专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07240362B2 Providing identity-related information and preventing man-in-the-middle attacks 失效
标题翻译：提供身份相关信息和防止中间人的袭击
公开(公告)号：US07240362B2
公开(公告)日：2007-07-03
申请号：US10638184
申请日：2003-08-08
申请人： Birgit M. Pfitzmann , Michael Waidner
发明人： Birgit M. Pfitzmann , Michael Waidner
IPC分类号： H04L9/32
CPC分类号： H04L63/0815 , G06Q20/4014 , H04L63/1466 , H04L63/1483
摘要： This invention provides identity-related information about a client application to an honest requesting entity, ensuring identity of client applications and preventing man-in-the-middle attacks. An example method comprises transferring identity-related information hosted on an identity provider about a client application to an honest requesting entity by: the client application receiving from a particular entity a request to forward an inner request comprising an identifier of the honest requesting entity to an identity provider selected by the client application; the client application forwards the inner request to the identity provider holding the identity-related information; the client application receives from the identity provider a response envelope instructing the client application to forward an inner response comprising the identity-related information requested in the inner request and the identifier; the client application derives an address of the honest requesting entity having the identifier; and the client application forwards the inner response to the derived address.
摘要翻译：本发明提供关于客户端应用程序到诚实请求实体的身份相关信息，确保客户端应用程序的身份并防止中间人攻击。示例性方法包括：通过以下方式将托管在身份提供商上的身份相关信息转移到诚实请求实体：客户端应用程序从特定实体接收将包含诚实请求实体的标识符的内部请求转发到身份提供者由客户端应用程序选择; 客户应用程序将内部请求转发给持有身份相关信息的身份提供者; 客户端应用程序从身份提供者接收响应包络，指示客户端应用程序转发包含内部请求中请求的身份相关信息和标识符的内部响应; 客户端应用程序导出具有标识符的诚实请求实体的地址; 并且客户端应用程序将内部响应转发到派生地址。

2. 发明授权

US08819672B2 Multi-image migration system and method 有权
标题翻译：多图像迁移系统及方法
公开(公告)号：US08819672B2
公开(公告)日：2014-08-26
申请号：US12885752
申请日：2010-09-20
申请人： Nikolai A. Joukov , Birgit M. Pfitzmann
发明人： Nikolai A. Joukov , Birgit M. Pfitzmann
IPC分类号： G06F9/445
CPC分类号： G06F9/45558 , G06F8/63 , G06F2009/4557
摘要： A system and method for application migration include matching an infrastructure of a source application with a plurality of multi-image work sets from a catalog by selecting a mapping of components of the infrastructure with components in the multi-image work sets to provide one or more selected multi-images. The source application is migrated to a target environment using the one or more selected multi-images.
摘要翻译：用于应用迁移的系统和方法包括通过选择基础设施的组件与多图像工作集中的组件的映射来匹配源应用的基础设施与来自目录的多个多图像工作集，以提供一个或多个选择多图像。源应用程序使用一个或多个所选的多个映像迁移到目标环境。

3. 发明申请

US20120284389A1 METHOD TO AUTOMATICALLY MAP BUSINESS FUNCTION LEVEL POLICIES TO IT MANAGEMENT POLICIES 有权
公开(公告)号：US20120284389A1
公开(公告)日：2012-11-08
申请号：US13553342
申请日：2012-07-19
申请人： Alain C. Azagury , Murthy V. Devarakonda , Nikolai Joukov , Manoj Kumar , Konstantinos Magoutis , Birgit M. Pfitzmann , Norbert G. Vogl
发明人： Alain C. Azagury , Murthy V. Devarakonda , Nikolai Joukov , Manoj Kumar , Konstantinos Magoutis , Birgit M. Pfitzmann , Norbert G. Vogl
IPC分类号： G06F15/173
CPC分类号： G06F21/604 , G06F2221/2101
摘要： A method, system, computer program product, and computer program storage device for transforming a high-level policy associated with a high layer to a low-level policy associated with a low layer. Mapping between high-level objects in a high layer and low-level objects in a low layer is derived by an automated discovery tool. The high-level policy is mapped to the low-level policy according to the mapping (e.g., by substituting the high-level objects with the low-level objects and by performing a syntax transformation). In one embodiment, a low-level policy is transformed to a high-level policy according to the mapping. As exemplary embodiments, policy transformations in traffic shaping and data retention are disclosed.

