专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

21. 发明申请

US20080293379A1 METHOD AND APPARATUS FOR ACCESSING A FOREIGN NETWORK WITH AN OBFUSCATED MOBILE DEVICE USER IDENTITY 有权
标题翻译：用于接收具有移动移动设备用户身份的外部网络的方法和装置
公开(公告)号：US20080293379A1
公开(公告)日：2008-11-27
申请号：US11752988
申请日：2007-05-24
申请人： Heather Maria Hinton , Alastair John Angwin , Mark Pozefsky
发明人： Heather Maria Hinton , Alastair John Angwin , Mark Pozefsky
IPC分类号： H04M1/66
CPC分类号： H04L63/0414 , H04W12/02 , H04W84/042 , H04W88/02 , H04W88/16
摘要： A mobile device identifier (such as an MSISDN) that typically accompanies a mobile device request is replaced with an “enriched” identifier that exposes the mobile device user's home operator but obfuscates the mobile device's (and, thus, the device user's) identity. In one embodiment, the identifier comprises a first part, and a second part. The first part comprises a data string that identifies (either directly or through a database lookup) the mobile device user's home operator. The second part, however, is an opaque data string, such as a one-time-use unique identifier (UID) or a value that is otherwise derived as a function of the MSISDN (or the like). The opaque data string encodes the mobile device's identity in a manner that preferably can be recovered only by the user's home operator (or an entity authorized thereby). When the mobile device user roams into a foreign network, that network receives the enriched identifier in lieu of an MSISDN. The foreign network uses the first part to identify the mobile device user's home network, e.g., to determine whether to permit the requested access (or to provide some other value-added service). The foreign network, however, cannot decode the second part; thus, the mobile device's identity (as well as the identity of the mobile device user) remains obscured. This ensures that the user's privacy is maintained, while preventing third parties from building a profile of the device based on the requests that include the MSISDN or similar identifier.
摘要翻译：通常伴随移动设备请求的移动设备标识符（例如，MSISDN）被暴露于移动设备用户的本地操作员但是模糊移动设备（以及因此设备用户的身份）的“丰富”标识符所替代。在一个实施例中，标识符包括第一部分和第二部分。第一部分包括标识（直接地或通过数据库查找）移动设备用户的本地操作员的数据串。然而，第二部分是不透明的数据串，例如一次性使用的唯一标识符（UID）或另外被导出为MSISDN（或类似的）的函数的值）。不透明数据串以优选仅由用户的家庭运营商（或由其授权的实体）恢复的方式对移动设备的身份进行编码。当移动设备用户漫游到外部网络时，该网络接收到代替MSISDN的富集标识符。外部网络使用第一部分来识别移动设备用户的家庭网络，例如，以确定是否允许所请求的访问（或提供一些其他增值服务）。然而，外部网络无法解码第二部分; 因此，移动设备的身份（以及移动设备用户的身份）仍然被遮蔽。这确保了用户的隐私被维护，同时防止第三方基于包括MSISDN或类似标识符的请求构建设备的配置文件。

22. 发明授权

US09825916B2 Method and apparatus for accessing a foreign network with an obfuscated mobile device user identity 有权
公开(公告)号：US09825916B2
公开(公告)日：2017-11-21
申请号：US11752988
申请日：2007-05-24
申请人： Heather Maria Hinton , Alastair John Angwin , Mark Pozefsky
发明人： Heather Maria Hinton , Alastair John Angwin , Mark Pozefsky
IPC分类号： H04L29/06 , H04W12/02 , H04W84/04 , H04W88/02 , H04W88/16
CPC分类号： H04L63/0414 , H04W12/02 , H04W84/042 , H04W88/02 , H04W88/16
摘要： A mobile device identifier (such as an MSISDN) that typically accompanies a mobile device request is replaced with an “enriched” identifier that exposes the mobile device user's home operator but obfuscates the mobile device's (and, thus, the device user's) identity. In one embodiment, the identifier comprises a first part, and a second part. The first part comprises a data string that identifies (either directly or through a database lookup) the mobile device user's home operator. The second part, however, is an opaque data string, such as a one-time-use unique identifier (UID) or a value that is otherwise derived as a function of the MSISDN (or the like). The opaque data string encodes the mobile device's identity in a manner that preferably can be recovered only by the user's home operator (or an entity authorized thereby). When the mobile device user roams into a foreign network, that network receives the enriched identifier in lieu of an MSISDN. The foreign network uses the first part to identify the mobile device user's home network, e.g., to determine whether to permit the requested access (or to provide some other value-added service). The foreign network, however, cannot decode the second part; thus, the mobile device's identity (as well as the identity of the mobile device user) remains obscured. This ensures that the user's privacy is maintained, while preventing third parties from building a profile of the device based on the requests that include the MSISDN or similar identifier.

