Security policy setting and determining method, and method and device for executing operation by application program

A technology of security policy and application program, which is applied in the field of communication, can solve the problem of inflexibility in the scheme of assigning security policies, and achieve the effect of improving flexibility

Inactive Publication Date: 2012-02-01
CHINA MOBILE COMM CO LTD
3 Cites 28 Cited by

AI-Extracted Technical Summary

Problems solved by technology

[0005] Embodiments of the present invention provide a method and device for setting security policies to solv...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Method used

[0036] In the embodiment of the present invention, by determining the security policy of the application program according to the status information of the digital certificate verification system, it can play a certain role in protecting the digital certificate verification system and enhancing the security of the digital certificate verification system.
[0043] Utilize the above method provided by the embodiment of the present invention, by presetting the security policy information in the signature certificate, and by analyzing the signature certificate, the security policy indicated by the parsed security policy information is determined to be assigned to the application program security policy, so that the security policy can be flexibly set in advance according to the needs, instead of selecting a predetermined security poli...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Abstract

The invention provides a security policy setting method and device which are used for solving the problem of an inflexible scheme of distributing security policy to an application program. The method comprises the following steps of: determining the security policy of the application program; and setting and sending security policy information used for indicating the security policy in a signing certificate where the application program is signed. Correspondingly, the embodiment of the invention also provides a security policy determination method and device and a method and device for executing operation by the application program.

Application Domain

Technology Topic

Image

  • Security policy setting and determining method, and method and device for executing operation by application program
  • Security policy setting and determining method, and method and device for executing operation by application program
  • Security policy setting and determining method, and method and device for executing operation by application program

Examples

  • Experimental program(1)

