专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20140075184A1 TRUST SERVICES FOR SECURING DATA IN THE CLOUD 有权
标题翻译：用于保护云端数据的信托服务
公开(公告)号：US20140075184A1
公开(公告)日：2014-03-13
申请号：US13609945
申请日：2012-09-11
申请人： Irina Gorbach , Venkatesh Krishnan , Andrey Shur , Dmitry Denisov , Lars Kuhtz , Sumalatha Adabala , Roy Peter D'Souza , Michael Entin , Michael Ray Clark , Gitika Aggarwal Saubhasik
发明人： Irina Gorbach , Venkatesh Krishnan , Andrey Shur , Dmitry Denisov , Lars Kuhtz , Sumalatha Adabala , Roy Peter D'Souza , Michael Entin , Michael Ray Clark , Gitika Aggarwal Saubhasik
IPC分类号： H04L29/06
CPC分类号： H04L63/04 , G06F8/61 , G06F17/30197 , G06F21/6218 , G06F2221/2107 , G06F2221/2115 , H04L63/06 , H04L63/20 , H04L2463/062
摘要： Embodiments are directed to securing data in the cloud, securely encrypting data that is to be stored in the cloud and to securely decrypting data accessed from the cloud. In one scenario, an instantiated trust service receives information indicating that a trust server is to be instantiated. The trust service instantiates the trust server, which is configured to store key references and encrypted keys. The trust service receives the public key portion of a digital certificate for each publisher and subscriber that is to have access to various specified portions of encrypted data. A data access policy is then defined that specifies which encrypted data portions can be accessed by which subscribers.
摘要翻译：实施例旨在保护云中的数据，安全地加密要存储在云中的数据，并安全地解密从云访问的数据。在一种情况下，实例化的信任服务接收指示信任服务器被实例化的信息。信任服务实例化信任服务器，该服务器被配置为存储密钥引用和加密密钥。信任服务接收每个发布者和订户的数字证书的公共密钥部分，该用户可以访问加密数据的各种指定部分。然后定义数据访问策略，其指定可由哪个订户访问哪些加密数据部分。

2. 发明授权

US09894040B2 Trust services for securing data in the cloud 有权
公开(公告)号：US09894040B2
公开(公告)日：2018-02-13
申请号：US13609945
申请日：2012-09-11
申请人： Irina Gorbach , Venkatesh Krishnan , Andrey Shur , Dmitry Denisov , Lars Kuhtz , Sumalatha Adabala , Roy Peter D'Souza , Michael Entin , Michael Ray Clark , Gitika Aggarwal Saubhasik
发明人： Irina Gorbach , Venkatesh Krishnan , Andrey Shur , Dmitry Denisov , Lars Kuhtz , Sumalatha Adabala , Roy Peter D'Souza , Michael Entin , Michael Ray Clark , Gitika Aggarwal Saubhasik
IPC分类号： H04L29/06 , G06F21/62 , G06F17/30 , G06F9/445
CPC分类号： H04L63/04 , G06F8/61 , G06F17/30197 , G06F21/6218 , G06F2221/2107 , G06F2221/2115 , H04L63/06 , H04L63/20 , H04L2463/062
摘要： Embodiments are directed to securing data in the cloud, securely encrypting data that is to be stored in the cloud and to securely decrypting data accessed from the cloud. In one scenario, an instantiated trust service receives information indicating that a trust server is to be instantiated. The trust service instantiates the trust server, which is configured to store key references and encrypted keys. The trust service receives the public key portion of a digital certificate for each publisher and subscriber that is to have access to various specified portions of encrypted data. A data access policy is then defined that specifies which encrypted data portions can be accessed by which subscribers.

3. 发明授权

US08681992B2 Monitoring and controlling access to electronic content 失效
标题翻译：监控和控制对电子内容的访问
公开(公告)号：US08681992B2
公开(公告)日：2014-03-25
申请号：US13716351
申请日：2012-12-17
申请人： Roy Peter D'Souza , Lars Kuhtz
发明人： Roy Peter D'Souza , Lars Kuhtz
IPC分类号： H04L9/00 , H04L9/32
CPC分类号： H04L9/14 , H04L9/08 , H04L9/0825 , H04L9/0833 , H04L9/30 , H04L2209/24
摘要： Methods, systems and apparatuses for monitoring and controlling access to an electronic content are disclosed. One method includes creating, by an owner server, a group comprising generating a group public key PKG and a group secret key SKG. The method further includes adding, by the owner server, a member to the group, comprising generating a first share SKG1 from the group secret key SKG and a public key of a member, and a second share SKG2 from the group secret key SKG and a public key of a mediator, and providing, by the owner server, the first share SKG1 to a member server of the member and the second shares SKG2 to a mediator server of the mediator.
摘要翻译：公开了用于监视和控制对电子内容的访问的方法，系统和装置。一种方法包括由所有者服务器创建包括生成组公钥PKG和组密钥SKG的组。该方法还包括由所有者服务器向该组添加成员，包括从组密钥SKG和成员的公钥生成第一共享SKG1，以及从组密钥SKG生成第二共享SKG2和公钥，并由所有者服务器将第一股份SKG1提供给成员的成员服务器，第二股份SKG2提供给调解员的中介服务器。

