专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

41. 发明授权

US08621561B2 Selective authorization based on authentication input attributes 有权
标题翻译：基于认证输入属性的选择性授权
公开(公告)号：US08621561B2
公开(公告)日：2013-12-31
申请号：US11969456
申请日：2008-01-04
申请人： David B. Cross , Mark F. Novak , Oded Ye Shekel , Paul J. Leach , Andreas Luther , Thomas C. Jones
发明人： David B. Cross , Mark F. Novak , Oded Ye Shekel , Paul J. Leach , Andreas Luther , Thomas C. Jones
IPC分类号： H04L29/06 , G06F21/00
CPC分类号： H04L9/3213 , H04L9/3226 , H04L9/3263 , H04L63/0807
摘要： Embodiments for providing differentiated access based on authentication input attributes are disclosed. In accordance with one embodiment, a method includes receiving an authentication input at an authentication authority using an authentication protocol. The authentication input being associated with a client. The method also includes providing one or more representations for the authentication input, wherein each of the representations represents an attribute of the authentication input.
摘要翻译：公开了基于认证输入属性提供差分访问的实施例。根据一个实施例，一种方法包括使用认证协议在认证机构处接收认证输入。认证输入与客户端相关联。该方法还包括为认证输入提供一个或多个表示，其中每个表示代表认证输入的属性。

42. 发明申请

US20130061301A1 DISTRIBUTED COMPUTER SYSTEMS WITH TIME-DEPENDENT CREDENTIALS 有权
公开(公告)号：US20130061301A1
公开(公告)日：2013-03-07
申请号：US13224257
申请日：2011-09-01
申请人： Mark Novak , Paul J. Leach , Yi Zeng , Saurav Sinha , K. Michiko Short , Gopinathan Kannan
发明人： Mark Novak , Paul J. Leach , Yi Zeng , Saurav Sinha , K. Michiko Short , Gopinathan Kannan
IPC分类号： G06F21/00
CPC分类号： H04L63/0846
摘要： A distributed system in which time-dependent credentials are supplied by controllers that operate according to different local times. Errors that might arise from the controllers generating inconsistent credentials because of time skew are avoided by identifying credentials generated during transition intervals in which different ones of the controllers may generate different credentials at the same absolute time. During a transition interval, controllers and other devices may use credentials differentially based on the nature of the authentication function. Each controller may periodically renew its credentials based on self-scheduled renewals or based on requests from other devices, such that renewal times are offset by random delays to avoid excessive network traffic. Controllers may determine which credential is valid for any given time, based on a cryptographically secure key associated with that time and information identifying the entity that is associated with that credential.

43. 发明授权

US08302149B2 Virtual distributed security system 有权
标题翻译：虚拟分布式安全系统
公开(公告)号：US08302149B2
公开(公告)日：2012-10-30
申请号：US11254519
申请日：2005-10-20
申请人： Giovanni M. Della-Libera , Christopher G. Kaler , Scott A. Konersmann , Butler W. Lampson , Paul J. Leach , Bradford H. Lovering , Steven E. Lucco , Stephen J. Millet , Richard F. Rashid , John P. Shewchuk
发明人： Giovanni M. Della-Libera , Christopher G. Kaler , Scott A. Konersmann , Butler W. Lampson , Paul J. Leach , Bradford H. Lovering , Steven E. Lucco , Stephen J. Millet , Richard F. Rashid , John P. Shewchuk
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , G06Q20/3676 , H04L63/10 , H04L63/168 , H04L63/20 , H04L67/02 , H04L67/28 , H04L67/2804 , H04L67/2823
摘要： A distributed security system is provided. The distributed security system uses a security policy that is written in a policy language that is transport and security protocol independent as well as independent of cryptographic technologies. This security policy can be expressed using the language to create different security components allowing for greater scalability and flexibility. By abstracting underlying protocols and technologies, multiple environments and platforms can be supported.
摘要翻译：提供分布式安全系统。分布式安全系统使用以政策语言编写的安全策略，该策略语言是传输和安全协议独立的，而与密码技术无关。该安全策略可以用语言来表示，以创建不同的安全组件，从而实现更大的可扩展性和灵活性。通过抽象底层协议和技术，可以支持多个环境和平台。

