-
Patent Agency Ranking1.发明申请
公开(公告)号:WO03065169A9
公开(公告)日:2004-03-18
申请号:PCT/US0302931
申请日:2003-01-30
Applicant: TECSEC INC , SCHEIDT EDWARD M , DOMANGUE ERSIN , BUTLER ROGER , TSANG WAI
Inventor: SCHEIDT EDWARD M , DOMANGUE ERSIN , BUTLER ROGER , TSANG WAI
CPC classification number: G06F21/31 , G06F21/6245 , G06F2221/2113 , H04L9/0841 , H04L9/085 , H04L9/0866 , H04L9/088
Abstract: A method of securing an object at an access level includes selecting a profile for a user, including a credential having an encrypted credential public key, an encrypted credential public key encryption key, and a multiple-level access identifier. A working key is generated by binding a domain value with a random value. The object is encrypted with the working key. A random value encryption key is generated based on the shared value by decrypting the credential public key encryption key with the profile key encryption key, decrypting the credential public key with the credential public key encryption key, generating an ephemeral key pair, and generating a shared value based on the ephemeral private key and the credential public key. The random value is encrypted with the random value encryption key, and the encrypted object, the ephemeral public key, and the encrypted random value are provided for an authorized recipient. Authenticating the identity of a user to determine authorization for access to the system includes providing a plurality of factor-based data instances corresponding to a user, evaluating the factor-based data instances to determine if the user's identity is authenticated, and granting or restricting the user's access to the system if the user's identity is authenticated.
Abstract translation: 一种在访问级别保护对象的方法包括选择用户的简档,包括具有加密凭证公开密钥,加密凭证公钥加密密钥和多级访问标识符的证书。 通过将域值与随机值绑定来生成工作密钥。 该对象使用工作密钥加密。 通过使用配置文件密钥加密密钥解密凭证公开密钥加密密钥,利用凭证公钥加密密钥解密凭证公开密钥,生成临时密钥对,生成共享密钥对,生成基于共享值的随机值加密密钥 基于临时私钥和凭证公钥的价值。 随机值用随机值加密密钥加密,并且为授权接收者提供加密对象,短暂公钥和加密随机值。 验证用户的身份以确定对系统的访问的授权包括提供与用户相对应的多个基于因素的数据实例,评估基于因子的数据实例以确定用户的身份是否被认证,以及授予或限制 如果用户的身份被认证,用户对系统的访问。
-
公开(公告)号:WO0002340A3
公开(公告)日:2002-09-12
申请号:PCT/US9813626
申请日:1998-07-02
Applicant: TECSEC INC
Inventor: SCHEIDT EDWARD M , WACK C JAY
CPC classification number: H04L9/0631 , H04L9/0637 , H04L9/08
Abstract: A communication system, which includes an origination space, a communications channel, and a destination space associated with the origination space via the communications channel. The origination space includes an encryption engine (12) for generating an output symbol Ot based on an input symbol It and means for receiving an encrypt key (10), an encrypt text/key (14) relation, and the input symbol. The destination space includes a decryption engine (18) for generating a decrypted symbol I't based on the output symbol received from the origination space via the communications channel and means for receiving a decrypt key (20) and a decrypt text/key (22) relation. The encrypt text/key (14) relation controls the encryption engine such that Ot= XN(t) + YN[XN-1(t) + YN-1[XN-2(t) + ...+ Y2[X1(t) + Y1[It + X0(t)]]...]], mod W, where XN, XN-1, ..., X1, X0 are N+1 additive transformations defined by the encrypt key (10), where YN, YN-1, ..., Y2, Y0 are N permutations defined by the encrypt key (10), and where W represents the number of possibilities for each permutation defined by the encrypt key (10).
Abstract translation: 通信系统,其包括始发空间,通信信道和经由通信信道与发起空间相关联的目的地空间。 起始空间包括用于基于输入符号It产生输出符号Ot的加密引擎(12)和用于接收加密密钥(10),加密文本/密钥(14)关系和输入符号的装置。 目的地空间包括:解密引擎(18),用于经由通信信道产生基于从始发空间接收的输出符号的解密符号,以及用于接收解密密钥(20)和解密文本/密钥(22)的装置 ) 关系。 加密文本/密钥(14)关系控制加密引擎,使得Ot = XN(t)+ YN [XN-1(t)+ YN-1 [XN-2(t)+ ... + Y2 [X1 t)+ Y1 [It + X0(t)]] ...]],mod W,其中XN,XN-1,...,X1,X0是由加密密钥(10)定义的N + 1个加法变换 ,其中YN,YN-1,...,Y2,Y0是由加密密钥(10)定义的N个排列,并且其中W表示由加密密钥(10)定义的每个置换的可能性的数量。
-
公开(公告)号:WO9822914A2
公开(公告)日:1998-05-28
申请号:PCT/US9721809
申请日:1997-11-20
Applicant: TECSEC INC
Inventor: WACK CARL J , SCHEIDT EDWARD M , HERSHLOW JOHN H
CPC classification number: G07F7/1008 , G06K19/086 , G06Q20/341 , G07F7/082
Abstract: A cryptographic medium including embedded metallic particles. The particles provide a unique signature when the card is exposed to a radio frequency signal. The medium includes programming and storage capability, so that protocols for different types of transactions may be stored on the medium, along with personal information associated with the user of the token. The token may take the form of a plastic card, which includes an electronic module fabricated using a multi-chip module design and including the programming and storage capability. The design allows greater computing and storage capacity on the card. At least the electronic module is encapsulated in a plascon material, giving the overall card a more physically secure construction.
