302results about How to "Fast authentication" patented technology

The invention pertains to a method, online service, and system, for creating partnerships based on trust relationships over a public network, authenticating trade partners, infrastructure providers and collaborators to each other, and providing users with an environment suitable for conducting transactions requiring a high level of trust. A service according to the invention is a persistent authentication and mediation service (PAMS) which is provided as an on-line service. One embodiment is a method for conducting authenticated business transactions involving microprocessor equipped devices over the Internet comprising:

• • A. providing an on-line authentication service available on the distributed network;
  • B. authenticating a plurality of users to said on-line authentication service using a closed authentication system to produce a plurality of authenticated users; and
  • C. connecting a group of at least two of said plurality of authenticated users under persistent mediation of said on-line authentication service, producing a connected group of authenticated users.

A method and system that registers data carried by a watermark with a server, reads watermark data from a document and generates an action string if a watermark read from a document matches registered data. In one embodiment the system includes two servers. Registration is done on one server via the internet the registration data is sent to a second server. The second server is interrogated via a local area network (LAN) to determine if particular watermark data is registered. The LAN allows data carried on documents such as tickets to be authenticated very quickly. In a second embodiment, there are multiple registration servers, each of which registers a different sets of watermark data. The compartmentalization of data increases security and privacy of data.

A method for distributed automated software GUI testing includes maintaining a centralized queue, which stores test instances to be executed by distributed test execution computers (“test computers”). Each test computer includes a client platform and is connected to one or more server platforms, the client and server platforms collectively providing client-server combinations against which the tests may be executed. For each test computer: (1) a request for a test instance is received from a test computer in response to completion of a preceding test by the test computer; (2) in response, a test instance is retrieved from the queue and communicated to the test computer for execution using a testing component supported by the test computer; (3) the component performs automated software GUI testing and produces test results; and (5) in response to execution of the instance, a test result for the executed instance is received and stored.

An apparatus for authenticating a user for network access in a communication system comprises: an input module contained in a subscriber terminal for receiving and transferring identification information and a password for network access from a user; an authentication supplicant contained in network equipment for requesting network access authentication for the identification information and password transferred from the input module; an authentication server for storing information related to the network access authentication, and for performing authentication to determine whether to permit the subscriber terminal to access a network in response to the authentication request; and a protocol authenticator for performing protocol processing between the authentication supplicant and the authentication server. A corresponding method is disclosed. Thus, it is possible to authenticate subscriber terminals for network access without the installation, by an Internet service provider, of specific software (e.g., a supplicant program) in all of the subscriber terminals.

According to one aspect, there is provided a method of controlling access to a network resource. The method comprises receiving a request to grant a user access to the network resource, the request including a user identifier, determining whether the received user identifier is stored in a local user data store associated with the resource, and where it is not so determined determining, from user details stored in a master user data store, whether the user is authorized to access the resource, and where it is so determined obtaining a password, and storing the obtained password and user details in the local data store associated with the network resource.

A transmitting device includes a transmission side control data memory. A receiving device includes a receiving side control data memory. In an operation state, EDID, a device key for and HDCP and the like are stored in the receiving side control data memory. Subsequently, the EDID and information necessary for HDCP authentication are copied from the receiving side control data memory to the transmission side control data memory through the DDC. A transmission controller accesses the transmission side control data memory and executes plug-and-play and HDCP authentication. The DDC realizes a one-to-one connection between the transmitting device and the receiving device. Thus, waveform distortion can be minimized and the length of a cable can be increased in a simple manner.

A method of granting, to a user communications device, access to a service provided by a plurality of service communications devices where an access key code is generated during an initial communications session between the user communications device and one of the service communications devices. The established access key code is subsequently stored in the user communications device and made available to the service communications devices for use in subsequent communications sessions between the user communications device and any one of the service communications devices. The invention further relates to a communications system and a user communications device.