23. 发明授权

US09800614B2 Method and system for global logoff from a web-based point of contact server 有权
公开(公告)号：US09800614B2
公开(公告)日：2017-10-24
申请号：US11752576
申请日：2007-05-23
申请人： Heather Maria Hinton , Anthony Scott Moran , Benjamin Brewer Harmon
发明人： Heather Maria Hinton , Anthony Scott Moran , Benjamin Brewer Harmon
IPC分类号： G06F15/173 , H04L29/06 , H04L9/32 , G06F17/30
CPC分类号： H04L63/20 , G06F17/30371 , G06F17/3048 , G06F17/30575 , H04L9/3213 , H04L63/08 , H04L63/0807
摘要： A method carried out at a point of contact (e.g., reverse proxy, a web server plug-in, or the like) that serves as an intermediary between a client browser and one or more back-end applications (or application component), wherein each back-end application has the capability to set its own server-side session management data with respect to the point of contact that is independent of any client-side session management data set by the point of contact and used by the point of contact to manage a user session. The method begins as a given back-end application returns a response to a first request that has been issued from the client browser (the first request having been received at the point of contact and passed to a back end application or component for processing). The point of contact intercepts the out-going response, augments server-side session management data associated therewith with a “stamp,” and forwards to the client browser the response together with the server-side session management data as augmented to include the stamp. The stamp provides a way for the point of contact to later determine whether the server-side session management data, if received with another user request, is valid for that request. Later, upon receipt at the point of contact of a new user request that includes the server-side session management data (and stamp), the point of contact uses the stamp to determine whether the new request is valid. If so, the point of contact removes the stamp from the server-side session management data and forwards the new request (and the management data) to the back-end application for handling.

24. 发明授权

US09143502B2 Method and system for secure binding register name identifier profile 有权
标题翻译：安全绑定注册名称标识符配置文件的方法和系统
公开(公告)号：US09143502B2
公开(公告)日：2015-09-22
申请号：US11010228
申请日：2004-12-10
申请人： Heather Maria Hinton
发明人： Heather Maria Hinton
IPC分类号： H04L29/06 , G06F21/41
CPC分类号： H04L63/0815 , G06F21/41
摘要： A method, a system, an apparatus, and a computer program product are presented for improving a register name identifier profile within a federated computing environment such that the register name identifier profile is enhanced to be more securely binding between two federated entities within the federated computing environment, such as an identity provider and a service provider. After the first federated entity sends a register name identifier request for a principal to the second federated entity, the second federated entity performs an authentication operation for the principal. In response to successfully completing the authentication operation, the second federated entity registers or modifies a name identifier for the principal that has been extracted from the received register name identifier request.
摘要翻译：提出了一种方法，系统，装置和计算机程序产品，用于改善联合计算环境内的注册名称标识符简档，使得注册名称标识符简档被增强以在联合计算中的两个联合实体之间更安全地绑定环境，如身份提供商和服务提供商。在第一联合实体向第二联合实体发送主体的注册名称标识符请求之后，第二联合实体对主体执行认证操作。响应于成功完成认证操作，第二联合实体注册或修改已从接收到的注册名称标识符请求中提取的主体的名称标识符。

25. 发明授权

US08561161B2 Method and system for authentication in a heterogeneous federated environment 有权
标题翻译：异构联盟环境中的认证方法和系统
公开(公告)号：US08561161B2
公开(公告)日：2013-10-15
申请号：US10334284
申请日：2002-12-31
申请人： George Robert Blakley, III , Heather Maria Hinton , Anthony Joseph Nadalin , Ajamu Akinwunmi Wesley
发明人： George Robert Blakley, III , Heather Maria Hinton , Anthony Joseph Nadalin , Ajamu Akinwunmi Wesley
IPC分类号： H04L9/32 , H04L29/06 , G06F15/16
CPC分类号： H04L63/0815 , H04L63/0807
摘要： A method is presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated single-sign-on operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the domain to manage trust relationships between the domain and the federation. Trust proxies interpret assertions from other federated domains as necessary. Trust proxies may have a trust relationship with one or more trust brokers, and a trust proxy may rely upon a trust broker for assistance in interpreting assertions.
摘要翻译：提出了一种方法，其中联合域在联合环境中相互作用。联盟内的域可以为其他联盟域的用户启动联合单点登录操作。域内的联络点服务器依赖于域内的信任代理来管理域和联盟之间的信任关系。信任代理根据需要解释其他联盟域的断言。信托代理可能与一个或多个信托经纪人有信任关系，信托代理可以依赖信托经纪人来解释断言。

