专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09055107B2 Authentication delegation based on re-verification of cryptographic evidence 有权
标题翻译：基于重新验证加密证据的认证授权
公开(公告)号：US09055107B2
公开(公告)日：2015-06-09
申请号：US11607720
申请日：2006-12-01
申请人： Gennady Medvinsky , Nir Nice , Tomer Shiran , Alexander Teplitsky , Paul Leach , John Neystadt
发明人： Gennady Medvinsky , Nir Nice , Tomer Shiran , Alexander Teplitsky , Paul Leach , John Neystadt
IPC分类号： H04L29/06 , G06F21/33 , H04L9/32
CPC分类号： H04L63/166 , G06F21/33 , G06F2221/2115 , H04L9/3213 , H04L9/3263 , H04L9/3271 , H04L29/06965 , H04L63/0823 , H04L2209/38
摘要： The method of delegating authentication, within a chain of entities, relies upon a recording of at least a portion of a TLS handshake between a gateway device and user, in which the user needs access to a desired server. The method then relies upon re-verification of cryptographic evidence in the recorded portion of the TLS handshake, which is forwarded either (1) to the server to which access is desired, in which case the server re-verifies the recorded portion to confirm authentication, or, (2) to a third party entity, in which case the third party entity confirms authentication and provides credentials to the gateway server which then uses the credentials to authenticate to the server as the user.
摘要翻译：在实体链中委托认证的方法依赖于在网关设备和用户之间记录TLS握手的至少一部分，其中用户需要访问期望的服务器。然后，该方法依赖于在TLS握手的记录部分中重新验证加密证据，TLS握手被转发到（1）到需要访问的服务器，在这种情况下，服务器重新验证记录部分以确认认证，或者（2）到第三方实体，在这种情况下，第三方实体确认认证，并向网关服务器提供凭证，然后网关服务器使用凭证作为用户对服务器进行认证。

2. 发明申请

US20080134311A1 Authentication delegation based on re-verification of cryptographic evidence 有权
标题翻译：基于重新验证加密证据的认证授权
公开(公告)号：US20080134311A1
公开(公告)日：2008-06-05
申请号：US11607720
申请日：2006-12-01
申请人： Gennady Medvinsky , Nir Nice , Tomer Shiran , Alexander Teplitsky , Paul Leach , John Neystadt
发明人： Gennady Medvinsky , Nir Nice , Tomer Shiran , Alexander Teplitsky , Paul Leach , John Neystadt
IPC分类号： H04L9/32 , G06F21/00
CPC分类号： H04L63/166 , G06F21/33 , G06F2221/2115 , H04L9/3213 , H04L9/3263 , H04L9/3271 , H04L29/06965 , H04L63/0823 , H04L2209/38
摘要： The method of delegating authentication, within a chain of entities, relies upon a recording of at least a portion of a TLS handshake between a gateway device and user, in which the user needs access to a desired server. The method then relies upon re-verification of cryptographic evidence in the recorded portion of the TLS handshake, which is forwarded either (1) to the server to which access is desired, in which case the server re-verifies the recorded portion to confirm authentication, or, (2) to a third party entity, in which case the third party entity confirms authentication and provides credentials to the gateway server which then uses the credentials to authenticate to the server as the user.
摘要翻译：在实体链中委托认证的方法依赖于在网关设备和用户之间的至少一部分TLS握手的记录，其中用户需要访问期望的服务器。然后，该方法依赖于在TLS握手的记录部分中重新验证加密证据，TLS握手被转发到（1）到需要访问的服务器，在这种情况下，服务器重新验证记录部分以确认认证，或者（2）到第三方实体，在这种情况下，第三方实体确认认证，并向网关服务器提供凭证，然后网关服务器使用凭证作为用户对服务器进行认证。

