专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08689311B2 Cross-domain authentication 有权
标题翻译：跨域认证
公开(公告)号：US08689311B2
公开(公告)日：2014-04-01
申请号：US13076164
申请日：2011-03-30
申请人： Arnold N. Blinn , Wei-Quiang Michael Guo , Wei Jiang , Raja Pazhanivel Perumal , Iulian D. Calinov
发明人： Arnold N. Blinn , Wei-Quiang Michael Guo , Wei Jiang , Raja Pazhanivel Perumal , Iulian D. Calinov
IPC分类号： G06F7/04 , G06F15/16 , G06F17/30 , H04L29/06
CPC分类号： H04L63/08 , G06F21/41 , H04L63/0815 , H04L63/168 , H04L63/20
摘要： Providing services within a network of service providers sharing an authentication service and a set of business rules. A central server receives a first request from a first server to provide a first service to a user via a client without forcing the user to present credentials. In response to the received first request, the central server stores data identifying the first service on the client. The central server further receives a second request from a second server to provide a second service to the user via the client after the user presents the credentials to the second service. After receiving the second request and the presented credentials, the central server allows the user access to the second service. In response to allowing the user access to the second service, the central server further allows the user access to the first service as a result of the stored data.
摘要翻译：在服务提供商的网络内提供共享认证服务和一组业务规则的服务。中央服务器从第一服务器接收第一请求，以经由客户端向用户提供第一服务，而不强制用户呈现凭证。响应于接收到的第一请求，中央服务器将识别第一服务的数据存储在客户机上。中央服务器还在第二服务器接收第二请求之后，在用户向第二服务呈现证书之后，经由客户端向用户提供第二服务。在接收到第二请求和所提供的凭证之后，中央服务器允许用户访问第二服务。响应于允许用户访问第二服务，中央服务器还允许用户作为存储的数据的结果访问第一服务。

2. 发明授权

US07950055B2 Cross-domain authentication 有权
标题翻译：跨域认证
公开(公告)号：US07950055B2
公开(公告)日：2011-05-24
申请号：US12581355
申请日：2009-10-19
申请人： Arnold N. Blinn , Wei-Quiang Michael Guo , Wei Jiang , Raja Pazhanivel Perumal , Iulian D. Calinov
发明人： Arnold N. Blinn , Wei-Quiang Michael Guo , Wei Jiang , Raja Pazhanivel Perumal , Iulian D. Calinov
IPC分类号： G06F7/04 , G06F12/00 , G06F12/14 , G06F13/00 , G06F17/30 , G11C7/00
CPC分类号： H04L63/08 , G06F21/41 , H04L63/0815 , H04L63/168 , H04L63/20
摘要： Providing services within a network of service providers sharing an authentication service and a set of business rules. A central server receives a first request from a first server to provide a first service to a user via a client without forcing the user to present credentials. In response to the received first request, the central server stores data identifying the first service on the client. The central server further receives a second request from a second server to provide a second service to the user via the client after the user presents the credentials to the second service. After receiving the second request and the presented credentials, the central server allows the user access to the second service. In response to allowing the user access to the second service, the central server further allows the user access to the first service as a result of the stored data.
摘要翻译：在服务提供商的网络内提供共享认证服务和一组业务规则的服务。中央服务器从第一服务器接收第一请求，以经由客户端向用户提供第一服务，而不强制用户呈现凭证。响应于接收到的第一请求，中央服务器将识别第一服务的数据存储在客户机上。中央服务器还在第二服务器接收第二请求之后，在用户向第二服务呈现证书之后，经由客户端向用户提供第二服务。在接收到第二请求和所提供的凭证之后，中央服务器允许用户访问第二服务。响应于允许用户访问第二服务，中央服务器还允许用户作为存储的数据的结果访问第一服务。

