专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08752146B1 Providing authentication codes which include token codes and biometric factors 有权
标题翻译：提供包括令牌代码和生物特征因子的认证码
公开(公告)号：US08752146B1
公开(公告)日：2014-06-10
申请号：US13434280
申请日：2012-03-29
申请人： Marten van Dijk , Kevin D. Bowers , Samuel Curry , Sean P. Doyle , Nikolaos Triandopoulos , Riaz Zolfonoon
发明人： Marten van Dijk , Kevin D. Bowers , Samuel Curry , Sean P. Doyle , Nikolaos Triandopoulos , Riaz Zolfonoon
IPC分类号： G06F21/00 , H04L29/06 , H04L9/32 , H04L9/08 , G06F21/32
CPC分类号： H04L63/0861 , G06F21/32 , G06F21/43 , H04L9/3215 , H04L9/3228 , H04L9/3231 , H04L63/0838 , H04L63/18
摘要： A technique provides authentication codes to authenticate a user to an authentication server. The technique involves generating, by an electronic apparatus (e.g., a smart phone, a tablet, a laptop, etc.), token codes from a cryptographic key. The technique further involves obtaining biometric measurements from a user, and outputting composite passcodes as the authentication codes. The composite passcodes include the token codes and biometric factors based on the biometric measurements. Additionally, the token codes and the biometric factors of the composite passcodes operate as authentication inputs to user authentication operations performed by the authentication server. In some arrangements, the biometric factors are results of facial recognition (e.g., via a camera), voice recognition (e.g., via a microphone), gate recognition (e.g., via an accelerometer), touch recognition and/or typing recognition (e.g., via a touchscreen or keyboard), combinations thereof, etc.
摘要翻译：一种技术提供认证码以将用户认证给认证服务器。该技术涉及通过电子设备（例如，智能电话，平板电脑，笔记本电脑等）从加密密钥生成令牌代码。该技术还涉及从用户获取生物测量，并输出复合密码作为认证码。复合密码包括基于生物特征测量的令牌代码和生物特征因子。此外，复合密码的令牌代码和生物特征因子作为认证服务器执行的用户认证操作的认证输入。在一些布置中，生物特征因子是面部识别（例如，经由相机），语音识别（例如，经由麦克风），门识别（例如，经由加速度计），触摸识别和/或打字识别（例如，通过触摸屏或键盘），其组合等

2. 发明申请

US20080059809A1 Sharing a Secret by Using Random Function 审中-公开
标题翻译：使用随机函数共享秘密
公开(公告)号：US20080059809A1
公开(公告)日：2008-03-06
申请号：US11575313
申请日：2005-09-16
申请人： Marten Van Dijk
发明人： Marten Van Dijk
IPC分类号： H04L9/08
CPC分类号： H04L9/3278 , H04L9/0838 , H04L9/0866 , H04L9/3263 , H04L2209/56 , H04L2209/60
摘要： A physical random function (PUF) is a function that is easy to evaluate but hard to characterize. Controlled physical random functions (CPUFs) are PUFs that can only be accessed via a security program controlled by a security algorithm that is physically bound to the PUF in an inseparable way. CPUFs enable certified execution, where a certificate is produced that proves that a specific computation was carried out on a specific processor In particular, an integrated circuit containing a CPUF can be authenticated using Challenge-Response Pairs (CRPs). The invention provides a mechanism to generate a shared secret between different security programs running on a CPUF.
摘要翻译：物理随机函数（PUF）是易于评估但难以表征的函数。受控的物理随机函数（CPUF）是只能通过以不可分割的方式物理地绑定到PUF的安全算法控制的安全程序来访问的PUF。 CPUFs启用认证执行，其中产生证明在特定处理器上执行特定计算的证书。特别地，可以使用挑战响应对（CRP）认证包含CPUF的集成电路。本发明提供了一种在CPUF上运行的不同安全程序之间生成共享秘密的机制。

