-
公开(公告)号:WO2018199953A1
公开(公告)日:2018-11-01
申请号:PCT/US2017/029837
申请日:2017-04-27
Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.
Inventor: BEITER, Michael , SIMSKE, Steven J.
IPC: G06K19/06
CPC classification number: G09C5/00 , H04L9/0822 , H04L9/0825 , H04L9/085 , H04L9/3242
Abstract: A printer includes a memory to store a one-time pad, and a request module to send a request to a remote server for one-time pad key material. The printer further includes a refresh module to decode encoded one-time pad key material contained in a physical document generated by the remote server in response to the request, and update the one-time pad with the decoded one-time pad key material.
-
2.发明申请
公开(公告)号:WO2018060754A1
公开(公告)日:2018-04-05
申请号:PCT/IB2016/001520
申请日:2016-09-30
Applicant: INTEL CORPORATION
Inventor: AFANASYEVA, Alexandra , BEZZATEEV, Sergey , PETROV, Vitaly , ZHIDANOV, Konstantin , VOLOSHINA, Natalia , ZYBIN, Vladimir , BAKUNOVA, Anna
IPC: H04L9/08
CPC classification number: H04L9/085 , H04L9/0897 , H04L9/3247
Abstract: Technologies for providing multiple device authentication in a heterogeneous network include a gateway node. The gateway node includes a network communicator to receive a request from a terminal node to authenticate a user of a set of heterogeneous nodes connected to the gateway node and broadcast a credential request to the nodes. Additionally, the gateway node includes a response combiner to combine responses from the set of nodes to generate a combined authentication message. The network communicator is further to send the combined authentication message to the terminal node for authentication. Other embodiments are described and claimed.
Abstract translation: 用于在异构网络中提供多设备认证的技术包括网关节点。 网关节点包括网络通信器,以从终端节点接收对连接到网关节点的一组异构节点的用户进行认证并向节点广播凭证请求的请求。 另外,网关节点包括响应组合器以组合来自该组节点的响应以生成组合认证消息。 网络通信器还将组合认证消息发送到终端节点进行认证。 描述并要求保护其他实施例。
-
3.发明申请SYSTEM AND METHOD FOR ASSOCIATING ENCRYPTION KEY MANAGEMENT POLICY WITH DEVICE ACTIVITY 审中-公开用于将加密密钥管理策略与设备活动相关联的系统和方法
公开(公告)号:WO2017147341A1
公开(公告)日:2017-08-31
申请号:PCT/US2017/019207
申请日:2017-02-23
Applicant: FORNETIX LLC
Inventor: EDWARDS, Stephen , STUEVE, Gerald J. , GARDNER, Gary C. , WHITE, Charles
CPC classification number: H04L63/20 , G06F21/604 , G06F21/6209 , H04L9/085 , H04L63/061 , H04L63/062 , H04L63/0853 , H04L63/104
Abstract: Examples described herein relate to systems and methods for integrating and implementing ad hoc groups within a policy hierarchy environment. The ad hoc groups may implement particular guidelines for group membership, policy evaluations, and group actions. Systems and methods provide a framework for creating groups, removing groups, and associating groups, nodes, clients, and users with groups and policy. In some examples, there is provided a method for implementing ad hoc groups in a policy hierarchy environment, the method including: receiving a key orchestration operation request at a client associated with a node, a group, and a user; applying a sum of policies associated with the node to the request; applying a sum of policies associated with the group to the request; applying a sum of policies associated with the client to the request; applying a sum of policies associated with the user to the request; and evaluating the key orchestration operation request based on each of the sum of policies of the node, the group, the client, and the user.
