专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20100242102A1 Biometric credential verification framework 审中-公开
标题翻译：生物识别凭证验证框架
公开(公告)号：US20100242102A1
公开(公告)日：2010-09-23
申请号：US11477160
申请日：2006-06-27
申请人： David B. Cross , Paul J. Leach , Klaus U. Schutz , Robert D. Young , Nathan C. Sherman
发明人： David B. Cross , Paul J. Leach , Klaus U. Schutz , Robert D. Young , Nathan C. Sherman
IPC分类号： G06F21/00 , H04L29/06 , H04L9/08
CPC分类号： G06F21/32 , G06F21/335 , G06Q20/40145 , H04L63/0428 , H04L63/067 , H04L63/0807 , H04L63/0823 , H04L63/083 , H04L63/0861 , H04L63/10 , H04L63/126
摘要： Use of a biometric identification device in a client computer system to subsequently access an authentication system includes receiving biometric sample data which is digitally signed and combining the data with a user ID and PIN. This package of data is then securely transmitted to a biometric matching server to validate the user and the biometric sample. Once validated, the biometric matching server return the data package plus a temporary certificate and a public/private key pair to the client computer. The client computer may then use this information to access an authentication system to subsequently gain access to a secure resource.
摘要翻译：在客户端计算机系统中使用生物识别装置随后访问认证系统包括接收数字签名的生物特征样本数据，并将数据与用户ID和PIN组合。然后将该数据包安全地传输到生物特征匹配服务器以验证用户和生物特征样本。一旦验证，生物特征匹配服务器将数据包加上临时证书和公钥/私钥对返回给客户端计算机。然后，客户端计算机可以使用该信息来访问认证系统以随后获得对安全资源的访问。

2. 发明授权

US08640256B2 File system operation and digital rights management (DRM) 有权
标题翻译：文件系统操作和数字版权管理（DRM）
公开(公告)号：US08640256B2
公开(公告)日：2014-01-28
申请号：US13352038
申请日：2012-01-17
申请人： David B. Cross , Paul J. Leach
发明人： David B. Cross , Paul J. Leach
IPC分类号： H04L9/32
CPC分类号： G06F17/30067
摘要： A file system is configured for use with files protected by digital rights management (DRM) content controls and to interact both with applications that are, and are not, DRM aware. The file system may be configured for use by two applications, in a manner that may provide the second application with protected files if the first application was previously allowed access. In one example, a user context cache of DRM-protected files is created. The files in the cache may have been decrypted in response to a request(s) from the first application. Subsequent requests from the second application may be received for files within the user context cache of DRM-protected files. At least one of the files within the user context cache of DRM-protected files may be provided to the second application if the second application has a joint user context with the first application.
摘要翻译：文件系统被配置为与受数字权限管理（DRM）内容控制保护的文件一起使用，并且与DRM感知的应用程序进行交互。文件系统可以被配置为由两个应用程序使用，其方式可以是如果第一应用程序以前被允许访问则可以向第二应用提供受保护的文件。在一个示例中，创建DRM保护文件的用户上下文高速缓存。响应于来自第一应用的请求，缓存中的文件可能已被解密。可以针对受DRM保护的文件的用户上下文高速缓存中的文件接收来自第二应用的后续请求。如果第二应用具有与第一应用的联合用户上下文，则DRM受保护文件的用户上下文高速缓存内的至少一个文件可以被提供给第二应用。

3. 发明申请

US20080235807A1 File System Operation and Digital Rights Management (DRM) 有权
标题翻译：文件系统操作和数字版权管理（DRM）
公开(公告)号：US20080235807A1
公开(公告)日：2008-09-25
申请号：US12131884
申请日：2008-06-02
申请人： David B. Cross , Paul J. Leach
发明人： David B. Cross , Paul J. Leach
IPC分类号： G06F21/00 , H04L9/32
CPC分类号： G06F17/30067
摘要： File system interaction with digital rights management (DRM) is facilitated by enabling one or more file system components to be DRM-aware. These one or more file system components may be part of a computer operating system. An exemplary system implementation includes: one or more processors; and one or more media in operative communication therewith, the media storing one or more file system components that are configured to provide content having DRM controls to a requesting program in either a raw form or a decrypted form in dependence on whether the DRM controls comprise simple DRM content controls or complex DRM content controls. In another exemplary system implementation, the one or more file system components are configured to provide files with simple DRM content controls to requesting applications in a decrypted form and to provide files with complex DRM content controls to requesting applications in an unaltered form.
摘要翻译：通过使一个或多个文件系统组件成为DRM感知来促进与数字版权管理（DRM）的文件系统交互。这些一个或多个文件系统组件可以是计算机操作系统的一部分。示例性系统实现包括：一个或多个处理器; 以及与其操作通信的一个或多个媒体，所述媒体存储一个或多个文件系统组件，其被配置为根据DRM控件是否包括简单的形式，以原始形式或解密形式向请求程序提供具有DRM控制的内容 DRM内容控件或复杂的DRM内容控件。在另一示例性系统实现中，一个或多个文件系统组件被配置为提供具有简单DRM内容控制的文件，以解密形式来请求应用程序，并且提供具有复杂DRM内容控制的文件以以未改变的形式请求应用程序。

