System and method for updating user identifiers (IDs)
    1.
    发明授权
    System and method for updating user identifiers (IDs) 有权
    用于更新用户标识符(ID)的系统和方法

    公开(公告)号:US08522305B2

    公开(公告)日:2013-08-27

    申请号:US11720775

    申请日:2005-10-25

    IPC分类号: G06F17/00 H04L29/06

    摘要: Provided are a system and method for updating a user identifier (ID). The user ID updating method includes: (a) collecting unauthorized access attempt information for a user ID; (b) creating a user ID update policy for an encoded user ID obtained by encoding the user ID, according to the unauthorized access attempt information collected in operation (a); (c) storing the user ID update policy created in operation (b); (d) loading the user ID update policy stored in operation (c) and determining whether or not to update the user ID; and (e) creating a new user ID if it is determined in operation (d) that the user ID should be updated, and changing the user ID to the new user ID. Therefore, it is possible to ensure security for user IDs, by dynamically creating and updating user IDs according to security environments.

    摘要翻译: 提供了一种用于更新用户标识符(ID)的系统和方法。 用户ID更新方法包括:(a)收集用户ID的未经授权的访问尝试信息; (b)根据在操作(a)中收集的未经授权的访问尝试信息,创建通过对用户ID进行编码而获得的编码用户ID的用户ID更新策略; (c)存储在操作(b)中创建的用户ID更新策略; (d)加载存储在操作(c)中的用户ID更新策略,并确定是否更新用户ID; 以及(e)如果在操作(d)中确定应该更新用户ID并且将用户ID改变为新的用户ID,则创建新的用户ID。 因此,可以通过根据安全环境动态创建和更新用户ID来确保用户ID的安全性。

    SYSTEM AND METHOD FOR UPDATING USER IDENTIFIERS (IDs)
    2.
    发明申请
    SYSTEM AND METHOD FOR UPDATING USER IDENTIFIERS (IDs) 有权
    用于更新用户标识符(ID)的系统和方法

    公开(公告)号:US20090235326A1

    公开(公告)日:2009-09-17

    申请号:US11720775

    申请日:2006-06-15

    IPC分类号: H04L9/32

    摘要: Provided are a system and method for updating a user identifier (ID). The user ID updating method includes: (a) collecting unauthorized access attempt information for a user ID; (b) creating a user ID update policy for an encoded user ID obtained by encoding the user ID, according to the unauthorized access attempt information collected in operation (a); (c) storing the user ID update policy created in operation (b); (d) loading the user ID update policy stored in operation (c) and determining whether or not to update the user ID; and (e) creating a new user ID if it is determined in operation (d) that the user ID should be updated, and changing the user ID to the new user ID. Therefore, it is possible to ensure security for user IDs, by dynamically creating and updating user IDs according to security environments.

    摘要翻译: 提供了一种用于更新用户标识符(ID)的系统和方法。 用户ID更新方法包括:(a)收集用户ID的未经授权的访问尝试信息; (b)根据在操作(a)中收集的未经授权的访问尝试信息,创建通过对用户ID进行编码而获得的编码用户ID的用户ID更新策略; (c)存储在操作(b)中创建的用户ID更新策略; (d)加载存储在操作(c)中的用户ID更新策略,并确定是否更新用户ID; 以及(e)如果在操作(d)中确定应该更新用户ID并且将用户ID改变为新的用户ID,则创建新的用户ID。 因此,可以通过根据安全环境动态创建和更新用户ID来确保用户ID的安全性。

    Method and System for Transmitting and Receiving User's Personal Information Using Agent
    3.
    发明申请
    Method and System for Transmitting and Receiving User's Personal Information Using Agent 有权
    使用代理发送和接收用户个人信息的方法和系统

    公开(公告)号:US20080294896A1

    公开(公告)日:2008-11-27

    申请号:US12097179

    申请日:2006-12-06

    IPC分类号: H04L9/06

    CPC分类号: G06F21/51 G06F21/6245

    摘要: A method and system for transmitting and receiving user's personal information using an agent are provided. An information management server managing user's personal information provides an agent including user's personal information in response to a user's personal information request message from a client. A client receives the agent and requests user's personal information from the agent. Then, the agent determines whether the client is authorized and provides the user's personal information to the client when it is determined that the client is authorized. Accordingly, the user's personal information is safely managed and transmitted.

