公开(公告)号：WO1995014283A2

公开(公告)日：1995-05-26

申请号：PCT/US1994012426

申请日：1994-10-28

Applicant: HUGHES AIRCRAFT COMPANY

Inventor： HUGHES AIRCRAFT COMPANY ,  BATHRICK, Erwin, W. ,  GARBER, John, W. ,  HUANG, Cheng-Chi ,  KUNG, Kenneth, C. ,  MATTHEWS, Todd, E. ,  ZUMDA, James, E. ,  MATTHEWS, Regina, L.

IPC: G06K00/00

CPC classification number: H04L9/0838 ,  H04L9/3215 ,  H04L9/3263

Abstract: Disclosed is a computer system and a method for the protected distribution of certificate and keying material between a certification authority and at least one entity in the certification authority's domain, comprising the steps of sending keying material, including a password, generated by the Certifying Authority to the entity via a secure medium; generating and protecting, by the entity, a public and a private key pair using the keying material provided it by the certifying authority; generating, protecting and sending a request for a certificate to the certifying authority using the keying material provided it by the certifying authority; requesting, by the certifying authority, that the public key and address of the entity be sent to the certifying authority; protecting and sending the public key and address of the entity to the certifying authority using the keying material provided it by the certifying authority; assembling and issuing the certificate to the entity from the certifying authority and recording the public key of the entity at the certifying authority for public use within the domain of the certifying authority.

Abstract translation: 公开了一种计算机系统和用于在认证机构与认证机构的领域中的至少一个实体之间保护分发证书和密钥材料的方法，包括以下步骤：将由认证机构产生的密钥材料（包括密码）发送到 该实体经由安全媒体; 由实体生成和保护使用由认证机构提供的密钥材料的公钥和私钥对; 使用认证机构提供的密钥材料生成，保护和向认证机构发送证书请求; 由认证机关要求将实体的公钥和地址发送给认证机构; 使用认证机构提供的密钥材料保护和发送实体的公钥和地址给认证机构; 从认证机构组织并发放证书给实体，并在认证机构的领域内，将实体的公钥记录在认证机构进行公开使用。

公开(公告)号：WO1991017614A2

公开(公告)日：1991-11-14

申请号：PCT/US1991001195

申请日：1991-02-20

Applicant: HUGHES AIRCRAFT COMPANY

Inventor： HUGHES AIRCRAFT COMPANY ,  BATHRICK, Erwin, W. ,  ZMUDA, James, E.

IPC: H04L09/08

CPC classification number: H04L9/0838

Abstract: The invention is an improved distributed information system which automatically provides for the transmission of security protocol data units between end-users of a distributed information system. The invention includes a processor (14) that compares the adress and security key of a received security protocol data unit to stored end-system addresses and security key information stored in memory (10, 12) and, in the absence of an existing end-system (B) address and security key, includes a processor (20, 24) to automatically initiate negotiation of a security key between end-systems (A, B) and then confirms the negotiated security key and initiates a security protocol transmission of the data unit using transmitters and receivers (18, 20) and protocol processors (19, 28).

公开(公告)号：EP0682832A1

公开(公告)日：1995-11-22

申请号：EP94932109.0

申请日：1994-10-28

Applicant: Hughes Aircraft Company

Inventor： BATHRICK, Erwin, W. ,  GARBER, John, W. ,  HUANG, Cheng-Chi ,  KUNG, Kenneth, C. ,  MATTHEWS, Todd, E. ,  ZUMDA, James, E. ,  MATTHEWS, Regina, L.

IPC: G09C1 ,  H04L9

CPC classification number: H04L9/0838 ,  H04L9/3215 ,  H04L9/3263

Abstract: Disclosed is a computer system and a method for the protected distribution of certificate and keying material between a certification authority and at least one entity in the certification authority's domain, comprising the steps of sending keying material, including a password, generated by the Certifying Authority to the entity via a secure medium; generating and protecting, by the entity, a public and a private key pair using the keying material provided it by the certifying authority; generating, protecting and sending a request for a certificate to the certifying authority using the keying material provided it by the certifying authority; requesting, by the certifying authority, that the public key and address of the entity be sent to the certifying authority; protecting and sending the public key and address of the entity to the certifying authority using the keying material provided it by the certifying authority; assembling and issuing the certificate to the entity from the certifying authority and recording the public key of the entity at the certifying authority for public use within the domain of the certifying authority.

公开(公告)号：EP0479997B1

公开(公告)日：1995-04-05

申请号：EP91908031.7

申请日：1991-02-20

Applicant: Hughes Aircraft Company

Inventor： BATHRICK, Erwin, W. ,  ZMUDA, James, E.

IPC: H04L9/08

CPC classification number: H04L9/0838

Abstract: The invention is an improved distributed information system which automatically provides for the transmission of security protocol data units between end-users of a distributed information system. The invention includes a processor (14) that compares the adress and security key of a received security protocol data unit to stored end-system addresses and security key information stored in memory (10, 12) and, in the absence of an existing end-system (B) address and security key, includes a processor (20, 24) to automatically initiate negotiation of a security key between end-systems (A, B) and then confirms the negotiated security key and initiates a security protocol transmission of the data unit using transmitters and receivers (18, 20) and protocol processors (19, 28).

公开(公告)号：EP0479997A1

公开(公告)日：1992-04-15

申请号：EP91908031.0

申请日：1991-02-20

Applicant: HUGHES AIRCRAFT COMPANY

Inventor： BATHRICK, Erwin, W. ,  ZMUDA, James, E.

IPC: G09C1 ,  H04L9

CPC classification number: H04L9/0838

Abstract: Cette invention se rapporte à un système informatique décentralisé amélioré qui permet la transmission automatique d'unités de données à protocole de sécurité entre les utilisateurs finaux d'un système informatique décentralisé. Cette invention comprend un processeur (14) qui compare l'adresse et la clé de sécurité d'une unité de données à protocole de sécurité reçue, à des informations relatives à des adresses et à une clé de sécurité de système final enregistrées dans les mémoires (10, 12) et, en l'absence d'une clé de sécurité et d'une adresse de système final (B) existant, comprend un processor (20, 24) servant à effectuer automatiquement la négociation d'une clé de sécurité entre des systèmes finaux (A, B) et à confirmer par la suite la clé de sécurité négociée, après quoi il déclenche une transmission avec protocole de sécurité de cette unité de données par l'intermédiaire d'émetteurs et de récepteurs (18, 20) et de processeurs de protocole (19, 28).