专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07657924B2 Method and system for implementing authorization policies for web services 有权
标题翻译：实现Web服务授权策略的方法和系统
公开(公告)号：US07657924B2
公开(公告)日：2010-02-02
申请号：US10907577
申请日：2005-04-06
申请人： Maryann Hondo , Anthony J. Nadalin , Nataraj Nagaratnam
发明人： Maryann Hondo , Anthony J. Nadalin , Nataraj Nagaratnam
IPC分类号： H04L9/00
CPC分类号： H04L63/102 , H04L63/08
摘要： A method, system and computer program product for implementing authorization policies for web services may include defining an authorization policy for access to a web service. The method, system and computer program product may also include attaching the authorization policy to a service definition for the web service.
摘要翻译：用于实现web服务的授权策略的方法，系统和计算机程序产品可以包括定义用于访问web服务的授权策略。方法，系统和计算机程序产品还可以包括将授权策略附加到web服务的服务定义。

2. 发明申请

US20060294383A1 Secure data communications in web services 审中-公开
标题翻译：在Web服务中安全的数据通信
公开(公告)号：US20060294383A1
公开(公告)日：2006-12-28
申请号：US11168716
申请日：2005-06-28
申请人： Paula Austel , Maryann Hondo , Michael McIntosh , Anthony Nadalin , Nataraj Nagaratnam
发明人： Paula Austel , Maryann Hondo , Michael McIntosh , Anthony Nadalin , Nataraj Nagaratnam
IPC分类号： H04L9/00
CPC分类号： G06F21/606 , G06F21/629 , H04L63/12
摘要： Methods, systems, and products are disclosed in which secure data communications in web services are provided generally by receiving in a web service from a client a request containing an element bearing a first signature, the signature having a value; signing the value of the first signature, thereby creating a second signature; and sending a response from the web service to the client, the response including the second signature. The requester may verify that the response includes the second signature. The request may be encrypted, and the response may be encrypted. The first signature may be encrypted, and the web service may encrypt the value of the first signature and include the encrypted value of the first signature in the response. The web service may receive a request encoded in SOAP and may send a response also encoded in SOAP.
摘要翻译：公开了一种方法，系统和产品，其中Web服务中的安全数据通信通常通过从客户端接收web服务来提供包含具有第一签名的元素的请求，该签名具有值; 签署第一签名的价值，从而创建第二个签名; 以及将所述web服务的响应发送到所述客户端，所述响应包括所述第二签名。请求者可以验证响应包括第二个签名。该请求可以被加密，并且响应可以被加密。可以对第一签名进行加密，并且web服务可以加密第一签名的值并将第一签名的加密值包括在响应中。 Web服务可以接收以SOAP编码的请求，并且可以发送也以SOAP编码的响应。

3. 发明申请

US20060230430A1 METHOD AND SYSTEM FOR IMPLEMENTING AUTHORIZATION POLICIES FOR WEB SERVICES 有权
标题翻译：执行WEB服务授权政策的方法和系统
公开(公告)号：US20060230430A1
公开(公告)日：2006-10-12
申请号：US10907577
申请日：2005-04-06
申请人： Maryann Hondo , Anthony Nadalin , Nataraj Nagaratnam
发明人： Maryann Hondo , Anthony Nadalin , Nataraj Nagaratnam
IPC分类号： H04L9/00
CPC分类号： H04L63/102 , H04L63/08
摘要： A method, system and computer program product for implementing authorization policies for web services may include defining an authorization policy for access to a web service. The method, system and computer program product may also include attaching the authorization policy to a service definition for the web service.
摘要翻译：用于实现web服务的授权策略的方法，系统和计算机程序产品可以包括定义用于访问web服务的授权策略。方法，系统和计算机程序产品还可以包括将授权策略附加到web服务的服务定义。

