专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

41. 发明授权

US08127133B2 Labeling of data objects to apply and enforce policies 有权
标题翻译：标示数据对象以应用和执行策略
公开(公告)号：US08127133B2
公开(公告)日：2012-02-28
申请号：US11627059
申请日：2007-01-25
申请人： David B. Cross , Satyajit Nath , George Z. Li , Tanmoy Dutta , Sunil Gottumukkala
发明人： David B. Cross , Satyajit Nath , George Z. Li , Tanmoy Dutta , Sunil Gottumukkala
IPC分类号： H04L29/06
CPC分类号： G06F21/6218
摘要： One or more labels are associated with a data object. One or more policies are associated with each of the labels. Based on the labels associated with the data objects, the associated policies are dispatched to policy decision engines to take one or more actions to enforce the policy. The labels, and the policies associated with the labels, are chosen by a business administrator within an enterprise, and are implemented by an Information Technology (IT) administrator. The association between labels and polices allows the policy to be applied to an object to be decoupled from the characterization of the nature of the object, or its purpose and/or role within an enterprise, business purpose and/or context of the object. Examples of policies are: access, backup, retention, isolation, audit, etc.
摘要翻译：一个或多个标签与数据对象相关联。一个或多个策略与每个标签相关联。基于与数据对象相关联的标签，相关联的策略被分派到策略决策引擎，以采取一个或多个动作来执行策略。标签和与标签相关联的策略由企业内的业务管理员选择，并由信息技术（IT）管理员实现。标签和策略之间的关联允许将策略应用于要从对象的性质的表征或其在企业内的目的和/或作用，商业目的和/或对象的上下文中去脱离的对象。策略的例子有：访问，备份，保留，隔离，审核等。

42. 发明授权

US08045714B2 Systems and methods for managing multiple keys for file encryption and decryption 有权
标题翻译：用于管理文件加密和解密的多个密钥的系统和方法
公开(公告)号：US08045714B2
公开(公告)日：2011-10-25
申请号：US11053212
申请日：2005-02-07
申请人： David B. Cross , Duncan G. Bryce , Jianrong Gu , Kelvin Shek Yiu , Monica Ioana Ene-Pietrosanu
发明人： David B. Cross , Duncan G. Bryce , Jianrong Gu , Kelvin Shek Yiu , Monica Ioana Ene-Pietrosanu
IPC分类号： H04L9/00
CPC分类号： G06F21/602 , G06F21/6209 , G06F21/6281 , G06F2221/2141 , H04L9/0891 , H04L9/0894 , H04L9/16
摘要： Systems and methods for managing multiple keys for file encryption and decryption may provide an encrypted list of previously used keys. The list itself may be encrypted using a current key. To decrypt files that are encrypted in one or more of the previous keys, the list can be decrypted, and the appropriate previous key can be retrieved. To re-key files, an automated process can decrypt any files using previous keys and encrypt them using the current key. If a new current key is introduced, the prior current key can be used to decrypt the list of keys, the prior current key can be added to the list, and the list can be re-encrypted using the new current key.
摘要翻译：用于管理用于文件加密和解密的多个密钥的系统和方法可以提供先前使用的密钥的加密列表。列表本身可以使用当前密钥进行加密。要解密在一个或多个先前密钥中加密的文件，可以解密该列表，并且可以检索相应的上一个密钥。要重新启动文件，自动化过程可以使用先前的密钥解密任何文件，并使用当前密钥进行加密。如果引入新的当前密钥，则可以使用先前的当前密钥来解密密钥列表，可以将先前的当前密钥添加到列表中，并且可以使用新的当前密钥重新加密列表。

43. 发明授权

US07703128B2 Digital identity management 有权
标题翻译：数字身份管理
公开(公告)号：US07703128B2
公开(公告)日：2010-04-20
申请号：US10365878
申请日：2003-02-13
申请人： David B. Cross , Philip J. Hallin , Matthew W. Thomlinson , Thomas C. Jones
发明人： David B. Cross , Philip J. Hallin , Matthew W. Thomlinson , Thomas C. Jones
IPC分类号： G06F7/04
CPC分类号： H04L9/3263 , G06F21/33 , G06F21/45 , H04L9/006 , H04L9/14 , H04L9/30 , H04L9/3231 , H04L9/3234 , H04L63/06 , H04L2209/603
摘要： One aspect relates to a process and associated device for managing digital ID lifecycles for application programs, and abstracting application programs for multiple types of credentials through a common Digital Identity Management System (DIMS) and Application Programming Interface (API) layer.
摘要翻译：一个方面涉及一种用于管理用于应用程序的数字ID生命周期的过程和相关设备，以及通过公共数字身份管理系统（DIMS）和应用编程接口（API）层抽象用于多种凭证的应用程序。

