专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US06212511B1 Distributed system and method for providing SQL access to management information in a secure distributed network 失效
标题翻译：用于在安全分布式网络中提供SQL访问管理信息的分布式系统和方法
公开(公告)号：US06212511B1
公开(公告)日：2001-04-03
申请号：US08962092
申请日：1997-10-31
申请人： Bart Lee Fisher , Rajeev Angal , Sai V. S. Allavarpu
发明人： Bart Lee Fisher , Rajeev Angal , Sai V. S. Allavarpu
IPC分类号： G06F1730
CPC分类号： H04L41/28 , G06F1/00 , G06F21/6227 , H04L41/024 , H04L63/101 , Y10S707/99931
摘要： An access control database defines access rights through the use of access control objects. The access control objects include group objects, each defining a group and a set of users who are members of the group, and rule objects. A first subset of the rule objects each specify a set of the group objects, a set of the management objects, and access rights by the users who are members of the groups defined by the specified set of the group objects to the specified set of management objects. The access control server responds to the access requests from the users by granting, denying and partially granting and denying the access requested in each access request in accordance with the access rights specified in the access control database. A database management system receives management information from the network and stores that information in a set of database tables. A database access privileges module stores table access rights information corresponding to at least a subset of the access rights stored in access control database. A database access engine receives user requests for management information stored in the database tables. It limits user access to the management information stored in the database tables in accordance with the table access rights information stored in the database access privileges module.
摘要翻译：访问控制数据库通过使用访问控制对象来定义访问权限。访问控制对象包括组对象，每个对象定义组和一组作为组成员的用户以及规则对象。规则对象的第一个子集每个都指定一组组对象，一组管理对象，以及由指定的组对象定义的组的成员的用户到指定的一组管理的访问权限对象访问控制服务器根据访问控制数据库中指定的访问权限，通过授予，拒绝和部分授予和拒绝在每个访问请求中请求的访问来响应来自用户的访问请求。数据库管理系统从网络接收管理信息，并将该信息存储在一组数据库表中。数据库访问权限模块存储对应于访问控制数据库中存储的访问权限的至少一个子集的表访问权限信息。数据库访问引擎接收用户对存储在数据库表中的管理信息的请求。它根据存储在数据库访问权限模块中的表访问权限信息限制用户对存储在数据库表中的管理信息的访问。

2. 发明授权

US06064656A Distributed system and method for controlling access control to network resources 失效
标题翻译：用于控制对网络资源的访问控制的分布式系统和方法
公开(公告)号：US06064656A
公开(公告)日：2000-05-16
申请号：US962089
申请日：1997-10-31
申请人： Rajeev Angal , Sai V. S. Allavarpu , Shivaram Bhat , Bart Lee Fisher , Ping Luo
发明人： Rajeev Angal , Sai V. S. Allavarpu , Shivaram Bhat , Bart Lee Fisher , Ping Luo
IPC分类号： G06F13/00 , G06F1/00 , G06F12/14 , G06F21/00 , H04L29/06 , H04L12/28
CPC分类号： H04L63/102 , G06F21/6218 , H04L29/06 , H04L63/105 , H04L63/20 , G06F12/1483 , H04L67/42
摘要： An access control database defines access rights through the use of access control objects. The access control objects include group objects, each defining a group and a set of users who are members of the group, and rule objects. Some of the rule objects each specify a set of the group objects, a set of the management objects, and access rights by the users who are members of the groups defined by the specified set of the group objects to the specified set of management objects. A plurality of access control servers are used to process access requests. Each access control server controls access to a distinct subset of the management objects in accordance with the access rights specified in the access control database. At least one of the access control servers receives access requests from the users and distributes the received access requests among the access control servers for processing. A subset of the access requests specify operations to be performed on specified sets of the management objects. Each of these access requests is sent for processing to one or more of the access control servers in accordance with the management objects to which access is being requested. The access control servers responding to the access requests from the users by granting, denying and partially granting and denying the access requested in each access request in accordance with the access rights specified in the access control database.
摘要翻译：访问控制数据库通过使用访问控制对象来定义访问权限。访问控制对象包括组对象，每个对象定义组和一组作为组成员的用户以及规则对象。一些规则对象每个都指定一组组对象，一组管理对象，以及由指定的组对象定义的组的成员的用户到指定的一组管理对象的访问权限。多个访问控制服务器用于处理访问请求。每个访问控制服务器根据访问控制数据库中指定的访问权限来控制对管理对象的不同子集的访问。访问控制服务器中的至少一个接收来自用户的访问请求，并且在接入控制服务器之间分配所接收的访问请求以进行处理。访问请求的子集指定要对指定的管理对象集执行的操作。根据正在请求访问的管理对象，将这些访问请求中的每一个发送到一个或多个访问控制服务器进行处理。访问控制服务器根据访问控制数据库中指定的访问权限，授予，拒绝和部分授予和拒绝在每个访问请求中请求的访问来响应来自用户的访问请求。

