专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07191344B2 Method and system for controlling access to data stored on a data storage device 有权
标题翻译：用于控制对存储在数据存储设备上的数据的访问的方法和系统
公开(公告)号：US07191344B2
公开(公告)日：2007-03-13
申请号：US10215981
申请日：2002-08-08
申请人： Paul Lin , Henry Hon
发明人： Paul Lin , Henry Hon
IPC分类号： G06F11/30 , H04L9/32
CPC分类号： G06F21/78 , G06F21/6218 , G06F2221/2103 , G06F2221/2153
摘要： A system and method of data encryption and decryption for controlling access to a data storage device such as a hard disk drive or optical drive is provided. The invented method utilizes data encryption and decryption techniques, combined with a token device, to control access to data stored on the data storage device.
摘要翻译：提供了用于控制对诸如硬盘驱动器或光驱的数据存储设备的访问的数据加密和解密的系统和方法。本发明的方法利用与令牌装置组合的数据加密和解密技术来控制对存储在数据存储装置上的数据的访问。

2. 发明授权

US08037295B2 Hardware-bonded credential manager method and system 有权
标题翻译：硬件凭证管理方法和系统
公开(公告)号：US08037295B2
公开(公告)日：2011-10-11
申请号：US12103654
申请日：2008-04-15
申请人： Paul Lin
发明人： Paul Lin
IPC分类号： H04L29/06
CPC分类号： H04L9/3271 , H04L9/3215 , H04L9/3226 , H04L63/08
摘要： An internet data exchange authentication method that can provide much of the user authentication assurance and capability of dedicated computer security cryptographic hardware, without requiring that the user actually have such hardware. This method allows users with computerized devices to communicate securely with secure servers by creating customized challenge-response authentication objects (pockets) where both the challenge and the response is based partially on the hardware identity of the user's computerized device, and partially on a secret (such as a random number) known only by the secure server. The secure server receives the device's hardware identity, generates the secret, creates the pocket, encrypts the pocket, and sends the encrypted pocket back to the user's device. The secure server, or a third trusted credential server, then sends the decryption key for the encrypted pocket back to the user using a different, “out of band” communications modality, thus reducing the chances of interception.
摘要翻译：一种互联网数据交换认证方法，其可以提供专用计算机安全密码硬件的大量用户认证保证和能力，而不需要用户实际上具有这样的硬件。该方法允许具有计算机化设备的用户通过创建定制的质询 - 响应认证对象（口袋）来安全地与安全服务器通信，其中质询和响应部分地基于用户的计算机化设备的硬件身份，部分地基于秘密（例如随机数）仅由安全服务器知道。安全服务器接收设备的硬件身份，生成秘密，创建口袋，加密口袋，并将加密的口袋发送回用户的设备。然后，安全服务器或第三可信凭证服务器使用不同的“带外”通信模式将用于加密袋的解密密钥发送回用户，从而减少拦截的机会。

3. 发明授权

US07865936B2 System and method for controlling access to multiple public networks and for controlling access to multiple private networks 有权
标题翻译：用于控制对多个公共网络的访问和用于控制对多个专用网络的访问的系统和方法
公开(公告)号：US07865936B2
公开(公告)日：2011-01-04
申请号：US12021071
申请日：2008-01-28
申请人： Paul Lin , Henry Hon , Fred Cheng
发明人： Paul Lin , Henry Hon , Fred Cheng
IPC分类号： H04L29/00
CPC分类号： H04L63/0838 , H04L63/0428 , H04L63/0853
摘要： A system and method for controlling access to multiple public networks and for controlling access to multiple private networks is provided. Authentication is used with unique public shared secrets and unique private shared secrets to control access to the networks. The invention includes a user device for communicating with at least a public network and/or a private network. The device may be capable of accessing multiple networks through one or more private networks with multiple access control servers. The user device must provide a correct response to each access control server, before access to the network may be granted. The device generates a one-time password, or response, to gain access to a controlled network server. The response generated by the device is matched to a response generated by an access control server that may have generated a challenge that prompted the response. If the two responses match, the device is authenticated and a user of the device is granted access to the network server.
摘要翻译：提供了用于控制对多个公共网络的访问和用于控制对多个专用网络的访问的系统和方法。身份验证使用独特的公共共享密钥和独特的私有共享密钥来控制对网络的访问。本发明包括用于与至少公共网络和/或专用网络通信的用户设备。该设备可能能够通过具有多个访问控制服务器的一个或多个专用网络来访问多个网络。在访问网络之前，用户设备必须向每个访问控制服务器提供正确的响应。设备生成一次性密码或响应，以访问受控网络服务器。由设备生成的响应与访问控制服务器生成的响应相匹配，访问控制服务器可能会产生提示响应的挑战。如果两个响应匹配，则设备被认证，设备的用户被授权访问网络服务器。

