专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20050039158A1 Method and apparatus for adopting authorizations 失效
标题翻译：采用授权的方法和装置
公开(公告)号：US20050039158A1
公开(公告)日：2005-02-17
申请号：US10639862
申请日：2003-08-13
申请人： Lawrence Koved , Anthony Nadalin , Marco Pistoia
发明人： Lawrence Koved , Anthony Nadalin , Marco Pistoia
IPC分类号： G06F9/44
CPC分类号： G06F21/53
摘要： A method and apparatus for implementing a new Permission for methods that perform callback operations are provided. The method and apparatus provide an AdoptPermission Permission type that allows a method to pass a Java 2 authorization test without having the specific required Permissions expressly granted to the method and without the method having the AllPermission Permission granted to it. With the apparatus and method, an AdoptPermission Permission type is defined that operates to allow a ProtectionDomain to “adopt” a required Permission. However, this adoption of a required Permission can only be performed if the ProtectionDomain of at least one method in the thread stack has been granted a Permission that implies the required Permission. Thus, the AdoptPermission Permission type provides an intermediate mechanism that is not as over-inclusive as the AllPermission Permission type and is not as under-inclusive as requiring that all methods in the thread stack include the required Permission expressly granted to them.
摘要翻译：提供了一种用于实现执行回调操作的方法的新的Permission的方法和装置。该方法和设备提供了一个AdoptPermission权限类型，允许一种方法传递Java 2授权测试，而不会明确授予该方法的特定所需权限，而不授予其授予AllPermission权限的方法。使用设备和方法，定义了一个AdoptPermission权限类型，该类型用于允许ProtectionDomain“采用”所需的权限。但是，只有当线程堆栈中至少有一个方法的ProtectionDomain被授予一个隐含所需权限的权限时，才能执行所需的权限。因此，AdoptPermission Permission类型提供了一个不像AllPermission Permission类型那样超出包容性的中间机制，并且不包含要求线程堆栈中的所有方法都包含明确授予它们的所需权限。

2. 发明申请

US20080104698A1 METHOD AND APPARATUS FOR ADOPTING AUTHORIZATIONS 失效
标题翻译：通过授权的方法和装置
公开(公告)号：US20080104698A1
公开(公告)日：2008-05-01
申请号：US11968673
申请日：2008-01-03
申请人： Lawrence Koved , Anthony Nadalin , Marco Pistoia
发明人： Lawrence Koved , Anthony Nadalin , Marco Pistoia
IPC分类号： G06F21/00
CPC分类号： G06F21/53
摘要： A method and apparatus for implementing a new Permission for methods that perform callback operations are provided. The method and apparatus provide an AdoptPermission Permission type that allows a method to pass a Java 2 authorization test without having the specific required Permissions expressly granted to the method and without the method having the AllPermission Permission granted to it. With the apparatus and method, an AdoptPermission Permission type is defined that operates to allow a ProtectionDomain to “adopt” a required Permission. However, this adoption of a required Permission can only be performed if the ProtectionDomain of at least one method in the thread stack has been granted a Permission that implies the required Permission. Thus, the AdoptPermission Permission type provides an intermediate mechanism that is not as over-inclusive as the AllPermission Permission type and is not as under-inclusive as requiring that all methods in the thread stack include the required Permission expressly granted to them.
摘要翻译：提供了一种用于实现执行回调操作的方法的新的Permission的方法和装置。该方法和设备提供了一个AdoptPermission权限类型，允许一种方法传递Java 2授权测试，而不会明确授予该方法的特定所需权限，而不授予其授予AllPermission权限的方法。使用设备和方法，定义了一个AdoptPermission权限类型，该类型用于允许ProtectionDomain“采用”所需的权限。但是，只有当线程堆栈中至少有一个方法的ProtectionDomain被授予一个隐含所需权限的权限时，才能执行所需的权限。因此，AdoptPermission Permission类型提供了一个不像AllPermission Permission类型那样超出包容性的中间机制，并且不包含要求线程堆栈中的所有方法都包含明确授予它们的所需权限。

