专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09781129B1 Authenticating an entity 有权
公开(公告)号：US09781129B1
公开(公告)日：2017-10-03
申请号：US13536978
申请日：2012-06-28
申请人： Daniel V. Bailey , Lawrence N. Friedman , Samuel Curry , Yedidya Dotan
发明人： Daniel V. Bailey , Lawrence N. Friedman , Samuel Curry , Yedidya Dotan
IPC分类号： H04L29/06
CPC分类号： H04L63/107 , G06F2221/2111 , G06F2221/2151 , H04L9/3271 , H04L9/3297 , H04L2209/80 , H04W12/06
摘要： There is disclosed a method and system for use in authenticating an entity. An authentication request is received from the entity. An input signal is received from a communications device associated with the entity. The input signal comprises the current location of the communications device. The current location of the communications device is derived from the input signal. Based on the current location of the communications device, an event is detected at substantially the same location as the current location of the communications device. An analysis is performed between the current location of the communications device and the event. An authentication result is generated based on the analysis between the current location of the communications device and the event. The authentication result can be used for authenticating the entity.

2. 发明授权

US09230066B1 Assessing risk for third-party data collectors 有权
标题翻译：评估第三方数据收集者的风险
公开(公告)号：US09230066B1
公开(公告)日：2016-01-05
申请号：US13534873
申请日：2012-06-27
申请人： Daniel V. Bailey , Lawrence N. Friedman , Yedidya Dotan
发明人： Daniel V. Bailey , Lawrence N. Friedman , Yedidya Dotan
IPC分类号： H04L29/00 , G06F21/00
CPC分类号： G06F21/00 , G06F21/316 , G06F2221/2111 , H04L63/107 , H04W4/02 , H04W12/06
摘要： An improved technique authenticates a user based on an ability to corroborate previous transaction data sent by a user device. Along these lines, the improved technique makes use of an independent information source for verifying the accuracy of previous transaction data obtained by a given collector. For example, when a collector of location data is a GPS unit of a cell phone, an independent information source may be a cell tower closest to the cell phone at the time of the transaction. While location data provided by the cell tower may not be as precise as that provided by the GPS unit, such data is useful for corroborating the location data from the GPS unit. In this scenario, if the data provided by the cell tower fails to corroborate that provided by the GPS unit, then the GPS unit adds significant risk to authenticating the user.
摘要翻译：改进的技术基于确定用户设备发送的先前交易数据的能力来认证用户。沿着这些方式，改进的技术使用独立的信息源来验证给定收集器获得的先前交易数据的准确性。例如，当位置数据的收集器是手机的GPS单元时，独立的信息源可以是在交易时最靠近手机的信元塔。虽然由单元塔提供的位置数据可能不如GPS单元提供的位置数据那样精确，但是这样的数据对于确认来自GPS单元的位置数据是有用的。在这种情况下，如果单元塔提供的数据未能证实由GPS单元提供的数据，则GPS单元增加了验证用户的重大风险。