4. 发明申请

US20120054727A1 SYSTEM AND METHOD FOR UPDATING HARD-CODED DEPENDENCIES 有权
标题翻译：用于更新硬编码依赖关系的系统和方法
公开(公告)号：US20120054727A1
公开(公告)日：2012-03-01
申请号：US12871468
申请日：2010-08-30
申请人： Nikolai A. Joukov , Joel P. Ossher , Birgit M. Pfitzmann , Vasily Tarasov
发明人： Nikolai A. Joukov , Joel P. Ossher , Birgit M. Pfitzmann , Vasily Tarasov
IPC分类号： G06F9/44
CPC分类号： G06F9/44505
摘要： A system and method includes discovering one or more instances of external resource access by statically analyzing application code. One or more locations of constants are identified in the application code and a configuration repository that specify addresses of discovered instances of external resource access. The application code and the configuration repository are updated to change values of the constants to enable migration.
摘要翻译：系统和方法包括通过静态分析应用代码来发现外部资源访问的一个或多个实例。在应用程序代码中标识一个或多个常量位置，以及指定外部资源访问的已发现实例的地址的配置库。更新应用程序代码和配置库以更改常量的值以启用迁移。

5. 发明授权

US07987253B2 Determining an applicable policy for an incoming message 失效
标题翻译：确定传入消息的适用策略
公开(公告)号：US07987253B2
公开(公告)日：2011-07-26
申请号：US12187861
申请日：2008-08-07
申请人： Birgit M. Pfitzmann
发明人： Birgit M. Pfitzmann
IPC分类号： G06F15/173
CPC分类号： G06F21/6209
摘要： Provides methods, apparatus and systems for determining an applicable policy for an incoming message having a service-level addressing element. A method includes the following steps: a) applying a potentially applicable policy (P1) on the incoming message to make the service-level addressing element of the incoming message visible, b) if the service-level addressing element of the incoming message gets visible and is the one to which the currently applied policy (P1) is associated, the currently applied policy (P1) is determined to be the applicable policy, and if not associated c) repeating steps a) and b) with a further potentially applicable policy (P2 . . . Pn).
摘要翻译：提供用于确定具有服务级别寻址元素的输入消息的适用策略的方法，装置和系统。一种方法包括以下步骤：a）对传入消息应用可能适用的策略（P1），使得传入消息的服务级寻址元素可见，b）如果传入消息的服务级寻址元素可见并且是当前应用策略（P1）所关联的策略（P1）的当前应用策略（P1）被确定为适用策略，如果不是相关联的c）重复步骤a）和b）具有进一步潜在适用的策略（P2 ... Pn）。

6. 发明申请

US20100319060A1 PROCESS AND SYSTEM FOR COMPREHENSIVE IT DISCOVERY WITHOUT CREDENTIALS 有权
标题翻译：没有认证的全面发现的过程和系统
公开(公告)号：US20100319060A1
公开(公告)日：2010-12-16
申请号：US12485345
申请日：2009-06-16
申请人： Louis E. Aiken , John K. Baker , Kamal Bhattacharya , Robert P. Boettcher , Murthy V. Devarakonda , Nikolai A. Joukov , Timothy P. Kane, SR. , Steve Lee , Matthew A. Markley , Birgit M. Pfitzmann , Michael Tacci , Norbert G. Vogl , Anthony G.D. Walker
发明人： Louis E. Aiken , John K. Baker , Kamal Bhattacharya , Robert P. Boettcher , Murthy V. Devarakonda , Nikolai A. Joukov , Timothy P. Kane, SR. , Steve Lee , Matthew A. Markley , Birgit M. Pfitzmann , Michael Tacci , Norbert G. Vogl , Anthony G.D. Walker
IPC分类号： H04L9/32 , G06F15/173
CPC分类号： G06F9/50 , H04L63/10
摘要： A method and system for discovering dependencies, configurations and utilizations among IT resources are disclosed. A discovery team writes a prediscovery script without requesting credentials and sends it to a system administrator (SA) who already has necessary credentials to execute the prediscovery script. Then, the SA reviews the prediscovery script and executes the prediscovery script on a target server. While or after executing the prediscovery script, the target server generates a result of an execution of the prediscovery script and provides the result to an analysis system. The analysis system analyzes and parses the result and generates a user-friendly data (e.g., graph or spreadsheet) that represents the result. Then, the analysis system provides the user-friendly data to the discovery team. The analysis system does not require credentials and does not directly communicate with the target server except receiving the result of the executed prediscovery script from the target server.
摘要翻译：公开了一种用于发现IT资源之间的依赖关系，配置和利用的方法和系统。发现团队写入一个预发现脚本而不需要凭据，并将其发送给已经具有执行预发现脚本的必需凭据的系统管理员（SA）。然后，SA会审查预发现脚本，并在目标服务器上执行预发现脚本。在执行预发现脚本之后或之后，目标服务器生成执行预发现脚本的结果，并将结果提供给分析系统。分析系统分析和分析结果，并生成表示结果的用户友好的数据（例如，图形或电子表格）。然后，分析系统向发现团队提供用户友好的数据。除了从目标服务器接收执行的预发现脚本的结果之外，分析系统不需要凭据，也不直接与目标服务器进行通信。

