专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20110314279A1 Single-Use Authentication Methods for Accessing Encrypted Data 有权
标题翻译：访问加密数据的一次性验证方法
公开(公告)号：US20110314279A1
公开(公告)日：2011-12-22
申请号：US12819883
申请日：2010-06-21
申请人： Octavian T. Ureche , Nils Dussart , Charles G. Jeffries , Cristian M. Ilac , Vijay G. Bharadwaj , Innokentiy Basmov , Stefan Thom , Son VoBa
发明人： Octavian T. Ureche , Nils Dussart , Charles G. Jeffries , Cristian M. Ilac , Vijay G. Bharadwaj , Innokentiy Basmov , Stefan Thom , Son VoBa
IPC分类号： H04L9/32 , G06F12/14 , H04L29/06
CPC分类号： H04L63/08 , G06F21/31 , G06F21/57 , G06F21/6218 , G06F2221/2103 , G06F2221/2131 , H04L9/3228 , H04L9/3234 , H04L63/067
摘要： Single-use authentication methods for accessing encrypted data stored on a protected volume of a computer are described, wherein access to the encrypted data involves decrypting a key protector stored on the computer that holds a volume-specific cryptographic key needed to decrypt the protected volume. Such single-use authentication methods rely on the provision of a key protector that can only be used once and/or that requires a new access credential for each use. In certain embodiments, a challenge-response process is also used as part of the authentication method to tie the issuance of a key protector and/or access credential to particular pieces of information that can uniquely identify a user.
摘要翻译：描述用于访问存储在计算机的受保护卷上的加密数据的一次验证方法，其中对加密数据的访问涉及解密存储在计算机上的密钥保护器，其保存解密受保护卷所需的特定于卷的加密密钥。这种一次性认证方法依赖于提供只能使用一次的密钥保护器和/或需要每次使用的新的访问凭证。在某些实施例中，质询 - 响应过程也被用作认证方法的一部分，以将密钥保护器的发行和/或访问凭证与可以唯一地标识用户的特定信息片段相关联。

2. 发明授权

US08745386B2 Single-use authentication methods for accessing encrypted data 有权
标题翻译：用于访问加密数据的一次性认证方法
公开(公告)号：US08745386B2
公开(公告)日：2014-06-03
申请号：US12819883
申请日：2010-06-21
申请人： Octavian T. Ureche , Nils Dussart , Charles G. Jeffries , Cristian M. Ilac , Vijay G. Bharadwaj , Innokentiy Basmov , Stefan Thom , Son VoBa
发明人： Octavian T. Ureche , Nils Dussart , Charles G. Jeffries , Cristian M. Ilac , Vijay G. Bharadwaj , Innokentiy Basmov , Stefan Thom , Son VoBa
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , G06F21/31 , G06F21/57 , G06F21/6218 , G06F2221/2103 , G06F2221/2131 , H04L9/3228 , H04L9/3234 , H04L63/067
摘要： Single-use authentication methods for accessing encrypted data stored on a protected volume of a computer are described, wherein access to the encrypted data involves decrypting a key protector stored on the computer that holds a volume-specific cryptographic key needed to decrypt the protected volume. Such single-use authentication methods rely on the provision of a key protector that can only be used once and/or that requires a new access credential for each use. In certain embodiments, a challenge-response process is also used as part of the authentication method to tie the issuance of a key protector and/or access credential to particular pieces of information that can uniquely identify a user.
摘要翻译：描述用于访问存储在计算机的受保护卷上的加密数据的一次验证方法，其中对加密数据的访问涉及解密存储在计算机上的密钥保护器，其保存解密受保护卷所需的特定于卷的加密密钥。这种一次性认证方法依赖于提供只能使用一次的密钥保护器和/或需要每次使用的新的访问凭证。在某些实施例中，质询 - 响应过程也被用作认证方法的一部分，以将密钥保护器的发行和/或访问凭证与可以唯一地标识用户的特定信息片段相关联。