4. 发明授权

US07383586B2 File system operation and digital rights management (DRM) 有权
标题翻译：文件系统操作和数字版权管理（DRM）
公开(公告)号：US07383586B2
公开(公告)日：2008-06-03
申请号：US10346429
申请日：2003-01-17
申请人： David B. Cross , Paul J. Leach
发明人： David B. Cross , Paul J. Leach
IPC分类号： H04L9/32
CPC分类号： G06F17/30067
摘要： File system interaction with digital rights management (DRM) is facilitated by enabling one or more file system components to be DRM-aware. These one or more file system components may be part of a computer operating system. An exemplary system implementation includes: one or more processors; and one or more media in operative communication therewith, the media storing one or more file system components that are configured to provide content having DRM controls to a requesting program in either a raw form or a decrypted form in dependence on whether the DRM controls comprise simple DRM content controls or complex DRM content controls. In another exemplary system implementation, the one or more file system components are configured to provide files with simple DRM content controls to requesting applications in a decrypted form and to provide files with complex DRM content controls to requesting applications in an unaltered form.
摘要翻译：通过使一个或多个文件系统组件成为DRM感知来促进与数字版权管理（DRM）的文件系统交互。这些一个或多个文件系统组件可以是计算机操作系统的一部分。示例性系统实现包括：一个或多个处理器; 以及与其操作通信的一个或多个媒体，所述媒体存储一个或多个文件系统组件，其被配置为根据DRM控件是否包括简单的形式，以原始形式或解密形式向请求程序提供具有DRM控制的内容 DRM内容控件或复杂的DRM内容控件。在另一示例性系统实现中，一个或多个文件系统组件被配置为提供具有简单DRM内容控制的文件，以解密形式来请求应用程序，并且提供具有复杂DRM内容控制的文件以以未改变的形式请求应用程序。

5. 发明授权

US07181016B2 Deriving a symmetric key from an asymmetric key for file encryption or decryption 有权
标题翻译：从用于文件加密或解密的非对称密钥中导出对称密钥
公开(公告)号：US07181016B2
公开(公告)日：2007-02-20
申请号：US10351683
申请日：2003-01-27
申请人： David B. Cross , Jianrong Gu , Josh D. Benaloh , Thomas C. Jones , Paul J. Leach , Glenn D. Pittaway
发明人： David B. Cross , Jianrong Gu , Josh D. Benaloh , Thomas C. Jones , Paul J. Leach , Glenn D. Pittaway
IPC分类号： H04L9/00
CPC分类号： H04L63/045 , G06Q20/3829 , H04L9/0822 , H04L9/0894 , H04L63/0823
摘要： One aspect relates to a process and associated device that provides a private key of an asymmetric key pair in a key device. A symmetric master key is derived from the private key of the asymmetric key pair. The symmetric master key is stored in a computer memory location. The symmetric master key is used to encrypt or decrypt a file encryption key. The file encryption key can encrypt or decrypt files. In another aspect, the user can still access the files even if a user deactivates the key device by encrypting or decrypting the file encryption key directly from the symmetric master key.
摘要翻译：一个方面涉及在密钥设备中提供非对称密钥对的私钥的过程和相关设备。对称主密钥是从非对称密钥对的私有密钥导出的。对称主密钥存储在计算机内存位置。对称主密钥用于加密或解密文件加密密钥。文件加密密钥可以加密或解密文件。在另一方面，即使用户通过直接从对称主密钥加密或解密文件加密密钥来使密钥设备停用，用户仍然可以访问文件。

