CN100478975C - 将光盘用作智能密钥装置的方法和系统 - Google Patents

将光盘用作智能密钥装置的方法和系统 Download PDF

Info

Publication number
CN100478975C
CN100478975C CNB2005800362001A CN200580036200A CN100478975C CN 100478975 C CN100478975 C CN 100478975C CN B2005800362001 A CNB2005800362001 A CN B2005800362001A CN 200580036200 A CN200580036200 A CN 200580036200A CN 100478975 C CN100478975 C CN 100478975C
Authority
CN
China
Prior art keywords
smart key
removable storage
unit
hardware security
storage medium
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2005800362001A
Other languages
English (en)
Chinese (zh)
Other versions
CN101044490A (zh
Inventor
史蒂文·贝德
赵青云
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Meta Platforms Inc
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of CN101044490A publication Critical patent/CN101044490A/zh
Application granted granted Critical
Publication of CN100478975C publication Critical patent/CN100478975C/zh
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3265Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
CNB2005800362001A 2004-12-16 2005-11-30 将光盘用作智能密钥装置的方法和系统 Expired - Fee Related CN100478975C (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/014,559 US7386736B2 (en) 2004-12-16 2004-12-16 Method and system for using a compact disk as a smart key device
US11/014,559 2004-12-16

Publications (2)

Publication Number Publication Date
CN101044490A CN101044490A (zh) 2007-09-26
CN100478975C true CN100478975C (zh) 2009-04-15

Family

ID=35896395

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2005800362001A Expired - Fee Related CN100478975C (zh) 2004-12-16 2005-11-30 将光盘用作智能密钥装置的方法和系统

Country Status (4)

Country Link
US (2) US7386736B2 (enExample)
JP (1) JP4841563B2 (enExample)
CN (1) CN100478975C (enExample)
WO (1) WO2006063935A1 (enExample)

