-
公开(公告)号:US09690598B2
公开(公告)日:2017-06-27
申请号:US13855713
申请日:2013-04-03
CPC分类号: G06F9/4421 , G06F9/448 , H04L63/123 , H04L63/1441
摘要: This invention includes apparatus, systems, and methods for repairing a corrupted device still in the field by sending the corrupted device a known-good configuration derived from the majority group of devices in the field. First, an initial inventory and content scan of the device's hardware and software stack is taken. The attestation server uses the collection of results to determine a statistically known-good configuration for each type of device. The attestation server groups the known good devices by devices and ideally all of the devices of the same type are configured mostly the same. The attestation server sends an alert to the device that the device is configured differently than the plurality of existing devices. Finally, the attestation server will request a known-good configuration from one of the devices in the plurality of existing devices to repair the corrupted device in the field.
-
公开(公告)号:US08996861B1
公开(公告)日:2015-03-31
申请号:US13657872
申请日:2012-10-23
CPC分类号: H04L63/0428 , G06F12/1408 , H04L9/0841 , H04L9/14 , H04L9/321 , H04L9/3252 , H04L63/0442 , H04L63/061 , H04L63/062 , H04L63/101 , H04L65/1053 , H04L65/1069 , H04L2209/24 , H04W12/04
摘要: A comprehensive solution for providing secure mobile communication is provided. The system includes techniques for authentication and control of communication end-points; chain of trust to ensure devices are certified as authentic; contact list management; peer-to-peer encrypted voice, email, and texting communication; and a technique for bypassing an IP PBX to ensure high levels of security. The system is able to support use of commodity mobile communication devices (e.g., smart phones, laptops) over public carrier networks.
摘要翻译: 提供了一种提供安全移动通信的综合解决方案。 该系统包括用于认证和控制通信端点的技术; 信任链,确保设备被认证为真实的; 联系人列表管理; 点对点加密语音,电子邮件和发短信通信; 以及绕过IP PBX以确保高度安全性的技术。 该系统能够支持在公共运营商网络上使用商品移动通信设备(例如,智能电话,笔记本电脑)。
-
公开(公告)号:US08898476B1
公开(公告)日:2014-11-25
申请号:US13671534
申请日:2012-11-07
CPC分类号: G06F21/45 , G06F21/34 , G06F21/604 , G06F2221/2131 , H04L9/0861 , H04L9/0863 , H04L9/0866 , H04L9/0897
摘要: This invention provides a novel method, system, and apparatus allowing an authorized user access to controlled assets when a passcode method malfunctions, such as when a user forgets a password, a token malfunction, or a biometric mismatch. The invention allows temporary access to an access control system without knowing the password and without sending the user the password or a new random password. The user is able to set a new password without knowing the previous password. Furthermore, stored encrypted data is preserved and made accessible once again via the new passcode. This invention works for many authentication methods such as restoring access when a password, token, access card, or biometric sample is used.
摘要翻译: 本发明提供了一种新的方法,系统和装置,当密码方法发生故障时,例如当用户忘记密码,令牌故障或生物特征不匹配时,允许授权用户访问受控资产。 本发明允许在不知道密码的情况下临时访问访问控制系统,并且不向用户发送密码或新的随机密码。 用户可以设置新密码,而不必知道以前的密码。 此外,存储的加密数据被保留并通过新的密码再次访问。 本发明适用于许多认证方法,例如当使用密码,令牌,访问卡或生物特征样本时恢复访问。
-
公开(公告)号:US09654449B2
公开(公告)日:2017-05-16
申请号:US14731409
申请日:2015-06-05
CPC分类号: H04L63/0428 , H04L9/0872 , H04L63/107 , H04W4/021 , H04W12/06 , H04W84/12
摘要: The invention includes methods for authenticating access between devices when the devices are within a geospatial boundary comprising the first step of keeping track of the physical position of the devices using both low and, or high fidelity geospatial positioning techniques. Next, a first device determines whether any nearby mobile devices have entered the geospatial boundary. Next, the first device determines if any of the mobile devices are peers eligible for cryptographic authentication. After the first device authenticates that the other device within the geospatial boundary is a trusted peer, the devices may perform various data and, or dynamic policy operations.
