公开(公告)号：US20060277406A1

公开(公告)日：2006-12-07

申请号：US11436048

申请日：2006-05-18

申请人： Yoko Hashimoto ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Osamu Takata ,  Kazuyoshi Hoshino ,  Shinji Nakamura

发明人： Yoko Hashimoto ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Osamu Takata ,  Kazuyoshi Hoshino ,  Shinji Nakamura

IPC分类号： H04L9/00

CPC分类号： H04L63/029 ,  H04L9/321 ,  H04L9/3268 ,  H04L9/3273 ,  H04L63/062 ,  H04L63/0823

摘要： In an encryption communication using VPN technologies, a load on a VPN system becomes large if the number of communication terminals increases. When an external terminal accesses via an internal terminal an application server, processes become complicated because it is necessary to perform authentication at VPN and authentication at the application server. A management server is provided for managing external terminals, internal terminals and application servers. The management server authenticates each communication terminal and operates to establish an encryption communication path between communication terminals. Authentication of each terminal by the management server relies upon a validation server. When the external terminal performs encryption communication with the application server via the internal terminal, two encryption communication paths are established and used between the external terminal and internal terminal and between the internal terminal and application server.

摘要翻译： 在使用VPN技术的加密通信中，如果通信终端的数量增加，则VPN系统的负载变大。 当外部终端通过内部终端访问应用服务器时，由于需要在VPN处进行认证并在应用服务器进行认证，所以处理变得复杂。 提供管理服务器，用于管理外部终端，内部终端和应用服务器。 管理服务器对每个通信终端进行认证，并且操作以在通信终端之间建立加密通信路径。 管理服务器对每个终端的认证依赖于验证服务器。 当外部终端通过内部终端与应用服务器进行加密通信时，在外部终端与内部终端之间以及内部终端与应用服务器之间建立并使用两个加密通信路径。

公开(公告)号：US07984290B2

公开(公告)日：2011-07-19

申请号：US11436048

申请日：2006-05-18

申请人： Yoko Hashimoto ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Osamu Takata ,  Kazuyoshi Hoshino ,  Shinji Nakamura

发明人： Yoko Hashimoto ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Osamu Takata ,  Kazuyoshi Hoshino ,  Shinji Nakamura

IPC分类号： H04L29/06

CPC分类号： H04L63/029 ,  H04L9/321 ,  H04L9/3268 ,  H04L9/3273 ,  H04L63/062 ,  H04L63/0823

摘要： In an encryption communication using VPN technologies, a load on a VPN system becomes large if the number of communication terminals increases. When an external terminal accesses via an internal terminal an application server, processes become complicated because it is necessary to perform authentication at VPN and authentication at the application server. A management server is provided for managing external terminals, internal terminals and application servers. The management server authenticates each communication terminal and operates to establish an encryption communication path between communication terminals. Authentication of each terminal by the management server relies upon a validation server. When the external terminal performs encryption communication with the application server via the internal terminal, two encryption communication paths are established and used between the external terminal and internal terminal and between the internal terminal and application server.

摘要翻译： 在使用VPN技术的加密通信中，如果通信终端的数量增加，则VPN系统的负载变大。 当外部终端通过内部终端访问应用服务器时，由于需要在VPN处进行认证并在应用服务器进行认证，所以处理变得复杂。 提供管理服务器，用于管理外部终端，内部终端和应用服务器。 管理服务器对每个通信终端进行认证，并且操作以在通信终端之间建立加密通信路径。 管理服务器对每个终端的认证依赖于验证服务器。 当外部终端通过内部终端与应用服务器进行加密通信时，在外部终端与内部终端之间以及内部终端与应用服务器之间建立并使用两个加密通信路径。

公开(公告)号：US08019996B2

公开(公告)日：2011-09-13

申请号：US11907260

申请日：2007-10-10

申请人： Yoko Hashimoto ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Osamu Takata ,  Kazuyoshi Hoshino

发明人： Yoko Hashimoto ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Osamu Takata ,  Kazuyoshi Hoshino