3. 发明申请

US20090094263A1 ENHANCED UTILIZATION OF NETWORK BANDWIDTH FOR TRANSMISSION OF STRUCTURED DATA 审中-公开
标题翻译：用于传输结构化数据的网络带宽的增强利用
公开(公告)号：US20090094263A1
公开(公告)日：2009-04-09
申请号：US11867100
申请日：2007-10-04
申请人： Tomer Shiran , Nir Nice , Itai Almog , Adar Greenshpon
发明人： Tomer Shiran , Nir Nice , Itai Almog , Adar Greenshpon
IPC分类号： G06F17/30
CPC分类号： H04L69/04 , H04L67/02 , H04L67/28 , H04L67/2828
摘要： Systems and methods are described that improve the efficiency of byte caching mechanisms when transmitting or receiving structured data. Some of these techniques may normalize the structured data before transmission over the network. Other techniques may use templates or semantic differences.
摘要翻译：描述了系统和方法，用于在发送或接收结构化数据时提高字节缓存机制的效率。这些技术中的一些可以在通过网络传输之前规范化结构化数据。其他技术可能使用模板或语义差异。

4. 发明授权

US08020197B2 Explicit delegation with strong authentication 有权
标题翻译：具有强认证的明确授权
公开(公告)号：US08020197B2
公开(公告)日：2011-09-13
申请号：US11276139
申请日：2006-02-15
申请人： Tomer Shiran , Sara Bitan , Nir Nice , Jeroen de Borst , Dave Field , Shai Herzog
发明人： Tomer Shiran , Sara Bitan , Nir Nice , Jeroen de Borst , Dave Field , Shai Herzog
IPC分类号： G06F7/04 , H04L9/32
CPC分类号： H04L9/321 , H04L9/3263 , H04L9/3271 , H04L9/3297
摘要： Systems and methods for performing explicit delegation with strong authentication are described herein. Systems can include one or more clients, one or more end servers, and one or more gateways intermediate or between the client and the end server. The client may include an explicit strong delegation component that is adapted to strongly authenticate the client to the gateway. The explicit strong delegation component may also explicitly delegate to the gateway a right to authenticate on behalf of the client, and to define a period of time over which the explicit delegation is valid. The system may be viewed as being self-contained, in the sense that the system need not access third-party certificate or key distribution authorities. Finally, the client controls the gateways or end servers to which the gateway may authenticate on the client's behalf.
摘要翻译：这里描述了用于执行具有强认证的显式授权的系统和方法。系统可以包括一个或多个客户端，一个或多个终端服务器，以及在客户端和终端服务器之间中间或之间的一个或多个网关。客户端可以包括适合于向网关强烈认证客户端的显式强委派组件。显式强委托组件还可以向网关显式地委托代表客户端进行认证的权限，并定义显式授权有效的时间段。在系统不需要访问第三方证书或密钥分发机构的意义上，该系统可以被视为是独立的。最后，客户端代表客户端控制网关可以对其进行身份验证的网关或终端服务器。

5. 发明授权

US08959596B2 One-time password validation in a multi-entity environment 有权
标题翻译：在多实体环境中进行一次性密码验证
公开(公告)号：US08959596B2
公开(公告)日：2015-02-17
申请号：US11454373
申请日：2006-06-15
申请人： Nir Nice , Ron Mondri , Tomer Shiran , Boaz Ein-Gil
发明人： Nir Nice , Ron Mondri , Tomer Shiran , Boaz Ein-Gil
IPC分类号： G06F7/04 , H04L29/06 , H04L9/32 , H04L9/08
CPC分类号： H04L63/0838 , H04L9/0863 , H04L9/3228 , H04L63/083 , H04L63/0853
摘要： A single passcode can be used for validation by a user of several entities in a system without compromising security. The source of the entity providing validation credentials, along with the passcode, is considered when determining validity. A one-time password system validates credentials if a validation credentials, such as a user's valid passcode and the source of the credentials, have not been used previously. In a one-time passcode system, a validation processor receives validation credentials from a client processor. If the client processor has not previously sent the validation credentials to the validation processor, and the credentials are valid, the validation processor will validate the credentials. Otherwise, the credentials are invalid. Other client processors can utilize the same passcode and their respective source identifiers, and as long as the other client processors have not previously utilized the credentials, the credentials are declared valid.
摘要翻译：单个密码可用于系统中的几个实体的用户的验证，而不会影响安全性。在确定有效性时，会考虑提供验证凭证的实体的来源以及密码。如果先前没有使用验证凭证（例如用户的有效密码和凭据来源），则一次性密码系统将验证凭据。在一次性密码系统中，验证处理器从客户端处理器接收验证凭证。如果客户机处理器以前没有将验证凭证发送给验证处理器，并且凭据有效，则验证处理器将验证凭据。否则，凭据无效。其他客户端处理器可以使用相同的密码及其各自的源标识符，只要其他客户端处理器以前没有使用过凭据，凭证就被声明为有效的。

