专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明授权

US07752431B2 Virtual distributed security system 失效
公开(公告)号：US07752431B2
公开(公告)日：2010-07-06
申请号：US11254264
申请日：2005-10-20
申请人： Giovanni M. Della-Libera , Christopher G. Kaler , Scott A. Konersmann , Butler W. Lampson , Paul J. Leach , Bradford H. Lovering , Steven E. Lucco , Stephen J. Millet , Richard F. Rashid , John P. Shewchuk
发明人： Giovanni M. Della-Libera , Christopher G. Kaler , Scott A. Konersmann , Butler W. Lampson , Paul J. Leach , Bradford H. Lovering , Steven E. Lucco , Stephen J. Millet , Richard F. Rashid , John P. Shewchuk
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , G06Q20/3676 , H04L63/10 , H04L63/168 , H04L63/20 , H04L67/02 , H04L67/28 , H04L67/2804 , H04L67/2823
摘要： A distributed security system is provided. The distributed security system uses a security policy that is written in a policy language that is transport and security protocol independent as well as independent of cryptographic technologies. This security policy can be expressed using the language to create different security components allowing for greater scalability and flexibility. By abstracting underlying protocols and technologies, multiple environments and platforms can be supported.

12. 发明授权

US07249373B2 Uniformly representing and transferring security assertion and security response information 有权
标题翻译：统一代表和传递安全声明和安全响应信息
公开(公告)号：US07249373B2
公开(公告)日：2007-07-24
申请号：US10342774
申请日：2003-01-15
申请人： John P. Shewchuk , Giovanni M. Della-Libera , Christopher G. Kaler
发明人： John P. Shewchuk , Giovanni M. Della-Libera , Christopher G. Kaler
IPC分类号： G06K9/00 , H04L9/32 , G06F7/04 , G06F15/16
CPC分类号： H04L63/12 , H04L63/20
摘要： A requesting message processor identifies client security input data of a first format and encapsulates the client security input data within a client security token. A requesting token processing interface sends the client security token to a validating message processor. A validating token processing interface at the validating message processor receives the client security token. Based on the encapsulated client security input data, the validating message processor selects client security output data of a second format. The validating message processor encapsulates the security output data within a response security token. The validating token processing interface sends the response security token to the requesting message processor. The token processing interfaces can be configured to similarly abstract security input data and security output data so as to increase the possibility of compatible communication between the requesting and validating message processor.
摘要翻译：请求消息处理器识别第一格式的客户端安全输入数据，并将客户端安全输入数据封装在客户端安全令牌内。请求令牌处理接口将客户机安全令牌发送到验证消息处理器。验证消息处理器处的验证令牌处理接口接收客户端安全令牌。基于封装的客户端安全输入数据，验证消息处理器选择第二格式的客户端安全输出数据。验证消息处理器将安全输出数据封装在响应安全令牌内。验证令牌处理接口将响应安全令牌发送到请求消息处理器。令牌处理接口可被配置为类似地抽象安全输入数据和安全输出数据，以便增加请求和验证消息处理器之间的兼容通信的可能性。

