专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09767262B1 Managing security credentials 有权
公开(公告)号：US09767262B1
公开(公告)日：2017-09-19
申请号：US13194287
申请日：2011-07-29
申请人： Darren E. Canavor , Jesper M. Johansson
发明人： Darren E. Canavor , Jesper M. Johansson
IPC分类号： G06F21/00 , G06F21/31 , H04L9/32 , G06F21/62
CPC分类号： G06F21/31 , G06F21/6218 , H04L9/3226
摘要： Disclosed are various embodiments for managing security credentials. In one embodiment, a request for a security credential is obtained from a client and is stored in association with a user account. Knowledge-based questions are provided to the client in response to the request. At least one of the knowledge-based questions is dynamically generated based at least in part on data associated with the user account. Answers to the knowledge-based questions are obtained from the client. The security credential is provided to the client based at least in part on the answers.

2. 发明授权

US08776214B1 Authentication manager 有权
标题翻译：验证管理器
公开(公告)号：US08776214B1
公开(公告)日：2014-07-08
申请号：US12539886
申请日：2009-08-12
申请人： Jesper M. Johansson
发明人： Jesper M. Johansson
IPC分类号： G06F17/30
CPC分类号： H04L63/083 , G06F21/31 , G06F2221/2119 , H04L63/08 , H04L63/0823 , H04L63/102 , H04L63/1433
摘要： Disclosed are various embodiments for an authentication manager. A security credential is generated based at least in part on a security credential specification associated with a network site. The security credential and a domain name associated with the network site are stored. The security credential is provided to the network site when a domain name associated with a trusted certificate provided by the network site matches the stored domain name.
摘要翻译：公开了用于认证管理器的各种实施例。至少部分地基于与网络站点相关联的安全凭证规范生成安全凭证。存储安全凭证和与网站相关联的域名。当与网络站点提供的可信证书相关联的域名与存储的域名匹配时，将安全凭证提供给网站。

3. 发明授权

US08683597B1 Risk-based authentication duration 有权
标题翻译：基于风险的身份验证持续时间
公开(公告)号：US08683597B1
公开(公告)日：2014-03-25
申请号：US13314943
申请日：2011-12-08
申请人： Jesper M. Johansson , Darren E. Canavor , David W. Hitchcock
发明人： Jesper M. Johansson , Darren E. Canavor , David W. Hitchcock
IPC分类号： G06F11/00
CPC分类号： H04L63/08 , G06F21/30 , G06F21/31 , G06F21/51 , G06F2221/2139 , H04L63/083
摘要： Disclosed are various embodiments that perform confidence-based authentication of a user. A request from a user is obtained, where the request pertains to an operation on a network site. An authentication duration for the user is determined, based on a risk to the user of performing the operation. A determination is made whether a current session associated with the user has expired, based on the authentication duration. The operation requested by the user is performed in response to the determination that the current session associated with the user has expired.
摘要翻译：公开了执行用户的基于置信度的认证的各种实施例。获得来自用户的请求，其中请求涉及网络站点上的操作。基于用户执行操作的风险来确定用户的认证持续时间。基于认证持续时间确定与用户相关联的当前会话是否已经过期。响应于与用户相关联的当前会话已经到期的确定来执行用户请求的操作。

4. 发明授权

US08621209B1 Confidence-based authentication 有权
标题翻译：基于置信的认证
公开(公告)号：US08621209B1
公开(公告)日：2013-12-31
申请号：US13277026
申请日：2011-10-19
申请人： Jesper M. Johansson , Darren E. Canavor , Daniel W. Hitchcock
发明人： Jesper M. Johansson , Darren E. Canavor , Daniel W. Hitchcock
IPC分类号： H04L29/06 , H04L9/32 , G06F7/04
CPC分类号： H04L63/08
摘要： Disclosed are various embodiments that perform confidence-based authentication of a user. An identification of a user account is obtained from a user, and a minimum confidence threshold is determined. Multiple authentication questions are presented to the user, where the authentication questions are determined based at least in part on stored transaction information associated with the user account. Answers are obtained from the user to a subset of the questions, with each answer having a corresponding authentication point value. A confidence score is generated for the user, where the confidence score is increased by the respective authentication point values of the correct answers. Access by the user to a resource associated with the user account is authorized in response to determining that the confidence score meets the minimum confidence threshold.
摘要翻译：公开了执行用户的基于置信度的认证的各种实施例。从用户获得用户帐户的识别，并确定最小置信阈值。至少部分地基于与用户帐户相关联的存储的交易信息来确定认证问题的多个认证问题。答案从用户获得到问题的一个子集，每个答案具有相应的认证点值。为用户生成置信度分数，其中置信度得分通过正确答案的相应认证点值增加。响应于确定置信度分数满足最小置信度阈值，授权用户访问与用户帐户相关联的资源。