IPC分类号： H04L9/32

CPC分类号： G06Q20/3674 ,  H04L63/0272 ,  H04L63/0428 ,  H04L63/0869 ,  H04L67/1002 ,  H04L67/1006 ,  H04L67/1008 ,  H04L67/1029

摘要： To solve problems in that a load on a VPN device is large in a case where the number of terminal devices increases in encrypted communication using a VPN technique, and that only communication between the terminal device and the VPN device is encrypted, thus disabling end-to-end encrypted communication, a communication system is provided, including: a terminal device; a plurality of blades; and a management server that manages the blades, in which: the management server selects a blade, authenticates the terminal device and the selected blade, and mediates encrypted communication path establishment between the terminal device and the selected blade; the terminal device and the blade perform encrypted communication without the mediation of the management server; and the management server requests a validation server to authenticate each terminal.

摘要翻译： 为了解决在使用VPN技术的加密通信中终端装置的数量增加，VPN终端装置与VPN装置之间的通信被加密的情况下，VPN装置的负载大的问题， 端到端加密通信，提供通信系统，包括：终端装置; 多个叶片; 以及管理服务器，其中：所述管理服务器选择刀片，对所述终端设备和所选择的刀片进行认证，并且中介所述终端设备与所选刀片之间的加密通信路径建立; 终端设备和刀片在没有管理服务器的中介的情况下执行加密的通信; 并且管理服务器请求验证服务器来认证每个终端。

公开(公告)号：US20080098221A1

公开(公告)日：2008-04-24

申请号：US11907260

申请日：2007-10-10

申请人： Yoko Hashimoto ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Osamu Takata ,  Kazuyoshi Hoshino

发明人： Yoko Hashimoto ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Osamu Takata ,  Kazuyoshi Hoshino

IPC分类号： H04L9/32

CPC分类号： G06Q20/3674 ,  H04L63/0272 ,  H04L63/0428 ,  H04L63/0869 ,  H04L67/1002 ,  H04L67/1006 ,  H04L67/1008 ,  H04L67/1029

摘要： To solve problems in that a load on a VPN device is large in a case where the number of terminal devices increases in encrypted communication using a VPN technique, and that only communication between the terminal device and the VPN device is encrypted, thus disabling end-to-end encrypted communication, a communication system is provided, including: a terminal device; a plurality of blades; and a management server that manages the blades, in which: the management server selects a blade, authenticates the terminal device and the selected blade, and mediates encrypted communication path establishment between the terminal device and the selected blade; the terminal device and the blade perform encrypted communication without the mediation of the management server; and the management server requests a validation server to authenticate each terminal.

摘要翻译： 为了解决在使用VPN技术的加密通信中终端装置的数量增加，VPN终端装置与VPN装置之间的通信被加密的情况下，VPN装置的负载大的问题， 端到端加密通信，提供通信系统，包括：终端装置; 多个叶片; 以及管理服务器，其中：所述管理服务器选择刀片，对所述终端设备和所选择的刀片进行认证，并且中介所述终端设备与所选刀片之间的加密通信路径建立; 终端设备和刀片在没有管理服务器的中介的情况下执行加密的通信; 并且管理服务器请求验证服务器来认证每个终端。

公开(公告)号：US20080219445A1

公开(公告)日：2008-09-11

申请号：US11984676

申请日：2007-11-20

申请人： Akifumi Yato ,  Tadashi Kaji ,  Takahiro Fujishiro ,  Yoko Hashimoto ,  Kazuyoshi Hoshino

发明人： Akifumi Yato ,  Tadashi Kaji ,  Takahiro Fujishiro ,  Yoko Hashimoto ,  Kazuyoshi Hoshino

IPC分类号： H04L9/00 ,  H04K1/00

CPC分类号： H04L63/0428 ,  H04L63/1408

摘要： A communications audit support system is provided, which makes it possible to audit communications of an arbitrary encrypted communication session at any time. The communications audit support system of the present invention stores key information used for encrypted communication in a key management DB in association with a key ID each time the key information is created, stores IP addresses of a user terminal and a service providing server which perform an encrypted communication session using the key information in a communication state management DB in association with the key ID, and stores an encrypted packet sent in an encrypted communication session in a packet DB in association with IP addresses of a sender and a receiver of the encrypted packet.

