专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08832812B1 Methods and apparatus for authenticating a user multiple times during a session 有权
标题翻译：在会话期间多次认证用户的方法和装置
公开(公告)号：US08832812B1
公开(公告)日：2014-09-09
申请号：US13076869
申请日：2011-03-31
申请人： Todd Morneau , William Duane
发明人： Todd Morneau , William Duane
IPC分类号： G06F7/04 , G06F15/16 , G06F17/30 , H04L29/06
CPC分类号： G06F21/31 , G06F2221/2139 , H04L63/0846 , H04L63/0853 , H04L63/108
摘要： Access of a user to a protected resource during a session is controlled by issuing an authentication information request and receiving authentication information from the user responsive to the authentication information request. The user is authenticated based upon verification of the received authentication information. One or more of the issuing, receiving and authenticating steps are repeated during the session to re-authenticate the user. At least a portion of the authentication information that is used during the re-authentication is different from a corresponding portion of the authentication information that was used during the initial authentication. A secure channel is optionally established between the user and the protected resource responsive to the initial verification. The secure channel can optionally be re-established with the re-authentication using the different portion of the authentication information.
摘要翻译：通过发出认证信息请求并响应于认证信息请求从用户接收认证信息来控制用户在会话期间对受保护资源的访问。基于所接收的认证信息的验证来认证用户。在会话期间重复发出，接收和认证步骤中的一个或多个以重新认证用户。在重新认证期间使用的认证信息的至少一部分不同于在初始认证期间使用的认证信息的相应部分。响应于初始验证，可选地在用户和受保护资源之间建立安全通道。可以可选地使用认证信息的不同部分通过重新认证重新建立安全信道。

2. 发明授权

US07810147B2 Detecting and preventing replay in authentication systems 有权
标题翻译：检测和防止认证系统中的重放
公开(公告)号：US07810147B2
公开(公告)日：2010-10-05
申请号：US11607836
申请日：2006-12-01
申请人： William Duane , Lawrence N. Friedman , Alexander Volanis
发明人： William Duane , Lawrence N. Friedman , Alexander Volanis
IPC分类号： G06F7/04 , G06F15/16
CPC分类号： H04L63/0838 , H04L63/1441
摘要： A system for detecting and preventing replay attacks includes a plurality of interconnected authentication servers, and one or more tokens for generating a one-time passcode and providing the one-time passcode to one of the authentication servers for authentication. The system includes an adjudicator function associated with each authentication server. The adjudicator evaluates a high water mark value associated with a token seeking authentication, allows authentication to proceed for the token if the high water mark evaluation indicates that the one-time passcode was not used in a previous authentication, and prevents authentication if the high water mark evaluation indicates that the one-time passcode was used in a previous authentication. The token is associated with a home authentication server that maintains a current high water mark of the token. The home authentication server validates the current high water mark on behalf of the adjudicator function evaluating the token for authentication.
摘要翻译：用于检测和防止重放攻击的系统包括多个互连的认证服务器，以及用于生成一次性密码并将一次性密码提供给一个认证服务器进行认证的一个或多个令牌。该系统包括与每个认证服务器相关联的裁判员功能。审判员评估与令牌寻求认证相关联的高水位值，如果高水位评估指示在先前认证中未使用一次性密码，则允许认证进行令牌，并且如果高水位则防止认证标记评估表示在以前的认证中使用一次性密码。令牌与维护令牌当前高水位的家庭认证服务器相关联。家庭认证服务器代表评估用于认证的令牌的裁判员功能验证当前的高水位标记。

