专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2007068717A1 METHOD AND SYSTEM FOR EXTERNALIZING HTTP SECURITY MESSAGE HANDLING WITH MACRO SUPPORT 审中-公开
标题翻译：使用宏支持来排除HTTP安全消息处理的方法和系统
公开(公告)号：WO2007068717A1
公开(公告)日：2007-06-21
申请号：PCT/EP2006/069654
申请日：2006-12-13
申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION , IBM UNITED KINGDOM LIMITED , HARMON, Benjamin, Brewer , HINTON, Heather, Maria , MILMAN, Ivan, Matthew , MORAN, Anthony, Scott , VANDENWAUVER, Mark
发明人： HARMON, Benjamin, Brewer , HINTON, Heather, Maria , MILMAN, Ivan, Matthew , MORAN, Anthony, Scott , VANDENWAUVER, Mark
IPC分类号： H04L29/08 , G06F17/30
CPC分类号： H04L67/2814
摘要： A method for externalizing message handling within a data processing system is presented. A request (412) to access a resource (406) is received at a first server (404) from a client (402). In response to determining at the first server that processing of the request requires a message to be sent to the client, a redirect message (416) is generated that contains an operation code that corresponds to message handling functionality at a second server (418) for the message to be sent to the client. A configurable macro is evaluated to determine an evaluated macro, and the evaluated macro is inserted into the redirect message. The redirect message is then sent from the first server to the second server via the client. The second server extracts the operation code from the redirect message and invokes the message handling functionality that corresponds to the extracted operation code. The second server extracts the evaluated macro from the redirect message and employs the evaluated macro at the second server as an input parameter for the message handling functionality.
摘要翻译：提出了一种在数据处理系统内外部化消息处理的方法。从客户机（402）在第一服务器（404）处接收到访问资源（406）的请求（412）。响应于在第一服务器处确定处理请求需要将消息发送到客户端，生成重定向消息（416），其包含与第二服务器（418）处的消息处理功能相对应的操作代码，用于该消息将发送给客户端。评估可配置宏以确定评估的宏，并将评估的宏插入到重定向消息中。然后，重定向消息经由客户端从第一服务器发送到第二服务器。第二个服务器从重定向消息中提取操作代码，并调用与提取的操作代码相对应的消息处理功能。第二个服务器从重定向消息中提取评估的宏，并在第二个服务器上使用评估的宏作为消息处理功能的输入参数。

2. 发明申请

WO2008132023A1 EXTERNAL USER LIFECYCLE MANAGEMENT FOR FEDERATED ENVIRONMENTS 审中-公开
标题翻译：联合环境外部用户生物多样性管理
公开(公告)号：WO2008132023A1
公开(公告)日：2008-11-06
申请号：PCT/EP2008/054147
申请日：2008-04-07
申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION , IBM UNITED KINGDOM LIMITED , WARDROP, Patrick Ryan , MORAN, Anthony Scott , HINTON, Heather Maria
发明人： WARDROP, Patrick Ryan , MORAN, Anthony Scott , HINTON, Heather Maria
IPC分类号： H04L29/06
CPC分类号： H04L63/0815
摘要： The present invention provides a generic technique that externalizes the management of a user session, particularly in the context of a federated environment. The invention obviates any requirement to design and implement special software (or any requirement to modify a previously installed plug-in) to enable third party SSOp-aware applications to manage the lifecycle of a user session. In an illustrative embodiment, the user session lifecycle is managed externally through an external authentication interface (EAI) that has been extended to enable any POC (or SSOp-aware application) to interface to a federated identity provider component using a simple HTTP transport mechanism. In the inventive approach, HTTP request and response headers carry the information that is used by the POC to initiate and later destroy a user session, and such information is provided by a federated entity without requiring use of a special authentication API.
摘要翻译：本发明提供了外部化用户会话的管理的通用技术，特别是在联合环境的上下文中。本发明避免了设计和实施特殊软件（或任何修改先前安装的插件的要求）的任何要求，以使第三方SSOp感知应用程序能够管理用户会话的生命周期。在说明性实施例中，用户会话生命周期通过外部认证接口（EAI）进行外部管理，外部认证接口（EAI）已被扩展以使得任何POC（或SSOp感知应用）能够使用简单的HTTP传输机制与联合身份提供商组件接口。在本发明的方法中，HTTP请求和响应报头携带由POC使用以发起和稍后销毁用户会话的信息，并且这种信息由联合实体提供，而不需要使用特殊认证API。

