专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20060294383A1 Secure data communications in web services 审中-公开
标题翻译：在Web服务中安全的数据通信
公开(公告)号：US20060294383A1
公开(公告)日：2006-12-28
申请号：US11168716
申请日：2005-06-28
申请人： Paula Austel , Maryann Hondo , Michael McIntosh , Anthony Nadalin , Nataraj Nagaratnam
发明人： Paula Austel , Maryann Hondo , Michael McIntosh , Anthony Nadalin , Nataraj Nagaratnam
IPC分类号： H04L9/00
CPC分类号： G06F21/606 , G06F21/629 , H04L63/12
摘要： Methods, systems, and products are disclosed in which secure data communications in web services are provided generally by receiving in a web service from a client a request containing an element bearing a first signature, the signature having a value; signing the value of the first signature, thereby creating a second signature; and sending a response from the web service to the client, the response including the second signature. The requester may verify that the response includes the second signature. The request may be encrypted, and the response may be encrypted. The first signature may be encrypted, and the web service may encrypt the value of the first signature and include the encrypted value of the first signature in the response. The web service may receive a request encoded in SOAP and may send a response also encoded in SOAP.
摘要翻译：公开了一种方法，系统和产品，其中Web服务中的安全数据通信通常通过从客户端接收web服务来提供包含具有第一签名的元素的请求，该签名具有值; 签署第一签名的价值，从而创建第二个签名; 以及将所述web服务的响应发送到所述客户端，所述响应包括所述第二签名。请求者可以验证响应包括第二个签名。该请求可以被加密，并且响应可以被加密。可以对第一签名进行加密，并且web服务可以加密第一签名的值并将第一签名的加密值包括在响应中。 Web服务可以接收以SOAP编码的请求，并且可以发送也以SOAP编码的响应。

2. 发明申请

US20060230430A1 METHOD AND SYSTEM FOR IMPLEMENTING AUTHORIZATION POLICIES FOR WEB SERVICES 有权
标题翻译：执行WEB服务授权政策的方法和系统
公开(公告)号：US20060230430A1
公开(公告)日：2006-10-12
申请号：US10907577
申请日：2005-04-06
申请人： Maryann Hondo , Anthony Nadalin , Nataraj Nagaratnam
发明人： Maryann Hondo , Anthony Nadalin , Nataraj Nagaratnam
IPC分类号： H04L9/00
CPC分类号： H04L63/102 , H04L63/08
摘要： A method, system and computer program product for implementing authorization policies for web services may include defining an authorization policy for access to a web service. The method, system and computer program product may also include attaching the authorization policy to a service definition for the web service.
摘要翻译：用于实现web服务的授权策略的方法，系统和计算机程序产品可以包括定义用于访问web服务的授权策略。方法，系统和计算机程序产品还可以包括将授权策略附加到web服务的服务定义。

3. 发明申请

US20070056026A1 Role-based access control management for multiple heterogeneous application components 失效
标题翻译：基于角色的多个异构应用程序组件的访问控制管理
公开(公告)号：US20070056026A1
公开(公告)日：2007-03-08
申请号：US11221630
申请日：2005-09-08
申请人： Kathryn Britton , Dieter Buehler , Ching-Yun Chao , Timothy Hahn , Anthony Nadalin , Nataraj Nagaratnam , Yi-Hsiu Wei , Chun Yang
发明人： Kathryn Britton , Dieter Buehler , Ching-Yun Chao , Timothy Hahn , Anthony Nadalin , Nataraj Nagaratnam , Yi-Hsiu Wei , Chun Yang
IPC分类号： H04L9/32
CPC分类号： G06F21/6236
摘要： Embodiments of the present invention address deficiencies of the art in respect to access control and provide a method, system and computer program product for access control management for a collection of heterogeneous application components. In a first embodiment, a data processing system for role-based access control management for multiple heterogeneous application components can include at least one business role descriptor associating a business role with multiple, different application roles for corresponding, disparate application components. The system also can include at least one access policy associating a user with the business role. Finally, the system can include policy deployment logic include program code enabled to process the access policy to assign the user to the different application roles in the disparate application components.
摘要翻译：本发明的实施例解决了本领域在访问控制方面的缺陷，并提供了用于异构应用组件的集合的访问控制管理的方法，系统和计算机程序产品。在第一实施例中，用于多个异构应用组件的用于基于角色的访问控制管理的数据处理系统可以包括将业务角色与用于相应的不同应用组件的多个不同应用角色相关联的至少一个业务角色描述符。系统还可以包括将用户与业务角色相关联的至少一个访问策略。最后，系统可以包括策略部署逻辑，包括能够处理访问策略的程序代码，以将用户分配给不同应用程序组件中的不同应用程序角色。

