361 results about "Network key" patented technology

Provided is a user autonomous routing customization system based on a software-defined network. The system comprises a network topology information detection module, a network performance detection module, a network resource integration module, a network resource presenting module, a network key point extraction module, a user key point selection module, a route computation module and a user interaction interface module. Also provided is a user autonomous routing customization method based on the software-defined network. The method comprises the following operation steps that (2) a user logs in a system and views current network resource information; (2) the system recommends candidate routing schemes to the user; (3) the user selects one routing; and (4) strategy customization and resource scheduling are performed on a physical network by the system so that customized control of the network is actively performed by the user. An objective that the user autonomously selects the customized routing schemes is realized by the system and method.

Systems, methods, and non-transitory computer-readable medium are provided to secure data centers and cloud computing. A method receives network identifiers for functions, requests a network key for each function, allocates network interfaces, requests a virtual network interface controller allocation, requests a network key for each cloud function, receives storage identifiers for functions, requests a storage key for each cloud function, allocates virtual storage disks, requests a storage interface controller allocation, requests a storage key for each cloud function. Methods secure migration of a virtual machine from a source to a target server. A server includes multiple cores where each core is dedicated to a compute function and a unique key encrypts data of each compute function. A non-transitory computer-readable medium encodes programs that execute the above methods.

Key manager systems and methods for a QKD-based network are disclosed. The system includes a QKD layer that generates quantum encryption keys, a persistent storage layer that stores the quantum encryption keys, and a key management layer. The key management layer generates an application registration record that includes a list of multiple applications that use the quantum encryption keys. The key management layer also generates a corresponding key storage layer. The multiple applications reside in an applications layer. The applications in each node remove keys from the key storage layer so that each node can encrypt/decrypt data using quantum encryption keys. The methods also include secure QKD system boot-up and authentication that facilitate implementing a commercial QKD system in real-world environments.

Key management and user authentication systems and methods for quantum cryptography networks that allow for users securely communicate over a traditional communication link (TC-link). The method includes securely linking a centralized quantum key certificate authority (QKCA) to each network user via respective secure quantum links or “Q-links” that encrypt and decrypt data based on quantum keys (“Q-keys”). When two users (Alice and Bob) wish to communicate, the QKCA sends a set of true random bits (R) to each user over the respective Q-links. They then use R as a key to encode and decode data they send to each other over the TC-link.

An aim to reach may be on one hand, to allow the reading of a content stored by a digital video recorder from a decoder of the local network regardless of the time elapsed between storage and reading, and on the other hand to prevent the transfer or improper copying of the content stored from one network to another. An aim may be achieved by a method of an embodiment, for transmitting digital data in a local network including members constituted by at least one first multimedia unit having a content storage device and at least one second multimedia unit intended to restore the content. The first multimedia unit may be connected, on one hand, to a broadcasting server of encrypted digital audio/video data and on the other hand to the second multimedia unit, each member possessing a security module including a network key. The first multimedia unit receives and decrypts the encrypted data forming a content broadcasted by the broadcasting server and re-encrypts the content previously decrypted. The method of an embodiment may include steps wherein the content is re-encrypted with a random key and transmitted to the second multimedia unit accompanied by an authorization block including the random key encrypted with the network key, the second multimedia unit decrypts the authorization block, and extracts the random key to be used for decrypting the content.

The present invention discloses a technique provisioning network cryptographic keys to a client when direct physical transfer is not feasible. In an embodiment of the invention, a client token generates a temporary key encrypted with a first secret key known only in a master token database and passes this on to an enterprise network token of a network to which service is requested. The enterprise network token then further encrypts the encrypted temporary key with a second secret key and passes that on to the master token database. Since the second secret key is also known by the master token database, the originally encrypted temporary key can be securely decoded only by a master token coupled to the master token database. The decrypted temporary key can then be re-encrypted with a key known only by the enterprise network token and the master token, and returned to the enterprise network token. This allows the enterprise network token to gain secure access to the temporary key of the client token, thereby allowing the enterprise network token to securely provision the remote client token with the appropriate enterprise Network Keys.