3. 发明授权

US5999978A Distributed system and method for controlling access to network resources and event notifications 失效
标题翻译：用于控制对网络资源和事件通知的访问的分布式系统和方法
公开(公告)号：US5999978A
公开(公告)日：1999-12-07
申请号：US962090
申请日：1997-10-31
申请人： Rajeev Angal , Sai V.S. Allavarpu , Shivaram Bhat , Bart Lee Fisher
发明人： Rajeev Angal , Sai V.S. Allavarpu , Shivaram Bhat , Bart Lee Fisher
IPC分类号： G06F13/00 , G06F1/00 , G06F12/14 , G06F21/00 , G06F13/38 , G06F15/17
CPC分类号： H04L63/105 , G06F21/305 , G06F21/604 , G06F21/6218 , H04L41/28 , G06F12/1483 , G06F2221/2101 , G06F2221/2141 , G06F2221/2145 , Y10S707/99939
摘要： An access control database defines access rights through the use of access control objects. The access control objects include group objects, each defining a group and a set of users who are members of the group, and rule objects. A first subset of the rule objects each specify a set of the group objects, a set of the management objects, and access rights by the users who are members of the groups defined by the specified set of the group objects to the specified set of management objects. The access control server responds to the access requests from the users by granting, denying and partially granting and denying the access requested in each access request in accordance with the access rights specified in the access control database. A second subset of the rule objects in the access control database each specify user access rights to event notifications generated by the specified set of management objects. An event registry is used for registering event notification requests by users, each event notification request specifying event notifications from specified sets of the management objects that are being requested. An event router receives event notifications generated by the management objects. It responds to each event notification by sending corresponding event notification messages to users who have registered a corresponding event notification request with the event registry and also have access rights to the received event notification in accordance with the access rights specified in the access control database.
摘要翻译：访问控制数据库通过使用访问控制对象来定义访问权限。访问控制对象包括组对象，每个对象定义组和一组作为组成员的用户以及规则对象。规则对象的第一个子集每个都指定一组组对象，一组管理对象，以及由指定的组对象定义的组的成员的用户到指定的一组管理的访问权限对象访问控制服务器根据访问控制数据库中指定的访问权限，通过授予，拒绝和部分授予和拒绝在每个访问请求中请求的访问来响应来自用户的访问请求。访问控制数据库中的规则对象的第二个子集每个都指定由指定的一组管理对象生成的事件通知的用户访问权限。事件注册表用于注册用户的事件通知请求，每个事件通知请求指定正在请求的管理对象的指定集合的事件通知。事件路由器接收管理对象生成的事件通知。它通过向已经向事件注册表注册了相应事件通知请求的用户发送相应的事件通知消息来响应每个事件通知，并且还根据访问控制数据库中指定的访问权限对接收的事件通知具有访问权限。

4. 发明授权

US08543810B1 Deployment tool and method for managing security lifecycle of a federated web service 有权
标题翻译：用于管理联合Web服务的安全生命周期的部署工具和方法
公开(公告)号：US08543810B1
公开(公告)日：2013-09-24
申请号：US11462780
申请日：2006-08-07
申请人： Rajeev Angal , Malla V. Simhachalam , Srividhya Narayanan
发明人： Rajeev Angal , Malla V. Simhachalam , Srividhya Narayanan
IPC分类号： H04L29/06
CPC分类号： H04L63/205 , H04L63/08
摘要： A method for managing a security lifecycle of a federated web service provider (WSP) is described. The method includes populating a graphical user interface with available security mechanisms, receiving a selection of a selected security mechanism from a user, and creating a deployment time policy generator for instantiating the selected security mechanism in outgoing messages generated by the WSP. A system and machine readable-medium for a deployment tool for performing the method are also described.
摘要翻译：描述了用于管理联合web服务提供商（WSP）的安全生命周期的方法。该方法包括使用可用的安全机制填充图形用户界面，从用户接收所选择的安全机制的选择，以及创建部署时间策略生成器，用于在由WSP生成的传出消息中实例化所选择的安全机制。还描述了用于执行该方法的部署工具的系统和机器可读介质。

