151results about How to "Secure Access" patented technology

A user can be challenged to provide at least one randomly selected biometric attribute. The randomly selected biometric attribute input by the user is automatically compared to a plurality of biometric attributes of the user contained in a user profile. The user can then be authenticated if the randomly selected biometric attribute input by the user matches at least one of the plurality of biometric attributes of the user contained in the user profile. Biometric attributes analyzed according to the methods and systems of the present invention, include, but are not limited to, for example, fingerprints, iris, retina, and/or tissue characteristics, such as skin morphology, skin layer thickness, collage density and orientation, tissue hydration, optical patent length differences, etc.

A method of providing an authenticable time-and-location indication using a radio-navigation signal receiver comprises receiving radio-navigation signals broadcast from a plurality of radio-navigation signal sources, at least some of the radio-navigation signals containing one or more cryptographic tokens protected by encryption, the cryptographic tokens being updated from time to time. The receiver retrieves, by decryption, the cryptographic tokens from the radio-navigation signals containing them. The receiver then determines positioning data, representing its geographical position and time, based on the radio-navigation signals received. The receiver generates a digital authentication code using a cryptographic function taking as inputs at least the positioning data and the retrieved cryptographic tokens, and produces a data package including a first part containing the positioning data and a second part containing the digital authentication code.

The present invention includes a system, methods, and technology platform for instantly creating, delivering, updating, deploying, and inherently tracking one or more unique, multimedia rich, email and web-based communications campaigns or rich media presentations—all without any technical knowledge. Each rich media presentation created with the invention may consist of a unique, pre-defined collection of separately trackable interactive content elements which are programmatically collected, arranged and displayed as part of a complete audiovisual presentation. Upon distribution of such a presentation, tracking data from the viewer's interaction with the presentation may be retrieved.

A service providing system is provided, which includes a client device capable of accessing a tamper-resistant secure memory, an area management server managing memory area of the secure memory and a service providing server providing service that uses the secure memory to the client device, and which improves the security at the time of sending an access control list provided by the area management server and an instruction set provided by the service providing server to the client device by using a digital signature and a certificate.

A security method comprises initiating a security token with a particular user through a personal computer client by accepting a personal identification number (PIN) as a code1 input, wherein a user is expected to remember the PIN in later accesses of the servers. And, generating a master key as code2 which does not need to be remembered by the user. Then, encrypting the code2 with a symmetric key cipher, using the code1 input as an encryption key, and storing the ciphertext in the security token. Later, registering the user with a USER_ID at a server with a SERVER_ID, and a password. And, obtaining the PIN from the user as a code1 which is used as a decryption key to decrypt the ciphertext back to its original code2. And, computing the password from the USER_ID, SERVER_ID, and code2. Afterwards, logging-on the user with a USER_ID at a server with a SERVER_ID, and a password.

The invention discloses a generation plan optimizing method in an intermittent energy and conventional energy coordinated dispatching mode, belonging to the technical field of power system dispatching automation. To minimize the generation cost of the system, the coordinated dispatching of an intermittent energy unit and a conventional energy unit is comprehensively considered, and various constraint conditions are taken into consideration to optimize the generation plan of a computing group, thereby ensuring the safe access of intermittent energy such as wind power and the like, and being favorable for improving the intelligence level and decision making ability of the generation dispatching after the access of the intermittent energy. Meanwhile, the method has the characteristics of low computing strength and strong adaptability, and is more suitable for the popularization and application of the dispatching mechanisms with relatively high wind power access power in our country.

The invention discloses a trusted network access and access control system. The control system comprises a network access requester, a network access decision-maker and a network access controller. When the network access requester accesses to the network, platform identity authentication is carried out, and secure and trusted states of the requester are detected; the secure and trusted states are sent to the network access decision-maker, and the decision-maker judges the secure and trust level of the requester and gives a network access decision; the network access decision is sent to the network access controller, and the controller limits the requested network access. The invention further discloses a trusted network access and access control method. The control system carries out the platform identity authentication on the basis of TCM and ensures the network access control while avoids identity forging. Network areas are divided on the basis of a digital label technology and dynamically updated, network self-adaption is realized, and the access security of different logical areas is ensured. Secure and trusted strategies are configured, and combined with the TCM cryptographic algorithm, so that the security and credibility of the platform state of the requester are ensured.

