专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

51. 发明授权

US08805971B1 Client-specified schema extensions in cloud computing environments 有权
标题翻译：云计算环境中客户端指定的模式扩展
公开(公告)号：US08805971B1
公开(公告)日：2014-08-12
申请号：US13524945
申请日：2012-06-15
申请人： Gregory B. Roth , James E. Scharf, Jr. , Rajiv Ramachandran , Anders Samuelsson , Keith A. Carlson
发明人： Gregory B. Roth , James E. Scharf, Jr. , Rajiv Ramachandran , Anders Samuelsson , Keith A. Carlson
IPC分类号： G06F15/177
CPC分类号： G06F9/5072
摘要： Methods and apparatus for client-specified schema extensions in cloud computing environments are disclosed. A system includes a plurality of service managers coordinating respective multitenant network-accessible services, and one or more computer servers. In response to a schema extension request specifying a client account, a client attribute set, and a client data source, the one or more computer servers generate a composite schema customized for the client account comprising (a) attributes of a plurality of resources implementing the functionality of at least one service to which the client account has access and (b) the client attribute set. In response to an account state view request specifying the client account, the one or more computer servers provide a state representation comprising (a) at least one value of a particular client attribute and (b) at least one attribute value of a resource.
摘要翻译：披露了云计算环境中用于客户端指定的模式扩展的方法和装置。系统包括协调相应的多租户网络可访问服务的多个服务管理器和一个或多个计算机服务器。响应于指定客户帐户，客户端属性集和客户端数据源的模式扩展请求，所述一个或多个计算机服务器生成为该客户帐户定制的复合模式，其包括（a）多个资源的属性，至少一个客户帐户具有访问权限的服务的功能，以及（b）客户端属性集。响应于指定客户帐户的帐户状态视图请求，一个或多个计算机服务器提供状态表示，其包括（a）特定客户端属性的至少一个值和（b）资源的至少一个属性值。

52. 发明授权

US08756651B2 Policy compliance-based secure data access 有权
标题翻译：基于策略合规性的安全数据访问
公开(公告)号：US08756651B2
公开(公告)日：2014-06-17
申请号：US13246445
申请日：2011-09-27
申请人： Graeme D. Baer , Gregory B. Roth
发明人： Graeme D. Baer , Gregory B. Roth
IPC分类号： G06F21/00 , G06F21/57 , H04L29/06
CPC分类号： G06F21/577 , H04L63/08 , H04L63/20 , H04L2463/081
摘要： Access control techniques relate to verifying compliance with security policies before enabling access to the computing resources. An application is provided on a client that generates verification codes using an authentication seed. Prior to granting the client the authentication seed necessary to generate a verification code, a server may perform a policy check on the client. Some embodiments ensure that the client complies with security policies imposed by an authenticating party by retrieving a number of parameter values from the client and then determining whether those parameter values comply with the security policies. Upon determining that the client complies, the authentication seed is issued to the client. In some embodiments, the authentication seed is provided such that a policy check is performed upon the generation of a verification code. The client is given access to secure information when the client is determined to comply with the security policies.
摘要翻译：访问控制技术涉及在启用对计算资源的访问之前验证对安全策略的遵从性。在使用认证种子生成验证码的客户端上提供应用程序。在授予客户端生成验证码所需的认证种子之前，服务器可以对客户端执行策略检查。一些实施例确保客户端通过从客户端检索多个参数值，然后确定这些参数值是否符合安全策略，从而符合认证方施加的安全策略。在确定客户端符合的情况下，向客户端发出认证种子。在一些实施例中，提供认证种子，使得在生成验证码时执行策略检查。当客户端确定遵守安全策略时，客户端可以访问安全信息。