7. 发明申请

US20090307743A1 METHOD TO AUTOMATICALLY MAP BUSINESS FUNCTION LEVEL POLICIES TO IT MANAGEMENT POLICIES 失效
标题翻译：将业务功能水平自动映射到IT管理政策的方法
公开(公告)号：US20090307743A1
公开(公告)日：2009-12-10
申请号：US12134933
申请日：2008-06-06
申请人： Alain C. Azagury , Murthy V. Devarakonda , Nikolai Joukov , Manoj Kumar , Konstantinos Magoutis , Birgit M. Pfitzmann , Norbert G. Vogl
发明人： Alain C. Azagury , Murthy V. Devarakonda , Nikolai Joukov , Manoj Kumar , Konstantinos Magoutis , Birgit M. Pfitzmann , Norbert G. Vogl
IPC分类号： G06F21/00
CPC分类号： G06F21/604 , G06F2221/2101
摘要： A method, system, computer program product, and computer program storage device for transforming a high-level policy associated with a high layer to a low-level policy associated with a low layer. Mapping between high-level objects in a high layer and low-level objects in a low layer is derived by an automated discovery tool. The high-level policy is mapped to the low-level policy according to the mapping (e.g., by substituting the high-level objects with the low-level objects and by performing a syntax transformation). In one embodiment, a low-level policy is transformed to a high-level policy according to the mapping. As exemplary embodiments, policy transformations in traffic shaping and data retention are disclosed.
摘要翻译：一种用于将与高层相关联的高级策略变换为与低层相关联的低级策略的方法，系统，计算机程序产品和计算机程序存储设备。高层的高层对象与低层对象之间的映射是通过自动发现工具得出的。高级策略根据映射映射到低级策略（例如，通过用低级对象替换高级对象，并通过执行语法转换）。在一个实施例中，根据映射将低级策略转换为高级策略。作为示例性实施例，公开了流量整形和数据保持中的策略转换。

8. 发明申请

US20120109844A1 COST-BASED MIGRATION WAVES PLANNING 审中-公开
标题翻译：基于成本的移民规划
公开(公告)号：US20120109844A1
公开(公告)日：2012-05-03
申请号：US12938776
申请日：2010-11-03
申请人： Murthy Devarakonda , Nikolai A. Joukov , Birgit M. Pfitzmann , Lawrence H. Thompson
发明人： Murthy Devarakonda , Nikolai A. Joukov , Birgit M. Pfitzmann , Lawrence H. Thompson
IPC分类号： G06Q10/00
CPC分类号： G06Q10/00 , G06Q10/067
摘要： A system and method for cost-based migration planning includes determining cost factors and constraints associated with at least one of migrating and transforming a plurality of components. A cost-based model is constructed using the cost factors and constraints. The cost-based model is applied to groupings of the plurality of components to provide a cost-based determination grouping scheme in accordance with the constraints. The grouping scheme is output to provide migration waves for migrating or transforming the plurality of components.
摘要翻译：用于基于成本的迁移规划的系统和方法包括确定与迁移和变换多个组件中的至少一个相关联的成本因素和约束。使用成本因素和约束构建基于成本的模型。基于成本的模型被应用于多个组件的分组以根据约束提供基于成本的确定分组方案。输出分组方案以提供用于迁移或变换多个组件的迁移波。

