会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明授权
    • Systems and methods for distributing trusted certification authorities
    • 用于分发受信任的认证机构的系统和方法
    • US07240194B2
    • 2007-07-03
    • US10104978
    • 2002-03-22
    • Philip J. HallinJohn J. LambertKlaus U. SchutzSunil Pai
    • Philip J. HallinJohn J. LambertKlaus U. SchutzSunil Pai
    • H04L9/00
    • H04L63/0823G06F21/33H04L63/062
    • Systems and methods are described for distributing and updating trusted certification authorities to computer systems and users. When a digital certificate is encountered during a secured electronic transaction, the root authority of the certificate is determined. It is then determined whether the root authority is a trusted authority by attempting to locate the root authority in a trusted root list. If the root authority is not included in the trusted root list, a remote site is accessed and an updated version of the trusted root list is downloaded. The new trusted root list is checked for the presence of the encountered certificate and, if found, the transaction is allowed to proceed. In one implementation, the entire trusted root list is not downloaded. Instead, if an appropriate digital certificate is located, then the certificate is downloaded and added to the trusted root list of the computer system. The transaction may then proceed.
    • 描述了系统和方法,用于将受信任的认证机构分发和更新到计算机系统和用户。 在安全的电子交易中遇到数字证书时,确定证书的根本权限。 然后通过尝试将根权限定位在受信任的根列表中来确定根权限是否为可信管理机构。 如果根本权限不包括在受信任的根列表中,则会访问远程站点,并下载受信任根目录的更新版本。 检查新的受信任的根列表是否存在遇到的证书,如果发现,则允许事务继续。 在一个实现中,整个受信任的根目录不被下载。 相反,如果找到适当的数字证书,则下载证书并将其添加到计算机系统的受信任的根目录中。 然后可以继续交易。
    • 2. 发明授权
    • Secure prompting
    • 安全提示
    • US07996682B2
    • 2011-08-09
    • US11251946
    • 2005-10-17
    • Klaus U. SchutzMatthew W. ThomlinsonScott A. Field
    • Klaus U. SchutzMatthew W. ThomlinsonScott A. Field
    • G06F21/00
    • G06F21/57
    • Techniques are described herein for securely prompting a user to confirm sensitive operations, input sensitive information or the like. The techniques include receiving or intercepting calls from applications to prompting routines. When a call to a prompting routine is received or intercepted a hint may be provided to the user to switch to a secure desktop. When the user switches from the user desktop to the secure desktop the particular prompt is displayed. The input to the prompt is received on the secure desktop and verified to have been provided by the user. The user input or a representation of the input is then returned to the application running on the user desktop. Using these techniques, interception of prompting messages by malware does not result in sensitive information being revealed. Furthermore, spoofing of new messages by malware does not lead to the dismissal of critical prompting.
    • 这里描述了用于安全地提示用户确认敏感操作,输入敏感信息等的技术。 这些技术包括接收或拦截来自应用程序的呼叫以提示例程。 当接收或拦截对提示例程的调用时,可以向用户提供切换到安全桌面的提示。 当用户从用户桌面切换到安全桌面时,会显示特定的提示。 在安全桌面上接收到提示的输入,并验证其已由用户提供。 用户输入或输入的表示然后返回到在用户桌面上运行的应用程序。 使用这些技术,通过恶意软件拦截提示消息不会导致敏感信息被显示。 此外,恶意软件欺骗新消息不会导致关键提示被解雇。
    • 5. 发明授权
    • Tester of cryptographic service providers
    • 加密服务提供商测试人员
    • US07079648B2
    • 2006-07-18
    • US09876697
    • 2001-06-07
    • Daniel C. GriffinMonica I. Ene-PietrosanuKlaus U. SchutzGlenn D. Pittaway
    • Daniel C. GriffinMonica I. Ene-PietrosanuKlaus U. SchutzGlenn D. Pittaway
    • H04K1/00G06F9/44
    • G06F21/577
    • An implementation of a technology, described herein, for ensuring reliability, stability, and adherence to a given set of security conformance standards for cryptographic program modules. An implementation of the present claimed invention is a debugging and testing tool for customized cryptographic service providers (“CSPs”). A CSP has a cryptographic type and functionality level within that type. The CSPs are tested based various test classifications. The crypto sub-system of the OS has a set of application program interface (“API”) that manage cryptographic procedures called “CryptoAPI.” For a CSP to be considered reliable, stable, and in compliance with a given set of security conformance standards, it must successfully operate with the CryptoAPI in a reliable and stable manner and it must react appropriately for the given security conformance standards. The CSPs are tested in order of increasing complexity/sophistication in functionality from simplest to most complex. This abstract itself is not intended to limit the scope of this patent. The scope of the present invention is pointed out in the appending claims.
    • 本文描述的技术的实现,用于确保加密程序模块的给定的一组安全一致性标准的可靠性,稳定性和遵守性。 本发明的实现是用于定制加密服务提供商(“CSP”)的调试和测试工具。 CSP具有该类型的加密类型和功能级别。 根据各种测试分类测试CSP。 OS的加密子系统具有一组应用程序接口(“API”),用于管理称为“CryptoAPI”的加密过程。 CSP被认为是可靠的,稳定的,并且符合给定的安全一致性标准,它必须以可靠和稳定的方式成功运行CryptoAPI,并且必须对给定的安全一致性标准做出适当的反应。 按照从简单到最复杂的功能越来越复杂/复杂化的顺序对CSP进行了测试。 本摘要本身并不旨在限制本专利的范围。 在所附权利要求中指出了本发明的范围。