3. 发明授权

US08904496B1 Authentication based on a current location of a communications device associated with an entity 有权
标题翻译：基于与实体相关联的通信设备的当前位置的认证
公开(公告)号：US08904496B1
公开(公告)日：2014-12-02
申请号：US13435951
申请日：2012-03-30
申请人： Daniel V. Bailey , Lawrence N. Friedman , Yedidya Dotan , Samuel Curry , Riaz Zolfonoon
发明人： Daniel V. Bailey , Lawrence N. Friedman , Yedidya Dotan , Samuel Curry , Riaz Zolfonoon
IPC分类号： G06F21/00 , G06F21/44
CPC分类号： G06F21/44 , G06F21/552 , G06F2221/2111 , G06F2221/2151 , H04L9/3271 , H04L9/3297 , H04L2209/80 , H04W12/06
摘要： There is disclosed a method and system for use in authenticating an entity in connection with a computerized resource. An authentication request is received from entity for access to computerized resource. An input signal is received from a communications device associated with entity. The input signal comprises current location of communications device. The current location of communications device is derived from input signal. A location history in connection with communications device is captured. The location history comprises a record of discrete locations visited by communications device over a period of time. An analysis is performed between current location of the communications device and location history in connection with communications device. An authentication result is generated based on analysis between current location of communications device and location history in connection with communications device. The authentication result can be used for authenticating entity.
摘要翻译：公开了一种用于认证与计算机资源有关的实体的方法和系统。从实体接收到对计算机资源的访问的认证请求。从与实体相关联的通信设备接收输入信号。输入信号包括通信设备的当前位置。通信设备的当前位置来源于输入信号。捕获与通信设备相关的位置历史记录。位置历史包括通信设备在一段时间内访问的离散位置的记录。在通信设备的当前位置和与通信设备相关的位置历史之间进行分析。基于通信设备的当前位置和与通信设备相关的位置历史之间的分析生成认证结果。验证结果可用于认证实体。

4. 发明授权

US08655787B1 Automated detection of defined input values and transformation to tokens 有权
标题翻译：自动检测定义的输入值并转换为令牌
公开(公告)号：US08655787B1
公开(公告)日：2014-02-18
申请号：US12826491
申请日：2010-06-29
申请人： Robert W. Griffin , Daniel V. Bailey , Joshua A. Rosenthol
发明人： Robert W. Griffin , Daniel V. Bailey , Joshua A. Rosenthol
IPC分类号： G06F17/00
CPC分类号： G06F17/00 , G06F21/6272 , G06Q20/24 , G06Q20/385 , H04L63/00
摘要： A computer-implemented technique processes a potentially sensitive item of data (e.g., data which may be either a credit card number or a token having a similar format). The technique involves, after the potentially sensitive item of data is properly received within a physical memory location, generating a token result which indicates whether the potentially sensitive item of data satisfies a valid-token requirement. The technique further involves preserving the potentially sensitive item of data in an unaltered form within the physical memory location when the token result indicates that the potentially sensitive item of data satisfies the valid-token requirement. The technique further involves replacing the potentially sensitive item of data within the physical memory location with a token when the token result indicates that the potentially sensitive item of data does not satisfy the valid-token requirement.
摘要翻译：计算机实现的技术处理可能敏感的数据项目（例如，可能是信用卡号码或具有类似格式的令牌的数据）。该技术涉及在物理存储器位置中适当地接收到潜在的敏感数据项之后，生成指示潜在敏感数据项是否满足有效令牌要求的令牌结果。该技术还涉及当令牌结果指示潜在敏感数据项满足有效令牌要求时，在物理存储器位置内以未改变的形式保留潜在敏感数据项。该技术还包括当令牌结果指示潜在的敏感数据项不满足有效令牌要求时，用令牌替换物理存储器位置内的潜在敏感数据项。

5. 发明授权

US08621237B1 Protecting against cryptographic key exposure in source code 有权
标题翻译：防止密码密码暴露在源代码中
公开(公告)号：US08621237B1
公开(公告)日：2013-12-31
申请号：US13173874
申请日：2011-06-30
申请人： Daniel V. Bailey , Aaron Katz , Craig R. Paradis , Robert D. Hopley
发明人： Daniel V. Bailey , Aaron Katz , Craig R. Paradis , Robert D. Hopley
IPC分类号： G06F11/30 , G06F12/14 , G06F11/00 , G06F12/16 , G08B23/00
CPC分类号： G06F21/54 , G06F21/602
摘要： A technique protects source code and is performed in an electronic device. The technique involves performing, on the source code, a scanning operation which provides a scanning result indicating whether the source code includes a cryptographic key. The technique further involves performing a remedial operation (e.g., alerting an administrator, deleting the key, replacing the key, combinations thereof, etc.) to prevent undesired exposure of the cryptographic key when the scanning result indicates that the source code includes a cryptographic key. The technique further involves refraining from performing the remedial operation when the scanning result indicates that the source code does not include a cryptographic key.
摘要翻译：一种技术保护源代码，并在电子设备中执行。该技术涉及在源代码上执行提供指示源代码是否包括密码密钥的扫描结果的扫描操作。该技术还包括执行补救操作（例如，提醒管理员，删除密钥，替换密钥及其组合等），以防止当扫描结果指示源代码包括加密密钥时密码密钥的不期望的暴露。该技术还包括当扫描结果指示源代码不包括加密密钥时，避免执行补救操作。