6. 发明授权

US08621561B2 Selective authorization based on authentication input attributes 有权
标题翻译：基于认证输入属性的选择性授权
公开(公告)号：US08621561B2
公开(公告)日：2013-12-31
申请号：US11969456
申请日：2008-01-04
申请人： David B. Cross , Mark F. Novak , Oded Ye Shekel , Paul J. Leach , Andreas Luther , Thomas C. Jones
发明人： David B. Cross , Mark F. Novak , Oded Ye Shekel , Paul J. Leach , Andreas Luther , Thomas C. Jones
IPC分类号： H04L29/06 , G06F21/00
CPC分类号： H04L9/3213 , H04L9/3226 , H04L9/3263 , H04L63/0807
摘要： Embodiments for providing differentiated access based on authentication input attributes are disclosed. In accordance with one embodiment, a method includes receiving an authentication input at an authentication authority using an authentication protocol. The authentication input being associated with a client. The method also includes providing one or more representations for the authentication input, wherein each of the representations represents an attribute of the authentication input.
摘要翻译：公开了基于认证输入属性提供差分访问的实施例。根据一个实施例，一种方法包括使用认证协议在认证机构处接收认证输入。认证输入与客户端相关联。该方法还包括为认证输入提供一个或多个表示，其中每个表示代表认证输入的属性。

7. 发明申请

US20090178129A1 SELECTIVE AUTHORIZATION BASED ON AUTHENTICATION INPUT ATTRIBUTES 有权
标题翻译：基于认证输入属性的选择性授权
公开(公告)号：US20090178129A1
公开(公告)日：2009-07-09
申请号：US11969456
申请日：2008-01-04
申请人： David B. Cross , Mark F. Novak , Oded Ye Shekel , Paul J. Leach , Andreas Luther , Thomas C. Jones
发明人： David B. Cross , Mark F. Novak , Oded Ye Shekel , Paul J. Leach , Andreas Luther , Thomas C. Jones
IPC分类号： H04L9/32
CPC分类号： H04L9/3213 , H04L9/3226 , H04L9/3263 , H04L63/0807
摘要： Embodiments for providing differentiated access based on authentication input attributes are disclosed. In accordance with one embodiment, a method includes receiving an authentication input at an authentication authority using an authentication protocol. The authentication input being associated with a client. The method also includes providing one or more representations for the authentication input, wherein each of the representations represents an attribute of the authentication input.
摘要翻译：公开了基于认证输入属性提供差分访问的实施例。根据一个实施例，一种方法包括使用认证协议在认证机构处接收认证输入。认证输入与客户端相关联。该方法还包括为认证输入提供一个或多个表示，其中每个表示代表认证输入的属性。

8. 发明授权

US07434253B2 User mapping information extension for protocols 有权
标题翻译：协议的用户映射信息扩展
公开(公告)号：US07434253B2
公开(公告)日：2008-10-07
申请号：US11181525
申请日：2005-07-14
申请人： Christopher J. Crall , Gennady Medvinsky , Joshua Ball , Karthik Jaganathan , Paul J. Leach , Liqiang Zhu , David B. Cross
发明人： Christopher J. Crall , Gennady Medvinsky , Joshua Ball , Karthik Jaganathan , Paul J. Leach , Liqiang Zhu , David B. Cross
IPC分类号： H04L9/32 , H04L9/00
CPC分类号： H04L9/3263 , H04L9/3273 , H04L63/0807 , H04L63/0823 , H04L63/0876 , H04L63/10 , H04L63/166
摘要： A hint containing user mapping information is provided in messages that may be exchanged during authentication handshakes. For example, a client may provide user mapping information to the server during authentication. The hint (e.g., in the form of a TLS extension mechanism) may be used to send the domain/user name information of a client to aid the server in mapping the user's certificate to an account. The extension mechanism provides integrity and authenticity of the mapping data sent by the client. The user provides a hint as to where to find the right account or domain controller (which points to, or otherwise maintains, the correct account). Based on the hint and other information in the certificate, the user is mapped to an account. The hint may be provided by the user when he logs in. Thus, a certificate is mapped to an identity to authenticate the user. A hint is sent along with the certificate information to perform the binding. Existing protocols may be extended to communicate the additional mapping information (the hint) to perform the binding. A vendor specific extension to Kerberos is defined to obtain the authorization data based on an X.509 certificate and the mapping user name hint.
摘要翻译：在认证握手期间可以交换的消息中提供了包含用户映射信息的提示。例如，客户端可以在认证期间向服务器提供用户映射信息。提示（例如，以TLS扩展机制的形式）可以用于发送客户端的域/用户名信息，以帮助服务器将用户的证书映射到帐户。扩展机制提供客户端发送的映射数据的完整性和真实性。用户提供关于在哪里找到正确的帐户或域控制器（指向或以其他方式维护正确的帐户）的提示。根据证书中的提示和其他信息，用户被映射到一个帐户。提示可以由用户在登录时提供。因此，证书被映射到身份以验证用户。发送提示与证书信息一起执行绑定。可以扩展现有协议以传达额外的映射信息（提示）来执行绑定。定义了针对Kerberos的供应商特定扩展，以根据X.509证书和映射用户名提示获取授权数据。