5. 发明授权

US08099768B2 Method and system for multi-protocol single logout 有权
标题翻译：多协议单一注销的方法和系统
公开(公告)号：US08099768B2
公开(公告)日：2012-01-17
申请号：US12233377
申请日：2008-09-18
申请人： Qingwen Cheng , Ping Luo , Andrew Patterson , Rajeev Angal
发明人： Qingwen Cheng , Ping Luo , Andrew Patterson , Rajeev Angal
IPC分类号： H04L29/00
CPC分类号： G06F21/41 , H04L63/0815 , H04L69/18
摘要： A method for multi-protocol logout. The method includes receiving, by a first identity provider, a logout request from a user agent, wherein the first identity provider executes in a federation manager, and initiating a logout on a service provider associated with the first identity provider based on the logout request by the first identity provider. The method further includes identifying, by the federation manager, a plurality of identity providers associated with the user agent, wherein the plurality of identity providers communicate using heterogeneous federation protocols, and initiating, by the federation manager, a logout on each of the plurality of identity providers based on the logout request using the plurality of heterogeneous federation protocols. The method further includes initiating, by the plurality of identity providers, a logout of each service provider corresponding to the plurality of identity providers, identifying a status of each logout, and sending the status to the user agent.
摘要翻译：一种多协议注销的方法。所述方法包括由第一身份提供者接收来自用户代理的注销请求，其中所述第一身份提供者在联合管理器中执行，并且基于所述注销请求，在与所述第一身份提供商相关联的服务提供商上发起登出第一个身份提供商。所述方法还包括由所述联盟管理器识别与所述用户代理相关联的多个身份提供者，其中所述多个身份提供者使用异构联盟协议进行通信，并且由所述联盟管理器发起在所述多个基于使用多个异构联合协议的注销请求的身份提供者。所述方法还包括由所述多个身份提供者发起对应于所述多个身份提供者的每个服务提供商的注销，识别每个注销的状态，以及将所述状态发送给所述用户代理。

6. 发明授权

US06542932B1 Domain access control for logging systems 有权
标题翻译：记录系统的域访问控制
公开(公告)号：US06542932B1
公开(公告)日：2003-04-01
申请号：US09332270
申请日：1999-06-11
申请人： John P. Brinnand , Rajeev Angal , Balaji V. Pagadala
发明人： John P. Brinnand , Rajeev Angal , Balaji V. Pagadala
IPC分类号： G06F1516
CPC分类号： H04L41/0233 , G06F21/6218 , G06F2221/2101 , G06F2221/2141 , H04L63/104 , H04L63/1425
摘要： A method of and system for control of access to add an event notification as a log record in a computer system. Each potential log record is associated with one or more logs, each of which has one or more log owners. Grant of access to add a log record to the information in a particular log is restricted to the owner(s) of that log. A list of owners of a log can be changed from time to time, based upon present circumstances or the presence of special conditions.
摘要翻译：用于控制访问的方法和系统，以将事件通知作为日志记录添加到计算机系统中。每个潜在的日志记录与一个或多个日志相关联，每个日志都有一个或多个日志所有者。向特定日志中的信息添加日志记录的访问权限仅限于该日志的所有者。可以根据当前情况或特殊条件的存在，不时更改日志的所有者列表。

7. 发明授权

US06301624B1 Methods systems and software for alleviating event overload conditions for computer networks 有权
标题翻译：用于减轻计算机网络事件超载条件的方法系统和软件
公开(公告)号：US06301624B1
公开(公告)日：2001-10-09
申请号：US09205324
申请日：1998-12-04
申请人： Linda Lee , Subodh Bapat , Rajeev Angal
发明人： Linda Lee , Subodh Bapat , Rajeev Angal
IPC分类号： G06F1300
CPC分类号： H04L41/0681 , G06F9/542 , H04L29/06 , H04L41/0213 , H04L41/0226 , H04L69/08
摘要： A method for processing events generated by software and hardware entities installed on a computer network that avoids overload conditions at large event processing rates is provided. In one embodiment, the method includes the steps of providing a protocol translation facility that is configured to translate messages from a first network communications protocol to a second network communications protocol. The protocol translation facility is further configured to receive events transmitted by software and hardware entities on the network. The protocol translation facility forwards the events to a management information server. An event is received, and a determination is made whether an association between the protocol translation facility and the entity exists. The event is processed
摘要翻译：提供了一种用于处理安装在计算机网络上的软件和硬件实体生成的事件的方法，其避免了大事件处理速率下的过载状况。在一个实施例中，该方法包括以下步骤：提供被配置为将消息从第一网络通信协议转换为第二网络通信协议的协议转换设施。协议翻译设备还被配置为接收由网络上的软件和硬件实体发送的事件。协议转换工具将事件转发到管理信息服务器。接收事件，确定协议翻译设备与实体之间的关联是否存在。事件被处理