摘要翻译： 提供通信审计支持系统，使得可以随时审核任意加密通信会话的通信。 本发明的通信审计支持系统在每次创建密钥信息时，与密钥ID相关联地将用于加密通信的密钥信息存储在密钥管理DB中，存储执行密钥信息的用户终端和服务提供服务器的IP地址 使用与密钥ID相关联的通信状态管理DB中的密钥信息的加密通信会话，并且将加密通信会话中发送的加密分组与加密分组的发送者和接收者的IP地址相关联地存储在分组DB中 。

公开(公告)号：US08094337B2

公开(公告)日：2012-01-10

申请号：US11987551

申请日：2007-11-30

申请人： Yoko Hashimoto ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Akifumi Yato ,  Kazuyoshi Hoshino

发明人： Yoko Hashimoto ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Akifumi Yato ,  Kazuyoshi Hoshino

IPC分类号： G06F3/12

CPC分类号： G06F3/1226 ,  G06F3/1204 ,  G06F3/1222 ,  G06F3/1288 ,  G06F21/608 ,  G06F2221/2111

摘要： To minimize risk of printing-out to a printer located at an improper base, where a network is established between the bases, terminal devices, a server, printers, and a management device which manages printers are provided. The management device manages position information of the printers installed in bases. Every time printing is requested, the management device extracts printer candidates located close to a terminal device and asks a user of the terminal device to select one of the printer candidates. The user visually confirms the installation locations of the extracted printer candidates included in a list and selects an appropriate printer for each printing. Accordingly, risk of erroneously printing using a printer installed in an improper base can be reduced.

摘要翻译： 为了最小化打印到位于基地之间建立网络的打印机的打印机的风险，提供终端设备，服务器，打印机和管理打印机的管理设备。 管理设备管理安装在基地的打印机的位置信息。 每次打印请求时，管理装置提取位于终端设备附近的打印机候选，并请求终端设备的用户选择一个打印机候选。 用户可视地确认包括在列表中的提取的打印机候选的安装位置，并为每次打印选择适当的打印机。 因此，可以减少使用安装在不正确基座中的打印机进行错误打印的风险。

公开(公告)号：US20080158597A1

公开(公告)日：2008-07-03

申请号：US11987551

申请日：2007-11-30

申请人： Yoko Hashimoto ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Akifumi Yato ,  Kazuyoshi Hoshino

发明人： Yoko Hashimoto ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Akifumi Yato ,  Kazuyoshi Hoshino

IPC分类号： G06F3/12

CPC分类号： G06F3/1226 ,  G06F3/1204 ,  G06F3/1222 ,  G06F3/1288 ,  G06F21/608 ,  G06F2221/2111

摘要： To minimize risk of printing-out to a printer located at an improper base, where a network is established between the bases, terminal devices, a server, printers, and a management device which manages printers are provided. The management device manages position information of the printers installed in bases. Every time printing is requested, the management device extracts printer candidates located close to a terminal device and asks a user of the terminal device to select one of the printer candidates. The user visually confirms the installation locations of the extracted printer candidates included in a list and selects an appropriate printer for each printing. Accordingly, risk of erroneously printing using a printer installed in an improper base can be reduced.

摘要翻译： 为了最小化打印到位于基地之间建立网络的打印机的打印机的风险，提供终端设备，服务器，打印机和管理打印机的管理设备。 管理设备管理安装在基地的打印机的位置信息。 每次打印请求时，管理装置提取位于终端设备附近的打印机候选，并请求终端设备的用户选择一个打印机候选。 用户可视地确认包括在列表中的提取的打印机候选的安装位置，并为每次打印选择适当的打印机。 因此，可以减少使用安装在不正确基座中的打印机进行错误打印的风险。

公开(公告)号：US08041822B2

公开(公告)日：2011-10-18

申请号：US11417054

申请日：2006-05-04

申请人： Kazuyoshi Hoshino ,  Tadashi Kaji ,  Osamu Takata ,  Takahiro Fujishiro ,  Kohei Sawada