3. 发明授权

US08387111B2 Type independent permission based access control 失效
标题翻译：键入独立权限的访问控制
公开(公告)号：US08387111B2
公开(公告)日：2013-02-26
申请号：US10002439
申请日：2001-11-01
申请人： Lawrence Koved , Anthony Joseph Nadalin , Nataraj Nagaratnam , Marco Pistoia , Bruce Arland Rich
发明人： Lawrence Koved , Anthony Joseph Nadalin , Nataraj Nagaratnam , Marco Pistoia , Bruce Arland Rich
IPC分类号： G06F12/14
CPC分类号： G06F21/53 , G06F2221/2145
摘要： A method and apparatus for type independent permission based access control are provided. The method and apparatus utilize object inheritance to provide a mechanism by which a large group of permissions may be assigned to a codesource without having to explicitly assign each individual permission to the codesource. A base permission, or superclass permission, is defined along with inherited, or subclass, permissions that fall below the base permission in a hierarchy of permissions. Having defined the permissions in such a hierarchy, a developer may assign a base permission to an installed class and thereby assign all of the inherited permissions of the base permission to the installed class. In this way, security providers need not know all the permission types defined in an application. In addition, security providers can seamlessly integrate with many applications without changing their access control and policy store semantics. Moreover, application providers' security enforcement is no dependent on the security provider defined permissions. The method and apparatus do not require any changes to the Java security manager and do not require changes to application code.
摘要翻译：提供了一种用于基于类型独立许可的访问控制的方法和装置。该方法和装置利用对象继承来提供一种机制，通过该机制，可以将大量的权限组分配给代码源，而不必对代码源明确地分配每个单独的权限。基本权限或超类权限与继承层级或权限级别中的基本权限之下的继承或子类权限一起定义。在这样的层次结构中定义了权限之后，开发人员可以为已安装的类分配一个基本权限，从而将基本权限的所有继承的权限分配给已安装的类。以这种方式，安全提供程序不需要知道应用程序中定义的所有权限类型。此外，安全提供商可以无缝地集成许多应用程序，而无需更改其访问控制和策略存储语义。此外，应用程序提供商的安全执行不依赖于安全提供程序定义的权限。该方法和设备不需要对Java安全管理器进行任何更改，也不需要更改应用程序代码。

4. 发明授权

US07237236B2 Method and apparatus for automatically determining optimum placement of privileged code locations in existing code 失效
标题翻译：用于自动确定现有代码中特权代码位置的最佳布局的方法和装置
公开(公告)号：US07237236B2
公开(公告)日：2007-06-26
申请号：US10226871
申请日：2002-08-22
申请人： Aaron Stephen Jay Kershenbaum , Lawrence Koved , Anthony Joseph Nadalin , Marco Pistoia
发明人： Aaron Stephen Jay Kershenbaum , Lawrence Koved , Anthony Joseph Nadalin , Marco Pistoia
IPC分类号： G06F9/45
CPC分类号： G06F8/433 , G06F8/72
摘要： A method and apparatus for automatically determining optimum placement of privileged code enablement locations in existing code are provided. A method invocation graph of existing code is generated and a static analysis of the method invocation graph is performed. The static analysis is used to analyze the permission propagation through chains of method invocations in the method invocation graph. When a method invocation in the method invocation graph satisfies one or more user definable criteria, the location in the method invocation graph is saved to a file that identifies recommended insertion points for a call to the authorization enablement code. This file may then be used to manually review the code to determine if a call to privileged mode enablement should actually be made at the identified locations. Alternatively, the call to privileged mode enablement may be automatically inserted at the indicated locations using refactoring.
摘要翻译：提供了一种用于自动确定现有代码中特权代码启用位置的最佳布局的方法和装置。生成现有代码的方法调用图，并执行方法调用图的静态分析。静态分析用于通过方法调用图中的方法调用链来分析权限传播。当方法调用图中的方法调用满足一个或多个用户可定义的标准时，方法调用图中的位置将保存到一个文件中，该文件标识了对授权启用代码的调用的推荐插入点。然后可以使用该文件手动查看代码，以确定是否应在所识别的位置实际执行对特权模式启用的调用。或者，可以使用重构在所指示的位置自动地插入对特权模式启用的呼叫。

