专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明授权

US07698375B2 Method and system for pluggability of federation protocol runtimes for federated user lifecycle management 有权
标题翻译：用于联合用户生命周期管理的联盟协议运行时的可插拔方法和系统
公开(公告)号：US07698375B2
公开(公告)日：2010-04-13
申请号：US10896353
申请日：2004-07-21
申请人： Heather Maria Hinton , Dolapo Martin Falola , Anthony Scott Moran , Patrick Ryan Wardrop
发明人： Heather Maria Hinton , Dolapo Martin Falola , Anthony Scott Moran , Patrick Ryan Wardrop
IPC分类号： G06F15/16
CPC分类号： H04L63/0823 , G06F21/41 , G06F2221/2115 , G06Q10/10 , H04L63/02 , H04L63/0815
摘要： A method and a system are presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the domain to manage trust relationships between the domain and the federation. The point-of-contact server receives incoming requests directed to the domain and interfaces with a first application server and a second application server, wherein the first application server responds to requests for access to controlled resources and the second application server responds to requests for access to federated user lifecycle management functions, which are implemented using one or more pluggable modules that interface with the second application server.
摘要翻译：提出了一种方法和系统，其中联合域在联合环境中相互作用。联盟内的域可以为其他联盟域的用户启动联合操作。域内的联络点服务器依赖于域内的信任代理来管理域和联盟之间的信任关系。联络点服务器接收定向到域的传入请求并与第一应用服务器和第二应用服务器进行接口，其中第一应用服务器响应对受控资源的访问请求，第二应用服务器响应访问请求联合用户生命周期管理功能，其使用与第二应用服务器接口的一个或多个可插拔模块来实现。

12. 发明申请

US20080271121A1 EXTERNAL USER LIFECYCLE MANAGEMENT FOR FEDERATED ENVIRONMENTS 审中-公开
标题翻译：联合环境外部用户生物多样性管理
公开(公告)号：US20080271121A1
公开(公告)日：2008-10-30
申请号：US11740956
申请日：2007-04-27
申请人： Heather Maria Hinton , Patrick Ryan Wardrop , Anthony Scott Moran
发明人： Heather Maria Hinton , Patrick Ryan Wardrop , Anthony Scott Moran
IPC分类号： H04L9/32
CPC分类号： H04L63/0815
摘要： The present invention provides a generic technique that externalizes the management of a user session, particularly in the context of a federated environment. The invention obviates any requirement to design and implement special software (or any requirement to modify a previously installed plug-in) to enable third party SSOp-aware applications to manage the lifecycle of a user session. In an illustrative embodiment, the user session lifecycle is managed externally through an external authentication interface (EAI) that has been extended to enable any POC (or SSOp-aware application) to interface to a federated identity provider component using a simple HTTP transport mechanism. In the inventive approach, HTTP request and response headers carry the information that is used by the POC to initiate and later destroy a user session, and such information is provided by a federated entity without requiring use of a special authentication API.
摘要翻译：本发明提供了外部化用户会话的管理的通用技术，特别是在联合环境的上下文中。本发明避免了设计和实施特殊软件（或任何修改先前安装的插件的要求）的任何要求，以使第三方SSOp感知应用程序能够管理用户会话的生命周期。在说明性实施例中，用户会话生命周期通过外部认证接口（EAI）进行外部管理，外部认证接口（EAI）已被扩展以使得任何POC（或SSOp感知应用）能够使用简单的HTTP传输机制与联合身份提供商组件接口。在本发明的方法中，HTTP请求和响应报头携带由POC使用以发起和稍后销毁用户会话的信息，并且这种信息由联合实体提供，而不需要使用特殊认证API。

13. 发明申请

US20090129596A1 System and Method for Controlling Comments in a Collaborative Document 有权
标题翻译：在协作文件中控制注释的系统和方法
公开(公告)号：US20090129596A1
公开(公告)日：2009-05-21
申请号：US11941250
申请日：2007-11-16
申请人： Timothy R. Chavez , Jacob Daniel Eisinger , Jennifer Elizabeth King , William Alexander Reichert, III , Patrick Ryan Wardrop
发明人： Timothy R. Chavez , Jacob Daniel Eisinger , Jennifer Elizabeth King , William Alexander Reichert, III , Patrick Ryan Wardrop
IPC分类号： H04L9/14 , G06F17/21
CPC分类号： G06F17/241
摘要： A system, method, and program product is provided that operates when opening a word processing document that includes document content inserted at various insertion points within the document. The document is opened by a user that corresponds to a particular user identifier. The comments included in the document include recipient identifiers. A first set of comments are selected where the user's identifier is included in the recipient identifiers of the corresponding comments, and a second set of comments are selected where the user's identifier is not included in the recipient identifiers of the corresponding comments. The word processor displays the first set of comments at their respective insertion points within the document content and does not present the second set of comments.
摘要翻译：提供了一种系统，方法和程序产品，其在打开包含在文档中的各种插入点处插入的文档内容的文字处理文档时操作。文档由与特定用户标识符相对应的用户打开。文档中包含的注释包括收件人标识符。选择第一组注释，其中用户的标识符被包括在相应注释的接收者标识符中，并且选择第二组注释，其中用户的标识符不包括在相应注释的接收者标识符中。文字处理器在文档内容中的各自的插入点处显示第一组注释，并且不显示第二组注释。