The invention discloses a method for realizing safe access of a terminal of internet of thing, which comprises the steps of: storing an authorization message in an electronic key, and using the authorization message as an identity identification, wherein the authorization message is used as a private key signature by an authorized management node and stored in the authorized management node; writing the authorization message into the electronic key in an electronic key authorization list of the management node; when no terminal node connected with the electronic key applies to accessing the internet, searching a terminal authorization list by the management node to judge whether the access of the terminal node is allowed; and when the terminal node connected with the electronic key applies to accessing the internet, firstly executing the operation without the electronic key by the management node, and if the terminal is failed to access, searching the electronic key authorization listto judge whether the access of the terminal node is allowed. According to the method realizing the safe access of the terminal of the internet of thing, disclosed in the invention, the problem of safe access of the terminal can be effectively solved, a great amount of terminals of the internet of thing can be effectively managed, and the rapid automatic access of the terminals of the internet of thing can be realized.

The invention belongs to the technical field of electric power system dispatching automation and relates to a water, fire and light combined optimization power generation scheduling optimization method considering security constraints. According to the water, fire and light combined optimization power generation scheduling optimization method, the objective of the method is to realize minimum power generation cost of a system; comprehensive considerations are given to coordinated scheduling of hydroelectric, thermal power and photovoltaic power generator sets; all kinds of constraint conditions are considered, such that optimal computation is performed power generation scheduling of the generator sets; safe access of new energy such as photovoltaic power generation power can be ensured; the improvement of intelligent level and decision making ability of power generation scheduling after the access of the new energy can be facilitated; and through interactive iteration solution of two sub-problems of optimization calculation and safety correction, the power generation scheduling of the hydroelectric, thermal power and photovoltaic power generator sets, which satisfy a requirement for network safety, can be obtained, and therefore, the performability of the power generation scheduling can be ensured. The water, fire and light combined optimization power generation scheduling optimization method considering security constraints of the invention is advantageous in low calculation strength and strong adaptability, and is more suitable for being popularized and applied to scheduling mechanisms of which photovoltaic power generation power access power is larger in China.

An identity management method, apparatus, and computer readable article of manufacture tangibly embodying computer readable instructions for executing the identity management method. The method includes: creating an association table to record a first session ID between the user and the first Web application, a second session ID between the user and the second Web application, and an association of the IDs; sending a session ID request containing the first session ID by the first Web application to a return module; receiving the session ID request and searching by the return module for the associated second session ID in the association table according to the first session ID; and returning the second session ID to the first Web application, thereby providing identity management for a user in a Web environment in which a first Web application accesses a second Web application on behalf of the user.

The invention relates to a communication method based on a dual network redundancy general network model, which comprises the steps of: constructing a redundant network; constructing redundant equipment; broadcasting data; transmitting the data; and managing a node module. Compared with the prior art, the invention provides an extremely abstract general network model, thereby separating a logic application layer and a network communication layer and ensuring the reliable data transmission by the redundant network by using the serial-number repeated packet filtering technology; a minimal path for transmitting the data is dynamically calculated according to the network connection relationship among all the network nodes, thus realizing the arbitrary point-to-point communication among all the modules; the master/backup roles of the node are switched in real time according to the master/backup states of the node in the system, thus realizing the automatic conversion of the sending and receiving of the data; illegal connection is actively rejected according to the configuration of the system nodes, thus ensuring the safe access of the whole system.