3. 发明授权

US08978159B1 Methods and apparatus for mediating access to derivatives of sensitive data 有权
标题翻译：调解敏感数据衍生品的方法和设备
公开(公告)号：US08978159B1
公开(公告)日：2015-03-10
申请号：US13731514
申请日：2012-12-31
申请人： Marten van Dijk , Samuel J. Curry , Robert D. Hopley , John G. Linn , Alina M. Oprea , Kenneth Ray
发明人： Marten van Dijk , Samuel J. Curry , Robert D. Hopley , John G. Linn , Alina M. Oprea , Kenneth Ray
IPC分类号： G06F21/62
CPC分类号： G06F21/6227 , G06F2221/2107
摘要： Access control systems are provided that mediate access to derivatives of sensitive data. A method is provided for processing a data request from a client, the data request comprising a client identifier and an indication of the intended use of the data, by receiving the data request from the client; providing the client identifier and indicated use to an access manager, wherein the access manager assesses a risk of providing access to the data for the indicated use; if the access manager grants access for the indicated use, receiving one or more keys with corresponding computing restrictions from the access manager; computing a result; and providing the result to the client, wherein the provided result comprises the derivative of sensitive data. The access manager grants the access for the indicated use, for example, based on a risk score.
摘要翻译：提供访问控制系统，介绍对敏感数据导数的访问。提供一种通过从客户端接收数据请求来处理来自客户端的数据请求的方法，所述数据请求包括客户端标识符和数据的预期用途的指示; 向访问管理器提供客户端标识符并指示使用，其中访问管理器评估为所指示的使用提供访问数据的风险; 如果访问管理器为所指示的使用者授予访问权限，则从访问管理器接收具有相应计算限制的一个或多个密钥; 计算结果; 并将结果提供给客户端，其中所提供的结果包括敏感数据的导数。访问管理器例如基于风险分数来授予针对指定用途的访问。

4. 发明申请

US20090158054A1 PRIVATE DATA PROCESSING 审中-公开
标题翻译：私有数据处理
公开(公告)号：US20090158054A1
公开(公告)日：2009-06-18
申请号：US12335083
申请日：2008-12-15
申请人： Marten Van Dijk , Jing Chen , Srinivas Devadas
发明人： Marten Van Dijk , Jing Chen , Srinivas Devadas
IPC分类号： G06F12/14 , G06F7/06 , G06F17/30
CPC分类号： G06F7/72 , H04L63/0442
摘要： A method for processing one or more terms includes, at a first computation facility, computing an obfuscated numerical representation for each of the terms. The computed obfuscated representations are provided from the first facility to a second computation facility. A result of an arithmetic computation based on the provided obfuscated values is received at the first facility. This received result represents an obfuscation of a result of application of a first function to the terms. The received result is processed to determine the result of application of the first function to the terms.
摘要翻译：一种用于处理一个或多个术语的方法包括在第一计算设施处计算每个术语的混淆数字表示。所计算的混淆表示从第一设施提供给第二计算设施。在第一设施处接收基于所提供的混淆值的算术运算的结果。这个收到的结果表示对这个术语应用第一个功能的结果的混淆。处理接收到的结果以确定第一个功能对该术语的应用结果。

5. 发明授权

US09122878B1 Software license management with drifting component 有权
标题翻译：具有漂移组件的软件许可证管理
公开(公告)号：US09122878B1
公开(公告)日：2015-09-01
申请号：US13535834
申请日：2012-06-28
申请人： Samuel J. Curry , Marten Van Dijk
发明人： Samuel J. Curry , Marten Van Dijk
IPC分类号： H04L29/00 , G06F21/57
CPC分类号： G06F21/577 , G06F21/121
摘要： An improved technique for verifying a license of a software product includes performing license checks with a server and passing to the server, as part of the license checks, a drifting digital code. The drifting code forms a particular drift pattern, which the server detects over the course of multiple license checks. The drift pattern is typically unique, or relatively unique, to the machine on which the software product is run, and changes in a manner that is difficult for malicious users to replicate on other machines. If a second copy of the software is installed, e.g., if the software is pirated, the second copy will produce a drifting code that has its own drift pattern, which differs from that of the initial copy. The server detects the duplicate copy by observing a divergence in the codes it receives during license checks.
摘要翻译：用于验证软件产品的许可证的改进技术包括：与服务器执行许可证检查，并作为许可证检查的一部分传递给服务器漂移的数字代码。漂移代码形成特定的漂移模式，服务器在多个许可证检查过程中检测到。漂移模式对于运行软件产品的机器通常是独特的或相对独特的，并且以恶意用户难以在其他机器上复制的方式进行更改。如果安装了软件的第二副本，例如，如果软件被盗版，则第二副本将产生具有其自己的漂移模式的漂移代码，其与初始副本不同。服务器通过观察许可证检查期间收到的代码的差异来检测副本。