14. 发明授权

US07426713B2 Controlling a GUI display for a plug-in 失效
标题翻译：控制插件的GUI显示
公开(公告)号：US07426713B2
公开(公告)日：2008-09-16
申请号：US10815214
申请日：2004-03-31
申请人： Matthew Paul Duggan , Dolapo Martin Falola , Patrick Ryan Wardrop
发明人： Matthew Paul Duggan , Dolapo Martin Falola , Patrick Ryan Wardrop
IPC分类号： G06F9/44
CPC分类号： G06F9/445 , G06F9/451
摘要： Methods, systems, and computer program products are provided for controlling a GUI display for a plug-in in an application supporting plug-ins. Embodiments include receiving, at run time, in the application from the plug-in a request to display a GUI object; responsive to the request, retrieving an XML representation of the GUI object; and displaying the GUI object in dependence upon the retrieved XML representation of the GUI object. Typical embodiments also include receiving from the plug-in a request to retrieve user input responsive to the GUI object; and returning to the plug-in responsive user input.
摘要翻译：提供了方法，系统和计算机程序产品，用于控制支持插件的应用程序中插件的GUI显示。实施例包括在运行时在应用程序中从插件接收显示GUI对象的请求; 响应于该请求，检索GUI对象的XML表示; 以及根据所检索的GUI对象的XML表示来显示GUI对象。典型实施例还包括从插件接收响应于GUI对象检索用户输入的请求; 并返回到插件响应用户输入。

15. 发明授权

US08291230B2 Method and system for signing JavaScript object notation (JSON) messages 有权
标题翻译：用于签署JavaScript对象表示法（JSON）消息的方法和系统
公开(公告)号：US08291230B2
公开(公告)日：2012-10-16
申请号：US12356290
申请日：2009-01-20
申请人： Timothy Walter Moore , Patrick Ryan Wardrop , Michael McIntosh
发明人： Timothy Walter Moore , Patrick Ryan Wardrop , Michael McIntosh
IPC分类号： H04L9/32 , G06F21/00 , G06F15/16 , H04L12/58 , H04W4/14 , H04W4/18 , H04M11/00
CPC分类号： H04L9/3236 , H04L9/3247 , H04L2209/60 , H04L2209/805
摘要： A machine-implemented method for signing a JSON message begins by constructing a reference element for each data object in the JSON message. The data object is identified by a reference identifier that includes a pointer to a digest method, and a digest generated by applying the digest method to the data object. Then, a signature information element is constructed for reference elements corresponding to data objects in the message. The signature information element includes a pointer to a signature method, as well as one or more reference elements, or a canonical form of the one or more reference elements. Then, a signature element is constructed that includes the signature information element, and a signature value generated by applying the signature method to the signature information element. The signature enables a sending entity to generate a digest on a JSON message and to secure the digests using a signing key.
摘要翻译：用于签名JSON消息的机器实现方法首先为JSON消息中的每个数据对象构造一个引用元素。数据对象由包含指向摘要方法的指针的引用标识符和通过将摘要方法应用于数据对象而生成的摘要来标识。然后，为对应于消息中的数据对象的参考元素构造签名信息元素。签名信息元素包括指向签名方法的指针，以及一个或多个参考元素或一个或多个参考元素的规范形式。然后，构造签名元素，其包括签名信息元素，以及通过将签名方法应用于签名信息元素而生成的签名值。签名使发送实体能够生成JSON消息上的摘要，并使用签名密钥来保护摘要。

