-
公开(公告)号:WO2012038842A1
公开(公告)日:2012-03-29
申请号:PCT/IB2011/053453
申请日:2011-08-03
Inventor: VISEGRADY, Tamas , WOLF, Heiko
CPC classification number: G06K19/06009 , G06K19/06 , G06K19/086 , G09C1/00 , H04L9/3278 , H04L2209/12
Abstract: The invention is directed to products embodying a PUF. A method for manufacturing such a product is disclosed which relies on a material having one surface with "deterministic" asperities. The method further uses particles dimensioned such as to be able to be trapped by the asperities of the surface. Generally, the method enables particles (20) to randomly deposit on and get trapped by asperities (14) of the material surface (12), such as to obtain a pattern that forms the PUF. The resulting PUF is made easier to read out since the general pattern and the location of the particles are known. Only the filling level (of a given type) of the particles is random.
Abstract translation: 本发明涉及体现PUF的产品。 公开了一种制造这种产品的方法,其依赖于具有“确定性”粗糙度的一个表面的材料。 该方法还使用尺寸为能够被表面粗糙度捕获的尺寸的颗粒。 通常,该方法使得颗粒(20)能够随机沉积并被材料表面(12)的凹凸(14)捕获,以获得形成PUF的图案。 由于一般图案和颗粒的位置是已知的,所以得到的PUF变得更容易读出。 只有颗粒的填充水平(给定类型)是随机的。
-
Patent Agency Ranking
公开(公告)号:WO2009127984A1
公开(公告)日:2009-10-22
申请号:PCT/IB2009/051217
申请日:2009-03-24
Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION , BAENTSCH, Michael , BUHLER, Peter , EIRICH, Thomas , KRAMP, Thorsten , KUYPER-HAMMOND, Michael P. , OSBORNE, Michael C. , VISEGRADY, Tamas
Inventor: BAENTSCH, Michael , BUHLER, Peter , EIRICH, Thomas , KRAMP, Thorsten , KUYPER-HAMMOND, Michael P. , OSBORNE, Michael C. , VISEGRADY, Tamas
CPC classification number: H04L63/08 , G06F21/34 , H04L63/0853 , H04L63/18 , H04W8/245 , H04W12/06 , H04W88/02
Abstract: Methods and apparatus are provided for authenticating communications between a user computer (2) and a server (3) via a data communications network (4). A security device (6) of the apparatus has memory (10) containing security data, and security logic (12) adapted to use the security data to generate an authentication response to an authentication message received from the server (3) in use. An interface device (7) of the apparatus is adapted for data communications with the security device (6). The interface device (7) has a receiver (17) for receiving from the user computer (2) an authentication output containing the authentication message sent by the server (3) to the user computer in use, and interface logic (19) adapted to extract the authentication message from the authentication output and to send the authentication message to the security device (6). The apparatus includes a communications interface (16) for connecting to the server (3) via a communications channel bypassing the user computer (2). One of the security device (6) and interface device (7) is adapted for sending the authentication response to the server (3) via the communications channel bypassing the user computer.
Abstract translation: 提供了用于经由数据通信网络(4)认证用户计算机(2)和服务器(3)之间的通信的方法和装置。 该装置的安全装置(6)具有包含安全数据的存储器(10),以及安全逻辑(12),其适于使用所述安全数据来生成对使用中从所述服务器(3)接收到的认证消息的认证响应。 设备的接口设备(7)适于与安全设备(6)的数据通信。 接口装置(7)具有用于从用户计算机(2)接收包含由服务器(3)发送给使用的用户计算机的认证消息的认证输出的接收机(17),以及适于 从认证输出中提取认证消息,并将认证消息发送到安全设备(6)。 该装置包括用于经由旁路用户计算机(2)的通信信道连接到服务器(3)的通信接口(16)。 安全装置(6)和接口装置(7)中的一个适于经由绕过用户计算机的通信信道向服务器(3)发送认证响应。
-
公开(公告)号:WO2009066217A3
公开(公告)日:2009-05-28
申请号:PCT/IB2008/054782
申请日:2008-11-14
Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION , BAENTSCH, Michael , BUHLER, Peter , EIRICH, Thomas , HERMANN, Reto Josef , KRAMP, Thorsten , VISEGRADY, Tamas , WEIGOLD, Thomas D.