The invention discloses an Internet of Vehicles distributed authentication method based on controllable privacy, relates to the field of vehicle network communication safety, and specifically relates to an Internet of Vehicles distributed authentication method based on controllable privacy. The method specifically includes five following steps: system initialization; private key update of fake names and a part of signatures; message signature; message authentication of signatures; and real identity tracking and revocation. According to the method, the double hash chain is employed to establish the fake names, the communication cost for invalidating a vehicle identity is irrelevant to the numbers of the fake names and a part of the signature private keys of the vehicle, a vehicle user can update multiple parts of signature private keys by the adoption of one authorization, and the burden of trusted authority (TA) and road-side units (RSU) is reduced; when a message with a controversial signature occurs, the TA can distinguish whether the signature is forged by the RSU according to re-signature of the message uploaded by the vehicle, and the problem of non-repudiation in the distributed environment is solved. According to the method, the security is high, the cost is low, and the method is applicable to node high-speed movement, topology structure volatility, and large-scale VANET network.

The invention discloses a method for designing a vehicle network group negotiation communication protocol, which includes the following steps: (1) first establish a system model; (2) system initialization; (3) both vehicle and roadside unit RSU authentication; ( 4) Negotiation and update of the group key; (5) Communication within the group mainly includes broadcast communication, communication between vehicles and RSUs, and one-to-one communication between vehicles. The present invention adopts a public key system without a certificate, and the communication process does not require the participation of a third-party TA, avoiding the time delay problem when the TA authenticates the certificate when the public key encryption system is used, and accelerates the authentication speed. Through the way of group key transmission, the number of authentications of legal vehicles is reduced. Using key agreement to generate keys instead of group leaders to distribute keys reduces the workload of group leaders and eliminates the possible single point of failure.

The invention discloses a method for a mini-station to authenticate and log in a virtual machine in a cloud computing system and a login system. The method comprises the following steps that: (1) the mini-station logs in the cloud computing system by the login system; (2) the login system searches for the number of available virtual machines in the cloud computing system; (3) the login system starts the virtual machine in the cloud computing system according to virtual machine selection rules and executes steps (4) to (6) if the number of the available virtual machines is more than or equal to 1, otherwise returns information indicating that the cloud computing system does not have available resources to the mini-station, and the mini-station quits; (4) the virtual machine generates virtual machine login information, and transmits the virtual machine login information to the login system; (5) the login system transmits the virtual machine login information to the mini-station; and (6) the mini-station logs in the virtual machine. By the method and the login system, the mini-station can rapidly authenticate and log in the virtual machine, and the virtual machine is not required to be kept in a starting state so as to make safer the system and effectively save resources.

The invention discloses an automobile use right sharing device, a control device and an intelligent automobile. The automobile use right sharing device comprises an information receiving module, an authorization data generating module and an information transmitting module, wherein the information receiving module is used for receiving automobile use right application information of an automobile use right applicant and automobile authorization result information of an automobile owner; the authorization data generating module is used for associating pre-stored characteristic information of the automobile use right applicant with automobile information to generate authorization data after receiving the automobile authorization result information agreed by the automobile owner; and the information transmitting module is used for transmitting the automobile use right application information when identity information of the automobile use right applicant passes through the verification, transmitting the automobile authorization result information when the automobile authorization result information is received and transmitting the authorization data. According to the technical scheme provided by the invention, automobiles are rapidly and reliably shared, the traveling mode is optimized, the traveling experience is improved, the traveling efficiency is increased, the traveling cost is reduced, and social problems, such as automobile tail gas pollution, road congestion and the like, due to the increasing of the automobiles are solved.

The invention provides a verification code display method. The verification code display method comprises the steps as follows: obtaining a short message; judging whether the content of the short message contains a verification code or not, and returning to the step of obtaining the short message if the content of the short message does not contain the verification code; analyzing the content of the short message if the content of the short message contains the verification code so as to obtain the verification code; and using a floating window to display the obtained verification code. The invention further provides a verification code display device and a mobile terminal. The verification code display method, the verification code display device and the mobile terminal of the invention could automatically analyze the verification code from the content of the short message and use the floating window to display the obtained verification code without needing a user to manually extract and record the verification code in the short message such that the user could perform identity authentication quickly by using the short message. The verification code display method, the verification code display device and the mobile terminal of the invention provide excellent user experience.