9. 发明授权

US07941859B2 Reducing access to sensitive information 失效
标题翻译：减少访问敏感信息
公开(公告)号：US07941859B2
公开(公告)日：2011-05-10
申请号：US10874421
申请日：2004-06-23
申请人： Jan L. Camenisch , Birgit M. Pfitzmann , Matthias Schunter , Michael P. Waidner
发明人： Jan L. Camenisch , Birgit M. Pfitzmann , Matthias Schunter , Michael P. Waidner
IPC分类号： H04L17/30 , G06F17/30 , G06F12/14
CPC分类号： G06F21/6245
摘要： Method, system, and storage medium for reducing or minimizing access to sensitive information. A method includes identifying processes and data associated with a computer system and classifying each of the data as one of either sensitive information or non-sensitive information. The sensitive information includes at least one of: data that is personal to an individual, confidential data, and data that is legally subject to conditions of restricted use. For each of the processes the method includes selecting a process and a sensitive data item, modifying the sensitive data item, analyzing the behavior of at least the selected process, and preventing access of the sensitive data item by the selected process if, as a result of the analyzing, the sensitive data item is determined not to be needed by the selected process.
摘要翻译：用于减少或最小化敏感信息访问的方法，系统和存储介质。一种方法包括识别与计算机系统相关联的过程和数据，并将每个数据分类为敏感信息或非敏感信息之一。敏感信息包括以下至少一项：对个人个人的数据，机密数据和法律上受限于使用条件的数据。对于每个过程，该方法包括选择过程和敏感数据项，修改敏感数据项，分析至少所选过程的行为，以及如果结果，则阻止敏感数据项的访问。在分析的情况下，敏感数据项被确定为所选择的处理不需要。

10. 发明申请

US20100064134A1 SECURE IDENTITY MANAGEMENT 有权
标题翻译：安全认证管理
公开(公告)号：US20100064134A1
公开(公告)日：2010-03-11
申请号：US11565250
申请日：2006-11-30
申请人： Thomas R. Gross , Birgit M. Pfitzmann
发明人： Thomas R. Gross , Birgit M. Pfitzmann
IPC分类号： H04L29/06
CPC分类号： H04L63/0815 , G06F21/41
摘要： The invention relates to a method for providing an identity-related information (IRI) to a requesting entity (50) by means of an identity provider (40). The invention comprises: a first authenticity reference part generation step (IVa), comprising the generation of a first authenticity reference part (art 1) by the identity provider (40); a first authenticity reference communication step (IVb, IVd) between the client application (30) and the identity provider (40) comprising the communication of the first authenticity reference part (art 1); a second authenticity reference part generation step (VI), comprising the generation of a second authenticity reference part (art 2) by the identity provider (40); a second authenticity reference communication step (VIII, IX) between the identity provider (40) and the requesting entity (50) by means of the first communication protocol comprising the communication of the second authenticity reference part (art 2) and in the referrer element the communication of the first authenticity reference part (art 1).
摘要翻译：本发明涉及一种通过身份提供者（40）向请求实体（50）提供身份相关信息（IRI）的方法。本发明包括：第一真实性参考部分生成步骤（IVa），包括由身份提供者（40）生成第一真实性参考部分（艺术1）; 在客户端应用程序（30）和身份提供者（40）之间的第一真实性参考通信步骤（IVb，IVd）包括第一真实性参考部分的通信（第1条）; 第二真伪参考部分生成步骤（VI），包括由身份提供商（40）生成第二真实性参考部分（艺术2）; 通过包括第二真实性参考部分（技术2）的通信的第一通信协议和参照元素中的身份提供商（40）和请求实体（50）之间的第二真实性参考通信步骤（VIII，IX）第一真实性参考部分的通信（第1条）。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式