-
公开(公告)号:US09154310B1
公开(公告)日:2015-10-06
申请号:US13947071
申请日:2013-07-21
发明人: John J. Walsh , Michael J. Duren , Hal A. Aldridge
CPC分类号: H04L9/3278 , G06F21/44 , H04L9/08 , H04L9/3271
摘要: A resilient device authentication system and method comprising: one or more verification authorities (VAs) including a memory loaded with a complete verification set that includes hardware part-specific data, and configured to create a limited verification set (LVS) therefrom; one or more provisioning entities (PEs) each connectable to at least one of the VAs, including a memory loaded with a LVS, and configured to select a subset of data therefrom so as to create an application limited verification set (ALVS). Also disclosed is a device comprising a controller, device memory, input/output capable of communicating with the authentication system, and a physically-unclonable function associated with hardware part-specific information corresponding to hardware part-specific data in the loaded CVS. Further disclosed is an authentication system including hardware security modules.
摘要翻译: 一种弹性设备认证系统和方法,包括:一个或多个验证机构(VAs),包括加载了包括硬件部分特定数据的完整验证集的存储器,并且被配置为从其创建有限验证集(LVS) 一个或多个供应实体(PE),每个供应实体(PE)可连接到至少一个VAs,包括加载有LVS的存储器,并且被配置为从其中选择数据子集,以便创建应用限制验证集(ALVS)。 还公开了一种包括控制器,设备存储器,能够与认证系统进行通信的输入/输出以及与加载的CVS中的硬件部件特定数据相对应的硬件部件特定信息相关联的物理不可克隆功能。 还公开了一种包括硬件安全模块的认证系统。
-
2.发明申请Personal Authentication Device and System for Securing Transactions on a Mobile Device 审中-公开用于保护移动设备上的事务的个人认证设备和系统公开(公告)号:US20140282925A1
公开(公告)日:2014-09-18
申请号:US13832885
申请日:2013-03-15
发明人: John J. Walsh , Hal A. Aldridge
IPC分类号: H04L29/06
CPC分类号: H04L63/0853 , G06F21/43 , G06F21/44 , G06F21/645 , G09C1/00 , H04L9/3263 , H04L9/3278 , H04L2209/56
摘要: A personal authentication device for use with a mobile device, comprising a secure processor, a crypto engine supporting certificate functions, a wireless communication module, a cryptographic engine, a memory, a hardware based identity, a policy engine, one or more security features; and an on-board main power battery. Also a system comprising the personal authentication device and a verification authority, and an associated method of authentication.
摘要翻译: 一种用于移动设备的个人认证设备,包括安全处理器,支持证书功能的密码引擎,无线通信模块,密码引擎,存储器,基于硬件的身份,策略引擎,一个或多个安全特征; 和一个车载主电源电池。 还有一种包括个人认证装置和验证机构的系统以及相关的认证方法。
-
公开(公告)号:US20140123223A1
公开(公告)日:2014-05-01
申请号:US13829826
申请日:2013-03-14
发明人: John J. Walsh , Hal A. Aldridge , Michael J. Duren
IPC分类号: H04L29/06
CPC分类号: H04L9/3278 , G06F21/44 , H04L9/08 , H04L9/3271 , H04L63/08 , H04L63/0876
摘要: A resilient device authentication system comprising: one or more verification authorities (VAs) including a memory loaded with a complete verification set that includes hardware part-specific data, and configured to create a limited verification set (LVS) therefrom; one or more provisioning entities (PEs) each connectable to at least one of the VAs, including a memory loaded with a LVS, and configured to select a subset of data therefrom so as to create an application limited verification set (ALVS); and one or more device management systems connectable to at least one of the PEs, including a memory loaded with an ALVS, and configured to manage device security-related applications through the performance of security-related functions on devices associated with the hardware part-specific data.
-
公开(公告)号:US20160170907A1
公开(公告)日:2016-06-16
申请号:US15018451
申请日:2016-02-08
CPC分类号: G06F12/1408 , G06F21/44 , G06F2212/1052 , H04L9/0866 , H04L9/3242 , H04L9/3278 , H04L63/08 , H04L63/0876
摘要: A resilient device authentication system for use with one or more managed devices each including a physical unclonable function (PUF), comprises: one or more verification authorities (VA) each including a processor and a memory loaded with a complete verification set (CVS) that includes hardware part-specific data associated with the managed devices' PUFs and metadata, the processor configured to create a limited verification set (LVS) through one-way algorithmic transformation of hardware part-specific data together with metadata from the loaded CVS so as to create a LVS representing both metadata and hardware part-specific data adequate to redundantly verify all of the hardware parts associated with the LVS; and one or more provisioning entities (PE) each connectable to a VA and including a processor and a memory loaded with a LVS, and configured to select a subset of the LVS so as to create an application limited verification set (ALVS). The system may also comprise one or more device management systems each connectable to a PE and to managed devices and including a memory configured to store an ALVS. The VA may also be configured to create a replacement LVS.