3. 发明申请

US20070094498A1 Authentication Method and Apparatus Utilizing Proof-of-Authentication Module 有权
标题翻译：使用验证模块验证方法和设备
公开(公告)号：US20070094498A1
公开(公告)日：2007-04-26
申请号：US11530998
申请日：2006-09-12
申请人： Magnus Nystrom , Anders Rundgren , William Duane
发明人： Magnus Nystrom , Anders Rundgren , William Duane
IPC分类号： H04L9/00
CPC分类号： G06Q20/3674 , G06F21/41 , H04L9/3213 , H04L9/3228 , H04L63/0807 , H04L63/0815 , H04L63/0838
摘要： A single sign-on technique allows multiple accesses to one or more applications or other resources using a proof-of-authentication module operating in conjunction with a standard authentication component. The application or other resource issues an authentication information request to the standard authentication component responsive to an access request from the user. The application or other resource receives, responsive to the authentication information request, a proof-of-authentication value from the standard authentication component, and authenticates the user based on the proof-of-authentication value. The standard authentication component interacts with the proof-of-authentication module to obtain the proof-of authentication value. The proof-of-authentication module is configured to generate multiple proof-of-authentication values for authentication of respective access requests of the user.
摘要翻译：单一登录技术允许使用与标准认证组件一起运行的认证证明模块对一个或多个应用程序或其他资源进行多次访问。响应于来自用户的访问请求，应用或其他资源向标准认证组件发出认证信息请求。应用程序或其他资源响应于认证信息请求接收来自标准认证组件的认证证明值，并且基于认证证明值对用户进行认证。标准认证组件与认证证明模块进行交互以获得认证值证明。身份验证模块被配置为生成用于认证用户的各个访问请求的多个认证证明值。

4. 发明授权

US07111172B1 System and methods for maintaining and distributing personal security devices 有权
标题翻译：维护和分发个人安全设备的系统和方法
公开(公告)号：US07111172B1
公开(公告)日：2006-09-19
申请号：US09356600
申请日：1999-07-19
申请人： William Duane , Peter Röstin
发明人： William Duane , Peter Röstin
IPC分类号： H04K9/00 , G06F11/30
CPC分类号： H04L63/0272 , H04L63/04 , H04L63/0853
摘要： This invention relates to methods and apparatus for securely accessing and providing information including the use of a personal security device on a client where the client is subject to compromise.
摘要翻译：本发明涉及用于安全地访问和提供信息的方法和装置，包括在客户端遭受妥协的客户端上使用个人安全设备。

5. 发明申请

US20050166263A1 System and method providing disconnected authentication 有权
标题翻译：提供断开认证的系统和方法
公开(公告)号：US20050166263A1
公开(公告)日：2005-07-28
申请号：US10938422
申请日：2004-09-10
申请人： Andrew Nanopoulos , Karl Ackerman , Piers Bowness , William Duane , Markus Jakobsson , Burt Kaliski , Dmitri Pal , Shane Rice , Ronald Rivest
发明人： Andrew Nanopoulos , Karl Ackerman , Piers Bowness , William Duane , Markus Jakobsson , Burt Kaliski , Dmitri Pal , Shane Rice , Ronald Rivest
IPC分类号： H04K1/00 , H04L9/32 , H04L29/06
CPC分类号： H04L63/0838 , G06F21/31 , G06F21/34 , G06F2221/2103 , H04L9/002 , H04L9/3228 , H04L9/3234 , H04L9/3236 , H04L9/3271 , H04L63/0853 , H04L2209/38 , H04L2209/80
摘要： In a system for disconnected authentication, verification records corresponding to given authentication token outputs over a predetermined period of time, sequence of events, and/or set of challenges are downloaded to a verifier. The records include encrypted or hashed information for the given authentication token outputs. In one embodiment using time intervals, for each time interval, token output data, a salt value, and a pepper value, are hashed and compared with the verification record for the time interval. After a successful comparison, a user can access the computer. A PIN value can also be provided as an input the hash function. A portion of the hash function output can be used as a key to decrypt an encrypted (Windows) password, or other sensitive information.
摘要翻译：在用于断开认证的系统中，在预定时间段，事件顺序和/或挑战集合上对应于给定认证令牌输出的验证记录被下载到验证者。记录包括给定认证令牌输出的加密或散列信息。在使用时间间隔的一个实施例中，对于每个时间间隔，令牌输出数据，盐值和胡椒值被散列并与时间间隔的验证记录进行比较。成功比较后，用户可以访问计算机。也可以提供PIN值作为输入的散列函数。哈希函数输出的一部分可以用作解密加密（Windows）密码或其他敏感信息的密钥。

