专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20100106767A1 AUTOMATICALLY SECURING DISTRIBUTED APPLICATIONS 审中-公开
标题翻译：自动安全分发应用
公开(公告)号：US20100106767A1
公开(公告)日：2010-04-29
申请号：US12257776
申请日：2008-10-24
申请人： Benjamin Livshits , Henricus Johannes Maria Meijer , Cedric Fournet , Jeffrey Van Gogh , Danny Van Velzen , Krishnaprasad Vikram , Abhishek Prateek
发明人： Benjamin Livshits , Henricus Johannes Maria Meijer , Cedric Fournet , Jeffrey Van Gogh , Danny Van Velzen , Krishnaprasad Vikram , Abhishek Prateek
IPC分类号： G06F15/16 , G06F15/173
CPC分类号： H04L63/08 , G06F21/52 , G06F2221/2101
摘要： A processing system for distributed multi-tier applications is provided. The system includes a server component that executes a replica of a client-side application, where a client component executes the client-side application. The client component captures events from the client-side application and transmits the events to the replica to validate the computational integrity security of the application.
摘要翻译：提供了一种用于分布式多层应用的处理系统。该系统包括执行客户端应用程序的副本的服务器组件，其中客户端组件执行客户端应用程序。客户端组件从客户端应用程序捕获事件，并将事件发送到副本，以验证应用程序的计算完整性安全性。

2. 发明授权

US07559080B2 Automatically generating security policies for web services 有权
标题翻译：自动生成Web服务的安全策略
公开(公告)号：US07559080B2
公开(公告)日：2009-07-07
申请号：US11025375
申请日：2004-12-29
申请人： Karthikeyan Bhargavan , Cedric Fournet , Andrew Donald Gordon , Christopher G. Kaler
发明人： Karthikeyan Bhargavan , Cedric Fournet , Andrew Donald Gordon , Christopher G. Kaler
IPC分类号： G06F21/00
CPC分类号： H04L63/08 , H04L63/102 , H04L63/12 , H04L63/20
摘要： Systems and methods for automatically generating security policy for a web service are described. In one aspect, one or more links between one or more endpoints are described with an abstract link description. The abstract link description describes, for each link of the one or more links, one or more security goals associated with exchange of message(s) between the one or more endpoints associated with the link. The one or more endpoints host respective principals networked in a distributed operating environment. Detailed security policies for enforcement during exchange of messages between the one or more endpoints are automatically generated from the abstract link description.
摘要翻译：描述了用于自动生成Web服务的安全策略的系统和方法。在一个方面，一个或多个端点之间的一个或多个链路用抽象链接描述来描述。抽象链接描述针对一个或多个链接的每个链接描述与在与链接相关联的一个或多个端点之间的消息交换相关联的一个或多个安全目标。一个或多个端点托管在分布式操作环境中联网的各个主体。在一个或多个端点之间的消息交换期间执行的详细的安全策略是从抽象链接描述中自动生成的。

3. 发明申请

US20090138937A1 ENHANCED SECURITY AND PERFORMANCE OF WEB APPLICATIONS 有权
标题翻译： WEB应用程序的增强安全性和性能
公开(公告)号：US20090138937A1
公开(公告)日：2009-05-28
申请号：US11944460
申请日：2007-11-23
申请人： Ulfar Erlingsson , Yinglian Xie , Ben Livshits , Cedric Fournet
发明人： Ulfar Erlingsson , Yinglian Xie , Ben Livshits , Cedric Fournet
IPC分类号： H04L9/00
CPC分类号： H04L63/1416 , G06F21/305 , G06F21/54 , G06F2221/2119 , G06F2221/2141 , H04L63/102
摘要： A client-side enforcement mechanism may allow application security policies to be specified at a server in a programmatic manner. Servers may specify security policies as JavaScript functions included in a page returned by the server and run before other scripts. At runtime, and during initial loading, the functions are invoked by the client on each page modification to ensure the page conforms to the security policy. As such, before a mutation takes effect, the policy may transform that mutation and the code and data of the page. Replicated code execution may take place at both the client and the server where the server runs its own shadow copy of a client-side application in a trusted execution environment so that the server may check that the method calls coming from the client correspond to a correct execution of the client-side application The redundant execution at the client can be untrusted, but serves to improve the responsiveness and performance of the Web application.
摘要翻译：客户端执行机制可以允许以编程方式在服务器处指定应用安全策略。服务器可以将安全策略指定为服务器返回的页面中包含的JavaScript函数，并在其他脚本之前运行。在运行时，并且在初始加载期间，客户机在每次修改页面时调用这些功能，以确保页面符合安全策略。因此，在突变生效之前，策略可以转换该突变以及页面的代码和数据。复制的代码执行可以在客户端和服务器上进行，其中服务器在可信执行环境中运行其自己的客户端应用程序的卷影副本，以便服务器可以检查来自客户机的方法调用是否对应于正确的客户端应用程序的执行客户机上的冗余执行可以不受信任，但用于提高Web应用程序的响应性和性能。

