专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07761443B2 Implementing access control for queries to a content management system 失效
标题翻译：实现对内容管理系统查询的访问控制
公开(公告)号：US07761443B2
公开(公告)日：2010-07-20
申请号：US12123723
申请日：2008-05-20
申请人： Rupa Bhaghavan , Tawei Hu , Kenneth Carlin Nelson , Randal James Richardt
发明人： Rupa Bhaghavan , Tawei Hu , Kenneth Carlin Nelson , Randal James Richardt
IPC分类号： G06F17/30
CPC分类号： G06F17/30427 , G06F21/6218 , G06F21/6227 , Y10S707/99932 , Y10S707/99934 , Y10S707/99937 , Y10S707/99938 , Y10S707/99939
摘要： A system to generate an SQL sub-expression that implement access control rules stored in a library server. The SQL sub-expression is then merged with the SQL passed from an application program interface (API). The access control checking mechanism is implemented on the server side of the content management system. In this client/server environment, the query SQL statement is built in two layers: the API (client) layer and the server layer. The API sends the query string to the underlying stored procedure. The stored procedure then generates the access control logic based on the configuration parameters of the library server. This access control logic is dynamically added to the query string sent by the API. The stored procedure prepares, builds and executes this new query string as a dynamic SQL statement.
摘要翻译：用于生成实现存储在库服务器中的访问控制规则的SQL子表达式的系统。然后，SQL子表达式与从应用程序接口（API）传递的SQL合并。访问控制检查机制在内容管理系统的服务器端实现。在此客户端/服务器环境中，查询SQL语句分为两层：API（客户端）层和服务器层。 API将查询字符串发送到底层存储过程。存储过程然后根据库服务器的配置参数生成访问控制逻辑。该访问控制逻辑被动态添加到由API发送的查询字符串中。存储过程准备，构建并执行此新查询字符串作为动态SQL语句。

2. 发明申请

US20080222708A1 IMPLEMENTING ACCESS CONTROL FOR QUERIES TO A CONTENT MANAGEMENT SYSTEM 失效
标题翻译：对内容管理系统的查询执行访问控制
公开(公告)号：US20080222708A1
公开(公告)日：2008-09-11
申请号：US12123723
申请日：2008-05-20
申请人： Rupa BHAGHAVAN , Tawei Hu , Kenneth Carlin Nelson , Randal James Richardt
发明人： Rupa BHAGHAVAN , Tawei Hu , Kenneth Carlin Nelson , Randal James Richardt
IPC分类号： G06F21/24 , H04L9/32 , G06F17/30
CPC分类号： G06F17/30427 , G06F21/6218 , G06F21/6227 , Y10S707/99932 , Y10S707/99934 , Y10S707/99937 , Y10S707/99938 , Y10S707/99939
摘要： A system to generate an SQL sub-expression that implement access control rules stored in a library server. The SQL sub-expression is then merged with the SQL passed from an application program interface (API). The access control checking mechanism is implemented on the server side of the content management system. In this client/server environment, the query SQL statement is built in two layers: the API (client) layer and the server layer. The API sends the query string to the underlying stored procedure. The stored procedure then generates the access control logic based on the configuration parameters of the library server. This access control logic is dynamically added to the query string sent by the API. The stored procedure prepares, builds and executes this new query string as a dynamic SQL statement.
摘要翻译：用于生成实现存储在库服务器中的访问控制规则的SQL子表达式的系统。然后，SQL子表达式与从应用程序接口（API）传递的SQL合并。访问控制检查机制在内容管理系统的服务器端实现。在此客户端/服务器环境中，查询SQL语句分为两层：API（客户端）层和服务器层。 API将查询字符串发送到底层存储过程。存储过程然后根据库服务器的配置参数生成访问控制逻辑。该访问控制逻辑被动态添加到由API发送的查询字符串中。存储过程准备，构建并执行此新查询字符串作为动态SQL语句。

