公开(公告)号：WO2013102001A3

公开(公告)日：2013-09-26

申请号：PCT/US2012071939

申请日：2012-12-28

Applicant: VASCO DATA SECURITY INC ,  VASCO DATA SECURITY INT GMBH

Inventor： AGREDA DE RO MAYA ,  WALTNIEL RUDY

IPC: H05K5/02 ,  G06K19/077 ,  H01R13/44 ,  H01R13/453

CPC classification number: H01R13/44 ,  G06K19/07732 ,  H01R13/447 ,  H05K5/0278

Abstract: An electronic device, which may be a USB device, includes a body part that is removably connected to a cap. The body part includes a connector for plugging the device into a host computing device. The cap includes a lever part and a main part. The lever part of the cap is attached to the main part and pivots at least partially around a pivot axis. The lever part includes an anchor part on one side of the pivot axis and an unlock part on the other side of the pivot axis. The anchor part includes a hook that engages a cavity in the body part when the cap is connected to the body part. Depressing the unlock part of the cap causes the lever to pivot around the pivot axis thereby disengaging the hook from the first cavity, and thereby releasing the cap from the body part.

Abstract translation: 电子设备，其可以是USB设备，包括可拆卸地连接到帽的主体部分。 身体部分包括用于将设备插入主计算设备的连接器。 帽包括杠杆部分和主要部分。 帽的杠杆部分附接到主要部分并且至少部分地围绕枢转轴线枢转。 杠杆部分包括在枢转轴线的一侧上的锚定部分和在枢转轴线的另一侧上的解锁部分。 锚部分包括钩，当帽连接到身体部分时，该钩与身体部分中的空腔接合。 按压帽的解锁部分使得杆围绕枢转轴线枢转，从而使钩从第一腔脱离，并且由此从帽体部分释放帽。

公开(公告)号：WO2013074631A3

公开(公告)日：2013-07-25

申请号：PCT/US2012065017

申请日：2012-11-14

Applicant: VASCO DATA SECURITY INC ,  VASCO DATA SECURITY INT GMBH

Inventor： BRAAMS HARM

IPC: G06F21/55 ,  G06F21/64 ,  G06F21/77 ,  G07F7/08

CPC classification number: G06K7/042 ,  G06F1/00 ,  G06F21/552 ,  G06F21/64 ,  G06F21/77 ,  G06F2221/2105 ,  G06Q20/38215 ,  G06Q20/3825 ,  G06Q20/385 ,  G06Q20/4012 ,  G07F7/0873 ,  G07F7/1025

Abstract: The present invention provides a secure smart card reader enabled to make reader signatures on data representative of events and actions which may be security related and which may comprise data representative of reader commands the reader receives from a host or remote application, smart card commands the reader exchanges with an inserted smart card, data the reader presents to the user for approval, and/or configuration parameters the reader applies when dealing with any of the foregoing. The smart card reader may furthermore be adapted to maintain logs of certain events and actions which may comprise exchanging reader commands with a host or remote application, exchanging smart card commands with an inserted smart card, and/or interactions with a user. The logs may comprise data representative of reader commands the reader receives from a host or remote application, smart card commands the reader exchanges with an inserted smart card, data the reader presents to the user for approval, and/or configuration parameters the reader applies when dealing with any of the foregoing. The secure smart card reader may be adapted to generate a reader signature over one or more of these logs.

Abstract translation: 本发明提供了一种安全的智能卡阅读器，其能够使代表可能与安全相关的事件和动作的数据的读取器签名，并且可以包括代表读取器从主机或远程应用接收的读取器命令的数据，智能卡命令读取器 与插入的智能卡交换，读者提供给用户批准的数据和/或读者在处理前述任何一个时应用的配置参数。 智能卡读卡器还可以适于维护某些事件和动作的日志，这些事件和动作可以包括与主机或远程应用交换读取器命令，与插入的智能卡交换智能卡命令和/或与用户的交互。 日志可以包括表示读取器从主机或远程应用程序接收的读取器命令的数据，智能卡命令读取器与插入的智能卡交换，读取器向用户呈现的数据以及/或读取器应用的配置参数 处理上述任何一项。 安全智能卡读取器可以适于在这些日志中的一个或多个上生成读取器签名。