9. 发明申请

US20120117662A1 FILE SYSTEM OPERATION AND DIGITAL RIGHTS MANAGEMENT (DRM) 有权
标题翻译：文件系统操作和数字权限管理（DRM）
公开(公告)号：US20120117662A1
公开(公告)日：2012-05-10
申请号：US13352038
申请日：2012-01-17
申请人： David B. Cross , Paul J. Leach
发明人： David B. Cross , Paul J. Leach
IPC分类号： G06F17/30
CPC分类号： G06F17/30067
摘要： A file system is configured for use with files protected by digital rights management (DRM) content controls and to interact both with applications that are, and are not, DRM aware. The file system may be configured for use by two applications, in a manner that may provide the second application with protected files if the first application was previously allowed access. In one example, a user context cache of DRM-protected files is created. The files in the cache may have been decrypted in response to a request(s) from the first application. Subsequent requests from the second application may be received for files within the user context cache of DRM-protected files. At least one of the files within the user context cache of DRM-protected files may be provided to the second application if the second application has a joint user context with the first application.
摘要翻译：文件系统被配置为与受数字权限管理（DRM）内容控制保护的文件一起使用，并且与DRM感知的应用程序进行交互。文件系统可以被配置为由两个应用程序使用，其方式可以是如果第一应用程序以前被允许访问则可以向第二应用提供受保护的文件。在一个示例中，创建DRM保护文件的用户上下文高速缓存。响应于来自第一应用的请求，缓存中的文件可能已被解密。可以针对受DRM保护的文件的用户上下文高速缓存中的文件接收来自第二应用的后续请求。如果第二应用具有与第一应用的联合用户上下文，则DRM受保护文件的用户上下文高速缓存内的至少一个文件可以被提供给第二应用。

10. 发明授权

US08117666B2 File system operation and digital rights management (DRM) 有权
标题翻译：文件系统操作和数字版权管理（DRM）
公开(公告)号：US08117666B2
公开(公告)日：2012-02-14
申请号：US12131884
申请日：2008-06-02
申请人： David B. Cross , Paul J. Leach
发明人： David B. Cross , Paul J. Leach
IPC分类号： H04L9/32
CPC分类号： G06F17/30067
摘要： File system interaction with digital rights management (DRM) is facilitated by enabling one or more file system components to be DRM-aware. These one or more file system components may be part of a computer operating system. An exemplary system implementation includes: one or more processors; and one or more media in operative communication therewith, the media storing one or more file system components that are configured to provide content having DRM controls to a requesting program in either a raw form or a decrypted form in dependence on whether the DRM controls comprise simple DRM content controls or complex DRM content controls. In another exemplary system implementation, the one or more file system components are configured to provide files with simple DRM content controls to requesting applications in a decrypted form and to provide files with complex DRM content controls to requesting applications in an unaltered form.
摘要翻译：通过使一个或多个文件系统组件成为DRM感知来促进与数字版权管理（DRM）的文件系统交互。这些一个或多个文件系统组件可以是计算机操作系统的一部分。示例性系统实现包括：一个或多个处理器; 以及与其操作通信的一个或多个媒体，所述媒体存储一个或多个文件系统组件，其被配置为根据DRM控件是否包括简单的形式，以原始形式或解密形式向请求程序提供具有DRM控制的内容 DRM内容控件或复杂的DRM内容控件。在另一示例性系统实现中，一个或多个文件系统组件被配置为提供具有简单DRM内容控制的文件，以解密形式来请求应用程序，并且提供具有复杂DRM内容控制的文件以以未改变形式请求应用程序。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式