CN102484638A - 经由多个中间客户端在线递送的身份数据的分层保护和验证 - Google Patents
经由多个中间客户端在线递送的身份数据的分层保护和验证 Download PDFInfo
- Publication number
- CN102484638A CN102484638A CN2010800353427A CN201080035342A CN102484638A CN 102484638 A CN102484638 A CN 102484638A CN 2010800353427 A CN2010800353427 A CN 2010800353427A CN 201080035342 A CN201080035342 A CN 201080035342A CN 102484638 A CN102484638 A CN 102484638A
- Authority
- CN
- China
- Prior art keywords
- client
- outer enclosure
- encapsulation
- identity data
- private cipher
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/006—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3265—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/062—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Description
Claims (25)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US23333809P | 2009-08-12 | 2009-08-12 | |
US61/233,338 | 2009-08-12 | ||
PCT/US2010/045310 WO2011019906A1 (en) | 2009-08-12 | 2010-08-12 | Layered protection and validation of identity data delivered online via multiple intermediate clients |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102484638A true CN102484638A (zh) | 2012-05-30 |
CN102484638B CN102484638B (zh) | 2015-06-10 |
Family
ID=43586484
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201080035342.7A Active CN102484638B (zh) | 2009-08-12 | 2010-08-12 | 经由多个中间客户端在线递送的身份数据的分层保护和验证 |
Country Status (4)
Country | Link |
---|---|
US (1) | US9246889B2 (zh) |
EP (1) | EP2465246B1 (zh) |
CN (1) | CN102484638B (zh) |
WO (1) | WO2011019906A1 (zh) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107637015A (zh) * | 2015-02-13 | 2018-01-26 | 优替控股有限公司 | 数字身份系统 |
CN111426888A (zh) * | 2020-03-13 | 2020-07-17 | 国网山东省电力公司潍坊供电公司 | 一种移动式变电站工频电磁场检测设备 |
CN115412365A (zh) * | 2022-10-28 | 2022-11-29 | 杭州海康威视数字技术股份有限公司 | 基于多层加密的数据隐私保护方法 |
Families Citing this family (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10348693B2 (en) | 2009-12-15 | 2019-07-09 | Microsoft Technology Licensing, Llc | Trustworthy extensible markup language for trustworthy computing and data services |
US9537650B2 (en) * | 2009-12-15 | 2017-01-03 | Microsoft Technology Licensing, Llc | Verifiable trust for data through wrapper composition |
US9203613B2 (en) | 2011-09-29 | 2015-12-01 | Amazon Technologies, Inc. | Techniques for client constructed sessions |
CN103607284B (zh) * | 2013-12-05 | 2017-04-19 | 李笑来 | 身份认证方法及设备、服务器 |
US9652604B1 (en) | 2014-03-25 | 2017-05-16 | Amazon Technologies, Inc. | Authentication objects with delegation |
US10049202B1 (en) | 2014-03-25 | 2018-08-14 | Amazon Technologies, Inc. | Strong authentication using authentication objects |
US10050787B1 (en) * | 2014-03-25 | 2018-08-14 | Amazon Technologies, Inc. | Authentication objects with attestation |
US9264419B1 (en) | 2014-06-26 | 2016-02-16 | Amazon Technologies, Inc. | Two factor authentication with authentication objects |
US10326597B1 (en) | 2014-06-27 | 2019-06-18 | Amazon Technologies, Inc. | Dynamic response signing capability in a distributed system |
EP3185465A1 (en) * | 2015-12-23 | 2017-06-28 | Osmerus Investments Ltd | A method for encrypting data and a method for decrypting data |
US10116440B1 (en) * | 2016-08-09 | 2018-10-30 | Amazon Technologies, Inc. | Cryptographic key management for imported cryptographic keys |