6. 发明申请

US20070294749A1 One-time password validation in a multi-entity environment 有权
标题翻译：在多实体环境中进行一次性密码验证
公开(公告)号：US20070294749A1
公开(公告)日：2007-12-20
申请号：US11454373
申请日：2006-06-15
申请人： Nir Nice , Ron Mondri , Tomer Shiran , Boaz Ein-Gil
发明人： Nir Nice , Ron Mondri , Tomer Shiran , Boaz Ein-Gil
IPC分类号： H04L9/32
CPC分类号： H04L63/0838 , H04L9/0863 , H04L9/3228 , H04L63/083 , H04L63/0853
摘要： A single passcode can be used for validation by a user of several entities in a system without compromising security. The source of the entity providing validation credentials, along with the passcode, is considered when determining validity. A one-time password system validates credentials if a validation credentials, such as a user's valid passcode and the source of the credentials, have not been used previously. In a one-time passcode system, a validation processor receives validation credentials from a client processor. If the client processor has not previously sent the validation credentials to the validation processor, and the credentials are valid, the validation processor will validate the credentials. Otherwise, the credentials are invalid. Other client processors can utilize the same passcode and their respective source identifiers, and as long as the other client processors have not previously utilized the credentials, the credentials are declared valid.
摘要翻译：单个密码可用于系统中的几个实体的用户的验证，而不会影响安全性。在确定有效性时，会考虑提供验证凭证的实体的来源以及密码。如果先前没有使用验证凭证（例如用户的有效密码和凭据来源），则一次性密码系统将验证凭据。在一次性密码系统中，验证处理器从客户端处理器接收验证凭证。如果客户机处理器以前没有将验证凭证发送给验证处理器，并且凭据有效，则验证处理器将验证凭据。否则，凭据无效。其他客户端处理器可以使用相同的密码及其各自的源标识符，只要其他客户端处理器以前没有使用过凭据，凭证就被声明为有效的。

7. 发明申请

US20070192836A1 Explicit Delegation With Strong Authentication 有权
标题翻译：具有强认证的明确授权
公开(公告)号：US20070192836A1
公开(公告)日：2007-08-16
申请号：US11276139
申请日：2006-02-15
申请人： Tomer Shiran , Sara Bitan , Nir Nice , Jeroen de Borst , Dave Field , Shai Herzog
发明人： Tomer Shiran , Sara Bitan , Nir Nice , Jeroen de Borst , Dave Field , Shai Herzog
IPC分类号： H04L9/32 , G06K9/00 , G06F15/16 , H04L9/00 , G06F17/30 , G06F17/00 , G06F9/00 , G06F7/04 , G06F7/58 , G06K19/00 , G06F15/173
CPC分类号： H04L9/321 , H04L9/3263 , H04L9/3271 , H04L9/3297
摘要： Systems and methods for performing explicit delegation with strong authentication are described herein. Systems can include one or more clients, one or more end servers, and one or more gateways intermediate or between the client and the end server. The client may include an explicit strong delegation component that is adapted to strongly authenticate the client to the gateway. The explicit strong delegation component may also explicitly delegate to the gateway a right to authenticate on behalf of the client, and to define a period of time over which the explicit delegation is valid. The system may be viewed as being self-contained, in the sense that the system need not access third-party certificate or key distribution authorities. Finally, the client controls the gateways or end servers to which the gateway may authenticate on the client's behalf.
摘要翻译：这里描述了用于执行具有强认证的显式授权的系统和方法。系统可以包括一个或多个客户端，一个或多个终端服务器，以及在客户端和终端服务器之间中间或之间的一个或多个网关。客户端可以包括适合于向网关强烈认证客户端的显式强委派组件。显式强委托组件还可以向网关显式地委托代表客户端进行认证的权限，并定义显式授权有效的时间段。在系统不需要访问第三方证书或密钥分发机构的意义上，该系统可以被视为是独立的。最后，客户端代表客户端控制网关可以对其进行身份验证的网关或终端服务器。

