专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明授权

US08681803B2 Communication system, policy management apparatus, communication method, and program 失效
标题翻译：通信系统，策略管理设备，通信方式和程序
公开(公告)号：US08681803B2
公开(公告)日：2014-03-25
申请号：US13822547
申请日：2012-09-14
申请人： Yoichiro Morita , Masayuki Nakae , Masaya Yamagata , Takayuki Sasaki , Hideyuki Shimonishi , Kentaro Sonoda , Yoichi Hatano
发明人： Yoichiro Morita , Masayuki Nakae , Masaya Yamagata , Takayuki Sasaki , Hideyuki Shimonishi , Kentaro Sonoda , Yoichi Hatano
IPC分类号： H04L12/28
CPC分类号： H04L41/28 , H04L45/38 , H04L45/64
摘要： Authentication apparatus authenticates user using host connected to forwarding node. Policy management apparatus holds access control policy for identifying host under access control using identifier of forwarding node or identifier of user, and links identifier of host under access control and identifier of forwarding node to which host is connected, or identifier of host under access control and identifier of user using host. Forwarding node transmits to policy management apparatus identifier of host connected to own forwarding node and identifier of own forwarding node. Authentication apparatus transmits to policy management apparatus identifier of host connected to forwarding node and identifier of user. Policy management apparatus refers to access control policy and, if host connected to forwarding node is under access control, notifies content of access control to control apparatus as access control list. Control apparatus generates processing rule in accordance with access control list and sets generated processing rule in forwarding nodes.
摘要翻译：验证设备使用连接到转发节点的主机对用户进行认证。策略管理装置保存用于使用转发节点的标识符或用户的标识符的标识下的主机访问控制策略，以及主机所连接的主机的接入控制的标识符和主机所连接的转发节点的标识符，以及访问控制下的主机的标识符，以及使用主机的用户标识符。转发节点发送到连接到自己的转发节点的主机的策略管理设备标识符和自己的转发节点的标识符。认证装置向连接到转发节点的主机和用户的标识符的策略管理装置的标识符发送。策略管理装置是指访问控制策略，如果连接到转发节点的主机正在进行访问控制，则将访问控制的内容通知控制装置作为访问控制列表。控制装置根据访问控制列表生成处理规则，并在转发节点中设置生成的处理规则。

12. 发明申请

US20140075510A1 COMMUNICATION SYSTEM, CONTROL DEVICE, COMMUNICATION METHOD, AND PROGRAM 有权
标题翻译：通信系统，控制设备，通信方法和程序
公开(公告)号：US20140075510A1
公开(公告)日：2014-03-13
申请号：US14119827
申请日：2012-05-22
申请人： Yoichiro MORITA , Masayuki NAKAE , Hideyuki SHIMONISHI , Kentaro SONODA , Masaya YAMAGATA , NEC Corporation
发明人： Kentaro Sonoda , Hideyuki Shimonishi , Masayuki Nakae , Masaya Yamagata , Yoichiro Morita
IPC分类号： H04L29/06
CPC分类号： H04L63/105 , H04L63/0236 , H04L63/20
摘要： A communication system includes an information acquisition unit that acquires information for determining an isolation level to which a user terminal belongs, from the user terminal; an isolation level determination unit that determines an isolation level to which the user terminal belongs, based on the acquired information; an isolation level information storage unit that defines whether or not access is possible to respective access destinations for each isolation level; an access control unit that causes a forwarding node(s) to implement forwarding or dropping of a packet, in accordance with whether or not access is possible to the respective access destinations; and a forwarding node(s) that forwards a packet in accordance with control of the access control unit. Stepwise access control is realized using isolation levels.
摘要翻译：通信系统包括从用户终端获取用于确定用户终端所属的隔离级别的信息的信息获取单元; 隔离级别确定单元，基于获取的信息确定用户终端所属的隔离级别; 隔离级别信息存储单元，其定义对于每个隔离级别是否可以访问相应的访问目的地; 访问控制单元，其使得转发节点根据是否可以访问相应的访问目的地来实现分组的转发或丢弃; 以及根据访问控制单元的控制转发分组的转发节点。使用隔离级别实现逐步访问控制。

