-
公开(公告)号:US07111322B2
公开(公告)日:2006-09-19
申请号:US10309896
申请日:2002-12-05
申请人: Royce E. Slick , Joseph Yang , William Zhang
发明人: Royce E. Slick , Joseph Yang , William Zhang
IPC分类号: G06F4/00
CPC分类号: G06F21/608 , H04L9/006 , H04L9/0891 , H04L9/302
摘要: A device (such as a printer or a network device that may be connected to the printer) that is connected to a network and which performs secure operations using an existing encryption keypair maintained within the device, generates a new encryption keypair within the device by receiving a request from another device on the network to provide an encryption key of the existing encryption keypair to the another device. In response to the request, the device determines whether an encryption key of the existing encryption keypair within the device is valid. In a case where it is determined that the encryption key of the existing encryption keypair is invalid, the device automatically deletes each key of the existing encryption keypair from the device, generates a new encryption keypair within the device and stores the new encryption keypair in the device. The device then provides a new encryption key corresponding to the requested encryption key of the new encryption keypair to another device.
摘要翻译: 连接到网络并使用维护在设备内的现有加密密钥对进行安全操作的设备(诸如可能连接到打印机的打印机或网络设备)通过接收来产生设备内的新的加密密钥对 来自网络上的另一设备的请求,以向现有加密密钥对提供另一设备的加密密钥。 响应于该请求,设备确定设备内现有加密密钥对的加密密钥是否有效。 在确定现有加密密钥对的加密密钥无效的情况下,设备自动从设备中删除现有加密密钥对的每个密钥,在设备内生成新的加密密钥对,并将新的加密密钥对存储在 设备。 然后,设备向另一设备提供与新加密密钥对的所请求的加密密钥相对应的新加密密钥。
-
公开(公告)号:US20090240942A1
公开(公告)日:2009-09-24
申请号:US12052592
申请日:2008-03-20
申请人: Ramon Rubio , Joseph Yang , Royce E. Slick
发明人: Ramon Rubio , Joseph Yang , Royce E. Slick
IPC分类号: H04L9/00
CPC分类号: H04L9/0841 , G06F21/606
摘要: A secure communication session is established between a first device and a second device, by generating, in the first device, a first secret key to be utilized for communication sessions with other devices. The second device requests to establish a first communication session with the first device, and the second device generates a second secret key corresponding to the first secret key of the first device. The second device stores the generated second secret key in a non-volatile memory of the second device, the second secret key being stored in the non-volatile memory in association with an identifier of the first device. Finally, a secure communication session is established between the first and second devices utilizing the first and second secret keys.
摘要翻译: 通过在第一设备中生成用于与其他设备的通信会话的第一秘密密钥,在第一设备和第二设备之间建立安全通信会话。 第二设备请求与第一设备建立第一通信会话,并且第二设备生成与第一设备的第一密钥对应的第二密钥。 第二设备将生成的第二秘密密钥存储在第二设备的非易失性存储器中,第二密钥与第一设备的标识符相关联地存储在非易失性存储器中。 最后,使用第一和第二秘密密钥在第一和第二设备之间建立安全通信会话。
-
公开(公告)号:US07305556B2
公开(公告)日:2007-12-04
申请号:US10010974
申请日:2001-12-05
IPC分类号: H04L9/00
CPC分类号: G06F21/608 , G09C5/00 , H04L9/0825 , H04L9/0894
摘要: Securely storing a public key for encryption of data in a computing device by using a user-specific key pair which is securely stored in the computing device, including receiving a target public key corresponding to a target device, obtaining a user-specific key pair from a secure registry, using a user-specific private key from the user-specific key pair to create a target key verifier based on the target public key, storing the target key verifier and the target public key in a storage area, retrieving the target key verifier and the target public key from the storage area, applying a user-specific public key from the user-specific key pair to the target key verifier for verifying the authenticity of the target public key, and encrypting data with the target public key, if authenticity of the target public key is verified, thereby creating encrypted data for transmission to the target device.