The invention discloses a mobile terminal network key negotiation method based on a bock chain. The mobile terminal network comprises a plurality of nodes, the node information of the nodes is stored in the form of blocks, a plurality of blocks form a bock chain, the block data in the bock chain are the node information of the nodes, and the node information at least comprises a public session key. The method comprises the following steps: searching the public session keys of the nodes in the bock chain; and obtaining session keys among the nodes according to the public session keys to perform communication. According to the mobile terminal network key negotiation method disclosed by the invention, the bock chain can be regarded as a credible node of a consensus mechanism, and the user in the mobile terminal network participates in the key negotiation according to the features of the bock chain without depending on a credible third party.

The present invention discloses a bidirectional authentication method, a system, and a network device, and relates to network information security. The method may include: a network device generates an inspection parameter according to a public key of the peer network device and a private key of the network device, the public key and the private key of the network device being generated according to an identifier of the network device; and the network device performs reciprocal authentication according to the inspection parameter generated by the network device and an inspection parameter sent by the peer network device. A system and a network device for bidirectional authentication are also provided herein. As such, extra calculation caused by certificate authentication is cut down, the system is more secure and reliable, and the key management is simplified.

Methods and apparatuses in automatic detection of a required network key type are described. In one embodiment, a client device prompts a user for a pass phrase, receives a pass phrase and automatically determines the encryption type for the pass phrase to connect to a network. The client device then communicates with a server to authenticate the client device.

A content providing server connected to a home network or the like is configured in such a way as to store a content key, which is encrypted by a network key shared by network-connected devices and appropriately updated, in a storage together with encrypted content, and as to hold a network key table in which all network keys including all pre-update network keys, which are being applied to encrypted content keys, are registered and stored. This server performs a key changing operation of changing a content key, which is encrypted by a pre-update network key, to an encrypted key, to which an updated network key is applied, only when needed, for example, at an occurrence of utilization of the content. Consequently, this configuration prevents key changing operations from being wastefully performed. Thus, the processing load on the server is alleviated.

The invention provides an issuing method of a network key character related information and comprises steps below: the invention presets an input method word base containing key words, each key word has corresponding coding matching rule and exhibiting rule; the invention receives a coding character string inputted by users and obtains candidate words in a matching way from the input method word base; when the candidate words comprise the key word, the invention transfers the exhibiting rule and exhibits the confirmed exhibiting information in a method confirmed by the rule. The method also can be used in the related information for issuing the key coding character string. The invention cuts an issuing method and system of new network key character related information, and widens a connecting path between the key character relative information and the users. The invention can reduce the applying experience of the users in a smallest degree, prevents the key word related information which is not needed by the users, is invalid and useless from being largely downloaded to the users local and elevates the using efficiency of the network communication resource.

The invention discloses an urban area road network operating state evaluation method considering the critical degree of a road section. The method comprises the following steps that: step 1, floating vehicle GPS data and fixed detector data are obtained and preprocessed; step 2, urban road network important road section identification is performed; step 3, urban road network weak road section identification is performed; step 4, urban road network key road section identification is performed, and critical degree vectors are divided into different levels; and step 5, urban road network operating state index construction is performed. According to the method of the invention, a traffic flow rate which measures the critical degree of the road section and an average velocity variation coefficient which measures the weak degree of the road section are both considered, the critical degrees of the road section are clustered and divided, and therefore, the evaluation of the congestion of a road network is more realistic and more sensitive.

A method for managing network key and updating session key is provided. The step of the key management includes: constructing key request group, constructing key negotiation response group, and constructing key negotiation acknowledgement group. The step of multicasting key management method includes multicasting main key negotiation protocol and multicasting session key distribution protocol. The multicasting main key negotiation protocol comprises key updating informs group, constructing encryption key negotiation request group, constructing key negotiation response group and constructing key negotiation acknowledgement group. The multicasting session key distribution protocol comprises multicasting session key request and multicasting session key distribution.