5. 发明授权

US07827613B2 System and method for supporting digital rights management in an enhanced Java™ 2 runtime environment 有权
标题翻译：在增强的Java™2运行时环境中支持数字版权管理的系统和方法
公开(公告)号：US07827613B2
公开(公告)日：2010-11-02
申请号：US11932473
申请日：2007-10-31
申请人： Lawrence Koved , Magda M. Mourad , Jonathan P. Munson , Giovanni Pacifici , Marco Pistoia , Alaa S. Youssef
发明人： Lawrence Koved , Magda M. Mourad , Jonathan P. Munson , Giovanni Pacifici , Marco Pistoia , Alaa S. Youssef
IPC分类号： H04N7/16
CPC分类号： G06F21/52 , G06F21/10 , G06F2221/0748
摘要： A digital rights management (DRM) system and methodology for a Java client implementing a Java Runtime Environment (JRE). The JRE comprises a Java Virtual Machine (JVM) and Java runtime libraries components and is capable of executing a player application for presenting content that can be presented through a Java program (e.g., a Java application, applet, servlet, bean, etc.) and downloaded from a content server to the client. The DRM system includes an acquisition component for receiving downloaded protected contents; and a dynamic rights management layer located between the JRE and player application for receiving requests to view or play downloaded protected contents from the player, and, in response to each request, determining the rights associated with protected content and enabling viewing or playing of the protected contents via the player application if permitted according to the rights. By providing a DRM-enabled Java runtime, which does not affect the way non-DRM-related programs work, DRM content providers will not require the installation of customized players. By securing the runtime, every Java™ player automatically and transparently becomes a DRM-enabled player.
摘要翻译：实现Java运行时环境（JRE）的Java客户端的数字版权管理（DRM）系统和方法。 JRE包括Java虚拟机（JVM）和Java运行时库组件，并且能够执行播放器应用程序来呈现可以通过Java程序呈现的内容（例如，Java应用程序，小程序，servlet，bean等）并从内容服务器下载到客户端。 DRM系统包括用于接收下载的受保护内容的获取组件; 以及位于JRE和播放器应用之间的动态版权管理层，用于接收从播放器查看或播放下载的受保护内容的请求，并且响应于每个请求，确定与受保护内容相关联的权限，并且使得能够观看或播放受保护的内容内容通过玩家申请，如果允许，根据权利。通过提供支持DRM的Java运行时，不影响非DRM相关程序的工作方式，DRM内容提供商将不需要安装定制播放器。通过保护运行时间，每个Java™播放器自动和透明地成为支持DRM的播放器。

6. 发明申请

US20090094667A1 Method and Apparatus for Automatic Determination of Authorization Requirements While Editing or Generating Code 失效
标题翻译：编辑或生成代码时自动确定授权要求的方法和装置
公开(公告)号：US20090094667A1
公开(公告)日：2009-04-09
申请号：US11867792
申请日：2007-10-05
申请人： Ted A. Habeck , Lawrence Koved , Jeff McAffer , Marco Pistoia
发明人： Ted A. Habeck , Lawrence Koved , Jeff McAffer , Marco Pistoia
IPC分类号： G06F17/00
CPC分类号： G06F21/6218
摘要： Systems and methods are presented for automatically determining the security requirements of program code during the creation or modification of that program code and for presenting the necessary security permissions to a developer of the program code at the time of the creation or modification of the program code. A cache is established containing program code segments including library calls and application program interfaces that require security permissions at runtime. The cache also includes the security permissions associated with the stored program code segments. Program code editing is monitored in real time during the editing, and instances of edits that add, modify or delete the stored program code segments from the program code being edited are identified. The security permissions associated with the program code segments that are modified by the edits are retrieved from the cache. The retrieved security permissions are immediately presented to the developer in an interactive format that provides the developer with the ability to accept or decline the necessary changes to the security permissions.
摘要翻译：提出了系统和方法，用于在创建或修改程序代码期间自动确定程序代码的安全性要求，并在创建或修改程序代码时向程序代码的开发人员呈现必要的安全权限。建立了包含程序代码段的缓存，包括在运行时需要安全权限的库调用和应用程序接口。缓存还包括与存储的程序代码段相关联的安全许可。在编辑期间实时监控程序代码编辑，并且识别从正在编辑的程序代码中添加，修改或删除存储的程序代码段的编辑实例。从缓存中检索与编辑修改的程序代码段相关联的安全权限。检索到的安全权限立即以交互式格式呈现给开发人员，交互式格式使开发人员能够接受或拒绝对安全权限的必要更改。