44. 发明申请

US20090178129A1 SELECTIVE AUTHORIZATION BASED ON AUTHENTICATION INPUT ATTRIBUTES 有权
标题翻译：基于认证输入属性的选择性授权
公开(公告)号：US20090178129A1
公开(公告)日：2009-07-09
申请号：US11969456
申请日：2008-01-04
申请人： David B. Cross , Mark F. Novak , Oded Ye Shekel , Paul J. Leach , Andreas Luther , Thomas C. Jones
发明人： David B. Cross , Mark F. Novak , Oded Ye Shekel , Paul J. Leach , Andreas Luther , Thomas C. Jones
IPC分类号： H04L9/32
CPC分类号： H04L9/3213 , H04L9/3226 , H04L9/3263 , H04L63/0807
摘要： Embodiments for providing differentiated access based on authentication input attributes are disclosed. In accordance with one embodiment, a method includes receiving an authentication input at an authentication authority using an authentication protocol. The authentication input being associated with a client. The method also includes providing one or more representations for the authentication input, wherein each of the representations represents an attribute of the authentication input.
摘要翻译：公开了基于认证输入属性提供差分访问的实施例。根据一个实施例，一种方法包括使用认证协议在认证机构处接收认证输入。认证输入与客户端相关联。该方法还包括为认证输入提供一个或多个表示，其中每个表示代表认证输入的属性。

45. 发明授权

US07434253B2 User mapping information extension for protocols 有权
标题翻译：协议的用户映射信息扩展
公开(公告)号：US07434253B2
公开(公告)日：2008-10-07
申请号：US11181525
申请日：2005-07-14
申请人： Christopher J. Crall , Gennady Medvinsky , Joshua Ball , Karthik Jaganathan , Paul J. Leach , Liqiang Zhu , David B. Cross
发明人： Christopher J. Crall , Gennady Medvinsky , Joshua Ball , Karthik Jaganathan , Paul J. Leach , Liqiang Zhu , David B. Cross
IPC分类号： H04L9/32 , H04L9/00
CPC分类号： H04L9/3263 , H04L9/3273 , H04L63/0807 , H04L63/0823 , H04L63/0876 , H04L63/10 , H04L63/166
摘要： A hint containing user mapping information is provided in messages that may be exchanged during authentication handshakes. For example, a client may provide user mapping information to the server during authentication. The hint (e.g., in the form of a TLS extension mechanism) may be used to send the domain/user name information of a client to aid the server in mapping the user's certificate to an account. The extension mechanism provides integrity and authenticity of the mapping data sent by the client. The user provides a hint as to where to find the right account or domain controller (which points to, or otherwise maintains, the correct account). Based on the hint and other information in the certificate, the user is mapped to an account. The hint may be provided by the user when he logs in. Thus, a certificate is mapped to an identity to authenticate the user. A hint is sent along with the certificate information to perform the binding. Existing protocols may be extended to communicate the additional mapping information (the hint) to perform the binding. A vendor specific extension to Kerberos is defined to obtain the authorization data based on an X.509 certificate and the mapping user name hint.
摘要翻译：在认证握手期间可以交换的消息中提供了包含用户映射信息的提示。例如，客户端可以在认证期间向服务器提供用户映射信息。提示（例如，以TLS扩展机制的形式）可以用于发送客户端的域/用户名信息，以帮助服务器将用户的证书映射到帐户。扩展机制提供客户端发送的映射数据的完整性和真实性。用户提供关于在哪里找到正确的帐户或域控制器（指向或以其他方式维护正确的帐户）的提示。根据证书中的提示和其他信息，用户被映射到一个帐户。提示可以由用户在登录时提供。因此，证书被映射到身份以验证用户。发送提示与证书信息一起执行绑定。可以扩展现有协议以传达额外的映射信息（提示）来执行绑定。定义了针对Kerberos的供应商特定扩展，以根据X.509证书和映射用户名提示获取授权数据。

46. 发明授权

US07376968B2 BIOS integrated encryption 有权
标题翻译： BIOS集成加密
公开(公告)号：US07376968B2
公开(公告)日：2008-05-20
申请号：US10718153
申请日：2003-11-20
申请人： Andrew J. Ritz , David B. Cross , Duncan Bryce , James A. Schwartz, Jr. , Jianrong Gu , Scott A. Field
发明人： Andrew J. Ritz , David B. Cross , Duncan Bryce , James A. Schwartz, Jr. , Jianrong Gu , Scott A. Field
IPC分类号： G06F1/00 , G06F17/30 , G06F9/00
CPC分类号： G06F21/575 , G06F21/6209 , G06F2221/2107
摘要： A system and method for facilitating BIOS integrated encryption is provided. An interface is defined between the operating system and the BIOS. The operating system employs this interface to provide BIOS code information to facilitate decryption of data that is encrypted on the system. In the pre-operating system boot phase, the BIOS employs the decryption information provided from this interface in order to decrypt the data. The decrypted information can be employed to facilitate secure rebooting of a computer system from hibernate mode and/or secure access to device(s).
摘要翻译：提供了一种用于促进BIOS集成加密的系统和方法。在操作系统和BIOS之间定义一个接口。操作系统采用该接口提供BIOS代码信息，以便于在系统上加密的数据的解密。在操作前系统启动阶段，BIOS使用从该接口提供的解密信息来解密数据。解密的信息可用于促进计算机系统从休眠模式的安全重新启动和/或安全地访问设备。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式