专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08601278B2 Validating access to a group of related elements 有权
标题翻译：验证对一组相关元素的访问权限
公开(公告)号：US08601278B2
公开(公告)日：2013-12-03
申请号：US13570044
申请日：2012-08-08
申请人： Sundaram Ramini , Joseph S. Beda , Mark Alcazar , Roberto A. Franco , Roland Katsuaki Tokumi , John G. Bedworth
发明人： Sundaram Ramini , Joseph S. Beda , Mark Alcazar , Roberto A. Franco , Roland Katsuaki Tokumi , John G. Bedworth
IPC分类号： G06F21/00
CPC分类号： H04L63/104 , H04L63/102
摘要： A method and system for validating access to a group of related elements are described. The elements within the group access a security context associated with a markup domain when a call is made to an element. An authorized call to an element is enabled such that the markup domain is navigated to a new web page. However, an unauthorized call is prevented so that the navigation to the new web page is not permitted. After the markup domain has been navigated, the security context associated with the markup domain is invalidated. A new security context is generated and associated with the markup domain. The elements associated with the web page navigated from are inaccessible after navigation of the markup domain to the new page. The association of the new security context with the markup domain prevents an unauthorized user from accessing any element that references the previous security context.
摘要翻译：描述用于验证对一组相关元素的访问的方法和系统。当对元素进行调用时，组内的元素访问与标记域相关联的安全上下文。启用对元素的授权呼叫，使得标记域被导航到新的网页。然而，防止未经授权的呼叫，使得不允许对新网页的导航。标记域已导航后，与标记域相关联的安全上下文将无效。生成新的安全上下文并与标记域相关联。与导航到网页的网页相关联的元素在标记域导航到新页面后是无法访问的。新安全上下文与标记域的关联可防止未经授权的用户访问引用先前安全上下文的任何元素。

2. 发明申请

US20120304316A1 Validating Access to a Group of Related Elements 有权
标题翻译：验证访问一组相关元素
公开(公告)号：US20120304316A1
公开(公告)日：2012-11-29
申请号：US13570044
申请日：2012-08-08
申请人： Sundaram Ramani , Joseph S. Beda , Mark Alcazar , Roberto A. Franco , Roland Katsuaki Tokumi , John G. Bedworth
发明人： Sundaram Ramani , Joseph S. Beda , Mark Alcazar , Roberto A. Franco , Roland Katsuaki Tokumi , John G. Bedworth
IPC分类号： G06F21/00
CPC分类号： H04L63/104 , H04L63/102
摘要： A method and system for validating access to a group of related elements are described. The elements within the group access a security context associated with a markup domain when a call is made to an element. An authorized call to an element is enabled such that the markup domain is navigated to a new web page. However, an unauthorized call is prevented so that the navigation to the new web page is not permitted. After the markup domain has been navigated, the security context associated with the markup domain is invalidated. A new security context is generated and associated with the markup domain. The elements associated with the web page navigated from are inaccessible after navigation of the markup domain to the new page. The association of the new security context with the markup domain prevents an unauthorized user from accessing any element that references the previous security context.
摘要翻译：描述用于验证对一组相关元素的访问的方法和系统。当对元素进行调用时，组内的元素访问与标记域相关联的安全上下文。启用对元素的授权呼叫，使得标记域被导航到新的网页。然而，防止未经授权的呼叫，使得不允许对新网页的导航。标记域已导航后，与标记域相关联的安全上下文将无效。生成新的安全上下文并与标记域相关联。与导航到网页的网页相关联的元素在标记域导航到新页面后是无法访问的。新安全上下文与标记域的关联可防止未经授权的用户访问引用先前安全上下文的任何元素。