Example Embodiment

[0029] When the inventor analyzed the security policy distribution scheme provided by the prior art, he found that its shortcomings are mainly reflected in the following two points:
[0030] 1. The static nature of the certificate system. After the application is signed by the signing certificate, a series of security attributes such as its security domain mapping and security authority are determined statically, which cannot be dynamically configurable and adjustable;
[0031] 2. The unity and simplicity of the security system. When the security policy distribution scheme provided by the prior art is adopted, it is selected from a plurality of preset security policies, which results in that the application program identifier will be mapped to a number of fixed security domains. Analysis shows that these security domains may not reflect all the operations that the application can perform.
[0032] In order to solve the above-mentioned problems in the solution of assigning a security policy to an application in the prior art, the embodiment of the present invention first provides a security policy setting method. The specific flowchart of the method is as follows: figure 1 As shown, including the following steps:
[0033] Step 11. Determine the security policy of the application.
[0034] For example, a security policy can be directly determined for the application program, or the application program's permissions can be determined first, and then the security policy corresponding to the application program can be determined from the correspondence between the predetermined permissions and the security policy. In addition, in the embodiment of the present invention, the security policy of the application can also be determined according to the status information of the digital certificate verification system. For example, the corresponding security policy can be set for different status information in advance, and then the security of the application can be determined The first security policy corresponding to the application can be determined from the corresponding relationship between the predetermined authority and the security policy according to the application’s authority, and then the state information of the system can be verified according to the obtained digital certificate. In the corresponding relationship between the state information and the security policy, the second security policy corresponding to the obtained state information is determined, so that the security policy of the application program is determined according to the first security policy and the second security policy. For example, if the determined first security policy is that the application can perform operations 1, 2, 3, and 4, and the determined second security policy is that the application can perform operations 1, 2, and 3, then determine the second security policy Security policy for the application.
[0035] It should be noted that the above-mentioned status information may be, but not limited to, system environment information and/or system security level information of the digital certificate verification system.
[0036] In the embodiment of the present invention, by determining the security policy of the application program according to the status information of the digital certificate verification system, it can play a certain role in protecting the digital certificate verification system and enhancing the security of the digital certificate verification system.
[0037] Step 12. Set the security policy information for indicating the determined security policy in the signature certificate for signing the application and send it. In this embodiment of the present invention, in order to set the security policy information in the signature certificate, you can directly set The security policy information is set in the free field of the signing certificate, and the fields of the signing certificate can also be extended. The extended field is used as the security policy information extension field, and the preset security policy information is set in the extension field, for example For the application 4 that can perform operations 1, 3, and 4 described in the background technology section above, the relevant information about the application 4 that can perform operations 1, 3, and 4 can be set as part of the security policy information to the above Extension field.
[0038] Through the security policy setting method provided by the embodiment of the present invention, the security policy information indicating the security policy can be set in the signature certificate for signing the application, so that the security policy information can be flexibly determined and set without the need for a digital certificate. The verification system selects a predetermined security policy from the preset security policies, thereby avoiding the inflexibility problem of selecting a predetermined security policy from the preset security policies.
[0039] The embodiment of the present invention also provides a method for determining a security policy. The specific flow diagram of the method is as follows: figure 2 As shown, including the following steps:
[0040] Step 21: Receive and parse the signature certificate for signing the application, and obtain the security policy information that is preset in the signature certificate and used to indicate the security policy. For example, for the aforementioned application 4 can perform operations 1, 3, and 4 In the case where the relevant information is set in the above extension field as part of the security policy information, the content in the extension field can be parsed to determine whether the signature certificate is included to indicate that the application 4 can perform operation 1, The security policy information of 3 and 4, if the result of the determination is yes, the security policy information is obtained from the extended field;
[0041] Step 22: Determine the security policy indicated by the security policy information as the security policy assigned to the application.
[0042] In the embodiment of the present invention, the security policy information set in the signature certificate may adopt multiple formats, or, for the same security policy information, different formats may also be used for setting separately and then set in the signature certificate. In view of the situation that the security policy information has multiple formats, in order to obtain the security policy information quickly and accurately in the embodiment of the present invention, when obtaining the security policy information, the format of each security policy information contained in the signature certificate can be determined first, and then, According to the preset format information and the determined format of each security policy information, the security policy information in the format indicated by the preset format information is obtained from the signature certificate.
[0043] Using the above method provided by the embodiments of the present invention, by presetting the security policy information in the signature certificate, and by analyzing the signature certificate, the security policy indicated by the parsed security policy information is determined as the security policy assigned to the application program Therefore, the security policy can be flexibly set in advance according to the needs, instead of selecting a predetermined security policy from the security policy preset by the digital certificate verification system. Compared with the prior art, the solution provided by the embodiment of the present invention greatly improves the security. Flexibility of policy setting.
[0044] In the above method provided in the embodiment of the present invention, it is mentioned that the fields of the signature certificate can be extended. Specifically, the extended field of the signature certificate based on the X.509 certificate format is as follows: image 3 As shown, the part of the version number to the unique identifier of the subject in the figure is an existing part of the signed certificate that has not been extended, and will not be repeated here. The embodiment of the present invention mainly describes the specific content contained in the Extensions field. The specific content may also be referred to as a security policy description. The security policy description is as follows: image 3 As shown in the right part, it mainly includes the extension type, key identifier, and extension value. Wherein, the extension type is used to describe the format of the security policy information. In the embodiment of the present invention, an extension field of the String type is used to store the security policy information described in XML; the key identifier is used to describe the security mark level of the preset security policy; The extension value indicates an authorization policy, the specific content of which is to authorize access to a certain target to a specific subject. By setting the extension value, the operations that the application can perform can be preset. Generally, the operations that an application can perform are matched to its security labeling level. For example, when the higher the security labeling level, the more trusted the application is, and the more corresponding operations the application can perform. The greater the authority of the program.