Inventor: BAENTSCH, Michael , BUHLER, Peter , EIRICH, Thomas , HERMANN, Reto Josef , KRAMP, Thorsten , VISEGRADY, Tamas , WEIGOLD, Thomas D.
Abstract: Performing secure electronic transactions The invention relates to a method for performing electronic transactions between a server computer (110) and a client computer (120), the method comprising the steps of: - running a first communication protocol with encrypted data transmission and mutual authentication between the server computer (110) and a hardware device (130) via a communication network (160), - performing a decryption of encrypted server responses received from the server computer (110) in the hardware device (130), - forwarding the decrypted server responses from the hardware device (130) to the client computer (120), - displaying the decrypted server responses on a client computer display (121) of the client computer (120), - receiving client requests to be send from the client computer (120) to the server computer (110) by the hardware device (130), - parsing the client requests for predefined transaction information by the hardware device (130), - encrypting and forwarding client requests that do not contain any predefined transaction information to the server computer (110) by the hardware device (130), - displaying the predefined transaction information upon detection in a client request on a hardware device display (210) of the hardware device (130), - forwarding and encrypting the client request containing the predefined transaction information to the server computer (110) if a user confirmation is received, - canceling the electronic transaction if no user confirmation is received.
-
4.发明申请COMMUNICATIONS CHANNEL INTERPOSER, METHOD AND PROGRAM PRODUCT FOR VERIFYING INTEGRITY OF UNTRUSTED SUBSYSTEM RESPONSES TO A REQUEST 审中-公开通信信道交换机,方法和程序产品,用于验证非请求子系统响应请求的完整性
公开(公告)号:WO2007048725A1
公开(公告)日:2007-05-03
申请号:PCT/EP2006/067443
申请日:2006-10-16
Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION , IBM UNITED KINGDOM LIMITED , CONDORELLI, Vincenzo , DEWKETT, Thomas , HOCKER, Michael , VISEGRADY, Tamas
Inventor: CONDORELLI, Vincenzo , DEWKETT, Thomas , HOCKER, Michael , VISEGRADY, Tamas
IPC: G06F11/16
CPC classification number: G06F11/1608 , G06F11/1616 , G06F11/1625
Abstract: In a communications channel coupled to multiple duplicated subsystems, a method, interposer and program product are provided for verifying integrity of subsystem responses. Within the communications channel, a first checksum is calculated with receipt of a first response from a first subsystem responsive to a common request, and a second checksum is calculated for a second response of a second subsystem received responsive to the common request. The first checksum and the second checksum are compared, and if matching, only one of the first response and the second response is forwarded from the communications channel as the response to the common request, with the other of the first response and the second response being discarded by the communications channel.
Abstract translation: 在耦合到多个重复子系统的通信信道中,提供了用于验证子系统响应的完整性的方法,插入器和程序产品。 在通信信道中,响应于公共请求从第一子系统接收到第一响应来计算第一校验和,并且响应于公共请求而接收响应于第二子系统的第二响应的第二校验和。 比较第一校验和和第二校验和,如果匹配,则只有第一响应和第二响应中的仅一个作为对公共请求的响应从通信信道转发,第一响应和第二响应中的另一个为 由通信信道丢弃。
-
公开(公告)号:WO2011070055A1
公开(公告)日:2011-06-16
申请号:PCT/EP2010/069138
申请日:2010-12-08
Inventor: DAYKA, John , VISEGRADY, Tamas
IPC: G06F7/58
Abstract: A method for creating entropy in a virtualized computing environment includes waking one or more samplers, each sampler having a sampling frequency; sampling a sample source with each of the one or more samplers; placing each of the samplers in an inactive state when not sampling; determining a difference between an expected value and a sampled value at each sampler; and providing a function of the difference from each of the one or more samplers to an aggregator.
