专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08341718B2 Short-lived certificate authority service 有权
标题翻译：短期的认证机构服务
公开(公告)号：US08341718B2
公开(公告)日：2012-12-25
申请号：US12965449
申请日：2010-12-10
申请人： Trevin M Chow , Pui-Yin Winfred Wong , Yordan I Rouskov , Kok Wai Chan , Wei Jiang , Colin Chow , Sanjeev M Nagvekar , Matt Sullivan , Kalyan Sayyaparaju , Dilip K. Pai , Avinash Belur
发明人： Trevin M Chow , Pui-Yin Winfred Wong , Yordan I Rouskov , Kok Wai Chan , Wei Jiang , Colin Chow , Sanjeev M Nagvekar , Matt Sullivan , Kalyan Sayyaparaju , Dilip K. Pai , Avinash Belur
IPC分类号： G06F7/04
CPC分类号： H04L9/3213 , H04L9/3263 , H04L51/04 , H04L63/0807 , H04L63/0823 , H04L63/0846 , H04L63/20 , H04L2209/56
摘要： An integrated authentication service is described which may receive a bundled request from one or more clients. One or more of the described techniques may be utilized to provide, in response to a single bundled request, a token for proof of identity and a certificate for establishing secure communications.
摘要翻译：描述了可以从一个或多个客户端接收捆绑请求的集成认证服务。所述技术中的一个或多个可以用于响应于单个捆绑的请求提供用于证明身份的令牌和用于建立安全通信的证书。

2. 发明申请

US20120079585A1 PROXY AUTHENTICATION AND INDIRECT CERTIFICATE CHAINING 审中-公开
标题翻译：代理认证和间接证书链接
公开(公告)号：US20120079585A1
公开(公告)日：2012-03-29
申请号：US13312573
申请日：2011-12-06
申请人： Kok Wai Chan , Colin Chow , Trevin M. Chow , Lin Huang , Ryan Hurst , Naresh Jain , Wei Jiang , Yordan I. Rouskov , Pui-Yin Winfred Wong , Ismail Cem Paya , Ryan Hurst
发明人： Kok Wai Chan , Colin Chow , Trevin M. Chow , Lin Huang , Ryan Hurst , Naresh Jain , Wei Jiang , Yordan I. Rouskov , Pui-Yin Winfred Wong , Ismail Cem Paya , Ryan Hurst
IPC分类号： G06F7/04 , G06F15/16
CPC分类号： H04L63/0823 , H04L9/3234 , H04L9/3265 , H04L63/0884 , H04L63/166 , H04L2209/56 , H04L2209/76 , H04L2209/80
摘要： Embodiments of proxy authentication and indirect certificate chaining are described herein. In an implementation, authentication for a client occurs via a proxy service. Proxy service communicates between client and server, and caches security tokens on behalf of the client. In an implementation, trustworthiness of certificate presented to a client to establish trust is determined utilizing a signed data package which incorporates a plurality of known certificates. The presented certificate is verified without utilizing root certificates installed on the client device.
摘要翻译：本文描述了代理认证和间接证书链接的实施例。在实现中，通过代理服务发生客户端的身份验证。代理服务在客户端和服务器之间进行通信，代表客户端缓存安全令牌。在实现中，使用包含多个已知证书的签名数据包来确定呈现给客户端以建立信任的证书的可信赖性。在不使用客户端设备上安装的根证书的情况下验证所呈现的证书。

3. 发明授权

US07853995B2 Short-lived certificate authority service 有权
标题翻译：短期的认证机构服务
公开(公告)号：US07853995B2
公开(公告)日：2010-12-14
申请号：US11282174
申请日：2005-11-18
申请人： Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Wai Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Dilip Pai , Kalyan Sayyaparaju , Avinash Belur
发明人： Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Wai Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Dilip Pai , Kalyan Sayyaparaju , Avinash Belur
IPC分类号： G06F7/04 , G06F15/16 , G06F17/30
CPC分类号： H04L9/3213 , H04L9/3263 , H04L51/04 , H04L63/0807 , H04L63/0823 , H04L63/0846 , H04L63/20 , H04L2209/56
摘要： An integrated authentication service is described which may receive a bundled request from one or more clients. One or more of the described techniques may be utilized to provide, in response to a single bundled request, a token for proof of identity and a certificate for establishing secure communications.
摘要翻译：描述了可以从一个或多个客户端接收捆绑请求的集成认证服务。所述技术中的一个或多个可以用于响应于单个捆绑的请求提供用于证明身份的令牌和用于建立安全通信的证书。