4. 发明申请

US20080022409A1 Method and system for message routing based on privacy policies 有权
标题翻译：基于隐私策略的消息路由方法和系统
公开(公告)号：US20080022409A1
公开(公告)日：2008-01-24
申请号：US11867291
申请日：2007-10-04
申请人： Maryann Hondo , Anthony Nadalin , Ajamu Wesley
发明人： Maryann Hondo , Anthony Nadalin , Ajamu Wesley
IPC分类号： G06F7/04
CPC分类号： H04L63/20 , H04L29/06 , H04L63/0478 , H04L63/104 , H04L67/322 , H04L69/329
摘要： A method, system, apparatus, or computer program product is presented for routing event messages between data processing systems based on privacy policies associated with the data processing systems and based on event policies associated with event types for the event messages. When a system attempts to publish an event message for a particular type of event or to subscribe to those event messages, an event policy is checked to determine whether the system may publish messages for that type of event or may subscribe to those messages. Moreover, if a publishing system publishes an event message that contains personally identifiable information for a user of a data processing system, and a subscribing system has subscribed to event messages having the same event type, then the privacy policies associated with the systems are compared to determine compatibility or incompatibility between the privacy policies before routing a message between the systems.
摘要翻译：呈现方法，系统，装置或计算机程序产品，用于基于与数据处理系统相关联的隐私策略并且基于与事件消息的事件类型相关联的事件策略在数据处理系统之间路由事件消息。当系统尝试为特定类型的事件发布事件消息或订阅这些事件消息时，将检查事件策略以确定系统是否可以为该类型的事件发布消息或者可以订阅这些消息。此外，如果发布系统发布包含用于数据处理系统的用户的个人身份信息的事件消息，并且订阅系统已订阅具有相同事件类型的事件消息，则将与系统相关联的隐私策略与在系统之间路由消息之前确定隐私策略之间的兼容性或不兼容性。

5. 发明申请

US20070083761A1 Generating evidence of web services transactions 有权
标题翻译：生成Web服务交易的证据
公开(公告)号：US20070083761A1
公开(公告)日：2007-04-12
申请号：US11245310
申请日：2005-10-06
申请人： Paul Bunter , Ralph Hertlein , Sreedhar Janaswamy , Rania Khalaf , Keeranoor Kumar , Michael McIntosh , Anthony Nadalin , Shishir Saxena , Ralph Williams
发明人： Paul Bunter , Ralph Hertlein , Sreedhar Janaswamy , Rania Khalaf , Keeranoor Kumar , Michael McIntosh , Anthony Nadalin , Shishir Saxena , Ralph Williams
IPC分类号： H04L9/00
CPC分类号： H04L9/3247 , H04L63/12 , H04L2209/56 , H04L2209/60 , H04L2209/68 , H04L2209/80
摘要： Methods, systems, and products are disclosed in which generating evidence of web services transactions are provided generally by receiving in an ultimate recipient web service from an initial sender a request, the request containing a proof of message origin (‘PMO’). The PMO contains an element addressed to the ultimate recipient web service and the element bears a first signature, the first signature having a value. Embodiments also include authenticating the identity of the initial sender; creating a proof of message receipt (‘PMR’) including signing the value of the first signature; sending the PMR to the initial sender, receiving, by the initial sender, the PMR; and saving, by the initial sender, the PMR.
摘要翻译：披露了方法，系统和产品，其中通常通过从初始发送者接收最终接收者Web服务的请求来提供Web服务交易的证据，该请求包含消息来源证据（“PMO”）。 PMO包含寻址到最终的接收者Web服务的元素，该元素具有第一个签名，第一个签名具有一个值。实施例还包括验证初始发送者的身份; 创建消息收据证明（“PMR”），包括签署第一个签名的价值; 将PMR发送到初始发送者，由初始发送者接收PMR; 并由初始发件人保存PMR。