13. 发明授权

US07243157B2 Dynamic protocol construction 有权
标题翻译：动态协议构建
公开(公告)号：US07243157B2
公开(公告)日：2007-07-10
申请号：US10783751
申请日：2004-02-20
申请人： David Levin , Erik B. Christensen , Saurab Nog , Donald F. Box , Christopher G. Kaler , Giovanni M. Della-Libera , Alfred Lee, IV , David Wortendyke
发明人： David Levin , Erik B. Christensen , Saurab Nog , Donald F. Box , Christopher G. Kaler , Giovanni M. Della-Libera , Alfred Lee, IV , David Wortendyke
IPC分类号： G06F15/173
CPC分类号： H04L41/0853 , H04L41/0873 , H04L67/141 , H04L69/03 , H04L69/24
摘要： A method includes advertising a policy characterizing communication properties supported by a node. The policy may be distributed to another node in response to a request for the policy. Policy expressions in the policy include one or more assertions that may be grouped and related to each other in a plurality of ways. A system includes a policy generator for generating at least one policy characterizing properties of a node. A policy retriever retrieves a policy from another node and a message generator generates a message to the other node, wherein the message conforms to the policy from the other node.
摘要翻译：一种方法包括广告表征由节点支持的通信属性的策略。响应于对策略的请求，该策略可以被分发到另一个节点。策略中的策略表达式包括可以以多种方式彼此分组和相关的一个或多个断言。系统包括用于生成节点的至少一个策略特性属性的策略生成器。策略检索器从另一节点检索策略，并且消息生成器向另一个节点生成消息，其中消息符合来自另一个节点的策略。

14. 发明授权

US08015204B2 Scoped access control metadata element 有权
标题翻译：范围访问控制元数据元素
公开(公告)号：US08015204B2
公开(公告)日：2011-09-06
申请号：US10270441
申请日：2002-10-15
申请人： Christopher G. Kaler , Giovanni M. Della-Libera , Elliot Waingold
发明人： Christopher G. Kaler , Giovanni M. Della-Libera , Elliot Waingold
IPC分类号： G06F17/30
CPC分类号： H04L63/126 , G06F21/6218 , G06F2221/2141 , H04L45/34 , H04L45/566 , H04L63/04 , H04L63/0428 , H04L63/08 , H04L63/102 , H04L63/123 , H04L67/02 , Y10S707/99939
摘要： Methods, systems, and data structures for communicating object metadata are provided. A generic metadata container is presented that allows object metadata to be described in an extensible manner using protocol-neutral and platform-independent methodologies. A metadata scope refers to a dynamic universe of targets to which the included metadata statements correspond. Metadata properties provide a mechanism to describe the metadata itself, and metadata security can be used to ensure authentic metadata is sent and received. Mechanisms are also provided to allow refinement and replacement of metadata statements. The generic metadata container can be adapted to dynamically define access control rights to a range of objects by a range of users, including granted and denied access rights.
摘要翻译：提供了传达对象元数据的方法，系统和数据结构。提出了一个通用的元数据容器，允许使用协议中立和平台无关的方法以可扩展的方式描述对象元数据。元数据范围是指所包含的元数据语句对应的目标的动态范围。元数据属性提供了一种描述元数据本身的机制，并且可以使用元数据安全性来确保发送和接收真实的元数据。还提供了机制来允许细化和替换元数据语句。通用元数据容器可以被适配成动态地定义一系列用户对一系列对象的访问控制权限，包括授权和被拒绝的访问权限。

15. 发明授权

US07664023B2 Dynamic protocol construction 有权
标题翻译：动态协议构建
公开(公告)号：US07664023B2
公开(公告)日：2010-02-16
申请号：US11754865
申请日：2007-05-29
申请人： David Levin , Erik B. Christensen , Saurab Nog , Donald F. Box , Christopher G. Kaler , Giovanni M. Della-Libera , Alfred Lee, IV , David Wortendyke
发明人： David Levin , Erik B. Christensen , Saurab Nog , Donald F. Box , Christopher G. Kaler , Giovanni M. Della-Libera , Alfred Lee, IV , David Wortendyke
IPC分类号： H04L1/00
CPC分类号： H04L41/0853 , H04L41/0873 , H04L67/141 , H04L69/03 , H04L69/24
摘要： A method includes advertising a policy characterizing communication properties supported by a node. The policy may be distributed to another node in response to a request for the policy. Policy expressions in the policy include one or more assertions that may be grouped and related to each other in a plurality of ways. A system includes a policy generator for generating at least one policy characterizing properties of a node. A policy retriever retrieves a policy from another node and a message generator generates a message to the other node, wherein the message conforms to the policy from the other node.
摘要翻译：一种方法包括广告表征由节点支持的通信属性的策略。响应于对策略的请求，该策略可以被分发到另一个节点。策略中的策略表达式包括可以以多种方式彼此分组和相关的一个或多个断言。系统包括用于生成节点的至少一个策略特性属性的策略生成器。策略检索器从另一节点检索策略，并且消息生成器向另一个节点生成消息，其中消息符合来自另一个节点的策略。