16. 发明授权

US08181225B2 Specializing support for a federation relationship 失效
标题翻译：专门支持联盟关系
公开(公告)号：US08181225B2
公开(公告)日：2012-05-15
申请号：US12481007
申请日：2009-06-09
申请人： Heather Maria Hinton , Anthony Scott Moran , Dolapo Martin Falola , Ivan Matthew Milman , Patrick Ryan Wardrop
发明人： Heather Maria Hinton , Anthony Scott Moran , Dolapo Martin Falola , Ivan Matthew Milman , Patrick Ryan Wardrop
IPC分类号： G06F7/04
CPC分类号： H04L63/0815 , H04L67/30
摘要： The invention provides federated functionality within a data processing system by means of a set of specialized runtimes, which are instances of an application for providing federation services to requesters. Each of the plurality of specialized runtimes provides requested federation services for selected ones of the requestors according to configuration data of respective federation relationships of the requestors with the identity provider. The configuration data is dynamically retrieved during initialization of the runtimes which allows the respective_runtime to be specialized for a given federation relationship. Requests are routed to the appropriate specialized runtime using the first requestor identity and the given federation relationship. The data, which describes each federation relationship between the identity provider and each of the plurality of requestors, is configured prior to initialization of the runtimes.
摘要翻译：本发明通过一组专用运行时提供数据处理系统内的联合功能，这是一组向需求者提供联合服务的应用的实例。多个专用运行时间中的每一个根据请求者与身份提供者的各自的联合关系的配置数据，为所选请求者提供所请求的联合服务。在运行时的初始化期间动态地检索配置数据，这允许相应的运行时间针对给定的联合关系而专门化。请求使用第一请求者标识和给定的联合关系路由到适当的专用运行时。在初始化运行时之前配置描述身份提供者与多个请求者中的每一个之间的每个联合关系的数据。

17. 发明授权

US08140643B2 Managing user personal information across web sites 有权
标题翻译：跨网站管理用户个人信息
公开(公告)号：US08140643B2
公开(公告)日：2012-03-20
申请号：US12164406
申请日：2008-06-30
申请人： Jiayue Chen , Matthew Paul Duggan , Patrick Ryan Wardrop
发明人： Jiayue Chen , Matthew Paul Duggan , Patrick Ryan Wardrop
IPC分类号： G06F15/16
CPC分类号： G06F17/243 , G06F17/30899
摘要： A method of managing user personal information across a set of service provider sites is implemented, preferably as a web browser plug-in function. As a user navigates to a service provider web site and performs an interaction involving user identity attribute data, the interaction is recorded for later replay. Typically, the interaction is a graphical user interface (GUI) interaction. At a later time, previously-recorded interactions at service provider sites are replayed automatically, i.e., without requiring the user to navigate back to the individual sites and perform the interactions, and (during the replay operation) the user's previously-entered identity attribute data is located and retrieved. A display of the identity attribute data collected from the service provider sites then can be examined, e.g., for any inconsistency among the data. If the user then updates identity attribute data for a given service provider site, the identity attribute data for the site is automatically updated, once again without requiring the user to navigate to the site and re-enter the update directly. The method enables the user to ensure that his or her personal data stored at the service provider sites is up-to-date and synchronized.
摘要翻译：管理一组服务提供商站点中的用户个人信息的方法被实现，优选地作为web浏览器插件功能。当用户导航到服务提供商网站并执行涉及用户身份属性数据的交互时，记录交互以便稍后重放。通常，交互是图形用户界面（GUI）交互。在稍后的时间，服务提供商站点上先前记录的交互被自动重播，即，不要求用户返回到各个站点并执行交互，并且（在重放操作期间）用户先前输入的身份属性数据位于并检索。然后可以检查从服务提供商站点收集的身份属性数据的显示，例如数据之间的任何不一致性。如果用户然后更新给定服务提供商站点的身份属性数据，则站点的身份属性数据将再次自动更新，而不需要用户导航到站点并直接重新输入更新。该方法使得用户能够确保他/她的存储在服务提供商站点的个人数据是最新的和同步的。

18. 发明申请

US20110131643A1 Token Mediation Service in a Data Management System 有权
标题翻译：令牌调解服务在数据管理系统中
公开(公告)号：US20110131643A1
公开(公告)日：2011-06-02
申请号：US12628477
申请日：2009-12-01
申请人： Calvin D. Lawrence , Miguel A. Ortiz , Patrick Ryan Wardrop
发明人： Calvin D. Lawrence , Miguel A. Ortiz , Patrick Ryan Wardrop
IPC分类号： H04L9/32
CPC分类号： H04L9/3213 , H04L9/3271 , H04L2209/56 , H04L2209/80
摘要： A method and system for mediating security tokens to authorization data transactions in a data management system. The methods and systems intercept a data request between two applications or services, and validate and translate a security token sent with the data request from a format compatible with the first application or service to a format compatible with the second application or service.
摘要翻译：一种用于在数据管理系统中调解安全令牌以授权数据事务的方法和系统。方法和系统拦截两个应用程序或服务之间的数据请求，并且将从数据请求发送的安全令牌从与第一应用程序或服务兼容的格式验证并转换为与第二应用程序或服务兼容的格式。