Abstract translation: 这里描述的示例涉及用于在策略分层结构环境内集成和实现特设组的系统和方法。 特设小组可能会为小组成员,政策评估和小组行动实施特定指南。 系统和方法为创建组,删除组以及将组,节点,客户端和用户与组和策略关联提供了一个框架。 在一些示例中,提供了一种用于在策略层次结构环境中实现特设组的方法,所述方法包括:在与节点,组和用户相关联的客户端处接收密钥协调操作请求; 将与所述节点相关联的策略的总和应用于所述请求; 将与该组相关的一组策略应用于该请求; 将与客户相关的一系列策略应用于请求; 将与所述用户相关联的策略的总和应用于所述请求; 以及基于节点,组,客户和用户的策略总和中的每一个评估关键业务流程操作请求。
-
公开(公告)号:WO2017119916A1
公开(公告)日:2017-07-13
申请号:PCT/US2016/015003
申请日:2016-01-27
Applicant: SPYRUS, INC.
Inventor: PERRETTA, Michael , TREGUB, Burton
CPC classification number: H04L9/085 , G06F21/44 , G06F21/575 , G06F21/606 , H04L9/0643 , H04L9/14 , H04L9/30 , H04L9/32 , H04L9/3231 , H04L63/083 , H04L63/0861 , H04L63/0876 , H04L2209/601
Abstract: A method for secure remote authentication of a computing device over a network that uses a communications protocol which does not require use of an address, and on which one or more authentication servers are listening, comprising the steps of broadcasting a unique identifier over the network; accepting a request over the network from one of the one or more authorization servers to initiate an authentication protocol; responding to the request; receiving data necessary to complete a boot process; and completing a boot process using the received data.
Abstract translation: 一种用于通过网络对计算设备进行安全远程认证的方法,该网络使用不需要使用地址的通信协议,并且一个或多个认证服务器正在其上监听,该方法包括以下步骤: 通过网络广播唯一的标识符; 通过网络从一个或多个授权服务器中的一个接受请求以发起认证协议; 回应请求; 接收完成引导过程所需的数据; 并使用收到的数据完成启动过程。
-
公开(公告)号:WO2017109052A1
公开(公告)日:2017-06-29
申请号:PCT/EP2016/082344
申请日:2016-12-22
Applicant: OSMERUS INVESTMENTS LTD
Inventor: SIGNÄS, Alexander
CPC classification number: H04L9/14 , G06F21/6209 , H04L9/085 , H04L9/088
Abstract: The invention concerns a method for decrypting data sent by a first user having at least a first role in a first entity, the first entity comprising at least the first user and a first instance, to a second user having at least a second role in a second entity, the second entity comprising at least the second user and a second instance, the data being encrypted using a symmetric encryption key, the symmetric encryption key being encrypted using a public key of an asymmetric key pair comprising a private key and a public key, wherein the asymmetric key pair is associated with the second role of the second user, and the encrypted data is associated with a transmission ID, the method furthermore involving the use of an element for electronic or digital identification and authentification identifying the second user in his second role and being unique to the second role. The invention also concerns a corresponding method for encrypting data.
Abstract translation: 本发明涉及一种用于解密由在第一实体中具有至少第一角色的第一用户发送的数据的方法,第一实体至少包括第一用户和第一实例,第二用户 在第二实体中具有至少第二角色,所述第二实体至少包括所述第二用户和第二实例,所述数据使用对称加密密钥来加密,所述对称加密密钥使用非对称密钥对的公钥来加密 包括私钥和公钥,其中非对称密钥对与第二用户的第二角色相关联,并且加密数据与传输ID相关联,该方法还涉及使用用于电子或数字识别的元素 并在第二个角色中鉴别第二个用户并对第二个角色唯一。 本发明还涉及用于加密数据的对应方法。
-
Patent Agency Ranking
公开(公告)号:WO2017017501A1
公开(公告)日:2017-02-02
申请号:PCT/IB2015/055776
申请日:2015-07-30
Applicant: CEREZO SANCHEZ, David
Inventor: CEREZO SANCHEZ, David
CPC classification number: G06Q40/06 , H04L9/008 , H04L9/085 , H04L9/3247 , H04L2209/46 , H04L2209/50 , H04L2209/56
Abstract: Systems, methods and financial instruments enhanced with secure computation. A financial instrument management system is implemented with secure computation capabilities, respecting the privacy and secrecy rights during computation of the information contained within financial instruments, external datasets and/or secure computation programs. Automatic conversion and aggregation of conventional financial instruments is also disclosed. Furthermore, secure computation programs can be certified with mathematical proofs about very advantageous and valuable properties such as their correct termination, conformance to a specification, or any other pre-conditions, post-conditions and invariants on their inputs and outputs, encrypted or in plaintext form.
