公开(公告)号：JP2000224156A

公开(公告)日：2000-08-11

申请号：JP2000012643

申请日：2000-01-21

Applicant: IBM

Inventor： HERMANN RETO ,  HUSEMAN DIRK

IPC: G09C1/00 ,  H04B7/00 ,  H04B13/00 ,  H04L9/08 ,  H04L12/28 ,  H04L12/56 ,  H04L29/06 ,  H04L29/08 ,  H04M1/725 ,  H04W12/02 ,  H04W12/06 ,  H04W76/02 ,  H04Q7/38

Abstract: PROBLEM TO BE SOLVED: To provide a method, a device and a communication system for information exchange in a network spread environment. SOLUTION: An authenticated and secret session is attained. Thus, a 1st device 1 and at least a 2nd remote device 2 are used. A uni-directional radio communication channel 3 is started between the 1st device 1 and the 2nd remote device 2, a sequence is transmitted from the 1st device 1 to the 2nd remote device 2 via the uni-directional radio communication channel 3 to provide encrypted information to the 2nd remote device 2. An encrypted reply is transmitted to the 1st device 1 via a radio multiple address medium 4, by using the encrypted information for encryption.

公开(公告)号：WO2008001322A3

公开(公告)日：2008-06-19

申请号：PCT/IB2007052511

申请日：2007-06-28

Applicant: IBM ,  BINDING CARL ,  DOLIVO FRANCOIS ,  HERMANN RETO ,  HUSEMANN DIRK

Inventor： BINDING CARL ,  DOLIVO FRANCOIS ,  HERMANN RETO ,  HUSEMANN DIRK

IPC: G06F21/54 ,  G06F21/55 ,  G06F21/57

CPC classification number: H04W12/10 ,  G06F21/54 ,  G06F21/554 ,  G06F21/57 ,  G06F2221/2103 ,  G06F2221/2153 ,  H04L63/0853 ,  H04W12/02

Abstract: A method for sending a message from a mobile device via a first application running on the mobile device is proposed. The method comprises a challenge step for supplying the first application with a challenge, a response step for receiving a response to the challenge, an equality check step for determining whether the received response corresponds to an expected response, a signature step for providing a signature for the message, using a cryptographic key and the result of the equality check step, and a send step for sending the signed message via the first application from the mobile device to a backend system.

Abstract translation: 提出了一种通过在移动设备上运行的第一应用从移动设备发送消息的方法。 该方法包括用于向第一应用提供挑战的挑战步骤，用于接收对挑战的响应的响应步骤，用于确定接收到的响应是否对应于预期响应的等式检查步骤，用于提供签名的签名步骤 消息，使用加密密钥和等式检查步骤的结果，以及发送步骤，用于经由第一应用从移动设备向后端系统发送经签名的消息。

公开(公告)号：JP2001357339A

公开(公告)日：2001-12-26

申请号：JP2001122575

申请日：2001-04-20

Applicant: IBM

Inventor： HUSEMANN DIRK ,  HERMANN RETO ,  MOSER MICHAEL ,  SCHADE ANDREAS

IPC: G06Q20/04 ,  G06Q20/12 ,  G06Q20/16 ,  G06Q20/24 ,  G06Q20/32 ,  G06Q20/42 ,  G06Q30/06 ,  G06F17/60

Abstract: PROBLEM TO BE SOLVED: To provide an improved transaction system and one example for this system. SOLUTION: This method enables a customer, who accesses a customer system (40) and a portable telephone (43) having a related telephone number, to order a deliverable (41) provided at a specific price by a merchandiser system (45). The merchandiser system (45) is accessed through the customer system (40) and a network (44). The deliverable (41) can be ordered by using the customer system (40). Order confirmation of the deliverable (41) is sent to the portable telephone (43) by using the telephone number of this telephone, and the order for the deliverable (41) is confirmed by using the portable telephone (43), and a response is transmitted to the merchandiser system (45) or an electric communication provider system (48). The price for the deliverable is charged by a bill (51) of the telephone charge issued to the portable telephone (43) by the electric communication provider system (48), and thus the customer can obtain the deliverable (41).

