公开(公告)号：US09292692B2

公开(公告)日：2016-03-22

申请号：US14746090

申请日：2015-06-22

申请人： Sypris Electronics, LLC

发明人： John Ross Wallrabenstein

IPC分类号： G06F21/57 ,  H04L9/32

CPC分类号： G06F21/57 ,  G06F2221/034 ,  H04L9/32 ,  H04L9/3221 ,  H04L9/3278

摘要： A system and device for verifying the integrity of a system from its components, the system comprising a plurality of components each having a physical state, the system and the device comprising a processor that is connected to each of the components, the processor configured to verify systemic integrity by performing verification on some or all specified components. The verification may be individual (1, 1) or threshold (n, 1), and may be interactive or non-interactive.

摘要翻译： 一种用于从其组件验证系统的完整性的系统和设备，所述系统包括多个具有物理状态的组件，所述系统和所述设备包括连接到每个组件的处理器，所述处理器被配置为验证 通过对某些或所有指定的组件进行验证来进行系统的完整性。 验证可以是个体（1,1）或阈值（n，1），并且可以是交互的或非交互的。

公开(公告)号：US20150317481A1

公开(公告)日：2015-11-05

申请号：US14746090

申请日：2015-06-22

申请人： Sypris Electronics, LLC

发明人： Douglas J. Gardner ,  John J. Walsh ,  John Ross Wallrabenstein

IPC分类号： G06F21/57 ,  H04L9/32

CPC分类号： G06F21/57 ,  G06F2221/034 ,  H04L9/32 ,  H04L9/3221 ,  H04L9/3278

摘要： A system and device for verifying the integrity of a system from its components, the system comprising a plurality of components each having a physical state, the system and the device comprising a processor that is connected to each of the components, the processor configured to verify systemic integrity by performing verification on some or all specified components. The verification may be individual (1, 1) or threshold (n, 1), and may be interactive or non-interactive.

摘要翻译： 一种用于从其组件验证系统的完整性的系统和设备，所述系统包括多个具有物理状态的组件，所述系统和所述设备包括连接到每个组件的处理器，所述处理器被配置为验证 通过对某些或所有指定的组件进行验证来进行系统的完整性。 验证可以是个体（1,1）或阈值（n，1），并且可以是交互的或非交互的。

公开(公告)号：US09154310B1

公开(公告)日：2015-10-06

申请号：US13947071

申请日：2013-07-21

申请人： Sypris Electronics, LLC

发明人： John J. Walsh ,  Michael J. Duren ,  Hal A. Aldridge

IPC分类号： H04L9/32 ,  G06F21/44 ,  H04L9/08

CPC分类号： H04L9/3278 ,  G06F21/44 ,  H04L9/08 ,  H04L9/3271

摘要： A resilient device authentication system and method comprising: one or more verification authorities (VAs) including a memory loaded with a complete verification set that includes hardware part-specific data, and configured to create a limited verification set (LVS) therefrom; one or more provisioning entities (PEs) each connectable to at least one of the VAs, including a memory loaded with a LVS, and configured to select a subset of data therefrom so as to create an application limited verification set (ALVS). Also disclosed is a device comprising a controller, device memory, input/output capable of communicating with the authentication system, and a physically-unclonable function associated with hardware part-specific information corresponding to hardware part-specific data in the loaded CVS. Further disclosed is an authentication system including hardware security modules.

摘要翻译： 一种弹性设备认证系统和方法，包括：一个或多个验证机构（VAs），包括加载了包括硬件部分特定数据的完整验证集的存储器，并且被配置为从其创建有限验证集（LVS） 一个或多个供应实体（PE），每个供应实体（PE）可连接到至少一个VAs，包括加载有LVS的存储器，并且被配置为从其中选择数据子集，以便创建应用限制验证集（ALVS）。 还公开了一种包括控制器，设备存储器，能够与认证系统进行通信的输入/输出以及与加载的CVS中的硬件部件特定数据相对应的硬件部件特定信息相关联的物理不可克隆功能。 还公开了一种包括硬件安全模块的认证系统。