4. 发明授权

US07921455B2 Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions 有权
标题翻译：生成并显示一次性密码并耦合到计算机以输入或接收数据以生成和输出一次性密码和其他功能的令牌设备
公开(公告)号：US07921455B2
公开(公告)日：2011-04-05
申请号：US12398887
申请日：2009-03-05
申请人： Paul Lin , Henry Hon
发明人： Paul Lin , Henry Hon
IPC分类号： G06F7/04 , G06F21/00 , G06F11/30 , H04L9/32 , H04B7/24 , H04N17/00 , G06F1/00 , G06F21/20 , H04L9/00 , G06K19/00
CPC分类号： G07F7/1008 , G06F21/34 , G06Q20/341 , G06Q20/3415 , G06Q20/347 , G06Q20/385 , G06Q20/40975 , G07F7/10 , G07F7/1075
摘要： A token device that generates and displays one-time passwords and couples to a computer for inputting or receiving data for generating and outputting one-time passwords and performing other functions is provided. The token includes an interface for coupling to a computer. The token may also be coupled to any network that the computer may be connected to, when coupled to the computer. Data and information may be transmitted between the computer and token, and between the network and token, via the computer and interface. The data and information may include one-time password seeding, file transfer, authentication, configuration and programming of the token. The token must be seeded to generate and display one-time passwords. An original, or seed, value is loaded into the token. One-time passwords are subsequently generated or calculated, or both, from the seed value. Seeding of the token involving a counter, time, or time-related functions, may allow synchronization of the token with such functions. The token may support different authentication methods.
摘要翻译：提供了生成并显示一次性密码并耦合到计算机以输入或接收用于生成和输出一次性密码并执行其他功能的数据的令牌设备。令牌包括用于耦合到计算机的接口。当耦合到计算机时，令牌还可以耦合到计算机可以连接到的任何网络。数据和信息可以在计算机和令牌之间以及网络和令牌之间通过计算机和接口传输。数据和信息可以包括令牌的一次密码种子，文件传输，认证，配置和编程。该令牌必须进行种子生成并显示一次性密码。原始或种子的值被加载到令牌中。随后从种子值生成或计算一次性密码，或两者。涉及计数器，时间或时间相关功能的令牌的种子可以允许令牌与这样的功能同步。令牌可能支持不同的身份验证方法。

5. 发明授权

US07688975B2 Method and apparatus for dynamic generation of symmetric encryption keys and exchange of dynamic symmetric key infrastructure 有权
标题翻译：用于动态生成对称加密密钥和交换动态对称密钥基础设施的方法和装置
公开(公告)号：US07688975B2
公开(公告)日：2010-03-30
申请号：US10280796
申请日：2002-10-25
申请人： Paul Lin , Henry Hon
发明人： Paul Lin , Henry Hon
IPC分类号： H04L9/00
CPC分类号： H04L9/0838 , H04L9/0877
摘要： A method and apparatus for dynamically generating data encryption keys for encrypting data files and for decrypting encrypted data files via a key exchange method is provided. A dynamically generated an encryption key is generated for each encryption event, so that the key cannot be produced or reproduced. A key exchange component of the invention ensures that only an intended recipient has the means to decrypt a file encrypted with the dynamically generated symmetric encryption keys.
摘要翻译：提供了一种用于动态生成用于加密数据文件并通过密钥交换方法解密加密的数据文件的数据加密密钥的方法和装置。为每个加密事件生成动态生成的加密密钥，使得不能产生或再现该密钥。本发明的密钥交换部件确保只有预期的接收方具有对利用动态生成的对称加密密钥加密的文件进行解密的手段。

