专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20090276841A1 METHOD AND DEVICE FOR DYNAMIC DEPLOYMENT OF TRUST BRIDGES IN AN AD HOC WIRELESS NETWORK 有权
标题翻译：在无线网络中动态分配信任桥的方法和设备
公开(公告)号：US20090276841A1
公开(公告)日：2009-11-05
申请号：US12112319
申请日：2008-04-30
申请人： Liang Guo , Qi Bao , Donald E. Eastlake, III , Whay Chiou Lee , Anthony R. Metke
发明人： Liang Guo , Qi Bao , Donald E. Eastlake, III , Whay Chiou Lee , Anthony R. Metke
IPC分类号： H04L9/32
CPC分类号： H04L63/0823 , H04W84/12
摘要： A method for deploying a trust bridge in an ad hoc wireless network can provide interoperability for multi-organizational authentication. The method includes processing at a delegate certification authority (DCA) node device authorizations received from of a plurality of certification authorities (CAs) of different organizations, where the authorizations authorize the DCA node device to serve as a DCA representing the CAs (step 1105). The DCA node device then processes context information received from the ad hoc wireless network (step 1110). Next, the DCA node device determines, based on the context information, that a second node device should be enabled as a new trust bridge (step 1115). The DCA node device then performs a trust bridge deployment to enable the second node device to serve as the new trust bridge (step 1120).
摘要翻译：在自组织无线网络中部署信任网桥的方法可以为多机构认证提供互操作性。该方法包括在来自不同组织的多个认证机构（CA）的接收认证机构（DCA）节点设备授权处理，其中授权授权DCA节点设备充当代表CA的DCA（步骤1105）。 DCA节点设备然后处理从自组织无线网络接收的上下文信息（步骤1110）。接下来，DCA节点设备基于上下文信息确定第二节点设备应该被启用为新的信任桥（步骤1115）。 DCA节点设备然后执行信任桥部署以使得第二节点设备能够用作新的信任桥（步骤1120）。

2. 发明授权

US08539225B2 Method and device for dynamic deployment of trust bridges in an ad hoc wireless network 有权
标题翻译：用于在自组织无线网络中动态部署信任网桥的方法和设备
公开(公告)号：US08539225B2
公开(公告)日：2013-09-17
申请号：US12112319
申请日：2008-04-30
申请人： Liang Guo , Qi Bao , Donald E. Eastlake, III , Whay Chiou Lee , Anthony R. Metke
发明人： Liang Guo , Qi Bao , Donald E. Eastlake, III , Whay Chiou Lee , Anthony R. Metke
IPC分类号： H04L29/06
CPC分类号： H04L63/0823 , H04W84/12
摘要： A method for deploying a trust bridge in an ad hoc wireless network can provide interoperability for multi-organizational authentication. The method includes processing at a delegate certification authority (DCA) node device authorizations received from of a plurality of certification authorities (CAs) of different organizations, where the authorizations authorize the DCA node device to serve as a DCA representing the CAs (step 1105). The DCA node device then processes context information received from the ad hoc wireless network (step 1110). Next, the DCA node device determines, based on the context information, that a second node device should be enabled as a new trust bridge (step 1115). The DCA node device then performs a trust bridge deployment to enable the second node device to serve as the new trust bridge (step 1120).
摘要翻译：在自组织无线网络中部署信任网桥的方法可以为多机构认证提供互操作性。该方法包括在来自不同组织的多个认证机构（CA）的接收认证机构（DCA）节点设备授权处理，其中授权授权DCA节点设备充当代表CA的DCA（步骤1105）。 DCA节点设备然后处理从自组织无线网络接收的上下文信息（步骤1110）。接下来，DCA节点设备基于上下文信息确定第二节点设备应该被启用为新的信任桥（步骤1115）。 DCA节点设备然后执行信任桥部署以使得第二节点设备能够用作新的信任桥（步骤1120）。