Abstract translation: 用于在虚拟化计算环境中创建熵的方法包括唤醒一个或多个采样器,每个采样器具有采样频率; 用一个或多个采样器中的每一个采样样品源; 当不采样时,将每个采样器置于非活动状态; 确定每个采样器的期望值和采样值之间的差; 并且向所述聚合器提供与所述一个或多个采样器中的每一个的差异的功能。
-
公开(公告)号:WO2009066217A2
公开(公告)日:2009-05-28
申请号:PCT/IB2008054782
申请日:2008-11-14
Applicant: IBM , BAENTSCH MICHAEL , BUHLER PETER , EIRICH THOMAS , HERMANN RETO JOSEF , KRAMP THORSTEN , VISEGRADY TAMAS , WEIGOLD THOMAS D
Inventor: BAENTSCH MICHAEL , BUHLER PETER , EIRICH THOMAS , HERMANN RETO JOSEF , KRAMP THORSTEN , VISEGRADY TAMAS , WEIGOLD THOMAS D
CPC classification number: H04L63/0869 , G06Q20/08 , G06Q20/42 , H04L63/0471 , H04L63/0823 , H04L63/0853 , H04L63/166 , H04L67/42 , H04L2463/102
Abstract: Performing secure electronic transactions The invention relates to a method for performing electronic transactions between a server computer (110) and a client computer (120), the method comprising the steps of: - running a first communication protocol with encrypted data transmission and mutual authentication between the server computer (110) and a hardware device (130) via a communication network (160), - performing a decryption of encrypted server responses received from the server computer (110) in the hardware device (130), - forwarding the decrypted server responses from the hardware device (130) to the client computer (120), - displaying the decrypted server responses on a client computer display (121) of the client computer (120), - receiving client requests to be send from the client computer (120) to the server computer (110) by the hardware device (130), - parsing the client requests for predefined transaction information by the hardware device (130), - encrypting and forwarding client requests that do not contain any predefined transaction information to the server computer (110) by the hardware device (130), - displaying the predefined transaction information upon detection in a client request on a hardware device display (210) of the hardware device (130), - forwarding and encrypting the client request containing the predefined transaction information to the server computer (110) if a user confirmation is received, - canceling the electronic transaction if no user confirmation is received.
Abstract translation: 执行安全的电子交易技术领域本发明涉及一种用于在服务器计算机(110)和客户端计算机(120)之间执行电子交易的方法,所述方法包括以下步骤: - 运行带有加密数据传输的第一通信协议和 服务器计算机(110)和经由通信网络(160)的硬件设备(130), - 执行从所述硬件设备(130)中从所述服务器计算机(110)接收的加密的服务器响应的解密, - 转发所述解密的服务器 从硬件设备(130)到客户端计算机(120)的响应, - 在客户端计算机(120)的客户端计算机显示器(121)上显示解密的服务器响应, - 接收客户端计算机发送的客户端请求 120)由所述硬件设备(130)发送到所述服务器计算机(110), - 通过所述硬件设备(130)解析所述客户端对于预定义事务信息的请求, - 加密和加密 通过硬件设备(130)向服务器计算机(110)不包含任何预定义的交易信息的订单客户端请求, - 在硬件设备的硬件设备显示器(210)上的客户机请求中检测到显示预定交易信息 (130),如果接收到用户确认,则将包含所述预定交易信息的所述客户端请求转发和加密到所述服务器计算机(110); - 如果没有接收到用户确认,则取消所述电子交易。
-
-
-
-
-
Search Results
6
records
(took 0.02 seconds)