[0045] The following takes the application process of the security policy determination method provided in the embodiment of the present invention applied to the digital certificate verification system as an example to describe the implementation process of the method in detail. The schematic diagram of the application process is as follows: Figure 4 As shown, including the following steps:
[0046] Step 41: The digital certificate verification system receives the application installation request;
[0047] Step 42: The digital certificate verification system reads the signature certificate of the application program, and verifies the source, security, and integrity of the application program according to the signature certificate verification process commonly used in the prior art;
[0048] Step 43: When the verification result is that the source of the application is normal, safe and complete, the digital certificate verification system reads the security policy information extension field in the signature certificate, and parses the content contained in the security policy information extension field to determine Whether it contains security policy information corresponding to the application program, if there is no corresponding security policy information, go to step 47, otherwise, go to step 44;
[0049] Step 44: According to a predetermined format, the digital certificate verification system reads the security policy information with the format in the extension field;
[0050] Step 45: The digital certificate verification system parses the read security policy information, and determines the security policy indicated by the parsed security policy information as the security policy corresponding to the application;
[0051] Step 46: Store the security policy information;
[0052] Step 47: Complete the installation process of the entire application.
[0053] Pass as Figure 4 The steps shown show that, compared with the security policy distribution method provided in the prior art, the solution provided by the embodiment of the present invention is adopted, and the security policy setting can be flexibly implemented by setting the security policy information in the signature certificate If you need to change the security policy corresponding to the application in the future, you can easily change the security policy by modifying the security policy information.
[0054] Based on the method for determining the security policy provided by the embodiment of the present invention, the embodiment of the present invention also provides a method for program execution. The specific flowchart of the method is as follows: Figure 5 Shown, including the following steps:
[0055] Step 51: Obtain an application execution request message sent by a mobile terminal provided with an application, and the request message carries the identifier of the operation requested to be performed through the application and the security level information of the operation, where the security level information is It can, but is not limited to, the security labeling level of the aforementioned security policy;
[0056] Step 52: According to the security level information, judge whether the operation performed by the application program is a specified operation. If the judgment result is no, execute step 53, and if the judgment result is yes, execute step 54. In the embodiment of the present invention, here The specified operation of the mobile terminal can be specified according to specific needs. For example, sensitive operations such as making a phone call and connecting to a wireless network on a mobile terminal can be set to a designated operation, or it can be a major risk to mobile terminal system operation safety and user data security. The affected behavior request is set to the specified operation, including the operation of using the application to change the mobile terminal system setting, making a call, sending a short message, deleting a contact, and starting a camera;
[0057] Step 53: When the judgment result obtained in the above step 52 is no, it means that the operation to be performed by the application program is not within the specified operation range. Therefore, the operation to be performed by the application program can be considered safe and permitted, thereby allowing The application program executes the operation indicated by the operation identifier carried by the request message;
[0058] Step 54: Since the judgment result obtained in the above step 53 is yes, it means that the operation to be performed by the application is a specified operation, and this operation may have certain security risks. Therefore, it is necessary to further determine that the operation is allowed according to the security policy assigned to the application. The operation performed by the application program, and by matching the operation indicated by the identification carried in the request message with the determined operation, allowing the application program to perform operations consistent with the determined operation, and prohibiting the application from performing operations that are inconsistent with the determined operation match operating.
[0059] It should be noted that, in the embodiment of the present invention, the current state of the digital certificate verification system can also be combined to determine whether to allow the application to perform an operation that matches the above determined operation. Specifically, the status information of the digital certificate verification system can be obtained first, and then, based on the digital certificate verification system status indicated by the status information, it is determined that in the digital certificate verification system state, the application program can perform the operation matching the above determination Only when the operation is consistent, the application is allowed to perform the matching operation. The status information here may be system environment information and/or system security level information of the digital certificate verification system. For example, if the status information indicates that the current state of the digital certificate verification system is "high-risk state" or "alert state", some operations that could be allowed by the application program may not be currently allowed when the digital certificate verification system is in the "normal state" It was allowed to execute. In the embodiment of the present invention, judging whether to run an application to perform a corresponding operation based on the state of the digital certificate verification system can play a role in protecting the digital certificate verification system and enhancing the security of the digital certificate verification system.
[0060] The following takes the application process of the above-mentioned program execution method provided in the embodiment of the present invention applied in the digital certificate verification system as an example to describe the implementation process of the method in detail. The schematic diagram of the application process is as follows: Image 6 As shown, including the following steps:
[0061] Step 61: Obtain an application execution request message sent by a mobile terminal provided with an application;
[0062] Step 62: Determine whether the operation performed by the application program is a designated operation according to the security level information of the operation performed by the application program carried in the request message, and when the determination result is yes, perform step 63, otherwise, perform step 68;
[0063] Step 63: As the result of the judgment is that the operation performed through the application is a specified operation (such as making a call through the application, connecting to a wireless network, etc.), it is further judged whether the application is assigned a corresponding security policy, for example, according to the The identification of the application, in the correspondence between the security policy stored in the security policy database and the identification of the application, determine whether the identification of the application corresponds to a corresponding security policy, and if the result of the judgment is yes, perform step 64, otherwise , Go to step 68;
[0064] Step 64: Obtain a security policy corresponding to the application from the security policy database;
[0065] Step 65: After the security policy is read, the read security policy is classified and checked. In the embodiment of the present invention, it can be divided into an authorization policy, a responsibility policy, an authentication policy, etc. according to different security policy functions. Among them, the authorization strategy is the most widely used, divided into affirmative authorization strategy and negative authorization strategy, which are used to specify the permission or prohibition of the specified operation of the application. The responsibility strategy is used to specify the passive response of the application to changes in the digital certificate verification system environment, and the authentication strategy Used to authenticate the legality of the application, the above three strategies can be distinguished and classified using XML tags;