公开(公告)号：US20140282925A1

公开(公告)日：2014-09-18

申请号：US13832885

申请日：2013-03-15

申请人： Sypris Electronics, LLC

发明人： John J. Walsh ,  Hal A. Aldridge

IPC分类号： H04L29/06

CPC分类号： H04L63/0853 ,  G06F21/43 ,  G06F21/44 ,  G06F21/645 ,  G09C1/00 ,  H04L9/3263 ,  H04L9/3278 ,  H04L2209/56

摘要： A personal authentication device for use with a mobile device, comprising a secure processor, a crypto engine supporting certificate functions, a wireless communication module, a cryptographic engine, a memory, a hardware based identity, a policy engine, one or more security features; and an on-board main power battery. Also a system comprising the personal authentication device and a verification authority, and an associated method of authentication.

摘要翻译： 一种用于移动设备的个人认证设备，包括安全处理器，支持证书功能的密码引擎，无线通信模块，密码引擎，存储器，基于硬件的身份，策略引擎，一个或多个安全特征; 和一个车载主电源电池。 还有一种包括个人认证装置和验证机构的系统以及相关的认证方法。

公开(公告)号：US20140123223A1

公开(公告)日：2014-05-01

申请号：US13829826

申请日：2013-03-14

申请人： Sypris Electronics, LLC

发明人： John J. Walsh ,  Hal A. Aldridge ,  Michael J. Duren

IPC分类号： H04L29/06

CPC分类号： H04L9/3278 ,  G06F21/44 ,  H04L9/08 ,  H04L9/3271 ,  H04L63/08 ,  H04L63/0876

摘要： A resilient device authentication system comprising: one or more verification authorities (VAs) including a memory loaded with a complete verification set that includes hardware part-specific data, and configured to create a limited verification set (LVS) therefrom; one or more provisioning entities (PEs) each connectable to at least one of the VAs, including a memory loaded with a LVS, and configured to select a subset of data therefrom so as to create an application limited verification set (ALVS); and one or more device management systems connectable to at least one of the PEs, including a memory loaded with an ALVS, and configured to manage device security-related applications through the performance of security-related functions on devices associated with the hardware part-specific data.

公开(公告)号：USD645040S1

公开(公告)日：2011-09-13

申请号：US29376305

申请日：2010-10-05

申请人： Timothy J. Morton ,  Rene E. Menard, III ,  Christopher A. Torres

设计人： Timothy J. Morton ,  Rene E. Menard, III ,  Christopher A. Torres

公开(公告)号：USD641751S1

公开(公告)日：2011-07-19

申请号：US29376312

申请日：2010-10-05

申请人： Timothy J. Morton ,  Rene E. Menard, III ,  Christopher A. Torres

设计人： Timothy J. Morton ,  Rene E. Menard, III ,  Christopher A. Torres

公开(公告)号：US20160170907A1

公开(公告)日：2016-06-16

申请号：US15018451

申请日：2016-02-08

申请人： Sypris Electronics, LLC

发明人： John J. Walsh ,  John Ross Wallrabenstein ,  Hal A. Aldridge ,  Michael J. Duren

IPC分类号： G06F12/14 ,  H04L9/32 ,  G06F21/44

CPC分类号： G06F12/1408 ,  G06F21/44 ,  G06F2212/1052 ,  H04L9/0866 ,  H04L9/3242 ,  H04L9/3278 ,  H04L63/08 ,  H04L63/0876

摘要： A resilient device authentication system for use with one or more managed devices each including a physical unclonable function (PUF), comprises: one or more verification authorities (VA) each including a processor and a memory loaded with a complete verification set (CVS) that includes hardware part-specific data associated with the managed devices' PUFs and metadata, the processor configured to create a limited verification set (LVS) through one-way algorithmic transformation of hardware part-specific data together with metadata from the loaded CVS so as to create a LVS representing both metadata and hardware part-specific data adequate to redundantly verify all of the hardware parts associated with the LVS; and one or more provisioning entities (PE) each connectable to a VA and including a processor and a memory loaded with a LVS, and configured to select a subset of the LVS so as to create an application limited verification set (ALVS). The system may also comprise one or more device management systems each connectable to a PE and to managed devices and including a memory configured to store an ALVS. The VA may also be configured to create a replacement LVS.