16. 发明授权

US07512957B2 Interface infrastructure for creating and interacting with web services 有权
标题翻译：用于创建和与Web服务交互的接口基础设施
公开(公告)号：US07512957B2
公开(公告)日：2009-03-31
申请号：US11003307
申请日：2004-12-03
申请人： Shy Cohen , Geary L. Eppley , Douglas M. Purdy , James E. Johnson , Stephen J. Millet , Stephen T. Swartz , Vijay K. Gajjala , Aaron Abraham Stern , Alexander Martin DeJarnatt , Alfred M. Lee, IV , Anand Rjagopalan , Anastasios Kasiolas , Chaitanya D. Upadhyay , Christopher G. Kaler , Craig Andrew Critchley , David Edwin Levin , David Owen Driver , David Wortendyke , Douglas A. Walter , Elliot Lee Waingold , Erik Bo Christensen , Erin P. Honeycutt , Eugene Shvets , Evgeny Osovetsky , Giovanni M. Della-Libera , Jesus Ruiz-Scougall , John David Doty , Jonathan T. Wheeler , Kapil Gupta , Kenneth David Wolf , Krishnan Srinivasan , Lance E. Olson , Matthew Thomas Tavis , Mauro Ottaviani , Max Attar Feingold , Michael James Coulson , Michael Jon Marucheck , Michael Steven Vernal , Michael Thomas Dice , Mohamed-Hany Essam Ramadan , Mohammad Makarechian , Natasha Harish Jethanandani , Richard Dievendorff , Richard Douglas Hill , Ryan Thomas Sturgell , Saurab Nog , Scott Christopher Seely , Serge Sverdlov , Siddhartha Puri , Sowmyanarayanan K. Srinivasan , Stefan Batres , Stefan Harrington Pharies , Tirunelveli Vishwanath , Tomasz Janczuk , Uday S. Hegde , Umesh Madan , Vaithialingam B. Balayogan , Vipul Arunkant Modi , Yaniv Pessach , Yasser Shohoud
发明人： Shy Cohen , Geary L. Eppley , Douglas M. Purdy , James E. Johnson , Stephen J. Millet , Stephen T. Swartz , Vijay K. Gajjala , Aaron Abraham Stern , Alexander Martin DeJarnatt , Alfred M. Lee, IV , Anand Rjagopalan , Anastasios Kasiolas , Chaitanya D. Upadhyay , Christopher G. Kaler , Craig Andrew Critchley , David Edwin Levin , David Owen Driver , David Wortendyke , Douglas A. Walter , Elliot Lee Waingold , Erik Bo Christensen , Erin P. Honeycutt , Eugene Shvets , Evgeny Osovetsky , Giovanni M. Della-Libera , Jesus Ruiz-Scougall , John David Doty , Jonathan T. Wheeler , Kapil Gupta , Kenneth David Wolf , Krishnan Srinivasan , Lance E. Olson , Matthew Thomas Tavis , Mauro Ottaviani , Max Attar Feingold , Michael James Coulson , Michael Jon Marucheck , Michael Steven Vernal , Michael Thomas Dice , Mohamed-Hany Essam Ramadan , Mohammad Makarechian , Natasha Harish Jethanandani , Richard Dievendorff , Richard Douglas Hill , Ryan Thomas Sturgell , Saurab Nog , Scott Christopher Seely , Serge Sverdlov , Siddhartha Puri , Sowmyanarayanan K. Srinivasan , Stefan Batres , Stefan Harrington Pharies , Tirunelveli Vishwanath , Tomasz Janczuk , Uday S. Hegde , Umesh Madan , Vaithialingam B. Balayogan , Vipul Arunkant Modi , Yaniv Pessach , Yasser Shohoud
IPC分类号： G06F3/00
CPC分类号： G06F9/547 , H04L67/02
摘要： A web services namespace pertains to an infrastructure for enabling creation of a wide variety of applications. The infrastructure provides a foundation for building message-based applications of various scale and complexity. The infrastructure or framework provides APIs for basic messaging, secure messaging, reliable messaging and transacted messaging. In some embodiments, the associated APIs are factored into a hierarchy of namespaces in a manner that balances utility, usability, extensibility and versionability.
摘要翻译： Web服务命名空间涉及用于创建各种应用程序的基础架构。该基础设施为构建各种规模和复杂性的基于消息的应用程序提供了基础。基础架构或框架提供基本消息传递，安全消息传递，可靠消息传递和事务消息传递的API。在一些实施例中，相关联的API以平衡实用性，可用性，可扩展性和可版本性的方式考虑到命名空间的层级中。