[0066] Step 66: After the classification check of the security policy is completed, it is determined whether the security policy restricts the operations that are allowed to be performed by the application program. If the judgment result is yes, then perform step 67, otherwise, perform step 68;
[0067] Step 67: According to the security policy, determine the operations allowed to be performed by the application program, and match the operation indicated by the identifier carried in the request message with the determined operation. Through the matching, the application program is allowed to perform operations consistent with the determined operation, and prohibits The application performs operations that are inconsistent with the determined operation;
[0068] Step 68: Jump to the normal signature certificate verification process. After verifying that the signature certificate of the application program is legal, the application program is allowed to perform the operation indicated by the operation identifier carried by the request message.
[0069] Corresponding to the security policy determination method provided by the embodiment of the present invention, the embodiment of the present invention also provides a security policy setting device to solve the problem of inflexibility in the solution of assigning security policies to applications in the prior art. The specific structure diagram such as Figure 7 As shown, it includes the following functional units:
[0070] The determining unit 71 is configured to determine the security policy of the application program, where the determining unit 71 may, but is not limited to, determine the security policy corresponding to the application program from the correspondence between the predetermined authority and the security policy according to the permissions of the application program;
[0071] The sending unit 72 is configured to set the security policy information used to indicate the security policy determined by the determining unit 71 in the signature certificate for signing the application and send it, wherein the sending unit may be specifically used to set the security policy information in the signature After the fields of the certificate are expanded, the security policy information is obtained in the expanded field and sent.
[0072] Specifically, if considering the determination of the security policy of the application program according to the status information of the digital certificate verification system, the determining unit provided in the embodiment of the present invention may further include the following functional modules:
[0073] The first security policy determination module is used to determine the first security policy corresponding to the application from the corresponding relationship between the predetermined permissions and the security policy according to the permissions of the application; the status information obtaining module is used to obtain the digital certificate verification system The second security policy determination module is used to obtain the status information obtained by the module according to the status information, and determine the second security policy corresponding to the status information from the predetermined corresponding relationship between the status information and the security policy; application security The policy determination module is configured to determine the security policy of the application program according to the first security policy determined by the first security policy determination module and the second security policy determined by the second security policy determination module.
[0074] Correspondingly, an embodiment of the present invention also provides a security policy determining device, which specifically includes: an obtaining unit, configured to receive and parse a signature certificate for signing an application program, and obtain a pre-set in the signature certificate to indicate security Security policy information of the policy; the determining unit is used to determine that the security policy indicated by the security policy information obtained by the obtaining unit is the security policy assigned to the application.
[0075] When the security policy information is set in the security policy information extension field of the signature certificate, the above-mentioned obtaining unit can be further divided into: a receiving module for receiving the signature certificate; a parsing module for analyzing the signature certificate preset in the receiving module The content in the security policy information extension field to obtain security policy information.
[0076] Further, in order to quickly obtain the security policy information, the above-mentioned obtaining unit can be further divided into the following functional modules, including: a receiving module for receiving a signature certificate; a format determining module for analyzing the signature certificate received by the receiving module to determine The format of each security policy information contained in the signed certificate; the security policy information obtaining module is used to obtain the preset format from the signed certificate according to the preset format information and the format of each security policy information determined by the format determining module Security policy information in the format indicated by the information.
[0077] Corresponding to the program execution method provided by the embodiment of the present invention, the embodiment of the present invention also provides a device for executing an application program. The specific structure diagram of the device is as Picture 8 As shown, it includes the following functional units:
[0078] The request message obtaining unit 81 is configured to obtain an application execution request message sent by a mobile terminal provided with an application, and the request message carries the identifier of the operation requested to be performed through the application and the security level information of the operation;
[0079] The processing unit 82 is configured to determine whether the operation performed by the application program is a specified operation according to the security level information carried in the request message obtained by the request message obtaining unit 81, and determine to allow the application program according to the security policy assigned to the application program By matching the operation indicated by the identification carried in the application execution request message with the determined operation allowed by the application, the application is allowed to perform operations consistent with the determined allowed operation to be performed, and the operation is prohibited The application performs an operation that is inconsistent with the determined operation allowed by the application.
[0080] In the embodiment of the present invention, the status information of the digital certificate verification system can also be combined to determine whether the application is allowed to perform corresponding operations. For this function, the processing unit 82 can be further divided into the following functional modules, which specifically include:
[0081] The status information obtaining module is used to obtain the status information of the digital certificate verification system when judging whether the operation performed by the application program is a specified operation according to the security level information carried in the request message obtained by the request message obtaining unit; allowing the operation module, It is used to match the operation indicated by the identification carried in the request message with the determined operation by performing the matching on the application to prohibit the application from performing operations that are inconsistent with the determined operation, and to determine the status obtained in the status information obtaining module In the state of the digital certificate verification system indicated by the information, when the application program can perform an operation consistent with the determined operation, the application program is allowed to perform the matched operation. The status information here may be, but is not limited to, system environment information and/or system security level information of the digital certificate verification system.
[0082] In practical applications, after combining the security policy determination scheme provided by the embodiment of the present invention with the application program execution operation scheme, the embodiment of the present invention designs a digital certificate verification system. The digital certificate verification system can dynamically implement The security policy information is set in the signed certificate. Therefore, the digital certificate verification system is also called a dynamic security system. The specific structure diagram of the system is as follows: Picture 9 As shown, it is composed of four major subsystems, namely the application security policy reading subsystem, the application behavior interception determination subsystem, the security policy extraction subsystem, and the security policy enforcement subsystem. Each subsystem includes multiple Component modules. The specific functions of each subsystem are described below.