The invention relates to the network safety technology, and discloses a method and a device for detecting SSL enciphered data safety, wherein the method comprises identifying conversation-used encryption algorithms through tracing SSL conversation negotiation process, obtaining conversation key for enciphered data through tracing the key exchange process, utilizing the conversation key to decrypt received data to get non-encrypted original data, and conducting inversion detections and analysis for the original data. The invention can be utilized to detect and analysis SSL enciphered data through by-pass arrangement on network key nodes, and guarantees the safety of SSL enciphered data.

The invention relates to the field of service quality analysis in mobile communication, and provides a voice service quality-based end-to-end analyzing method. The indicators of voice service quality is evaluated multi-dimensionally, a method for correlating service key quality indicators (KQI) with related network key performance indicators (KPI) is established, a method for correlating and carrying indicators from a service to a network and to equipment is established, voice service quality problems are analyzed end to end in the overall process, and the reasons of the voice service quality problems can be quickly and effectively positioned, so that a basis can be provided for service quality-based network optimization, and the perception and satisfaction degree of users can be promoted.

The invention discloses a method and device for evaluating mobile data service quality oriented to user experience and belongs to the field of mobile wireless network performance evaluation. In view of eight current main mobile data services of the mobile Internet, a key quality indicator system for both subjective quantitative evaluation and objective quantitative evaluation is provided. The measured value of the key quality indicator system may perform objective quantitative evaluation on user subjective service experience by means of a nondimensionalized and analytic hierarchy process and can be mapped to a network performance indicator to be used for analyzing and positioning a network fault influencing user awareness and improving the user awareness by eliminating network performance problems. The method and the device solve a problem that a network key performance indicator based on network elements, which is still mainly taken by network operators, for evaluating the network performance, cannot reflect the real feeling of a user using mobile data service so as to cause disjunction between the service using experience of the user and network performance evaluation optimization.

The present invention relates to a method for creating and managing a local area network including at least one device for reproducing an encrypted data flow and a device for transmitting and re-encrypting all or part of said encrypted data, which devices include security modules. The method includes the steps of connecting a so-called master security module in one of the devices connected to the local area network, causing the master security module to generate a network key, securely transmitting the network key to one or more so-called user security modules, decrypting the data encrypted by the transmission and re-encryption device, re-encrypting the data with said device by means of a local key, transmitting the re-encrypted data to the reproduction device, and holding the reproduction device to perform decryption using the user security module associated therewith and provided with means for locating the local key.

The invention provides a voice service user negative perception-based network problem analysis method, which relates to the field of analysis of a client perception QoE index in a mobile network. In the method, index association analysis is performed on voice service-based negative perception of a terminal user (particularly a very important person (VIP) user), and a user perception situation is effectively associated with a network key performance indicator (KPI) index, so that the cause of a network problem can be positioned quickly and effectively. Therefore, the trouble of poor user perception under the condition of good network index is solved for an operator, a passive complaint handing mode is replaced by an active problem finding mode, bases are provided for service-oriented and customer-oriented network optimization, service quality is enhanced and customer satisfaction is enhanced.

This invention relates to VPN system based on dynamic code formula, which uses keys, chips and network technique and designs one set of dynamic symmetric code formula to make each formula with different virtual special networks in each data coding, wherein, each code system only adopts one symmetric code keys such as network keys, pack keys and channel keys through establishing code formula to generate formula and symmetric key generation formula.

The invention discloses a key management method of an Internet of Things (IOT) sensor system. The method comprises the following steps of: A. performing the registration of sensor nodes and the authentication of sensor nodes by a gateway. B. starting a key management module, using the preset secret information in the sensor nodes and the gateway, and generating key pairs and network keys of the gateway between the sensor nodes and the gateway according to the different security requirements of packets, and updating the key pairs and network keys periodically. The method supports the update of different keys in different periods of validity, and provides effective security protection for the keys for the gateway and the sensor network communication under the gateway.