3. 发明授权

US08245049B2 Method and system for validating access to a group of related elements 有权
标题翻译：验证访问一组相关元素的方法和系统
公开(公告)号：US08245049B2
公开(公告)日：2012-08-14
申请号：US10867338
申请日：2004-06-14
申请人： Sundaram Ramani , Joseph S. Beda , Mark Alcazar , Roberto A. Franco , Roland Katsuaki Tokumi , John G. Bedworth
发明人： Sundaram Ramani , Joseph S. Beda , Mark Alcazar , Roberto A. Franco , Roland Katsuaki Tokumi , John G. Bedworth
IPC分类号： G06F21/00
CPC分类号： H04L63/104 , H04L63/102
摘要： A method and system for validating access to a group of related elements are described. The elements within the group access a security context associated with a markup domain when a call is made to an element. An authorized call to an element is enabled such that the markup domain is navigated to a new web page. However, an unauthorized call is prevented so that the navigation to the new web page is not permitted. After the markup domain has been navigated, the security context associated with the markup domain is invalidated. A new security context is generated and associated with the markup domain. The elements associated with the web page navigated from are inaccessible after navigation of the markup domain to the new page. The association of the new security context with the markup domain prevents an unauthorized user from accessing any element that references the previous security context.
摘要翻译：描述用于验证对一组相关元素的访问的方法和系统。当对元素进行调用时，组内的元素访问与标记域相关联的安全上下文。启用对元素的授权呼叫，使得标记域被导航到新的网页。然而，防止未经授权的呼叫，使得不允许对新网页的导航。标记域已导航后，与标记域相关联的安全上下文将无效。生成新的安全上下文并与标记域相关联。与导航到网页的网页相关联的元素在标记域导航到新页面后是无法访问的。新安全上下文与标记域的关联可防止未经授权的用户访问引用先前安全上下文的任何元素。

4. 发明申请

US20110106948A1 Running Internet Applications with Low Rights 有权
标题翻译：运行低权限的Internet应用程序
公开(公告)号：US20110106948A1
公开(公告)日：2011-05-05
申请号：US12840123
申请日：2010-07-20
申请人： Roberto A. Franco , Anantha P. Ganjam , John G. Bedworth , Peter T. Brundrett , Roland K. Tokumi , Jeremiah S. Epling , Daniel Sie , Jianrong Gu , Marc Silbey , Vidya Nallathimmayyagari , Bogdan Tepordei
发明人： Roberto A. Franco , Anantha P. Ganjam , John G. Bedworth , Peter T. Brundrett , Roland K. Tokumi , Jeremiah S. Epling , Daniel Sie , Jianrong Gu , Marc Silbey , Vidya Nallathimmayyagari , Bogdan Tepordei
IPC分类号： G06F15/173
CPC分类号： G06F21/53
摘要： In various embodiments, applications that are configured to interact with the Internet in some way are executed in a restricted process with a reduced privilege level that can prohibit the application from accessing portions of an associated computing device. For example, in some embodiments, the restricted process can prohibit applications from read and write access to portions of a system's computer-readable media, such as the hard disk, that contains administrative data and settings information and user data and settings. In these embodiments, a special portion of the disk, termed a “containment zone”, is designated and used by applications in this restricted process.
摘要翻译：在各种实施例中，被配置为以某种方式与因特网进行交互的应用程序在具有降低的权限级别的受限进程中执行，所述权限级别可以禁止应用访问相关联的计算设备的部分。例如，在一些实施例中，受限制的过程可以禁止应用程序对包含管理数据和设置信息以及用户数据和设置的系统的计算机可读介质（例如硬盘）的部分进行读取和写入访问。在这些实施例中，称为“容纳区”的盘的特殊部分在该限制过程中由应用程序指定和使用。

5. 发明授权

US08161563B2 Running internet applications with low rights 有权
标题翻译：运行低权限的互联网应用程序
公开(公告)号：US08161563B2
公开(公告)日：2012-04-17
申请号：US12840123
申请日：2010-07-20
申请人： Roberto A. Franco , Anantha P. Ganjam , John G. Bedworth , Peter T. Brundrett , Roland K. Tokumi , Jeremiah S. Epling , Daniel Sie , Jianrong Gu , Marc Silbey , Vidya Nallathimmayyagari , Bogdan Tepordei
发明人： Roberto A. Franco , Anantha P. Ganjam , John G. Bedworth , Peter T. Brundrett , Roland K. Tokumi , Jeremiah S. Epling , Daniel Sie , Jianrong Gu , Marc Silbey , Vidya Nallathimmayyagari , Bogdan Tepordei
IPC分类号： H04L29/06
CPC分类号： G06F21/53
摘要： In various embodiments, applications that are configured to interact with the Internet in some way are executed in a restricted process with a reduced privilege level that can prohibit the application from accessing portions of an associated computing device. For example, in some embodiments, the restricted process can prohibit applications from read and write access to portions of a system's computer-readable media, such as the hard disk, that contains administrative data and settings information and user data and settings. In these embodiments, a special portion of the disk, termed a “containment zone”, is designated and used by applications in this restricted process.
摘要翻译：在各种实施例中，被配置为以某种方式与因特网进行交互的应用程序在具有降低的权限级别的受限进程中执行，所述权限级别可以禁止应用访问相关联的计算设备的部分。例如，在一些实施例中，受限制的过程可以禁止应用程序对包含管理数据和设置信息以及用户数据和设置的系统的计算机可读介质（例如硬盘）的部分进行读取和写入访问。在这些实施例中，称为“容纳区”的盘的特殊部分在该限制过程中由应用程序指定和使用。