[0083] 1. Application security policy reading subsystem. It is mainly used to parse and obtain security policy information from the signature certificate of the application when installing the application, and determine the corresponding security policy according to the security policy information, and finally store the security policy in Picture 9 The security policy database shown in the complete application installation operation.
[0084] Such as Picture 9 As shown, the application security policy reading subsystem consists of 4 parts. Among them, the predefined security policy database is used to store the predefined security policy metadata supported by the dynamic security system, and the metadata is used to describe the editing supported by the dynamic security system The program language type of the security policy and the format of the security policy. This metadata is the basis for subsequent analysis of the security policy information obtained from the signature certificate; the application security policy reading module is used to read the application signature certificate The security policy information contained, specifically, the application security policy reading module can parse the content in the extension field of the signature certificate one by one, and realize the acquisition of security policy information; the security policy compilation/analysis module is used to communicate with the predefined Security policy database interaction, analysis of the security policy information obtained by the application security policy reading module, for example, if the dynamic security system supports XML format security policy information description language described in the pre-defined security policy database, the security policy compilation/analysis module Analyze the security policy information in XML format, and determine that the security policy indicated by the security policy information is determined as the security policy assigned to the application; the security policy storage module is used to interact with the security policy compilation/analysis module to determine The security policy is stored in the security policy database. Specifically, in order to facilitate subsequent extraction of the security policy corresponding to the application program, while the security policy is stored, the corresponding relationship between the security policy and the corresponding application program identifier can also be stored.
[0085] It can be seen from the above description of the application security policy reading subsystem that this subsystem mainly completes the above-mentioned application security policy determination scheme provided by the embodiment of the present invention.
[0086] 2. Application behavior interception judgment subsystem. It mainly monitors the interfaces between various applications and the dynamic security system, and obtains application execution request messages sent by mobile terminals with applications through these interfaces, and determines whether the operation performed on the application is Specify the operation and perform different subsequent processing procedures. The application behavior interception judgment subsystem mainly includes such as Picture 9 The behavior request acquisition module and the privileged behavior request determination module shown in FIG. 1. The behavior request acquisition module is used to monitor the interface between the dynamic security system and various application programs, and obtain the mobile terminal installed with the application program to send through these interfaces The incoming application executes the request message and submits the obtained request message to the privileged behavior request determination module for determination; the privileged behavior request determination module is used to determine the request message submitted by the behavior request acquisition module and determine the application that it carries Whether the operation performed by the program belongs to the specified operation, if it is judged as yes, the request message is submitted to the security policy execution subsystem for further processing.
[0087] 3. Security policy extraction subsystem. It is mainly used to extract, analyze and filter the security policy applicable to the current application from the security policy database, and submit the obtained security policy to the security policy execution subsystem for policy execution. The security policy extraction subsystem is mainly composed of two parts. Among them, the first part is the security policy extraction module, which is closely connected with the security policy database, and is used to execute the application identifier contained in the request message according to the current application program. The security policy corresponding to the application ID is read in the database, and the read security policy is submitted to the security policy filtering module for filtering; the security policy filtering module is used to obtain the security policy extraction module to extract the security policy, and according to the security The description corresponding to the policy determines what kind of security policy the security policy is, classifies similar security policies, and filters unrelated security policies based on the specific conditions of the above request messages, and finally filters the obtained ones The security policy is submitted to the security policy enforcement subsystem.
[0088] 4. Security policy enforcement subsystem. It is mainly used to intercept the application execution request message submitted by the judging subsystem according to the application behavior, and the security policy related to the application submitted by the security policy extraction subsystem, to judge and decide the operation performed by the application, and finally determine whether Allow the application to perform the corresponding operation. The security policy enforcement subsystem is composed of three parts. Among them, the system status acquisition module is used to acquire the status information of the current digital certificate verification system, which can be used as one of the basis for subsequent judgments whether to allow the application to perform corresponding operations; security policy analysis The module is used to analyze whether the identification of the operation to be performed by the application carried in the current request message is included in the identification of the operation allowed by the submitted security policy; the security policy decision module is used to obtain the comprehensive security policy analysis module The result and the digital certificate verification system status information acquired by the system status acquisition module makes decisions and responses to the application request.
[0089] Examples of the working mechanism of the entire dynamic security system are as follows:
[0090] The application program APP is installed on the mobile terminal. During the normal operation of the mobile terminal, the APP sends a request message SMS_REQ to the dynamic security system requesting to perform the operation of sending a short message;
[0091] After the dynamic security system receives the SMS_REQ, the application behavior interception determination subsystem determines that the operation identifier carried in the SMS_REQ belongs to the identifier of the specified operation, and then performs subsequent processing corresponding to the specified operation;
[0092] The security policy extraction subsystem extracts the security policies related to the APP in the security policy database according to the identification of the APP. For example, suppose there are three security policies P1, P2, and P3 related to the APP in the security policy database, where P1 is an authorization policy. It identifies that the APP is authorized to send SMS. The policy is described as follows:
[0093]
[0094] APP
[0095] SMS
[0096] SEND_SMS
[0097]
[0098] After the security policy filtering module filters the authorization policy, it submits it to the security policy decision subsystem;
[0099] The security policy decision subsystem analyzes that the authorization behavior of P1 is to allow APP to perform the operation of sending short messages, and compares that the operation of sending short messages carried in the request message obtained by the application behavior interception determination subsystem matches the operation obtained by the analysis. , And finally make a decision to allow APP to perform the operation of sending short messages.
[0100] Obviously, those skilled in the art can make various changes and modifications to the present invention without departing from the spirit and scope of the present invention. In this way, if these modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalent technologies, the present invention is also intended to include these modifications and variations.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

