专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明申请

US20070083761A1 Generating evidence of web services transactions 有权
标题翻译：生成Web服务交易的证据
公开(公告)号：US20070083761A1
公开(公告)日：2007-04-12
申请号：US11245310
申请日：2005-10-06
申请人： Paul Bunter , Ralph Hertlein , Sreedhar Janaswamy , Rania Khalaf , Keeranoor Kumar , Michael McIntosh , Anthony Nadalin , Shishir Saxena , Ralph Williams
发明人： Paul Bunter , Ralph Hertlein , Sreedhar Janaswamy , Rania Khalaf , Keeranoor Kumar , Michael McIntosh , Anthony Nadalin , Shishir Saxena , Ralph Williams
IPC分类号： H04L9/00
CPC分类号： H04L9/3247 , H04L63/12 , H04L2209/56 , H04L2209/60 , H04L2209/68 , H04L2209/80
摘要： Methods, systems, and products are disclosed in which generating evidence of web services transactions are provided generally by receiving in an ultimate recipient web service from an initial sender a request, the request containing a proof of message origin (‘PMO’). The PMO contains an element addressed to the ultimate recipient web service and the element bears a first signature, the first signature having a value. Embodiments also include authenticating the identity of the initial sender; creating a proof of message receipt (‘PMR’) including signing the value of the first signature; sending the PMR to the initial sender, receiving, by the initial sender, the PMR; and saving, by the initial sender, the PMR.
摘要翻译：披露了方法，系统和产品，其中通常通过从初始发送者接收最终接收者Web服务的请求来提供Web服务交易的证据，该请求包含消息来源证据（“PMO”）。 PMO包含寻址到最终的接收者Web服务的元素，该元素具有第一个签名，第一个签名具有一个值。实施例还包括验证初始发送者的身份; 创建消息收据证明（“PMR”），包括签署第一个签名的价值; 将PMR发送到初始发送者，由初始发送者接收PMR; 并由初始发件人保存PMR。

12. 发明申请

US20060004662A1 Method and system for a PKI-based delegation process 失效
标题翻译：基于PKI的委托过程的方法和系统
公开(公告)号：US20060004662A1
公开(公告)日：2006-01-05
申请号：US10881978
申请日：2004-06-30
申请人： Anthony Nadalin , Bruce Rich , Xiaoyan Zhang
发明人： Anthony Nadalin , Bruce Rich , Xiaoyan Zhang
IPC分类号： H04L9/00
CPC分类号： H04L63/02 , H04L9/006 , H04L9/0825 , H04L9/3213 , H04L9/3247 , H04L9/3268 , H04L63/0807 , H04L63/0823 , H04L2209/76 , H04L2463/062
摘要： A client generates a session key and a delegation ticket containing information for a requested delegation operation. The client generates a first copy of the session key and encrypts it using a public key of a proxy. The client generates a second copy of the session key and encrypts it using a public key of a server. The client then puts the encrypted session keys and delegation ticket into a first message that is sent to the proxy. The proxy extracts and decrypts its copy of the session key from the first message. The proxy then encrypts a proof-of-delegation data item with the session key and places it and the delegation ticket along with the encrypted copy of the session key for the server into a second message, which is sent to the server. The server extracts and decrypts its copy of the session key from the second message and uses the session key to obtain the proof-of-delegation data. Authority is successfully delegated to the proxy only if the server can verify the proof-of-delegation data.
摘要翻译：客户端生成会话密钥和包含所请求的委派操作的信息的委托票证。客户端生成会话密钥的第一个副本，并使用代理的公钥对其进行加密。客户端生成会话密钥的第二个副本，并使用服务器的公钥对其进行加密。然后，客户端将加密的会话密钥和委派票证放入发送到代理的第一条消息中。代理从第一条消息中提取并解密会话密钥的副本。然后，代理使用会话密钥对代理证件数据项进行加密，并将其和委托凭证以及服务器的会话密钥的加密副本一起放入发送到服务器的第二个消息中。服务器从第二个消息中提取和解密其会话密钥的副本，并使用会话密钥获取授权证明数据。只有当服务器可以验证授权证明数据时，才将成功委托给代理。

13. 发明申请

US20050223412A1 Context-sensitive confidentiality within federated environments 失效
标题翻译：联合环境中的上下文敏感机密性
公开(公告)号：US20050223412A1
公开(公告)日：2005-10-06
申请号：US10814090
申请日：2004-03-31
申请人： Anthony Nadalin , Ajamu Wesley
发明人： Anthony Nadalin , Ajamu Wesley
IPC分类号： G06F11/30 , G06F12/14 , H04L9/00 , H04L9/32 , H04L29/06
CPC分类号： H04L63/0428 , G06F21/6209 , H04L63/126
摘要： Techniques are disclosed for achieving context-sensitive confidentiality within a federated environment for which content is aggregated in a distributed Web portal (or similar aggregation framework), ensuring that message portions that should be confidential are confidential to all entities in the federated environment except those entities to which the message portions may properly be divulged. The federation may comprise an arbitrary number of autonomous security domains, and these security domains may have independent trust models and authentication services. Using the disclosed techniques, messages can be routed securely within a cross-domain federation (irrespective of routing paths), thereby ensuring that confidential information is not exposed to unintended third parties and that critical information is not tampered with while in transit between security domains. Preferred embodiments leverage Web services techniques and a number of industry standards.
摘要翻译：披露技术用于在分布式Web门户（或类似的聚合框架）内聚合内容的联合环境中实现上下文敏感的机密性，确保应该保密的消息部分对于联合环境中除实体之外的所有实体是机密的消息部分可以正确地泄露给消息部分。联盟可以包括任意数量的自治安全域，并且这些安全域可以具有独立的信任模型和认证服务。使用所公开的技术，可以在跨域联合（不管路由路径）内安全地路由消息，从而确保机密信息不会暴露给无意的第三方，并且关键信息在安全域之间传输时不被篡改。优选实施例利用Web服务技术和许多行业标准。