公开(公告)号：JP2001045029A

公开(公告)日：2001-02-16

申请号：JP2000017026

申请日：2000-01-26

Applicant: IBM

Inventor： HERMANN RETO ,  HUSEMAN DIRK ,  MOSER MICHAEL ,  NIDD MIKE ,  SCHADE ANDREAS

IPC: G06F13/00 ,  H04B7/24 ,  H04L12/28 ,  H04L12/44 ,  H04L29/08

Abstract: PROBLEM TO BE SOLVED: To provide a technique that classifies services of an adjacent range division type in a radio local network. SOLUTION: A radio local network contains all devices including a device 10 as its part. The device 10 stores a list of identifiers relating to service servers in addition to recording of information with respect to service and its relating identifiers. In the case that lists of relating identifiers and identifiers are compared and a relating service is served by a service server listed in the identification list, it is discriminated that the service resides in the vicinity of the server. In the case that the relating service is served by the service server not listed in the identifier list, it is discriminated that the service is not resident in the vicinity of the server. The device 10 includes a network interface 25 for radio communication with the service server and a service discovery module 11 that stores recording of the information service and the relating identifier.

公开(公告)号：AU2009294201B2

公开(公告)日：2014-03-27

申请号：AU2009294201

申请日：2009-09-17

Applicant: IBM

Inventor： BAENTSCH MICHAEL ,  BUHLER PETER ,  EIRICH THOMAS ,  HERMANN RETO ,  HOERING FRANK ,  KRAMP THORSTEN ,  KUYPER MICHAEL P ,  WEIGOLD THOMAS D

IPC: G06F21/34 ,  G06Q40/00

Abstract: An authorization device (5) is provided for authorizing operations of a remote server (2) requested from user computers (3) via a data communications network (4). The device (5) has a computer interface (6) for connecting the device (5) to a local user computer (3) for communication with the remote server (2), and a user interface (7) for presenting information to a user. Control logic (11) of the device (5) is adapted to use security data to establish between the device (5) and server (2), via the local user computer (3), a mutually- authenticated connection for encrypted end-to-end communications between the device and server. The control logic (11) collects from the server (2) via this connection information indicative of any operations requested by user computers via other connections to the server (2) and requiring authorization by a user of the device (5). This information is presented to a user via the user interface (7) to prompt for authorization by the user. Server operations are controlled in accordance with rule data (18) defining operations requiring authorization by one or more authorizing users. Control logic (15) of the server control apparatus responds to an operation request from a user computer (3) by determining from the rule data (18) whether authorization by at least one authorizing user is required for that operation. If so, the operation is deferred. When a mutually-authenticated connection is established with an authorizing device (5), the control apparatus can supply information indicative of any deferred operations requested from user computers (3) and requiring authorization by the device user. A deferred operation is only performed on receipt of authorization from every authorizing user from whom authorization is required for that operation, providing secure multi-party authorization in a mobile computing environment.

公开(公告)号：PL325903A1

公开(公告)日：1998-08-17

申请号：PL32590395

申请日：1995-08-14

Applicant: IBM

Inventor： ANTHIAS TEFCROS ,  DOLIVO FRANCOIS BERNARD ,  HERMANN RETO ,  PAPADOPOULOS CHRISTOS ,  WILLIAMSON ROBIN

IPC: H04L12/54 ,  H04L12/58 ,  H04Q3/02

Abstract: The method for transmitting a message involves preparing addressing information for submission of the message from the mail server assigned to the first user over the network to mail servers assigned to the destination users. The addressing information and message are encapsulated in an MQ message. A queue list is created with the MQ addresses of those queue managers through which the mail servers can be reached. The list is used to determine the set of next-hop queue managers and generating associated queue sublists. - The MQ message is routed to each of the next hop queue managers together with a queue list being equal to the queue sublist associated with the respective next-hop queue managers now become acting queue managers. If the queue manager is found to be a queue manager in the queue list it gets the names of local queues from the queue list and delivers the messages to them. The process is repeated until the message has been put in all queues of the list. The MQ messages are retrieved with addressing information from the queues of the queue list. The addressing information is used to determine the set of destination users assigned to the mail server, each of which delivers the message to the destination user if the assigned destination user is local to the mail server. The process is repeated for the subset of destination users that is not local until the message has been delivered to all destination users.

