CN112075051A - 用于保护计算机之间的数据通信的系统和方法 - Google Patents

用于保护计算机之间的数据通信的系统和方法 Download PDF

Info

Publication number
CN112075051A
CN112075051A CN201980029860.9A CN201980029860A CN112075051A CN 112075051 A CN112075051 A CN 112075051A CN 201980029860 A CN201980029860 A CN 201980029860A CN 112075051 A CN112075051 A CN 112075051A
Authority
CN
China
Prior art keywords
computer
data
public
key
token
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201980029860.9A
Other languages
English (en)
Chinese (zh)
Inventor
穆提塔·多索姆萨库尼基
迪萱·奈特斯里尼库尔
素旺·布恩普雷姆
尤克里特·尤延
尤格克雷·纳阿由塔亚·普拉拉卡旺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nitto Denko Corp
Original Assignee
Nitto Denko Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nitto Denko Corp filed Critical Nitto Denko Corp
Publication of CN112075051A publication Critical patent/CN112075051A/zh
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0827Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/88Medical equipments

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Power Engineering (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)
CN201980029860.9A 2018-03-02 2019-02-28 用于保护计算机之间的数据通信的系统和方法 Pending CN112075051A (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
SG10201801747W 2018-03-02
SG10201801747W 2018-03-02
PCT/SG2019/050114 WO2019168477A1 (en) 2018-03-02 2019-02-28 System and method for securing data communication between computers

Publications (1)

Publication Number Publication Date
CN112075051A true CN112075051A (zh) 2020-12-11

Family

ID=67808799

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201980029860.9A Pending CN112075051A (zh) 2018-03-02 2019-02-28 用于保护计算机之间的数据通信的系统和方法

Country Status (8)

Country Link
US (1) US11310038B2 (https=)
EP (1) EP3759867A4 (https=)
JP (1) JP7314156B2 (https=)
KR (1) KR20200127201A (https=)
CN (1) CN112075051A (https=)
AU (1) AU2019228421A1 (https=)
SG (1) SG11202008452PA (https=)
WO (1) WO2019168477A1 (https=)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116112152A (zh) * 2023-04-11 2023-05-12 广东徐工汉云工业互联网有限公司 跨企业网络的数据共享安全加密方法和装置
CN121002813A (zh) * 2023-05-08 2025-11-21 梅赛德斯-奔驰集团股份公司 用于在计算机系统之间加密通信的方法以及车辆

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3837804B1 (en) * 2018-08-13 2025-12-31 Visa International Service Association TOKEN KEYS TO GENERATE CRYPTOGRAMS FOR TOKEN INTERACTIONS
JP7327208B2 (ja) * 2020-02-27 2023-08-16 横河電機株式会社 データ記録装置、データ記録方法、データ記録プログラム、システム、方法、および、プログラム
US11463258B2 (en) * 2020-03-13 2022-10-04 Ebay Inc. Secure token refresh
US11343079B2 (en) * 2020-07-21 2022-05-24 Servicenow, Inc. Secure application deployment
US11153080B1 (en) * 2020-07-29 2021-10-19 John A. Nix Network securing device data using two post-quantum cryptography key encapsulation mechanisms
US12003629B2 (en) 2020-12-30 2024-06-04 John A. Nix Secure server digital signature generation for post-quantum cryptography key encapsulations
US11444753B1 (en) * 2021-03-09 2022-09-13 ISARA Corporation Protocol key negotiation
US12192184B2 (en) 2021-12-08 2025-01-07 John A. Nix Secure session resumption using post-quantum cryptography
US12074641B2 (en) 2022-02-15 2024-08-27 Bank Of America Corporation System and method for secured data transmission using LiFi and holochain network
US12052261B2 (en) * 2022-02-15 2024-07-30 Bank Of America Corporation System and method for authenticating the receiving end of data transmission via LiFi and holochain network
US20230328103A1 (en) * 2022-04-07 2023-10-12 Citrix Systems, Inc. Systems and methods for updating microservices secure sockets layer certificate
US20240161104A1 (en) * 2022-11-16 2024-05-16 John Gregory Underhill Method and system for performance enhanced hierarchical key distribution system
WO2025111130A1 (en) * 2023-11-22 2025-05-30 Verkada Inc. Systems and methods to perform end to end encryption
US12019778B1 (en) 2023-11-22 2024-06-25 Verkada Inc. Systems and methods to perform end to end encryption

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011099769A2 (ko) * 2010-02-10 2011-08-18 삼성전자 주식회사 무선 통신 시스템 및 그의 사용자 단말기와 이동성 관리 엔티티 간 연결 방법
CN103889004A (zh) * 2012-12-19 2014-06-25 思科技术公司 用于由演进节点b选择移动管理实体的系统、方法和介质
WO2015003753A1 (en) * 2013-07-12 2015-01-15 Nokia Solutions And Networks Oy Redirection of m2m devices
US20150113275A1 (en) * 2013-10-18 2015-04-23 Alcatel-Lucent Usa Inc. Tamper-resistant and scalable mutual authentication for machine-to-machine devices
US20150312038A1 (en) * 2014-04-23 2015-10-29 Karthikeyan Palanisamy Token security on a communication device
CN105359581A (zh) * 2013-07-04 2016-02-24 日本电气株式会社 通信系统、方法和装置
US20160119318A1 (en) * 2014-10-24 2016-04-28 Netflix, Inc Efficient start-up for secured connections and related services
CN106506470A (zh) * 2016-10-31 2017-03-15 大唐高鸿信安(浙江)信息科技有限公司 网络数据安全传输方法