3. 发明授权

US08462955B2 Key protectors based on online keys 有权
标题翻译：基于在线密钥的主要保护器
公开(公告)号：US08462955B2
公开(公告)日：2013-06-11
申请号：US12793455
申请日：2010-06-03
申请人： Octavian T. Ureche , Nils Dussart , Michael A. Halcrow , Charles G. Jeffries , Nathan T. Lewis , Cristian M. Ilac , Innokentiy Basmov , Magnus Bo Gustaf Nyström , Niels T. Ferguson
发明人： Octavian T. Ureche , Nils Dussart , Michael A. Halcrow , Charles G. Jeffries , Nathan T. Lewis , Cristian M. Ilac , Innokentiy Basmov , Magnus Bo Gustaf Nyström , Niels T. Ferguson
IPC分类号： H04L9/08 , G06F11/30 , G06F12/14
CPC分类号： H04L9/0894 , H04L9/0822 , H04L63/061 , H04L2463/062
摘要： An online key stored by a remote service is generated or otherwise obtained, and a storage media (as it applies to the storage of data on a physical or virtual storage media) master key for encrypting and decrypting a physical or virtual storage media or encrypting and decrypting one or more storage media encryption keys that are used to encrypt a physical or virtual storage media is encrypted based at least in part on the online key. A key protector for the storage media is stored, the key protector including the encrypted master key. The key protector can be subsequently accessed, and the online key obtained from the remote service. The master key is decrypted based on the online key, allowing the one or more storage media encryption keys that are used to decrypt the storage media to be decrypted.
摘要翻译：生成或以其他方式获得由远程服务存储的在线密钥，以及存储介质（适用于存储物理或虚拟存储介质上的数据）主密钥，用于加密和解密物理或虚拟存储介质或加密和至少部分地基于在线密钥来加密用于加密物理或虚拟存储介质的一个或多个存储介质加密密钥的解密。存储存储介质的密钥保护器，密钥保护器包括加密的主密钥。随后可以访问密钥保护器，并从远程服务获取在线密钥。主密钥基于在线密钥解密，允许用于解密存储介质的一个或多个存储介质加密密钥被解密。

4. 发明申请

US20110302398A1 KEY PROTECTORS BASED ON ONLINE KEYS 有权
标题翻译：基于在线的主要保护者
公开(公告)号：US20110302398A1
公开(公告)日：2011-12-08
申请号：US12793455
申请日：2010-06-03
申请人： Octavian T. Ureche , Nils Dussart , Michael A. Halcrow , Charles G. Jeffries , Nathan T. Lewis , Cristian M. Ilac , Innokentiy Basmov , Bo Gustaf Magnus Nystr+e,uml o+ee m , Niels T. Ferguson
发明人： Octavian T. Ureche , Nils Dussart , Michael A. Halcrow , Charles G. Jeffries , Nathan T. Lewis , Cristian M. Ilac , Innokentiy Basmov , Bo Gustaf Magnus Nystr+e,uml o+ee m , Niels T. Ferguson
IPC分类号： H04L9/32 , G06F9/24 , G06F12/02
CPC分类号： H04L9/0894 , H04L9/0822 , H04L63/061 , H04L2463/062
摘要： An online key stored by a remote service is generated or otherwise obtained, and a storage media (as it applies to the storage of data on a physical or virtual storage media) master key for encrypting and decrypting a physical or virtual storage media or encrypting and decrypting one or more storage media encryption keys that are used to encrypt a physical or virtual storage media is encrypted based at least in part on the online key. A key protector for the storage media is stored, the key protector including the encrypted master key. The key protector can be subsequently accessed, and the online key obtained from the remote service. The master key is decrypted based on the online key, allowing the one or more storage media encryption keys that are used to decrypt the storage media to be decrypted.
摘要翻译：生成或以其他方式获得由远程服务存储的在线密钥，以及存储介质（适用于存储物理或虚拟存储介质上的数据）主密钥，用于加密和解密物理或虚拟存储介质或加密和至少部分地基于在线密钥来加密用于加密物理或虚拟存储介质的一个或多个存储介质加密密钥的解密。存储存储介质的密钥保护器，密钥保护器包括加密的主密钥。随后可以访问密钥保护器，并从远程服务获取在线密钥。主密钥基于在线密钥解密，允许用于解密存储介质的一个或多个存储介质加密密钥被解密。