Families Citing this family (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7779039B2 (en) 2004-04-02 2010-08-17 Salesforce.Com, Inc. Custom entities and fields in a multi-tenant database system
US7711951B2 (en) * 2004-01-08 2010-05-04 International Business Machines Corporation Method and system for establishing a trust framework based on smart key devices
US7849326B2 (en) * 2004-01-08 2010-12-07 International Business Machines Corporation Method and system for protecting master secrets using smart key devices
US7475247B2 (en) * 2004-12-16 2009-01-06 International Business Machines Corporation Method for using a portable computing device as a smart key device
US20100215176A1 (en) * 2005-06-10 2010-08-26 Stephen Wilson Means and method for controlling the distribution of unsolicited electronic communications
US7861307B2 (en) * 2005-08-17 2010-12-28 Kurzweil Educational Systems, Inc. Unlocking digital content on remote systems
US10733308B2 (en) * 2005-08-17 2020-08-04 Cambium Learning, Inc. Tags for unlocking digital content
US9009078B2 (en) * 2005-08-17 2015-04-14 Kurzweil/Intellitools, Inc. Optical character recognition technique for protected viewing of digital files
US10296854B2 (en) * 2005-08-17 2019-05-21 Cambium Learning, Inc. Techniques for protected viewing of digital files
CN101243513A (zh) 2005-08-23 2008-08-13 皇家飞利浦电子股份有限公司 使用物理单向函数的信息载体鉴别
WO2007030796A2 (en) 2005-09-09 2007-03-15 Salesforce.Com, Inc. Systems and methods for exporting, publishing, browsing and installing on-demand applications in a multi-tenant database environment
US7647336B2 (en) * 2006-02-09 2010-01-12 International Business Machines Corporation Creating a real-time class package to class archive file mapping index
US7624440B2 (en) * 2006-08-01 2009-11-24 Emt Llc Systems and methods for securely providing and/or accessing information
DE102007015788B3 (de) * 2007-03-30 2008-10-23 Fm Marketing Gmbh Multimedia-Einrichtung und Verfahren zur Datenübertragung bei einer Multimedia-Einrichtung
US7930554B2 (en) 2007-05-31 2011-04-19 Vasco Data Security,Inc. Remote authentication and transaction signatures
US9069990B2 (en) * 2007-11-28 2015-06-30 Nvidia Corporation Secure information storage system and method
US8719585B2 (en) * 2008-02-11 2014-05-06 Nvidia Corporation Secure update of boot image without knowledge of secure key
US20090204801A1 (en) * 2008-02-11 2009-08-13 Nvidia Corporation Mechanism for secure download of code to a locked system
US9069706B2 (en) * 2008-02-11 2015-06-30 Nvidia Corporation Confidential information protection system and method
US20090204803A1 (en) * 2008-02-11 2009-08-13 Nvidia Corporation Handling of secure storage key in always on domain
US9158896B2 (en) * 2008-02-11 2015-10-13 Nvidia Corporation Method and system for generating a secure key
US9613215B2 (en) 2008-04-10 2017-04-04 Nvidia Corporation Method and system for implementing a secure chain of trust
JPWO2010001544A1 (ja) * 2008-07-01 2011-12-15 パナソニック株式会社 ドライブ装置、コンテンツ再生装置、記録装置、データ読み出し方法、プログラム、記録媒体、および集積回路
US8667280B2 (en) * 2010-02-24 2014-03-04 Ca, Inc. Method and apparatus for applying a partial password in a multi-factor authentication scheme
EP2365456B1 (en) * 2010-03-11 2016-07-20 CompuGroup Medical SE Data structure, method and system for predicting medical conditions
JP6014585B2 (ja) * 2010-05-19 2016-10-25 コーニンクレッカ フィリップス エヌ ヴェKoninklijke Philips N.V. 属性ベースのデジタル署名システム
US9336402B2 (en) 2010-09-13 2016-05-10 City University Of Hong Kong Secure data in removable storage devices via encryption token(s)
US9489924B2 (en) 2012-04-19 2016-11-08 Nvidia Corporation Boot display device detection and selection techniques in multi-GPU devices
EP3054701B1 (en) * 2013-09-30 2020-04-01 Sony Corporation Receiver device, broadcast device, server device and reception method
US20150193620A1 (en) * 2014-01-07 2015-07-09 Dell Products, Lp System and Method for Managing UEFI Secure Boot Certificates
DE102014204252A1 (de) * 2014-03-07 2015-09-10 Bundesdruckerei Gmbh Sicherheitssystem mit Zugriffskontrolle
US10002257B2 (en) * 2015-08-04 2018-06-19 Ge Aviation Systems Llc Cryptographic key loader embedded in removable data cartridge
US10116446B2 (en) * 2015-08-04 2018-10-30 Ge Aviation Systems Llc Cryptographic ignition key (CIK) embedded in removable data cartridge
US10972262B2 (en) 2015-12-30 2021-04-06 T-Mobile Usa, Inc. Persona and device based certificate management
US10652023B2 (en) * 2015-12-30 2020-05-12 T-Mobile Usa, Inc. Persona and device based certificate management
US10764063B2 (en) * 2016-04-13 2020-09-01 Rockwell Automation Technologies, Inc. Device specific cryptographic content protection
US10642988B2 (en) * 2016-08-04 2020-05-05 Honeywell International Inc. Removable media protected data transfer in a cyber-protected system
CN107359992A (zh) * 2017-08-23 2017-11-17 合肥中盈信息工程有限公司 一种基于密钥控制和监控请求的电源柜监管系统
EP3537323A1 (de) * 2018-03-09 2019-09-11 Siemens Aktiengesellschaft Projektbezogenes zertifikatsmanagement
US11030280B2 (en) * 2018-08-01 2021-06-08 Microsoft Technology Licensing, Llc Hardware based identities for software modules
CN110245466B (zh) * 2019-06-19 2021-08-24 苏州科达科技股份有限公司 软件完整性保护和验证方法、系统、设备及存储介质
US11601288B1 (en) * 2019-08-21 2023-03-07 Cox Communications, Inc. On-demand security certificates for improved home router security
US11341247B2 (en) 2019-08-27 2022-05-24 Red Hat, Inc. Use of a trusted execution environment as a safe build environment
CN113784343B (zh) * 2020-05-22 2023-06-20 华为技术有限公司 保护通信的方法和装置
CN116032484B (zh) * 2022-12-07 2024-12-24 四川恒湾科技有限公司 一种通信设备安全启动的方法、装置和电子设备

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5568552A (en) * 1994-09-07 1996-10-22 Intel Corporation Method for providing a roving software license from one node to another node