6. 发明授权

US08370638B2 Derivative seeds 有权
标题翻译：衍生种子
公开(公告)号：US08370638B2
公开(公告)日：2013-02-05
申请号：US11357724
申请日：2006-02-17
申请人： William Duane , Jeffrey Hamel
发明人： William Duane , Jeffrey Hamel
IPC分类号： H04L29/06 , H04L9/32
CPC分类号： H04L9/0833 , G06F21/31 , G06F21/34 , G07C9/00015 , H04L9/0866 , H04L9/0869 , H04L9/0877 , H04L9/3213
摘要： A method of generating authentication seeds for a plurality of users, the method involving: based on a single master seed, generating a plurality of derivative seeds, each one for a corresponding different one of a plurality of users; and distributing the plurality of derivative seeds to a verifier for use in individually authenticating each of the plurality of users to that verifier, wherein generating each one of the plurality of derivative seeds involves mathematically combining the master seed and a unique identifier identifying the corresponding user.
摘要翻译：一种为多个用户生成认证种子的方法，所述方法包括：基于单个母种，生成多个衍生种子，每个种子种类用于多个用户中的相应不同的一个; 以及将所述多个衍生种子分发到验证器以用于将所述多个用户中的每一个单独认证用于所述验证者，其中生成所述多个衍生种子中的每一个的数学上涉及所述主种子和识别相应用户的唯一标识符。

7. 发明授权

US07831837B1 Encoding token commands/data within data streams for standard interfaces 有权
标题翻译：在标准接口的数据流内编码令牌命令/数据
公开(公告)号：US07831837B1
公开(公告)日：2010-11-09
申请号：US11424427
申请日：2006-06-15
申请人： William Duane , Eric A. Silva , Jeffrey Hamel
发明人： William Duane , Eric A. Silva , Jeffrey Hamel
IPC分类号： G06F21/00
CPC分类号： G06F21/34 , G06F21/629 , G06F21/74 , G06F2221/2105 , H04L63/0838 , H04L63/0853
摘要： A method of communicating within a system that includes a device, a controller for the device, a token, and a driver which implements a predefined interface for enabling communication with and/or control of the device through the controller, the method involving: via the predefined interface, receiving instructions and/or data at the controller from the driver for controlling the device; via the predefined interface, receiving at the controller a preselected control parameter indicating that communication with the token is desired; and in response to receiving the preselected control parameter, directing communications to the token.
摘要翻译：一种在系统内进行通信的方法，所述系统包括设备，用于所述设备的控制器，令牌和驱动器，所述驱动器实现用于通过所述控制器与所述设备进行通信和/或控制的预定界面，所述方法包括：预定义接口，从控制器接收指令和/或数据从驱动器控制设备; 通过预定义的接口，在控制器处接收指示与令牌进行通信的预选控制参数; 并且响应于接收到预选的控制参数，将通信指向令牌。

8. 发明申请

US20060177056A1 Secure seed generation protocol 有权
标题翻译：安全的种子生成协议
公开(公告)号：US20060177056A1
公开(公告)日：2006-08-10
申请号：US10549542
申请日：2004-07-09
申请人： Peter Rostin , Magnus Nystrom , William Duane
发明人： Peter Rostin , Magnus Nystrom , William Duane
IPC分类号： H04L9/28 , H04L9/00 , H04K1/00
CPC分类号： H04L9/3234 , H04L9/06 , H04L9/0869 , H04L9/3242 , H04L9/3271 , H04L63/061 , H04L63/0823 , H04L63/0853 , H04L2209/20 , H04L2209/56 , H04L2209/80
摘要： Techniques for secure generation of a seed for use in performing one or more cryptographic operations, utilizing a seed generation protocol carried out by a seed generation client (110c) and a seed generation server (110s). The seed generation server (110s) provides a first string to the seed generation client (110c). The seed generation client (110c) generates a second string, encrypts the second string utilizing a key (216), and sends the encrypted second string to the seed generation server (110s). The seed generation client (110c) generates the seed as a function of at leas the first string and the second string. The seed generation server (110s) decrypts the encrypted second string (222) and independently generates the seed as a function of at least the first string an the second string.
摘要翻译：利用由种子生成客户端（110c）和种子生成服务器（110s）执行的种子生成协议，用于安全地生成用于执行一个或多个密码操作的种子的技术。种子生成服务器（110s）向种子生成客户端（110c）提供第一串。种子生成客户端（110c）生成第二串，利用密钥（216）加密第二串，并将加密的第二串发送到种子生成服务器（110s）。种子生成客户端（110c）根据第一串和第二串的函数产生种子。种子生成服务器（110s）对加密的第二串（222）进行解密，并且独立地生成作为第二串的至少第一串的函数的种子。