3. 发明申请

US20100250922A1 METHOD AND SYSTEM FOR PROPAGATING TRUST IN AN AD HOC WIRELESS COMMUNICATION NETWORK 审中-公开
标题翻译：在无线通信网络中传播信任的方法和系统
公开(公告)号：US20100250922A1
公开(公告)日：2010-09-30
申请号：US12415640
申请日：2009-03-31
申请人： Qi Bao , Donald E. Eastlake, III , Liang Guo , Whay Chiou Lee
发明人： Qi Bao , Donald E. Eastlake, III , Liang Guo , Whay Chiou Lee
IPC分类号： H04L9/00
CPC分类号： H04W12/06 , H04L63/0823 , H04W84/18
摘要： A method and system enable robust and scalable propagation of trust between a first organization and a second organization, both operating in an ad hoc wireless communication network. The method includes establishing at a first member node of the first organization pair-wise trust with a first member node of the second organization using a predetermined inter-organizational trust establishment device (step 505). Next, the first member node of the first organization generates a credential for the second organization using the pair-wise trust (step 510). The credential is then distributed from the first member node of the first organization to a second member node of the first organization (step 515). The second member node of the first organization then establishes pair-wise trust with a second member node of the second organization using the credential received from the first member node of the first organization (step 520).
摘要翻译：一种方法和系统能够实现在第一组织和第二组织之间进行稳健和可扩展的信任传播，这两者在ad hoc无线通信网络中运行。该方法包括使用预定的组织间信任建立设备在第一组织对第一成员节点与第二组织的第一成员节点建立第一成员节点（步骤505）。接下来，第一组织的第一成员节点使用成对的信任为第二组织生成凭证（步骤510）。然后将证书从第一组织的第一成员节点分发到第一组织的第二成员节点（步骤515）。然后，第一组织的第二成员节点使用从第一组织的第一成员节点接收的凭证来建立与第二组织的第二成员节点的成对的信任（步骤520）。

4. 发明申请

US20120210129A1 METHOD AND APPARATUS FOR EXTERNAL ORGANIZATION PATH LENGTH VALIDATION WITHIN A PUBLIC KEY INFRASTRUCTURE (PKI) 有权
标题翻译：公共关键基础设施（PKI）中外部组织路线长度验证的方法和装置
公开(公告)号：US20120210129A1
公开(公告)日：2012-08-16
申请号：US13452408
申请日：2012-04-20
申请人： Anthony R. Metke , Donald E. Eastlake, III
发明人： Anthony R. Metke , Donald E. Eastlake, III
IPC分类号： H04L9/30
CPC分类号： G06F21/33 , G06F2221/2145 , H04L9/007 , H04L9/3265 , H04L63/064 , H04L63/0823
摘要： A method for external organization path length (EOPL) validation is provided. A relying party node of an organization receives an authentication request from a subject node of an external organization. The relying party node then obtains and evaluates certificates from a chain of certificates that link the subject node to a trust anchor of the relying party node wherein, at least one certificate from the chain of certificates comprises an enabled external organization flag (EOF) and/or an external organization path length constraint (EOPLC). The relying party node invalidates authentication of the subject node when the relying party node determines that a total number of enabled EOFs from certificates in the chain of certificates exceeds the lowest EOPLC value from certificates in the chain of certificates.
摘要翻译：提供了外部组织路径长度（EOPL）验证的方法。组织的依赖方节点从外部组织的主题节点接收认证请求。然后，依赖方节点从证书链中获得并评估证书，所述证书链将主体节点链接到依赖方节点的信任锚点，其中，来自证书链的至少一个证书包括启用的外部组织标志（EOF）和/ 或外部组织路径长度约束（EOPLC）。当依赖方节点确定从证书链中的证书中启用的EOF的总数量超过证书链中的证书的最低EOPLC值时，依赖方节点使主体节点的认证无效。

5. 发明授权

US11418318B2 Portable certification authority 有权
公开(公告)号：US11418318B2
公开(公告)日：2022-08-16
申请号：US11465620
申请日：2006-08-18
申请人： Donald E. Eastlake, III , Anthony R. Metke
发明人： Donald E. Eastlake, III , Anthony R. Metke
IPC分类号： H04L29/00 , H04L9/00 , H04L9/40 , H04L9/32
摘要： A portable electronic device is operable as a portable certification authority. The portable electronic device stores a pair of keys of a public key infrastructure, issued by a parent certification authority and generates a certificate dependent upon the pair of keys. The private key and corresponding public key certificate are transmitted to a network device of a second agency to allow the device to be authenticated by any node of the network of the first agency that posses anchor information of the parent certification authority. This enables the device of the second agency to be authenticated by a network node of the first agency.

