-
公开(公告)号:US20190238520A1
公开(公告)日:2019-08-01
申请号:US16262430
申请日:2019-01-30
申请人: Corlina, Inc.
CPC分类号: H04L63/0442 , G06F8/61 , H04L9/0825 , H04L9/3228 , H04L9/3263 , H04L63/0823 , H04L63/123 , H04L67/12 , H04L2209/64
摘要: Various embodiments are directed to a system and method for establishing a secure communication pathway between a network-connected device and a computing platform. Such configurations encompass encrypting a device-specific installation package passed to the device using a device-generated cryptography key, verifying the identity of the computing platform at the device, encrypting a response message via a platform-generated cryptography key, transmitting the response message to the computing platform, verifying characteristics of the device via the response message, and establishing a secure communication platform upon verification of the device.
-
公开(公告)号:US20180227295A1
公开(公告)日:2018-08-09
申请号:US15949494
申请日:2018-04-10
CPC分类号: H04L63/0823 , G06F15/7807 , H04L9/32 , H04L9/3263 , H04L9/3268 , H04L63/0428 , H04L63/0435 , H04L63/0442 , H04L63/0853 , H04L63/0869 , H04L2209/64 , H04W12/06
摘要: Various embodiments are disclosed that relate to security of a computer accessory device. For example, one non-limiting embodiment provides a host computing device configured to conduct an initial portion of a mutual authentication session with an accessory device, and send information regarding the host computing device and the accessory device to a remote pairing service via a computer network. The host computing device is further configured to, in response, receive a pairing certificate from the remote pairing service, the pairing certificate being encrypted via a private key of the remote pairing service, and complete the mutual authentication with the accessory device using the pairing certificate from the remote pairing service.
-
公开(公告)号:US09917698B2
公开(公告)日:2018-03-13
申请号:US15047119
申请日:2016-02-18
申请人: MOBILE IRON, INC.
发明人: Joshua Glenn Broch
CPC分类号: H04L9/3268 , H04L9/3263 , H04L43/10 , H04L63/0823 , H04L2209/64 , H04W4/50 , H04W12/06 , H04W12/08
摘要: One embodiment of the present disclosure provides a method that includes accessing, by a mobile device management system, a profile for a mobile device. The method also includes negotiating, by the mobile device management system, with a certificate authority to obtain a certificate for the mobile device. The negotiating with the certificate authority includes imitating the mobile device based on the profile. The negotiating with the certificate authority also includes, based at least on the imitation, transmitting one or more certificate enrollment messages to the certificate authority. The negotiating with the certificate authority further includes, based on the one or more messages, receiving, at the mobile device management system, the certificate for the mobile device. The method further includes transmitting the certificate to a control agent hosted on the mobile device for installation.
-
4.
公开(公告)号:US09871821B2
公开(公告)日:2018-01-16
申请号:US14538514
申请日:2014-11-11
发明人: Nicolas Ponsini , Eric Vetillard
CPC分类号: H04L63/20 , G06F8/61 , H04L9/3234 , H04L9/3247 , H04L63/08 , H04L63/102 , H04L2209/64
摘要: A method for enforcing secure processes between a user and a device involves determining that the user has initiated installation of a secure application, installing the RA part of the secure application, triggering a trusted UI session upon realization that the TA part of the secure application is not installed, receiving, via the trusted UI session, user credentials for authenticating the user and enforcing user-specific and device-specific security, cryptographically signing combined user credentials with a cryptographic signature to obtain an authentication object, passing the authentication object to a service provider associated with the secure application for extraction of the user credentials, and generating an authorization token permitting the installation of the TA part of the secure application upon verification of the cryptographically signed authentication object.
-
公开(公告)号:US09778939B2
公开(公告)日:2017-10-03
申请号:US15229043
申请日:2016-08-04
CPC分类号: G06F9/4416 , G06F9/4406 , G06F21/33 , H04L9/3268 , H04L29/06 , H04L63/062 , H04L63/0823 , H04L63/0876 , H04L63/10 , H04L2209/64
摘要: Automated provisioning of hosts on a network with reasonable levels of security is described in this application. A certificate management service (CMS) on a host, one or more trusted agents, and a public key infrastructure are utilized in a secure framework to establish host identity. Once host identity is established, signed encryption certificates may be exchanged and secure communication may take place.
-
公开(公告)号:US09755838B2
公开(公告)日:2017-09-05
申请号:US15194849
申请日:2016-06-28
发明人: Bret W. Dixon , Jonathan L. Rumsey
CPC分类号: H04L9/3247 , H04L9/006 , H04L9/14 , H04L9/30 , H04L9/3263 , H04L9/3265 , H04L63/06 , H04L63/0823 , H04L63/20 , H04L2209/64 , H04L2209/72
摘要: A message including a digital signature of a message originator is received at a processor. In response to determining that the message originator is authorized by a data protection policy to originate the message, a determination is made as to whether a specific authorized certificate issuer is configured for the message originator within a data protection policy. In response to determining that the specific authorized certificate issuer is configured for the message originator within the data protection policy, a determination is made as to whether a message originator certificate used to generate the digital signature of the message originator is issued by the specific authorized certificate issuer configured for the message originator within the data protection policy.
