公开(公告)号：DE112012000770T5

公开(公告)日：2013-11-07

申请号：DE112012000770

申请日：2012-02-22

Applicant: IBM

Inventor： OSBORNE MICHAEL ,  VISEGRADY TAMAS

IPC: H04L9/32

Abstract: Die Erfindung gilt hauptsächlich Verfahren und Systemen zum Ermöglichen des Überprüfens von digitalen Signaturen (S41). Die Verfahren sind in einem computergestützten System (1) umgesetzt, das einen Server (10) aufweist, der mit Anwendungen (A, B, C) Daten austauscht, und weisen die folgenden Schritte an dem Server auf: – Empfangen (S13) einer oder mehrerer von einer oder mehreren der Anwendungen ausgegebenen Signaturanforderungen (ai, bi, ci); – Weiterleiten (S14) von ersten Daten, die den empfangenen Signaturanforderungen entsprechen, an eine oder mehrere Signiereinheiten (Sig1-4) zum anschließenden Signieren der ersten Daten; – Speichern (S16) eines aktualisierten Systemzustands (sn+1), der unter Verwendung einer Funktion aus Folgendem berechnet (S15) wurde: – einem Bezugssystemzustand (sn); und – zweiten Daten (ai, bi, ci, Ai, Bi, Ci), die den empfangenen Signaturanforderungen entsprechen, wobei der Bezugssystemzustand und der aktualisierte Systemzustand die Signaturanforderungen bestätigen; und – Wiederholen der obigen Schritte (S12 bis S16) unter Verwendung des aktualisierten Systemzustands (sn+1) als neuen Bezugssystemzustand.

公开(公告)号：ES2255923T3

公开(公告)日：2006-07-16

申请号：ES00115178

申请日：2000-07-13

Applicant: IBM

Inventor： DYKEMAN DOUGLAS ,  OSBORNE MICHAEL ,  SCOTTON PAOLO ,  STOKES OLEN ,  BASSO CLAUDE ,  AUBRY MARIANNE

IPC: G06F9/44 ,  G06F12/08 ,  G06F13/00 ,  H04L45/02 ,  H04L49/111 ,  H04Q11/04 ,  H04L12/56

Abstract: Un método de gestión de direcciones en un nodo que sirve como líder de grupo paritario para un grupo paritario de nodos en un nivel de la jerarquía de una red jerárquica de PNNI por la que el líder del grupo paritario representa el grupo paritario para uno o más nodos próximos en el siguiente nivel superior de la jerarquía, teniendo el líder del grupo paritario una memoria (2) para almacenar datos de topología de grupo paritario (4), que comprende datos de dirección que son suministrados al líder del grupo paritario desde nodos en el grupo paritario y representan direcciones para acceso a través de la red, y datos de topología (5) de líder del grupo paritario, que comprenden datos de dirección que son suministrados a dichos nodos próximos por el líder del grupo paritario y representan direcciones accesibles a través del grupo paritario, caracterizado el método por: comprobar si las direcciones representadas por dichos datos de dirección son accesibles a través del grupo paritario; notificara dichos nodos próximos los cambios en la accesibilidad de direcciones así identificadas; y actualizar dichos datos de topología (5) de líder del grupo paritario de acuerdo con dichos cambios.

公开(公告)号：DE60111083D1

公开(公告)日：2005-06-30

申请号：DE60111083

申请日：2001-12-20

Applicant: IBM

Inventor： FRELECHOUX LAURENT ,  OSBORNE MICHAEL

IPC: H04L12/70 ,  H04Q11/04 ,  H04L12/56

Abstract: Described is a method for managing flow of protocol information in a node of a hierarchical network in which the protocol information is communicated between network nodes in topology state elements. The method includes checking topology state elements generated by the node to identify protocol information encapsulated therein, and selectively allowing transmittal of the topology state elements from the node to lower levels of the network based on the protocol information identified.