5. 发明申请

US20140108814A1 CRYPTOGRAPHIC KEY MANAGEMENT 有权
标题翻译： CRYPTOGRAPHIC主要管理
公开(公告)号：US20140108814A1
公开(公告)日：2014-04-17
申请号：US12978266
申请日：2010-12-23
申请人： Vijay G. Bharadwaj , Niels T. Ferguson , Carl M. Ellison , Magnus Bo Gustaf Nyström , Dayi Zhou , Denis Issoupov , Octavian T. Ureche , Peter J. Novotney , Cristian M. Ilac
发明人： Vijay G. Bharadwaj , Niels T. Ferguson , Carl M. Ellison , Magnus Bo Gustaf Nyström , Dayi Zhou , Denis Issoupov , Octavian T. Ureche , Peter J. Novotney , Cristian M. Ilac
IPC分类号： G06F21/60
CPC分类号： G06F21/602 , G06F2221/2141 , H04L9/0836 , H04L9/0866
摘要： Cryptographic key management techniques are described. In one or more implementations, an access control rule is read that includes a Boolean expression having a plurality of atoms. The cryptographic keys that corresponds each of the plurality of atoms in the access control rule are requested. One or more cryptographic operations are then performed on data using one or more of the cryptographic keys.
摘要翻译：描述密码密钥管理技术。在一个或多个实现中，读取包括具有多个原子的布尔表达式的访问控制规则。请求与访问控制规则中的多个原子对应的密码密钥。然后使用一个或多个密码密钥对数据执行一个或多个加密操作。

6. 发明授权

US09058497B2 Cryptographic key management 有权
标题翻译：加密密钥管理
公开(公告)号：US09058497B2
公开(公告)日：2015-06-16
申请号：US12978266
申请日：2010-12-23
申请人： Vijay G. Bharadwaj , Niels T Ferguson , Carl M. Ellison , Magnus Bo Gustaf Nyström , Dayi Zhou , Denis Issoupov , Octavian T. Ureche , Peter J. Novotney , Cristian M. Ilac
发明人： Vijay G. Bharadwaj , Niels T Ferguson , Carl M. Ellison , Magnus Bo Gustaf Nyström , Dayi Zhou , Denis Issoupov , Octavian T. Ureche , Peter J. Novotney , Cristian M. Ilac
IPC分类号： G06F21/00 , G06F21/60 , H04L9/08
CPC分类号： G06F21/602 , G06F2221/2141 , H04L9/0836 , H04L9/0866
摘要： Cryptographic key management techniques are described. In one or more implementations, an access control rule is read that includes a Boolean expression having a plurality of atoms. The cryptographic keys that corresponds each of the plurality of atoms in the access control rule are requested. One or more cryptographic operations are then performed on data using one or more of the cryptographic keys.
摘要翻译：描述密码密钥管理技术。在一个或多个实现中，读取包括具有多个原子的布尔表达式的访问控制规则。请求与访问控制规则中的多个原子对应的密码密钥。然后使用一个或多个密码密钥对数据执行一个或多个加密操作。