6. 发明授权

US08618913B1 Radio frequency identification enabled mobile device 有权
标题翻译：射频识别启用移动设备
公开(公告)号：US08618913B1
公开(公告)日：2013-12-31
申请号：US12907625
申请日：2010-10-19
申请人： Daniel V. Bailey , John Brainard , Ari Juels , Kevin D. Bowers
发明人： Daniel V. Bailey , John Brainard , Ari Juels , Kevin D. Bowers
IPC分类号： H04Q5/22
CPC分类号： H04L67/12 , G06F3/017 , H04M1/7253 , H04M1/72569 , H04Q2213/13095 , H04W4/02 , H04W4/80 , H04W12/06 , H04W12/08
摘要： An RFID enabled mobile device is configured to provide a secure release of RFID information. The RFID enabled mobile device, such as an RFID enabled cellular telephone, includes a set of sensors, such as a camera, one or more accelerometers, a wireless transceiver configured to send and receive data with an Internet device, and a global positioning system (GPS) receiver. The RFID enabled mobile device utilizes sensor attributes or information from one or more sensor of the set of sensors and, based upon the sensor attributes, controls the release of RFID information and/or other authentication data to an RFID interrogation system. In essence, the RFID enabled mobile device leverages from the conventional sensors typically incorporated as part of the mobile device and uses contextual data from its sensors and communication partners to make security decisions regarding the release of RFID information.
摘要翻译： RFID启用的移动设备被配置为提供RFID信息的安全释放。支持RFID的移动设备，例如支持RFID的蜂窝电话，包括一组传感器，例如相机，一个或多个加速度计，被配置为使用因特网设备发送和接收数据的无线收发器以及全球定位系统（ GPS）接收机。 RFID启用的移动设备利用来自传感器组的一个或多个传感器的传感器属性或信息，并且基于传感器属性，控制RFID信息和/或其他认证数据到RFID询问系统的释放。实质上，支持RFID的移动设备利用通常作为移动设备的一部分并入的常规传感器，并使用来自其传感器和通信伙伴的上下文数据来做出关于RFID信息的释放的安全决定。

7. 发明授权

US08433914B1 Multi-channel transaction signing 有权
标题翻译：多渠道交易签名
公开(公告)号：US08433914B1
公开(公告)日：2013-04-30
申请号：US12820829
申请日：2010-06-22
申请人： Robert S. Philpott , Yong Qiao , Michael J. O'Malley , Daniel V. Bailey
发明人： Robert S. Philpott , Yong Qiao , Michael J. O'Malley , Daniel V. Bailey
IPC分类号： H04L9/32
CPC分类号： H04L9/3247 , H04L9/3215
摘要： A transaction system combats malware and phishing-based MitM attacks on transaction processing systems by using digital signatures to integrity-protect the user-verified transaction data. With this system, a user submits a transaction from a client device (e.g., desktop web browser) over a communications channel to a server device, such as a transaction server. Before accepting the transaction, the transaction server securely delivers all relevant transaction data to a second device (e.g., the signing device), such as a smart phone, in the possession of the user. The signing device has its own distinct communication channel with the server device. The user verifies the data and the signing device creates a digital signature value for the transaction. The user submits the signature to the transaction server to confirm the transaction with the transaction server.
摘要翻译：交易系统通过使用数字签名对用户验证的交易数据进行完整性保护来抵抗事件处理系统上的恶意软件和基于网路钓鱼的MitM攻击。利用该系统，用户通过通信信道从客户端设备（例如桌面网络浏览器）提交交易到例如交易服务器的服务器设备。在接受交易之前，交易服务器将所有相关的交易数据安全地传递给用户拥有的第二设备（例如，签名设备），例如智能电话。签名设备与服务器设备有独立的通信通道。用户验证数据，签名设备为交易创建数字签名值。用户将签名提交给事务服务器以确认与事务服务器的事务。