公开(公告)号：DE60131047T2

公开(公告)日：2008-07-31

申请号：DE60131047

申请日：2001-04-17

Applicant: IBM

Inventor： FRELECHOUX LAURENT ,  HAAS ROBERT ,  OSBORNE MICHAEL

IPC: H04Q11/04 ,  H04L12/70 ,  H04L29/06

Abstract: Methods and apparatus are provided for managing protocol information in a PNNI hierarchical network. In a PAR-enabled device ( 1 ) of the network PAR PTSEs received by the PAR-enabled device ( 1 ) from the network are checked to identify redundant protocol information encapsulated in the PAR PTSEs. Protocol information in received PAR PTSEs is then supplied to a protocol device associated with the PAR-enabled device ( 1 ). In some embodiments, protocol information identified as redundant is excluded from the protocol information supplied to the protocol device. In other embodiments, the protocol information supplied to the protocol device is tagged to distinguish redundant protocol information from non-redundant protocol information. This facilitates efficient configuration of the network topology for the protocol in question.

公开(公告)号：DE60026400T2

公开(公告)日：2006-11-02

申请号：DE60026400

申请日：2000-07-13

Applicant: IBM

Inventor： DYKEMAN DOUGLAS ,  OSBORNE MICHAEL ,  SCOTTON PAOLO ,  STOKES OLEN ,  BASSO CLAUDE ,  AUBRY MARIANNE ,  KHAC MINH-TRI DO

IPC: G06F9/44 ,  G06F12/08 ,  G06F13/00 ,  H04L45/02 ,  H04L49/111 ,  H04Q11/04

Abstract: Address management methods and apparatus are provided for a node serving as peer group leader for a peer group of nodes in one level of the hierarchy of a PNNI hierarchical network, whereby the peer group leader represents the peer group to one or more neighboring nodes in the next level up of the hierarchy. The peer group leader has a memory (2) for storing peer group topology data (4), comprising address data which is supplied to the peer group leader from nodes in the peer group and represents addresses for access by the network, and peer group leader topology data (5), comprising address data which is supplied to said neighboring nodes by the peer group leader and represents addresses accessible via the peer group. The address management method comprises: checking whether addresses represented by said address data are accessible via the peer group; notifying said neighboring nodes of changes in the accessibility of addresses so identified; and updating said peer group leader topology data (5) in accordance with said changes.

公开(公告)号：DE60307498D1

公开(公告)日：2006-09-21

申请号：DE60307498

申请日：2003-10-24

Applicant: IBM

Inventor： BAENTSCH MICHAEL ,  BUHLER PETER ,  EIRICH THOMAS ,  HOERING FRANK ,  KRAMP THORSTEN ,  OESTREICHER MARCUS ,  OSBORNE MICHAEL ,  WEIGOLD D

IPC: H04L29/06

Abstract: A method for providing a user device with a set of access codes comprises, in the user device, storing an encryption key a an identification code, and sending a message containing the identification code to a server via a communications network. In the server, an encryption key is stored corresponding to the key stored in the user device, allocating the set of access codes on receipt of the identification code from the user device. A look up function is performed based on the identification code received in the message to retrieve the key from storage. The set of access codes is encrypted using the retrieved key to produce an encrypted set. A message containing the encrypted set is sent to the user device via the network. In the user device, the encrypted set received from the server is decrypted using the key in storage, and storing the decrypted set of access codes for use by a user of the user device.

公开(公告)号：AT320130T

公开(公告)日：2006-03-15

申请号：AT00115178

申请日：2000-07-13

Applicant: IBM

Inventor： DYKEMAN DOUGLAS ,  OSBORNE MICHAEL ,  SCOTTON PAOLO ,  STOKES OLEN ,  BASSO CLAUDE ,  AUBRY MARIANNE ,  KHAC MINH-TRI DO

IPC: G06F9/44 ,  G06F12/08 ,  G06F13/00 ,  H04L45/02 ,  H04L49/111 ,  H04Q11/04 ,  H04L12/56

Abstract: Address management methods and apparatus are provided for a node serving as peer group leader for a peer group of nodes in one level of the hierarchy of a PNNI hierarchical network, whereby the peer group leader represents the peer group to one or more neighboring nodes in the next level up of the hierarchy. The peer group leader has a memory (2) for storing peer group topology data (4), comprising address data which is supplied to the peer group leader from nodes in the peer group and represents addresses for access by the network, and peer group leader topology data (5), comprising address data which is supplied to said neighboring nodes by the peer group leader and represents addresses accessible via the peer group. The address management method comprises: checking whether addresses represented by said address data are accessible via the peer group; notifying said neighboring nodes of changes in the accessibility of addresses so identified; and updating said peer group leader topology data (5) in accordance with said changes.