13. 发明授权

US08296821B2 System, server, and program for access right management 有权
标题翻译：用于访问权限管理的系统，服务器和程序
公开(公告)号：US08296821B2
公开(公告)日：2012-10-23
申请号：US12068673
申请日：2008-02-08
申请人： Masayuki Nakae
发明人： Masayuki Nakae
IPC分类号： H04L29/06
CPC分类号： H04L63/20 , H04L63/123
摘要： Each domain is provided with an access right management device which creates a resource-sharing policy and performs processing for resource-sharing policy negotiation between a plurality of domain administrators. An access right management device that has created a resource-sharing policy identifies, for each policy unit included in the resource-sharing policy, an access right management device that is a negotiating partner to negotiate with about the policy unit in question. The access right management device generates negotiation information including an identification name of the identified negotiating-partner access right management device and the policy unit in question and sends the negotiation information to the negotiating-partner access right management device. Only when all policy units are agreed on by respective identified negotiating-partner access right management devices, the resource-sharing policy is set on shared resources.
摘要翻译：每个域都设置有访问权限管理设备，其创建资源共享策略并执行多个域管理员之间的资源共享策略协商的处理。已经创建资源共享策略的访问权限管理设备针对包括在资源共享策略中的每个策略单元识别出一个访问权限管理设备，该访问权限管理设备是协商伙伴，以便与所讨论的策略单元协商。访问权管理装置生成包括所识别的协商对方访问权限管理装置的识别名称和所述策略单元的协商信息，并将协商信息发送给协商对方访问权限管理装置。只有当所有政策单位由各自确定的谈判伙伴访问权限管理设备达成一致时，资源共享策略就设置在共享资源上。

14. 发明授权

US06857071B1 System and method for distributing digital works, apparatus and method for reproducing digital works, and computer program product 失效
标题翻译：用于分发数字作品的系统和方法，用于再现数字作品的装置和方法以及计算机程序产品
公开(公告)号：US06857071B1
公开(公告)日：2005-02-15
申请号：US09362657
申请日：1999-07-29
申请人： Masayuki Nakae
发明人： Masayuki Nakae
IPC分类号： G06F12/14 , B65G61/00 , G06F9/06 , G06F13/00 , G06F21/00 , G06F21/10 , G06F21/12 , G06F21/14 , G06F21/33 , G06F21/62 , G06Q10/00 , G06Q30/04 , G06Q30/06 , G06Q50/00 , G06Q50/10 , G07F17/16 , H04L9/08 , H04L9/32 , H04L9/00
CPC分类号： G06F21/10 , G06Q20/045 , G06Q20/123 , G06Q20/1235
摘要： An editing apparatus generates a capsular work in which usage conditions for each of plural usages and usage secret information, obtained by encrypting a decryption key encrypted work data with ticket keys which differ depending on usage from each other, are encapsulated together with the encrypted work data. A ticket server apparatus, which manages the usage conditions and the ticket keys, issues a ticket containing a ticket key in the case of allowing a user to practice the usage requested by the user. A distribution center apparatus, which manages the capsular work, distributes the capsular work in accordance with the user's request. An audiovisual apparatus acquires the capsular work from the distribution center apparatus and requests the ticket necessary to make use of the capsular work from the ticket server apparatus. The audiovisual apparatus decrypts the encrypted work data contained in the capsular work and reproduces the work data only in the case where the audiovisual apparatus has acquired the ticket.
摘要翻译：编辑装置生成胶囊工作，其中通过用加密的工作数据封装与根据使用不同的票密钥加密具有密钥的解密密钥加密工作数据而获得的多个用途和使用秘密信息中的每一个的使用条件。在允许用户练习用户请求的使用的情况下，管理使用条件和票钥的票服务器装置发出包含票密钥的票。管理胶囊工作的配送中心设备根据用户要求分配胶囊工作。视听设备从分发中心设备获取胶囊工作，并请求使用来自售票服务器设备的胶囊工作所需的票据。视听设备解密包含在胶囊工作中的加密工作数据，并且仅在视听设备已经获取了票的情况下再现工作数据。