7. 发明申请

US20110022856A1 Key Protectors Based On Public Keys 有权
标题翻译：基于公钥的主要保护者
公开(公告)号：US20110022856A1
公开(公告)日：2011-01-27
申请号：US12509255
申请日：2009-07-24
申请人： Octavian T. Ureche , Gaurav Sinha , Nils Dussart , Yi Liu , Vijay G. Bharadwaj , Niels T. Ferguson
发明人： Octavian T. Ureche , Gaurav Sinha , Nils Dussart , Yi Liu , Vijay G. Bharadwaj , Niels T. Ferguson
IPC分类号： G06F12/14
CPC分类号： H04L9/0822 , G06F21/602 , G06F21/62 , G06F21/78 , H04L9/0844 , H04L9/0894 , H04L9/14 , H04L2463/062
摘要： In accordance with one or more aspects, a key protector for a storage volume is created by generating an intermediate key and protecting, based at least in part on a public/private key pair, the intermediate key. A volume master key for encrypting and decrypting one or more volume encryption keys that are used to encrypt the storage volume can be encrypted in different manners, including being encrypted based at least in part on the intermediate key. A key protector for the storage volume is stored that includes both the encrypted volume master key and information indicating how to obtain the intermediate key. Subsequently, the key protector can be accessed and, based at least in part on a private key of the entity associated with the key protector, the intermediate key can be decrypted. The intermediate key can then be used to decrypt the volume master key.
摘要翻译：根据一个或多个方面，通过生成中间密钥并至少部分地基于公共/私人密钥对来保护中间密钥来创建用于存储卷的密钥保护器。用于加密和解密用于加密存储卷的一个或多个卷加密密钥的卷主密钥可以以不同的方式加密，包括至少部分地基于中间密钥进行加密。存储存储卷的密钥保护器，其包括加密的卷主密钥和指示如何获得中间密钥的信息。随后，可以访问密钥保护器，并且至少部分地基于与密钥保护器相关联的实体的私钥，中间密钥可以被解密。然后可以使用中间密钥来解密卷主密钥。

8. 发明授权

US08509449B2 Key protector for a storage volume using multiple keys 有权
标题翻译：使用多个键的存储卷的密钥保护器
公开(公告)号：US08509449B2
公开(公告)日：2013-08-13
申请号：US12509255
申请日：2009-07-24
申请人： Octavian T. Ureche , Gaurav Sinha , Nils Dussart , Yi Liu , Vijay G. Bharadwaj , Niels T. Ferguson
发明人： Octavian T. Ureche , Gaurav Sinha , Nils Dussart , Yi Liu , Vijay G. Bharadwaj , Niels T. Ferguson
IPC分类号： H04L9/16 , H04L9/08 , H04L9/34
CPC分类号： H04L9/0822 , G06F21/602 , G06F21/62 , G06F21/78 , H04L9/0844 , H04L9/0894 , H04L9/14 , H04L2463/062
摘要： A key protector for a storage volume is created by generating an intermediate key and protecting, based at least in part on a public/private key pair, the intermediate key. A volume master key for encrypting and decrypting one or more volume encryption keys that are used to encrypt the storage volume can be encrypted in different manners, including being encrypted based at least in part on the intermediate key. A key protector for the storage volume is stored that includes both the encrypted volume master key and information indicating how to obtain the intermediate key. Subsequently, the key protector can be accessed and, based at least in part on a private key of the entity associated with the key protector, the intermediate key can be decrypted. The intermediate key can then be used to decrypt the volume master key.
摘要翻译：通过生成中间密钥并至少部分地基于公共/私人密钥对来保护中间密钥来创建用于存储卷的密钥保护器。用于加密和解密用于加密存储卷的一个或多个卷加密密钥的卷主密钥可以以不同的方式加密，包括至少部分地基于中间密钥进行加密。存储存储卷的密钥保护器，其包括加密的卷主密钥和指示如何获得中间密钥的信息。随后，可以访问密钥保护器，并且至少部分地基于与密钥保护器相关联的实体的私钥，中间密钥可以被解密。然后可以使用中间密钥来解密卷主密钥。

