公开(公告)号：US20110060947A1

公开(公告)日：2011-03-10

申请号：US12556148

申请日：2009-09-09

申请人： Zhexuan Song ,  Jesus Molina ,  Joseph Gordon

发明人： Zhexuan Song ,  Jesus Molina ,  Joseph Gordon

IPC分类号： G06F11/00

CPC分类号： H04L63/1433 ,  G06F21/53 ,  G06F21/552 ,  G06F21/57 ,  G06F2221/2105 ,  G06F2221/2149 ,  H04L63/145

摘要： A target computing environment is secured by a hardware trust anchor that provides a trust state of the target computing environment based upon a security audit of the target computing environment. And diagnosing the target computing environment can be diagnosed by the hardware trust anchor according to the security diagnostic information.

摘要翻译： 目标计算环境由硬件信任锚保护，所述硬件信任锚基于目标计算环境的安全审核来提供目标计算环境的信任状态。 根据安全诊断信息可以通过硬件信任锚来诊断目标计算环境。

公开(公告)号：US20090235068A1

公开(公告)日：2009-09-17

申请号：US12048096

申请日：2008-03-13

申请人： Zhexuan Song ,  Seigo Kotani ,  Sung Lee ,  Keishiro Tanaka ,  Houcheng Lee ,  Jesus Molina ,  Ryusuke Masuoka ,  Tomihiro Yamazaki

发明人： Zhexuan Song ,  Seigo Kotani ,  Sung Lee ,  Keishiro Tanaka ,  Houcheng Lee ,  Jesus Molina ,  Ryusuke Masuoka ,  Tomihiro Yamazaki

IPC分类号： H04L9/32

CPC分类号： H04L9/3231 ,  H04L9/3263 ,  H04L2209/80

摘要： A method for identity verification includes receiving a request for proof of identity from a service provider and receiving biometric information associated with a user of a communication device. The method also includes determining that the received biometric information matches a biometric profile that contains biometric information associated with a registered user of the communication device. The method also includes unlocking a private key associated with the registered user in response to determining that the received biometric information matches a biometric profile and sending a request for a digital certificate that is signed with the private key associated with the registered user. The method further includes receiving the digital certificate that includes a public key associated with the registered user and satisfies the request for proof of identity. The method also includes with forwarding the digital certificate to the service provider.

摘要翻译： 用于身份验证的方法包括从服务提供商接收身份证明请求并接收与通信设备的用户相关联的生物特征信息。 该方法还包括确定所接收的生物特征信息与包含与通信设备的注册用户相关联的生物特征信息的生物特征信息匹配。 该方法还包括响应于确定所接收的生物测定信息与生物特征谱匹配并且发送用与注册用户相关联的私钥签名的数字证书的请求来解锁与注册用户相关联的私钥。 该方法还包括接收包括与注册用户相关联的公钥的数字证书，并且满足身份证明请求。 该方法还包括将数字证书转发到服务提供商。

公开(公告)号：US08533469B2

公开(公告)日：2013-09-10

申请号：US12623861

申请日：2009-11-23

申请人： Zhexuan Song ,  Ryusuke Masuoka ,  Jesus Molina

发明人： Zhexuan Song ,  Ryusuke Masuoka ,  Jesus Molina

IPC分类号： H04L29/00

CPC分类号： G06F21/6218 ,  G06F2221/2107

摘要： A method for securely sharing electronic documents on a document storage system. The method includes receiving an electronic document from a creating user, generating an encryption key unique to the electronic document, encrypting the electronic document using the encryption key to create an encrypted electronic document, and communicating the encrypted electronic document to a document repository for storage/ The method also includes identifying a resource locator for uniquely identifying the storage location of the encrypted electronic document and communicating the encryption key and the resource locator to the creating user. The method also includes receiving the encryption key and the resource locator from a requesting user, retrieving the encrypted electronic document from the document repository using the resource locator, decrypting the encrypted electronic document using the encryption key, and communicating the decrypted electronic document to the requesting user.

摘要翻译： 一种用于在文件存储系统上安全地共享电子文档的方法。 该方法包括从创建用户接收电子文档，生成电子文档特有的加密密钥，使用加密密钥加密电子文档以创建加密的电子文档，以及将加密的电子文档传送到文档储存库，用于存储/ 该方法还包括识别用于唯一地识别加密电子文档的存储位置并将加密密钥和资源定位符传送给创建用户的资源定位符。 该方法还包括从请求用户接收加密密钥和资源定位符，使用资源定位器从文档库中检索加密的电子文档，使用加密密钥解密加密的电子文档，并将解密的电子文档传送到请求 用户。

公开(公告)号：US20110314558A1

公开(公告)日：2011-12-22

申请号：US12816966

申请日：2010-06-16

申请人： Zhexuan Song ,  Jesus Molina

发明人： Zhexuan Song ,  Jesus Molina

IPC分类号： G06F21/00

CPC分类号： G06F21/316

摘要： A method for authenticating access to an electronic document. The method includes receiving an authentication request from a user, receiving an aggregate risk score, selecting an authentication mechanism based at least on the aggregate risk score, and applying the authentication mechanism to decide the authentication request from the user. The aggregate risk score may be based at least on a comparison of the user's past behavior with a plurality of context data associated with the user.

