专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

31. 发明申请

US20080263651A1 Integrating operating systems with content offered by web based entities 有权
标题翻译：将操作系统与基于Web的实体提供的内容集成
公开(公告)号：US20080263651A1
公开(公告)日：2008-10-23
申请号：US11789270
申请日：2007-04-23
申请人： Girish Chander , Tanmoy Dutta , Cristian Ilac , Bronislav Kavsan , Ziquian Li , Andreas K. Luther , Gennady Medvinsky , Liquiang Zhu
发明人： Girish Chander , Tanmoy Dutta , Cristian Ilac , Bronislav Kavsan , Ziquian Li , Andreas K. Luther , Gennady Medvinsky , Liquiang Zhu
IPC分类号： H04L9/32
CPC分类号： H04L63/083 , G06F21/335 , H04L63/08 , H04L63/0807 , H04L63/0884 , H04L63/10 , H04L63/123
摘要： Example embodiments are provided for integrating operating systems with content offered by internet based entities.
摘要翻译：提供了将操作系统与基于因特网的实体提供的内容集成的示例实施例。

32. 发明申请

US20080263361A1 Cryptographically strong key derivation using password, audio-visual and mental means 审中-公开
标题翻译：使用密码，视听和心理手段的密码型强密码派生
公开(公告)号：US20080263361A1
公开(公告)日：2008-10-23
申请号：US11788687
申请日：2007-04-20
申请人： Tanmoy Dutta , Sunil Kadam , Tolga Acar
发明人： Tanmoy Dutta , Sunil Kadam , Tolga Acar
IPC分类号： H04L9/00
CPC分类号： H04L9/0863 , H04L9/0891 , H04L2209/60 , H04L2209/80
摘要： A security system that uses a cryptographic key derived from human interaction with media. The system employs a set of parameters that includes user responses to graphical media and/or audio data, among other parameters. The architecture adds a fourth dimension to the conventional authentication means in order to make at least an offline attack on the key much more difficult. In addition to a standard set of parameters such as password, salt (random bits inserted into the encryption process) and iteration count, the system further utilizes information in the form of “what the user does” by presenting and prompting the user to interact with media in some way. The media can include audio information, video information, and/or image information, for example.
摘要翻译：一种安全系统，它使用与媒体进行人工交互导出的加密密钥。系统采用一组参数，其中包括用户对图形媒体和/或音频数据的响应以及其他参数。该体系结构为常规认证手段增加了第四个维度，以便至少使密钥的脱机攻击更加困难。除了密码，盐（插入加密过程中的随机位）和迭代计数等一系列参数之外，系统还通过呈现和提示用户进行交互来进一步利用“用户所做的”形式的信息媒体在某种程度上媒体可以包括例如音频信息，视频信息和/或图像信息。

33. 发明申请

US20080065893A1 Schema signing 有权
标题翻译：模式签名
公开(公告)号：US20080065893A1
公开(公告)日：2008-03-13
申请号：US11519274
申请日：2006-09-12
申请人： Tanmoy Dutta , Raul Garcia , Steven Richard Gott , Ruslan Pavlovich Ovechkin , Roger Lynn Wolter
发明人： Tanmoy Dutta , Raul Garcia , Steven Richard Gott , Ruslan Pavlovich Ovechkin , Roger Lynn Wolter
IPC分类号： H04L9/00
CPC分类号： H04L9/321 , H04L9/3247 , H04L2209/80
摘要： In one embodiment, an object in a database schema may be verified as having a valid digital signature associated with a trusted entity. An application may be permitted access to the object of the database schema only when the object of the database schema is verified to have a valid digital signature associated with the trusted entity. In another embodiment, an object in a database schema may be verified as having a digital signature associated with at least one trusted entity. An application may be permitted access to the object of the database schema only when the digital signature for the object is verified to be associated with the at least one trusted entity.
摘要翻译：在一个实施例中，数据库模式中的对象可以被验证为具有与可信实体相关联的有效数字签名。只有当数据库模式的对象被验证为具有与可信实体相关联的有效数字签名时，才允许应用访问数据库模式的对象。在另一实施例中，数据库模式中的对象可被验证为具有与至少一个可信实体相关联的数字签名。只有当对象的数字签名被验证为与至少一个可信实体相关联时，应用才可以被允许访问数据库模式的对象。