3. 发明申请

US20110179469A1 CROSS-DOMAIN AUTHENTICATION 有权
标题翻译：跨域认证
公开(公告)号：US20110179469A1
公开(公告)日：2011-07-21
申请号：US13076164
申请日：2011-03-30
申请人： Arnold Blinn , Wei-Quiang Michael Guo , Wei Jiang , Raja Pazhanivel Perumal , Iulian D. Calinov
发明人： Arnold Blinn , Wei-Quiang Michael Guo , Wei Jiang , Raja Pazhanivel Perumal , Iulian D. Calinov
IPC分类号： G06F7/04 , G06F15/16 , G06F17/30
CPC分类号： H04L63/08 , G06F21/41 , H04L63/0815 , H04L63/168 , H04L63/20
摘要： Providing services within a network of service providers sharing an authentication service and a set of business rules. A central server receives a first request from a first server to provide a first service to a user via a client without forcing the user to present credentials. In response to the received first request, the central server stores data identifying the first service on the client. The central server further receives a second request from a second server to provide a second service to the user via the client after the user presents the credentials to the second service. After receiving the second request and the presented credentials, the central server allows the user access to the second service. In response to allowing the user access to the second service, the central server further allows the user access to the first service as a result of the stored data.
摘要翻译：在服务提供商的网络内提供共享认证服务和一组业务规则的服务。中央服务器从第一服务器接收第一请求，以经由客户端向用户提供第一服务，而不强制用户呈现凭证。响应于接收到的第一请求，中央服务器将识别第一服务的数据存储在客户机上。中央服务器还在第二服务器接收第二请求之后，在用户向第二服务呈现证书之后，经由客户端向用户提供第二服务。在接收到第二请求和所提供的凭证之后，中央服务器允许用户访问第二服务。响应于允许用户访问第二服务，中央服务器还允许用户作为存储的数据的结果访问第一服务。

4. 发明申请

US20100042735A1 CROSS-DOMAIN AUTHENTICATION 有权
标题翻译：跨域认证
公开(公告)号：US20100042735A1
公开(公告)日：2010-02-18
申请号：US12581355
申请日：2009-10-19
申请人： Arnold Blinn , Wei-Quiang Michael Guo , Wei Jiang , Raja Pazhanivel Perumal , Iulian D. Calinov
发明人： Arnold Blinn , Wei-Quiang Michael Guo , Wei Jiang , Raja Pazhanivel Perumal , Iulian D. Calinov
IPC分类号： G06F15/16
CPC分类号： H04L63/08 , G06F21/41 , H04L63/0815 , H04L63/168 , H04L63/20
摘要： Providing services within a network of service providers sharing an authentication service and a set of business rules. A central server receives a first request from a first server to provide a first service to a user via a client without forcing the user to present credentials. In response to the received first request, the central server stores data identifying the first service on the client. The central server further receives a second request from a second server to provide a second service to the user via the client after the user presents the credentials to the second service. After receiving the second request and the presented credentials, the central server allows the user access to the second service. In response to allowing the user access to the second service, the central server further allows the user access to the first service as a result of the stored data.
摘要翻译：在服务提供商的网络内提供共享认证服务和一组业务规则的服务。中央服务器从第一服务器接收第一请求，以经由客户端向用户提供第一服务，而不强制用户呈现凭证。响应于接收到的第一请求，中央服务器将识别第一服务的数据存储在客户机上。中央服务器还在第二服务器接收第二请求之后，在用户向第二服务呈现证书之后，经由客户端向用户提供第二服务。在接收到第二请求和所提供的凭证之后，中央服务器允许用户访问第二服务。响应于允许用户访问第二服务，中央服务器还允许用户作为存储的数据的结果访问第一服务。

5. 发明授权

US07636941B2 Cross-domain authentication 有权
标题翻译：跨域认证
公开(公告)号：US07636941B2
公开(公告)日：2009-12-22
申请号：US10798580
申请日：2004-03-10
申请人： Arnold Blinn , Wei-Quiang Michael Guo , Wei Jiang , Raja Pazhanivel Perumal , Iulian D. Calinov
发明人： Arnold Blinn , Wei-Quiang Michael Guo , Wei Jiang , Raja Pazhanivel Perumal , Iulian D. Calinov
IPC分类号： G06F7/04 , G06F12/00 , G06F12/14 , G06F13/00 , G06F17/30 , G11C7/00
CPC分类号： H04L63/08 , G06F21/41 , H04L63/0815 , H04L63/168 , H04L63/20
摘要： Providing services within a network of service providers sharing an authentication service and a set of business rules. A central server receives a first request from a first server to provide a first service to a user via a client without forcing the user to present credentials. In response to the received first request, the central server stores data identifying the first service on the client. The central server further receives a second request from a second server to provide a second service to the user via the client after the user presents the credentials to the second service. After receiving the second request and the presented credentials, the central server allows the user access to the second service. In response to allowing the user access to the second service, the central server further allows the user access to the first service as a result of the stored data.
摘要翻译：在服务提供商的网络内提供共享认证服务和一组业务规则的服务。中央服务器从第一服务器接收第一请求，以经由客户端向用户提供第一服务，而不强制用户呈现凭证。响应于接收到的第一请求，中央服务器将识别第一服务的数据存储在客户机上。中央服务器还在第二服务器接收第二请求之后，在用户向第二服务呈现证书之后，经由客户端向用户提供第二服务。在接收到第二请求和所提供的凭证之后，中央服务器允许用户访问第二服务。响应于允许用户访问第二服务，中央服务器还允许用户作为存储的数据的结果访问第一服务。