3. 发明申请

WO2006134125A1 ANTIGEN CONJUGATES AND USES THEREOF 审中-公开
标题翻译：抗原结合及其用途
公开(公告)号：WO2006134125A1
公开(公告)日：2006-12-21
申请号：PCT/EP2006/063198
申请日：2006-06-14
申请人： CYTOS BIOTECHNOLOGY AG , BACHMANN, Martin , TISSOT, Alain , JEGERLEHNER, Andrea , SAUDAN, Philippe , ZOU, Yu , SCHMITZ, Nicole , HUBER, Adrian , MARTIN, Stephen , HINTON, Heather
发明人： BACHMANN, Martin , TISSOT, Alain , JEGERLEHNER, Andrea , SAUDAN, Philippe , ZOU, Yu , SCHMITZ, Nicole , HUBER, Adrian , MARTIN, Stephen , HINTON, Heather
IPC分类号： A61K39/12 , C12N15/12 , C12N15/48 , C12N15/52
CPC分类号： A61K39/21 , A61K39/0005 , A61K39/0008 , A61K39/0011 , A61K39/12 , A61K47/646 , A61K2039/5258 , A61K2039/54 , A61K2039/545 , A61K2039/55505 , A61K2039/57 , A61K2039/6075 , A61K2039/622 , A61K2039/627 , A61K2039/64 , C07K2319/70 , C12N2740/16211 , C12N2740/16234 , C12N2795/18123
摘要： The present invention is in the fields of medicine, public health, immunology, molecular biology and virology. The invention provides composition comprising a virus-like particle (VLP) linked to at least one antigen of the invention, wherein said antigen of the invention is CCR5 of the invention, gastrin of the invention, CXCR4 of the invention, CETP of the invention or C5a of the invention. The invention also provides a process for producing the composition. The compositions of this invention are useful in the production of vaccines, in particular, for the treatment of diseases in which the antigen of the invention mediates, or contributes to the condition, particularly for the treatment of AIDS, gastrointestinal cancers, coronary heart diseases or inflammatory diseases. Moreover, the compositions of the invention induce efficient immune responses, in particular antibody responses. Furthermore, the compositions of the invention are particularly useful to efficiently induce self-specific immune responses within the indicated context.
摘要翻译：本发明涉及医药，公共卫生，免疫学，分子生物学和病毒学领域。本发明提供包含连接至本发明的至少一种抗原的病毒样颗粒（VLP）的组合物，其中本发明的所述抗原是本发明的CCR5，本发明的胃泌素，本发明的CXCR4，本发明的CETP或 C5a。本发明还提供了一种制备该组合物的方法。本发明的组合物可用于疫苗的生产，特别是用于治疗其中本发明的抗原介导或有助于该疾病的疾病，特别是用于治疗AIDS，胃肠癌，冠心病或炎性疾病。此外，本发明的组合物诱导有效的免疫应答，特别是抗体应答。此外，本发明的组合物特别有用于在指定的上下文中有效诱导自身特异性免疫应答。

4. 发明申请

WO2006103176A1 METHOD FOR A RUNTIME USER ACCOUNT CREATION OPERATION 审中-公开
标题翻译：运行用户帐户创建操作的方法
公开(公告)号：WO2006103176A1
公开(公告)日：2006-10-05
申请号：PCT/EP2006/060762
申请日：2006-03-15
申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION , IBM UNITED KINGDOM LIMITED , HINTON, Heather, Maria , MILMAN, Ivan, Matthew , RAGHAVAN, Venkat , WEEDEN, Shane, Bradley
发明人： HINTON, Heather, Maria , MILMAN, Ivan, Matthew , RAGHAVAN, Venkat , WEEDEN, Shane, Bradley
IPC分类号： G06F21/20
CPC分类号： H04L63/0815 , G06F21/41
摘要： A method, system, apparatus, and computer program product are presented to support computing systems of different enterprises that interact within a federated computing environment. Federated single-sign-on operations can be initiated at the computing systems of federation partners on behalf of a user even though the user has not established a user account at a federation partner prior to the initiation of the single-sign-on operation. For example, an identity provider can initiate a single-sign-on operation at a service provider while attempting to obtain access to a controlled resource on behalf of a user. When the service provider recognizes that it does not have a linked user account for the user that allows for a single-sign-on operation with the identity provider, the service provider creates a local user account. The service provider can also pull user attributes from the identity provider as necessary to perform the user account creation operation.
摘要翻译：提出了一种方法，系统，装置和计算机程序产品，以支持在联合计算环境内交互的不同企业的计算系统。即使用户在单点登录操作开始之前尚未在联盟伙伴上建立用户帐户，也可以代表用户在联盟伙伴的计算系统上启动联合单点登录操作。例如，身份提供者可以尝试在代表用户获得受控资源的访问的情况下，在服务提供商处启动单点登录操作。当服务提供商认识到它不具有用于允许与身份提供商进行单点登录操作的用户的链接用户帐户时，服务提供商创建本地用户帐户。服务提供商还可以根据需要从身份提供者提取用户属性，以执行用户帐户创建操作。