Abstract translation: 通过安全计算增强了系统,方法和金融工具。 实施金融工具管理系统,具有安全的计算能力,在计算金融工具,外部数据集和/或安全计算程序中的信息的计算过程中尊重隐私和保密权。 还公开了常规金融工具的自动转换和汇总。 此外,安全计算程序可以通过关于非常有利和有价值的属性的数学证明来证明,例如其正确的终止,符合规范,或其输入和输出上的加密或明文中的任何其他前提条件,后置条件和不变量 形成。
-
公开(公告)号:WO2017015108A1
公开(公告)日:2017-01-26
申请号:PCT/US2016/042494
申请日:2016-07-15
Applicant: SONY CORPORATION , SONY MEDIA CLOUD SERVICES LLC
Inventor: MASEK, Ben , KANE, Paul , LASKE, Brian , PARKER, Jeff
IPC: G06F15/173
CPC classification number: H04L9/0816 , G06F17/30082 , G06F17/30321 , G06F17/30486 , G06F17/30516 , H04L9/085 , H04L9/0894 , H04L45/44 , H04L45/566 , H04L63/0428 , H04L63/06
Abstract: Storing a file to prevent unauthorized reconstruction of the file, including: generating an index of the file; partitioning the file into a plurality of chunks, wherein the index of the file includes an assigned routing path for each of the plurality of chunks; and routing each chunk into an assigned storage provider through the assigned routing path. Key words include partitioning and index.
Abstract translation: 存储文件以防止文件的未经授权的重建,包括:生成文件的索引; 将文件分割成多个块,其中文件的索引包括用于多个块中的每一个的分配的路由路径; 并通过分配的路由路由将每个块路由到分配的存储提供者。 关键词包括分区和索引。
-
公开(公告)号:WO2016181980A1
公开(公告)日:2016-11-17
申请号:PCT/JP2016/063958
申请日:2016-05-11
Applicant: 日本電信電話株式会社
Inventor: 五十嵐 大
IPC: G09C1/00
CPC classification number: H04L9/085 , G09C1/00 , H04L9/0869
Abstract: 任意のk, nに対応し、計算量を低減する。乱数生成部12が、乱数r 0 , …, r k-2 ∈GF(x q )を生成する。シェア生成部14が、乱数r 0 , …, r k-2 と平文s∈GF(x q )を要素とするベクトルa=(r 0 , …, r k-2 , s)と行列Aとの乗算を計算することでシェアb 0 , …, b n-1 を生成する。シェア選択部15が、シェアb 0 , …, b n-1 から選択したk個のシェアb p0 , …, b pk-1 を要素とするベクトルb'=(b p0 , …, b pk-1 )を生成する。逆行列生成部16が、行列Aのp 0 , …, p k-1 行目からなるk次正方行列の逆行列A' -1 を生成する。平文計算部17が、逆行列A' -1 のk行目とベクトルb'を乗算して平文sを復元する。
Abstract translation: 本发明容纳任意的k和n,并且降低计算成本。 随机数生成单元12生成随机数r0,...,rk-2∈GF(xq)。 共享生成单元14通过将矩阵A和具有随机数r0,...的向量a =(r0,...,rk-2,s)相乘来生成共享b0,...,bn-1, rk-2和明文s∈GF(xq)作为元素。 股份选择单元15生成从股份b0,...,bn-1中选择的k个股份数bp0,...,bpk-1的向量b'=(bp0,...,bpk-1)为 元素。 逆矩阵生成单元16生成包括矩阵A的p0,...,pk-1行的k次方阵的逆矩阵A'-1。明文计算单元17通过将明文s乘以 向量b'和逆矩阵A'-1的k行。
-
公开(公告)号:WO2016164210A1
公开(公告)日:2016-10-13
申请号:PCT/US2016/024766
申请日:2016-03-29
Applicant: WOOLDRIDGE, Joseph Bryan
Inventor: WOOLDRIDGE, Joseph Bryan
CPC classification number: G06F21/6272 , G06F21/31 , G06Q20/02 , G06Q20/389 , G06Q20/40 , G06Q30/0609 , H04L9/085 , H04L9/0894 , H04L63/08 , H04L63/102