摘要翻译: 一种用于与包括物理不可克隆功能(PUF)的一个或多个被管理设备一起使用的弹性设备认证系统,包括:一个或多个验证机构(VA),每个验证机构包括处理器和加载完整验证集(CVS)的存储器, 包括与被管理设备的PUF和元数据相关联的硬件部分特定数据,该处理器经配置以通过硬件部件特定数据与加载的CVS的元数据的单向算法转换来创建有限验证集(LVS),以便 创建LVS,表示元数据和硬件部分特定数据,足以冗余验证与LVS相关联的所有硬件部件; 以及一个或多个供应实体(PE),每个供应实体(PE)可连接到VA并且包括处理器和加载有LVS的存储器,并且被配置为选择LVS的子集以便创建应用限制验证集(ALVS)。 该系统还可以包括一个或多个设备管理系统,每个设备管理系统可连接到PE和被管理设备,并且包括被配置为存储ALVS的存储器。 还可以将VA配置为创建替换LVS。
-
公开(公告)号:US20140201821A1
公开(公告)日:2014-07-17
申请号:US14214846
申请日:2014-03-15
发明人: John J. Walsh , Hal A. Aldridge , Michael J. Duren
IPC分类号: H04L29/06
CPC分类号: H04L9/3278 , G06F21/44 , H04L9/08 , H04L9/3271 , H04L63/08 , H04L63/0876
摘要: A resilient device authentication system comprising: one or more verification authorities (VAs) including a memory loaded with a complete verification set that includes hardware part-specific data, and configured to create a limited verification set (LVS) therefrom; one or more provisioning entities (PEs) each connectable to at least one of the VAs, including a memory loaded with a LVS, and configured to select a subset of data therefrom so as to create an application limited verification set (ALVS); and one or more device management systems connectable to at least one of the PEs, including a memory loaded with an ALVS, and configured to manage device security-related applications through the performance of security-related functions on devices associated with the hardware part-specific data.
摘要翻译: 一种弹性设备认证系统,包括:一个或多个验证机构(VAs),包括加载了包括硬件部分特定数据的完整验证集的存储器,并且被配置为从其创建有限验证集(LVS); 一个或多个供应实体(PE),每个供应实体(PE)可连接到至少一个VAs,包括加载了LVS的存储器,并且被配置为从其中选择数据子集,以便创建应用限制验证集(ALVS); 以及一个或多个可连接到至少一个PE的设备管理系统,包括加载有ALVS的存储器,并且被配置为通过在与硬件部件特定的相关联的设备上执行与安全相关的功能来管理与设备安全相关的应用 数据。
-
公开(公告)号:US09258129B2
公开(公告)日:2016-02-09
申请号:US13829826
申请日:2013-03-14
发明人: John J. Walsh , Hal A. Aldridge , Michael J. Duren
CPC分类号: H04L9/3278 , G06F21/44 , H04L9/08 , H04L9/3271 , H04L63/08 , H04L63/0876
摘要: A resilient device authentication system comprising: one or more verification authorities (VAs) including a memory loaded with a complete verification set that includes hardware part-specific data, and configured to create a limited verification set (LVS) therefrom; one or more provisioning entities (PEs) each connectable to at least one of the VAs, including a memory loaded with a LVS, and configured to select a subset of data therefrom so as to create an application limited verification set (ALVS). Also disclosed is a device for use with an authentication system, comprising: a first hardware part and a second hardware part that are adapted to communicate with and perform authentication on each other; and/or a hardware part that contains two or more chips that are adapted to communicate with and perform authentication on each other.
摘要翻译: 一种弹性设备认证系统,包括:一个或多个验证机构(VAs),包括加载了包括硬件部分特定数据的完整验证集的存储器,并且被配置为从其创建有限验证集(LVS); 一个或多个供应实体(PE),每个供应实体(PE)可连接到至少一个VAs,包括加载有LVS的存储器,并且被配置为从其中选择数据子集,以便创建应用限制验证集(ALVS)。 还公开了一种用于认证系统的设备,包括:第一硬件部分和第二硬件部分,其适于与彼此进行通信并进行认证; 和/或包含适于与彼此进行通信并进行认证的两个或更多个芯片的硬件部分。
-
公开(公告)号:US08844009B2
公开(公告)日:2014-09-23
申请号:US14214846
申请日:2014-03-15
发明人: John J. Walsh , Hal A. Aldridge , Michael J. Duren
CPC分类号: H04L9/3278 , G06F21/44 , H04L9/08 , H04L9/3271 , H04L63/08 , H04L63/0876
摘要: A resilient device authentication system comprising: one or more verification authorities (VAs) including a memory loaded with a complete verification set that includes hardware part-specific data, and configured to create a limited verification set (LVS) therefrom; one or more provisioning entities (PEs) each connectable to at least one of the VAs, including a memory loaded with a LVS, and configured to select a subset of data therefrom so as to create an application limited verification set (ALVS); and one or more device management systems connectable to at least one of the PEs, including a memory loaded with an ALVS, and configured to manage device security-related applications through the performance of security-related functions on devices associated with the hardware part-specific data.
摘要翻译: 一种弹性设备认证系统,包括:一个或多个验证机构(VAs),包括加载了包括硬件部分特定数据的完整验证集的存储器,并且被配置为从其创建有限验证集(LVS); 一个或多个供应实体(PE),每个供应实体(PE)可连接到至少一个VAs,包括加载了LVS的存储器,并且被配置为从其中选择数据子集,以便创建应用限制验证集(ALVS); 以及一个或多个可连接到至少一个PE的设备管理系统,包括加载有ALVS的存储器,并且被配置为通过在与硬件部件特定的相关联的设备上执行与安全相关的功能来管理与设备安全相关的应用 数据。
-
-
-
-
-
-
搜索结果
7 条记录 (耗时 0.011 秒)