34. 发明申请

US20070174285A1 SYSTEMS AND METHODS FOR FINE GRAINED ACCESS CONTROL OF DATA STORED IN RELATIONAL DATABASES 有权
标题翻译：用于关联数据库中存储的数据的细粒度访问控制的系统和方法
公开(公告)号：US20070174285A1
公开(公告)日：2007-07-26
申请号：US11696024
申请日：2007-04-03
申请人： Tanmoy Dutta , Conor Cunningham , Stefano Stefani , Girish Chander , Eric Hanson
发明人： Tanmoy Dutta , Conor Cunningham , Stefano Stefani , Girish Chander , Eric Hanson
IPC分类号： G06F17/30
CPC分类号： G06F21/6227 , Y10S707/99932 , Y10S707/99933 , Y10S707/99934 , Y10S707/99939
摘要： A system and method for facilitating secure access to database(s) is provided. The system relates to authorizing discriminatory access to relational database data. More particularly, the invention provides for an innovative technique of defining secured access to rows in relational database tables in a way that cannot be spoofed while preserving various optimization techniques. The invention affords a persistent scheme via providing for a security architecture whereby discriminatory access policies on persistent entities can be defined and enforced while preserving set based associative query capabilities. A particular aspect of the invention relates to the specification of such policies and the technique by which those policies are enforced. With respect to one particular implementation of the invention, creation, modification and deletion of access control lists called security descriptors is provided. The security descriptors can be provisioned independent of rows in tables of the database and can be shared and embody the policy on what permissions are granted to whom when associated with a row.
摘要翻译：提供了一种用于促进对数据库的安全访问的系统和方法。该系统涉及授权对关系数据库数据的歧视性访问。更具体地，本发明提供了一种创新技术，其以不能欺骗的方式定义对关系数据库表中的行的安全访问，同时保持各种优化技术。本发明通过提供一种安全架构来提供持续方案，从而可以在保持基于集合的关联查询能力的同时定义和实施对持久性实体的区别性访问策略。本发明的一个特定方面涉及这些策略的说明以及执行这些策略的技术。关于本发明的一个具体实现，提供了称为安全描述符的访问控制列表的创建，修改和删除。安全描述符可以独立于数据库表中的行进行配置，并且可以共享，并且包含与哪些权限相关联的权限被授予谁的策略。

35. 发明申请

US20060288214A1 Trust model for a database management system supporting multiple authorization domains 有权
标题翻译：支持多个授权域的数据库管理系统的信任模型
公开(公告)号：US20060288214A1
公开(公告)日：2006-12-21
申请号：US11156149
申请日：2005-06-17
申请人： Tanmoy Dutta , Girish Chander , Raul Garcia , Ziquan Li
发明人： Tanmoy Dutta , Girish Chander , Raul Garcia , Ziquan Li
IPC分类号： H04L9/00
CPC分类号： G06F21/6227
摘要： A database management system that supports multiple databases in an instance with controlled sharing between the databases. The invention can also support execution of procedures and other modules in the context of any principal possibly different from that of the caller. Trusted certificates can be employed to permit access to procedures (or other modules). The security context of the invention can enable the building blocks of building a pure trusted sub-system model of authorization
摘要翻译：数据库管理系统，支持在数据库之间具有受控共享的实例中的多个数据库。本发明还可以支持在可能不同于呼叫者的任何主体的上下文中执行过程和其他模块。可以使用受信任的证书来允许访问过程（或其他模块）。本发明的安全上下文可以使建立一个纯信任子系统授权模型的构建模块