公开(公告)号：BRPI0919158A2

公开(公告)日：2016-08-09

申请号：BRPI0919158

申请日：2009-09-17

Applicant: IBM

Inventor： HOERING FRANK ,  BAENTSCH MICHAEL ,  KUYPER MICHAEL P ,  BUHLER PETER ,  HERMANN RETO ,  WEIGOLD THOMAS D ,  EIRICH THOMAS ,  KRAMP THORSTEN

IPC: G06F21/00 ,  G06F21/34 ,  G06Q40/00

公开(公告)号：CA2736582A1

公开(公告)日：2010-03-25

申请号：CA2736582

申请日：2009-09-17

Applicant: IBM

Inventor： BAENTSCH MICHAEL ,  BUHLER PETER ,  EIRICH THOMAS ,  HERMANN RETO ,  HOERING FRANK ,  KRAMP THORSTEN ,  KUYPER MICHAEL P ,  WEIGOLD THOMAS D

IPC: G06F21/34 ,  G06Q40/00

Abstract: An authorization device (5) is provided for authorizing operations of a remote server (2) requested from user computers (3) via a data communications network (4). The device (5) has a computer interface (6) for connecting the device (5) to a local user computer (3) for communication with the remote server (2), and a user interface (7) for presenting information to a user. Control logic (11) of the device (5) is adapted to use security data to establish between the device (5) and server (2), via the local user computer (3), a mutually- authenticated connection for encrypted end-to-end communications between the device and server. The control logic (11) collects from the server (2) via this connection information indicative of any operations requested by user computers via other connections to the server (2) and requiring authorization by a user of the device (5). This information is presented to a user via the user interface (7) to prompt for authorization by the user. Server operations are controlled in accordance with rule data (18) defining operations requiring authorization by one or more authorizing users. Control logic (15) of the server control apparatus responds to an operation request from a user computer (3) by determining from the rule data (18) whether authorization by at least one authorizing user is required for that operation. If so, the operation is deferred. When a mutually-authenticated connection is established with an authorizing device (5), the control apparatus can supply information indicative of any deferred operations requested from user computers (3) and requiring authorization by the device user. A deferred operation is only performed on receipt of authorization from every authorizing user from whom authorization is required for that operation, providing secure multi-party authorization in a mobile computing environment.

公开(公告)号：AT445942T

公开(公告)日：2009-10-15

申请号：AT04744314

申请日：2004-08-20

Applicant: IBM

Inventor： DOLIVO FRANCOIS ,  HERMANN RETO ,  HUSEMANN DIRK ,  NIDD MICHAEL

IPC: H04L9/32 ,  G01S5/14 ,  G06Q10/08 ,  G06Q20/20 ,  G06Q20/38 ,  G09F3/03

Abstract: There is provided a method and a system for documenting a transfer of authority of control for a container from a first entity of a transportation chain to a second entity of the transportation chain. The first entity transfers an electronic container control certificate to an electronic seal of the respective container, which electronic container control certificate comprises a cryptographic key associated to the second entity, and which container control certificate is digitally signed by the first entity. The container control certificate is stored in a log of the electronic seal.

公开(公告)号：DE69528997D1

公开(公告)日：2003-01-09

申请号：DE69528997

申请日：1995-08-14

Applicant: IBM

Inventor： ANTHIAS TEFCROS ,  DOLIVO BERNARD ,  HERMANN RETO ,  PAPADOPOULOS CHRISTOS ,  WILLIAMSON ROBIN

IPC: H04L12/54 ,  H04L12/58 ,  H04Q3/02

Abstract: The method for transmitting a message involves preparing addressing information for submission of the message from the mail server assigned to the first user over the network to mail servers assigned to the destination users. The addressing information and message are encapsulated in an MQ message. A queue list is created with the MQ addresses of those queue managers through which the mail servers can be reached. The list is used to determine the set of next-hop queue managers and generating associated queue sublists. - The MQ message is routed to each of the next hop queue managers together with a queue list being equal to the queue sublist associated with the respective next-hop queue managers now become acting queue managers. If the queue manager is found to be a queue manager in the queue list it gets the names of local queues from the queue list and delivers the messages to them. The process is repeated until the message has been put in all queues of the list. The MQ messages are retrieved with addressing information from the queues of the queue list. The addressing information is used to determine the set of destination users assigned to the mail server, each of which delivers the message to the destination user if the assigned destination user is local to the mail server. The process is repeated for the subset of destination users that is not local until the message has been delivered to all destination users.