5. 发明申请

WO2010020615A3 DYNAMIC ACCESS TO RADIO NETWORKS 审中-公开
公开(公告)号：WO2010020615A3
公开(公告)日：2010-02-25
申请号：PCT/EP2009/060626
申请日：2009-08-17
申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION , IBM UNITED KINGDOM LIMITED , HINTON, Heather Maria
发明人： HINTON, Heather Maria
IPC分类号： H04L29/06 , H04W36/14 , H04L29/08 , H04W12/04 , H04W12/06
摘要： A method, system, and computer usable program product for dynamic access to radio networks are provided in the illustrative embodiments. A new radio network having a characteristic more suitable than a corresponding characteristic of a present radio network is detected. A request for access (510) to the new radio network is sent, the request including a token, which includes structured information about a user, a device, a home network, or a billing service. Access to the new radio network is received. Switching is performed from the present radio network to the new radio network for wireless communication. The request for access to a radio network is received such that the requestor is not known to a provider of the radio network. The requestor is verified using a billing service provider (506) or a home network provider (508) identified in a token in the request. Upon verification, access is granted (520) to the radio network.

6. 发明申请

WO2010020615A2 DYNAMIC ACCESS TO RADIO NETWORKS 审中-公开
标题翻译：动态访问无线网络
公开(公告)号：WO2010020615A2
公开(公告)日：2010-02-25
申请号：PCT/EP2009060626
申请日：2009-08-17
申请人： IBM , IBM UK , HINTON HEATHER MARIA
发明人： HINTON HEATHER MARIA
IPC分类号： H04L29/06 , H04L29/08 , H04W36/14
CPC分类号： H04W12/06 , H04L12/14 , H04L12/1403 , H04L63/0815
摘要： A method, system, and computer usable program product for dynamic access to radio networks are provided in the illustrative embodiments. A new radio network having a characteristic more suitable than a corresponding characteristic of a present radio network is detected. A request for access to the new radio network is sent, the request including a token, which includes structured information about a user, a device, a home network, or a billing service. Access to the new radio network is received. Switching is performed from the present radio network to the new radio network for wireless communication. The request for access to a radio network is received such that the requestor is not known to a provider of the radio network. The requestor is verified using a billing service provider or a home network provider identified in a token in the request. Upon verification, access is granted to the radio network.
摘要翻译：在说明性实施例中提供了用于动态访问无线电网络的方法，系统和计算机可用程序产品。检测到具有比当前无线电网络的相应特性更适合的特性的新无线电网络。发送对新无线电网络的访问请求，该请求包括令牌，其包括关于用户，设备，家庭网络或计费服务的结构化信息。接收到新的无线电网络的接入。从当前的无线电网络到新的无线电网络进行无线通信的切换。接收对无线电网络的访问请求，使得请求者对于无线电网络的提供者是不知道的。使用在请求中的令牌中标识的计费服务提供商或家庭网络提供商来验证请求者。验证后，无线电网络将获得访问权限。