-
公开(公告)号:US20170208044A1
公开(公告)日:2017-07-20
申请号:US15354629
申请日:2016-11-17
申请人: Encryptics, LLC
发明人: Vlad Pigin
CPC分类号: H04L63/0428 , G06F21/6209 , G06F21/64 , H04L9/083 , H04L9/3247 , H04L9/3263 , H04L63/0823 , H04L2209/603 , H04L2209/64 , H04L2463/101
摘要: An improved method and system for digital rights management is described.
-
公开(公告)号:US20170141927A1
公开(公告)日:2017-05-18
申请号:US14942096
申请日:2015-11-16
发明人: Ajay A. Apte , John Yow-Chun Chang , Ching-Yun Chao , Patrick L. Davis , Rohan Gandhi , Hugh E. Hockett , Yuhsuke Kaneyasu , Lewis Lo , Matthew D. McClintock , Scott C. Moonen , Ki H. Park , Ankit Patel , Kin Ueng , Iqbal M. Umair , Leonardo A. Uzcategui , Barbara J. Vander Weele
CPC分类号: H04L9/3263 , H04L63/0823 , H04L67/1097 , H04L2209/24 , H04L2209/64
摘要: A first management node of a first rack can be registered to a shared file storage system by establishing a mutual trust relationship between the first management node and the shared file storage system. The first management node can access a plurality of respective public keys and a plurality of respective certificates of authority that are stored in the shared file storage system and associated with a plurality of respective registered management nodes. The first management node can store a public key and a certificate of authority in the shared file storage system. The first management node can form mutual trust relationships with other registered management nodes. The first management node can validate authenticity of messages received from registered management nodes of the plurality of registered management nodes using a respective public key and a respective certificate of authority associated with a respective registered management node sending a message.
-
公开(公告)号:US20170085535A1
公开(公告)日:2017-03-23
申请号:US15367588
申请日:2016-12-02
发明人: Brian David Gross
CPC分类号: H04L9/3263 , G06F19/00 , G06F21/6245 , G06F2221/2147 , G06Q50/22 , H04L9/083 , H04L9/14 , H04L9/321 , H04L63/0428 , H04L2209/24 , H04L2209/64 , H04L2209/88
摘要: A method for controlling access to data being processed by a remote computing resource includes issuing a public encryption key for a data creator from a public certificate authority, detecting an encounter with a data owner, creating private encryption keys for the data creator and the data owner in response to detecting the encounter, encrypting data being sent to the remote computing resource with the public encryption key, the data creator's private encryption key, and the data owner's private encryption key, decrypting the data based on public verification of the public encryption key and local verification of the data creator's private encryption key and the data owner's private encryption key at the remote computing resource, and controlling the data creator's access to the data by altering the permission of at least one of the public encryption key and data creator's private encryption key.
-
公开(公告)号:US20160373262A1
公开(公告)日:2016-12-22
申请号:US15184997
申请日:2016-06-16
申请人: VELLITAS LLC
CPC分类号: H04L9/3263 , G06F16/951 , G06F21/45 , G06F21/577 , G06F2221/2101 , H04L2209/64
摘要: Embodiments describe apparatuses, systems, and methods for analyzing digital certificates. A system may scan the internet to identify all publicly available digital certificates. The system may further determine external information for individual digital certificates that is not found within the digital certificate. The system may store the external information and internal information that is found within the digital certificates. The system may run one or more queries on the stored information to identify one or more vulnerable digital certificates among a set of digital certificates associated with a client. For example, the system may identify differences between the internal information and/or external information among the digital certificates of the set and/or may compare the internal information and/or external information for the digital certificates of the set to expected information. Other embodiments may be described and claimed.
摘要翻译: 实施例描述用于分析数字证书的装置,系统和方法。 系统可以扫描互联网以识别所有公开的数字证书。 该系统可以进一步确定在数字证书内未找到的个人数字证书的外部信息。 系统可以存储在数字证书中找到的外部信息和内部信息。 系统可以对存储的信息运行一个或多个查询,以识别与客户端相关联的一组数字证书中的一个或多个易受攻击的数字证书。 例如,系统可以识别集合的数字证书之间的内部信息和/或外部信息之间的差异和/或可以将集合的数字证书与期望信息的内部信息和/或外部信息进行比较。 可以描述和要求保护其他实施例。
-
-
-
-
-
-
-
-
-