4. 发明申请

US20140149734A1 MEDIATOR MONITORING AND CONTROLLING ACCESS TO ELECTRONIC CONTENT 有权
标题翻译：中介监测和控制访问电子内容
公开(公告)号：US20140149734A1
公开(公告)日：2014-05-29
申请号：US14171682
申请日：2014-02-03
申请人： Roy Peter D'Souza , Lars Kuhtz
发明人： Roy Peter D'Souza , Lars Kuhtz
IPC分类号： H04L9/30
CPC分类号： H04L9/14 , H04L9/08 , H04L9/0825 , H04L9/0833 , H04L9/30 , H04L2209/24
摘要： Methods, systems and apparatuses for a mediator controlling access to an electronic content, are disclosed. One method includes receiving, by a mediator server of a mediator, a second share SKG2 from an owner server, wherein a first share SKG1 is provided to a member server of a member of a group by the owner server. Further, the mediator receives a request for mediation, including the mediator receiving a dispatch of the header of the encrypted electronic content from the member. Further, the mediator determines whether the member is eligible to decrypt the electronic content, if eligible, the mediator responding to the request for mediation with a member accessible header, wherein the member accessible header includes the header after application of SKG2.
摘要翻译：公开了用于控制对电子内容的访问的调解器的方法，系统和装置。一种方法包括由调解员的中介服务器从所有者服务器接收第二共享SKG2，其中第一共享SKG1由所有者服务器提供给组成员的成员服务器。此外，调解员接收到调解请求，包括调解员从成员接收加密的电子内容的标题的分派。此外，调解员确定该成员是否有资格解密电子内容，如果符合资格，则中介者使用会员可访问头部响应中介请求，其中该会员可访问头部在应用SKG2之后包括头部。

5. 发明申请

US20130212395A1 MONITORING AND CONTROLLING ACCESS TO ELECTRONIC CONTENT 失效
标题翻译：监控和控制电子内容
公开(公告)号：US20130212395A1
公开(公告)日：2013-08-15
申请号：US13716351
申请日：2012-12-17
申请人： Roy Peter D'Souza , Lars Kuhtz
发明人： Roy Peter D'Souza , Lars Kuhtz
IPC分类号： H04L9/08
CPC分类号： H04L9/14 , H04L9/08 , H04L9/0825 , H04L9/0833 , H04L9/30 , H04L2209/24
摘要： Methods, systems and apparatuses for monitoring and controlling access to an electronic content are disclosed. One method includes creating, by an owner server, a group comprising generating a group public key PKG and a group secret key SKG. The method further includes adding, by the owner server, a member to the group, comprising generating a first share SKG1 from the group secret key SKG and a public key of a member, and a second share SKG2 from the group secret key SKG and a public key of a mediator, and providing, by the owner server, the first share SKG1 to a member server of the member and the second shares SKG2 to a mediator server of the mediator.
摘要翻译：公开了用于监视和控制对电子内容的访问的方法，系统和装置。一种方法包括由所有者服务器创建包括生成组公钥PKG和组密钥SKG的组。该方法还包括由所有者服务器向该组添加成员，包括从组密钥SKG和成员的公钥生成第一共享SKG1，以及从组密钥SKG生成第二共享SKG2和公钥，并由所有者服务器将第一股份SKG1提供给成员的成员服务器，第二股份SKG2提供给调解员的中介服务器。