5. 发明授权

US08495717B1 Secure key distribution service 有权
标题翻译：安全密钥分发服务
公开(公告)号：US08495717B1
公开(公告)日：2013-07-23
申请号：US12429494
申请日：2009-04-24
申请人： Jacob Beacham , Jesper M. Johansson , Cyrus Durgin
发明人： Jacob Beacham , Jesper M. Johansson , Cyrus Durgin
IPC分类号： H04L29/06
CPC分类号： H04L9/083 , G06F21/604 , G06F21/62 , G06F2221/2129 , G06F2221/2149 , H04L9/08 , H04L9/0816 , H04L61/1511 , H04L61/1523 , H04L63/06 , H04L63/062
摘要： A secure key distribution server (SKDS) determines identity of a requesting server without use of a shared secret by resolving the fully qualified domain name (FQDN) to a network address and comparing it with the network address of a key request. A credential string may also be used as part of the identification. Once identity is established, keys may be securely distributed. The SKDS may also be implemented in a peer-to-peer configuration.
摘要翻译：安全密钥分发服务器（SKDS）通过将完全限定域名（FQDN）解析为网络地址并将其与密钥请求的网络地址进行比较来确定请求服务器的身份，而不使用共享秘密。凭证字符串也可以用作标识的一部分。一旦建立了身份，密钥可能被安全分发。 SKDS也可以在对等配置中实现。

6. 发明授权

US07673326B2 System and method utilizing clean groups for security management 有权
标题翻译：系统和方法利用清洁组进行安全管理
公开(公告)号：US07673326B2
公开(公告)日：2010-03-02
申请号：US10771840
申请日：2004-02-04
申请人： Art Shelest , Jesper M. Johansson
发明人： Art Shelest , Jesper M. Johansson
IPC分类号： G06F12/14
CPC分类号： G06F21/577
摘要： A system and method that utilizes clean groups for reducing security management complexity. The system reduces the complexity of managing security technologies by automatically assigning objects such as computers or persons to clean groups which are defined by existing management infrastructure. In an embodiment where members are computers, ongoing automatic efforts ensure that clean groups include only computers that satisfy specified security principles, which allows administrators to treat all computers that are in compliance as a group. Separately, the members of the clean group are required to implement self-governance, which is an ability to detect being compromised and to take steps to remove themselves from the clean group when they are compromised. In addition to attempting to remove itself from the clean group, a compromised computer may take additional steps aimed at minimizing further damage, such as erasing or hiding computer domain credentials, hiding/protecting/disabling cryptographic (e.g. EFS) keys, or logging out a user.
摘要翻译：一种利用清洁组来降低安全管理复杂度的系统和方法。该系统通过自动分配诸如计算机或人员的对象来清除由现有管理基础设施定义的组，来降低管理安全技术的复杂性。在成员是计算机的实施例中，正在进行的自动尝试确保清洁组仅包括满足指定安全原则的计算机，这允许管理员将所有符合规定的计算机视为一组。另外，清洁小组的成员需要实施自治，这是一种检测被破坏的能力，并且在遭到破坏时采取步骤将其从干净的群体中移出。除了试图将其从干净的组中删除外，受感染的计算机可能会采取额外的步骤，旨在最大限度地减少进一步的损坏，例如擦除或隐藏计算机域凭据，隐藏/保护/禁用加密（例如EFS）密钥或注销用户。

7. 发明授权

US09432356B1 Host identity bootstrapping 有权
标题翻译：主机身份自举
公开(公告)号：US09432356B1
公开(公告)日：2016-08-30
申请号：US12435995
申请日：2009-05-05
申请人： Jesper M. Johansson , Matthew T. Corddry , Tom F. Hansen , Luke F. Kearney
发明人： Jesper M. Johansson , Matthew T. Corddry , Tom F. Hansen , Luke F. Kearney
IPC分类号： H04L29/06 , G06F21/33
CPC分类号： G06F9/4416 , G06F9/4406 , G06F21/33 , H04L9/3268 , H04L29/06 , H04L63/062 , H04L63/0823 , H04L63/0876 , H04L63/10 , H04L2209/64
摘要： Automated provisioning of hosts on a network with reasonable levels of security is described in this application. A certificate management service (CMS) on a host, one or more trusted agents, and a public key infrastructure are utilized in a secure framework to establish host identity. Once host identity is established, signed encryption certificates may be exchanged and secure communication may take place.
摘要翻译：本应用程序介绍了具有合理级别安全性的网络上主机的自动配置。在安全框架中利用主机上的证书管理服务（CMS），一个或多个可信代理和公钥基础设施来建立主机标识。一旦建立了主机身份，可以交换签名的加密证书，并可能进行安全通信。