公开(公告)号：WO2011159918A3

公开(公告)日：2012-05-03

申请号：PCT/US2011040729

申请日：2011-06-16

Applicant: VASCO DATA SECURITY INC ,  VASCO DATA SECURITY INT GMBH ,  BRAAMS HARM

Inventor： BRAAMS HARM

IPC: G06F21/02

CPC classification number: G06F21/62 ,  G06F21/79

Abstract: Mass storage devices and methods for securely storing data are disclosed. The mass storage device includes a communication interface for communicating with a connected host computer, a mass-memory storage component for storing data, a secure key storage component adapted to securely store at least one master secret, and an encryption-decryption component different from the secure key storage component and connected to the secure key storage component and the mass-memory storage component. The encryption-decryption component may be adapted to encrypt data received from the host computer using an encryption algorithm and at least one encryption key and to write the encrypted data into the mass-memory storage component. The encryption-decryption component may also be adapted to decrypt encrypted data stored in the mass-memory storage component for returning the data to the host computer in response to a read data command from the host computer using a decryption algorithm and at least one decryption key the security of which is protected using a master secret securely stored in the secure key storage component.

Abstract translation: 公开了用于安全地存储数据的大容量存储设备和方法。 大容量存储设备包括用于与连接的主计算机通信的通信接口，用于存储数据的大容量存储器存储组件，适于安全地存储至少一个主密钥的安全密钥存储组件，以及不同于 安全密钥存储组件并连接到安全密钥存储组件和大容量存储器存储组件。 加密 - 解密组件可以适于使用加密算法和至少一个加密密钥加密从主计算机接收的数据，并将加密的数据写入大容量存储器存储组件。 加密解密组件还可以适于解密存储在大容量存储器存储组件中的加密数据，以便使用解密算法和至少一个解密密钥响应于来自主计算机的读取数据命令将数据返回到主计算机 使用安全地存储在安全密钥存储组件中的主密钥来保护其安全性。

公开(公告)号：WO2009114608A3

公开(公告)日：2016-03-31

申请号：PCT/US2009036796

申请日：2009-03-11

Applicant: VASCO DATA SECURITY INC ,  VASCO DATA SECURITY INT GMBH ,  MARIEN DIRK

Inventor： MARIEN DIRK

IPC: H03M5/16

CPC classification number: G06F21/606

Abstract: The invention relates to a method to efficiently transmit a digital message over a unidirectional optical link, such as the link between a computer screen and a security token equipped with photosensitive elements. It is an object of this invention to provide a source coding scheme that is optimized for transmissions of alphanumerical data containing frequent occurrences of numerals and less frequent occurrences of non-numerical data. This is achieved by using a modified Huffman code for source coding, consisting of a nibble-based prefix-free binary code. The output of the coder is efficiently mapped onto a 6B4T channel code, wherein unused ternary codewords can be used to signal data-link layer events. This efficient signalling of data-link layer events, in turn, allows for a synchronization scheme based on repeated transmissions of a finite-length message, combined with an out-of-band clock signal.

Abstract translation: 本发明涉及一种通过诸如计算机屏幕和安装有光敏元件的安全令牌之间的链接的单向光学链路来有效地发送数字消息的方法。 本发明的一个目的是提供一种针对包含频繁出现的数字的字母数字数据的传输进行优化的源编码方案，并且不频繁出现非数字数据。 这是通过使用用于源编码的修改的霍夫曼码来实现的，其由基于半字节的前缀无二进制码组成。 编码器的输出被有效地映射到6B4T信道码，其中未使用的三进制码字可以用于信号数据链路层事件。 数据链路层事件的这种有效的信令反过来又允许基于与带外时钟信号组合的有限长度消息的重复传输的同步方案。

公开(公告)号：WO2011050321A8

公开(公告)日：2012-05-18

申请号：PCT/US2010053846

申请日：2010-10-22

Applicant: VASCO DATA SECURITY INC ,  VASCO DATA SECURITY INT GMBH ,  HOORNAERT FRANK ,  MARIEN DIRK

Inventor： HOORNAERT FRANK ,  MARIEN DIRK

IPC: H04L29/06

CPC classification number: H04L9/32 ,  G06F21/34 ,  G06F2221/2151 ,  G06Q20/4016 ,  H04L9/3234 ,  H04L63/08 ,  H04L2209/56