-
公开(公告)号:US09380048B2
公开(公告)日:2016-06-28
申请号:US13928400
申请日:2013-06-27
IPC分类号: H04L29/06
CPC分类号: H04L9/3263 , H04L9/083 , H04L9/0861 , H04L9/14 , H04L9/30 , H04L63/062 , H04L63/0823
摘要: This invention includes a solution to enable a digital authentication solution comprising a network. Next, a first device is coupled to the network. The first device may include an authentication key generator that is able to generate both public and private keys in electronic formats. Next, the first device is coupled to a certificate authority gateway. The certificate authority gateway includes devices capable of converting the electronically formatted public key to a non-electronic format, and vice versa. Next, the certificate authority gateway is coupled to a certificate authority server. The certificate authority server includes devices capable of converting the electronically formatted public key to a non-electronic format, and vice versa. The certificate authority server is also contained in a secure area such as a locked room, or a safe. The secure area includes features that allow the non-electronically formatted public key to be passed across the boundary of the secure area. Finally, a second device is coupled to the network.
摘要翻译: 本发明包括能够实现包括网络的数字认证解决方案的解决方案。 接下来,第一设备耦合到网络。 第一设备可以包括认证密钥生成器,其能够以电子格式生成公钥和私钥。 接下来,第一设备耦合到认证机构网关。 认证机构网关包括能够将电子格式化的公钥转换为非电子格式的设备,反之亦然。 接下来,认证机构网关被连接到认证机构服务器。 认证机构服务器包括能够将电子格式化的公钥转换为非电子格式的装置,反之亦然。 证书颁发机构服务器也包含在诸如锁定的房间或保险柜之类的安全区域中。 安全区域包括允许非电子格式化的公钥通过安全区域的边界的特征。 最后,第二设备耦合到网络。
-
公开(公告)号:US09124574B2
公开(公告)日:2015-09-01
申请号:US13969544
申请日:2013-08-17
CPC分类号: H04L63/08 , H04L63/02 , H04L63/0435 , H04L63/0815 , H04L63/083 , H04L63/0869 , H04L67/24
摘要: This invention includes a system and method to enable a device to determine the presence information of another device over a secure communication network. First, the device and a presence server establish a secure connection. Next, while the initial secure connection with the presence server is established, the device generates a randomly created token and provides it to the presence server. The token is used as a shared-secret by the device and the presence server to secure future presence communications over a non-secure connection. Next, without the need to again enter a password or establish a secure connection with the presence server, the device uses the shared-secret to sign, encrypt and convey presence information to the presence server over an arbitrary connection. Finally, the presence server may share the first device's presence information with another device.
摘要翻译: 本发明包括一种使设备能够通过安全通信网络确定另一设备的存在信息的系统和方法。 首先,设备和存在服务器建立安全连接。 接下来,当建立与存在服务器的初始安全连接时,设备生成随机创建的令牌并将其提供给呈现服务器。 令牌由设备和存在服务器用作共享密钥,以通过非安全连接保护未来存在通信。 接下来,不需要再次输入密码或与存在服务器建立安全连接,设备使用共享秘密通过任意连接对存在服务器进行签名,加密和传送存在信息。 最后,存在服务器可以与另一设备共享第一设备的存在信息。
-
公开(公告)号:US09055440B2
公开(公告)日:2015-06-09
申请号:US13656231
申请日:2012-10-19
CPC分类号: H04L63/0428 , H04L9/0872 , H04L63/107 , H04W4/021 , H04W12/06 , H04W84/12
摘要: The invention includes methods for cryptographically authenticating access between devices when the devices are within a geospatial boundary comprising the first step of keeping track of the physical position of the devices using both low and, or high fidelity geospatial positioning techniques. Next, a first device determines whether any nearby mobile devices have entered the geospatial boundary. Next, the first device determines if any of the mobile devices are peers eligible for cryptographic authentication. After the first device authenticates that the other device within the geospatial boundary is a trusted peer, the devices may perform various data and, or dynamic policy operations.