摘要翻译: 通过使用安全地存储在计算设备中的用户专用密钥对来安全地存储用于数据加密的公钥,包括接收与目标设备相对应的目标公开密钥,从 安全注册表,使用来自用户特定密钥对的用户专用私钥,基于目标公开密钥创建目标密钥验证者,将目标密钥验证者和目标公开密钥存储在存储区域中,检索目标密钥 验证者和来自存储区域的目标公开密钥,将用户专用密钥对应用于目标密钥验证器,用于验证目标公钥的真实性,以及用目标公钥加密数据,如果 验证目标公开密钥的真实性,由此创建用于传输到目标设备的加密数据。
-
公开(公告)号:US20090133104A1
公开(公告)日:2009-05-21
申请号:US12320134
申请日:2009-01-21
申请人: Neil Y. Iwamoto , Attaullah Seikh , Jeanette Y. Paek , Martin Martinez , Royce E. Slick , Wei-Jhy Chern , Eliza Khosrova , Joseph Yang
发明人: Neil Y. Iwamoto , Attaullah Seikh , Jeanette Y. Paek , Martin Martinez , Royce E. Slick , Wei-Jhy Chern , Eliza Khosrova , Joseph Yang
IPC分类号: H04L9/32
CPC分类号: H04L63/083 , G06F21/604 , G06F21/6218 , G06F21/84 , G06F2221/2113 , G06F2221/2149 , H04L63/105 , H04N1/00509
摘要: Access control to a networked peripheral device by a walk-up user, wherein the networked peripheral device is accessible by both the walk-up user and a remote user, based on centralized access management information. Access control comprises receiving authenticated information for the walk-up user from the networked peripheral device at a centralized location, determining at the networked peripheral device a level of access to the networked peripheral device by the walk-up user based on received access management information for the walk-up user, and allowing the walk-up user to access the determined user-available features of the networked peripheral device based on the determined level of access.
摘要翻译: 基于集中访问管理信息,步行用户对网络外围设备进行访问控制,其中所述网络外围设备可以由所述步行用户和远程用户访问。 访问控制包括:在集中位置处从网络外围设备接收用于步行用户的认证信息,基于所接收的访问管理信息,由网络外围设备确定由所述步行用户对所述联网的外围设备的访问级别 步行用户,并且允许步行用户基于所确定的访问级别来访问所确定的网络外围设备的用户可用特征。
-
公开(公告)号:US07487233B2
公开(公告)日:2009-02-03
申请号:US10017438
申请日:2001-12-05
申请人: Neil Y. Iwamoto , Attaullah Seikh , Jeanette Y. Paek , Martin Martinez , Royce E. Slick , Wei-Jhy Chern , Eliza Khosrova , Joseph Yang
发明人: Neil Y. Iwamoto , Attaullah Seikh , Jeanette Y. Paek , Martin Martinez , Royce E. Slick , Wei-Jhy Chern , Eliza Khosrova , Joseph Yang
IPC分类号: G06F15/173
CPC分类号: H04L63/083 , G06F21/604 , G06F21/6218 , G06F21/84 , G06F2221/2113 , G06F2221/2149 , H04L63/105 , H04N1/00509
摘要: Access control to a networked peripheral device by a walk-up user, wherein the networked peripheral device is accessible by both the walk-up user and a remote user, based on centralized access management information. Access control comprises receiving authenticated information for the walk-up user from the networked peripheral device at a centralized location, determining at the networked peripheral device a level of access to the networked peripheral device by the walk-up user based on received access management information for the walk-up user, and allowing the walk-up user to access the determined user-available features of the networked peripheral device based on the determined level of access.
摘要翻译: 基于集中访问管理信息,步行用户对网络外围设备进行访问控制,其中所述网络外围设备可以由所述步行用户和远程用户访问。 访问控制包括:在集中位置处从网络外围设备接收用于步行用户的认证信息,基于所接收的访问管理信息,由网络外围设备确定由所述步行用户对所述联网的外围设备的访问级别 步行用户,并且允许步行用户基于所确定的访问级别来访问所确定的网络外围设备的用户可用特征。
-
公开(公告)号:US07167919B2
公开(公告)日:2007-01-23
申请号:US10309884
申请日:2002-12-05
申请人: Neil Y. Iwamoto , Attaullah Seikh , Jeanette Yang Paek , Martin Martinez , Royce E. Slick , Wei-Jhy Chern , Eliza Khosrova , Joseph Yang
发明人: Neil Y. Iwamoto , Attaullah Seikh , Jeanette Yang Paek , Martin Martinez , Royce E. Slick , Wei-Jhy Chern , Eliza Khosrova , Joseph Yang
IPC分类号: G06F15/16
CPC分类号: H04L63/102 , G06F21/604 , G06F21/608 , G06F21/6218 , G06F21/84 , G06F2221/2113 , G06F2221/2149 , H04L63/083 , H04L63/10 , H04L63/105 , H04L63/12 , H04N1/00509
摘要: Access control to a networked peripheral device by a walk-up user, wherein the networked peripheral device is accessible by both the walk-up user and a remote user, based on centralized access management information. Access control comprises receiving authenticated information for the walk-up user from the networked peripheral device at a centralized location, determining at a server connected to the network a first level of access to the networked peripheral device, determining at the networked peripheral device a second level of access to the networked peripheral device by the walk-up user based on received access management information for the walk-up user, and allowing the walk-up user to access determined user-available features of the networked peripheral device based on the determined first and second levels of access.