3. 发明授权

US06295605B1 Method and apparatus for multi-level security evaluation 有权
标题翻译：多层次安全评估方法与装置
公开(公告)号：US06295605B1
公开(公告)日：2001-09-25
申请号：US09150959
申请日：1998-09-10
申请人： Michael Jon Dockter , Joel Frank Farber , Ronald William Lynn , Randal James Richardt
发明人： Michael Jon Dockter , Joel Frank Farber , Ronald William Lynn , Randal James Richardt
IPC分类号： G06F1214
CPC分类号： H04L63/105 , G06F21/6218 , G06F2221/2113 , G06F2221/2141
摘要： The security evaluation method of the invention utilizes multiple levels of security evaluation before certain user's can gain access to system resources. Upon receiving a user access request, the method acquires qualification data regarding the access request and determines a security level that is applicable to a selected system resource which is indicated by the user access request. Thereafter, the method performs at least one of a plurality of security tests to determine if the qualification data matches the security level applicable to the selected system resource. At least some of the plurality of security tests are arranged to be performed in an order of speed of execution, with a fastest executable security evaluation test being performed first and a slowest executable security test being performed last. A more slowly executable security test is performed with respect to the user access request only if all faster executable security tests return “don't know”, or equivalent, responses. The method enables the speed of execution ordering to be overridden if a further system constraint will enable another ordering to maximize system performance.
摘要翻译：本发明的安全评估方法在某些用户可以访问系统资源之前，利用多层次的安全评估。在接收到用户访问请求时，该方法获取关于访问请求的资格数据，并且确定适用于由用户访问请求指示的所选择的系统资源的安全级别。此后，该方法执行多个安全测试中的至少一个以确定资格数据是否与适用于所选择的系统资源的安全级别匹配。多个安全测试中的至少一些被安排为以执行速度的顺序执行，首先执行最快的可执行安全评估测试，并且最后执行最慢的可执行安全测试。只有当所有更快的可执行安全测试返回“不知道”或等效的响应时，才能对用户访问请求执行更慢的可执行安全性测试。该方法使得执行顺序的速度可以被覆盖，如果进一步的系统约束将使另一个排序能够最大化系统性能。

4. 发明授权

US5870737A Dynamic prioritized replacement of language 失效
标题翻译：动态优先替换语言
公开(公告)号：US5870737A
公开(公告)日：1999-02-09
申请号：US632817
申请日：1996-04-15
申请人： Michael Jon Dockter , Joel Frank Farber , Michael Leon Pauser , Randal James Richardt , R. Brant Ruggles
发明人： Michael Jon Dockter , Joel Frank Farber , Michael Leon Pauser , Randal James Richardt , R. Brant Ruggles
IPC分类号： G06F17/30
CPC分类号： G06F17/30867 , Y10S707/99934 , Y10S707/99935
摘要： A computer system responds to a user query by providing a screen which displays a response that is influenced by prior expressed preferences of the user. The computer system includes a knowledge base of data pertaining to one or more subjects. The system monitors a user's entries and records priority information regarding data preferences of the user. Upon receiving a user's query regarding a selected subject in the knowledge base, the system selects a template for responding to the user's query. The template contains both fixed and variable fields and the system inserts replacement data in the variable fields. The replacement data is selected in accord with recorded priority information relating to the selected subject. The priority information enables a sorting of the replacement data so as to provide data to the user which is inferentially related to the user's prior entry history.
摘要翻译：计算机系统通过提供显示受到用户的先前表示的偏好的影响的响应的屏幕来响应用户查询。计算机系统包括与一个或多个主题有关的数据的知识库。系统监视用户的条目并记录关于用户的数据偏好的优先级信息。在知识库中收到关于所选主题的用户查询后，系统选择用于响应用户查询的模板。该模板包含固定和可变字段，并且系统在替换字段中插入替换数据。替换数据根据与所选择的对象相关的记录的优先级信息来选择。优先级信息使得能够对替换数据进行排序，以向用户提供与用户的先前进入历史相关的数据。

5. 发明授权

US5799298A Method of indirect specification of user preferences 失效
标题翻译：间接指定用户偏好的方法
公开(公告)号：US5799298A
公开(公告)日：1998-08-25
申请号：US863534
申请日：1997-05-27
申请人： Ronald Edward Bingham , Michael Jon Dockter , Joel Frank Farber , Michael Leon Pauser , Randal James Richardt
发明人： Ronald Edward Bingham , Michael Jon Dockter , Joel Frank Farber , Michael Leon Pauser , Randal James Richardt
IPC分类号： G06F9/44 , G06F17/30
CPC分类号： G06F17/30274 , G06F9/4443 , Y10S707/99931 , Y10S707/99935 , Y10S707/99936
摘要： A system and method for allowing communication of a large number of parameters from a computer user to an application program with a relatively small amount of interaction. The system uses a plurality of graphical metaphors to represent a collection of known personality or collective knowledge representations to extract a computer user's preferences. A computer user expresses how much likeness exists between themselves and a set of metaphoric graphical objects which is translated into an intermediary format which enables the computer to provide a higher quality of pattern matching and differentiation.
摘要翻译：一种用于允许从计算机用户到具有相对少量交互的应用程序的大量参数的通信的系统和方法。系统使用多个图形隐喻来表示已知个性或集体知识表示的集合以提取计算机用户的偏好。计算机用户表示自己和一组隐喻的图形对象之间存在多少相似性，这些对象被翻译成中间格式，使得计算机能够提供更高质量的模式匹配和差异化。

