公开(公告)号：WO2020074438A1

公开(公告)日：2020-04-16

申请号：PCT/EP2019/077074

申请日：2019-10-07

Applicant: THALES DIS FRANCE SA ,  GEMALTO CANADA INC. ,  SAFENET INC.

Inventor： HUGOT, Didier ,  ROMA, Frédéric ,  EGAN, Russel ,  HOLLAND, Christopher

IPC: G06F17/24

Abstract: The invention is a method that comprises parsing first and second digital documents and identifying a first component into said first digital document and a second component into said second digital document, determining a first attribute based on a context of the first digital document, determining a second attribute based on a context of the second digital document, allocating the first attribute to the first component and the second attribute to the second component, and storing in a storage unit a first entry comprising a value of the first component and the first attribute and a second entry comprising a value of the second component and the second attribute. The method comprises conducting a correlation search between said first and second components using said first and second attributes, if the correlation has been found, generating a data reflecting the correlation.

公开(公告)号：WO2011044710A1

公开(公告)日：2011-04-21

申请号：PCT/CN2009/001133

申请日：2009-10-12

Applicant: SAFENET, INC. ,  CHENG, Peter

Inventor： CHENG, Peter

IPC: G06F21/00

CPC classification number: G06F21/126 ,  G06F21/121 ,  G06F21/125

Abstract: Software application protection methods and systems for protecting and verifying licensing of an original application. The system reads the original application executable, and generates a shelled application comprising the original application and a shell containing the license information. The shelled application implements license APIs, and establishes secure communications within the shelled application between the original application and the shell. Licensing for the original application can be verified by the shelled application alone.

Abstract translation: 用于保护和验证原始应用程序许可的软件应用程序保护方法和系统。 系统读取原始应用程序可执行文件，并生成包含原始应用程序和包含许可证信息的外壳的shelled应用程序。 shelled应用程序实现许可证API，并在原始应用程序和shell之间的shelled应用程序内建立安全通信。 原始应用程序的许可证可以通过单独的shelled应用程序进行验证。

公开(公告)号：WO2020141182A1

公开(公告)日：2020-07-09

申请号：PCT/EP2019/087200

申请日：2019-12-31

Applicant: SAFENET INC.

Inventor： LIEPERT, Martin

IPC: G06F21/52

Abstract: A method 20 for managing a first application program comprises: - executing, by a first processor, a first control flow, the first control flow graph including at least two separated branches 260, 280, each of the at least two separated branches including at least one node 26; - executing, by a second processor, in synchronization with the first control flow execution, a second application; - determining, by the second processor, when executing the at least one second application, at least one transition decision between at least two first nodes of the at least two separated branches, the at least one transition decision being conditional (226 or 228) to continue from an execution of the current node to an execution of a first node of one branch of the at least two separated branches or a first node of another branch of the at least two separated branches; - controlling,by the second processor,when executing the at least one second application,based on the determined at least one transition decision, the first node of the branch to be executed by the first processor.

公开(公告)号：WO2020077048A1

公开(公告)日：2020-04-16

申请号：PCT/US2019/055551

申请日：2019-10-10

Applicant: SAFENET INC.

Inventor： HOLLAND, Christopher ,  EGAN, Russell

IPC: G06F17/24 ,  G06F17/22

Abstract: The invention is a method for securing a digital document. An initial version of the digital document contains a set of data. The method comprises:- generating a link value by applying a preset function to a subset of the set of data,- allocating the link value to a target data belonging to the set of data and storing an entry comprising the target data in a secure storage unit, the target data being reachable in the secure storage unit through the link value, the secure storage unit being configured to use access rules for authorizing or denying a request initiated by a user and aiming at accessing the target data comprised in said entry,- generating an updated version of the digital document by removing the target data from the initial version of the digital document.

公开(公告)号：WO2004072797A3

公开(公告)日：2009-04-02

申请号：PCT/US2004003622

申请日：2004-02-06

Applicant: SAFENET INC ,  WYSCHOGROD DANIEL ,  LEIBMAN LEONID

Inventor： WYSCHOGROD DANIEL ,  LEIBMAN LEONID

IPC: G06F7/00 ,  G06F17/00 ,  G06F17/30

CPC classification number: G06F17/30985 ,  Y10S707/99936

Abstract: A system for determining the start of a match of a regular expression includes a special state table that contains start entries and terminal entries, and a set of start state registers for holding offset information. The system further includes a DFA next state table that, given the current state and an input character, returns the next state. A settable indicator is included in the DFA next state table corresponding to each next state table entry which indicates whether to perform a lookup in the special state table. A compiler loads values into the special state table based on the regular expression. A method for determining the start of a match of a regular expression using the special state table, the set of start state registers and the DFA next state table, includes the step of determining from the regular expression each start-of match start state and each end-of-match terminal state. For each start state, a start state entry is loaded into the special state table. For each terminal state, a terminal state entry is loaded into each special state table. The next state table is used to return the next state from the current state and an input character. When a start state is encountered, the current offset from the beginning of the input character string is loaded into the start state register. When a terminal state is encountered, the terminal state entry is retrieved from the special state table, and the value of the start state register corresponding to the rule number of the terminal entry in the special state table is further retrieved. The value of the start state register which is retrieved indicates the location in the character string where the start-of-match occurred for a particular rule.