摘要翻译: 本发明包括当设备在地理空间边界内时在设备之间进行加密认证的方法,包括使用低和或高保真地理空间定位技术跟踪设备的物理位置的第一步骤。 接下来,第一设备确定任何附近的移动设备是否已经进入地理空间边界。 接下来,第一设备确定任何移动设备是否符合加密认证的对等体。 在第一个设备认证地理空间边界中的其他设备是可信对等体之后,设备可以执行各种数据和动态策略操作。
-
公开(公告)号:US09692605B2
公开(公告)日:2017-06-27
申请号:US15193026
申请日:2016-06-25
申请人: Ty Lindteigen , James Chester Jones
发明人: Ty Lindteigen , James Chester Jones
CPC分类号: H04L9/3263 , H04L9/083 , H04L9/0861 , H04L9/14 , H04L9/30 , H04L63/062 , H04L63/0823
摘要: This invention includes a solution to enable a digital authentication solution comprising a network. Next, a first device is coupled to the network. The first device may include an authentication key generator that is able to generate both public and private keys in electronic formats. Next, the first device is coupled to a certificate authority gateway. The certificate authority gateway includes devices capable of converting the electronically formatted public key to a non-electronic format, and vice versa. Next, the certificate authority gateway is coupled to a certificate authority server. The certificate authority server includes devices capable of converting the electronically formatted public key to a non-electronic format, and vice versa. The certificate authority server is also contained in a secure area such as a locked room, or a safe. The secure area includes features that allow the non-electronically formatted public key to be passed across the boundary of the secure area. Finally, a second device is coupled to the network.
-
公开(公告)号:US20150256521A1
公开(公告)日:2015-09-10
申请号:US14672085
申请日:2015-03-27
CPC分类号: H04L63/0428 , G06F12/1408 , H04L9/0841 , H04L9/14 , H04L9/321 , H04L9/3252 , H04L63/0442 , H04L63/061 , H04L63/062 , H04L63/101 , H04L65/1053 , H04L65/1069 , H04L2209/24 , H04W12/04
摘要: A comprehensive solution for providing secure mobile communication is provided. The system includes techniques for authentication and control of communication end-points; chain of trust to ensure devices are certified as authentic; contact list management; peer-to-peer encrypted voice, email, and texting communication; and a technique for bypassing an IP PBX to ensure high levels of security. The system is able to support use of commodity mobile communication devices (e.g., smart phones, laptops) over public carrier networks.
摘要翻译: 提供了一种提供安全移动通信的综合解决方案。 该系统包括用于认证和控制通信端点的技术; 信任链,确保设备被认证为真实的; 联系人列表管理; 点对点加密语音,电子邮件和发短信通信; 以及绕过IP PBX以确保高度安全性的技术。 该系统能够支持在公共运营商网络上使用商品移动通信设备(例如,智能电话,笔记本电脑)。
-
公开(公告)号:US09088538B2
公开(公告)日:2015-07-21
申请号:US13838024
申请日:2013-03-15
申请人: Ty Brendan Lindteigen , John Curtis
发明人: Ty Brendan Lindteigen , John Curtis
CPC分类号: H04L63/0428 , G06F21/00 , G06F21/6218 , H04L9/006 , H04L9/0816 , H04L63/00 , H04L63/0272 , H04L63/0442 , H04L63/107 , H04L2209/24
摘要: This invention includes a synchronized storage server enabled to send the end-point device a notification including the root folder list. The end-point device compares the sent root folder list to a previously stored root folder list in the end-point devices' memory. If the end-point device detects either a new root folder on the synchronized storage server, a change in an existing folder, or deleted content in a folder the end-point device will determine that a change is required to the stored data. Next the end-point device will synchronize with the synchronized storage server and create a new storage list. Finally, the synchronized storage server will send the end-point device a new encrypted folder encryption key which includes the encrypted file contents along with identifying information such as the server name and revision information.
摘要翻译: 本发明包括能够向端点设备发送包括根文件夹列表的通知的同步存储服务器。 端点设备将发送的根文件夹列表与端点设备内存中之前存储的根文件夹列表进行比较。 如果终点设备检测到同步存储服务器上的新根文件夹,则现有文件夹中的更改或文件夹中已删除的内容将终止设备将确定对存储的数据进行更改。 接下来,终端设备将与同步存储服务器同步并创建新的存储列表。 最后,同步存储服务器将向端点设备发送一个新的加密文件夹加密密钥,其中包括加密的文件内容以及诸如服务器名称和修订信息之类的标识信息。
-
-
-
-
-
-
-
-
-
搜索结果
17 条记录 (耗时 0.013 秒)