no PUM

Description & Claims & Application Information

We can also present the details of the Description, Claims and Application information to help users get a comprehensive understanding of the technical details of the patent, such as background art, summary of invention, brief description of drawings, description of embodiments, and other original content. On the other hand, users can also determine the specific scope of protection of the technology through the list of claims; as well as understand the changes in the life cycle of the technology with the presentation of the patent timeline. Login to view more.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Similar technology patents

System, apparatus and method for opening an occluded lesion

InactiveUS20080319462A1Efficiently removeIncrease flexibilityCannulasGuide wiresRotational atherectomy deviceIntroducer sheath
Owner:CARDIOVASCULAR SYST INC

Classification and recommendation of technical efficacy words

  • Increase flexibility

Hybrid protocol transceiver for v2v communication

ActiveUS20130279491A1Highly efficient and reliable time slot based allocationIncrease flexibilityAnti-collision systemsConnection managementTransceiverData linking
Owner:ZETTA RES & DEV - FORC SERIES

Script compliance using speech recognition

InactiveUS7191133B1Improved script compliance verificationIncrease flexibilityHardware monitoringManual exchangesSpeech identificationSpeech sound
Owner:ALORICA

Alliance chain common recognition method and system thereof

ActiveCN106878000AIncrease flexibilityImprove high reliabilityEncryption apparatus with shift registers/memoriesManagement contractConsensus method
Owner:中钞信用卡产业发展有限公司杭州区块链技术研究院 +1
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products