6. 发明申请

US20050039158A1 Method and apparatus for adopting authorizations 失效
标题翻译：采用授权的方法和装置
公开(公告)号：US20050039158A1
公开(公告)日：2005-02-17
申请号：US10639862
申请日：2003-08-13
申请人： Lawrence Koved , Anthony Nadalin , Marco Pistoia
发明人： Lawrence Koved , Anthony Nadalin , Marco Pistoia
IPC分类号： G06F9/44
CPC分类号： G06F21/53
摘要： A method and apparatus for implementing a new Permission for methods that perform callback operations are provided. The method and apparatus provide an AdoptPermission Permission type that allows a method to pass a Java 2 authorization test without having the specific required Permissions expressly granted to the method and without the method having the AllPermission Permission granted to it. With the apparatus and method, an AdoptPermission Permission type is defined that operates to allow a ProtectionDomain to “adopt” a required Permission. However, this adoption of a required Permission can only be performed if the ProtectionDomain of at least one method in the thread stack has been granted a Permission that implies the required Permission. Thus, the AdoptPermission Permission type provides an intermediate mechanism that is not as over-inclusive as the AllPermission Permission type and is not as under-inclusive as requiring that all methods in the thread stack include the required Permission expressly granted to them.
摘要翻译：提供了一种用于实现执行回调操作的方法的新的Permission的方法和装置。该方法和设备提供了一个AdoptPermission权限类型，允许一种方法传递Java 2授权测试，而不会明确授予该方法的特定所需权限，而不授予其授予AllPermission权限的方法。使用设备和方法，定义了一个AdoptPermission权限类型，该类型用于允许ProtectionDomain“采用”所需的权限。但是，只有当线程堆栈中至少有一个方法的ProtectionDomain被授予一个隐含所需权限的权限时，才能执行所需的权限。因此，AdoptPermission Permission类型提供了一个不像AllPermission Permission类型那样超出包容性的中间机制，并且不包含要求线程堆栈中的所有方法都包含明确授予它们的所需权限。

7. 发明申请

US20080104698A1 METHOD AND APPARATUS FOR ADOPTING AUTHORIZATIONS 失效
标题翻译：通过授权的方法和装置
公开(公告)号：US20080104698A1
公开(公告)日：2008-05-01
申请号：US11968673
申请日：2008-01-03
申请人： Lawrence Koved , Anthony Nadalin , Marco Pistoia
发明人： Lawrence Koved , Anthony Nadalin , Marco Pistoia
IPC分类号： G06F21/00
CPC分类号： G06F21/53
摘要： A method and apparatus for implementing a new Permission for methods that perform callback operations are provided. The method and apparatus provide an AdoptPermission Permission type that allows a method to pass a Java 2 authorization test without having the specific required Permissions expressly granted to the method and without the method having the AllPermission Permission granted to it. With the apparatus and method, an AdoptPermission Permission type is defined that operates to allow a ProtectionDomain to “adopt” a required Permission. However, this adoption of a required Permission can only be performed if the ProtectionDomain of at least one method in the thread stack has been granted a Permission that implies the required Permission. Thus, the AdoptPermission Permission type provides an intermediate mechanism that is not as over-inclusive as the AllPermission Permission type and is not as under-inclusive as requiring that all methods in the thread stack include the required Permission expressly granted to them.
摘要翻译：提供了一种用于实现执行回调操作的方法的新的Permission的方法和装置。该方法和设备提供了一个AdoptPermission权限类型，允许一种方法传递Java 2授权测试，而不会明确授予该方法的特定所需权限，而不授予其授予AllPermission权限的方法。使用设备和方法，定义了一个AdoptPermission权限类型，该类型用于允许ProtectionDomain“采用”所需的权限。但是，只有当线程堆栈中至少有一个方法的ProtectionDomain被授予一个隐含所需权限的权限时，才能执行所需的权限。因此，AdoptPermission Permission类型提供了一个不像AllPermission Permission类型那样超出包容性的中间机制，并且不包含要求线程堆栈中的所有方法都包含明确授予它们的所需权限。