6. 发明授权

US08484461B2 Method and apparatus for external organization path length validation within a public key infrastructure (PKI) 有权
标题翻译：公共密钥基础设施（PKI）内外部组织路径长度验证的方法和装置
公开(公告)号：US08484461B2
公开(公告)日：2013-07-09
申请号：US12241566
申请日：2008-09-30
申请人： Anthony R. Metke , Donald E. Eastlake, III
发明人： Anthony R. Metke , Donald E. Eastlake, III
IPC分类号： H04L9/30
CPC分类号： G06F21/33 , G06F2221/2145 , H04L9/007 , H04L9/3265 , H04L63/064 , H04L63/0823
摘要： A method and apparatus for external organization (EO) path length (EOPL) validation are provided. A relying party node (RPN) stores a current EO path length constraint (EOPLC) value, and an EOPL counter that maintains a count of an actual external organization path length. The RPN obtains a chain of certificates that link a subject node (SN) to its trust anchor, and processes the certificates in the chain. When a certificate has a lower EOPLC than the current EOPLC value, the RPN replaces the current EOPLC value with the lower EOPLC. When the certificate currently being evaluated includes an enabled EO flag, the RPN increments the EOPL counter by one. The EOPL validation fails when the EOPL counter is greater than the current EOPLC value, and is successful when the last remaining certificate in the chain is processed without having the EOPL counter exceed the current EOPLC value.
摘要翻译：提供了一种用于外部组织（EO）路径长度（EOPL）验证的方法和装置。依赖方节点（RPN）存储当前EO路径长度约束（EOPLC）值，以及维持实际外部组织路径长度计数的EOPL计数器。 RPN获得将主节点（SN）链接到其信任锚点的证书链，并处理链中的证书。当证书具有比当前EOPLC值更低的EOPLC时，RPN用较低的EOPLC替换当前的EOPLC值。当当前正在评估的证书包含启用的EO标志时，RPN将EOPL计数器递增1。当EOPL计数器大于当前EOPLC值时，EOPL验证失败，并且当链中的最后剩余证书被处理而不使EOPL计数器超过当前EOPLC值时，EOPL验证失败。

7. 发明申请

US20100082975A1 METHOD AND APPARATUS FOR EXTERNAL ORGANIZATION PATH LENGTH VALIDATION WITHIN A PUBLIC KEY INFRASTRUCTURE (PKI) 有权
标题翻译：公共关键基础设施（PKI）中外部组织路线长度验证的方法和装置
公开(公告)号：US20100082975A1
公开(公告)日：2010-04-01
申请号：US12241566
申请日：2008-09-30
申请人： Anthony R. Metke , Donald E. Eastlake, III
发明人： Anthony R. Metke , Donald E. Eastlake, III
IPC分类号： H04L9/00
CPC分类号： G06F21/33 , G06F2221/2145 , H04L9/007 , H04L9/3265 , H04L63/064 , H04L63/0823
摘要： A method and apparatus for external organization (EO) path length (EOPL) validation are provided. A relying party node (RPN) stores a current EO path length constraint (EOPLC) value, and an EOPL counter that maintains a count of an actual external organization path length. The RPN obtains a chain of certificates that link a subject node (SN) to its trust anchor, and processes the certificates in the chain. When a certificate has a lower EOPLC than the current EOPLC value, the RPN replaces the current EOPLC value with the lower EOPLC. When the certificate currently being evaluated includes an enabled EO flag, the RPN increments the EOPL counter by one. The EOPL validation fails when the EOPL counter is greater than the current EOPLC value, and is successful when the last remaining certificate in the chain is processed without having the EOPL counter exceed the current EOPLC value.
摘要翻译：提供了一种用于外部组织（EO）路径长度（EOPL）验证的方法和装置。依赖方节点（RPN）存储当前EO路径长度约束（EOPLC）值，以及维持实际外部组织路径长度计数的EOPL计数器。 RPN获得将主节点（SN）链接到其信任锚点的证书链，并处理链中的证书。当证书具有比当前EOPLC值更低的EOPLC时，RPN用较低的EOPLC替换当前的EOPLC值。当当前正在评估的证书包含启用的EO标志时，RPN将EOPL计数器递增1。当EOPL计数器大于当前EOPLC值时，EOPL验证失败，并且在链中的最后剩余证书被处理而不使EOPL计数器超过当前EOPLC值时，EOPL验证失败。