发明人： Kazuyoshi Hoshino ,  Tadashi Kaji ,  Osamu Takata ,  Takahiro Fujishiro ,  Kohei Sawada

IPC分类号： G06F15/16

CPC分类号： H04L63/0428 ,  H04L29/06027 ,  H04L63/08 ,  H04L65/1006 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1023

摘要： A server device that represents a plurality of service provision servers implements authentication and a SIP message exchange with respect to a SIP server as a representative, and notifies a service provision server of client communication information that is acquired by the SIP message exchange. The service provision server communicates with a client on the basis of the client communication information that is notified from the representative server.

摘要翻译： 表示多个服务提供服务器的服务器装置以代表SIP服务器的身份执行认证和SIP消息交换，并向服务提供服务器通知由SIP消息交换获取的客户端通信信息。 服务提供服务器基于从代表服务器通知的客户端通信信息与客户端进行通信。

公开(公告)号：US07657035B2

公开(公告)日：2010-02-02

申请号：US11504767

申请日：2006-08-16

申请人： Akifumi Yato ,  Tadashi Kaji ,  Osamu Takata ,  Takahiro Fujishiro ,  Kazuyoshi Hoshino

发明人： Akifumi Yato ,  Tadashi Kaji ,  Osamu Takata ,  Takahiro Fujishiro ,  Kazuyoshi Hoshino

IPC分类号： H04L9/00 ,  H04L29/06

CPC分类号： H04L63/0428 ,  H04L9/083 ,  H04L9/0869 ,  H04L63/20

摘要： Each terminal registers the key generation information into each session management server, the information including a plurality of setting items necessary for determining set values to generated a key to be used by itself, and set value candidates which are stored in the setting items.When the encryption communications are established between the terminals, the individual session management servers and a key generation information management server are associated, so that the key generation information management server selects the algorithm suite based on the key generation information. The session management server generates the parameters based on the selected algorithm suite, acquires the information on the selected algorithm suite from the key generation information management server, generates the key for the encryption communications based on that information and distributes the key to the each terminal.

摘要翻译： 每个终端将密钥生成信息注册到每个会话管理服务器中，该信息包括确定设置值所需的多个设置项目以产生要自己使用的密钥，并设置存储在设置项目中的值候选。 当在终端之间建立加密通信时，各个会话管理服务器和密钥生成信息管理服务器相关联，使得密钥生成信息管理服务器基于密钥生成信息来选择算法套件。 会话管理服务器根据选择的算法套件生成参数，从密钥生成信息管理服务器获取所选算法套件的信息，根据该信息生成加密通信的密钥，并将密钥分配给每个终端。

公开(公告)号：US07443986B2

公开(公告)日：2008-10-28

申请号：US10931219

申请日：2004-09-01

申请人： Osamu Takata ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Kazuyoshi Hoshino

发明人： Osamu Takata ,  Takahiro Fujishiro ,  Tadashi Kaji ,  Kazuyoshi Hoshino

IPC分类号： H04L9/00

CPC分类号： H04L63/0428 ,  H04L63/062

摘要： Both a management server and a validation server are installed. Both a terminal and a terminal register setting information which is usable in an encrypted communication in the management server. When carrying out the encrypted communication, the management server searches the registered setting information for coincident setting information. The management server generates keys for the encrypted communications which can be used by the terminals, and delivers these generated keys in combination with the coincident setting information. The management server authenticates both the terminals in conjunction with the validation server. Since the terminals trust such results that the management server has authenticated the terminals respectively, these terminals need not authenticate the respective communication counter terminals.

摘要翻译： 管理服务器和验证服务器均已安装。 终端和终端注册设置信息可用于管理服务器中的加密通信。 当执行加密通信时，管理服务器搜索登记的设置信息以获得一致的设置信息。 管理服务器生成可由终端使用的加密通信的密钥，并将这些生成的密钥与重合的设置信息相结合。 管理服务器与验证服务器一起认证两个终端。 由于终端信任这样的结果，管理服务器分别对终端进行认证，所以这些终端不需要对相应的通信计数器终端进行认证。