44. 发明授权

US07971230B2 System and methods providing enhanced security model 有权
标题翻译：系统和方法提供增强的安全模型
公开(公告)号：US07971230B2
公开(公告)日：2011-06-28
申请号：US11830680
申请日：2007-07-30
申请人： Sameet H. Agarwal , Balan Sethu Raman , Sanjay Anand , Paul J. Leach , Richard B. Ward
发明人： Sameet H. Agarwal , Balan Sethu Raman , Sanjay Anand , Paul J. Leach , Richard B. Ward
IPC分类号： G06F17/30
CPC分类号： G06F21/6218 , G06F2221/2141 , G06F2221/2145 , Y10S707/99931 , Y10S707/99939
摘要： The present invention relates to a system and methodology to facilitate security for data items residing within (or associated with) a hierarchical database or storage structure. A database security system is provided having a hierarchical data structure associated with one or more data items. The system includes a security component that applies a security policy to the data items from a global location or region associated with a database. Various components and processes are employed to enable explicit and/or inherited security properties to be received by and propagated to the data items depending on the type of data structure encountered or processed.
摘要翻译：本发明涉及一种促进位于分层数据库或存储结构内（或与之相关联的）数据项的安全性的系统和方法。提供了具有与一个或多个数据项相关联的分层数据结构的数据库安全系统。该系统包括将安全策略应用于与数据库相关联的全球位置或区域的数据项的安全组件。采用各种组件和过程来使显式和/或继承的安全属性由数据项接收和传播到数据项，这取决于遇到或处理的数据结构的类型。

45. 发明授权

US07757281B2 Privilege restriction enforcement in a distributed system 有权
标题翻译：分布式系统中的特权限制执行
公开(公告)号：US07757281B2
公开(公告)日：2010-07-13
申请号：US11450597
申请日：2006-06-09
申请人： Scott A. Field , Liqiang Zhu , Peter T. Brundrett , Paul J. Leach
发明人： Scott A. Field , Liqiang Zhu , Peter T. Brundrett , Paul J. Leach
IPC分类号： G06F7/04
CPC分类号： H04L63/102
摘要： Remote administrative privileges in a distributed system are disabled by default. To administer a remote system, express action is taken to elevate a user status to obtain remote administrative privileges. When local and remote systems communicate, information pertaining to the status of the logged on user is included in the communications. If the user wishes to legitimately administer a remote system, the user provides an explicit request. The request is processed. If the user is configured as an administrator of the remote system and the request contains an indication that the user's administrative status has been elevated, an authorization token is generated. The authorization token is utilized by the remote system to allow the user to administer the remote system.
摘要翻译：默认情况下，分布式系统中的远程管理权限将被禁用。要管理远程系统，请采取行动来提升用户状态以获得远程管理权限。当本地和远程系统进行通信时，通信中包含与登录用户状态有关的信息。如果用户希望合法地管理远程系统，则用户提供明确的请求。请求被处理。如果用户配置为远程系统的管理员，并且该请求包含用户的管理状态提升的指示，则会生成授权令牌。远程系统利用授权令牌允许用户管理远程系统。

46. 发明授权

US07752442B2 Virtual distributed security system 有权
公开(公告)号：US07752442B2
公开(公告)日：2010-07-06
申请号：US11254539
申请日：2005-10-20
申请人： Giovanni M. Della-Libera , Christopher G. Kaler , Scott A. Konersmann , Butler W. Lampson , Paul J. Leach , Bradford H. Lovering , Steven E. Luocco , Stephen J. Millet , Richard F. Rashid , John P. Shewchuk
发明人： Giovanni M. Della-Libera , Christopher G. Kaler , Scott A. Konersmann , Butler W. Lampson , Paul J. Leach , Bradford H. Lovering , Steven E. Luocco , Stephen J. Millet , Richard F. Rashid , John P. Shewchuk
IPC分类号： H04L9/32
CPC分类号： H04L63/08 , G06Q20/3676 , H04L63/10 , H04L63/168 , H04L63/20 , H04L67/02 , H04L67/28 , H04L67/2804 , H04L67/2823
摘要： A distributed security system is provided. The distributed security system uses a security policy that is written in a policy language that is transport and security protocol independent as well as independent of cryptographic technologies. This security policy can be expressed using the language to create different security components allowing for greater scalability and flexibility. By abstracting underlying protocols and technologies, multiple environments and platforms can be supported.

47. 发明授权

US07752431B2 Virtual distributed security system 失效
公开(公告)号：US07752431B2
公开(公告)日：2010-07-06
申请号：US11254264
申请日：2005-10-20
申请人： Giovanni M. Della-Libera , Christopher G. Kaler , Scott A. Konersmann , Butler W. Lampson , Paul J. Leach , Bradford H. Lovering , Steven E. Lucco , Stephen J. Millet , Richard F. Rashid , John P. Shewchuk
发明人： Giovanni M. Della-Libera , Christopher G. Kaler , Scott A. Konersmann , Butler W. Lampson , Paul J. Leach , Bradford H. Lovering , Steven E. Lucco , Stephen J. Millet , Richard F. Rashid , John P. Shewchuk
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , G06Q20/3676 , H04L63/10 , H04L63/168 , H04L63/20 , H04L67/02 , H04L67/28 , H04L67/2804 , H04L67/2823
摘要： A distributed security system is provided. The distributed security system uses a security policy that is written in a policy language that is transport and security protocol independent as well as independent of cryptographic technologies. This security policy can be expressed using the language to create different security components allowing for greater scalability and flexibility. By abstracting underlying protocols and technologies, multiple environments and platforms can be supported.