15. 发明授权

US09397949B2 Terminal, control device, communication method, communication system, communication module, program, and information processing device 有权
标题翻译：终端，控制装置，通信方式，通信系统，通信模块，程序和信息处理装置
公开(公告)号：US09397949B2
公开(公告)日：2016-07-19
申请号：US13818293
申请日：2012-04-16
申请人： Kentaro Sonoda , Hideyuki Shimonishi , Masayuki Nakae , Masaya Yamagata , Yoichiro Morita
发明人： Kentaro Sonoda , Hideyuki Shimonishi , Masayuki Nakae , Masaya Yamagata , Yoichiro Morita
IPC分类号： H04L12/851 , H04L12/721 , H04L12/725
CPC分类号： H04L47/2433 , H04L45/302 , H04L45/38
摘要： A terminal communicating via a network including a forwarding device(s) for forwarding a packet and a control device for controlling the forwarding device(s) in accordance with a request from the forwarding device, includes: a communication unit that receives a processing rule specifying a process of adding, to a packet, quality information related to communication quality with respect to the terminal, from the control device, a memory unit that stores the received processing rule, and a processing unit that in a case of communicating via the network, adds quality information to a packet in accordance with a processing rule that corresponds to the packet by referring to the processing rule stored in the memory unit.
摘要翻译：一种通过网络进行通信的终端，包括：用于转发分组的转发设备和用于根据来自转发设备的请求控制转发设备的控制设备，包括：通信单元，其接收指定的处理规则向所述分组提供与所述终端相关的与通信质量相关的质量信息的处理，所述质量信息来自所述控制装置，存储所接收的处理规则的存储单元，以及处理单元，所述处理单元在经由所述网络进行通信的情况下，通过参照存储在存储单元中的处理规则，根据与分组对应的处理规则向分组添加质量信息。

16. 发明授权

US09338090B2 Terminal, control device, communication method, communication system, communication module, program, and information processing device 有权
标题翻译：终端，控制装置，通信方式，通信系统，通信模块，程序和信息处理装置
公开(公告)号：US09338090B2
公开(公告)日：2016-05-10
申请号：US14112526
申请日：2012-04-17
申请人： Kentaro Sonoda , Hideyuki Shimonishi , Masayuki Nakae , Masaya Yamagata , Yoichiro Morita
发明人： Kentaro Sonoda , Hideyuki Shimonishi , Masayuki Nakae , Masaya Yamagata , Yoichiro Morita
IPC分类号： H04L12/741 , H04L12/725 , H04L12/24 , H04L12/26 , H04L29/06
CPC分类号： H04L45/74 , H04L41/0893 , H04L41/5041 , H04L43/026 , H04L45/308 , H04L63/0227 , H04L63/08
摘要： A terminal communicating with a network including a forwarding device for forwarding a packet and a control device for controlling the forwarding device in accordance with a request from the forwarding device, includes: a communication unit that receives a processing rule specifying a method of processing the packet, which is determined by the control device, from the control device, a storage unit that stores the received processing rule, and a processing unit that in a case of communicating with the network, processes the packet in accordance with the processing rule that corresponds to the packet by referring to the processing rule stored in the storage unit.
摘要翻译：一种与网络通信的终端，包括：根据来自转发设备的请求，转发分组的转发设备和用于控制转发设备的控制设备，包括：通信单元，接收指定处理分组的方法的处理规则由控制装置从控制装置确定存储接收到的处理规则的存储单元，以及处理单元，在与网络进行通信的情况下，根据对应于参考存储在存储单元中的处理规则。