4. 发明申请

US20110078448A1 Short-Lived Certificate Authority Service 有权
标题翻译：短期认证机构服务
公开(公告)号：US20110078448A1
公开(公告)日：2011-03-31
申请号：US12965449
申请日：2010-12-10
申请人： Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Wai Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Kalyan Sayyaparaju , Dilip Pai , Avinash Belur
发明人： Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Wai Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Kalyan Sayyaparaju , Dilip Pai , Avinash Belur
IPC分类号： H04L9/32 , G06F21/00
CPC分类号： H04L9/3213 , H04L9/3263 , H04L51/04 , H04L63/0807 , H04L63/0823 , H04L63/0846 , H04L63/20 , H04L2209/56
摘要： An integrated authentication service is described which may receive a bundled request from one or more clients. One or more of the described techniques may be utilized to provide, in response to a single bundled request, a token for proof of identity and a certificate for establishing secure communications.
摘要翻译：描述了可以从一个或多个客户端接收捆绑请求的集成认证服务。所述技术中的一个或多个可以用于响应于单个捆绑的请求提供用于证明身份的令牌和用于建立安全通信的证书。

5. 发明授权

US09544147B2 Model based multi-tier authentication 有权
标题翻译：基于模型的多层认证
公开(公告)号：US09544147B2
公开(公告)日：2017-01-10
申请号：US12470656
申请日：2009-05-22
申请人： Yordan I. Rouskov , Wei-Qiang Michael Guo , Orville Charles McDonald , Ramu Movva , Kyle Stapley Young , Kok Wai Chan
发明人： Yordan I. Rouskov , Wei-Qiang Michael Guo , Orville Charles McDonald , Ramu Movva , Kyle Stapley Young , Kok Wai Chan
IPC分类号： G06F21/00 , H04L9/32 , G06F21/42 , H04W12/06
CPC分类号： H04L9/3234 , G06F21/42 , H04L9/3228 , H04L9/3271 , H04L63/105 , H04L63/205 , H04L2209/80 , H04L2463/082 , H04W12/06
摘要： Authentication is widely used to protect consumer data and computing services, such as email, document storage, and online banking. Current authentication models, such as those employed by online identity providers, may have limited options and configurations for authentication schemes. Accordingly, as provided herein, a model based authentication scheme may be configured based upon a policy and/or an authentication mechanism list. The policy may define the target resource, a user, a group the user belongs to, devices used to connect to the target resource, a service owning the target resource, etc. The authentication mechanism list may comprise predefined authentication mechanisms and/or user plug-in authentication mechanisms (e.g., user created authentication mechanism). Once the authentication scheme is configured, it may be enforced upon authentication requests from a user. Feedback may be provided to the user based upon patterns of usage of the target resource.
摘要翻译：认证广泛用于保护消费者数据和计算服务，如电子邮件，文档存储和网络银行。当前的身份验证模型，例如在线身份提供者使用的身份验证模型，可能具有有限的认证方案选项和配置。因此，如本文所提供的，基于模型的认证方案可以基于策略和/或认证机制列表来配置。策略可以定义目标资源，用户，用户所属的组，用于连接到目标资源的设备，拥有目标资源的服务等。认证机制列表可以包括预定义的认证机制和/或用户插件 - 认证机制（例如，用户创建的认证机制）。一旦认证方案被配置，它可以在来自用户的认证请求时被执行。可以基于目标资源的使用模式向用户提供反馈。