摘要翻译: 基于集中访问管理信息,步行用户对网络外围设备进行访问控制,其中所述网络外围设备可以由所述步行用户和远程用户访问。 访问控制包括:在集中位置处从所述网络外围设备接收所述步行用户的认证信息,在连接到所述网络的服务器处确定对所述联网外围设备的第一级别的访问,在所述网络外围设备处确定第二级别 基于所接收的用于所述步行用户的访问管理信息,由所述步行用户访问所述联网的外围设备,并且允许所述步行用户基于所确定的第一个来访问所述联网的外围设备的确定的用户可用特征 和第二级访问。
-
公开(公告)号:US07003667B1
公开(公告)日:2006-02-21
申请号:US09411070
申请日:1999-10-04
CPC分类号: H04L63/0823 , G06F21/608 , G06F2211/008 , G06F2221/2153 , H04L9/0825 , H04L63/0442 , H04L63/045
摘要: Secure transmission of data to an intended image output device, wherein the data can be used to generate an image at the intended image output device in the presence of an intended recipient. The data is encrypted using a first key. The first key is then encrypted using a second key and a third key. The second key is a public key of a first private key/public key pair, a private key of the first private key/public key pair being primarily in the sole possession of the intended image output device. The third key is a public key of a second private key/public key pair, a private key of the second private key/public key pair being primarily in the sole possession of the intended recipient of the image. The encrypted data and the twice-encrypted first key are transmitted to the intended image output device. The twice-encrypted first key is then decrypted by using the private keys of the second and first key pairs, respectively, which are primarily in the sole possession of the intended recipient device and the intended image output device, respectively. The data is then decrypted and printed at an image output device.
摘要翻译: 将数据安全传输到预期的图像输出设备,其中数据可用于在预期接收者的存在下在预期图像输出设备处生成图像。 使用第一个密钥对数据进行加密。 然后使用第二密钥和第三密钥对第一密钥进行加密。 第二密钥是第一私钥/公开密钥对的公开密钥,第一私钥/公钥对的私钥主要由目标图像输出装置唯一拥有。 第三密钥是第二私钥/公开密钥对的公开密钥,第二私钥/公钥对的私钥主要由图像的预期接收方唯一拥有。 加密数据和两次加密的第一密钥被发送到预期的图像输出设备。 然后,通过分别使用第二和第一密钥对的专用密钥来解密两次加密的第一密钥,这两个密钥主要分别属于预期的接收方设备和预期的图像输出设备。 然后将数据解密并在图像输出装置上打印。
-
公开(公告)号:US06862583B1
公开(公告)日:2005-03-01
申请号:US09411665
申请日:1999-10-04
申请人: Craig Mazzagatte , Royce E. Slick , Neil Iwamoto
发明人: Craig Mazzagatte , Royce E. Slick , Neil Iwamoto
IPC分类号: B41J29/00 , G06F1/00 , G06F3/12 , G06F21/00 , G06K15/02 , H04L9/08 , H04L9/32 , H04N1/44 , G06F1/24
CPC分类号: G06F21/608 , G06F2211/008 , G06K15/02 , G06K2215/0011 , G06K2215/0082 , G06Q20/382 , H04L9/3234 , H04L9/3271
摘要: Authorized printout of an image corresponding to print data received at a print node from a network. The authorized printout comprises encrypting print data by a print node and storing the encrypted print data without printout, receiving authentication of an intended recipient to print the print data, and decrypting the encrypted print data by the print node and printing the decrypted print data by an image forming device, responsive to receipt of authentication in the receiving step. The print node may be the image forming device itself or a gateway to multiple image forming devices. The print node encrypts the print data with either a symmetric key or an asymmetric key.