8. 发明授权

US08862881B2 Method and system for mutual authentication of wireless communication network nodes 有权
标题翻译：无线通信网络节点相互认证的方法和系统
公开(公告)号：US08862881B2
公开(公告)日：2014-10-14
申请号：US11420968
申请日：2006-05-30
申请人： Anthony R. Metke , Donald E. Eastlake, III , Zhi Fu
发明人： Anthony R. Metke , Donald E. Eastlake, III , Zhi Fu
IPC分类号： H04L29/06 , H04L9/32 , H04W12/06
CPC分类号： H04L63/0869 , H04L9/3273 , H04L2209/80 , H04W12/04 , H04W12/06 , H04W84/18
摘要： A method and system for mutually authenticating a first node and a second node operating in a wireless communication network enables mutual authentication when the first node and the second node are unable to directly authenticate each other. The method includes identifying, at the first node, a third node that can authenticate both the first node and the second node (step 215). Authentication data for authenticating the first node with the third node is then transmitted from the first node to the third node (step 220). Keying material that is received from the third node is then processed at the first node (step 225). A shared secret mutual authentication protocol is then processed, whereby the first node and the second node are mutually authenticated by proving that they each have authenticated with the third node and each have the keying material (step 230).
摘要翻译：在第一节点和第二节点不能直接相互认证的情况下，用于相互认证第一节点和在无线通信网络中操作的第二节点的方法和系统使得能够进行相互认证。该方法包括在第一节点处识别能够认证第一节点和第二节点的第三节点（步骤215）。然后从第一节点向第三节点发送用于认证具有第三节点的第一节点的认证数据（步骤220）。然后在第一节点处处理从第三节点接收的键控材料（步骤225）。然后处理共享秘密相互认证协议，由此第一节点和第二节点通过证明它们各自已经与第三节点认证并且每个具有密钥材料来相互认证（步骤230）。

9. 发明授权

US08726012B2 Method and apparatus for external organization path length validation within a public key infrastructure (PKI) 有权
标题翻译：公共密钥基础设施（PKI）内外部组织路径长度验证的方法和装置
公开(公告)号：US08726012B2
公开(公告)日：2014-05-13
申请号：US13452408
申请日：2012-04-20
申请人： Anthony R. Metke , Donald E. Eastlake, III
发明人： Anthony R. Metke , Donald E. Eastlake, III
IPC分类号： H04L29/06
CPC分类号： G06F21/33 , G06F2221/2145 , H04L9/007 , H04L9/3265 , H04L63/064 , H04L63/0823
摘要： A method for external organization path length (EOPL) validation is provided. A relying party node of an organization receives an authentication request from a subject node of an external organization. The relying party node then obtains and evaluates certificates from a chain of certificates that link the subject node to a trust anchor of the relying party node wherein, at least one certificate from the chain of certificates comprises an enabled external organization flag (EOF) and/or an external organization path length constraint (EOPLC). The relying party node invalidates authentication of the subject node when the relying party node determines that a total number of enabled EOFs from certificates in the chain of certificates exceeds the lowest EOPLC value from certificates in the chain of certificates.
摘要翻译：提供了外部组织路径长度（EOPL）验证的方法。组织的依赖方节点从外部组织的主题节点接收认证请求。然后，依赖方节点从证书链中获得并评估证书，所述证书链将主体节点链接到依赖方节点的信任锚点，其中，来自证书链的至少一个证书包括启用的外部组织标志（EOF）和/ 或外部组织路径长度约束（EOPLC）。当依赖方节点确定从证书链中的证书中启用的EOF的总数量超过证书链中的证书的最低EOPLC值时，依赖方节点使主体节点的认证无效。

10. 发明授权

US07793103B2 Ad-hoc network key management 有权
标题翻译：自组织网络密钥管理
公开(公告)号：US07793103B2
公开(公告)日：2010-09-07
申请号：US11464744
申请日：2006-08-15
申请人： Zhi Fu , Donald E. Eastlake, III , Anthony R. Metke
发明人： Zhi Fu , Donald E. Eastlake, III , Anthony R. Metke
IPC分类号： H04L9/32
CPC分类号： H04L9/0891 , G06Q20/3674 , H04L9/083 , H04L9/0838 , H04L2209/80 , H04W12/04 , H04W84/18
摘要： An ad hoc network includes a first node, a second node, and a third node. The first node and second node share a first shared secret key, and the first node and third node share a second shared secret key. The second node and third node share a temporal key. The first node generates a unique key, encrypts the unique key with a first shared secret key to generate a first encrypted unique key and transmits the first encrypted unique key to the second node. The first node encrypts the unique key with a second shared secret key to generate a second encrypted unique key and transmits the second encrypted unique key to the third node. To establish the temporal key, the second node decrypts the first encrypted unique key and the third node decrypts the second encrypted unique key thereby each generating the unique key.
摘要翻译：自组织网络包括第一节点，第二节点和第三节点。第一节点和第二节点共享第一共享秘密密钥，并且第一节点和第三节点共享第二共享秘密密钥。第二节点和第三节点共享一个临时密钥。第一节点生成唯一密钥，用第一共享秘密密钥加密唯一密钥以生成第一加密唯一密钥，并将第一加密唯一密钥发送到第二节点。第一节点用第二个共享秘密密钥加密唯一密钥，以生成第二加密唯一密钥，并将第二加密唯一密钥发送到第三个节点。为了建立时间密钥，第二节点解密第一加密唯一密钥，第三节点解密第二加密唯一密钥，从而每个生成唯一密钥。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式