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1042885A1 (en) * 1998-01-09 2000-10-11 Cybersafe Corporation Client side public key authentication method and apparatus with short-lived certificates
US6980659B1 (en) 2000-06-02 2005-12-27 Brig Barnum Elliott Methods and systems for supplying encryption keys
WO2002045336A1 (fr) * 2000-11-28 2002-06-06 Nagravision Sa Certification des transactions
CA2464788A1 (en) * 2003-04-16 2004-10-16 Wms Gaming Inc. A gaming software distribution network in a gaming system environment
JP5013728B2 (ja) * 2006-03-20 2012-08-29 キヤノン株式会社 システム及びその処理方法、並びに通信装置及び処理方法
US8165301B1 (en) 2006-04-04 2012-04-24 Bitmicro Networks, Inc. Input-output device and storage controller handshake protocol using key exchange for data security
US10462109B2 (en) * 2016-06-12 2019-10-29 Apple Inc. Secure transfer of a data object between user devices

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011099769A2 (ko) * 2010-02-10 2011-08-18 삼성전자 주식회사 무선 통신 시스템 및 그의 사용자 단말기와 이동성 관리 엔티티 간 연결 방법
KR20110092875A (ko) * 2010-02-10 2011-08-18 삼성전자주식회사 무선 통신 시스템 및 그의 사용자 단말기와 이동성 관리 엔티티 간 연결 방법
CN103889004A (zh) * 2012-12-19 2014-06-25 思科技术公司 用于由演进节点b选择移动管理实体的系统、方法和介质
CN105359581A (zh) * 2013-07-04 2016-02-24 日本电气株式会社 通信系统、方法和装置
WO2015003753A1 (en) * 2013-07-12 2015-01-15 Nokia Solutions And Networks Oy Redirection of m2m devices
US20150113275A1 (en) * 2013-10-18 2015-04-23 Alcatel-Lucent Usa Inc. Tamper-resistant and scalable mutual authentication for machine-to-machine devices
US20150312038A1 (en) * 2014-04-23 2015-10-29 Karthikeyan Palanisamy Token security on a communication device
US20160119318A1 (en) * 2014-10-24 2016-04-28 Netflix, Inc Efficient start-up for secured connections and related services
CN106506470A (zh) * 2016-10-31 2017-03-15 大唐高鸿信安(浙江)信息科技有限公司 网络数据安全传输方法

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116112152A (zh) * 2023-04-11 2023-05-12 广东徐工汉云工业互联网有限公司 跨企业网络的数据共享安全加密方法和装置
CN116112152B (zh) * 2023-04-11 2023-06-02 广东徐工汉云工业互联网有限公司 跨企业网络的数据共享安全加密方法和装置
CN121002813A (zh) * 2023-05-08 2025-11-21 梅赛德斯-奔驰集团股份公司 用于在计算机系统之间加密通信的方法以及车辆

Also Published As

Publication number Publication date
WO2019168477A9 (en) 2020-04-09
WO2019168477A1 (en) 2019-09-06
US11310038B2 (en) 2022-04-19
KR20200127201A (ko) 2020-11-10
JP2021516491A (ja) 2021-07-01
JP7314156B2 (ja) 2023-07-25
AU2019228421A1 (en) 2020-09-24
EP3759867A1 (en) 2021-01-06
US20210058242A1 (en) 2021-02-25
SG11202008452PA (en) 2020-09-29
EP3759867A4 (en) 2021-11-03

Similar Documents

Publication Publication Date Title
US11310038B2 (en) System and method for securing data communication between computers
US9973481B1 (en) Envelope-based encryption method
US11102191B2 (en) Enabling single sign-on authentication for accessing protected network services
US10701071B2 (en) Cross-region requests
US10033703B1 (en) Pluggable cipher suite negotiation
US10375067B2 (en) Mutual authentication with symmetric secrets and signatures
US11190504B1 (en) Certificate-based service authorization
US11811739B2 (en) Web encryption for web messages and application programming interfaces
CA2950301C (en) Systems and methods for secure communication over a network using a linking address
US9330245B2 (en) Cloud-based data backup and sync with secure local storage of access keys
US9641344B1 (en) Multiple factor authentication in an identity certificate service
US9444620B1 (en) Methods for binding a session identifier to machine-specific identifiers and systems thereof
CN102687482B (zh) 数据云的分布式认证
US20130061298A1 (en) Authenticating session passwords
US10462116B1 (en) Detection of data exfiltration
US20180375648A1 (en) Systems and methods for data encryption for cloud services
US12019778B1 (en) Systems and methods to perform end to end encryption
US8984274B1 (en) Secure data updates
CN111614670A (zh) 加密文件的发送方法及装置、存储介质
CN113411187A (zh) 身份认证方法和系统、存储介质及处理器
CN111989672A (zh) 用于多域环境的密码重置
US20130283363A1 (en) Secure data transfer over an arbitrary public or private transport
CN115152258A (zh) 在内容分发网络中传输安全信息
JP7384487B2 (ja) 暗号認証システム、ユーザ端末、サービスサーバ、及びプログラム
HK40081109B (zh) 用於在内容分发网络中传输安全信息的方法和设备

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20201211