9. 发明授权

US3978260A Substantially curl-free semi-rigid support member for food packages 失效
标题翻译：适用于食品包装的超大型无紧急半刚性支持会员
公开(公告)号：US3978260A
公开(公告)日：1976-08-31
申请号：US594815
申请日：1975-07-10
申请人： Thomas Edward Dobbins , William Duane Hanson , Ronald Eugene Wenzel
发明人： Thomas Edward Dobbins , William Duane Hanson , Ronald Eugene Wenzel
IPC分类号： B32B27/32 , B65D75/54 , B32B3/00
CPC分类号： B65D75/54 , B32B27/32 , Y10T428/24876 , Y10T428/24884 , Y10T428/26
摘要： A support member, for inclusion inside a film-wrapped package of moist and greasy food, comprising a semi-rigid thermoplastic core member printed on both sides with opaque ink distributed in substantially equal amounts on the two sides of the core and having a transparent protective overcoating of a polyolefinic resin or a varnish superposed on the printed core layer.

10. 发明授权

US08966276B2 System and method providing disconnected authentication 有权
标题翻译：提供断开认证的系统和方法
公开(公告)号：US08966276B2
公开(公告)日：2015-02-24
申请号：US10938422
申请日：2004-09-10
申请人： Andrew Nanopoulos , Karl Ackerman , Piers Bowness , William Duane , Markus Jakobsson , Burt Kaliski , Dmitri Pal , Shane D. Rice , Ronald L. Rivest
发明人： Andrew Nanopoulos , Karl Ackerman , Piers Bowness , William Duane , Markus Jakobsson , Burt Kaliski , Dmitri Pal , Shane D. Rice , Ronald L. Rivest
IPC分类号： G06F21/00 , H04L29/06 , G06F21/31 , G06F21/34 , H04L9/32 , H04L9/00
CPC分类号： H04L63/0838 , G06F21/31 , G06F21/34 , G06F2221/2103 , H04L9/002 , H04L9/3228 , H04L9/3234 , H04L9/3236 , H04L9/3271 , H04L63/0853 , H04L2209/38 , H04L2209/80
摘要： In a system for disconnected authentication, verification records corresponding to given authentication token outputs over a predetermined period of time, sequence of events, and/or set of challenges are downloaded to a verifier. The records include encrypted or hashed information for the given authentication token outputs. In one embodiment using time intervals, for each time interval, token output data, a salt value, and a pepper value, are hashed and compared with the verification record for the time interval. After a successful comparison, a user can access the computer. A PIN value can also be provided as an input the hash function. A portion of the hash function output can be used as a key to decrypt an encrypted (Windows) password, or other sensitive information.
摘要翻译：在用于断开认证的系统中，在预定时间段，事件顺序和/或挑战集合上对应于给定认证令牌输出的验证记录被下载到验证者。记录包括给定认证令牌输出的加密或散列信息。在使用时间间隔的一个实施例中，对于每个时间间隔，令牌输出数据，盐值和胡椒值被散列并与时间间隔的验证记录进行比较。成功比较后，用户可以访问计算机。也可以提供PIN值作为输入的散列函数。哈希函数输出的一部分可以用作解密加密（Windows）密码或其他敏感信息的密钥。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式