6. 发明授权

US08819769B1 Managing user access with mobile device posture 有权
标题翻译：使用移动设备状态管理用户访问
公开(公告)号：US08819769B1
公开(公告)日：2014-08-26
申请号：US13435606
申请日：2012-03-30
申请人： Marten van Dijk , Kevin D. Bowers , Samuel Curry , Sean P. Doyle , Eyal Kolman , Nikolaos Triandopoulos , Riaz Zolfonoon
发明人： Marten van Dijk , Kevin D. Bowers , Samuel Curry , Sean P. Doyle , Eyal Kolman , Nikolaos Triandopoulos , Riaz Zolfonoon
IPC分类号： H04L29/06
CPC分类号： H04L63/0876 , H04L67/303
摘要： An improved technique for managing access of a user of a computing machine to a remote network collects device posture information about the user's mobile device. The mobile device runs a soft token, and the collected posture information pertains to various aspects of the mobile device, such as the mobile device's hardware, software, environment, and/or users, for example. The server applies the collected device posture information along with token codes from the soft token in authenticating the user to the remote network.
摘要翻译：用于管理计算机的用户对远程网络的访问的改进技术收集关于用户的移动设备的设备姿态信息。移动设备运行软令牌，并且收集的姿态信息涉及例如移动设备的各个方面，例如移动设备的硬件，软件，环境和/或用户。服务器将所收集的设备姿态信息以及来自软令牌的令牌代码应用于将用户认证到远程网络。

7. 发明授权

US08683570B1 Scheduling soft token data transmission 有权
标题翻译：调度软令牌数据传输
公开(公告)号：US08683570B1
公开(公告)日：2014-03-25
申请号：US13435611
申请日：2012-03-30
申请人： Marten van Dijk , Kevin D. Bowers , Samuel Curry , Nikolaos Triandopoulos
发明人： Marten van Dijk , Kevin D. Bowers , Samuel Curry , Nikolaos Triandopoulos
IPC分类号： H04L29/06 , G06F21/35
CPC分类号： G06F21/35 , H04L63/0838 , H04L63/0853 , H04L63/1416
摘要： An improved technique provides scheduled data transfer between a mobile device and a server. The mobile device combines token codes generated by a soft token with sequences of auxiliary bits and displays the combinations to users as passcodes. Users may then copy the passcodes to their computers for authenticating to a server on a remote network. As the passcodes include both token codes and sequences of auxiliary bits, a communication channel is established whereby the auxiliary bits as well as the soft token codes are transmitted from the mobile device to the server.
摘要翻译：改进的技术提供了移动设备和服务器之间的调度数据传输。移动设备将由软令牌产生的令牌代码与辅助位序列组合，并将用户的组合显示为密码。然后，用户可以将密码复制到其计算机，以便对远程网络上的服务器进行身份验证。由于密码包括令牌码和辅助比特序列，所以建立通信信道，由此辅助比特以及软令牌码从移动设备发送到服务器。

8. 发明申请

US20070183194A1 CONTROLLING ACCESS TO DEVICE-SPECIFIC INFORMATION 审中-公开
标题翻译：控制对设备特定信息的访问
公开(公告)号：US20070183194A1
公开(公告)日：2007-08-09
申请号：US11421609
申请日：2006-06-01
申请人： Srinivas Devadas , Blaise Gassend , Dwaine Clarke , Marten Van Dijk
发明人： Srinivas Devadas , Blaise Gassend , Dwaine Clarke , Marten Van Dijk
IPC分类号： G11C16/04
CPC分类号： G06F21/31 , G06F21/72 , G06F21/73 , G06F21/77 , G06F21/79 , G06F21/86 , G06F2221/2103 , G06F2221/2121 , G06F2221/2129 , G06F2221/2153 , G06Q20/3674 , G09C1/00 , H01L23/544 , H01L23/576 , H01L2223/54433 , H01L2223/5444 , H01L2223/54473 , H01L2924/0002 , H04L9/0897 , H04L9/3278 , H04L2209/34 , H04L2209/42 , H01L2924/00
摘要： A method for providing access to device-specific information includes providing a first value to the device, and then, in the device, using a second value that is a first one-way function of the provided first value to determine a third value such that the third value is a device-specific function of the second value. The third value is then accepted from the device and stored outside the device. Subsequent to accepting the third value from the device, the second value is provided to the device. In the device, the provided second value is used to determine the third value once again and a fourth value is determined that is a second one-way function of the third value. This determining of the fourth value is performed without disclosing the third value outside the device. The fourth value is accepted from the device.
摘要翻译：用于提供对设备特定信息的访问的方法包括向设备提供第一值，然后在设备中使用作为所提供的第一值的第一单向函数的第二值来确定第三值，使得第三个值是第二个值的特定于设备的功能。然后第三个值从设备接受并存储在设备外部。在从设备接受第三值之后，将第二值提供给设备。在设备中，所提供的第二值被再次用于确定第三值，并且确定第四值是第三值的第二单向函数。执行第四值的确定而不在设备外部公开第三值。从设备接受第四个值。