摘要翻译： 一种用于与包括物理不可克隆功能（PUF）的一个或多个被管理设备一起使用的弹性设备认证系统，包括：一个或多个验证机构（VA），每个验证机构包括处理器和加载完整验证集（CVS）的存储器， 包括与被管理设备的PUF和元数据相关联的硬件部分特定数据，该处理器经配置以通过硬件部件特定数据与加载的CVS的元数据的单向算法转换来创建有限验证集（LVS），以便 创建LVS，表示元数据和硬件部分特定数据，足以冗余验证与LVS相关联的所有硬件部件; 以及一个或多个供应实体（PE），每个供应实体（PE）可连接到VA并且包括处理器和加载有LVS的存储器，并且被配置为选择LVS的子集以便创建应用限制验证集（ALVS）。 该系统还可以包括一个或多个设备管理系统，每个设备管理系统可连接到PE和被管理设备，并且包括被配置为存储ALVS的存储器。 还可以将VA配置为创建替换LVS。

公开(公告)号：US20150341792A1

公开(公告)日：2015-11-26

申请号：US14720636

申请日：2015-05-22

申请人： Sypris Electronics, LLC

发明人： John J. Walsh ,  John Ross Wallrabenstein ,  Charles J. Timko

IPC分类号： H04W12/08 ,  H04W12/04 ,  H04L9/32 ,  H04L9/08

CPC分类号： H04W12/08 ,  G09C1/00 ,  H04L9/0825 ,  H04L9/0866 ,  H04L9/3066 ,  H04L9/3218 ,  H04L9/3247 ,  H04L9/3278 ,  H04L63/045 ,  H04L63/061

摘要： A network authentication system with dynamic key generation that facilitates the establishment of both endpoint identity, as well as a secure communication channel using a dynamically-generated key between two end devices (potentially on separate local area networks). An interactive or noninteractive authentication protocol is used to establish the identity of the target end device, and dynamic key generation is used to establish a shared symmetric session key for creating an encrypted communication channel between the end devices.

摘要翻译： 具有动态密钥生成的网络认证系统，其有助于建立端点身份，以及使用两个终端设备之间的动态生成密钥（潜在地在分开的局域网络）上的安全通信信道。 使用交互式或非交互式认证协议来建立目标终端设备的身份，并且使用动态密钥生成来建立用于在终端设备之间创建加密通信信道的共享对称会话密钥。

公开(公告)号：US20140201821A1

公开(公告)日：2014-07-17

申请号：US14214846

申请日：2014-03-15

申请人： Sypris Electronics, LLC

发明人： John J. Walsh ,  Hal A. Aldridge ,  Michael J. Duren

IPC分类号： H04L29/06

CPC分类号： H04L9/3278 ,  G06F21/44 ,  H04L9/08 ,  H04L9/3271 ,  H04L63/08 ,  H04L63/0876

摘要： A resilient device authentication system comprising: one or more verification authorities (VAs) including a memory loaded with a complete verification set that includes hardware part-specific data, and configured to create a limited verification set (LVS) therefrom; one or more provisioning entities (PEs) each connectable to at least one of the VAs, including a memory loaded with a LVS, and configured to select a subset of data therefrom so as to create an application limited verification set (ALVS); and one or more device management systems connectable to at least one of the PEs, including a memory loaded with an ALVS, and configured to manage device security-related applications through the performance of security-related functions on devices associated with the hardware part-specific data.

摘要翻译： 一种弹性设备认证系统，包括：一个或多个验证机构（VAs），包括加载了包括硬件部分特定数据的完整验证集的存储器，并且被配置为从其创建有限验证集（LVS）; 一个或多个供应实体（PE），每个供应实体（PE）可连接到至少一个VAs，包括加载了LVS的存储器，并且被配置为从其中选择数据子集，以便创建应用限制验证集（ALVS）; 以及一个或多个可连接到至少一个PE的设备管理系统，包括加载有ALVS的存储器，并且被配置为通过在与硬件部件特定的相关联的设备上执行与安全相关的功能来管理与设备安全相关的应用 数据。