26. 发明申请

US20120129519A1 DYNAMIC ACCESS TO RADIO NETWORKS 审中-公开
标题翻译：动态访问无线网络
公开(公告)号：US20120129519A1
公开(公告)日：2012-05-24
申请号：US13112752
申请日：2011-05-20
申请人： HEATHER MARIA HINTON
发明人： HEATHER MARIA HINTON
IPC分类号： H04W8/02
CPC分类号： H04W12/06 , H04L12/14 , H04L12/1403 , H04L63/0815 , H04W12/0602
摘要： A method, system, and computer usable program product for dynamic access to radio networks are provided in the illustrative embodiments. Historical information about a user's movements in a geographical area is analyzed, the analysis identifying a pattern in the user's movements. A set of transient network providers is identified in the pattern, the set of transient network providers including a first transient network provider whose network the user accesses while in the pattern or a second transient network provider whose network may be accessible to the user while in the pattern. A sequence of the transient network providers in the set of transient network providers is identified, the sequence corresponding to the order in which the user accesses the transient network providers. The pattern, the set of transient network providers, and the sequence are stored in relation with the user.
摘要翻译：在说明性实施例中提供了用于动态访问无线电网络的方法，系统和计算机可用程序产品。分析关于用户在地理区域中的移动的历史信息，分析识别用户运动中的模式。一组瞬时网络提供商在该模式中被识别，该组瞬时网络提供商包括用户在该模式下访问的网络的第一瞬时网络提供商或其网络在用户可访问时的第二瞬时网络提供商模式。识别瞬时网络提供商集合中的瞬时网络提供商的序列，该序列对应于用户访问瞬时网络提供商的顺序。该模式，一组瞬时网络提供商和序列与用户相关联地存储。

27. 发明授权

US08181225B2 Specializing support for a federation relationship 失效
标题翻译：专门支持联盟关系
公开(公告)号：US08181225B2
公开(公告)日：2012-05-15
申请号：US12481007
申请日：2009-06-09
申请人： Heather Maria Hinton , Anthony Scott Moran , Dolapo Martin Falola , Ivan Matthew Milman , Patrick Ryan Wardrop
发明人： Heather Maria Hinton , Anthony Scott Moran , Dolapo Martin Falola , Ivan Matthew Milman , Patrick Ryan Wardrop
IPC分类号： G06F7/04
CPC分类号： H04L63/0815 , H04L67/30
摘要： The invention provides federated functionality within a data processing system by means of a set of specialized runtimes, which are instances of an application for providing federation services to requesters. Each of the plurality of specialized runtimes provides requested federation services for selected ones of the requestors according to configuration data of respective federation relationships of the requestors with the identity provider. The configuration data is dynamically retrieved during initialization of the runtimes which allows the respective_runtime to be specialized for a given federation relationship. Requests are routed to the appropriate specialized runtime using the first requestor identity and the given federation relationship. The data, which describes each federation relationship between the identity provider and each of the plurality of requestors, is configured prior to initialization of the runtimes.
摘要翻译：本发明通过一组专用运行时提供数据处理系统内的联合功能，这是一组向需求者提供联合服务的应用的实例。多个专用运行时间中的每一个根据请求者与身份提供者的各自的联合关系的配置数据，为所选请求者提供所请求的联合服务。在运行时的初始化期间动态地检索配置数据，这允许相应的运行时间针对给定的联合关系而专门化。请求使用第一请求者标识和给定的联合关系路由到适当的专用运行时。在初始化运行时之前配置描述身份提供者与多个请求者中的每一个之间的每个联合关系的数据。