14. 发明授权

US08261330B2 Federated identity brokering 失效
标题翻译：联合身份中介
公开(公告)号：US08261330B2
公开(公告)日：2012-09-04
申请号：US12547081
申请日：2009-08-25
申请人： Barry D. Atkins , David O. Melgar , Anthony Nadalin , Ajamu A. Wesley
发明人： Barry D. Atkins , David O. Melgar , Anthony Nadalin , Ajamu A. Wesley
IPC分类号： G06F9/40 , G06F21/20
CPC分类号： H04L63/0823 , H04L29/06
摘要： A method, system and apparatus for federated identity brokering. In accordance with the present invention, a credential processing gateway can be disposed between one or more logical services and one or more service requesting clients in a computer communications network. Acting as a proxy and a trusted authority to the logical services, the credential processing gateway can map the credentials of the service requesting clients to the certification requirements of the logical services. In this way, the credential processing gateway can act as a federated identity broker in providing identity certification services for a multitude of different service requesting clients without requiring the logical services to include a pre-configuration for specifically processing the credentials of particular service requesting clients.
摘要翻译：用于联合身份代理的方法，系统和装置。根据本发明，可以在一个或多个逻辑服务与计算机通信网络中的一个或多个服务请求客户端之间设置凭证处理网关。作为逻辑服务的代理和信任机构，凭证处理网关可以将请求客户端的服务的凭证映射到逻辑服务的认证要求。以这种方式，证书处理网关可以充当联合身份代理，为多个不同服务请求客户端提供身份认证服务，而不需要逻辑服务包括特定处理特定服务请求客户端的凭证的预配置。

15. 发明申请

US20090313467A1 FEDERATED IDENTITY BROKERING 失效
标题翻译：联合身份认证
公开(公告)号：US20090313467A1
公开(公告)日：2009-12-17
申请号：US12547081
申请日：2009-08-25
申请人： Barry D. Atkins , David O. Melgar , Anthony Nadalin , Ajamu A. Wesley
发明人： Barry D. Atkins , David O. Melgar , Anthony Nadalin , Ajamu A. Wesley
IPC分类号： H04L9/32 , G06F21/00
CPC分类号： H04L63/0823 , H04L29/06
摘要： A method, system and apparatus for federated identity brokering. In accordance with the present invention, a credential processing gateway can be disposed between one or more logical services and one or more service requesting clients in a computer communications network. Acting as a proxy and a trusted authority to the logical services, the credential processing gateway can map the credentials of the service requesting clients to the certification requirements of the logical services. In this way, the credential processing gateway can act as a federated identity broker in providing identity certification services for a multitude of different service requesting clients without requiring the logical services to include a pre-configuration for specifically processing the credentials of particular service requesting clients.
摘要翻译：用于联合身份代理的方法，系统和装置。根据本发明，可以在一个或多个逻辑服务与计算机通信网络中的一个或多个服务请求客户端之间设置凭证处理网关。作为逻辑服务的代理和信任机构，凭证处理网关可以将请求客户端的服务的凭证映射到逻辑服务的认证要求。以这种方式，证书处理网关可以充当联合身份代理，为多个不同服务请求客户端提供身份认证服务，而不需要逻辑服务包括特定处理特定服务请求客户端的凭证的预配置。

16. 发明申请

US20080022409A1 Method and system for message routing based on privacy policies 有权
标题翻译：基于隐私策略的消息路由方法和系统
公开(公告)号：US20080022409A1
公开(公告)日：2008-01-24
申请号：US11867291
申请日：2007-10-04
申请人： Maryann Hondo , Anthony Nadalin , Ajamu Wesley
发明人： Maryann Hondo , Anthony Nadalin , Ajamu Wesley
IPC分类号： G06F7/04
CPC分类号： H04L63/20 , H04L29/06 , H04L63/0478 , H04L63/104 , H04L67/322 , H04L69/329
摘要： A method, system, apparatus, or computer program product is presented for routing event messages between data processing systems based on privacy policies associated with the data processing systems and based on event policies associated with event types for the event messages. When a system attempts to publish an event message for a particular type of event or to subscribe to those event messages, an event policy is checked to determine whether the system may publish messages for that type of event or may subscribe to those messages. Moreover, if a publishing system publishes an event message that contains personally identifiable information for a user of a data processing system, and a subscribing system has subscribed to event messages having the same event type, then the privacy policies associated with the systems are compared to determine compatibility or incompatibility between the privacy policies before routing a message between the systems.
摘要翻译：呈现方法，系统，装置或计算机程序产品，用于基于与数据处理系统相关联的隐私策略并且基于与事件消息的事件类型相关联的事件策略在数据处理系统之间路由事件消息。当系统尝试为特定类型的事件发布事件消息或订阅这些事件消息时，将检查事件策略以确定系统是否可以为该类型的事件发布消息或者可以订阅这些消息。此外，如果发布系统发布包含用于数据处理系统的用户的个人身份信息的事件消息，并且订阅系统已订阅具有相同事件类型的事件消息，则将与系统相关联的隐私策略与在系统之间路由消息之前确定隐私策略之间的兼容性或不兼容性。

