link library module in the PC.

公开(公告)号：US06865557B1

公开(公告)日：2005-03-08

申请号：US09452404

申请日：1999-12-01

申请人： Robert A Cordery ,  David K. Lee ,  Steven J. Pauly ,  Leon A Pintsov ,  David W. Riley ,  Frederick W. Ryan, Jr. ,  Monroe A Weiant, Jr.

发明人： Robert A Cordery ,  David K. Lee ,  Steven J. Pauly ,  Leon A Pintsov ,  David W. Riley ,  Frederick W. Ryan, Jr. ,  Monroe A Weiant, Jr.

IPC分类号： G07B17/00 ,  G06F17/60

CPC分类号： G07B17/0008 ,  G07B17/00193 ,  G07B17/00314 ,  G07B2017/00177 ,  G07B2017/00201 ,  G07B2017/00322 ,  G07B2017/0033 ,  G07B2017/00338 ,  G07B2017/00346 ,  G07B2017/00411 ,  G07B2017/00427

摘要： A transaction evidencing system includes a plurality of computer systems operatively configured to form a network with one of the computer systems functioning as a server and the remaining computer systems functioning as clients. Each of the computer systems includes a processor, memory and storage media. At least some of the storage means includes non-metering application programs that are selectively run on the client computer systems. An unsecured printer is operatively coupled to at least one of the computer systems for printing in accordance with the non-metering application programs. A portable vault card, which is removably coupled to the server computer system, includes digital token generation and transaction accounting processing. The client computer systems issue requests for digital tokens to the server computer system in response to requests for indicia from the non-metering application programs. The requests for digital tokens include predetermined information required by the token generation processing. The server computer system communicates with the vault card when the vault card is coupled to the server computer system, sending the requests for digital tokens to the vault card and receiving from the vault card the generated digital tokens. The server computer system sends each digital token to the client computer system that requested the digital token. The requesting client computer system generates an indicia bitmap from the digital token. The server computer system receives from the vault a transaction record that includes the digital token and the predetermined information and stores the transaction record in its storage media.

摘要翻译： 交易证明系统包括多个计算机系统，可操作地配置为形成网络，其中一个计算机系统用作服务器，其余的计算机系统用作客户端。 每个计算机系统包括处理器，存储器和存储介质。 至少一些存储装置包括选择性地在客户端计算机系统上运行的非计量应用程序。 根据非计量应用程序，不安全的打印机可操作地耦合到至少一个计算机系统进行打印。 可拆卸地耦合到服务器计算机系统的便携式存储卡包括数字令牌生成和事务记帐处理。 响应于来自非计费应用程序的标记的请求，客户端计算机系统向服务器计算机系统发出针对数字令牌的请求。 数字令牌的请求包括令牌生成处理所需的预定信息。 当保险库卡耦合到服务器计算机系统时，服务器计算机系统与保管库卡进行通信，向数据库卡发送数字令牌请求并从保管库卡接收生成的数字令牌。 服务器计算机系统将每个数字令牌发送到请求数字令牌的客户端计算机系统。 请求客户端计算机系统从数字令牌生成标记位图。 服务器计算机系统从存储库接收包括数字令牌和预定信息的事务记录，并将交易记录存储在其存储介质中。