A secure hardware-based module or Security Electronic Control Unit (SECU) for a Controller Area Network (CAN) prevents an attacker from sending malicious messages through the CAN bus to take over control of a vehicle. The SECU shares a unique key and counter with each ECU on the CAN bus. When a legitimate ECU sends a message, it first compresses the message and then generates a MAC of the counter and a secret key. The counter is increased by one for each transmitted message. The ECU then fits the compressed message and the MAC into one CAN frame and sends it onto the CAN bus. The SECU performs the message verification on behalf of the intended receiver(s) of the message. If the verification passes, the receiver(s) simply decompress the message and use it as a normal CAN message. If the verification fails, the SECU will corrupt the CAN frame before it is fully received by the intended receiver(s). The corrupted CAN frame will be ignored by the intended receiver(s) as if it was never received. Therefore, a malicious message generated by an attacker will inflict no damage on the system.

The present invention relates to a method and system for authenticating user identity with a user terminal, authentication front-end computer system, and authentication server. In a first scheme, the user terminal transmits an authentication instruction comprising an authentication message to the authentication front-end computer system. Then, the authentication front-end computer system transmits an authentication request comprising the authentication message to a specific authentication server. In a second scheme, the user terminal transmits an authentication request comprising an authentication message to a specific authentication server. In any schemes, after receiving the authentication request, the authentication server authenticates a user's identity according to the authentication message. Preferably, the authentication server transmits an authentication result to the authentication front-end computer system. When a user pays a certain amount of money to an operator, the authentication server transfers the specific amount from a specific user payment account to a specific operator account after successful authentication.

The invention discloses a file ownership proof method based on convergence encryption, which mainly solves the problem in the prior art that the security of taking a hash value as an ownership evidence is bad. The implementation steps are as follows: step 1 of generating a system parameter, a server key and a user key by a key generation center; step 2 of detecting whether the user is a first user that uploads files by the server; step 3 of performing block encryption on the files by the first uploading user and uploading the files; step 4 of issuing an ownership proof request by the server, generating an inquiry value and transmitting the inquiry value to the client; step 5 of performing ownership proof the client receives the inquiry value; step 6 of performing ownership verification after the server receives a reply by the server, and after that, continuing to upload a bidirectional authentication between the user and the client. According to the file ownership proof method based on the convergence encryption provided by the invention, a signature of an original data block is adopted as an evidence of owning the files, thus the security of the evidence can be improved, the network upload bandwidth and cloud server storage overhead can be reduced, and the method can be used for supporting a cloud storage system across client data deduplication.

The invention relates to a method for mutual authentication of user identities based on elliptic curve passwords. The characteristics of storage capability, calculation capability and limited bandwidth of an Ad Hoc network are considered, and a self-authentication public key system and the intractability of an elliptic curve discrete logarithm problem are utilized, so as to reduce the interaction times of the user identity authentication process, and accelerate the authentication speed. The method comprises the following steps of system initializing, user registering, and mutual authentication of the user identities. The method has the advantages that while the mutual authentication of the user identities is guaranteed, the function of session key negotiation is realized, the storage expense, communication expense and calculation expense are all less, the replay attack, man-in-the-middle attack, counterfeiting and tampering attack, and key disclosure counterfeiting attack can be resisted, a generated one-time session key has the advancing security and backward security, and the security is higher.

DNA taggants in which the nucleotide sequences are defined according to combinatorial mathematical principles. Methods of defining nucleotide sequences of the combinatorial DNA taggants, and using such taggants for authentication and tracking and tracing an object or process are also disclosed.