4. 发明授权

US10984457B2 Trusted statement verification for data privacy 有权
公开(公告)号：US10984457B2
公开(公告)日：2021-04-20
申请号：US11849210
申请日：2007-08-31
申请人： Gregory T. Byrd , Michael G. McIntosh , Nataraj Nagaratnam , Anthony J. Nadalin
发明人： Gregory T. Byrd , Michael G. McIntosh , Nataraj Nagaratnam , Anthony J. Nadalin
IPC分类号： G06Q10/00 , G06Q30/06
摘要： Embodiments of the present invention address deficiencies of the art in respect to privacy data management and provide a novel and non-obvious method, system and computer program product for trusted statement verification for data privacy. In one embodiment of the invention, a method for trusted statement verification for data privacy can be provided. The method can include deducing a claim from an attribute for personal data for an end user, receiving a request from a personal data consumer to vouch for an assertion based upon the attribute, comparing the assertion to the claim, and providing a voucher for the assertion to the personal data consumer on behalf of the end user if the claim supports the assertion without revealing the attribute to the personal data consumer.

5. 发明授权

US08683545B2 Federating policies from multiple policy providers 失效
标题翻译：联合政策来自多个政策提供者
公开(公告)号：US08683545B2
公开(公告)日：2014-03-25
申请号：US12192769
申请日：2008-08-15
申请人： Anthony J. Nadalin , Nataraj Nagaratnam , Sridhar R. Muppidi
发明人： Anthony J. Nadalin , Nataraj Nagaratnam , Sridhar R. Muppidi
IPC分类号： G06F21/00
CPC分类号： H04L63/102 , H04L63/20
摘要： One aspect of the present invention can include a system, a method, a computer program product and an apparatus for federating policies from multiple policy providers. The aspect can identify a set of distinct policy providers, each maintaining at least one policy related to a service or a resource. A federated policy exchange service can be established that has a policy provider plug-in for each of the distinct policy providers. The federated policy exchange service can receive requests for policies from a set of policy requesters. Each request can include a resource_id or a service_id used to uniquely identify the service or resource. The federated policy exchange service can dynamically connect to a set of the policy providers to determine policies applicable to each request. For each request, results from the policy providers can be received and processed to generate a response. The federated policy exchange service can provide the response to each policy requestor responsive in response to each response.
摘要翻译：本发明的一个方面可以包括系统，方法，计算机程序产品和用于从多个策略提供者联合策略的装置。该方面可以识别一组不同的策略提供者，每个策略提供者保持至少一个与服务或资源相关的策略。可以建立联合的策略交换服务，其具有针对每个不同策略提供者的策略提供者插件。联合策略交换服务可以从一组策略请求者接收到策略请求。每个请求可以包括用于唯一标识服务或资源的resource_id或service_id。联合策略交换服务可以动态地连接到一组策略提供者，以确定适用于每个请求的策略。对于每个请求，可以接收和处理策略提供者的结果以产生响应。联合策略交换服务可以响应于每个响应来响应每个策略请求者。

6. 发明申请

US20090183184A1 DECLARATIVE INSTANCE BASED ACCESS CONTROL FOR APPLICATION RESOURCES WITH PERSISTED ATTRIBUTES AND STATE 有权
标题翻译：具有相关属性和状态的应用资源的基于事件的基于实例的访问控制
公开(公告)号：US20090183184A1
公开(公告)日：2009-07-16
申请号：US12013867
申请日：2008-01-14
申请人： Anthony J. Nadalin , Nataraj Nagaratnam , Indrajit Poddar
发明人： Anthony J. Nadalin , Nataraj Nagaratnam , Indrajit Poddar
IPC分类号： G06F9/54
CPC分类号： G06F9/4435 , G06F9/4493
摘要： Embodiments of the present invention provide a method, system and computer program product for declarative instance based access control for persistent application resources in a multi-tier application. In one embodiment of the invention, a method for instance based access control in a persistent application resource can be provided. The method can include creating one or more instances of an persistent application resource for a particular user or based on attributes of the user, coupling the instance(s) of the persistent application resource to a database implementing row-level access control, initializing access to the database according to a role or attribute for the particular user, and accessing a restricted set of data in the database through the instance(s) of the persistent application resource.
摘要翻译：本发明的实施例提供了一种用于在多层应用中用于持久应用资源的基于声明性实例的访问控制的方法，系统和计算机程序产品。在本发明的一个实施例中，可以提供用于持久应用资源中的基于实例的访问控制的方法。该方法可以包括为特定用户创建持久性应用资源的一个或多个实例，或者基于用户的属性，将持久应用资源的实例耦合到实现行级访问控制的数据库，初始化对数据库根据特定用户的角色或属性，以及通过持久性应用程序资源的实例访问数据库中受限制的一组数据。