摘要翻译: 与从网络在打印节点接收的打印数据相对应的图像的授权打印输出。 授权的打印输出包括由打印节点加密打印数据,并且不打印输出来存储加密的打印数据,接收打印接收者的打印打印数据的认证,以及由打印节点对加密的打印数据进行解密,并通过打印数据打印解密的打印数据 图像形成装置,响应于在接收步骤中接收到认证。 打印节点可以是图像形成装置本身,也可以是到多个图像形成装置的网关。 打印节点用对称密钥或非对称密钥对打印数据进行加密。
-
9.发明授权Establishing mutual authentication and secure channels in devices without previous credentials 失效在没有先前凭据的情况下,在设备中建立相互认证和安全渠道公开(公告)号:US07646874B2
公开(公告)日:2010-01-12
申请号:US11314089
申请日:2005-12-22
CPC分类号: H04L63/0869 , G06F21/608 , G06Q20/382 , G06Q20/3829 , H04L9/3234 , H04L9/3263 , H04L9/3273 , H04L63/0853
摘要: The invention provides for installing encryption keys on a device not having any previous security credentials. An installation authority generates a security token to be used by the device for secure communications, and an installation credential for the device, and stores them in association with one another. A user of the device is provided with the installation credential, whereby the user inputs the installation credential into the device. The device utilizes the installation credential as a temporary security key, establishes a secure communication channel with the installation authority and requests provision of the security token. The installation authority provides the security token associated with the installation credential to the device over the established secure communication channel, and the device installs the security token, after which the device erases the installation credential from the device. The installation authority may also certify the security token and provide a certified token and a root verification certificate to the device.
摘要翻译: 本发明提供在不具有任何先前的安全证书的设备上安装加密密钥。 安装权限生成安全令牌以供设备使用以进行安全通信,以及设备的安装凭证,并将它们彼此关联存储。 设备的用户被提供有安装凭证,由此用户将安装凭证输入到设备中。 该设备使用安装凭证作为临时安全密钥,与安装权限建立安全通信通道,并请求提供安全令牌。 安装权限通过建立的安全通信通道向设备提供与安装凭证相关联的安全令牌,并且设备安装安全令牌,之后设备从设备中删除安装凭证。 安装机构还可以证明安全令牌,并向设备提供经认证的令牌和根验证证书。
-
公开(公告)号:US07454796B2
公开(公告)日:2008-11-18
申请号:US09747097
申请日:2000-12-22
IPC分类号: G06F17/30
CPC分类号: G06F3/1222 , G06F3/1204 , G06F3/1238 , G06F3/126 , G06F3/1265 , G06F3/1267 , G06F3/1286 , G06F3/1287 , G06F3/1288 , G06F21/608 , G06K15/00 , G06K15/005 , G06K15/1817
摘要: Obtaining exclusive control of a printing device by deferring printing of print data in a print queue. To obtain control, the recipient performs a process which may include authentication of the recipient. Control may be obtained either before the recipient is authenticated or after a successful authentication process. After the recipient has obtained control, print data in the print queue is temporarily deferred from being printed. The recipient may then select a print job to print, including selecting a print job from among the print jobs deferred in the print queue, or selecting a file to print over a network, including the Internet or an intranet. Further, printing device resources utilized in printing data during the period of exclusive control may be tracked and correlated to the recipient who has control.
摘要翻译: 通过延迟打印队列中的打印数据的打印来获得对打印设备的排他控制。 为了获得控制,接收者执行可以包括接收者的认证的过程。 可以在接收者被认证之前或成功认证过程之后获得控制。 收件人获得控制后,打印队列中的打印数据将暂时被打印。 收件人然后可以选择要打印的打印作业,包括从在打印队列中延迟的打印作业中选择打印作业,或者选择要通过网络(包括因特网或内部网)进行打印的文件。 此外,可以跟踪在独占控制期间打印数据所使用的打印设备资源并将其与具有控制的接收者相关联。
-
-
-
-
-
-
-
-
-
搜索结果
15 条记录 (耗时 0.02 秒)