The present invention discloses a method and system for certificating a vehicle identity, and belongs to the field of mobile communication. The method includes: a road side unit RSU certificates an agent vehicle and acquires a session key of the agent vehicle when the certification is passed; the agent vehicle constitutes a vehicle group, and receives second information sent by vehicles within the RSU communication scope; the second information is sent to the RSU after encrypted using the session key of the agent vehicle, so that the RSU certificates the vehicles in the RSU communication scope in a batch according to the second information; and the RSU sends a false identity identification of the vehicle which does not pass the certification within the RSU communication scope to the vehicles in the RSU communication scope. The system includes: an acquiring module, a sending module, a certification module, a generating module and an encryption module. The present invention acquires a private key of the agent vehicle through the agent vehicle, which avoids the problem of secret key hosting; moreover, the RSU sends the false identity identification of the vehicle which does not pass the certification to the vehicles in the RSU communication scope, which considers revocation for illegal vehicles.

The invention discloses an imaging device based on vein pattern and backside pattern of a finger and a multimode identity authentication method, wherein the imaging device comprises an acquisition support on which a concave finger putting area is arranged; a visible light imaging device which is arranged at one side of the concave finger putting area of the acquisition support and used for acquiring the back picture of the finger; a near infrared imaging device which is arranged at the other side of the concave finger putting area of the acquisition support and opposite to the visible light imaging device, and used for acquiring the vein picture of the finger by the irradiation of a near infrared light supply; and the bar-shaped near infrared light supply which is arranged on the acquisition support and used for irradiating near infrared light to the finger from the side of the finger. The identity authentication method comprises a logon procedure and an authentication procedure, and the adopted biological features thereof comprise the backside pattern and vein pattern of the same finger. The invention also relates to identity authentication equipment comprising the imaging device, which has better anti-counterfeit performance, and can effectively improve the stability and applicability of a biometrics identification system.

The implement method for real name system establishes center of authentication (CA) respectively for network nodes i.e. WEB server as unit. The method connects WEB server with CA and network resources or application servers (AS) in series mode. Identifiers and authentication parameters of overall network users in homeland or local area are stored in AS of CA in advance. Protocol of cryptographic authentication based on algorithm of symmetric cryptography and technique of combined symmetric cryptographic key are built in hardware chips at two ends of client and CA. all CAs in each network node can provide authentication of network ID for overall network users in homeland or local area. Each network user holds hardware device for network authentication. Through authentication of CA in each network node, resources or application server in each network node logs on network. Thus, the method implements management on networks in homeland or local government through real name system.

Provided are an authentication system and method, and a user terminal, an authentication server, and a service server for performing the authentication method. According to embodiments of the present invention, a complex authentication procedure carried out in the conventional FIDO authentication technology is simplified using a second public key of which the integrity has been checked, so that a transaction occurring in an authentication procedure can be minimized. Such an authentication method is advantageously suitable to provide a service requiring fast authentication, such as security buying and selling or futures trading.

The information processing device includes, a communication portion that communicates with a certification device which performs certification of whether or not a user has usage permission, a reception portion that receives input identification information for identifying the user, a storage portion that stores previously registered identification information, a certification portion that performs user certification, when the reception portion receives the input identification information and the communication portion requests certification of a user by sending the identification information to the certification device, based on result information, when result information is obtained from the certification device indicating a certification result, and based on whether or not the identification information is stored in the storage portion, when the result information is not obtained, and a registration portion that registers the certified identification information in the storage portion, when certification that a user has usage permission is obtained based on the result information.

A distributed cloud authentication system based on a random instruction comprises a terminal, a root node, a distributed node and a local node. The system is characterized in that the root node does not authenticate authentication information sent by a terminal, a random instruction distributed node carries out authentication and sends the authentication information to the distributed node; the distributed node sends an authentication result to the root node; and the root node determines the result sent by the distributed node according to a preset threshold and sends a determination result to the terminal. Further, a process that the root node determines the result sent by the distributed node according to a preset threshold comprises the following steps that the root node carries out determination according to an assigned authenticated distributed node number; if the authenticated distributed node number is greater than a half of an assigned distributed node number, authentication is performed continuously; and if the authenticated distributed node number is less than a half of the assigned distributed node number, the authentication is terminated.