Abstract: Transactions are classified into a limited number of categories. A user submitting a transaction to a server is requested to also generate and submit a dynamic transaction category approval code for the submitted transaction. On the server side a corresponding verification value is generated for the received transaction. Transactions are assigned one of a limited number of risk levels. A user submitting a transaction to a server is requested to also generate and submit a dynamic risk level approval code for the submitted transaction. On the server side a corresponding verification value is generated for the received transaction. The received dynamic risk level approval code is verified on the server side by comparing it with the generated verification value.

Abstract translation: 交易分为有限数量的类别。 要求向服务器提交交易的用户还要生成并提交用于提交的交易的动态交易类别批准代码。 在服务器端，为接收到的事务生成相应的验证值。 交易被分配为有限数量的风险级别之一。 要求向服务器提交交易的用户还要为提交的交易生成并提交动态风险级别审批代码。 在服务器端，为接收到的事务生成相应的验证值。 通过将其与生成的验证值进行比较，在服务器端验证接收到的动态风险级别批准代码。

公开(公告)号：WO2016190903A3

公开(公告)日：2017-01-19

申请号：PCT/US2015067784

申请日：2015-12-29

Applicant: VASCO DATA SECURITY INC ,  VASCO DATA SECURITY INT GMBH

Inventor： CLAES MATHIAS ,  COULIER FRANK

IPC: H04L29/06

CPC classification number: H04L9/3213 ,  G06F21/31 ,  G06F21/45 ,  H04L9/3228 ,  H04L9/3234 ,  H04L9/3247 ,  H04L63/0435 ,  H04L63/0838 ,  H04L63/0853 ,  H04L63/0861 ,  H04L63/123

Abstract: Methods, apparatus, and systems for personalizing a software token using a dynamic credential (such as a one-time password or electronic signature) generated by a hardware token are disclosed.

Abstract translation: 公开了使用由硬件令牌生成的动态凭证（例如一次性密码或电子签名）来个性化软件令牌的方法，装置和系统。

公开(公告)号：WO2014106181A2

公开(公告)日：2014-07-03

申请号：PCT/US2013078314

申请日：2013-12-30

Applicant: VASCO DATA SECURITY INC ,  VASCO DATA SECURITY INT GMBH

Inventor： BRAAMS HARM

IPC: H04L9/32

CPC classification number: H04L9/3247 ,  G06F21/34 ,  G06F21/64 ,  G06F2221/2153

Abstract: The invention provides a method and apparatus for the secure electronic signing of electronic documents and data. In a preferred embodiment, a method for generating a first digital signature associated with a set of application data is disclosed. The method comprises the steps of: obtaining a first digital representation in a high level first data format of the set of application data; generating a second digital representation in a low level second data format of the application data whereby said low level second data format is different from said high level first data format; presenting an analog representation of the set of application data to a user, whereby said second digital representation is a precise and accurate representation of said analog representation; obtaining an indication whether said user approves said analog representation for signing; if said indication indicates that the user approves said analog representation for signing, generating said first digital signature over said second digital representation using a first signature key associated with the user.

Abstract translation: 本发明提供了一种用于电子文档和数据的安全电子签名的方法和装置。 在优选实施例中，公开了一种用于生成与一组应用数据相关联的第一数字签名的方法。 该方法包括以下步骤：获得一组应用数据的高级第一数据格式的第一数字表示; 生成应用数据的低级第二数据格式的第二数字表示，由此所述低级第二数据格式不同于所述高级第一数据格式; 向用户呈现该组应用数据的模拟表示，由此所述第二数字表示是所述模拟表示的精确和准确的表示; 获得所述用户是否批准所述模拟表示以进行签名的指示; 如果所述指示指示用户批准所述模拟表示进行签名，则使用与用户相关联的第一签名密钥，通过所述第二数字表示生成所述第一数字签名。