    摘要翻译: 提供了一种使用代理发送和接收用户个人信息的方法和系统。 管理用户个人信息的信息管理服务器响应于来自客户端的用户的个人信息请求消息提供包括用户个人信息的代理。 客户端接收代理并从代理请求用户的个人信息。 然后,当确定客户端被授权时,代理确定客户端是否被授权并且向客户端提供用户的个人信息。 因此,用户的个人信息被安全地管理和发送。

    Transactions Certification Method And System To Protect Privacy On Details Of Electronic Transactions
    4.
    发明申请
    Transactions Certification Method And System To Protect Privacy On Details Of Electronic Transactions 审中-公开
    交易认证方法和系统保护电子交易详情

    公开(公告)号:US20080134346A1

    公开(公告)日:2008-06-05

    申请号:US11573175

    申请日:2004-12-13

    IPC分类号: G06F7/04

    摘要: Provided are a transactions certification method and system to protect privacy on details of electronic transactions, the method comprising the operations of: a) receiving and registering client information which is encoded so that a client cannot be identified; b) receiving and storing transactions details of a client including a client transactions identifier encoded by the service provider server; c) after receiving client certification information for client certification, performing client certification by comparing the client information previously registered in the operation a) with the received client certification information; d) receiving a client transactions identifier for searching transactions details of a client when the client certification is performed in the operation c), and determining whether the client transactions identifier and the client transactions identifier previously stored in the operation b) are identical with each other; and c) generating a message corresponding to the transactions details of the client and sending the generated message to the client when it is determined that the client transactions identifiers are identical with each other in the operation d). Accordingly, the transactions details can be managed while protecting privacy on the transactions details of the client.

    摘要翻译: 提供了一种交易认证方法和系统,以保护电子交易细节上的隐私,该方法包括以下操作:a)接收和注册被编码以便客户端不能被识别的客户端信息; b)接收和存储包括由服务提供商服务器编码的客户端交易标识符的客户端的交易细节; c)在收到客户认证信息后,通过比较先前在操作a)中注册的客户信息与接收的客户端认证信息进行客户端认证; d)当在操作c)中执行客户端认证时,接收用于搜索客户端的事务细节的客户端事务标识符,并且确定先前存储在操作b)中的客户端事务标识符和客户端事务标识符是否彼此相同 ; 以及c)当在所述操作d)中确定所述客户端事务标识符彼此相同时,生成与所述客户端的事务细节相对应的消息并将所生成的消息发送到所述客户端。 因此,可以管理交易细节,同时保护客户端的交易细节上的隐私。

    Method and system for transmitting and receiving user's personal information using agent
    6.
    发明授权
    Method and system for transmitting and receiving user's personal information using agent 有权
    使用代理人发送和接收用户个人信息的方法和系统

    公开(公告)号:US08769276B2

    公开(公告)日:2014-07-01

    申请号:US12097179

    申请日:2006-12-06

    IPC分类号: H04L9/32

    CPC分类号: G06F21/51 G06F21/6245

    摘要: A method and system for transmitting and receiving user's personal information using an agent are provided. An information management server managing user's personal information provides an agent including user's personal information in response to a user's personal information request message from a client. A client receives the agent and requests user's personal information from the agent. Then, the agent determines whether the client is authorized and provides the user's personal information to the client when it is determined that the client is authorized. Accordingly, the user's personal information is safely managed and transmitted.

    摘要翻译: 提供了一种使用代理发送和接收用户个人信息的方法和系统。 管理用户个人信息的信息管理服务器响应于来自客户端的用户的个人信息请求消息提供包括用户个人信息的代理。 客户端接收代理并从代理请求用户的个人信息。 然后,当确定客户端被授权时,代理确定客户端是否被授权并且向客户端提供用户的个人信息。 因此,用户的个人信息被安全地管理和发送。

    Server and system for transmitting certificate stored in fixed terminal to mobile terminal and method using the same
    7.
    发明授权
    Server and system for transmitting certificate stored in fixed terminal to mobile terminal and method using the same 失效
    用于将存储在固定终端中的证书发送到移动终端的服务器和系统及其使用方法

    公开(公告)号:US08032753B2

    公开(公告)日:2011-10-04

    申请号:US11934620

    申请日:2007-11-02

    IPC分类号: G06F21/00 H04L9/32 H04K1/00

    CPC分类号: H04L9/3263 H04L2209/80

    摘要: Provided is a certificate transmission server transmitting a certificate stored in a fixed terminal to a mobile terminal, a system including the same, and a method using the same. The method includes forming a security channel to the mobile terminal and performing authentication of the mobile terminal, forming a security channel to the fixed terminal and performing authentication of the fixed terminal, and if the authentication of the mobile terminal and the fixed terminal is successful, receiving the certificate from the fixed terminal and transmitting the certificate to the mobile terminal. Accordingly, authentication of a mobile terminal and a fixed terminal can be performed by a certificate transmission server, and the certificate can be transmitted by establishing a safe communication channel.