8. 发明申请

US20090300739A1 Authentication for distributed secure content management system 有权
标题翻译：分布式安全内容管理系统认证
公开(公告)号：US20090300739A1
公开(公告)日：2009-12-03
申请号：US12127803
申请日：2008-05-27
申请人： Nir Nice , Oleg Ananiev , John F. Wohlfert , Amit Finkelstein , Alexander Teplitsky
发明人： Nir Nice , Oleg Ananiev , John F. Wohlfert , Amit Finkelstein , Alexander Teplitsky
IPC分类号： H04L9/32 , G06F15/16
CPC分类号： H04L63/0281 , G06F21/31 , H04L63/08 , H04L63/0884 , H04L67/146 , H04L67/28
摘要： Aspects of the subject matter described herein relate to authentication for a distributed secure content management system. In aspects, a request to access a resource available through the Internet is routed to a security component. The security component is one of a plurality of security components distributed throughout the Internet and responsible for authenticating entities associated with an enterprise. The security component determines an authentication protocol to use with the entity and then authenticates the entity. If the entity is authenticated, the entity is allowed to use a forward proxy.
摘要翻译：本文描述的主题的方面涉及用于分布式安全内容管理系统的认证。在方面，将访问通过因特网可用的资源的请求路由到安全组件。安全组件是分布在整个互联网上的多个安全组件之一，负责认证与企业相关联的实体。安全组件确定与实体一起使用的身份验证协议，然后验证实体。如果实体被认证，则允许实体使用转发代理。

9. 发明授权

US08910255B2 Authentication for distributed secure content management system 有权
标题翻译：分布式安全内容管理系统认证
公开(公告)号：US08910255B2
公开(公告)日：2014-12-09
申请号：US12127803
申请日：2008-05-27
申请人： Nir Nice , Oleg Ananiev , John F. Wohlfert , Amit Finkelstein , Alexander Teplitsky
发明人： Nir Nice , Oleg Ananiev , John F. Wohlfert , Amit Finkelstein , Alexander Teplitsky
IPC分类号： H04L29/06 , G06F21/31
CPC分类号： H04L63/0281 , G06F21/31 , H04L63/08 , H04L63/0884 , H04L67/146 , H04L67/28
摘要： Aspects of the subject matter described herein relate to authentication for a distributed secure content management system. In aspects, a request to access a resource available through the Internet is routed to a security component. The security component is one of a plurality of security components distributed throughout the Internet and responsible for authenticating entities associated with an enterprise. The security component determines an authentication protocol to use with the entity and then authenticates the entity. If the entity is authenticated, the entity is allowed to use a forward proxy.
摘要翻译：本文描述的主题的方面涉及用于分布式安全内容管理系统的认证。在方面，将访问通过因特网可用的资源的请求路由到安全组件。安全组件是分布在整个互联网上的多个安全组件之一，负责认证与企业相关联的实体。安全组件确定与实体一起使用的身份验证协议，然后验证实体。如果实体被认证，则允许实体使用转发代理。

10. 发明授权

US10116580B2 Seamless location aware network connectivity 有权
公开(公告)号：US10116580B2
公开(公告)日：2018-10-30
申请号：US12163046
申请日：2008-06-27
申请人： Ehud Mordechai Itshaki , Nir Nice , Eugene John Neystadt , Noam Gershon Ben-Yochanan
发明人： Ehud Mordechai Itshaki , Nir Nice , Eugene John Neystadt , Noam Gershon Ben-Yochanan
IPC分类号： G06F15/16 , H04L12/911 , H04W76/10
摘要： Described is a technology by which a seamless automatic connection to an (e.g., corporate) network is made for a client device. Upon detecting a need for a connection to a network, such as by intercepting a communication directed towards a network destination, a list of available connection methods is automatically obtained based on the device's current location data (e.g., LAN or remote) and policy information. An available connection method from the list is selected, e.g., in order, and an attempt is made to establish a connection via that connection method. If the attempt fails, another attempt is made with a different connection method, and so on, until a connection method succeeds. Additional seamlessness from the user's perspective is provided via a credentials vault, by which stored credentials may be retrieved and used in association with the access method being attempted.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式