6. 发明授权

US07310813B2 System and method for strong access control to a network 有权
标题翻译：用于对网络进行强大的访问控制的系统和方法
公开(公告)号：US07310813B2
公开(公告)日：2007-12-18
申请号：US10675496
申请日：2003-09-30
申请人： Paul Lin , Henry Hon , Jenny Lu
发明人： Paul Lin , Henry Hon , Jenny Lu
IPC分类号： H04L29/00
CPC分类号： H04L63/0838 , H04L63/0428
摘要： A system and method for strong access control to a network is provided. An access control server and authentication device are provided for controlling access to a network. The access controlled by the access control server may include network protocols, network resources, and electronic devices that may be coupled to the network. Network resources may include data stored on the network. The access control server may grant access to the network to a user based upon a correct response received from an authentication device assigned to the user. The user may be able to access only selected data that may be determined by an access level assigned to the authentication device. Upon authentication, the authentication device must remain active to maintain a network session. The authentication device becomes inactive when it is deactivated, uncoupled from the network, or in any mode in which the device cannot produce a response to the access control server. The network session ends when it is determined that the authentication device is inactive.
摘要翻译：提供了一种用于对网络进行强大的访问控制的系统和方法。提供访问控制服务器和认证设备来控制对网络的访问。由访问控制服务器控制的访问可以包括可以耦合到网络的网络协议，网络资源和电子设备。网络资源可以包括存储在网络上的数据。访问控制服务器可以基于从分配给用户的认证装置接收到的正确响应来向用户授予对网络的访问。用户可以仅能够访问可以由分配给认证设备的访问级别确定的所选择的数据。认证后，认证设备必须保持活动状态才能维护网络会话。认证设备在被去激活，与网络脱离连接时，或在设备无法产生对接入控制服务器的响应的任何模式下变为非活动状态。当确定认证设备不活动时，网络会话结束。

7. 发明申请

US20100195824A1 Method and Apparatus for Dynamic Generation of Symmetric Encryption Keys and Exchange of Dynamic Symmetric Key Infrastructure 审中-公开
标题翻译：用于动态生成对称加密密钥和动态对称密钥基础设施交换的方法和装置
公开(公告)号：US20100195824A1
公开(公告)日：2010-08-05
申请号：US12698894
申请日：2010-02-02
申请人： Paul Lin , Henry Hon
发明人： Paul Lin , Henry Hon
IPC分类号： H04L9/00
CPC分类号： H04L9/0838 , H04L9/0877
摘要： A method and apparatus for dynamically generating data encryption keys for encrypting data files and for decrypting encrypted data files via a key exchange method is provided. A dynamically generated an encryption key is generated for each encryption event, so that the key cannot be produced or reproduced. A key exchange component of the invention ensures that only an intended recipient has the means to decrypt a file encrypted with the dynamically generated symmetric encryption keys.
摘要翻译：提供了一种用于动态生成用于加密数据文件并通过密钥交换方法解密加密的数据文件的数据加密密钥的方法和装置。为每个加密事件生成动态生成的加密密钥，使得不能产生或再现该密钥。本发明的密钥交换部件确保只有预期的接收方具有对利用动态生成的对称加密密钥加密的文件进行解密的手段。

8. 发明申请

US20100064360A1 Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions 有权
标题翻译：生成并显示一次性密码并耦合到计算机以输入或接收数据以生成和输出一次性密码和其他功能的令牌设备
公开(公告)号：US20100064360A1
公开(公告)日：2010-03-11
申请号：US12398887
申请日：2009-03-05
申请人： Paul Lin , Henry Hon
发明人： Paul Lin , Henry Hon
IPC分类号： G06F7/04 , G06F7/58 , H04L9/00 , H04K1/00
CPC分类号： G07F7/1008 , G06F21/34 , G06Q20/341 , G06Q20/3415 , G06Q20/347 , G06Q20/385 , G06Q20/40975 , G07F7/10 , G07F7/1075
摘要： A token device that generates and displays one-time passwords and couples to a computer for inputting or receiving data for generating and outputting one-time passwords and performing other functions is provided. The token includes an interface for coupling to a computer. The token may also be coupled to any network that the computer may be connected to, when coupled to the computer. Data and information may be transmitted between the computer and token, and between the network and token, via the computer and interface. The data and information may include one-time password seeding, file transfer, authentication, configuration and programming of the token. The token must be seeded to generate and display one-time passwords. An original, or seed, value is loaded into the token. One-time passwords are subsequently generated or calculated, or both, from the seed value. Seeding of the token involving a counter, time, or time-related functions, may allow synchronization of the token with such functions. The token may support different authentication methods.
摘要翻译：提供了生成并显示一次性密码并耦合到计算机以输入或接收用于生成和输出一次性密码并执行其他功能的数据的令牌设备。令牌包括用于耦合到计算机的接口。当耦合到计算机时，令牌还可以耦合到计算机可以连接到的任何网络。数据和信息可以在计算机和令牌之间以及网络和令牌之间通过计算机和接口传输。数据和信息可以包括令牌的一次密码种子，文件传输，认证，配置和编程。该令牌必须进行种子生成并显示一次性密码。原始或种子的值被加载到令牌中。随后从种子值生成或计算一次性密码，或两者。涉及计数器，时间或时间相关功能的令牌的种子可以允许令牌与这样的功能同步。令牌可能支持不同的身份验证方法。