Abstract translation: 用于确定正则表达式的匹配的开始的系统包括包含起始条目和终端条目的特殊状态表以及用于保持偏移信息的一组起始状态寄存器。 该系统还包括DFA下一状态表，其给定当前状态和输入字符，返回下一状态。 对应于每个下一个状态表条目的DFA下一个状态表中都包括一个可设置的指示符，它指示是否在特殊状态表中执行查找。 编译器根据正则表达式将值加载到特殊状态表中。 使用特殊状态表，开始状态寄存器组和DFA下一状态表来确定正则表达式的匹配开始的方法包括从正则表达式确定每个开始匹配开始状态和每个 端匹配终端状态。 对于每个启动状态，将启动状态条目加载到特殊状态表中。 对于每个终端状态，终端状态条目被加载到每个特殊状态表中。 下一个状态表用于从当前状态和输入字符返回下一个状态。 当遇到启动状态时，从输入字符串开始的当前偏移量被加载到启动状态寄存器中。 当遇到终端状态时，从特殊状态表中检索终端状态条目，并进一步检索与特殊状态表中的终端条目的规则号对应的起始状态寄存器的值。 检索到的起始状态寄存器的值表示特定规则发生匹配开始的字符串中的位置。

公开(公告)号：WO2008124201A3

公开(公告)日：2008-10-16

申请号：PCT/US2008/052228

申请日：2008-01-28

Applicant: SAFENET, INC. ,  MURRAY, Eric

Inventor： MURRAY, Eric

IPC: G06F7/04

Abstract: A technique for secure file encryption first choose a file encryption key randomly among a set of file encryption keys and encrypts a file using the chosen file encryption key based on a set of encryption rules. The file encryption key can then be encrypted via a directory master secret (DMS) key for an extra layer of security so that an intruder cannot decrypt the encrypted file even if the intruder gains access to the DMS-encrypted file encryption key. Finally, the DMS-encrypted file encryption key can be stored in a metadata associated with the file.

公开(公告)号：WO2007087316A3

公开(公告)日：2008-04-24

申请号：PCT/US2007001800

申请日：2007-01-23

Applicant: SAFENET INC ,  ELTETO LASZLO

Inventor： ELTETO LASZLO

IPC: H04L9/00

CPC classification number: G06F21/125

Abstract: A system and method for binding a protected application to a shell module. The shell module is appended to the application. The shell module executes prior to the execution of the application, and first creates a resource. After the shell module finishes execution, the application tries to access the created resource. If the access is successful, the application is allowed to proceed. Otherwise, the application terminates. The inability of the application to access the resource is an indication that the shell module never actually created the resource. This suggests that the shell module never executed; the shell module may have been either removed or functionally disconnected from the application. This further implies that the security functionality of the shell module has not executed. The application is therefore not permitted to execute, since the shell's security checks have probably not been performed.

Abstract translation: 将受保护的应用程序绑定到shell模块的系统和方法。 shell模块附加到应用程序。 shell模块在执行应用程序之前执行，并首先创建一个资源。 shell模块完成执行后，应用程序将尝试访问创建的资源。 如果访问成功，则允许应用程序继续。 否则，应用程序终止。 应用程序无法访问资源表明shell模块从未实际创建资源。 这表明shell模块从未执行过; 壳模块可能已被删除或与应用程序功能断开连接。 这进一步意味着shell模块的安全功能尚未执行。 因此，应用程序不允许执行，因为shell的安全检查可能未被执行。

公开(公告)号：WO2020077061A1

公开(公告)日：2020-04-16

申请号：PCT/US2019/055579

申请日：2019-10-10

Applicant: SAFENET INC.

Inventor： HOLLAND, Christopher ,  EGAN, Russell

IPC: G06F17/24 ,  G06F17/22

Abstract: The invention is a method for securely accessing a document in paper form containing a set of data by a user. The method comprises the following steps: (a) from a current version of the document, detecting the existence of a target data belonging to an enhanced version of the document and missing from the current version of the document, (b) generating a link value allocated to the target data by applying a preset function to a subset of said set of data, (c) retrieving a metadata from a secure storage unit by using the link value and, using a message based on said metadata, proposing to the user to get the target data, (d) getting both agreement of the user and credentials of the user, (e) generating a request by using the link value and said credentials for retrieving the target data from the secure storage unit only if the user gave his agreement, (f) providing the user with the target data only if the secure storage unit successfully checked the compliance of the request with preset access rules.