4. 发明申请

US20080066171A1 Security Language Translations with Logic Resolution 有权
标题翻译：安全语言翻译与逻辑分辨率
公开(公告)号：US20080066171A1
公开(公告)日：2008-03-13
申请号：US11530556
申请日：2006-09-11
申请人： Moritz Y. Becker , Blair B. Dillaway , Cedric Fournet , Andrew D. Gordon , Jason F. MacKay
发明人： Moritz Y. Becker , Blair B. Dillaway , Cedric Fournet , Andrew D. Gordon , Jason F. MacKay
IPC分类号： G06F7/04
CPC分类号： H04L63/20 , G06F21/36 , G06F21/6236 , G06F2221/2141
摘要： Security language constructs may be translated into logic language constructs and vise versa. Logic resolution may be effected using, for example, the logic language constructs. In an example implementation, translation of a security language assertion into at least one logic language rule is described. In another example implementation, translation of a proof graph reflecting a logic language into a proof graph reflecting a security language is described. In yet another example implementation, evaluation of a logic language program using a deterministic algorithm is described.
摘要翻译：安全语言结构可以被翻译成逻辑语言结构，反之亦然。逻辑分辨率可以使用例如逻辑语言结构来实现。在一个示例实现中，描述了将安全语言断言转换成至少一个逻辑语言规则。在另一示例实施例中，描述了将反映逻辑语言的证明图形转换成反映安全语言的校对图。在又一示例实现中，描述了使用确定性算法的逻辑语言程序的评估。

5. 发明申请

US20080066170A1 Security Assertion Revocation 有权
标题翻译：安全断言撤销
公开(公告)号：US20080066170A1
公开(公告)日：2008-03-13
申请号：US11530443
申请日：2006-09-08
申请人： Blair B. Dillaway , Moritz Y. Becker , Andrew D. Gordon , Cedric Fournet , Brian A. LaMacchia
发明人： Blair B. Dillaway , Moritz Y. Becker , Andrew D. Gordon , Cedric Fournet , Brian A. LaMacchia
IPC分类号： H04L9/32
CPC分类号： H04L63/10 , H04L63/20
摘要： Security assertion revocation enables a revocation granularity in a security scheme down to the level of individual assertions. In an example implemenation, a security token includes multiple respective assertions that are associated with multiple respective assertion identifiers. More specifically, each individual assertion is associated with at least one individual assertion identifier.
摘要翻译：安全声明撤销使安全方案中的撤销粒度达到个人断言的级别。在示例实现中，安全令牌包括与多个相应的断言标识符相关联的多个相应断言。更具体地，每个单独的断言与至少一个单独的断言标识符相关联。

6. 发明申请

US20080066159A1 Controlling the Delegation of Rights 有权
标题翻译：控制权利的授权
公开(公告)号：US20080066159A1
公开(公告)日：2008-03-13
申请号：US11530446
申请日：2006-09-08
申请人： Blair B. Dillaway , Moritz Y. Becker , Andrew D. Gordon , Cedric Fournet
发明人： Blair B. Dillaway , Moritz Y. Becker , Andrew D. Gordon , Cedric Fournet
IPC分类号： H04L9/32
CPC分类号： G06F21/62 , G06F2221/2145
摘要： The delegation of rights may be controlled in a number of manners. In an example implementation, a delegation authority assertion is formulated with a delegator principle, a delegatee principal, a verb phrase, a resource, and a delagation-directive verb. In another example implementation, a delegation mechanism involving an assertor, a first principal, and a second principal enables a delegation to be specifically controlled. In yet another example implementation, a chained delegation mechanism enables explicit control of a permitted transitive chaining depth.
摘要翻译：权利的授权可以多种方式进行控制。在一个示例实现中，授权机构的断言是用委托者原则，委托人委托人，动词短语，资源和分类指令动词来制定的。在另一个实例中，涉及一个断言器，一个第一个主体和一个第二个主体的委托机制使得可以特别地控制委托。在另一个示例实现中，链接的委托机制使得能够显式地控制允许的传递链接深度。