Abstract translation: 包括嵌入金属颗粒的密码介质。 当卡暴露于射频信号时,颗粒提供唯一的签名。 该介质包括编程和存储能力,使得用于不同类型的事务的协议可以存储在介质上以及与令牌的用户相关联的个人信息。 令牌可以采用塑料卡的形式,其包括使用多芯片模块设计制造并包括编程和存储能力的电子模块。 该设计允许在卡上更大的计算和存储容量。 至少电子模块被封装在等离子体材料中,为整个卡片提供了更加物理上安全的结构。
-
公开(公告)号:WO2004095754A2
公开(公告)日:2004-11-04
申请号:PCT/US2004011756
申请日:2004-04-16
Applicant: TECSEC INC , SCHEIDT EDWARD M , WACK C JAY
Inventor: SCHEIDT EDWARD M , WACK C JAY
CPC classification number: G06F21/6209 , H04L9/083 , H04L9/0877
Abstract: A system for securing data includes a set of descriptors associated with data, a node, and a server. The set of descriptors include a first group of descriptors, and at least one additional descriptor. Each descriptor has a respective, associated value. The node provides a first component by binding together the respective values of each of the first group of descriptors. The server receives the first component from the node, provides a key by binding together the first component and the respective values of each of the additional descriptor, and encrypts the data with the key. The user (via a token) and/or the server can provide at least one of the descriptors. At least one server can establish a trusted cryptographic virtual domain that exhibits an established trust based on the descriptors that are policy enforced.
Abstract translation: 用于保护数据的系统包括与数据,节点和服务器相关联的一组描述符。 描述符集合包括第一组描述符和至少一个附加描述符。 每个描述符具有相应的关联值。 节点通过将第一组描述符中的每一个的相应值绑定在一起来提供第一分量。 服务器从节点接收第一个组件,通过将第一个组件和每个附加描述符的相应值绑定在一起来提供一个密钥,并用该密钥加密数据。 用户(通过令牌)和/或服务器可以提供至少一个描述符。 至少一个服务器可以建立一个基于执行策略的描述符来呈现建立的信任的受信任的加密虚拟域。
-
5.发明申请
公开(公告)号:WO03065169A2
公开(公告)日:2003-08-07
申请号:PCT/US0302931
申请日:2003-01-30
Applicant: TECSEC INC , SCHEIDT EDWARD M , DOMANGUE ERSIN , BUTLER ROGER , TSANG WAI
Inventor: SCHEIDT EDWARD M , DOMANGUE ERSIN , BUTLER ROGER , TSANG WAI
CPC classification number: G06F21/31 , G06F21/6245 , G06F2221/2113 , H04L9/0841 , H04L9/085 , H04L9/0866 , H04L9/088
Abstract: A method of securing an object at an access level includes selecting a profile for a user, including a credential having an encrypted credential public key, an encrypted credential public key encryption key, and a multiple-level access identifier. A working key is generated by binding a domain value with a random value. The object is encrypted with the working key. A random value encryption key is generated based on the shared value by decrypting the credential public key encryption key with the profile key encryption key, decrypting the credential public key with the credential public key encryption key, generating an ephemeral key pair, and generating a shared value based on the ephemeral private key and the credential public key. The random value is encrypted with the random value encryption key, and the encrypted object, the ephemeral public key, and the encrypted random value are provided for an authorized recipient. Authenticating the identity of a user to determine authorization for access to the system includes providing a plurality of factor-based data instances corresponding to a user, evaluating the factor-based data instances to determine if the user's identity is authenticated, and granting or restricting the user's access to the system if the user's identity is authenticated.
Abstract translation: 一种以访问级别保护对象的方法包括为用户选择简档,包括具有加密的证书公钥,加密的证书公钥加密密钥和多级访问标识符的证书。 通过将域值与随机值进行绑定来生成工作密钥。 该对象使用工作密钥进行加密。 通过使用简档密钥加密密钥对证书公钥加密密钥进行解密,使用证书公钥加密密钥对证书公钥进行解密,生成短暂密钥对并生成共享密钥,来基于共享值生成随机值加密密钥 基于短暂私钥和凭证公钥的值。 随机值用随机值加密密钥加密,并且为授权接收者提供加密对象,短暂公开密钥和加密随机值。 认证用户的身份以确定访问系统的授权包括提供对应于用户的多个基于因子的数据实例,评估基于因子的数据实例以确定用户的身份是否被认证,以及授权或限制 用户的身份通过身份验证时用户对系统的访问。
-
-
-
-
Search Results
5
records
(took 0.014 seconds)