8. 发明授权

US06298378B1 Event distribution system for computer network management architecture 有权
标题翻译：计算机网络管理架构事件分配系统
公开(公告)号：US06298378B1
公开(公告)日：2001-10-02
申请号：US09205072
申请日：1998-12-04
申请人： Rajeev Angal , Shivaram Bhat , Subodh Bapat , Ragavendra Sondur
发明人： Rajeev Angal , Shivaram Bhat , Subodh Bapat , Ragavendra Sondur
IPC分类号： G06F15173
CPC分类号： G06F9/542 , H04L41/0604
摘要： Improved techniques for reporting events raised by entities running on computer networks are disclosed. The techniques provide an event distribution system that handles events generated by various software and other entities installed on a computer or communications network. The event distribution system is capable of handling large volumes of event traffic and can be installed and operated separately from other network management software components to provide thereby more robust operations in the case one or more components fail. In addition, the event distribution system can be scaled readily to handle greater volumes of network traffic. In one embodiment, an event distribution service is coupled with an event source. In addition, an event listener is provided on the computer network. When an event is generated from the event source and received by the event distribution system, the event distribution system processes and forwards the event, or a notification of the event, to an appropriate listener.
摘要翻译：披露了用于报告在计算机网络上运行的实体提出的事件的改进技术。这些技术提供了处理由计算机或通信网络上安装的各种软件和其他实体产生的事件的事件分发系统。事件分配系统能够处理大量事件流量，并且可以与其他网络管理软件组件分开安装和操作，从而在一个或多个组件出现故障的情况下提供更强大的操作。此外，事件分配系统可以轻松扩展，以处理更大量的网络流量。在一个实施例中，事件分发服务与事件源耦合。另外，在计算机网络上提供事件侦听器。当从事件源生成事件并由事件分发系统接收到事件时，事件分发系统将事件或事件的通知处理并转发给适当的侦听器。

9. 发明授权

US09230089B2 User device security manager 有权
标题翻译：用户设备安全管理器
公开(公告)号：US09230089B2
公开(公告)日：2016-01-05
申请号：US13709705
申请日：2012-12-10
申请人： Rajeev Angal
发明人： Rajeev Angal
IPC分类号： G06F21/30 , G06F21/44 , G06F21/31 , G06F21/10 , G06F21/60 , G06F21/62
CPC分类号： G06F21/44 , H04L63/10 , H04L63/12
摘要： Systems and methods are disclosed to authenticate and authorize a user for web services using user devices. In various embodiments, a method may comprise: identifying, by a user device security manager executing at a user device corresponding to a user of a web service, a first request issued from an application to access remote resources associated with the web service, the application executing at the user device and separate from the user device security manager; acquiring, by the user device security manager, security information of the application in response to the identifying of the first request, the security information including at least one of an application identification, an access scope or a nonce of the application; and transmitting a second request from the user device security manager to the web service to authenticate the application by the web service based, at least in part, on the application identification.
摘要翻译：公开了系统和方法，以使用用户设备来认证和授权用户进行web服务。在各种实施例中，一种方法可以包括：由用户设备在对应于web服务的用户的用户设备上执行的用户设备识别从应用程序发出的访问与web服务相关联的远程资源的第一请求，该应用在用户设备执行并与用户设备安全管理器分离; 所述安全信息包括应用标识，访问范围或所述应用的随机数中的至少一个;所述安全信息包括所述应用标识，访问范围或所述应用的随机数; 以及至少部分地基于所述应用标识，将来自所述用户设备安全管理器的第二请求从所述web服务发送到所述web服务以由所述web服务进行认证。

10. 发明申请

US20130086657A1 RELYING PARTY PLATFORM 有权
标题翻译：依靠派对平台
公开(公告)号：US20130086657A1
公开(公告)日：2013-04-04
申请号：US13464880
申请日：2012-05-04
申请人： Venkataraman Uppili Srinivasan , Rajeev Angal , Ajay Sondhi , Shivaram Bhat
发明人： Venkataraman Uppili Srinivasan , Rajeev Angal , Ajay Sondhi , Shivaram Bhat
IPC分类号： G06F21/00
CPC分类号： H04L63/10 , H04L9/3234 , H04L63/0815
摘要： A framework is provided for integrating Internet identities in enterprise identity and access management (IAM) infrastructures. A framework is provided for open authorization. A framework is also provided for relying party functionality.
摘要翻译：提供了一个框架，用于将企业身份和访问管理（IAM）基础设施中的Internet身份进行集成。提供了开放授权框架。还提供了依赖方功能的框架。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式