28. 发明授权

US08042162B2 Method and system for native authentication protocols in a heterogeneous federated environment 失效
标题翻译：异构联盟环境中本地认证协议的方法和系统
公开(公告)号：US08042162B2
公开(公告)日：2011-10-18
申请号：US11761818
申请日：2007-06-12
申请人： George Robert Blakley, III , Heather Maria Hinton , Anthony Joseph Nadalin
发明人： George Robert Blakley, III , Heather Maria Hinton , Anthony Joseph Nadalin
IPC分类号： H04L9/32 , H04L29/06
CPC分类号： H04L63/0281 , H04L63/0807 , H04L63/0815 , H04L63/0823 , H04L2463/102
摘要： A method is presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated single-sign-on operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the domain to manage trust relationships between the domain and the federation. Trust proxies interpret assertions from other federated domains as necessary. Trust proxies may have a trust relationship with one or more trust brokers, and a trust proxy may rely upon a trust broker for assistance in interpreting assertions.
摘要翻译：提出了一种方法，其中联合域在联合环境中相互作用。联盟内的域可以为其他联盟域的用户启动联合单点登录操作。域内的联络点服务器依赖于域内的信任代理来管理域和联盟之间的信任关系。信任代理根据需要解释其他联盟域的断言。信托代理可能与一个或多个信托经纪人有信任关系，信托代理可以依赖信托经纪人来解释断言。

29. 发明申请

US20100223592A1 CODE COMPONENT LEVEL INTELLECTUAL PROPERTY REMEDIATION 审中-公开
标题翻译：代码组件级知识产权补救
公开(公告)号：US20100223592A1
公开(公告)日：2010-09-02
申请号：US12395964
申请日：2009-03-02
申请人： HEATHER MARIA HINTON , Jeffrey R. Dean
发明人： HEATHER MARIA HINTON , Jeffrey R. Dean
IPC分类号： G06F9/44
CPC分类号： G06F21/10 , G06F8/70
摘要： A method, system, and computer usable program product for code component level IP remediation are provided in the illustrative embodiments. An actionable instance of the third-party's intellectual property is identified in a component of the product. A component model of the product is constructed. The actionable instance of the third-party's intellectual property is associated with a component in the component model. A graphical representation of the component model is created. Information about a type of license associated with the actionable instance is added to the graphical representation of the component. The graphical representation is published. The actionable instance may be identified based on the type of the license associated with the third-party's intellectual property, a context of the inclusion, or both. A remediation action is identified for the actionable instance. Information corresponding to the remediation action is added to the component using visual highlights in the graphical representation.
摘要翻译：在说明性实施例中提供了用于代码组件级IP修复的方法，系统和计算机可用程序产品。第三方知识产权的可操作实例在产品的一个组件中被识别。构建产品的组件模型。第三方知识产权的可操作实例与组件模型中的组件相关联。创建组件模型的图形表示。关于与可执行实例关联的许可证类型的信息被添加到组件的图形表示。图形表示已发布。可操作实例可以基于与第三方的知识产权相关的许可证的类型，包含的上下文或两者来识别。为可操作实例确定了修复操作。与补救措施相对应的信息使用图形表示中的视觉亮点添加到组件。

30. 发明申请

US20100146290A1 TOKEN CACHING IN TRUST CHAIN PROCESSING 有权
公开(公告)号：US20100146290A1
公开(公告)日：2010-06-10
申请号：US12327899
申请日：2008-12-04
申请人： David Werner Bachmann , Nicholas George Harlow , Heather Maria Hinton , Patrick Ryan Wardrop
发明人： David Werner Bachmann , Nicholas George Harlow , Heather Maria Hinton , Patrick Ryan Wardrop
IPC分类号： H04L9/00
CPC分类号： H04L63/0815 , H04L63/0823
摘要： A method, system, and computer usable program product for token caching in a trust chain processing are provided in the illustrative embodiments. An information in a token associated with a first request is mapped. A determination is made whether a requester of the first request has provided a constraint in the first request, the constraint concerning the token, the constraint forming a client constraint. The client constraint is stored. The information and the mapped information is stored, forming stored information. The token is received in a second request. The stored information is reused if the client constraint allows reusing the stored information. A further determination may be made whether a target system receiving the mapped information has provided a server constraint, the second constraint concerning the mapped information, the second constraint forming a server constraint. The stored information may be reused if the server constraint allows reusing the stored information.
摘要翻译：在说明性实施例中提供了用于信任链处理中的令牌缓存的方法，系统和计算机可用程序产品。与第一个请求相关联的令牌中的信息被映射。确定第一请求的请求者是否在第一请求中提供约束，关于令牌的约束，形成客户约束的约束。客户端约束被存储。存储信息和映射信息，形成存储的信息。令牌在第二个请求中被接收。如果客户端约束允许重用存储的信息，则存储的信息被重新使用。可以进一步确定接收映射信息的目标系统是否提供了服务器约束，关于映射信息的第二约束，形成服务器约束的第二约束。如果服务器约束允许重用存储的信息，则可以重新使用所存储的信息。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式