    摘要翻译: 提供了将存储在固定终端中的证书发送到移动终端的证书传输服务器,包括其的系统以及使用该证书的方法。 该方法包括:向移动终端形成安全信道,执行移动终端的认证,形成到固定终端的安全信道,并进行固定终端的认证;如果移动终端和固定终端的认证成功, 从固定终端接收证书,并将证书发送到移动终端。 因此,可以由证书发送服务器执行移动终端和固定终端的认证,并且可以通过建立安全通信信道来发送证书。

    Apparatus and Method for Issuing Certificate with User's Consent
    8.
    发明申请
    Apparatus and Method for Issuing Certificate with User's Consent 审中-公开
    用户同意签发证书的设备和方法

    公开(公告)号:US20100287180A1

    公开(公告)日:2010-11-11

    申请号:US12280230

    申请日:2006-12-08

    IPC分类号: G06F17/30

    CPC分类号: H04L63/062

    摘要: Provided is an apparatus and method for issuing a certificate by receiving in real-time a user's consent in an online or offline environment. The apparatus includes: a database unit storing and managing a list of certificates requiring a user's consent and personal information containing the identity and a contact point of the user of the certificates; a determiner, when issuance of a certificate is requested, receiving identity information of an applicant and determining whether the certificate requested by the applicant is listed in the certificate list stored in the database unit; and a consent inquiry unit, when the requested certificate is listed in the certificate list, transmitting the identity information of the applicant and the name of the certificate to a contact point of the user of the certificate, which is stored in the database unit, and inquiring whether the user consents to the certificate issuance.

    摘要翻译: 提供了一种通过在线或离线环境实时接收用户的同意来发布证书的装置和方法。 该装置包括:数据库单元,存储和管理需要用户同意的证书列表以及包含证书的用户的身份和联系点的个人信息; 确定者,当请求颁发证书时,接收申请人的身份信息并确定申请人请求的证书是否列在存储在数据库单元中的证书列表中; 以及同意查询单元,当所请求的证书列在证书列表中时,将申请人的身份信息和证书的名称发送到存储在数据库单元中的证书的用户的联络点,以及 询问用户是否同意证书颁发。

    SERVER AND SYSTEM FOR TRANSMITTING CERTIFICATE STORED IN FIXED TERMINAL TO MOBILE TERMINATED AND METHOD USING THE SAME
    9.
    发明申请
    SERVER AND SYSTEM FOR TRANSMITTING CERTIFICATE STORED IN FIXED TERMINAL TO MOBILE TERMINATED AND METHOD USING THE SAME 失效
    用于将固定终端中存储的证书发送到移动终端的服务器和系统以及使用该终端的方法

    公开(公告)号:US20080126797A1

    公开(公告)日:2008-05-29

    申请号:US11934620

    申请日:2007-11-02

    IPC分类号: H04L9/00

    CPC分类号: H04L9/3263 H04L2209/80

    摘要: Provided is a certificate transmission server transmitting a certificate stored in a fixed terminal to a mobile terminal, a system including the same, and a method using the same. The method includes forming a security channel to the mobile terminal and performing authentication of the mobile terminal, forming a security channel to the fixed terminal and performing authentication of the fixed terminal, and if the authentication of the mobile terminal and the fixed terminal is successful, receiving the certificate from the fixed terminal and transmitting the certificate to the mobile terminal. Accordingly, authentication of a mobile terminal and a fixed terminal can be performed by a certificate transmission server, and the certificate can be transmitted by establishing a safe communication channel.

    摘要翻译: 提供了将存储在固定终端中的证书发送到移动终端的证书传输服务器,包括其的系统以及使用该证书的方法。 该方法包括:向移动终端形成安全信道,执行移动终端的认证,形成到固定终端的安全信道,并进行固定终端的认证;如果移动终端和固定终端的认证成功, 从固定终端接收证书,并将证书发送到移动终端。 因此,可以由证书发送服务器执行移动终端和固定终端的认证,并且可以通过建立安全通信信道来发送证书。

    Key tree construction and key distribution method for hierarchical role-based access control
    10.
    发明授权
    Key tree construction and key distribution method for hierarchical role-based access control 有权
    基于层次化角色访问控制的密钥树构建和密钥分发方法

    公开(公告)号:US08447037B2

    公开(公告)日:2013-05-21

    申请号:US12786811

    申请日:2010-05-25

    CPC分类号: H04L9/0836

    摘要: A key tree construction and key distribution method for hierarchical role-based access control, includes: constructing a key tree including relationships between a hierarchical structure of role groups and data; performing encryption and decryption of data keys and role keys; and generating a key table, in which the data keys required to decrypt encrypted data and the role keys required to decrypt encrypted data keys are stored, with reference to the key tree. Further, the key tree construction and key distribution method for hierarchical role-based access control includes performing management such that a specific role group can obtain a data key by performing decryption based on its own role key by using both the key tree and the key table.

    摘要翻译: 层次化角色访问控制的关键树结构和密钥分配方法,包括:构建一个包括角色组和数据层次结构之间关系的密钥树; 执行数据密钥和角色密钥的加密和解密; 并且生成密钥表,其中参照密钥树存储解密加密数据所需的数据密钥和解密加密数据密钥所需的角色密钥。 此外,层次化的基于角色的访问控制的密钥树构造和密钥分发方法包括执行管理,使得特定角色组可以通过使用密钥树和密钥表两者通过基于其自己的角色密钥执行解密来获得数据密钥 。