48. 发明授权

US07644275B2 Pass-thru for client authentication 失效
标题翻译：通过客户端验证
公开(公告)号：US07644275B2
公开(公告)日：2010-01-05
申请号：US10413799
申请日：2003-04-15
申请人： David R. Mowers , John Banes , Daniel R. Simon , Paul J. Leach
发明人： David R. Mowers , John Banes , Daniel R. Simon , Paul J. Leach
IPC分类号： H04L9/00
CPC分类号： H04L63/08 , H04L63/0442 , H04L63/0807 , H04L63/0869 , H04L63/10 , H04L63/12 , H04L63/166 , H04L67/42
摘要： This disclosure pertains generally to client authentication. One aspect of the disclosure relates to a first server for presenting evidence to a Domain Controller (DC) of a first authentication context being submitted from a client to the first server to obtain a delegable credential, wherein the credential can be used to request a second authentication context from that client to a second server. Another aspect relates to the first server providing a pass-thru with evidence to a DC. The evidence relates to a first authentication context being submitted from a client to the first server that it obtained a delegable credential. The pass-thru is used in combination with the credential to request a second authentication context from the client to a second server.
摘要翻译：本公开通常涉及客户端认证。本公开的一个方面涉及一种用于向第一认证上下文的域控制器（DC）呈现证据的第一服务器，该第一认证上下文从客户端提交到第一服务器以获得可委托的证书，其中该凭证可用于请求第二认证上下文认证上下文从该客户端到第二个服务器。另一方面涉及第一台服务器向DC提供证据。证据涉及从客户端向第一服务器提交的第一个身份验证上下文，它获取了一个可委托凭证。通过与凭证组合使用以从客户端请求第二认证上下文到第二服务器。

49. 发明申请

US20090328134A1 LICENSING PROTECTED CONTENT TO APPLICATION SETS 有权
标题翻译：许可保护内容到应用程序集
公开(公告)号：US20090328134A1
公开(公告)日：2009-12-31
申请号：US12163548
申请日：2008-06-27
申请人： Kenneth D. Ray , Pankaj M. Kamat , Charles W. Kaufman , Paul J. Leach , William R. Tipton , Andrew Herron , Krassimir E. Karamifilov , Duncan G. Bryce , Jonathan D. Schwartz , Matthew C. Setzer , John McDowell
发明人： Kenneth D. Ray , Pankaj M. Kamat , Charles W. Kaufman , Paul J. Leach , William R. Tipton , Andrew Herron , Krassimir E. Karamifilov , Duncan G. Bryce , Jonathan D. Schwartz , Matthew C. Setzer , John McDowell
IPC分类号： G06F17/00
CPC分类号： G06F21/105
摘要： The present invention extends to methods, systems, and computer program products for licensing protected content to application sets. Embodiments of the invention permit a local machine to increase its participation in authorizing access to protected content. For example, an operating system within an appropriate computing environment is permitted to determine if an application is authorized to access protected content. Thus, the application is relieved from having to store a publishing license. Further, authorization decisions are partially distributed, easing the resource burden on a protection server. Accordingly, embodiments of the invention can facilitate more robust and efficient authorization decisions when access to protected content is requested.
摘要翻译：本发明扩展到用于将受保护内容授权给应用集的方法，系统和计算机程序产品。本发明的实施例允许本地机器增加其对授权对受保护内容的访问的参与。例如，允许在适当的计算环境内的操作系统来确定应用程序是否被授权访问受保护的内容。因此，应用程序不必存储发布许可证。此外，授权决定部分分配，减轻了保护服务器的资源负担。因此，当请求访问受保护内容时，本发明的实施例可以促进更强大和有效的授权决定。

50. 发明申请

US20090178129A1 SELECTIVE AUTHORIZATION BASED ON AUTHENTICATION INPUT ATTRIBUTES 有权
标题翻译：基于认证输入属性的选择性授权
公开(公告)号：US20090178129A1
公开(公告)日：2009-07-09
申请号：US11969456
申请日：2008-01-04
申请人： David B. Cross , Mark F. Novak , Oded Ye Shekel , Paul J. Leach , Andreas Luther , Thomas C. Jones
发明人： David B. Cross , Mark F. Novak , Oded Ye Shekel , Paul J. Leach , Andreas Luther , Thomas C. Jones
IPC分类号： H04L9/32
CPC分类号： H04L9/3213 , H04L9/3226 , H04L9/3263 , H04L63/0807
摘要： Embodiments for providing differentiated access based on authentication input attributes are disclosed. In accordance with one embodiment, a method includes receiving an authentication input at an authentication authority using an authentication protocol. The authentication input being associated with a client. The method also includes providing one or more representations for the authentication input, wherein each of the representations represents an attribute of the authentication input.
摘要翻译：公开了基于认证输入属性提供差分访问的实施例。根据一个实施例，一种方法包括使用认证协议在认证机构处接收认证输入。认证输入与客户端相关联。该方法还包括为认证输入提供一个或多个表示，其中每个表示代表认证输入的属性。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式