6. 发明申请

US20110145580A1 TRUSTWORTHY EXTENSIBLE MARKUP LANGUAGE FOR TRUSTWORTHY COMPUTING AND DATA SERVICES 审中-公开
标题翻译：信赖的可扩展的语言用于信任计算和数据服务
公开(公告)号：US20110145580A1
公开(公告)日：2011-06-16
申请号：US12832433
申请日：2010-07-08
申请人： Rahul V. Auradkar , Roy Peter D'Souza , Darrell J. Cannon , Venkatesh Krishnan
发明人： Rahul V. Auradkar , Roy Peter D'Souza , Darrell J. Cannon , Venkatesh Krishnan
IPC分类号： H04L9/32 , G06F12/14 , H04L9/08
CPC分类号： H04L63/0428 , H04L63/061 , H04L67/1097
摘要： A digital escrow pattern for data services can include selective access for obscured data at a remote site or in a cloud service, distributing trust across multiple entities to avoid a single point of data compromise. Based on the pattern, a “trustworthy envelope” for any kind of payload enables curtained access through a variety of decorations or seals placed on the envelope that allow for a gamut of trust ranging with guarantees such as, but not limited to, confidentiality, privacy, anonymity, tamper detection, integrity, etc. For instance, XML tags can be applied or augmented to create trust envelopes for structured XML data. Some examples of mathematical transformations or ‘decorations’ that can be applied to the XML data include, but are not limited to, size-preserving encryption, searchable-encryption, or Proof(s) of Application, blind fingerprints, Proof(s) of Retrievability, etc.
摘要翻译：用于数据服务的数字托管模式可以包括对远程站点或云服务中的模糊数据的选择性访问，在多个实体之间分发信任以避免单点数据泄密。基于这种模式，任何类型的有效载荷的“值得信赖的信封”可以通过放置在信封上的各种装饰或密封件进行屏蔽，允许范围广泛的信任范围，包括但不限于保密性，隐私性，匿名性，篡改检测，完整性等。例如，可以应用或扩充XML标签，以创建结构化XML数据的信任包络。可以应用于XML数据的数学变换或“装饰”的一些示例包括但不限于尺寸保存加密，可搜索加密或应用证明，盲指纹，证明可追溯性等

7. 发明授权

US10348693B2 Trustworthy extensible markup language for trustworthy computing and data services 有权
公开(公告)号：US10348693B2
公开(公告)日：2019-07-09
申请号：US12832433
申请日：2010-07-08
申请人： Rahul V. Auradkar , Roy Peter D'Souza , Darrell J. Cannon , Venkatesh Krishnan
发明人： Rahul V. Auradkar , Roy Peter D'Souza , Darrell J. Cannon , Venkatesh Krishnan
IPC分类号： H04L29/06 , H04L29/08
摘要： A digital escrow pattern for data services can include selective access for obscured data at a remote site or in a cloud service, distributing trust across multiple entities to avoid a single point of data compromise. Based on the pattern, a “trustworthy envelope” for any kind of payload enables curtained access through a variety of decorations or seals placed on the envelope that allow for a gamut of trust ranging with guarantees such as, but not limited to, confidentiality, privacy, anonymity, tamper detection, integrity, etc. For instance, XML tags can be applied or augmented to create trust envelopes for structured XML data. Some examples of mathematical transformations or ‘decorations’ that can be applied to the XML data include, but are not limited to, size-preserving encryption, searchable-encryption, or Proof(s) of Application, blind fingerprints, Proof(s) of Retrievability, etc.

8. 发明授权

US09537650B2 Verifiable trust for data through wrapper composition 有权
标题翻译：通过包装组合验证数据的信任
公开(公告)号：US09537650B2
公开(公告)日：2017-01-03
申请号：US12832400
申请日：2010-07-08
申请人： Rahul V. Auradkar , Roy Peter D'Souza
发明人： Rahul V. Auradkar , Roy Peter D'Souza
IPC分类号： G06F21/72 , H04L9/00 , G06F21/62 , H04L29/06 , H04L29/08
CPC分类号： H04L63/0435 , G06F17/11 , G06F17/30911 , G06F17/30938 , G06F21/6218 , G06F21/6227 , G06F2221/2101 , G06F2221/2141 , G06F2221/2149 , H04L9/00 , H04L9/006 , H04L9/0643 , H04L9/0822 , H04L9/0833 , H04L9/0877 , H04L9/14 , H04L9/30 , H04L9/3247 , H04L63/0428 , H04L63/102 , H04L67/10 , H04L67/1097 , H04L2209/16
摘要： A digital escrow pattern for data services can include selective access for obscured data at a remote site or in a cloud service, distributing trust across multiple entities to avoid a single point of data compromise. Based on the pattern, a “trustworthy envelope” for any kind of payload enables curtained access through a variety of decorations or seals placed on the envelope that allow for a gamut of trust ranging with guarantees such as, but not limited to, confidentiality, privacy, anonymity, tamper detection, integrity, etc. Verifiable trust is provided through families of techniques that are referred to as wrapper composition. Multiple concentric and/or lateral transform wrappers or layers can wholly or partially transform data, metadata or both to mathematical transform (e.g., encrypt, distribute across storage, obscure) or otherwise introduce lack of visibility to some or all of the data, metadata or both.
摘要翻译：用于数据服务的数字托管模式可以包括对远程站点或云服务中的模糊数据的选择性访问，在多个实体之间分发信任以避免单点数据泄密。基于这种模式，任何类型的有效载荷的“值得信赖的信封”可以通过放置在信封上的各种装饰或密封件进行屏蔽，允许范围广泛的信任范围，包括但不限于保密性，隐私性，匿名性，篡改检测，完整性等。可通过称为包装组合的技术家族提供可验证的信任。多个同心和/或横向变换包装器或层可以将数据，元数据或两者全部或部分地转换成数学变换（例如，加密，跨存储分布，模糊）或以其他方式引入对一些或全部数据，元数据或都。