公开(公告)号：AU2003269415A1

公开(公告)日：2004-06-07

申请号：AU2003269415

申请日：2003-10-24

Applicant: IBM

Inventor： BAENTSCH MICHAEL ,  BUHLER PETER ,  EIRICH THOMAS ,  HORING FRANK ,  KRAMP THORSTEN ,  OESTREICHER MARCUS ,  OSBORNE MICHAEL ,  WEIGOLD THOMAS D

IPC: H04L29/06

Abstract: A method for providing a user device with a set of access codes comprises, in the user device, storing an encryption key a an identification code, and sending a message containing the identification code to a server via a communications network. In the server, an encryption key is stored corresponding to the key stored in the user device, allocating the set of access codes on receipt of the identification code from the user device. A look up function is performed based on the identification code received in the message to retrieve the key from storage. The set of access codes is encrypted using the retrieved key to produce an encrypted set. A message containing the encrypted set is sent to the user device via the network. In the user device, the encrypted set received from the server is decrypted using the key in storage, and storing the decrypted set of access codes for use by a user of the user device.

公开(公告)号：DE112021000709T5

公开(公告)日：2022-12-01

申请号：DE112021000709

申请日：2021-03-17

Applicant: IBM

Inventor： VISEGRADY TAMAS ,  DRAGONE SILVIO ,  OSBORNE MICHAEL ,  PALMER ELAINE

IPC: G06F21/60

Abstract: Es wird eine Schlüsselkennung, die einen Verschlüsselungsschlüssel kennzeichnet, an einen Verschlüsselungskoprozessor übertragen. Ein erster Satz von Attributen wird von dem Verschlüsselungskoprozessor empfangen. Der erste Satz von Attributen und ein zweiter Satz von Attributen werden zu einer ersten Folge von Attributen serialisiert. Die erste Folge von Attributen wird in einem Attribut-Datenübertragungsblock gespeichert. Ein oder mehrere Attribute in dem zweiten Satz von Attributen sind dem Verschlüsselungsschlüssel zugehörig und stammen aus einem Schlüsselattributspeicher des Schlüsselverwaltungssystems. Der zweite Satz von Attributen unterscheidet sich von dem ersten Satz von Attributen. Die erste Folge von Attributen wird an den Verschlüsselungskoprozessor übermittelt. Ein erster Nachrichtenauthentifizierungscode (MAC), der aus der ersten Folge von Attributen berechnet wird, wird von dem Verschlüsselungskoprozessor empfangen. Der Attribut-Datenübertragungsblock wird überprüft, indem der erste MAC oder ein von dem ersten MAC abgeleiteter Wert mit einem Bezugswert verglichen wird.

公开(公告)号：GB2501645B

公开(公告)日：2014-08-27

申请号：GB201313687

申请日：2012-02-22

Applicant: IBM

Inventor： OSBORNE MICHAEL ,  TAMAS VISEGRADY

IPC: H04L9/32

Abstract: A computer method, computer system, and article for enabling digital signature auditing. The method includes the steps of: receiving at least one signature request issued by at least one application, forwarding a first data corresponding to the received at least one signature request to at least one signing entity for subsequent signature of the first data, storing an updated system state that is computed using a function of: i) a reference system state and ii) a second data corresponding to the received at least one signature request, where the reference system state and the updated system state attest to the at least one signature request, and repeating the above steps, using the updated system state as a new reference system state, where the steps of the method are executed at a server of a computerized system.