专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07506162B1 Methods for more flexible SAML session 有权
标题翻译：更灵活的SAML会话的方法
公开(公告)号：US07506162B1
公开(公告)日：2009-03-17
申请号：US10833414
申请日：2004-04-27
申请人： Heng-Ming Hsu , Qingwen Cheng , Ping Luo , Bhavna Bhatnagar
发明人： Heng-Ming Hsu , Qingwen Cheng , Ping Luo , Bhavna Bhatnagar
IPC分类号： H04L9/00 , H04L9/32 , G06F7/04
CPC分类号： H04L63/0815
摘要： In accordance with one embodiment of the present invention, there is provided a mechanism for implementing navigation seamlessly between sites in a computing environment in order to access resources without having to require users or user agents to re-authenticate. In one embodiment, there is provided the ability to determine different attribute sets for use with different resources on a target site for a user or user agent authenticated with a first site seeking to access one or more resources of the second site without re-authenticating. In one embodiment, there is provided the ability to map accounts on a first site to accounts on the second site using a set of attributes selected from among attributes provided by an application on the first site. With this mechanism, it is possible for applications or other resources to share information about a user or a user agent across disparate web sites seamlessly.
摘要翻译：根据本发明的一个实施例，提供了一种用于在计算环境中的站点之间无缝地实现导航以便访问资源而不必要求用户或用户代理重新认证的机制。在一个实施例中，提供了确定不同属性集的能力，以针对用户或用户代理进行目标站点上的不同资源的身份验证，该用户或用户代理通过寻求访问第二站点的一个或多个资源的第一站点进行身份验证，而无需重新认证。在一个实施例中，提供了使用从第一站点上的应用提供的属性中选择的一组属性将第一站点上的帐户映射到第二站点上的帐户的能力。通过这种机制，应用程序或其他资源可以无缝地共享不同网站上的用户或用户代理的信息。

2. 发明授权

US07237256B2 Method and system for providing an open and interoperable system 有权
标题翻译：提供开放和可互操作的系统的方法和系统
公开(公告)号：US07237256B2
公开(公告)日：2007-06-26
申请号：US10619657
申请日：2003-07-14
申请人： Qingwen Cheng , Bhavna Bhatnagar , Hong Xu , Wei Sun , Ping Luo , Shivaram Bhat , Aravindan Ranganathan
发明人： Qingwen Cheng , Bhavna Bhatnagar , Hong Xu , Wei Sun , Ping Luo , Shivaram Bhat , Aravindan Ranganathan
IPC分类号： H04L9/32
CPC分类号： H04L63/0815
摘要： Embodiments of the present invention provide an open and interoperable single sign-on session in a heterogeneous communication network. The open and interoperable single sign-on system is configured by exchanging an entity identifier, an account mapping, an attribute mapping, a site attribute list, an action mapping and/or the like. The entity identifier, account mapping, attribute mapping, site attribute list, action mapping and the like for each partner entity is stored in a partner list accessable to the particular entity. Thereafter, the open and interoperable single sign-on session may be provided upon receipt of a SAML request or assertion containing an entity identifier. The entity identifier contained in the SAML request or assertion is looked-up in the partner list of the particular entity which received the SAML request or assertion. A record containing a matching entity identifier provides the applicable account mapping, attribute mapping, site attribute list, and/or action mapping. The one or more mappings are then utilized to process the SAML request or assertion.
摘要翻译：本发明的实施例提供了在异构通信网络中的开放和可互操作的单点登录会话。通过交换实体标识符，帐号映射，属性映射，站点属性列表，动作映射等来配置开放和可互操作的单点登录系统。每个伙伴实体的实体标识符，帐户映射，属性映射，站点属性列表，操作映射等存储在可访问特定实体的合作伙伴列表中。此后，可以在接收到包含实体标识符的SAML请求或断言时提供开放和可互操作的单点登录会话。包含在SAML请求或断言中的实体标识符在接收到SAML请求或断言的特定实体的合作伙伴列表中查找。包含匹配实体标识符的记录提供适用的帐户映射，属性映射，站点属性列表和/或动作映射。然后利用一个或多个映射来处理SAML请求或断言。