公开(公告)号：WO2016044399A1

公开(公告)日：2016-03-24

申请号：PCT/US2015/050386

申请日：2015-09-16

Applicant: SAFENET, INC.

Inventor： DAR, Iqbal ,  JIANG, Chao ,  DUNN, Chris ,  GAJERA, Shailesh

IPC: G06F11/00

CPC classification number: G06F21/62 ,  H04L67/12 ,  H04W12/02

Abstract: A secure processing facility has a plurality of workstations, with associated computers to provide data to, and/or receive data from, the workstations. The computers are provided with a visual display unit, and display machine-readable data codes on the display. The computers are provided with a scanner to read the machine-readable data codes on the display of another of the computers. The computers have no other connection to receive or transmit machine readable data. A method of operating the facility includes processing a workpiece at a first workstation. A display of the computer of the first workstation displays a data code containing data related to the processing of the workpiece. The scanner of the computer associated with a second workstation scans the data code. The workpiece is transferred from the first workstation to the second workstation. The workpiece is processed at the second workstation.

Abstract translation: 安全处理设备具有多个工作站，其中相关联的计算机向工作站提供数据和/或从工作站接收数据。 这些计算机设置有可视显示单元，并且在显示器上显示机器可读数据代码。 这些计算机设有扫描仪，用于读取另一台计算机的显示器上的机器可读数据代码。 计算机没有其他连接来接收或发送机器可读数据。 操作该设备的方法包括在第一工作站处处理工件。 第一工作站的计算机的显示器显示包含与工件的处理相关的数据的数据代码。 与第二工作站相关联的计算机的扫描器扫描数据代码。 工件从第一个工作站传送到第二个工作站。 工件在第二个工作站处理。

公开(公告)号：WO2004072797A2

公开(公告)日：2004-08-26

申请号：PCT/US2004/003622

申请日：2004-02-06

Applicant: SAFENET, INC. ,  WYSCHOGROD, Daniel ,  LEIBMAN, Leonid

Inventor： WYSCHOGROD, Daniel ,  LEIBMAN, Leonid

IPC: G06F

CPC classification number: G06F17/30985 ,  Y10S707/99936

Abstract: A system for determining the start of a match of a regular expression includes a special state table that contains start entries and terminal entries, and a set of start state registers for holding offset information. The system further includes a DFA next state table that, given the current state and an input character, returns the next state. A settable indicator is included in the DFA next state table corresponding to each next state table entry which indicates whether to perform a lookup in the special state table. A compiler loads values into the special state table based on the regular expression. A method for determining the start of a match of a regular expression using the special state table, the set of start state registers and the DFA next state table, includes the step of determining from the regular expression each start-of match start state and each end-of-match terminal state. For each start state, a start state entry is loaded into the special state table. For each terminal state, a terminal state entry is loaded into each special state table. The next state table is used to return the next state from the current state and an input character. When a start state is encountered, the current offset from the beginning of the input character string is loaded into the start state register. When a terminal state is encountered, the terminal state entry is retrieved from the special state table, and the value of the start state register corresponding to the rule number of the terminal entry in the special state table is further retrieved. The value of the start state register which is retrieved indicates the location in the character string where the start-of-match occurred for a particular rule.

Abstract translation: 用于确定正则表达式的匹配的开始的系统包括包含起始条目和终端条目的特殊状态表以及用于保持偏移信息的一组起始状态寄存器。 该系统还包括DFA下一状态表，其给定当前状态和输入字符，返回下一状态。 对应于每个下一个状态表条目的DFA下一个状态表中都包括一个可设置的指示符，它指示是否在特殊状态表中执行查找。 编译器根据正则表达式将值加载到特殊状态表中。 使用特殊状态表，开始状态寄存器组和DFA下一状态表来确定正则表达式的匹配开始的方法包括从正则表达式确定每个开始匹配开始状态和每个 端匹配终端状态。 对于每个启动状态，将启动状态条目加载到特殊状态表中。 对于每个终端状态，终端状态条目被加载到每个特殊状态表中。 下一个状态表用于从当前状态和输入字符返回下一个状态。 当遇到启动状态时，从输入字符串开始的当前偏移量被加载到启动状态寄存器中。 当遇到终端状态时，从特殊状态表中检索终端状态条目，并进一步检索与特殊状态表中的终端条目的规则号对应的起始状态寄存器的值。 检索到的起始状态寄存器的值表示特定规则发生匹配开始的字符串中的位置。