9. 发明授权

US08891772B2 Cloud key escrow system 有权
标题翻译：云密钥托管系统
公开(公告)号：US08891772B2
公开(公告)日：2014-11-18
申请号：US13162950
申请日：2011-06-17
申请人： Roy Peter D'Souza , Omkant Pandey
发明人： Roy Peter D'Souza , Omkant Pandey
IPC分类号： H04L9/32 , H04L9/08
CPC分类号： H04L63/0428 , G06F21/602 , G06F2221/2107 , G06F2221/2115 , H04L9/0825 , H04L9/085 , H04L9/0894 , H04L63/0442 , H04L63/061
摘要： Embodiments are directed to allowing a user to store encrypted, third-party-accessible data in a data store and to providing third party data access to a user's encrypted data according to a predefined policy. A data storage system receives encrypted data from a user at a data storage system. The data is encrypted using the user's private key. The data storage system stores the received encrypted data according to a predefined policy. The encryption prevents the storage system from gaining access to the encrypted data, while the policy allows the encrypted data to be released upon receiving a threshold number of requests from verified third parties. The data storage system implements a verifiable secret sharing scheme to verify that the encrypted data can be reconstituted without the data storage system accessing the encrypted data. The data storage system synchronously acknowledges that the received encrypted data has been verified and successfully stored.
摘要翻译：实施例旨在允许用户将加密的第三方可访问数据存储在数据存储中，并根据预定义的策略向用户的加密数据提供第三方数据访问。数据存储系统从数据存储系统的用户接收加密数据。使用用户的私钥对数据进行加密。数据存储系统根据预定义的策略存储所接收的加密数据。该加密防止存储系统获得对加密数据的访问，而该策略允许在从经验证的第三方接收到阈值数量的请求时释放加密数据。数据存储系统实现可验证的秘密共享方案，以验证加密数据可以在没有数据存储系统访问加密数据的情况下重新构建。数据存储系统同步地确认所接收的加密数据已被验证并成功存储。

10. 发明申请

US20130254841A1 SECURE CLOUD COMPUTING PLATFORM 有权
标题翻译：安全云计算平台
公开(公告)号：US20130254841A1
公开(公告)日：2013-09-26
申请号：US13430598
申请日：2012-03-26
申请人： Ramarathnam Venkatesan , Kenneth H. Eguro , Roy Peter D'Souza
发明人： Ramarathnam Venkatesan , Kenneth H. Eguro , Roy Peter D'Souza
IPC分类号： G06F21/00
CPC分类号： G06F21/85
摘要： A secure cloud computing platform. The platform has a pool of secure computing devices such that each can be allocated to a customer as with other computing resources. Each secure computing device may be configured by a customer with a key and software for performing operations on sensitive data. The customer may submit data, defining a job for execution on the platform, as cyphertext. The secure computing device may perform operations on that data, which may include decrypting the data with the key and then executing the software to perform an operation on cleartext data. This operation, and the data on which it is performed, though in cleartext, may be inaccessible to the operator of the cloud computing platform. The device may operate according to a secure protocol under which the software is validated before loading and the device is provisioned with a key shared with the customer.
摘要翻译：一个安全的云计算平台。该平台具有一组安全计算设备，使得每个可以与其他计算资源一样分配给客户。每个安全计算设备可以由具有用于对敏感数据执行操作的密钥和软件的客户配置。客户可以提交数据，在平台上定义作业以执行作为cyphertext。安全计算设备可以对该数据执行操作，其可以包括用密钥解密数据，然后执行软件以对明文数据执行操作。该操作及其执行的数据虽然明文可能无法由云计算平台的操作员访问。设备可以根据安全协议进行操作，在该安全协议下，软件在加载之前被验证并且设备被提供有与客户共享的密钥。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式