3. 发明授权

US07716469B2 Method and system for providing a circle of trust on a network 有权
标题翻译：在网络上提供信任圈的方法和系统
公开(公告)号：US07716469B2
公开(公告)日：2010-05-11
申请号：US10627019
申请日：2003-07-25
申请人： Bhavna Bhatnagar , Ping Luo , Qingwen Cheng , Shivaram Bhat , Hong Xu , Wei Sun , Aravindan Ranganathan
发明人： Bhavna Bhatnagar , Ping Luo , Qingwen Cheng , Shivaram Bhat , Hong Xu , Wei Sun , Aravindan Ranganathan
IPC分类号： H04L29/06 , H04L9/32 , G06F7/04
CPC分类号： H04L63/0815 , H04L9/3263 , H04L63/0823
摘要： Embodiments of the present invention provide a circle of trust on a network. The circle of trust is configured by exchanging credential of a first and a second affiliated entity. The credentials of the first affiliated entity is stored in a trusted partner list of the second affiliated entity. The credentials of the second affiliated entity is stored in a trusted partner list of the first affiliated entity. Thereafter, a circle of trust session may be provided when a client device initiates use of a resource on a relying party device by providing an authentication assertion reference. The identity of the issuing party of the authentication is determined as a function of the authentication assertion reference. The relying party sends an authentication query containing its credential to the issuing party. The issuing party determines if the relying party is a trusted entity based upon whether the relying party's credential is contained in the trusted partner list of the issuing party.
摘要翻译：本发明的实施例提供了一种网络上的信任圈。通过交换第一个和第二个附属实体的凭证来配置信任圈。第一个关联实体的凭证存储在第二个关联实体的可信合作伙伴列表中。第二个关联实体的凭证存储在第一个关联实体的可信赖的合作伙伴列表中。此后，当客户端设备通过提供认证断言引用来在依赖方设备上启动资源的使用时，可以提供一个信任圈。认证的发行方的身份被确定为认证断言参考的函数。依赖方向发卡方发送包含其凭据的认证查询。发行方基于信任方的凭证是否包含在发行方的受信任的合作伙伴列表中来确定依赖方是否是可信赖的实体。

4. 发明申请

US20050015593A1 Method and system for providing an open and interoperable system 有权
标题翻译：提供开放和可互操作的系统的方法和系统
公开(公告)号：US20050015593A1
公开(公告)日：2005-01-20
申请号：US10619657
申请日：2003-07-14
申请人： Qingwen Cheng , Bhavna Bhatnagar , Hong Xu , Wei Sun , Ping Luo , Shivaram Bhat , Aravindan Ranganathan
发明人： Qingwen Cheng , Bhavna Bhatnagar , Hong Xu , Wei Sun , Ping Luo , Shivaram Bhat , Aravindan Ranganathan
IPC分类号： H04L9/00 , H04L29/06
CPC分类号： H04L63/0815
摘要： Embodiments of the present invention provide an open and interoperable single sign-on session in a heterogeneous communication network. The open and interoperable single sign-on system is configured by exchanging an entity identifier, an account mapping, an attribute mapping, a site attribute list, an action mapping and/or the like. The entity identifier, account mapping, attribute mapping, site attribute list, action mapping and the like for each partner entity is stored in a partner list accessable to the particular entity. Thereafter, the open and interoperable single sign-on session may be provided upon receipt of a SAML request or assertion containing an entity identifier. The entity identifier contained in the SAML request or assertion is looked-up in the partner list of the particular entity which received the SAML request or assertion. A record containing a matching entity identifier provides the applicable account mapping, attribute mapping, site attribute list, and/or action mapping. The one or more mappings are then utilized to process the SAML request or assertion.
摘要翻译：本发明的实施例提供了在异构通信网络中的开放和可互操作的单点登录会话。通过交换实体标识符，帐户映射，属性映射，站点属性列表，动作映射等来配置开放和可互操作的单点登录系统。每个伙伴实体的实体标识符，帐户映射，属性映射，站点属性列表，操作映射等存储在可访问特定实体的合作伙伴列表中。此后，可以在接收到包含实体标识符的SAML请求或断言时提供开放和可互操作的单点登录会话。包含在SAML请求或断言中的实体标识符在接收到SAML请求或断言的特定实体的合作伙伴列表中查找。包含匹配实体标识符的记录提供适用的帐户映射，属性映射，站点属性列表和/或动作映射。然后利用一个或多个映射来处理SAML请求或断言。