8. 发明申请

US20070234417A1 Method and system for native authentication protocols in a heterogeneous federated environment 失效
标题翻译：异构联盟环境中本地认证协议的方法和系统
公开(公告)号：US20070234417A1
公开(公告)日：2007-10-04
申请号：US11761818
申请日：2007-06-12
申请人： George Blakley III , Heather Hinton , Anthony Nadalin
发明人： George Blakley III , Heather Hinton , Anthony Nadalin
IPC分类号： H04L9/32
CPC分类号： H04L63/0281 , H04L63/0807 , H04L63/0815 , H04L63/0823 , H04L2463/102
摘要： A method is presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated single-sign-on operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the domain to manage trust relationships between the domain and the federation. Trust proxies interpret assertions from other federated domains as necessary. Trust proxies may have a trust relationship with one or more trust brokers, and a trust proxy may rely upon a trust broker for assistance in interpreting assertions.
摘要翻译：提出了一种方法，其中联合域在联合环境中相互作用。联盟内的域可以为其他联盟域的用户启动联合单点登录操作。域内的联络点服务器依赖于域内的信任代理来管理域和联盟之间的信任关系。信任代理根据需要解释其他联盟域的断言。信托代理可能与一个或多个信托经纪人有信任关系，信托代理可以依赖信托经纪人来解释断言。

9. 发明申请

US20060168132A1 Business messaging standards to web services 审中-公开
标题翻译： Web服务的商业消息标准
公开(公告)号：US20060168132A1
公开(公告)日：2006-07-27
申请号：US11264355
申请日：2005-10-31
申请人： Paul Bunter , Ralph Hertlein , Sreedhar Janaswamy , Rania Khalaf , Keeranoor Kumar , Michael Mcntosh , Anthony Nadalin , Shishir Saxena , Ralph Williams
发明人： Paul Bunter , Ralph Hertlein , Sreedhar Janaswamy , Rania Khalaf , Keeranoor Kumar , Michael Mcntosh , Anthony Nadalin , Shishir Saxena , Ralph Williams
IPC分类号： G06F15/16
CPC分类号： G06F9/547 , G06Q10/10 , H04L67/02
摘要： A web services framework consists of a modular, extensible stack of XML specifications and standards targeting the emerging infrastructure in which distributed, heterogeneous applications are exposed by different organizations as services on the Internet. These services have their capabilities described and published in a machine readable format.
摘要翻译： Web服务框架包括一个模块化的，可扩展的XML规范和标准栈，针对新兴基础架构，其中分布式异构应用程序由不同组织作为互联网上的服务公开。这些服务具有以机器可读格式描述和发布的功能。

10. 发明申请

US20060294366A1 Method and system for establishing a secure connection based on an attribute certificate having user credentials 审中-公开
标题翻译：基于具有用户凭证的属性证书建立安全连接的方法和系统
公开(公告)号：US20060294366A1
公开(公告)日：2006-12-28
申请号：US11165483
申请日：2005-06-23
申请人： Anthony Nadalin , Bruce Rich , Xiaoyan Zhang
发明人： Anthony Nadalin , Bruce Rich , Xiaoyan Zhang
IPC分类号： H04L9/00
CPC分类号： H04L9/3265 , H04L9/3271 , H04L63/061 , H04L63/0823 , H04L63/166 , H04L2209/56
摘要： A method and system is presented for supporting the establishment of a secure communication session within a data processing system. A certificate request command is sent from a server to a client. A certificate command is received at the server from the client in response to the certificate request command, and the certificate command is accompanied by a public key certificate and an attribute certificate that is digitally signed by a private key that is bound to the public key certificate. A secure communication session is established in response to successfully verifying the public key certificate. The attribute certificate contains credential information for an authentication operation or an authorization operation that is performed after establishment of the secure communication session.
摘要翻译：提出了一种用于支持在数据处理系统内建立安全通信会话的方法和系统。证书请求命令从服务器发送到客户端。响应于证书请求命令从客户端接收到证书命令，并且证书命令伴随有公钥证书和属性证书，该密钥证书和属性证书由绑定到公钥证书的私钥进行数字签名。响应成功验证公钥证书，建立安全通信会话。属性证书包含认证操作的证书信息或在建立安全通信会话之后执行的授权操作。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式