6. 发明授权

US07392246B2 Method for implementing access control for queries to a content management system 失效
标题翻译：用于实现对内容管理系统的查询的访问控制的方法
公开(公告)号：US07392246B2
公开(公告)日：2008-06-24
申请号：US10367086
申请日：2003-02-14
申请人： Rupa Bhaghavan , Tawei Hu , Kenneth Carlin Nelson , Randal James Richardt
发明人： Rupa Bhaghavan , Tawei Hu , Kenneth Carlin Nelson , Randal James Richardt
IPC分类号： G06F17/30
CPC分类号： G06F17/30427 , G06F21/6218 , G06F21/6227 , Y10S707/99932 , Y10S707/99934 , Y10S707/99937 , Y10S707/99938 , Y10S707/99939
摘要： A method to generate an SQL sub-expression that implement access control rules stored in a library server. The SQL sub-expression is then merged with the SQL passed from an application program interface (API). The access control checking mechanism is implemented on the server side of the content management system. In this client/server environment, the query SQL statement is built in two layers: the API (client) layer and the server layer. The API sends the query string to the underlying stored procedure. The stored procedure then generates the access control logic based on the configuration parameters of the library server. This access control logic is dynamically added to the query string sent by the API. The stored procedure prepares, builds and executes this new query string as a dynamic SQL statement.
摘要翻译：一种生成实现存储在库服务器中的访问控制规则的SQL子表达式的方法。然后，SQL子表达式与从应用程序接口（API）传递的SQL合并。访问控制检查机制在内容管理系统的服务器端实现。在此客户端/服务器环境中，查询SQL语句分为两层：API（客户端）层和服务器层。 API将查询字符串发送到底层存储过程。存储过程然后根据库服务器的配置参数生成访问控制逻辑。该访问控制逻辑被动态添加到由API发送的查询字符串中。存储过程准备，构建并执行此新查询字符串作为动态SQL语句。

7. 发明授权

US5752022A Method for creating a hypertext language for a distributed computer network 失效
标题翻译：为分布式计算机网络创建超文本语言的方法
公开(公告)号：US5752022A
公开(公告)日：1998-05-12
申请号：US512205
申请日：1995-08-07
申请人： Suet Mui Chiu , Michael Jon Dockter , Joel Frank Farber , Michael Leon Pauser , Randal James Richardt
发明人： Suet Mui Chiu , Michael Jon Dockter , Joel Frank Farber , Michael Leon Pauser , Randal James Richardt
IPC分类号： G06F17/30
CPC分类号： H04L67/2804 , G06F17/30905 , H04L67/2814
摘要： A server-based application intercepts an initial request for access to documents which may contain imbedded references to linked information. A request is made from the server to the actual location of the requested document as it is found on a network (e.g. WORLD-WIDE WEB, INTERNET, etc.). The document is retrieved into the server and parsed to discover all imbedded addresses contained therein. The server then replaces each imbedded address with its own address plus the original imbedded address such that all future references to the imbedded information will be supplied by the server. Additional linking information, functions and/or environment escape information may then be prepended and/or postpended to the requested document independently through the server.
摘要翻译：基于服务器的应用程序拦截对可能包含对链接信息的嵌入引用的文档的初始请求。从网络（例如，世界各地的网络，互联网等）发现请求，从服务器到所请求的文档的实际位置。将文档检索到服务器中并进行解析，以发现其中包含的所有嵌入地址。然后，服务器将使用自己的地址加上原始嵌入的地址替换每个嵌入的地址，以便所有未来对嵌入信息的引用将由服务器提供。然后可以通过服务器独立地将附加的链接信息，功能和/或环境转义信息添加到所请求的文档和/或后贴附。

8. 发明授权

US06292798B1 Method and system for controlling access to data resources and protecting computing system resources from unauthorized access 有权
标题翻译：通过确定对象组，功能组和用户组来控制对数据资源的访问的方法和系统，以及从许可目录确定是否允许访问请求
公开(公告)号：US06292798B1
公开(公告)日：2001-09-18
申请号：US09150395
申请日：1998-09-09
申请人： Michael Jon Dockter , Joel Frank Farber , Ronald William Lynn , Randal James Richardt
发明人： Michael Jon Dockter , Joel Frank Farber , Ronald William Lynn , Randal James Richardt
IPC分类号： G06F1730
CPC分类号： G06F21/6218 , Y10S707/99939 , Y10S707/99944
摘要： The invention controls access to data resources by performing the steps of: providing (i) a first directory which relates data objects to object groups, each object group including all data objects having a common assigned security attribute; (ii) a second directory which relates functions to function groups, each function group including functions having a common execution attribute; (iii) a third directory which relates users to user groups, each user group including users having a common user attribute; and a permission directory which lists allowed combinations of (user group, function group, object group). In response to a request from a user to perform a function with respect to an object, the permission directory is examined to determine if the access request is to be allowed or not allowed.
摘要翻译：本发明通过执行以下步骤来控制对数据资源的访问：提供（i）将数据对象与对象组相关联的第一目录，每个对象组包括具有公共分配安全属性的所有数据对象; （ii）将功能与功能组相关联的第二目录，每个功能组包括具有共同执行属性的功能; （iii）将用户与用户组相关联的第三目录，每个用户组包括具有公共用户属性的用户; 以及列出（用户组，功能组，对象组）的允许组合的权限目录。响应于用户对对象执行功能的请求，检查许可目录以确定是否允许访问请求。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式