17. 发明申请

US20060230430A1 METHOD AND SYSTEM FOR IMPLEMENTING AUTHORIZATION POLICIES FOR WEB SERVICES 有权
标题翻译：执行WEB服务授权政策的方法和系统
公开(公告)号：US20060230430A1
公开(公告)日：2006-10-12
申请号：US10907577
申请日：2005-04-06
申请人： Maryann Hondo , Anthony Nadalin , Nataraj Nagaratnam
发明人： Maryann Hondo , Anthony Nadalin , Nataraj Nagaratnam
IPC分类号： H04L9/00
CPC分类号： H04L63/102 , H04L63/08
摘要： A method, system and computer program product for implementing authorization policies for web services may include defining an authorization policy for access to a web service. The method, system and computer program product may also include attaching the authorization policy to a service definition for the web service.
摘要翻译：用于实现web服务的授权策略的方法，系统和计算机程序产品可以包括定义用于访问web服务的授权策略。方法，系统和计算机程序产品还可以包括将授权策略附加到web服务的服务定义。

18. 发明授权

US07000108B1 System, apparatus and method for presentation and manipulation of personal information syntax objects 失效
标题翻译：用于呈现和操纵个人信息语法对象的系统，装置和方法
公开(公告)号：US07000108B1
公开(公告)日：2006-02-14
申请号：US09562162
申请日：2000-05-02
申请人： Julianne Yarsa , Anthony Nadalin , Bruce A. Rich , Theodore Jack London Shrader
发明人： Julianne Yarsa , Anthony Nadalin , Bruce A. Rich , Theodore Jack London Shrader
IPC分类号： H04L9/00 , H04K1/00
CPC分类号： G06F21/6236 , G06F9/451 , G06F21/604
摘要： A system, apparatus and method for processing Personal InFormation EXchange Syntax (PFX) objects in a data processing system is presented. The PFX object may be formatted, i.e. may maintain a syntax, as defined by PKCS (Public Key Cryptography Standard) standards, and in particular PKCS #12. A PFX object utility allows a user to view and edit the contents of data objects embedded within a PFX object via a graphical user interface. Graphical objects represent the data objects embedded within a PFX object. A user may drag and drop objects onto other objects within the PFX object, and the PFX object utility automatically performs the necessary operations.
摘要翻译：提出了一种用于处理数据处理系统中个人InFormation EXchange语法（PFX）对象的系统，设备和方法。 PFX对象可以被格式化，即可以保持由PKCS（公共密钥加密标准）标准定义的语法，特别是PKCS＃12。 PFX对象实用程序允许用户通过图形用户界面查看和编辑嵌入在PFX对象内的数据对象的内容。图形对象表示嵌入在PFX对象中的数据对象。用户可以将对象拖放到PFX对象中的其他对象上，PFX对象实用程序会自动执行必要的操作。

19. 发明申请

US20050114701A1 Federated identity management within a distributed portal server 失效
标题翻译：分布式门户服务器内的联合身份管理
公开(公告)号：US20050114701A1
公开(公告)日：2005-05-26
申请号：US10719490
申请日：2003-11-21
申请人： Barry Atkins , David Melgar , Anthony Nadalin , Ajamu Wesley
发明人： Barry Atkins , David Melgar , Anthony Nadalin , Ajamu Wesley
IPC分类号： H04L9/32 , H04L29/06 , H04L9/00
CPC分类号： H04L63/08 , H04L9/3226 , H04L9/3247 , H04L2209/56 , H04L2209/60 , H04L2209/76
摘要： Techniques are disclosed for federating identity management within a distributed portal server, leveraging Web services techniques and a number of industry standards. Identities are managed across autonomous security domains which may be comprised of independent trust models, authentication services, and user enrollment services. The disclosed techniques enable integrating third-party Web services-based portlets, which rely on various potentially-different security mechanisms, within a common portal page.
摘要翻译：披露了在分布式门户服务器内联合身份管理的技术，利用Web服务技术和许多行业标准。身份在跨独立的安全域管理，可以由独立的信任模型，认证服务和用户注册服务组成。所公开的技术使得能够在通用门户页面内集成依赖各种潜在不同的安全机制的第三方基于Web服务的portlet。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式