7. 发明授权

US07308717B2 System and method for supporting digital rights management in an enhanced Java™ 2 runtime environment 失效
标题翻译：在增强的Java（TM）2运行时环境中支持数字版权管理的系统和方法
公开(公告)号：US07308717B2
公开(公告)日：2007-12-11
申请号：US09792154
申请日：2001-02-23
申请人： Lawrence Koved , Magda M. Mourad , Jonathan P. Munson , Giovanni Pacifici , Marco Pistoia , Alaa S. Youssef
发明人： Lawrence Koved , Magda M. Mourad , Jonathan P. Munson , Giovanni Pacifici , Marco Pistoia , Alaa S. Youssef
IPC分类号： G06F7/04
CPC分类号： G06F21/52 , G06F21/10 , G06F2221/0748
摘要： A digital rights management (DRM) system and methodology for a Java client implementing a Java Runtime Environment (JRE). The JRE comprises a Java Virtual Machine (JVM) and Java runtime libraries components and is capable of executing a player application for presenting content that can be presented through a Java program (e.g., a Java application, applet, servlet, bean, etc.) and downloaded from a content server to the client. The DRM system includes an acquisition component for receiving downloaded protected contents; and a dynamic rights management layer located between the JRE and player application for receiving requests to view or play downloaded protected contents from the player, and, in response to each request, determining the rights associated with protected content and enabling viewing or playing of the protected contents via the player application if permitted according to the rights. By providing a Ad DRM-enabled Java runtime, which does not affect the way non-DRM-related programs work, DRM content providers will not require the installation of customized players. By securing the runtime, every Java™ player automatically and transparently becomes a DRM-enabled player.
摘要翻译：实现Java运行时环境（JRE）的Java客户端的数字版权管理（DRM）系统和方法。 JRE包括Java虚拟机（JVM）和Java运行时库组件，并且能够执行播放器应用程序来呈现可以通过Java程序呈现的内容（例如，Java应用程序，小程序，servlet，bean等）并从内容服务器下载到客户端。 DRM系统包括用于接收下载的受保护内容的获取组件; 以及位于JRE和播放器应用之间的动态版权管理层，用于接收从播放器查看或播放下载的受保护内容的请求，并且响应于每个请求，确定与受保护内容相关联的权限，并且使得能够观看或播放受保护的内容内容通过玩家申请，如果允许，根据权利。通过提供支持广告DRM的Java运行时，不影响非DRM相关程序的工作方式，DRM内容提供商将不需要安装自定义播放器。通过确保运行时间，每个Java（TM）播放器自动且透明地成为启用DRM的播放器。

8. 发明授权

US08789188B2 Method and apparatus for automatic determination of authorization requirements while editing or generating code 失效
标题翻译：在编辑或生成代码时自动确定授权要求的方法和装置
公开(公告)号：US08789188B2
公开(公告)日：2014-07-22
申请号：US11867792
申请日：2007-10-05
申请人： Ted A. Habeck , Lawrence Koved , Jeff McAffer , Marco Pistoia
发明人： Ted A. Habeck , Lawrence Koved , Jeff McAffer , Marco Pistoia
IPC分类号： G06F21/00
CPC分类号： G06F21/6218
摘要： Systems and methods are presented for automatically determining the security requirements of program code during the creation or modification of that program code and for presenting the necessary security permissions to a developer of the program code at the time of the creation or modification of the program code. A cache is established containing program code segments including library calls and application program interfaces that require security permissions at runtime. The cache also includes the security permissions associated with the stored program code segments. Program code editing is monitored in real time during the editing, and instances of edits that add, modify or delete the stored program code segments from the program code being edited are identified. The security permissions associated with the program code segments that are modified by the edits are retrieved from the cache. The retrieved security permissions are immediately presented to the developer in an interactive format that provides the developer with the ability to accept or decline the necessary changes to the security permissions.
摘要翻译：提出了系统和方法，用于在创建或修改程序代码期间自动确定程序代码的安全性要求，并在创建或修改程序代码时向程序代码的开发人员呈现必要的安全权限。建立了包含程序代码段的缓存，包括在运行时需要安全权限的库调用和应用程序接口。缓存还包括与存储的程序代码段相关联的安全许可。在编辑期间实时监控程序代码编辑，并且识别从正在编辑的程序代码中添加，修改或删除存储的程序代码段的编辑实例。从缓存中检索与编辑修改的程序代码段相关联的安全权限。检索到的安全权限立即以交互式格式呈现给开发人员，交互式格式使开发人员能够接受或拒绝对安全权限的必要更改。