36. 发明申请

US20050177570A1 Systems and methods that optimize row level database security 有权
标题翻译：优化行级数据库安全性的系统和方法
公开(公告)号：US20050177570A1
公开(公告)日：2005-08-11
申请号：US10885815
申请日：2004-07-07
申请人： Tanmoy Dutta , Girish Chander , Laurentiu Cristofor , Rodger Kline , James Hamilton
发明人： Tanmoy Dutta , Girish Chander , Laurentiu Cristofor , Rodger Kline , James Hamilton
IPC分类号： G06F17/30 , G06F17/40 , G06F21/62
CPC分类号： G06F21/6227
摘要： The systems and methods of the present invention facilitate database row-level security by utilizing SQL extensions to create and associate named security expressions with a query initiator(s). Such expressions include Boolean expressions, which must be satisfied by a row of data in order for that data to be made accessible to the query initiator. In general, a query is augmented with security expressions, which are aggregated and utilized during querying rows of data. The systems and methods variously place security expressions within a query in order to optimize query performance while mitigating information leaks. This is achieved by tagging security expressions as special and utilizing rules of predicate to pull or push non-security expressions above or below security expressions, depending on the likelihood of a non-security being safe, as determined via a static and/or dynamic analysis.
摘要翻译：本发明的系统和方法通过利用SQL扩展来创建和关联命名的安全表达式与查询启动器来促进数据库行级安全性。这样的表达式包括布尔表达式，这些表达式必须由一行数据满足，以使该数据能够被查询启动器访问。一般来说，查询会增加安全性表达式，这些表达式在查询数据行期间进行聚合和使用。系统和方法将查询中的安全表达式各不相同，以优化查询性能，同时减轻信息泄漏。这是通过将安全表达式标记为特殊的，并利用谓词的规则在安全表达式之上或之下拉取或推送非安全性表达式，这取决于非安全性的可能性，通过静态和/或动态分析确定。

37. 发明授权

US08925035B2 System and method for document isolation 有权
标题翻译：用于文档隔离的系统和方法
公开(公告)号：US08925035B2
公开(公告)日：2014-12-30
申请号：US12731774
申请日：2010-03-25
申请人： Tanmoy Dutta , Alexander G. Balikov , Himani Naresh
发明人： Tanmoy Dutta , Alexander G. Balikov , Himani Naresh
IPC分类号： H04L9/32 , G06Q10/10
CPC分类号： G06Q10/10 , Y10S707/99938
摘要： A computer based system and method of providing document isolation during routing of a document through a workflow is disclosed. The method comprises maintaining a separate “working” copy of the original base document while the document is routed through a workflow. Access controls, which define who may access the original document as well as any versions of the working copy document, are defined and stored in relation to the documents. The access controls further define the types of actions users may take with respect to the document. Users are selectively directed to the appropriate document, either the base document or working copy, and selectively granted permission to perform publishing operations on the working copy document, as determined by the access controls.
摘要翻译：公开了一种基于计算机的系统和在通过工作流程路由文档期间提供文档隔离的方法。该方法包括在通过工作流路由文档时维护原始基本文档的单独“工作”副本。定义谁可以访问原始文档以及任何版本的工作副本文档的访问控制是根据文档进行定义和存储的。访问控制进一步定义用户可能对文档采取的操作类型。用户被选择性地定向到适当的文档，即基本文档或工作副本，并且由访问控制确定，选择性地授予对工作副本文档执行发布操作的权限。