6. 发明申请

US20080046983A1 Multiuser Web Service Sign-In Client Side Components 有权
标题翻译：多用户Web服务登录客户端组件
公开(公告)号：US20080046983A1
公开(公告)日：2008-02-21
申请号：US11464087
申请日：2006-08-11
申请人： Erren Dusan Lester , Lynn C. Ayres , Trevin M. Chow , Kok Wai Chan , Rui Chen , Naresh Jain
发明人： Erren Dusan Lester , Lynn C. Ayres , Trevin M. Chow , Kok Wai Chan , Rui Chen , Naresh Jain
IPC分类号： H04L9/32
CPC分类号： H04L63/08 , G06F21/31 , G06F21/41 , G06F2221/2149 , H04L51/04 , H04L63/0815
摘要： Embodiments of multi-user web service sign-in client side components are presented herein. In an implementation, the currently authenticated user account of a first application of a client is transferred to another application of a client. In another implementation, a common credential store is used to share data for a plurality of user accounts associated with a client between a plurality of applications of the client, and for the applications to output multi-user interfaces having portions corresponding to the plurality of accounts.
摘要翻译：本文介绍了多用户Web服务登录客户端组件的实施例。在一个实现中，客户端的第一应用的当前认证的用户账户被转移到客户端的另一应用。在另一实现中，公共凭证存储用于与客户端的多个应用程序之间的与客户端相关联的多个用户帐户共享数据，并且用于应用程序输出具有对应于多个帐户的部分的多用户界面。

7. 发明授权

US08458775B2 Multiuser web service sign-in client side components 有权
标题翻译：多用户Web服务登录客户端组件
公开(公告)号：US08458775B2
公开(公告)日：2013-06-04
申请号：US11464087
申请日：2006-08-11
申请人： Erren Dusan Lester , Lynn C Ayres , Trevin M Chow , Kok Wai Chan , Rui Chen , Naresh Jain
发明人： Erren Dusan Lester , Lynn C Ayres , Trevin M Chow , Kok Wai Chan , Rui Chen , Naresh Jain
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , G06F21/31 , G06F21/41 , G06F2221/2149 , H04L51/04 , H04L63/0815
摘要： Embodiments of multi-user web service sign-in client side components are presented herein. In an implementation, the currently authenticated user account of a first application of a client is transferred to another application of a client. In another implementation, a common credential store is used to share data for a plurality of user accounts associated with a client between a plurality of applications of the client, and for the applications to output multi-user interfaces having portions corresponding to the plurality of accounts.
摘要翻译：本文介绍了多用户Web服务登录客户端组件的实施例。在一个实现中，客户端的第一应用的当前认证的用户账户被转移到客户端的另一个应用。在另一实现中，公共凭证存储用于与客户端的多个应用程序之间的与客户端相关联的多个用户帐户共享数据，并且用于应用程序输出具有对应于多个帐户的部分的多用户界面。

8. 发明授权

US07437551B2 Public key infrastructure scalability certificate revocation status validation 有权
标题翻译：公钥基础架构可扩展性证书吊销状态验证
公开(公告)号：US07437551B2
公开(公告)日：2008-10-14
申请号：US10817246
申请日：2004-04-02
申请人： Kok Wai Chan , Wei Jiang , Wei-Quiang Michael Guo
发明人： Kok Wai Chan , Wei Jiang , Wei-Quiang Michael Guo
IPC分类号： H04L9/00
CPC分类号： H04L9/3268
摘要： A system and method for retrieving certificate of trust information for a certificate validation process. Fetching servers periodically retrieve certificate revocation lists (CRLs) from servers maintained by various certificate issuers. The revoked certificate data included in the retrieved CRLs are stored in a central database. An authentication server receives a request from a client for access to a secure service and initiates a validation process. The authentication server retrieves revoked certificate data from the central database and compares the retrieved revoked certificate data to certificate of trust information received from the client along with the request. The authentication server denies access to the secure information if the certificate of trust information matches revoked certificate data from the central database, allows access if the certificate of trust information does not match revoked certificate data from the central database.
摘要翻译：用于检索证书验证过程的信任证书信息的系统和方法。获取服务器会定期从由各种证书颁发者维护的服务器中检索证书撤销列表（CRL）。包含在检索的CRL中的撤销的证书数据被存储在中央数据库中。认证服务器从客户端接收对安全服务的访问请求，并启动验证过程。认证服务器从中央数据库检索撤销的证书数据，并将检索到的撤销证书数据与客户端接收的信任证书信息一起与请求进行比较。如果信任证书信息与中央数据库中的撤销证书数据匹配，则认证服务器拒绝对安全信息的访问，如果信任证书信息与中央数据库的撤销证书数据不匹配，则认证服务器允许访问。