8. 发明授权

US08312519B1 Agile OTP generation 有权
标题翻译：敏捷OTP生成
公开(公告)号：US08312519B1
公开(公告)日：2012-11-13
申请号：US12895130
申请日：2010-09-30
申请人： Daniel V Bailey , John G. Brainard , William M. Duane , Michael J. O'Malley , Robert S. Phipott
发明人： Daniel V Bailey , John G. Brainard , William M. Duane , Michael J. O'Malley , Robert S. Phipott
IPC分类号： G06F7/04 , H04L9/00
CPC分类号： H04L63/0838 , H04L9/003 , H04L9/3228 , H04L9/3234 , H04L63/0435 , H04L63/0823
摘要： A method, system, and apparatus for agile generation of one time passcodes (OTPs) in a security environment, the security environment having a token generator comprising a token generator algorithm and a validator, the method comprising generating a OTP at the token generator according to a variance technique; wherein the variance technique is selected from a set of variance techniques, receiving the OTP at a validator, determining, at the validator, the variance technique used by the token generator to generate the OTP, and determining whether to validate the OTP based on the OTP and variance technique.
摘要翻译：一种用于在安全环境中敏捷生成一次密码（OTP）的方法，系统和装置，所述安全环境具有包括令牌生成器算法和验证器的令牌生成器，所述方法包括根据令牌生成器根据方差技术; 其中所述方差技术从一组方差技术中选择，在验证器处接收所述OTP，在所述验证器处确定所述令牌生成器用于生成所述OTP的方差技术，以及基于所述OTP确定是否验证所述OTP 和方差技术。

9. 发明授权

US10101787B1 Energy-aware virtual infrastructure 有权
公开(公告)号：US10101787B1
公开(公告)日：2018-10-16
申请号：US13076747
申请日：2011-03-31
申请人： Daniel V. Bailey , Qiyan Chen , Robert B. Masson , Tianqing Wang , Yun Zhang
发明人： Daniel V. Bailey , Qiyan Chen , Robert B. Masson , Tianqing Wang , Yun Zhang
IPC分类号： G06F1/32
摘要： Example embodiments of the present invention provide a method, apparatus and computer program product for determining a share of power consumption by an application executing on a server. The method includes obtaining metrics relating to operation of the server and obtaining metrics relating to server resource utilization attributable to the application. A transformation is then performed using the metrics relating to operation of the server and server resource utilization attributable to the application to determine the respective share of power consumption by the application executing on the server. Additionally, greenhouse-gases attributable to the application also may be calculated.

10. 发明授权

US09641538B1 Authenticating an entity 有权
公开(公告)号：US09641538B1
公开(公告)日：2017-05-02
申请号：US13536990
申请日：2012-06-28
申请人： Daniel V Bailey , Lawrence N Friedman , Yedidya Dotan , Samuel Curry
发明人： Daniel V Bailey , Lawrence N Friedman , Yedidya Dotan , Samuel Curry
IPC分类号： H04L29/06
CPC分类号： H04L63/102 , G06F21/552 , G06F2221/2111 , G06F2221/2151 , H04L9/3271 , H04L9/3297 , H04L2209/80 , H04W12/06
摘要： There is disclosed a method, system and a computer program product for use in authenticating an entity. An authentication request is received from the entity. Information in connection with the entity is acquired from an external source. Based on the information, a risk score is set such that the riskiness of the authentication request can be readily deduced therefrom.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式