6. 发明授权

US08078740B2 Running internet applications with low rights 有权
标题翻译：运行低权限的互联网应用程序
公开(公告)号：US08078740B2
公开(公告)日：2011-12-13
申请号：US11145530
申请日：2005-06-03
申请人： Roberto A. Franco , Anantha P Ganjam , John G. Bedworth , Peter T. Brundrett , Roland K Tokumi
发明人： Roberto A. Franco , Anantha P Ganjam , John G. Bedworth , Peter T. Brundrett , Roland K Tokumi
IPC分类号： G06F15/16
CPC分类号： G06F21/53
摘要： In various embodiments, applications that are configured to interact with the Internet in some way are executed in a restricted process with a reduced privilege level that can prohibit the application from accessing portions of an associated computing device. For example, in some embodiments, the restricted process can prohibit applications from read and write access to portions of a system's computer-readable media, such as the hard disk, that contains administrative data and settings information and user data and settings. In these embodiments, a special portion of the disk, termed a “containment zone”, is designated and used by applications in this restricted process.
摘要翻译：在各种实施例中，被配置为以某种方式与因特网进行交互的应用程序在具有降低的权限级别的受限进程中执行，所述权限级别可以禁止应用访问相关联的计算设备的部分。例如，在一些实施例中，受限制的过程可以禁止应用程序对包含管理数据和设置信息以及用户数据和设置的系统的计算机可读介质（例如硬盘）的部分进行读取和写入访问。在这些实施例中，称为“容纳区”的盘的特殊部分在该限制过程中由应用程序指定和使用。

7. 发明授权

US07792964B2 Running internet applications with low rights 有权
标题翻译：运行低权限的互联网应用程序
公开(公告)号：US07792964B2
公开(公告)日：2010-09-07
申请号：US11262316
申请日：2005-10-28
申请人： Roberto A. Franco , Anantha P Ganjam , John G. Bedworth , Peter T. Brundrett , Roland K Tokumi , Jeremiah S. Epling , Daniel Sie , Jianrong Gu , Marc Silbey , Vidya Nallathimmayyagari , Bogdan Tepordei
发明人： Roberto A. Franco , Anantha P Ganjam , John G. Bedworth , Peter T. Brundrett , Roland K Tokumi , Jeremiah S. Epling , Daniel Sie , Jianrong Gu , Marc Silbey , Vidya Nallathimmayyagari , Bogdan Tepordei
IPC分类号： G06F15/173 , G06F15/16
CPC分类号： G06F21/53
摘要： In various embodiments, applications that are configured to interact with the Internet in some way are executed in a restricted process with a reduced privilege level that can prohibit the application from accessing portions of an associated computing device. For example, in some embodiments, the restricted process can prohibit applications from read and write access to portions of a system's computer-readable media, such as the hard disk, that contains administrative data and settings information and user data and settings. In these embodiments, a special portion of the disk, termed a “containment zone”, is designated and used by applications in this restricted process.
摘要翻译：在各种实施例中，被配置为以某种方式与因特网进行交互的应用程序在具有降低的权限级别的受限进程中执行，所述权限级别可以禁止应用访问相关联的计算设备的部分。例如，在一些实施例中，受限制的过程可以禁止应用程序对包含管理数据和设置信息以及用户数据和设置的系统的计算机可读介质（例如硬盘）的部分进行读取和写入访问。在这些实施例中，称为“容纳区”的盘的特殊部分在该限制过程中由应用程序指定和使用。