The invention discloses a method and device for having access to a webpage safely through an intelligent terminal. The system comprises the intelligent terminal and a browser located on the intelligent terminal, wherein the intelligent terminal is connected with a security server, and the security server and a target server are connected with a gateway. The method includes the steps that the intelligent terminal starts local monitoring service, and an HTTP proxy server of the browser is set as a local address; the browser receives an access request, and the access request is forwarded to a local designated port by means of the HTTP proxy server; after the intelligent terminal monitors and receives the access request of the browser, identity authentication is started; after authentication, request data are forwarded to the security server after being encrypted; after the security server decrypts the data, the data are sent to the target server; the security server receives response data, decrypts the response data and forwards the response data to a client; the client receives the response data, decrypts the response data and feeds back the response data to the browser.

The invention discloses a method for technically controlling secure access to an embedded system memory. The method includes the following steps of initially designing a system of a memory secure access mechanism, wherein an MPU memory protection unit is introduced, domain attributes of different grades are distributed, and an access attribute and a system initiating progress are set; secondly, designing the secure access to the memory for switching of embedded operation system process context, wherein a domain control module is set, the system process context is set, and switching of the system process content is achieved in the domain control module. The illegal access of all address space resources are detected and limited through a processor MPU hardware mechanism, the boundary control and context switching of any task of the embedded real-time multi-task operation system for accessing resources of other tasks is achieved, distributing and designing of cache, writing buffer and MPU attributes of different storage spaces in the system are achieved, and the control over secure access to all background domains in the memory is ensured.

The invention discloses a standby volume analytical method under a coordinating dispatch mode of batch-type energy and conventional energy. The method comprises the following five steps of calculating a standby past sample data region, obtaining similar cluster time intervals in a planed date, carrying out statics on a forecast output power deviation distribution of each time interval, obtaining a probability density function of the standby volume of wind energy, and calculating a rotation standby volume of a system under the coordinating dispatch mode of the batch-type energy and the conventional energy. With the adoption of the analytical method, according to a consideration of the coordinating dispatch of assembling units of the batch-type energy and the conventional energy, statics and analysis on data of past wind-power operation are carried out to form the current requirement on the rotation standby volume, safety guarantee is provided for the coordinating dispatch of the batch-type energy and the conventional energy, a reasonable standby volume is provided, and the realization of economical requirement on operation of a power system is facilitated. The method has the characteristics of low calculation intensity and strong adaptability, and is more suitable for popularization and application of connecting with dispatch mechanisms with larger power of wind power.

A data processing apparatus according to the present invention includes: peripheral devices each including a plurality of registers each storing a preset value or data; a processing unit to output access authority information indicative of a first access authority level or a second access authority level, which is an access authority level lower than the first access authority level, according to a program to be executed, and to output an access address to specify a specific register; and a peripheral device protection circuit connected to the processing unit and receiving the access authority information and the access address so as to control access of the processing unit to the peripheral devices. The peripheral device protection circuit controls whether to permit the access to the specific register specified by the access address, based on the access authority level indicated by the access authority information.

The invention discloses a tamper-proof license camera system and method. The tamper-proof license camera system comprises a license camera, a license camera access server and a license cloud storage, wherein the license camera comprises a license original picture shooting module, an access modification prohibition module, a watermark encryption module and a transmission communication module. The tamper-proof license picture shooting method comprises the following steps: shooting license original pictures by the license camera; in the process of shooting and generating the license original pictures, prohibiting users or other software to access the original picture data, and prohibiting users or other software to modify the license original picture data; writing the shot license original pictures into a fragile watermark and encrypting the shot license original pictures; performing compression and secondary encryption on the pictures after being performed watermark encryption, and transmitting the pictures to an independent storage space of a license cloud storage end for conservation. The tamper-proof license camera system and method provided by the invention can guarantee the authenticity and timeliness of pictures in the processes from imaging to generating standard license pictures, submitting and transmitting, prevent pictures from being tampered, and can very conveniently and easily acquire the license pictures.