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4218582A (en) 1977-10-06 1980-08-19 The Board Of Trustees Of The Leland Stanford Junior University Public key cryptographic apparatus and method
US4817140A (en) 1986-11-05 1989-03-28 International Business Machines Corp. Software protection system using a single-key cryptosystem, a hardware-based authorization system and a secure coprocessor
US5396558A (en) 1992-09-18 1995-03-07 Nippon Telegraph And Telephone Corporation Method and apparatus for settlement of accounts by IC cards
US5787172A (en) 1994-02-24 1998-07-28 The Merdan Group, Inc. Apparatus and method for establishing a cryptographic link between elements of a system
US5905799A (en) 1994-07-20 1999-05-18 Bell Atlantic Network Services, Inc. Programmed computer for identity verification, forming joint signatures and session key agreement in an RSA public cryptosystem
US5604801A (en) 1995-02-03 1997-02-18 International Business Machines Corporation Public key data communications system under control of a portable security device
US6615350B1 (en) 1998-03-23 2003-09-02 Novell, Inc. Module authentication and binding library extensions
US6607136B1 (en) 1998-09-16 2003-08-19 Beepcard Inc. Physical presence digital authentication system
WO2000048063A1 (en) * 1999-02-15 2000-08-17 Hewlett-Packard Company Trusted computing platform
DE60007724T3 (de) 1999-03-05 2011-06-09 Hewlett-Packard Development Co., L.P., Houston Chipkarten-benutzerschnittstelle für eine vertraute computerplattform
AU6985601A (en) 2000-06-16 2002-01-02 Mindport Usa Methods and systems to distribute content via a network utilizing distributed conditional access agents and secure agents, and to perform digital rights management (drm)
US6832730B2 (en) 2001-07-27 2004-12-21 Storcard, Inc. Smart card with rotating storage
US6607707B2 (en) 2001-08-15 2003-08-19 Ovonic Battery Company, Inc. Production of hydrogen from hydrocarbons and oxygenated hydrocarbons
US20030108205A1 (en) 2001-12-07 2003-06-12 Bryan Joyner System and method for providing encrypted data to a device
WO2003073688A1 (en) * 2002-02-22 2003-09-04 Emc Corporation Authenticating hardware devices incorporating digital certificates
JP2004320593A (ja) * 2003-04-18 2004-11-11 Sony Computer Entertainment Inc 通信管理システムおよび方法

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5568552A (en) * 1994-09-07 1996-10-22 Intel Corporation Method for providing a roving software license from one node to another node

Also Published As

Publication number Publication date
WO2006063935A1 (en) 2006-06-22
US7386736B2 (en) 2008-06-10
US20060136748A1 (en) 2006-06-22
JP2008524886A (ja) 2008-07-10
JP4841563B2 (ja) 2011-12-21
US20090327763A1 (en) 2009-12-31
CN101044490A (zh) 2007-09-26
US7908492B2 (en) 2011-03-15

Similar Documents

Publication Publication Date Title
CN100478975C (zh) 将光盘用作智能密钥装置的方法和系统
US8112628B2 (en) Using a portable computing device as a smart key device
CN100440100C (zh) 用于根据智能密钥设备建立信任框架的方法和系统
US7849326B2 (en) Method and system for protecting master secrets using smart key devices
CN101202762B (zh) 用于存储和检索身份映射信息的方法和系统
EP1714422B1 (en) Establishing a secure context for communicating messages between computer systems
CN1659495B (zh) 数据中心内平台的包容性确认
US7797544B2 (en) Attesting to establish trust between computer entities
JP4278327B2 (ja) コンピュータ・プラットフォームおよびその運用方法
US5978484A (en) System and method for safety distributing executable objects
US7568114B1 (en) Secure transaction processor
US20060195689A1 (en) Authenticated and confidential communication between software components executing in un-trusted environments
CN1261841C (zh) 用于防止个人计算机被未经授权人员使用的安全系统
JP5062870B2 (ja) 任意通信サービスのセキュリティ確保
CN1326629A (zh) 鉴定及利用计算机系统安全资源的方法和系统
CA2285392A1 (en) Method and system for networked installation of uniquely customized, authenticable, and traceable software applications
US20020073310A1 (en) Method and system for a secure binding of a revoked X.509 certificate to its corresponding certificate revocation list
KR20070112432A (ko) 런타임 패키지 서명에서 트러스트된, 하드웨어 기반의 신원증명을 사용하여 모바일 통신과 고액 거래 실행을 보안처리하기 위한 방법
CN1759402A (zh) 基于硬件的凭证管理
US20050246760A1 (en) Verifying measurable aspects associated with a module

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20190809

Address after: California, USA

Patentee after: Facebook, Inc.

Address before: American New York

Patentee before: International Business Machines Corp.

CP01 Change in the name or title of a patent holder
CP01 Change in the name or title of a patent holder

Address after: California, USA

Patentee after: Yuan platform Co.

Address before: California, USA

Patentee before: Facebook, Inc.

CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20090415