17. 发明授权

US07283629B2 Deriving keys used to securely process electronic messages 有权
标题翻译：派生用于安全处理电子邮件的密钥
公开(公告)号：US07283629B2
公开(公告)日：2007-10-16
申请号：US10310280
申请日：2002-12-05
申请人： Christopher G. Kaler , Giovanni M. Della-Libera , Elliot L. Waingold
发明人： Christopher G. Kaler , Giovanni M. Della-Libera , Elliot L. Waingold
IPC分类号： H04L9/00
CPC分类号： H04L9/0838 , H04L9/0891 , H04L2209/80
摘要： A plurality of message processors exchange public and secret information. Based on the exchanged information, each message processor computes a key sequence such that any one of a plurality of keys may be derived from the key sequence depending on key derivation data. A first message processor generates key derivation data that can be used to derive a particular key from among the plurality of keys. The first message processor sends a security token that includes the generated key derivation data to express to at least one other message processor how to derive the particular key from the computed key sequence. At least a second message processor receives the security token expressing how to derive the particular key from the computed key sequence. The first and/or second message processors apply the key derivation data to the computed key sequence to derive the particular key.
摘要翻译：多个消息处理器交换公共和秘密信息。基于交换的信息，每个消息处理器计算密钥序列，使得可以根据密钥导出数据从密钥序列导出多个密钥中的任何一个。第一消息处理器产生可以用于从多个密钥中导出特定密钥的密钥导出数据。第一消息处理器发送包括生成的密钥导出数据的安全令牌，以向至少一个其他消息处理器表示如何从所计算的密钥序列中导出特定密钥。至少第二消息处理器接收表示如何从所计算的密钥序列导出特定密钥的安全令牌。第一和/或第二消息处理器将密钥导出数据应用于所计算的密钥序列以导出特定密钥。

18. 发明授权

US07636939B2 Endpoint identification and security 失效
标题翻译：端点识别和安全性
公开(公告)号：US07636939B2
公开(公告)日：2009-12-22
申请号：US11009926
申请日：2004-12-10
申请人： Christopher G. Kaler , Douglas A. Walter , Giovanni M. Della-Libera , Melissa W. Dunn , Richard L. Hasha , Tomasz Janczuk
发明人： Christopher G. Kaler , Douglas A. Walter , Giovanni M. Della-Libera , Melissa W. Dunn , Richard L. Hasha , Tomasz Janczuk
IPC分类号： G06F7/04 , G06F17/00 , H04L29/06 , H04L9/32 , H04K1/00
CPC分类号： H04L63/0428 , H04L63/16
摘要： A data structure with endpoint address and security information. The data structure includes an address field that includes one or more endpoint addresses for an entity. The data structure further includes a security field that includes one or more keys for facilitating secure communications with the entity. The data structure may also be such that the contents of the address field and the security field are serialized in the data structure. The data structure may be extensible such that new address fields and security fields may be added.
摘要翻译：具有端点地址和安全信息的数据结构。该数据结构包括一个包含一个或多个实体端点地址的地址字段。数据结构进一步包括安全领域，其包括用于促进与实体的安全通信的一个或多个密钥。数据结构还可以使得地址字段和安全字段的内容在数据结构中被序列化。数据结构可以是可扩展的，使得可以添加新的地址字段和安全字段。