6. 发明授权

US07882539B2 Abstracting security policy from, and transforming to, native representations of access check mechanisms 有权
标题翻译：抽取安全策略和转换为访问检查机制的本机表示
公开(公告)号：US07882539B2
公开(公告)日：2011-02-01
申请号：US11445778
申请日：2006-06-02
申请人： Muthukrishnan Paramasivam , Charles F. Rose, III , Dave M. McPherson , Raja Pazhanivel Perumal , Satyajit Nath , Paul J. Leach , Ravindra Nath Pandya
发明人： Muthukrishnan Paramasivam , Charles F. Rose, III , Dave M. McPherson , Raja Pazhanivel Perumal , Satyajit Nath , Paul J. Leach , Ravindra Nath Pandya
IPC分类号： G06F17/00 , H04L29/06
CPC分类号： H04L63/102 , G06F21/604 , H04L63/20
摘要： Abstracting access control policy from access check mechanisms allows for richer expression of policy, using a declarative model with semantics, than what is permitted by the access check mechanisms. Further, abstracting access control policy allows for uniform expression of policy across multiple access check mechanisms. Proof-like reasons for any access query are provided, such as who has access to what resource, built from the policy statements themselves, independent of the access check mechanism that provide access. Access is audited and policy-based reasons for access are provided based on the access control policy.
摘要翻译：来自访问检查机制的抽象访问控制策略允许使用具有语义的声明性模型，而不是访问检查机制允许的策略的更丰富的表达。此外，抽象访问控制策略允许在多个访问检查机制之间统一表达策略。提供任何访问查询的类似原因，例如谁可以访问从策略语句本身构建的什么资源，独立于提供访问的访问检查机制。访问被审计，基于访问控制策略提供基于策略的访问原因。

7. 发明授权

US07606918B2 Account creation via a mobile device 失效
标题翻译：通过移动设备创建帐户
公开(公告)号：US07606918B2
公开(公告)日：2009-10-20
申请号：US10850010
申请日：2004-05-20
申请人： Aron M. Holzman , Raja Pazhanivel Perumal , Michael Shayne Agney , Vikas Khandelwal
发明人： Aron M. Holzman , Raja Pazhanivel Perumal , Michael Shayne Agney , Vikas Khandelwal
IPC分类号： G06F15/16
CPC分类号： H04L63/102 , H04L63/08 , H04L63/0876 , H04W12/06 , H04W12/08
摘要： Creating an account via a mobile device. A request to create an account is received from a user via a mobile device. The request is received from the mobile device according to a wireless communications protocol. In response to the received request, a confirmation message is delivered to the mobile device for rendering to the user as a challenge. A response to the rendered challenge is received from the user via the mobile device. It is determined if the received response to the rendered challenge corresponds to the delivered confirmation message. And the account is created for the user if the received response to the rendered challenge is determined to correspond to the delivered confirmation message. Other aspects of the invention are directed to computer-readable media for use with account creation via a mobile device.
摘要翻译：通过移动设备创建帐户。通过移动设备从用户接收到创建帐户的请求。根据无线通信协议从移动设备接收该请求。响应于接收到的请求，将确认消息传递给移动设备以呈现给用户作为挑战。通过移动设备从用户接收对所提出的挑战的响应。确定所接收的对所提出的挑战的响应是否对应于所递送的确认消息。并且如果确定所接收到的对所提出的质询的响应对应于所递送的确认消息，则为用户创建该帐户。本发明的其他方面涉及用于通过移动设备创建帐户的计算机可读介质。