7. 发明申请

US20090063289A1 TRUSTED STATEMENT VERIFICATION FOR DATA PRIVACY 审中-公开
标题翻译：用于数据隐私的TRUSTED STATEMENT验证
公开(公告)号：US20090063289A1
公开(公告)日：2009-03-05
申请号：US11849210
申请日：2007-08-31
申请人： Gregory T. Byrd , Michael G. McIntosh , Nataraj Nagaratnam , Anthony J. Nadalin
发明人： Gregory T. Byrd , Michael G. McIntosh , Nataraj Nagaratnam , Anthony J. Nadalin
IPC分类号： G06Q30/00 , G06F7/04
CPC分类号： G06Q30/06 , G06Q30/0601
摘要： Embodiments of the present invention address deficiencies of the art in respect to privacy data management and provide a novel and non-obvious method, system and computer program product for trusted statement verification for data privacy. In one embodiment of the invention, a method for trusted statement verification for data privacy can be provided. The method can include deducing a claim from an attribute for personal data for an end user, receiving a request from a personal data consumer to vouch for an assertion based upon the attribute, comparing the assertion to the claim, and providing a voucher for the assertion to the personal data consumer on behalf of the end user if the claim supports the assertion without revealing the attribute to the personal data consumer.
摘要翻译：本发明的实施例解决了隐私数据管理方面的技术缺陷，并提供了一种用于数据隐私的可信语句验证的新颖且非显而易见的方法，系统和计算机程序产品。在本发明的一个实施例中，可以提供用于数据隐私的可信语句验证的方法。该方法可以包括从用于最终用户的个人数据的属性中推定权利要求，接收来自个人数据消费者的请求，以基于该属性来证明断言，将该断言与权利要求进行比较，以及为该断言提供凭证如果索赔支持声明而不向个人数据消费者显示属性，则代表最终用户向个人数据消费者发送。

8. 发明授权

US09292305B2 Declarative instance based access control for application resources with persisted attributes and state 有权
标题翻译：具有持久属性和状态的应用程序资源的基于声明性实例的访问控制
公开(公告)号：US09292305B2
公开(公告)日：2016-03-22
申请号：US12013867
申请日：2008-01-14
申请人： Indrajit Poddar , Anthony J. Nadalin , Nataraj Nagaratnam
发明人： Indrajit Poddar , Anthony J. Nadalin , Nataraj Nagaratnam
IPC分类号： G06F9/44
CPC分类号： G06F9/4435 , G06F9/4493
摘要： Embodiments of the present invention provide a method, system and computer program product for declarative instance based access control for persistent application resources in a multi-tier application. In one embodiment of the invention, a method for instance based access control in a persistent application resource can be provided. The method can include creating one or more instances of an persistent application resource for a particular user or based on attributes of the user, coupling the instance(s) of the persistent application resource to a database implementing row-level access control, initializing access to the database according to a role or attribute for the particular user, and accessing a restricted set of data in the database through the instance(s) of the persistent application resource.
摘要翻译：本发明的实施例提供了一种用于在多层应用中用于持久应用资源的基于声明性实例的访问控制的方法，系统和计算机程序产品。在本发明的一个实施例中，可以提供用于持久应用资源中的基于实例的访问控制的方法。该方法可以包括为特定用户创建持久性应用资源的一个或多个实例，或者基于用户的属性，将持久应用资源的实例耦合到实现行级访问控制的数据库，初始化对数据库根据特定用户的角色或属性，以及通过持久性应用程序资源的实例访问数据库中受限制的一组数据。