US10931463B2 (en) | 2017-11-14 | 2021-02-23 | Microsoft Technology Licensing, Llc. | Cryptographic verification of a compressed archive |
US11019042B1 (en) * | 2018-03-23 | 2021-05-25 | Northrop Grumman Systems Corporation | Data assisted key switching in hybrid cryptography |
US11658950B2 (en) * | 2019-11-03 | 2023-05-23 | Valimail Inc. | Centralized secure distribution of messages and device updates |
US11606198B2 (en) * | 2020-01-22 | 2023-03-14 | Valimail Inc. | Centrally managed PKI provisioning and rotation |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20010029581A1 (en) * | 2000-04-06 | 2001-10-11 | Knauft Christopher L. | System and method for controlling and enforcing access rights to encrypted media |
US20040068658A1 (en) * | 2002-10-08 | 2004-04-08 | Hitachi, Ltd. | Electronic commerce method |
CN1885771A (zh) * | 2005-06-23 | 2006-12-27 | 国际商业机器公司 | 用于建立安全通信会话的方法与装置 |
US20070118735A1 (en) * | 2005-11-10 | 2007-05-24 | Jeff Cherrington | Systems and methods for trusted information exchange |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6564320B1 (en) | 1998-06-30 | 2003-05-13 | Verisign, Inc. | Local hosting of digital certificate services |
US6324645B1 (en) | 1998-08-11 | 2001-11-27 | Verisign, Inc. | Risk management for public key management infrastructure using digital certificates |
US6427149B1 (en) * | 1999-09-09 | 2002-07-30 | Herman Rodriguez | Remote access of archived compressed data files |
US20050015608A1 (en) * | 2003-07-16 | 2005-01-20 | Pkware, Inc. | Method for strongly encrypting .ZIP files |
US7624132B2 (en) | 2002-01-22 | 2009-11-24 | Sun Microsystems, Inc. | Method and apparatus for processing a streamed zip file |
US7003117B2 (en) * | 2003-02-05 | 2006-02-21 | Voltage Security, Inc. | Identity-based encryption system for secure data distribution |
US7630999B2 (en) | 2005-07-15 | 2009-12-08 | Microsoft Corporation | Intelligent container index and search |
US20090037729A1 (en) | 2007-08-03 | 2009-02-05 | Lawrence Smith | Authentication factors with public-key infrastructure |
US8214888B2 (en) | 2008-01-30 | 2012-07-03 | Vasco Data Security, Inc. | Two-factor USB authentication token |
US8751791B2 (en) | 2008-09-17 | 2014-06-10 | Motorola Solutions, Inc. | Method and device for confirming authenticity of a public key infrastructure (PKI) transaction event |
US8484461B2 (en) | 2008-09-30 | 2013-07-09 | Motorola Solutions, Inc. | Method and apparatus for external organization path length validation within a public key infrastructure (PKI) |
US8423761B2 (en) | 2008-10-31 | 2013-04-16 | Motorola Solutions, Inc. | Method and device for enabling a trust relationship using an expired public key infrastructure (PKI) certificate |
-
2010
- 2010-08-12 CN CN201080035342.7A patent/CN102484638B/zh active Active
- 2010-08-12 US US12/854,925 patent/US9246889B2/en active Active
- 2010-08-12 EP EP10808753.7A patent/EP2465246B1/en active Active
- 2010-08-12 WO PCT/US2010/045310 patent/WO2011019906A1/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20010029581A1 (en) * | 2000-04-06 | 2001-10-11 | Knauft Christopher L. | System and method for controlling and enforcing access rights to encrypted media |
US20040068658A1 (en) * | 2002-10-08 | 2004-04-08 | Hitachi, Ltd. | Electronic commerce method |
CN1885771A (zh) * | 2005-06-23 | 2006-12-27 | 国际商业机器公司 | 用于建立安全通信会话的方法与装置 |