7. 发明申请

WO2010012721A1 PROPAGATING INFORMATION FROM A TRUST CHAIN PROCESSING 审中-公开
标题翻译：从信任链处理传播信息
公开(公告)号：WO2010012721A1
公开(公告)日：2010-02-04
申请号：PCT/EP2009/059728
申请日：2009-07-28
申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION , IBM UNITED KINGDOM LIMITED , HINTON, Heather Maria , MUPPIDI, Sridhar , COX, David Eugene
发明人： HINTON, Heather Maria , MUPPIDI, Sridhar , COX, David Eugene
IPC分类号： G06F21/20 , H04L29/06
CPC分类号： H04L63/0815 , G06F21/41 , G06F2221/2101 , G06F2221/2115
摘要： A method, system, and computer usable program product for propagating information in a trust chain processing are provided in the illustrative embodiments. Upon a trust client invoking the trust chain processing, a mapped security information is received, the mapped security information being stored in a memory or a data storage associated with a data processing system. A set of security information attributes are located from the mapped security information according to a configuration. The set of security information attributes are packaged to form a packaged security information. The packaged security information is issued to a target system, the target system being distinct from the trust client that invoked the trust chain processing. The locating, the packaging, and the issuing collectively form monitoring the trust chain processing. A next component in the trust chain processing may be invoked. The invoking may occur before, after, or during the monitoring.
摘要翻译：在说明性实施例中提供了用于在信任链处理中传播信息的方法，系统和计算机可用程序产品。在信任客户端调用信任链处理时，接收映射的安全信息，所映射的安全信息被存储在与数据处理系统相关联的存储器或数据存储器中。一组安全信息属性根据配置从映射的安全信息中定位。一组安全信息属性被打包以形成打包的安全信息。打包的安全信息被发布到目标系统，目标系统与调用信任链处理的信任客户端不同。定位，包装和发放集体形成监督信托链处理。可以调用信任链处理中的下一个组件。调用可能发生在监测之前，之后或期间。

8. 发明申请

WO2008141949A2 METHOD AND APPARATUS FOR ACCESSING A FOREIGN NETWORK WITH AN OBFUSCATED MOBILE DEVICE USER IDENTITY 审中-公开
标题翻译：用于接收具有移动移动设备用户身份的外部网络的方法和装置
公开(公告)号：WO2008141949A2
公开(公告)日：2008-11-27
申请号：PCT/EP2008/055694
申请日：2008-05-08
申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION , ANGWIN, Alastair, John , HINTON, Heather, Maria , POZEFSKY, Mark
发明人： ANGWIN, Alastair, John , HINTON, Heather, Maria , POZEFSKY, Mark
CPC分类号： H04L63/0414 , H04W12/02 , H04W84/042 , H04W88/02 , H04W88/16
摘要： A mobile device identifier (such as an MSISDN) that typically accompanies a mobile device request is replaced with an "enriched" identifier that exposes the mobile device user's home operator but obfuscates the mobile device's (and, thus, the device user's) identity. In one embodiment, the identifier comprises a first part, and a second part. The first part comprises a data string that identifies (either directly or through a database lookup) the mobile device user's home operator. The second part, however, is an opaque data string, such as a one-time-use unique identifier (UID) or a value that is otherwise derived as a function of the MSISDN (or the like). The opaque data string encodes the mobile device's identity in a manner that preferably can be recovered only by the user's home operator (or an entity authorized thereby). When the mobile device user roams into a foreign network, that network receives the enriched identifier in lieu of an MSISDN. The foreign network uses the first part to identify the mobile device user's home network, e.g., to determine whether to permit the requested access (or to provide some other value-added service). The foreign network, however, cannot decode the second part; thus, the mobile device's identity (as well as the identity of the mobile device user) remains obscured. This ensures that the user's privacy is maintained, while preventing third parties from building a profile of the device based on the requests that include the MSISDN or similar identifier.
摘要翻译：通常伴随移动设备请求的移动设备标识符（例如，MSISDN）被暴露于移动设备用户的本地操作员但是模糊移动设备（以及因此设备用户的身份）的“丰富”标识符所替代。在一个实施例中，标识符包括第一部分和第二部分。第一部分包括标识（直接地或通过数据库查找）移动设备用户的本地操作员的数据串。然而，第二部分是不透明的数据串，例如一次性使用的唯一标识符（UID）或另外被导出为MSISDN（或类似的）的函数的值）。不透明数据串以优选仅由用户的家庭运营商（或由其授权的实体）恢复的方式对移动设备的身份进行编码。当移动设备用户漫游到外部网络时，该网络接收到代替MSISDN的富集标识符。外部网络使用第一部分来识别移动设备用户的家庭网络，例如，以确定是否允许所请求的访问（或提供一些其他增值服务）。然而，外部网络无法解码第二部分; 因此，移动设备的身份（以及移动设备用户的身份）仍然被遮蔽。这确保了用户的隐私被维护，同时防止第三方基于包括MSISDN或类似标识符的请求构建设备的配置文件。