9. 发明申请

US20090259838A1 Hardware-Bonded Credential Manager Method and System 有权
标题翻译：硬件保证凭证管理方法和系统
公开(公告)号：US20090259838A1
公开(公告)日：2009-10-15
申请号：US12103654
申请日：2008-04-15
申请人： Paul Lin
发明人： Paul Lin
IPC分类号： H04L9/00
CPC分类号： H04L9/3271 , H04L9/3215 , H04L9/3226 , H04L63/08
摘要： An internet data exchange authentication method that can provide much of the user authentication assurance and capability of dedicated computer security cryptographic hardware, without requiring that the user actually have such hardware. This method allows users with computerized devices to communicate securely with secure servers by creating customized challenge-response authentication objects (pockets) where both the challenge and the response is based partially on the hardware identity of the user's computerized device, and partially on a secret (such as a random number) known only by the secure server. The secure server receives the device's hardware identity, generates the secret, creates the pocket, encrypts the pocket, and sends the encrypted pocket back to the user's device. The secure server, or a third trusted credential server, then sends the decryption key for the encrypted pocket back to the user using a different, “out of band” communications modality, thus reducing the chances of interception.
摘要翻译：一种互联网数据交换认证方法，其可以提供专用计算机安全密码硬件的大量用户认证保证和能力，而不需要用户实际上具有这样的硬件。该方法允许具有计算机化设备的用户通过创建定制的质询 - 响应认证对象（口袋）来安全地与安全服务器通信，其中质询和响应部分地基于用户的计算机化设备的硬件身份，部分地基于秘密（例如随机数）仅由安全服务器知道。安全服务器接收设备的硬件身份，生成秘密，创建口袋，加密口袋，并将加密的口袋发送回用户的设备。然后，安全服务器或第三可信凭证服务器使用不同的“带外”通信模式将用于加密袋的解密密钥发送回用户，从而减少拦截的机会。

10. 发明授权

US07334255B2 System and method for controlling access to multiple public networks and for controlling access to multiple private networks 失效
标题翻译：用于控制对多个公共网络的访问和用于控制对多个专用网络的访问的系统和方法
公开(公告)号：US07334255B2
公开(公告)日：2008-02-19
申请号：US10675888
申请日：2003-09-29
申请人： Paul Lin , Henry Hon , Fred Cheng
发明人： Paul Lin , Henry Hon , Fred Cheng
IPC分类号： H04L29/00
CPC分类号： H04L63/0838 , H04L63/0428 , H04L63/0853
摘要： A system and method for controlling access to multiple public networks and for controlling access to multiple private networks is provided. Authentication is used with unique public shared secrets and unique private shared secrets to control access to the networks. The invention includes a user device for communicating with at least a public network and/or a private network. The device may be capable of accessing multiple networks through one or more private networks with multiple access control servers. The user device must provide a correct response to each access control server, before access to the network may be granted. The device generates a one-time password, or response, to gain access to a controlled network server. The response generated by the device is matched to a response generated by an access control server that may have generated a challenge that prompted the response. If the two responses match, the device is authenticated and a user of the device is granted access to the network server.
摘要翻译：提供了用于控制对多个公共网络的访问和用于控制对多个专用网络的访问的系统和方法。身份验证使用独特的公共共享密钥和独特的私有共享密钥来控制对网络的访问。本发明包括用于与至少公共网络和/或专用网络通信的用户设备。该设备可能能够通过具有多个访问控制服务器的一个或多个专用网络来访问多个网络。在访问网络之前，用户设备必须向每个访问控制服务器提供正确的响应。设备生成一次性密码或响应，以访问受控网络服务器。由设备生成的响应与访问控制服务器生成的响应相匹配，访问控制服务器可能会产生提示响应的挑战。如果两个响应匹配，则设备被认证，设备的用户被授权访问网络服务器。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式