Abstract: The system and method described herein provide mechanisms by which connected devices and/or internal subsets of devices can be used to implement an electronic preemptive evidentiary escrow platform. Such a platform can be used, for example, as a preemptive defensive mechanism to prevent unauthorized access to information, while permitting authorized access with a minimum of additional burden. A compound message is partitioned into public summary data and private detail media/metadata. The public summary data is made readily available, while the private data is only made available to authorized entities upon occurrence of predefined condition(s). In at least one embodiment, one or more hardware devices can be automatically reconfigured upon occurrence of predefined condition(s) to allow authorized access to private data.
Abstract translation: 本文描述的系统和方法提供了可以使用连接的设备和/或内部子集来实现电子抢先证据托管平台的机制。 例如,这样的平台可以用作预防性防御机制,以防止未经授权的信息访问,同时允许以最小额外负担的授权访问。 复合消息被划分为公共摘要数据和私有细节媒体/元数据。 公开摘要数据随时可用,而私人数据只有在发生预定条件时才能授权给实体。 在至少一个实施例中,一个或多个硬件设备可以在出现预定义条件时自动重新配置,以允许对专用数据的授权访问。
-
公开(公告)号:WO2016160256A1
公开(公告)日:2016-10-06
申请号:PCT/US2016/020545
申请日:2016-03-03
Applicant: QUALCOMM INCORPORATED
Inventor: PALANIGOUNDER, Anand
CPC classification number: H04W12/04 , H04L9/0841 , H04L9/085 , H04L9/0891 , H04L9/3066 , H04L9/3242 , H04L63/0428 , H04L63/067 , H04L63/0869 , H04W12/06
Abstract: Systems and methods for providing authentication key agreement (AKA) with perfect forward secrecy (PFS) are disclosed. In one embodiment, a network according to the disclosure may receive an attach request from a UE, provide an authentication request including a network support indicator to a network resource, receive an authentication token from the network resource, such that the authentication token includes an indication that a network supports PFS, provide the authentication token to the UE, receive an authentication response including a UE public key value, obtain a network public key value and a network private key value, determine a shared key value based on the network private key value and the UE public key value, bind the shared key value with a session key value to create a bound shared key value, and use the bound shared key value to protect subsequent network traffic.
Abstract translation: 公开了提供具有完美前向保密(PFS)的认证密钥协商(AKA)的系统和方法。 在一个实施例中,根据本公开的网络可以从UE接收附加请求,向网络资源提供包括网络支持指示符的认证请求,从网络资源接收认证令牌,使得认证令牌包括指示 网络支持PFS,向UE提供认证令牌,接收包括UE公钥值的认证响应,获取网络公钥值和网络私钥值,基于网络私钥值确定共享密钥值 和UE公钥值,将共享密钥值与会话密钥值绑定以创建绑定的共享密钥值,并使用绑定的共享密钥值来保护后续网络流量。
-
-
-
-
-
-
-
-
-
Search Results
417
records
(took 0.038 seconds)