19. 发明申请

US20100146290A1 TOKEN CACHING IN TRUST CHAIN PROCESSING 有权
公开(公告)号：US20100146290A1
公开(公告)日：2010-06-10
申请号：US12327899
申请日：2008-12-04
申请人： David Werner Bachmann , Nicholas George Harlow , Heather Maria Hinton , Patrick Ryan Wardrop
发明人： David Werner Bachmann , Nicholas George Harlow , Heather Maria Hinton , Patrick Ryan Wardrop
IPC分类号： H04L9/00
CPC分类号： H04L63/0815 , H04L63/0823
摘要： A method, system, and computer usable program product for token caching in a trust chain processing are provided in the illustrative embodiments. An information in a token associated with a first request is mapped. A determination is made whether a requester of the first request has provided a constraint in the first request, the constraint concerning the token, the constraint forming a client constraint. The client constraint is stored. The information and the mapped information is stored, forming stored information. The token is received in a second request. The stored information is reused if the client constraint allows reusing the stored information. A further determination may be made whether a target system receiving the mapped information has provided a server constraint, the second constraint concerning the mapped information, the second constraint forming a server constraint. The stored information may be reused if the server constraint allows reusing the stored information.
摘要翻译：在说明性实施例中提供了用于信任链处理中的令牌缓存的方法，系统和计算机可用程序产品。与第一个请求相关联的令牌中的信息被映射。确定第一请求的请求者是否在第一请求中提供约束，关于令牌的约束，形成客户约束的约束。客户端约束被存储。存储信息和映射信息，形成存储的信息。令牌在第二个请求中被接收。如果客户端约束允许重用存储的信息，则存储的信息被重新使用。可以进一步确定接收映射信息的目标系统是否提供了服务器约束，关于映射信息的第二约束，形成服务器约束的第二约束。如果服务器约束允许重用存储的信息，则可以重新使用所存储的信息。

20. 发明申请

US20090125972A1 FEDERATED SINGLE SIGN-ON (F-SSO) REQUEST PROCESSING USING A TRUST CHAIN HAVING A CUSTOM MODULE 有权
标题翻译：联合单点登录（F-SSO）使用具有自定义模块的信任链的请求处理
公开(公告)号：US20090125972A1
公开(公告)日：2009-05-14
申请号：US11939749
申请日：2007-11-14
申请人： Heather Maria Hinton , Patrick Ryan Wardrop , Parley Avery Salmon
发明人： Heather Maria Hinton , Patrick Ryan Wardrop , Parley Avery Salmon
IPC分类号： G06F17/00 , G06F21/00
CPC分类号： H04L63/126 , G06F21/41 , H04L63/0815
摘要： Federated single sign on (F-SSO) uses a token service that fulfills requests by executing a module chain comprising a set of modules. F-SSO runtime processing is enhanced by enabling a federated entity user to define a custom module to include in the chain. The custom module includes one or more name-value pairs, wherein a given name-value pair has a value that may be validated against an entity-defined rule. The rule is determined during the processing of the custom module based on one or more invocation parameters of the module chain. In a runtime operation, F-SSO begins in response to receipt of a token. In response, the processing of the module chain that includes the custom module is initiated. During processing of the custom module, an attempt is made to validate the value of a name-value pair based on the rule. If the value of the name-value pair based on the rule can be validated, processing of the module chain continues. This approach enables finer granularity on the information that can be asserted or required as part of an F-SSO flow.
摘要翻译：联合单点登录（F-SSO）使用通过执行包括一组模块的模块链来满足请求的令牌服务。通过使联合实体用户能够定义要包含在链中的自定义模块来增强F-SSO运行时处理。自定义模块包括一个或多个名称 - 值对，其中给定的名称 - 值对具有可以根据实体定义的规则被验证的值。在根据模块链的一个或多个调用参数处理自定义模块期间确定规则。在运行时操作中，F-SSO响应于令牌的接收而开始。作为响应，启动了包含定制模块的模块链的处理。在自定义模块的处理期间，尝试根据规则验证名称 - 值对的值。如果可以验证基于规则的名称 - 值对的值，则模块链的处理将继续进行。这种方法可以在作为F-SSO流程的一部分可以被断言或需要的信息上实现更精细的粒度。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式