53. 发明授权

US08656471B1 Virtual requests 有权
标题翻译：虚拟请求
公开(公告)号：US08656471B1
公开(公告)日：2014-02-18
申请号：US13418230
申请日：2012-03-12
申请人： Nicholas Alexander Allen , Gregory B. Roth , Elena Dykhno
发明人： Nicholas Alexander Allen , Gregory B. Roth , Elena Dykhno
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , H04L67/2823
摘要： A first request from a client using a first protocol is translated into one or more second requests by a servicer using a second protocol through a virtual request using the first protocol. A client may use parameters of the first protocol to pass virtual request components to the servicer. A format agreement between the client, servicer and/or authentication service may allow the servicer and/or authentication service to translate virtual request components over the first protocol to one or more second requests using the second protocol. Virtual request components may also prove the authenticity of the virtual request received by the servicer to an authentication service. Once satisfied the virtual request is valid, the authentication service may issue a credential to the servicer to send the one or more second requests to an independent service. Virtual requests may be included in various protocols, including credential-based protocols and certificate exchange-based protocols.
摘要翻译：来自使用第一协议的客户端的第一请求由服务器使用第一协议通过虚拟请求使用第二协议转换成一个或多个第二请求。客户端可以使用第一协议的参数将虚拟请求组件传递给服务器。客户机，服务器和/或认证服务之间的格式协议可以允许服务器和/或认证服务通过第一协议将虚拟请求组件转换成使用第二协议的一个或多个第二请求。虚拟请求组件也可以证明服务器接收到的认证服务的虚拟请求的真实性。一旦满足虚拟请求是有效的，则认证服务可以向服务器发出凭证以将一个或多个第二请求发送到独立服务。虚拟请求可以包括在各种协议中，包括基于证书的协议和基于证书交换的协议。

54. 发明授权

US08490162B1 System and method for recognizing malicious credential guessing attacks 有权
标题翻译：识别恶意凭据猜测攻击的系统和方法
公开(公告)号：US08490162B1
公开(公告)日：2013-07-16
申请号：US13248736
申请日：2011-09-29
申请人： Stefan Popoveniuc , Cristian M. Ilac , Gregory B. Roth , Eric J. Brandwine
发明人： Stefan Popoveniuc , Cristian M. Ilac , Gregory B. Roth , Eric J. Brandwine
IPC分类号： G06F21/00
CPC分类号： H04L63/083 , G06F21/316 , G06F21/552 , H04L63/08 , H04L63/102 , H04L63/1433 , H04L63/1441 , H04L63/20
摘要： A system includes a memory and a processor. The memory is operable to store a credential verifier associated with a user account and a counter. The processor is coupled to the memory and the memory includes executable instructions that cause the system to receive a first authentication attempt and increment the counter if validation of the first authentication attempt against the credential verifier fails. The instructions also cause the system to receive a second authentication attempt and increment the counter only if validation of the second authentication attempt against the credential verifier fails and the second authentication attempt is distinct from the first authentication attempt.
摘要翻译：系统包括存储器和处理器。存储器可操作地存储与用户帐户和计数器相关联的凭证验证器。处理器耦合到存储器，并且存储器包括可执行指令，其使系统接收第一认证尝试，并且如果针对证书验证器的第一认证尝试的验证失败，则递增计数器。指令还使得系统接收第二认证尝试，并且只有当对证书验证者的第二认证尝试的验证失败并且第二认证尝试与第一认证尝试不同时才递增计数器。

55. 发明申请

US20130081101A1 POLICY COMPLIANCE-BASED SECURE DATA ACCESS 有权
标题翻译：基于政策合规性的安全数据访问
公开(公告)号：US20130081101A1
公开(公告)日：2013-03-28
申请号：US13246445
申请日：2011-09-27
申请人： Graeme D. Baer , Gregory B. Roth
发明人： Graeme D. Baer , Gregory B. Roth
IPC分类号： G06F21/00
CPC分类号： G06F21/577 , H04L63/08 , H04L63/20 , H04L2463/081
摘要： Access control techniques relate to verifying compliance with security policies before enabling access to the computing resources. An application is provided on a client that generates verification codes using an authentication seed. Prior to granting the client the authentication seed necessary to generate a verification code, a server may perform a policy check on the client. Some embodiments ensure that the client complies with security policies imposed by an authenticating party by retrieving a number of parameter values from the client and then determining whether those parameter values comply with the security policies. Upon determining that the client complies, the authentication seed is issued to the client. In some embodiments, the authentication seed is provided such that a policy check is performed upon the generation of a verification code. The client is given access to secure information when the client is determined to comply with the security policies.
摘要翻译：访问控制技术涉及在启用对计算资源的访问之前验证对安全策略的遵从性。在使用认证种子生成验证码的客户端上提供应用程序。在授予客户端生成验证码所需的认证种子之前，服务器可以对客户端执行策略检查。一些实施例确保客户端通过从客户端检索多个参数值，然后确定这些参数值是否符合安全策略，从而符合认证方施加的安全策略。在确定客户端符合的情况下，向客户端发出认证种子。在一些实施例中，提供认证种子，使得在生成验证码时执行策略检查。当客户端确定遵守安全策略时，客户端可以访问安全信息。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式