8. 发明申请

US20100107251A1 MIME Handling Security Enforcement 有权
标题翻译： MIME处理安全执行
公开(公告)号：US20100107251A1
公开(公告)日：2010-04-29
申请号：US12685528
申请日：2010-01-11
申请人： Venkatraman V. Kudallur , Shankar Ganesh , Roberto A. Franco , Vishu Gupta , John G. Bedworth
发明人： Venkatraman V. Kudallur , Shankar Ganesh , Roberto A. Franco , Vishu Gupta , John G. Bedworth
IPC分类号： G06F21/00 , G06F15/16
CPC分类号： G06F21/60 , G06F21/56 , G06F21/562 , G06F21/566
摘要： A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.
摘要翻译：模型限制不受信任的数据/对象在未经许可的情况下在用户计算机上运行。数据由报告与DATA关联的MIME类型的协议层接收，并缓存数据和相关缓存文件名（CFN）。安排MIME嗅探器根据缓存的数据，CFN和报告的MIME类型来识别嗅探的MIME类型。调和逻辑评估嗅探的MIME类型和CFN以确定对帐的MIME类型，并更新CFN。类ID嗅探器评估更新的CFN，缓存数据和已对帐的MIME类型，以确定适当的类ID。安全逻辑评估更新的CFN，报告的类ID和其他相关系统参数以构建安全性矩阵。来自安全矩阵的参数用于在不可信数据/对象可能在机器上创建安全漏洞之前拦截数据/对象。

9. 发明授权

US07660999B2 MIME handling security enforcement 有权
标题翻译： MIME处理安全执行
公开(公告)号：US07660999B2
公开(公告)日：2010-02-09
申请号：US10873576
申请日：2004-06-22
申请人： Venkatraman V. Kudallur , Shankar Ganesh , Roberto A. Franco , Vishu Gupta , John G. Bedworth
发明人： Venkatraman V. Kudallur , Shankar Ganesh , Roberto A. Franco , Vishu Gupta , John G. Bedworth
IPC分类号： G06F12/14 , G06F12/16 , G06F15/16
CPC分类号： G06F21/60 , G06F21/56 , G06F21/562 , G06F21/566
摘要： A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.
摘要翻译：模型限制不受信任的数据/对象在未经许可的情况下在用户计算机上运行。数据由报告与DATA关联的MIME类型的协议层接收，并缓存数据和相关缓存文件名（CFN）。安排MIME嗅探器根据缓存的数据，CFN和报告的MIME类型来识别嗅探的MIME类型。调和逻辑评估嗅探的MIME类型和CFN以确定对帐的MIME类型，并更新CFN。类ID嗅探器评估更新的CFN，缓存数据和已对帐的MIME类型，以确定适当的类ID。安全逻辑评估更新的CFN，报告的类ID和其他相关系统参数以构建安全性矩阵。来自安全矩阵的参数用于在不可信数据/对象可能在机器上创建安全漏洞之前拦截数据/对象。

10. 发明授权

US09124566B2 Browser plug-in for secure credential submission 有权
标题翻译：浏览器插件，用于安全凭证提交
公开(公告)号：US09124566B2
公开(公告)日：2015-09-01
申请号：US12489435
申请日：2009-06-23
申请人： John Deurbrouck , Caleb G. Baker , Danhua Zhu , Colin Leslie Dellow , Roberto A. Franco
发明人： John Deurbrouck , Caleb G. Baker , Danhua Zhu , Colin Leslie Dellow , Roberto A. Franco
IPC分类号： H04L29/06 , H04L29/08
CPC分类号： H04L63/08 , G06F17/30896 , H04L63/168 , H04L67/02
摘要： Described is a technology by which a plug-in (e.g., an ActiveX® control) instantiated by a web browser calls functions of a credential service to use a set of credential data (e.g., a card file) for logging into a website. If the credential service determines that a previously used card file for the website exists, a representation of that card file is displayed in the browser, and the data of that card file is used to obtain a token for logging in the user. If not found, an icon is presented instead, by which the user can select a user interface that allows selection of another card file that meets that meet the website's requirements.
摘要翻译：描述了一种通过网络浏览器实例化的插件（例如，ActiveX控件）调用凭证服务的功能以使用一组凭证数据（例如，卡片文件）登录到网站的技术。如果凭证服务确定存在用于该网站的先前使用的卡片文件，则在该浏览器中显示该卡片文件的表示，并且使用该卡片文件的数据来获得登录用户的令牌。如果没有找到，则显示一个图标，用户可以通过该图标选择允许选择满足网站要求的另一个卡片文件的用户界面。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式