5. 发明授权

US07788711B1 Method and system for transferring identity assertion information between trusted partner sites in a network using artifacts 有权
标题翻译：用于在网络中的信任伙伴站点之间传送身份断言信息的方法和系统，使用工件
公开(公告)号：US07788711B1
公开(公告)日：2010-08-31
申请号：US10683728
申请日：2003-10-09
申请人： Wei Sun , Aravindan Ranganathan , Ping Luo , Qingwen Cheng , Shivaram Bhat , Hong Xu , Bhavna Bhatnagar
发明人： Wei Sun , Aravindan Ranganathan , Ping Luo , Qingwen Cheng , Shivaram Bhat , Hong Xu , Bhavna Bhatnagar
IPC分类号： G06F7/04
CPC分类号： H04L63/0815
摘要： A method for managing access to multiple applications using a central server. The method includes receiving a user name and password from an application for a user, generating identity assertion information using the user name and password, generating an artifact associated with the identity assertion information, sending the artifact to the application, receiving the artifact and a request for the identity assertion information from a second application, verifying the validity of the artifact, and sending the identity assertion information to the second application. The second application uses the identity assertion information to authorize the user to access the second application.
摘要翻译：使用中央服务器管理对多个应用程序的访问的方法。该方法包括从用户的应用程序接收用户名和密码，使用用户名和密码生成身份断言信息，生成与身份断言信息相关联的工件，将工件发送到应用程序，接收工件和请求用于来自第二应用的身份断言信息，验证伪像的有效性，以及将身份断言信息发送到第二应用。第二个应用程序使用身份断言信息来授权用户访问第二个应用程序。

6. 发明申请

US20050021964A1 Method and system for providing a circle of trust on a network 有权
标题翻译：在网络上提供信任圈的方法和系统
公开(公告)号：US20050021964A1
公开(公告)日：2005-01-27
申请号：US10627019
申请日：2003-07-25
申请人： Bhavna Bhatnagar , Ping Luo , Qingwen Cheng , Shivaram Bhat , Hong Xu , Wei Sun , Aravindan Ranganathan
发明人： Bhavna Bhatnagar , Ping Luo , Qingwen Cheng , Shivaram Bhat , Hong Xu , Wei Sun , Aravindan Ranganathan
IPC分类号： H04L9/32 , H04L29/06 , H04L9/00
CPC分类号： H04L63/0815 , H04L9/3263 , H04L63/0823
摘要： Embodiments of the present invention provide a circle of trust on a network. The circle of trust is configured by exchanging credential of a first and a second affiliated entity. The credentials of the first affiliated entity is stored in a trusted partner list of the second affiliated entity. The credentials of the second affiliated entity is stored in a trusted partner list of the first affiliated entity. Thereafter, a circle of trust session may be provided when a client device initiates use of a resource on a relying party device by providing an authentication assertion reference. The identity of the issuing party of the authentication is determined as a function of the authentication assertion reference. The relying party sends an authentication query containing its credential to the issuing party. The issuing party determines if the relying party is a trusted entity based upon whether the relying party's credential is contained in the trusted partner list of the issuing party.
摘要翻译：本发明的实施例提供了一种网络上的信任圈。通过交换第一个和第二个附属实体的凭证来配置信任圈。第一个关联实体的凭证存储在第二个关联实体的可信合作伙伴列表中。第二个关联实体的凭证存储在第一个关联实体的可信赖的合作伙伴列表中。此后，当客户端设备通过提供认证断言引用来在依赖方设备上启动资源的使用时，可以提供一个信任圈。认证的发行方的身份被确定为认证断言参考的函数。依赖方向发卡方发送包含其凭据的认证查询。发行方基于信任方的凭证是否包含在发行方的受信任的合作伙伴列表中来确定依赖方是否是可信赖的实体。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式