9. 发明申请

US20120275596A1 CRYPTOGRAPHIC KEY ATTACK MITIGATION 有权
标题翻译： CRYPTOGRAPHIC KEY攻击缓解
公开(公告)号：US20120275596A1
公开(公告)日：2012-11-01
申请号：US13097035
申请日：2011-04-28
申请人： Octavian T. Ureche , Innokentiy Basmov , Grigory B. Lyakhovitskiy , Stefan Thom
发明人： Octavian T. Ureche , Innokentiy Basmov , Grigory B. Lyakhovitskiy , Stefan Thom
IPC分类号： H04L9/14
CPC分类号： G06F21/60 , H04L9/002 , H04L9/0822 , H04L9/0877 , H04L9/0897
摘要： Cryptographic keys and, subsequently, the data they are intended to protect, are safeguarded from unwarranted attacks utilizing various systems and methodologies designed to minimize the time period in which meaningful versions of cryptographic keys exist in accessible memory, and therefore, are vulnerable. Cryptographic keys, and consequently the data they are intended to protect, can alternatively, or also, be protected from attackers utilizing systems and a methodology that employs a removable storage device for providing authentication factors used in the encryption and decryption processing. Cryptographic keys and protected data can alternatively, or also, be protected with a system and methodology that supports data separation on the storage device(s) of a computing device. Cryptographic keys and the data they are intended to protect can alternatively, or also, be protected employing a system and methodology of virtual compartmentalization that effectively segregates key management from protected data.
摘要翻译：使用各种系统和方法来保护加密密钥以及随后保护的数据免受无理的攻击，这些系统和方法旨在最小化可访问存储器中存在有意义的密码密钥版本的时间段，因此易受攻击。加密密钥以及因此它们旨在保护的数据可以替代地或也可以利用系统和使用可移动存储设备提供加密和解密处理中使用的认证因子的方法来防止攻击者。加密密钥和受保护数据可以替代地或者也可以通过支持计算设备的存储设备上的数据分离的系统和方法进行保护。可以使用虚拟分区的系统和方法来保护加密密钥及其旨在保护的数据，或者也可以使用有效地将密钥管理与受保护数据隔离的虚拟分区的方法进行保护。

10. 发明授权

US08364598B2 Use of software update policies 有权
标题翻译：使用软件更新策略
公开(公告)号：US08364598B2
公开(公告)日：2013-01-29
申请号：US12578533
申请日：2009-10-13
申请人： Innokentiy Basmov , Troy A. Funk , Octavian T. Ureche
发明人： Innokentiy Basmov , Troy A. Funk , Octavian T. Ureche
IPC分类号： G06F21/00
CPC分类号： G06F8/61 , G06F8/65 , G06F9/44505
摘要： A portable device may be roamed from one host to another. In one example, the portable device stores software that is to be executed by a host. The host may maintain a policy that governs which software may be executed on the host. When the portable device is connected to a host, the host checks the software version installed on the guest to determine whether that software version is compatible with the host's policy. If the guest's software does not comply with the host's policy, then the host installs a compatible version. If the guest's version complies with the policy and is newer than the host's version, then the host copies the guest's version to the host and propagates it to other guests. In this way, newer versions of software propagate between hosts and guests, while also respecting specific execution policies of the various hosts.
摘要翻译：便携式设备可以从一个主机漫游到另一个主机。在一个示例中，便携式设备存储要由主机执行的软件。主机可以维护一个管理可以在主机上执行哪个软件的策略。当便携式设备连接到主机时，主机将检查安装在客户机上的软件版本，以确定该软件版本是否与主机策略兼容。如果客人的软件不符合主机的策略，则主机将安装兼容版本。如果客人的版本符合该策略，并且比主机版本更新，则主机会将客人的版本复制到主机，并将其传播给其他来宾。这样，较新版本的软件在主机和客户端之间传播，同时也遵守各种主机的特定执行策略。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式