9. 发明申请

WO2008046888A2 METHOD AND SYSTEM FOR SYNCHRONIZED POLICY CONTROL IN A WEB SERVICES ENVIRONMENT 审中-公开
标题翻译： WEB服务环境中同步策略控制的方法与系统
公开(公告)号：WO2008046888A2
公开(公告)日：2008-04-24
申请号：PCT/EP2007/061161
申请日：2007-10-18
申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION , IBM UNITED KINGDOM LIMITED , HINTON, Heather, Maria , MILMAN, Ivan, Matthew
发明人： HINTON, Heather, Maria , MILMAN, Ivan, Matthew
IPC分类号： G06F21/24 , H04L29/06
CPC分类号： H04L63/20 , H04L63/101
摘要： Policy controls for Web service resource objects in a hierarchical resource space are loosely coupled so that policy changes are applied and enforced across the objects. This technique ensures that different policies are not applied unintentionally to the same resource (for example, one at the Web services entry level, and the other at the resource level). By synchronizing the object in the manner described, neither the entity that deploys the applicat ion nor the security administrator need to be aware of the differences between the various types of requests that occur within a Web services environment. In a representative embodiment, resource objects are linked within a hierarchical resource space to provide synchronized policy control, where the policy is an audit policy, a quality-of-service (QoS) policy, a service level agreement (SLA) policy, a governance policy, a compliance policy, a patch management/vulnerability management policy, a user management policy, or a rights management policy.
摘要翻译：分层资源空间中的Web服务资源对象的策略控制松散耦合，以便跨对象应用和强制执行策略更改。这种技术可以确保不同意的资源（例如，在Web服务条目级别，资源级另一个）上不同的策略。通过以所描述的方式同步对象，部署应用程序的实体和安全管理员都不需要了解Web服务环境中发生的各种类型的请求之间的差异。在代表性的实施例中，资源对象在分层资源空间内链接以提供同步的策略控制，其中策略是审计策略，服务质量（QoS）策略，服务水平协议（SLA）策略，治理策略，合规策略，补丁管理/漏洞管理策略，用户管理策略或权限管理策略。

10. 发明申请

WO2007068716A1 METHOD, APPARATUS AND PROGRAM PRODUCTS FOR CUSTOM AUTHENTICATION OF A PRINCIPAL IN A FEDERATION BY AN IDENTITY PROVIDER 审中-公开
标题翻译：方法，设备和程序产品，用于自动认证由身份申明人联合的主要原则
公开(公告)号：WO2007068716A1
公开(公告)日：2007-06-21
申请号：PCT/EP2006/069652
申请日：2006-12-13
申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION , IBM UNITED KINGDOM LIMITED , HINTON, Heather, Maria , MORAN, Anthony, Scott
发明人： HINTON, Heather, Maria , MORAN, Anthony, Scott
IPC分类号： H04L29/06 , H04L29/08
CPC分类号： H04L63/0815 , H04L63/0884 , H04L63/102 , H04L67/14
摘要： Methods, systems, and computer program products are disclosed that give entities flexibility to implement custom authentication methods of other entities for authentication of a principal in a federation by authenticating the principal by an identity provider according to a service provider's authentication policy and recording in session data of the identity provider an authentication credential satisfying the service provider's authentication policy. Authentication of a principal in a federation is also carried out by authenticating the principal by the identity provider according to an identity provider's authentication policy. Authentication of a principal in a federation is further carried out by receiving in the identity provider an authentication request from the service provider, the authentication request specifying the service provider's authentication policy.
摘要翻译：公开了方法，系统和计算机程序产品，其给予实体灵活性，以实现其他实体的定制认证方法，以通过身份提供者根据服务提供商的认证策略认证主体并在会话数据中进行记录来实现联盟中的主体的认证身份提供商的身份验证凭证满足服务提供商的身份验证策略。通过身份提供者根据身份提供商的身份验证策略对主体进行身份认证，也可以对联盟中的主体进行身份验证。进一步通过在身份提供者中接收来自服务提供者的认证请求，指定服务提供商的认证策略的认证请求来进行联盟中的主体的认证。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式