摘要翻译： 用于认证对电子文档的访问的方法。 所述方法包括从用户接收认证请求，接收聚合风险评分，至少基于所述总体风险评分选择认证机制，以及应用所述认证机制来确定来自所述用户的认证请求。 总体风险分数可以至少基于用户的过去行为与与用户相关联的多个上下文数据的比较。

公开(公告)号：US08874745B2

公开(公告)日：2014-10-28

申请号：US12748054

申请日：2010-03-26

申请人： Zhexuan Song ,  Jesus Molina ,  Ryusuke Masuoka

发明人： Zhexuan Song ,  Jesus Molina ,  Ryusuke Masuoka

IPC分类号： G06F15/173 ,  G06F9/54

CPC分类号： G06F9/54 ,  G06F2209/541

摘要： Methods and systems for providing services and/or computing resources are provided. A method may include receiving an application from an application provider. The method may further include receiving data from a data provider. The method may also include receiving a first request from the data provider to execute the application and apply the data as input to the application. Additionally, the method may include executing the application in response to receiving the first request. The method may also include storing output data resulting from execution of the application. The method may further include receiving a second request from the data provider to transmit the output data to the data provider. The method may additionally include communicating the output data to the data provider in response to the second request.

摘要翻译： 提供了用于提供服务和/或计算资源的方法和系统。 方法可以包括从应用提供商接收应用。 该方法还可以包括从数据提供者接收数据。 该方法还可以包括从数据提供者接收第一请求以执行应用并将该数据作为输入应用于应用。 另外，该方法可以包括响应于接收到第一请求而执行该应用。 该方法还可以包括存储由应用的执行产生的输出数据。 该方法还可以包括从数据提供者接收第二请求以将输出数据发送到数据提供者。 该方法还可以包括响应于第二请求将输出数据传送到数据提供者。

公开(公告)号：US20110162076A1

公开(公告)日：2011-06-30

申请号：US12651269

申请日：2009-12-31

申请人： Zhexuan SONG ,  Jesus Molina ,  Joseph Gordon

发明人： Zhexuan SONG ,  Jesus Molina ,  Joseph Gordon

IPC分类号： G06F21/24 ,  G06F15/16

CPC分类号： H04L63/1416 ,  G06F21/554 ,  G06F21/86 ,  G06F2221/2105 ,  G06F2221/2129 ,  G06F2221/2143 ,  G06F2221/2151

摘要： An event condition is checked, using a computer and data content of the computer is additionally protected in relation to a normal data protection according to the event condition. The event condition is detecting by the computer a remote command and/or detecting a state according to a policy.

摘要翻译： 使用计算机检查事件条件，并根据事件条件对计算机的数据内容进行相对于正常数据保护的附加保护。 事件条件是由计算机检测远程命令和/或根据策略检测状态。

公开(公告)号：US09112681B2

公开(公告)日：2015-08-18

申请号：US11966283

申请日：2007-12-28

申请人： Seigo Kotani ,  Zhexuan Song ,  Sung Lee ,  Jesus Molina ,  Ryusuke Masuoka

发明人： Seigo Kotani ,  Zhexuan Song ,  Sung Lee ,  Jesus Molina ,  Ryusuke Masuoka

IPC分类号： H04L29/06 ,  H04L9/00 ,  H04L9/32 ,  H04L9/08 ,  G06F21/33 ,  G06F21/60

CPC分类号： H04L9/083 ,  G06F21/33 ,  G06F21/606 ,  G06F2221/2101 ,  H04L9/006 ,  H04L9/0825 ,  H04L9/0897 ,  H04L9/321 ,  H04L9/3234 ,  H04L9/3263 ,  H04L63/0823 ,  H04L2209/127

摘要： A system and method are disclosed for providing and maintaining a high level of security during migration of data from one platform to another. The disclosed system combines user and equipment authentication with equipment environment authorization guaranteed by a security module such as supported by a trusted platform module (TPM) in parallel, for secure information transfer to support migration between platforms.