38. 发明授权

US08544083B2 Identification security elevation 有权
标题翻译：识别安全标高
公开(公告)号：US08544083B2
公开(公告)日：2013-09-24
申请号：US12388679
申请日：2009-02-19
申请人： Karthik Jaganathan , Tanmoy Dutta , Eric C Perlin , Steven L. Hiskey , Cezar Ungureanasu
发明人： Karthik Jaganathan , Tanmoy Dutta , Eric C Perlin , Steven L. Hiskey , Cezar Ungureanasu
IPC分类号： G06F21/00
CPC分类号： H04L63/105 , G06F21/6218 , G06F2221/2105
摘要： Security elevation techniques are described. In an implementation, a request is received for additional security access beyond that which is currently specified for a program. An identity that describes the program is checked with a plurality of conditions. The security level is automatically elevated to grant the additional security access when the identity corresponds to one of the conditions that indicates that the security level is to be automatically elevated.
摘要翻译：描述安全标高技术。在实现中，接收到超出当前为程序指定的安全访问的附加安全访问的请求。在多个条件下检查描述程序的身份。当身份对应于指示安全级别要自动提升的条件之一时，安全级别自动升级以授予额外的安全访问权限。

39. 发明授权

US08528058B2 Native use of web service protocols and claims in server authentication 有权
标题翻译：在服务器认证中本机使用Web服务协议和声明
公开(公告)号：US08528058B2
公开(公告)日：2013-09-03
申请号：US11755968
申请日：2007-05-31
申请人： Liqiang Zhu , Gennady Medvinsky , Tanmoy Dutta , Cristian Ilac , Andreas Luther , John P Shewchuk
发明人： Liqiang Zhu , Gennady Medvinsky , Tanmoy Dutta , Cristian Ilac , Andreas Luther , John P Shewchuk
IPC分类号： H04L29/06
CPC分类号： H04L63/0823 , H04L63/166 , H04L67/02
摘要： Architecture for natively authenticating a client application to a web server via HTTP authentication. The Web Services Architecture, and more specifically, Web Services Security, is leveraged to enable legacy applications to access web services transparently to the existing legacy applications. A security support provider (SSP) is created that employs WS-* protocol to at least emulate ws-trust and ws-mex thereby enabling policy exchange via an HTTP protocol stack. Policy can be exchanged via a WWW-Authenticate header enabling legacy applications to use the WS-* family of protocols without modifying the client application. The WS-* protocols are abstracted into a generic programming interface for native client application use.
摘要翻译：通过HTTP认证将客户端应用程序本地验证到Web服务器的体系结构。 Web服务体系结构，更具体地说，Web服务安全性是有利于使传统应用程序能够透明地访问现有的遗留应用程序的Web服务。创建了一个安全支持提供程序（SSP），它使用WS- *协议来至少模拟ws-trust和ws-mex，从而通过HTTP协议栈实现策略交换。可以通过WWW-Authenticate标头来交换策略，使得遗留应用程序能够使用WS- *系列协议，而无需修改客户端应用程序。将WS- *协议抽象为通用编程接口，用于本机客户机应用程序的使用。

40. 发明授权

US08326877B2 Region-based security 有权
标题翻译：基于区域的安全
公开(公告)号：US08326877B2
公开(公告)日：2012-12-04
申请号：US11122299
申请日：2005-05-04
申请人： Ziquan Li , Tanmoy Dutta
发明人： Ziquan Li , Tanmoy Dutta
IPC分类号： G06F7/00 , G06F17/30
CPC分类号： G06F21/6227
摘要： The subject invention relates to systems and methods that provide region-based security to database objects having hierarchical relationships. In one aspect, a system is provided that facilitates database security and management. The system includes a database component that stores a plurality of objects having a hierarchical relationship between the objects. A region component defines security zones for a subset of the objects and maps security data to the subset, wherein the security zones are independent, decoupled, or disassociated from the hierarchical relationships between the objects.
摘要翻译：本发明涉及向具有分层关系的数据库对象提供基于区域的安全性的系统和方法。在一个方面，提供了一种便于数据库安全和管理的系统。该系统包括存储具有对象之间的分层关系的多个对象的数据库组件。区域组件定义对象的子集的安全区域，并将安全数据映射到子集，其中，安全区域与对象之间的分层关系是独立的，去耦合的或与之关联的。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式