9. 发明申请

US20050015752A1 Static analysis based error reduction for software applications 审中-公开
标题翻译：基于静态分析的软件应用程序的减少误差
公开(公告)号：US20050015752A1
公开(公告)日：2005-01-20
申请号：US10620078
申请日：2003-07-15
申请人： Bowen Alpern , Robert Johnson , Aaron Kershenbaum , Lawrence Koved , George Leeman , Marco Pistoia , Darrell Reimer , Kavitha Srinivas , Harini Srinivasan
发明人： Bowen Alpern , Robert Johnson , Aaron Kershenbaum , Lawrence Koved , George Leeman , Marco Pistoia , Darrell Reimer , Kavitha Srinivas , Harini Srinivasan
IPC分类号： G06F9/44 , G06F9/45
CPC分类号： G06F11/3604
摘要： A system and method for providing “static analysis” of programs to aid in improving runtime performance, stability, security and privacy characteristics of deployed application code. The method includes performing a set of analyses that sifts through the program code and identifies programming security and/or privacy model coding errors. In particular the invention focuses on identifying coding errors that cause loss of correctness, performance degradation, security, privacy and maintainability vulnerabilities. A deep analysis of the program is performed using detailed control and data flow analyses. These deeper analyses provide a much better perspective of the overall application behavior. This deep analysis is in contrast to shallow analyses in current industry tools, which inspect or model a single or a few classes at a time.
摘要翻译：提供程序的“静态分析”的系统和方法，以帮助提高部署应用程序代码的运行时性能，稳定性，安全性和隐私特性。该方法包括执行通过程序代码筛选的一组分析，并识别编程安全性和/或隐私模型编码错误。特别地，本发明着重于识别导致正确性，性能下降，安全性，隐私和可维护性漏洞损失的编码错误。使用详细的控制和数据流分析对程序进行深入分析。这些更深入的分析为整体应用行为提供了更好的视角。这个深刻的分析与当前行业工具中的浅析分析形成对比，该工具一次检查或建立一个或几个类。

10. 发明授权

US07877812B2 Method, system and computer program product for enforcing privacy policies 失效
标题翻译：用于执行隐私政策的方法，系统和计算机程序产品
公开(公告)号：US07877812B2
公开(公告)日：2011-01-25
申请号：US11619624
申请日：2007-01-04
申请人： Lawrence Koved , Marco Pistoia
发明人： Lawrence Koved , Marco Pistoia
IPC分类号： G06F7/04
CPC分类号： G06F21/6218 , G06F21/33
摘要： A method for enforcing privacy policies associated with data. The method includes accessing a database to identify labeled data in the database, the labeled data associated with a privacy policy. An access node accessing the label data is determined. For the access node accessing the labeled data, it is determined whether the access node applies an authorization test as indicated by the privacy policy. An authorization test is associated with the access node if the access node does not apply necessary authorization indicated by the privacy policy.
摘要翻译：一种执行与数据相关的隐私政策的方法。该方法包括访问数据库以识别数据库中的标记数据，与隐私策略相关联的标记数据。确定访问标签数据的接入节点。对于访问标记数据的接入节点，确定接入节点是否应用由隐私策略指示的授权测试。如果接入节点没有应用隐私策略所指示的必要授权，则授权测试与接入节点相关联。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式