摘要翻译： 公开了一种系统和方法，用于在将数据从一个平台迁移到另一个平台期间提供和保持高水平的安全性。 所公开的系统将用户和设备认证与由可信平台模块（TPM）并行支持的安全模块所保证的设备环境授权相结合，用于安全信息传输以支持平台之间的迁移。

公开(公告)号：US08505103B2

公开(公告)日：2013-08-06

申请号：US12556148

申请日：2009-09-09

申请人： Zhexuan Song ,  Jesus Molina ,  Joseph Gordon

发明人： Zhexuan Song ,  Jesus Molina ,  Joseph Gordon

IPC分类号： G11C7/00

CPC分类号： H04L63/1433 ,  G06F21/53 ,  G06F21/552 ,  G06F21/57 ,  G06F2221/2105 ,  G06F2221/2149 ,  H04L63/145

摘要： A target computing environment is secured by a hardware trust anchor that provides a trust state of the target computing environment based upon a security audit of the target computing environment. And diagnosing the target computing environment can be diagnosed by the hardware trust anchor according to the security diagnostic information.

摘要翻译： 目标计算环境由硬件信任锚保护，所述硬件信任锚基于目标计算环境的安全审核来提供目标计算环境的信任状态。 根据安全诊断信息可以通过硬件信任锚来诊断目标计算环境。

公开(公告)号：US08438385B2

公开(公告)日：2013-05-07

申请号：US12048096

申请日：2008-03-13

申请人： Zhexuan Song ,  Seigo Kotani ,  Sung Lee ,  Keishiro Tanaka ,  Houcheng Lee ,  Jesus Molina ,  Ryusuke Masuoka ,  Tomihiro Yamazaki

发明人： Zhexuan Song ,  Seigo Kotani ,  Sung Lee ,  Keishiro Tanaka ,  Houcheng Lee ,  Jesus Molina ,  Ryusuke Masuoka ,  Tomihiro Yamazaki

IPC分类号： H04L29/06 ,  G06F7/04

CPC分类号： H04L9/3231 ,  H04L9/3263 ,  H04L2209/80

摘要： A method for identity verification includes receiving a request for proof of identity from a service provider and receiving biometric information associated with a user of a communication device. The method also includes determining that the received biometric information matches a biometric profile that contains biometric information associated with a registered user of the communication device. The method also includes unlocking a private key associated with the registered user in response to determining that the received biometric information matches a biometric profile and sending a request for a digital certificate that is signed with the private key associated with the registered user. The method further includes receiving the digital certificate that includes a public key associated with the registered user and satisfies the request for proof of identity. The method also includes with forwarding the digital certificate to the service provider.

摘要翻译： 用于身份验证的方法包括从服务提供商接收身份证明请求并接收与通信设备的用户相关联的生物特征信息。 该方法还包括确定所接收的生物特征信息与包含与通信设备的注册用户相关联的生物特征信息的生物特征信息匹配。 该方法还包括响应于确定所接收的生物测定信息与生物特征谱匹配并且发送用与注册用户相关联的私钥签名的数字证书的请求来解锁与注册用户相关联的私钥。 该方法还包括接收包括与注册用户相关联的公钥的数字证书，并且满足身份证明请求。 该方法还包括将数字证书转发到服务提供商。

公开(公告)号：US20110238837A1

公开(公告)日：2011-09-29

申请号：US12748054

申请日：2010-03-26

申请人： Zhexuan Song ,  Jesus Molina ,  Ryusuke Masuoka

发明人： Zhexuan Song ,  Jesus Molina ,  Ryusuke Masuoka

IPC分类号： G06F15/173 ,  G06F9/46

CPC分类号： G06F9/54 ,  G06F2209/541

摘要： Methods and systems for providing services and/or computing resources are provided. A method may include receiving an application from an application provider. The method may further include receiving data from a data provider. The method may also include receiving a first request from the data provider to execute the application and apply the data as input to the application. Additionally, the method may include executing the application in response to receiving the first request. The method may also include storing output data resulting from execution of the application. The method may further include receiving a second request from the data provider to transmit the output data to the data provider. The method may additionally include communicating the output data to the data provider in response to the second request.

摘要翻译： 提供了用于提供服务和/或计算资源的方法和系统。 方法可以包括从应用提供商接收应用。 该方法还可以包括从数据提供者接收数据。 该方法还可以包括从数据提供者接收第一请求以执行应用并将该数据作为输入应用于应用。 另外，该方法可以包括响应于接收到第一请求而执行该应用。 该方法还可以包括存储由应用的执行产生的输出数据。 该方法还可以包括从数据提供者接收第二请求以将输出数据发送到数据提供者。 该方法还可以包括响应于第二请求将输出数据传送到数据提供者。