9. 发明申请

US20060104449A1 Record carrier with distributed decryption information 审中-公开
标题翻译：具有分布式解密信息的记录载体
公开(公告)号：US20060104449A1
公开(公告)日：2006-05-18
申请号：US10519068
申请日：2003-06-26
申请人： Antonius Akkermans , Franciscus Kamperman , Antonius Staring , Marten Van Dijk , Pim Tuyls
发明人： Antonius Akkermans , Franciscus Kamperman , Antonius Staring , Marten Van Dijk , Pim Tuyls
IPC分类号： H04L9/00
CPC分类号： G11B20/0021 , G11B20/00086 , G11B20/00275 , G11B20/00492 , G11B20/00876
摘要： The invention relates to a system for improved copy protection comprising a record carrier like a CD-RW+ or a DVD storing copy-protected information and a device for reading from and/or writing to the record carrier. For that the record carrier (1) has a first area (3) storing information (data), which is at least partly stored in encrypted form (EAK(data)), this part being called an asset (EAK(data)), and which includes a first part of decryption information (HCK, EDNK(HCK)), and the record carrier (1) further has a second area (4) storing a second part of decryption information (UCID), wherein both the first (HCK) and second (UCID) parts of decryption information serve in decrypting an asset (EAK(data)). Such distribution of decryption information over at least two areas of the record carrier may further be combined with additional safety mechanisms as e.g. hidden channels, encrypted keys, counter mechanisms, and revocation lists.
摘要翻译：本发明涉及一种用于改进的复制保护的系统，其包括诸如CD-RW +的记录载体或存储复制保护的信息的DVD以及用于从记录载体读取和/或向记录载体进行写入的装置。为此，记录载体（1）具有存储信息（数据）的第一区域（3），该区域至少部分地以加密形式存储（EAK（数据）），该部分被称为资产（EAK（data）），并且其包括解密信息的第一部分（HCK，EDNK（HCK）），并且所述记录载体（1）还具有存储第二部分解密信息（UCID）的第二区域（4），其中，所述第一（HCK））和解密信息的第二（UCID）部分用于解密资产（EAK（数据））。在记录载体的至少两个区域上的解密信息的这种分配可以进一步与附加的安全机制组合，例如。隐藏通道，加密密钥，计数器机制和撤销列表。

10. 发明申请

US20060050886A1 Method and system for generating a common secret key 审中-公开
标题翻译：用于生成公用密钥的方法和系统
公开(公告)号：US20060050886A1
公开(公告)日：2006-03-09
申请号：US10528487
申请日：2003-08-11
申请人： Pim Tuyls , Marten Van Dijk , Berry Shoemakers
发明人： Pim Tuyls , Marten Van Dijk , Berry Shoemakers
IPC分类号： H04L9/00
CPC分类号： H04L9/0841 , H04L9/3073
摘要： A method for generating a common secret data item between a first user facility and a second user facility does so through by each facility executing mutually symmetric operations on respective complementary data items that are based on respectively unique quantities and that are at least in part secret. An outcome of the operations is used in both said user facilities as said common secret data item. In particular, the method is based on defining the complementary data belonging to a GAP Diffie-Hellmann Problem that is defined in an Abelian Variety. More in particular, the Abelian Variety has a dimension one through being an elliptic curve.
摘要翻译：用于在第一用户设备和第二用户设备之间生成公共秘密数据项的方法通过每个设备对相应的补充数据项执行相互对称的操作，这些互补数据项基于分别唯一的量并且至少部分是秘密的。所述操作的结果在所述用户设施中用作所述公共秘密数据项。特别地，该方法基于定义属于Abelian Variety中定义的GAP Diffie-Hellmann问题的补充数据。更具体地说，阿贝利品种通过椭圆曲线具有一维度。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式