17. 发明授权

US09215611B2 Terminal, control device, communication method, communication system, communication module, program, and information processing device 有权
标题翻译：终端，控制装置，通信方式，通信系统，通信模块，程序和信息处理装置
公开(公告)号：US09215611B2
公开(公告)日：2015-12-15
申请号：US14112520
申请日：2012-04-18
申请人： Kentaro Sonoda , Hideyuki Shimonishi , Masayuki Nakae , Masaya Yamagata , Yoichiro Morita
发明人： Kentaro Sonoda , Hideyuki Shimonishi , Masayuki Nakae , Masaya Yamagata , Yoichiro Morita
IPC分类号： H04L12/28 , G06F15/173 , H04W28/02 , H04L12/725 , H04L12/721 , H04L12/803 , H04W48/04
CPC分类号： H04L47/12 , H04L45/308 , H04L45/38 , H04L47/125 , H04L47/33 , H04W28/0215 , H04W48/04
摘要： A terminal communicating with a network including a forwarding device(s) for forwarding a packet and a control device for controlling the forwarding device(s) in accordance with a request from the forwarding device, includes: a communication unit that receives a processing rule indicating that a packet for communicating with a first destination is changed so as to communicate with a second destination, from the control device; a storage unit that stores the received processing rule, and a processing unit that in a case of communicating with the network, changes a destination of a packet in accordance with a processing rule that corresponds to the packet by referring to the processing rule stored in the storage unit.
摘要翻译：一种与网络通信的终端，包括：根据来自转发设备的请求，转发分组的转发设备和用于控制转发设备的控制设备，包括：通信单元，其接收指示改变与第一目的地进行通信的分组，以便从控制装置与第二目的地进行通信; 存储单元，存储接收到的处理规则;以及处理单元，在与网络进行通信的情况下，通过参照存储在所述处理规则中的处理规则，根据与所述分组对应的处理规则来改变分组的目的地存储单元。

18. 发明授权

US08700532B2 Information sharing system, computer, project managing server, and information sharing method used in them 有权
标题翻译：信息共享系统，计算机，项目管理服务器和信息共享方法
公开(公告)号：US08700532B2
公开(公告)日：2014-04-15
申请号：US13486871
申请日：2012-06-01
申请人： Masayuki Nakae , Takayuki Sasaki
发明人： Masayuki Nakae , Takayuki Sasaki
IPC分类号： G06F21/00 , G06Q40/00
CPC分类号： H04L9/083 , G06F21/53 , G06Q10/06 , H04L9/321
摘要： A project managing unit 11 authenticates users of virtual machines 24-1 to 24-N and specifies a project to which the users belong. A key managing unit 12 distributes an encryption key, which is assigned in advance to the project specified by the project managing unit 11, to encryption processing units 232-1 to 232-N of virtualizing units 23-1 to 23-N. Input/output monitoring units 231-1 to 231-N of the virtualizing units 23-1 to 23-N receive input/output data generated between the virtual machines 24-1 to 24-N and devices 22-1 to 22-N, and deliver the data to the encryption processing units 232-1 to 232-N. The encryption processing units 232-1 to 232-N encrypt output (write) data and decrypt input (read) data by using the distributed encryption key.
摘要翻译：项目管理单元11对虚拟机24-1至24-N的用户进行认证，并指定用户所属的项目。密钥管理单元12将预先分配给项目管理单元11指定的项目的加密密钥分发给虚拟化单元23-1至23-N的加密处理单元232-1至232-N。虚拟化单元23-1至23-N的输入/输出监视单元231-1至231-N接收在虚拟机24-1至24-N之间产生的输入/输出数据和设备22-1至22-N，并将数据传送到加密处理单元232-1至232-N。加密处理单元232-1至232-N通过使用分布式加密密钥来加密输出（写入）数据和解密输入（读取）数据。