8. 发明授权

US08966621B1 Out-of-band authentication of e-mail messages 有权
标题翻译：电子邮件的带外认证
公开(公告)号：US08966621B1
公开(公告)日：2015-02-24
申请号：US12974945
申请日：2010-12-21
申请人： Jesper M. Johansson , Justin C. Crites , Robert Hanson
发明人： Jesper M. Johansson , Justin C. Crites , Robert Hanson
IPC分类号： G06F11/00 , G06F12/14 , G06F12/16 , G08B23/00
CPC分类号： G06F21/552 , H04L51/16 , H04L63/12 , H04L63/123 , H04L63/1425
摘要： Technologies are described herein for providing out-of-band authentication of an e-mail message. A recipient of an e-mail message purporting to be from an organization forwards the e-mail message or submits its content to that organization for authentication. The authenticity of the e-mail message is determined based on authentication data, such as outgoing message logs or authentication keys, maintained at the source of the e-mail message. Upon authenticating the e-mail message, the recipient is informed of the authenticity of the e-mail message.
摘要翻译：这里描述了用于提供电子邮件消息的带外认证的技术。看来是来自组织的电子邮件的收件人转发电子邮件或将其内容提交给该组织进行身份验证。基于维护在电子邮件消息来源的认证数据（例如传出消息日志或认证密钥）来确定电子邮件的真实性。在验证电子邮件消息时，向收件人通知电子邮件的真实性。

9. 发明授权

US08856896B1 Transparently updating user credentials 有权
标题翻译：透明地更新用户凭据
公开(公告)号：US08856896B1
公开(公告)日：2014-10-07
申请号：US13168354
申请日：2011-06-24
申请人： Jesper M. Johansson , Nishant Mittal , Darren E. Canavor
发明人： Jesper M. Johansson , Nishant Mittal , Darren E. Canavor
IPC分类号： G06F7/04
CPC分类号： G06F21/45 , G06F21/62 , H04L9/0891 , H04L2209/16
摘要： A user password is obfuscated using a first obfuscation algorithm and stored. A security module receives a password from a user a first time and, in response thereto, obfuscates the password using a second obfuscation algorithm and stores the obfuscated password. The security module subsequently receives the password from the user a second time. In response thereto, the security module obfuscates the password using the second algorithm a second time and compares the results of the obfuscation with the stored password obfuscated using the second algorithm. If the results of the obfuscation and the stored password obfuscated using the second algorithm match, the security module replaces the stored password obfuscated using the first algorithm with the password obfuscated using the second algorithm. The operations are performed transparently to the user associated with the password.
摘要翻译：使用第一个模糊算法对用户密码进行模糊处理并进行存储。安全模块第一次从用户接收密码，并且响应于此，使用第二混淆算法对密码进行模糊并存储模糊密码。安全模块随后第二次从用户接收密码。响应于此，安全模块第二次使用第二算法模糊密码，并将混淆的结果与使用第二算法模糊的存储密码进行比较。如果混淆的结果和使用第二种算法混淆的存储密码匹配，则安全模块将使用第一种算法混淆的存储密码替换为使用第二种算法加密的密码。这些操作对与密码相关的用户透明地执行。

10. 发明申请

US20150143528A1 Risk Assessment for Software Applications 有权
标题翻译：软件应用风险评估
公开(公告)号：US20150143528A1
公开(公告)日：2015-05-21
申请号：US14581358
申请日：2014-12-23
申请人： Jesper M. Johansson , Kenneth L. Hamer , Beau J. Hunter , Jeffrey Joseph Busch
发明人： Jesper M. Johansson , Kenneth L. Hamer , Beau J. Hunter , Jeffrey Joseph Busch
IPC分类号： G06F21/57 , G06F9/445
CPC分类号： G06F21/577 , G06F8/61 , G06F2221/033 , G06F2221/2101 , G06F2221/2117 , G06F2221/2141 , H04L63/0876 , H04L63/1433 , H04W4/02
摘要： Disclosed are various embodiments for assessing risk associated with a software application on a user computing device in an enterprise networked environment. An application rating is generated for the software application based at least in part on application characteristics. A risk analysis for the installation of the application is generated based at least in part on the application rating, the user computing device, and user information.
摘要翻译：公开了用于评估与企业联网环境中的用户计算设备上的软件应用相关联的风险的各种实施例。至少部分地基于应用特征为软件应用产生应用等级。至少部分地基于应用等级，用户计算设备和用户信息来生成用于安装应用的风险分析。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式