US20070118735A1 (en) * | 2005-11-10 | 2007-05-24 | Jeff Cherrington | Systems and methods for trusted information exchange |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107637015A (zh) * | 2015-02-13 | 2018-01-26 | 优替控股有限公司 | 数字身份系统 |
CN111426888A (zh) * | 2020-03-13 | 2020-07-17 | 国网山东省电力公司潍坊供电公司 | 一种移动式变电站工频电磁场检测设备 |
CN115412365A (zh) * | 2022-10-28 | 2022-11-29 | 杭州海康威视数字技术股份有限公司 | 基于多层加密的数据隐私保护方法 |
CN115412365B (zh) * | 2022-10-28 | 2023-02-03 | 杭州海康威视数字技术股份有限公司 | 基于多层加密的数据隐私保护方法 |
WO2024088115A1 (zh) * | 2022-10-28 | 2024-05-02 | 杭州海康威视数字技术股份有限公司 | 基于多层加密的数据隐私保护方法 |
Also Published As
Publication number | Publication date |
---|---|
EP2465246A4 (en) | 2014-10-29 |
EP2465246B1 (en) | 2017-04-19 |
WO2011019906A1 (en) | 2011-02-17 |
US20110213957A1 (en) | 2011-09-01 |
EP2465246A1 (en) | 2012-06-20 |
CN102484638B (zh) | 2015-06-10 |
US9246889B2 (en) | 2016-01-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102484638B (zh) | 经由多个中间客户端在线递送的身份数据的分层保护和验证 | |
US11470054B2 (en) | Key rotation techniques | |
CN105103488B (zh) | 借助相关联的数据的策略施行 | |
US8924302B2 (en) | System and method for electronic transmission, storage, retrieval and remote signing of authenticated electronic original documents | |
WO2018158102A1 (fr) | Procede et dispositif pour memoriser et partager des donnees integres | |
CN109981255B (zh) | 密钥池的更新方法和系统 | |
US9300639B1 (en) | Device coordination | |
CN106452737A (zh) | 用于安全多租户数据存储的系统和方法 | |
CN107506661A (zh) | 一种基于区块链的生成房屋历史记录的方法 | |
CN105191207A (zh) | 联合密钥管理 | |
CN106372499A (zh) | 用于安全保护虚拟机计算环境的系统和方法 | |
CN102859929A (zh) | 向在线安全设备供应更新离线身份数据生成和离线设备绑定 | |
JP2005537559A (ja) | トランザクションの安全な記録 | |
CN106407766A (zh) | 安全文件共享方法与系统 | |
CN106059760B (zh) | 一种从用户端密码模块调用系统私钥的密码系统 | |
CN101325483B (zh) | 对称密钥更新方法和对称密钥更新装置 | |
CN108833431A (zh) | 一种密码重置的方法、装置、设备及存储介质 | |
CN104160651A (zh) | 拜占庭式容错和阈值硬币投掷 | |
CN108846671B (zh) | 基于区块链的在线安全交易方法和系统 | |
CN114499875A (zh) | 业务数据处理方法、装置、计算机设备和存储介质 | |
CN106027254A (zh) | 一种身份证认证系统中身份证读卡终端使用密钥的方法 | |
KR101858562B1 (ko) | 이트레이닝 컨텐츠 사용을 위한 암호화 시스템 | |
CN107844707A (zh) | 一种卡数据管理方法以及卡数据管理系统 | |
US20210035018A1 (en) | Apparatus for verifying integrity of AI learning data and method therefor | |
CN110492989A (zh) | 私钥的处理方法、访问方法和对应方法的介质、装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
ASS | Succession or assignment of patent right |
Owner name: GENERAL INSTRUMENT HOLDING CO., LTD. Free format text: FORMER OWNER: GENERAL INSTRUMENT CO. Effective date: 20130917 Owner name: MOTOROLA MOBILITY LLC Free format text: FORMER OWNER: GENERAL INSTRUMENT HOLDING CO., LTD. Effective date: 20130917 |
|
C41 | Transfer of patent application or patent right or utility model | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20130917 Address after: Illinois State Applicant after: MOTOROLA MOBILITY LLC Address before: California, USA Applicant before: General instrument Holdings Ltd. Effective date of registration: 20130917 Address after: California, USA Applicant after: General instrument Holdings Ltd. Address before: American Pennsylvania Applicant before: GENERAL INSTRUMENT Corp. |
|
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C41 | Transfer of patent application or patent right or utility model | ||
TR01 | Transfer of patent right |
Effective date of registration: 20160615 Address after: California, USA Patentee after: Google Technology Holdings LLC Address before: Illinois State Patentee before: MOTOROLA MOBILITY LLC |