19. 发明申请

US20130329738A1 COMMUNICATION SYSTEM, DATA BASE, CONTROL APPARATUS, COMMUNICATION METHOD, AND PROGRAM 审中-公开
标题翻译：通信系统，数据库，控制装置，通信方法和程序
公开(公告)号：US20130329738A1
公开(公告)日：2013-12-12
申请号：US14000541
申请日：2012-02-20
申请人： Masaya Yamagata , Masayuki Nakae , Yoichiro Morita , Hideyuki Shimonishi , Kentaro Sonoda
发明人： Masaya Yamagata , Masayuki Nakae , Yoichiro Morita , Hideyuki Shimonishi , Kentaro Sonoda
IPC分类号： H04L12/851
CPC分类号： H04L47/24 , H04L45/02 , H04L45/308 , H04L45/54 , H04L47/808 , H04L63/08 , H04L63/10 , H04L63/20
摘要： A communication system comprises: a plurality of forwarding nodes each of which processes an incoming packet in accordance with a packet handling operation; a data base which stores a first table for determining a role of a user of a source node from information about the source node and a second table for defining an accessible or inaccessible resource for each role and which transmits a response about a resource accessible or inaccessible by the user of the source node in response to a request from a control apparatus; and a control apparatus which uses, when receiving a request for setting the processing rule from any one of the forwarding nodes, information about the source node included in the request for setting the processing rule, querying the data base for a resource accessible or inaccessible by the user of the source node, creating the processing rule based on the response from the data base, and setting the processing rule in the forwarding node.
摘要翻译：通信系统包括：多个转发节点，每个转发节点根据分组处理操作处理进入的分组; 存储用于根据关于源节点的信息确定源节点的用户的角色的第一表的数据库和用于为每个角色定义可访问或不可访问的资源的第二表，并且其发送关于可访问或不可访问的资源的响应由所述源节点的用户响应于来自控制装置的请求; 以及控制装置，当从所述转发节点中的任何一个接收到设置来自所述转发节点的所述处理规则的请求时，所述控制装置在所述数据库中查询可用于或不可访问的资源，源节点的用户，根据数据库的响应创建处理规则，并在转发节点中设置处理规则。

20. 发明申请

US20130263214A1 COMMUNICATION SYSTEM, CONTROL APPARATUS, POLICY MANAGEMENT APPARATUS, COMMUNICATION METHOD, AND PROGRAM 有权
标题翻译：通信系统，控制装置，政策管理装置，通信方法和程序
公开(公告)号：US20130263214A1
公开(公告)日：2013-10-03
申请号：US13991588
申请日：2011-12-22
申请人： Masaya Yamagata , Masayuki Nakae , Yoichiro Morita , Hideyuki Shimonishi , Kentaro Sonoda
发明人： Masaya Yamagata , Masayuki Nakae , Yoichiro Morita , Hideyuki Shimonishi , Kentaro Sonoda
IPC分类号： H04L29/06
CPC分类号： H04L63/20 , H04L41/0893 , H04L47/808 , H04L63/10 , H04W12/08
摘要： The present invention implements detailed access control according to access rights granted to users, by a simple configuration. A communication system includes: a plurality of forwarding nodes that process a received packet in accordance with a processing rule (packet handling operation) associating a matching rule for identifying a flow and processing content to be applied to a packet that conforms with the matching rule; a policy management apparatus provided with an access control policy storage unit that associates roles assigned to users and access rights set for each role, the policy management apparatus providing information related to access rights associated with a role of a user who is successfully authenticated, to a control apparatus; and the control apparatus that creates a path between a terminal of the user who is successfully authenticated and a resource that the user can access, based on information related to access rights received from the policy management apparatus, and sets a processing rule in a forwarding node in the path in question.
摘要翻译：本发明通过简单的配置实现了根据授予用户的访问权限的详细的访问控制。通信系统包括：多个转发节点，根据处理规则（分组处理操作）处理接收到的分组，所述处理规则（分组处理操作）将用于识别流的匹配规则和处理应用于符合匹配规则的分组的内容处理内容相关联; 策略管理装置，其具有将分配给用户的角色和为每个角色设定的访问权限相关联的访问控制策略存储单元，所述策略管理装置向与所述用户的成功认证的角色相关联的访问权限提供与所成功认证的用户有关的信息，控制装置; 以及控制装置，其基于从所述策略管理装置接收到的访问权限的信息，创建成功认证的用户的终端和所述用户可以访问的资源之间的路径，并且在所述转发节点中设置处理规则在有问题的道路上。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式