9. 发明授权

US07590669B2 Managing client configuration data 失效
标题翻译：管理客户端配置数据
公开(公告)号：US07590669B2
公开(公告)日：2009-09-15
申请号：US10819834
申请日：2004-04-06
申请人： Ying-Kin Tony Yip , Kok Wai Chan , Rui Chen , Rahul Shrikant Newaskar , Anthony Toivonen
发明人： Ying-Kin Tony Yip , Kok Wai Chan , Rui Chen , Rahul Shrikant Newaskar , Anthony Toivonen
IPC分类号： G06F12/00 , G06F17/30
CPC分类号： H04L41/5054 , H04L41/044 , H04L41/0816 , H04L41/0859 , H04L41/22 , Y10S707/99932 , Y10S707/99933 , Y10S707/99935 , Y10S707/99939 , Y10S707/99953 , Y10S707/99954
摘要： Method for providing an interface to a function that manages a plurality of entities. Computer-executable instructions receive a request to implement a change in configuration data. The configuration data is stored in a memory area and relates to an operation of one or more entities. In response to the received request, computer-executable instructions identify a plurality of the entities affected by the change and implement the change for the identified plurality of entities in accordance with the function.
摘要翻译：用于向管理多个实体的功能提供接口的方法。计算机可执行指令接收实现配置数据更改的请求。配置数据存储在存储器区域中，涉及一个或多个实体的操作。响应于接收到的请求，计算机可执行指令识别受该变化影响的多个实体，并根据该功能实现针对所识别的多个实体的改变。

10. 发明申请

US20090204808A1 Session Key Security Protocol 有权
标题翻译：会话密钥安全协议
公开(公告)号：US20090204808A1
公开(公告)日：2009-08-13
申请号：US12426726
申请日：2009-04-20
申请人： Wei-Quiang Michael Guo , John Hal Howard , Kok Wai Chan
发明人： Wei-Quiang Michael Guo , John Hal Howard , Kok Wai Chan
IPC分类号： H04L9/32 , H04L29/06
CPC分类号： H04L63/0807 , G06F21/33 , G06F21/41 , H04L9/0844 , H04L9/3213 , H04L9/3247 , H04L63/045 , H04L63/0815 , H04L2209/60
摘要： Exchanging information in a multi-site authentication system. A network server receives, from an authentication server, a request by a client computing device for a service provided by the network server along with an authentication ticket. The authentication ticket includes: a session key encrypted by a public key associated with the network server, message content encrypted by the session key, and a signature for the encrypted session key and the encrypted message content. The signature includes address information of the network server. The network server identifies its own address information in the signature to validate the signature included in the authentication ticket and verifies the authentication ticket content based on the signature included in the authentication ticket. The network server decrypts the encrypted session key via a private key associated with the second network server and decrypts the encrypted message content via the decrypted session key.
摘要翻译：在多站点认证系统中交换信息。网络服务器从认证服务器接收由客户端计算设备对网络服务器提供的服务以及认证券的请求。认证券包括：通过与网络服务器相关联的公开密钥加密的会话密钥，由会话密钥加密的消息内容以及加密会话密钥和加密消息内容的签名。签名包括网络服务器的地址信息。网络服务器在签名中识别其自己的地址信息，以验证认证券中包含的签名，并根据认证券中包含的签名验证认证券内容。网络服务器通过与第二网络服务器相关联的专用密钥解密加密的会话密钥，并通过解密的会话密钥解密加密的消息内容。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式