The invention relates to a dangerous chemical storage cabinet. The dangerous chemical storage cabinet comprises a cabinet body, wherein the cabinet body comprises a plurality of storage cells, a door is mounted on each storage cell, an electronic lock connected with a main control device is arranged between each door and the corresponding storage cell, the main control device is provided with an identity authentication device, an information acquisition device, an input-output device, a video monitoring device, an alarm device and a wireless data transmission device, the main control device is connected with a remote server; and a temperature sensor, a humidity sensor, a smoke detector, a dehumidifying machine core and a cooler are arranged in each storage cell of the cabinet body. According to the dangerous chemical storage cabinet provided by the invention, a storage environment for dangerous chemicals in the cabinet can be monitored in real time and adjusted automatically; the storage information of the dangerous chemicals and the condition of entering and exiting the cabinet body of the dangerous chemicals are read in real time; the problems that information management cannot implemented in time and is not perfect, and the safety supervision is not in place during manual operation are solved, supervision level and working efficiency are effectively improved, and the storage and access security of the dangerous chemicals is guaranteed.

The invention discloses a method for changing a data transfer bus, which comprises the following steps: receiving telemetry parallel data (sub)frame by (sub)frame, and converting the parallel data into serial data; carrying out the lossless compression on the serial data; transferring the compressed data to an upper computer via Ethernet; and demodulating, recording and storing various physical variables by the upper computer according to the data transfer protocol and the data telemetry protocol of the product. Accordingly, a tester can complete the remote setting of working conditions and the task of information query interaction by the upper computer. An information processing platform system has a structure of FPGA (field programmable gate array), DSP (digital signal processor) and ARM (advanced reduced instruction set computer machine), wherein the FPGA completes the task of converting the parallel data to the serial data; the DSP reads the data processed by the FPGA and completes the task of the lossless compression of the data; and the ARM reads the coded data from the DSP and achieves the real-time communication with the upper computer via the Ethernet. The invention not only solves the problem of signal distortion, but also meets the requirement for the real-time performance of information transfer; and meanwhile, the system serves the functions of the gateway and embedded Web, thereby guaranteeing the safe access of the system to the Ethernet.

In registration process through UE, using IMS AKA protocol to negotiate with P -CSCF, the method discloses uses TLS connect session in TCP connection. Then, the TLS connect session guarantees transmission security of IMS signaling between UE and P -CSCF. Features are: simple implementing procedure, being able to protect access safety of IMS. Comparing with prior art, the invention overcomes issue of weak bi-directional authentication so that attacker is not able to implement intermediator attack.

The invention provides for rekeying a large cluster of storage security appliances which allows more than two of the storage security appliances to proxy a single storage medium while encrypting the storage medium in a manner that is transparent to any attached server. The invention provides a method for synchronizing encryption of the disk among a large cluster of storage security appliances, while allowing all of the storage security appliances involved to access the storage device being rekeyed in a secure fashion.

The invention discloses a safety control method and device for virtual machine mirror images. The method comprises the steps that in a virtual machine system, a safety strategy is preset and is used for protecting the safety of the virtual machine images in the whole life period; in the operation period and in the rest period of the virtual machine mirror images, an access control mechanism is adopted so as to prevent theft and modification conducted on the virtual machine mirror images; before the virtual machine images start, safety inspection is adopted to prevent mis-configuration and cheat to the preset virtual machine mirror images. The safety control method and device for the virtual machine mirror images solve the problem that potential safety hazards exist when the virtual machine mirror images are accessed, and ensures the access safety of a virtual machine mirror images.

Disclosed are a method, device and system for intercepting a web address. The method comprises: triggering an interception program pre-injected in a browser process; the interception program obtaining web address information of a network connection upon detecting a network connection operation, and determining whether the web address information is malicious web address information; and if the web address information is malicious web address information, the interception program instructing the browser process to stop accessing the malicious web address information. The present disclosure can interrupt a connection of a malicious URL in time.