7. 发明申请

US20050055565A1 Reviewing the security of trusted software components 有权
标题翻译：查看可信软件组件的安全性
公开(公告)号：US20050055565A1
公开(公告)日：2005-03-10
申请号：US10656654
申请日：2003-09-05
申请人： Cedric Fournet , Andrew Gordon , Tomasz Blanc
发明人： Cedric Fournet , Andrew Gordon , Tomasz Blanc
IPC分类号： G06F21/00 , H04L9/00
CPC分类号： G06F21/577 , G06F2221/033
摘要： An analysis tool provides a call path set for reviewing the security of trusted software components during development. By examining the usage of permissions in programs and libraries within a managed execution environment, potential gaps in the security of trusted components may be identified. A call graph generator creates a permission-sensitive call graph. A call graph analyzer evaluates the permission-sensitive call graph to highlight call paths that may present security risks.
摘要翻译：分析工具提供了一个调用路径集，用于在开发期间查看可信软件组件的安全性。通过检查受管执行环境中的程序和库中的权限的使用，可以识别可信组件的安全性中的潜在差距。调用图生成器创建一个权限敏感的调用图。调用图分析器评估权限敏感的调用图，以突出可能存在安全风险的呼叫路径。

8. 发明授权

US08584230B2 Security authorization queries 失效
标题翻译：安全授权查询
公开(公告)号：US08584230B2
公开(公告)日：2013-11-12
申请号：US13246537
申请日：2011-09-27
申请人： Blair B. Dillaway , Moritz Y. Becker , Andrew D. Gordon , Cedric Fournet
发明人： Blair B. Dillaway , Moritz Y. Becker , Andrew D. Gordon , Cedric Fournet
IPC分类号： H04L29/06
CPC分类号： G06F21/6218
摘要： In an example implementation, a bifurcated security scheme has a first level that does not allow usage of negations and a second level that does permit usage of negations. In another example implementation, an authorization query table maps respective resource-specific operations to respective associated authorization queries. In yet another example implementation, authorization queries are permitted to have negations, but individual assertions are not.
摘要翻译：在示例实现中，分叉的安全方案具有不允许使用否定的第一级别，并且允许使用否定的第二级别。在另一示例实现中，授权查询表将相应的资源特定操作映射到相应的相关联的授权查询。在另一个示例实现中，授权查询被允许具有否定，但是单独的断言不是。

9. 发明授权

US08201215B2 Controlling the delegation of rights 有权
标题翻译：控制权利的授权
公开(公告)号：US08201215B2
公开(公告)日：2012-06-12
申请号：US11530446
申请日：2006-09-08
申请人： Blair B. Dillaway , Moritz Y. Becker , Andrew D. Gordon , Cedric Fournet
发明人： Blair B. Dillaway , Moritz Y. Becker , Andrew D. Gordon , Cedric Fournet
IPC分类号： G06F17/30 , H04L29/06
CPC分类号： G06F21/62 , G06F2221/2145
摘要： The delegation of rights may be controlled in a number of manners. In an example implementation, a delegation authority assertion is formulated with a delegator principle, a delegatee principal, a verb phrase, a resource, and a delagation-directive verb. In another example implementation, a delegation mechanism involving an assertor, a first principal, and a second principal enables a delegation to be specifically controlled. In yet another example implementation, a chained delegation mechanism enables explicit control of a permitted transitive chaining depth.
摘要翻译：权利的授权可以多种方式进行控制。在一个示例实现中，授权机构的断言是用委托者原则，委托人委托人，动词短语，资源和分类指令动词来制定的。在另一个实例中，涉及一个断言器，一个第一个主体和一个第二个主体的委托机制使得可以特别地控制委托。在另一个示例实现中，链接的委托机制使得能够显式地控制允许的传递链接深度。

10. 发明申请

US20080066175A1 Security Authorization Queries 失效
标题翻译：安全授权查询
公开(公告)号：US20080066175A1
公开(公告)日：2008-03-13
申请号：US11530438
申请日：2006-09-08
申请人： Blair B. Dillaway , Moritz Y. Becker , Andrew D. Gordon , Cedric Fournet
发明人： Blair B. Dillaway , Moritz Y. Becker , Andrew D. Gordon , Cedric Fournet
IPC分类号： H04L9/32
CPC分类号： G06F21/6218
摘要： In an example implementation, a bifurcated security scheme has a first level that does not allow usage of negations and a second level that does permit usage of negations. In another example implementation, an authorization query table maps respective resource-specific operations to respective associated authorization queries. In yet another example implementation, authorization queries are permitted to have negations, but individual assertions are not.
摘要翻译：在示例实现中，分叉的安全方案具有不允许使用否定的第一级别，并且允许使用否定的第二级别。在另一示例实现中，授权查询表将相应的资源特定操作映射到相应的相关联的授权查询。在另一个示例实现中，授权查询被允许具有否定，但是单独的断言不是。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式