8. 发明申请

US20070283411A1 Abstracting security policy from, and transforming to, native representations of access check mechanisms 有权
标题翻译：抽取安全策略和转换为访问检查机制的本机表示
公开(公告)号：US20070283411A1
公开(公告)日：2007-12-06
申请号：US11445778
申请日：2006-06-02
申请人： Muthukrishnan Paramasivam , Charles F. Rose , Dave M. McPherson , Raja Pazhanivel Perumal , Satyajit Nath , Paul J. Leach , Ravindra Nath Pandya
发明人： Muthukrishnan Paramasivam , Charles F. Rose , Dave M. McPherson , Raja Pazhanivel Perumal , Satyajit Nath , Paul J. Leach , Ravindra Nath Pandya
IPC分类号： H04L9/00
CPC分类号： H04L63/102 , G06F21/604 , H04L63/20
摘要： Abstracting access control policy from access check mechanisms allows for richer expression of policy, using a declarative model with semantics, than what is permitted by the access check mechanisms. Further, abstracting access control policy allows for uniform expression of policy across multiple access check mechanisms. Proof-like reasons for any access query are provided, such as who has access to what resource, built from the policy statements themselves, independent of the access check mechanism that provide access. Access is audited and policy-based reasons for access are provided based on the access control policy.
摘要翻译：来自访问检查机制的抽象访问控制策略允许使用具有语义的声明性模型，而不是访问检查机制允许的策略的更丰富的表达。此外，抽象访问控制策略允许在多个访问检查机制之间统一表达策略。提供任何访问查询的类似原因，例如谁可以访问从策略语句本身构建的什么资源，独立于提供访问的访问检查机制。访问被审计，基于访问控制策略提供基于策略的访问原因。

9. 发明申请

US20110231940A1 CREDENTIAL-BASED ACCESS TO DATA 审中-公开
标题翻译：基于资料的数据访问
公开(公告)号：US20110231940A1
公开(公告)日：2011-09-22
申请号：US12727763
申请日：2010-03-19
申请人： Raja Pazhanivel Perumal , Jeffrey B. Hamblin
发明人： Raja Pazhanivel Perumal , Jeffrey B. Hamblin
IPC分类号： G06F21/24 , G06F17/30
CPC分类号： G06F21/335 , G06F2221/2103 , G06F2221/2143 , G06F2221/2145 , H04L63/101
摘要： Existing mechanisms that control access to data based upon whether the user seeking to access the data is identified among the users that are allowed to access the data, can be extended to further control access based upon the provision of credential data by the user, or processes associated therewith. Access control entries can limit access based upon Boolean conditionals, including those referencing credential data, such that access can be granted only to specific users that provide the credential data or, alternatively, to any user that provides it. The referenced credential data can be specified in the access control information in an obfuscated form for security purposes. Information associated with the user, such as a user token, can be temporarily updated to include credential data when provided by the user, so as to enable access to the data but to prevent such access from remaining open too long.
摘要翻译：可以根据用户访问数据的用户是否识别访问数据的现有机制，可以扩展为进一步控制访问，这是基于用户提供的凭据数据或处理相关联。访问控制条目可以基于布尔条件（包括引用凭证数据的那些）来限制访问，使得仅可以向提供证书数据的特定用户授予访问权，或者替代地，授予提供证书数据的任何用户的访问。为了安全起见，引用的凭证数据可以以混淆形式在访问控制信息中指定。与用户相关联的信息（例如用户令牌）可以被临时更新，以在由用户提供时包括凭证数据，以便能够访问数据，但是防止这种访问保持打开太久。

10. 发明授权

US09038168B2 Controlling resource access based on resource properties 有权
标题翻译：基于资源属性控制资源访问
公开(公告)号：US09038168B2
公开(公告)日：2015-05-19
申请号：US12622441
申请日：2009-11-20
申请人： Nir Ben-Zvi , Raja Pazhanivel Perumal , Anders Samuelsson , Jeffrey B. Hamblin , Ran Kalach , Ziquan Li , Matthias H. Wollnik , Clyde Law , Paul Adrian Oltean
发明人： Nir Ben-Zvi , Raja Pazhanivel Perumal , Anders Samuelsson , Jeffrey B. Hamblin , Ran Kalach , Ziquan Li , Matthias H. Wollnik , Clyde Law , Paul Adrian Oltean
IPC分类号： G06F12/14 , G06F21/62
CPC分类号： G06F21/6218 , G06F2221/2141
摘要： Described is a technology by which access to a resource is determined by evaluating a resource label of the resource against a user claim of an access request, according to policy decoupled from the resource. The resource may be a file, and the resource label may be obtained by classifying the file into classification properties, such that a change to the file may change its resource label, thereby changing which users have access to the file. The resource label-based access evaluation may be logically combined with a conventional ACL-based access evaluation to determine whether to grant or deny access to the resource.
摘要翻译：描述了根据从资源分离的策略来评估资源的资源标签以针对访问请求的用户权利要求来确定对资源的访问的技术。资源可以是文件，并且可以通过将文件分类为分类属性来获得资源标签，使得文件的改变可以改变其资源标签，从而改变哪些用户有权访问该文件。基于资源标签的访问评估可以逻辑地与传统的基于ACL的访问评估组合以确定是否授予或拒绝对资源的访问。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式