9. 发明申请

US20100306824A1 TRUST AND IDENTITY IN SECURE CALENDAR SHARING COLLABORATION 失效
标题翻译：信任和身份安全日历共享合作
公开(公告)号：US20100306824A1
公开(公告)日：2010-12-02
申请号：US12472885
申请日：2009-05-27
申请人： Daniel C. Gurney , Carol A. Jones , Anthony J. Nadalin , Nataraj Nagaratnam , John J. Rawls , Robert L. Yates , Alfred Zollar
发明人： Daniel C. Gurney , Carol A. Jones , Anthony J. Nadalin , Nataraj Nagaratnam , John J. Rawls , Robert L. Yates , Alfred Zollar
IPC分类号： H04L9/32 , G06F17/30 , G06F21/00 , G06Q10/00
CPC分类号： G06F21/6245 , G06Q10/109 , G06Q10/1093 , H04L9/321
摘要： In some embodiments, a system includes a database of trust information that internalizes security and trust relationships between a first entity and a second entity in regards to scheduling, and a central trust manager operable to determine from the database of trust information whether a trust relationship exists between a first organization and a second organization, the central trust manager also being operable to provide availability information of a user of the first organization to a second user of the second organization, the central trust manager also being operable to determine whether the second user of the second organization is granted access to requested calendar data and the central trust manager also being operable to provide the requested calendar data.
摘要翻译：在一些实施例中，系统包括内部化关于调度的第一实体和第二实体之间的安全性和信任关系的信任信息数据库，以及可操作以从数据库确定信任信息是否存在信任关系的中央信任管理器在第一组织和第二组织之间，中央信任管理器还可操作以向第二组织的第二用户提供第一组织的用户的可用性信息，中央信任管理器还可操作以确定第二组织的第二用户是否允许第二组织访问所请求的日历数据，并且中央信任管理器也可操作以提供所请求的日历数据。

10. 发明申请

US20090064272A1 DATABASE AUTHORIZATION RULES AND COMPONENT LOGIC AUTHORIZATION RULES AGGREGATION 有权
标题翻译：数据库授权规则和组件逻辑授权规则聚合
公开(公告)号：US20090064272A1
公开(公告)日：2009-03-05
申请号：US11848405
申请日：2007-08-31
申请人： German S. Goldszmidt , Dah-Haur H. Lin , Anthony J. Nadalin , Nataraj Nagaratnam , Indrajit Poddar
发明人： German S. Goldszmidt , Dah-Haur H. Lin , Anthony J. Nadalin , Nataraj Nagaratnam , Indrajit Poddar
IPC分类号： G06F17/00
CPC分类号： H04L63/105 , G06F21/6227
摘要： Embodiments of the present invention provide a method, system and computer program product for aggregating database and component logic authorization rules in a multi-tier application. In an embodiment of the invention, a method for aggregating database and component logic authorization rules in a multi-tier application system can include aggregating role-based authorization rules for both a persistence layer and a logic layer of a multi-tier application in a unified policy, distributing the unified policy to both the persistence layer and the logic layer of the multi-tier application, transforming the unified policy into respectively a set of role based permissions for the persistence layer and a set of role based permissions for the logic layer, and applying the set of role based permissions for the persistence layer in the persistence layer, and the set of role based permissions for the logic layer in the logic layer of the multi-tier application.
摘要翻译：本发明的实施例提供了一种在多层应用中聚合数据库和组件逻辑授权规则的方法，系统和计算机程序产品。在本发明的一个实施例中，用于在多层应用系统中聚合数据库和组件逻辑授权规则的方法可以包括为统一的多层应用的持久层和逻辑层聚合基于角色的授权规则策略，将统一策略分发到多层应用的持久层和逻辑层，将统一策略分为一组基于角色的持久层权限和逻辑层的一组基于角色的权限，并在持久层中为持久层应用一组基于角色的权限，以及在多层应用程序的逻辑层中逻辑层的基于角色的权限集合。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式