19. 发明授权

US07395311B2 Performing generic challenges in a distributed system 有权
标题翻译：在分布式系统中执行通用挑战
公开(公告)号：US07395311B2
公开(公告)日：2008-07-01
申请号：US10340225
申请日：2003-01-10
申请人： Christopher G. Kaler , Giovanni M. Della-Libera
发明人： Christopher G. Kaler , Giovanni M. Della-Libera
IPC分类号： G06F15/16
CPC分类号： H04L63/0435 , H04L63/0869 , H04L63/1458 , H04L67/02 , H04L67/142 , H04L69/22 , H04L69/329
摘要： A client issues a first electronic request to access a service at a server. The server receives the request and identifies a type of challenge form among a number of different types of challenges (e.g., represented by a number of different XML schemas). The server issues a challenge, in accordance with the identified type of challenge, to the client. The challenge can include state information that indicates to the server when an appropriate response to the challenge is received. The client receives the challenge and formulates a response (including the state information) to the challenge in accordance with the identified type of challenge. The client issues a second electronic request, which includes the formulated response. The server receives the response and determines, based on the response, if the second electronic request is to be processed.
摘要翻译：客户端发出第一个电子请求以访问服务器上的服务。服务器接收请求并且在许多不同类型的挑战中（例如，由多个不同的XML模式表示）来识别挑战表单的类型。服务器根据确定的挑战类型向客户端发出挑战。挑战可以包括当接收到对挑战的适当响应时向服务器指示的状态信息。客户端接受挑战并根据所识别的挑战类型对挑战制定响应（包括状态信息）。客户发出第二个电子请求，其中包括制定的响应。服务器接收响应，并根据响应确定是否要处理第二个电子请求。

20. 发明授权

US07746250B2 Message encoding/decoding using templated parameters 有权
标题翻译：消息编码/解码使用模板参数
公开(公告)号：US07746250B2
公开(公告)日：2010-06-29
申请号：US12023998
申请日：2008-01-31
申请人： Arun K. Nanda , John P. Shewchuk , Christopher G. Kaler , Hervey O. Wilson
发明人： Arun K. Nanda , John P. Shewchuk , Christopher G. Kaler , Hervey O. Wilson
IPC分类号： H03M7/30
CPC分类号： G06F15/16 , H03M7/30
摘要： Communication of a compressed message over a communication channel between message processors. The compressed message may be expressed in terms of an expressed or implicit template identification, and values of one or more parameters. Based on the template identification, the meaning of the one or more parameters may be understood, whereas the meaning of the parameter(s) may not be understood without a knowledge of the template. The template provides semantic context for the one or more parameters. The transmitting message processor may have compressed the message using the identified template. Alternatively or in addition, the receiving message processor may decompress the message using the identified template. The template itself need not be part of the compressed message as transmitted.
摘要翻译：通过消息处理器之间的通信信道通信压缩消息。压缩消息可以用表达或隐含的模板标识和一个或多个参数的值表示。基于模板识别，可以理解一个或多个参数的含义，而在不了解模板的情况下，参数的含义可能不被理解。模板提供一个或多个参数的语义上下文。发送消息处理器可以使用所标识的模板来压缩消息。或者或另外，接收消息处理器可以使用所识别的模板解压缩消息。模板本身不需要是传输的压缩消息的一部分。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式