专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07251834B2 Filtering a permission set using permission requests associated with a code assembly 有权
标题翻译：使用与代码程序集相关联的权限请求过滤权限集
公开(公告)号：US07251834B2
公开(公告)日：2007-07-31
申请号：US11254839
申请日：2005-10-20
申请人： Brian A. LaMacchia , Loren M. Kohnfelder , Gregory D. Fee , Michael J. Toutonghi
发明人： Brian A. LaMacchia , Loren M. Kohnfelder , Gregory D. Fee , Michael J. Toutonghi
IPC分类号： G06F7/04 , G06F17/30 , G06K9/00 , H03M1/68 , H04K1/00 , H04L9/00 , H04L9/32
CPC分类号： G06F21/52
摘要： A security policy manager generates a permission grant set for a code assembly received from a resource location. The policy manager can execute in a computer system (e.g., a Web client) in combination with the verification module and class loader of the run-time environment. The permission grant set generated for a code assembly is applied in the run-time call stack to help the system determine whether a given system operation by the code assembly is authorized. A permission request set may also be received in association with the code assembly. The permission request set may include a minimum request set, specifying permissions required by the code assembly to run properly. The permission request set may also include an optional request set, specifying permissions requested by the code assembly to provide an alternative level of functionality. In addition, the permission request set may include a refuse request set, specifying permissions that are not to be granted to the code assembly. The permission requests are used to filter a permission set to generate a permission grant set.
摘要翻译：安全策略管理器为从资源位置接收到的代码集合生成许可权授予集。策略管理器可以与计算机系统（例如，Web客户机）一起在运行时环境的验证模块和类加载器的组合中执行。为代码组合生成的许可授权集合被应用于运行时调用堆栈中，以帮助系统确定代码组件的给定系统操作是否被授权。还可以与代码组合相关联地接收许可请求集合。许可请求集可以包括最小请求集，指定代码组件正确运行所需的权限。许可请求集还可以包括可选的请求集合，指定代码组件请求的许可以提供替代级别的功能。此外，许可请求集合可以包括垃圾请求集合，指定不被授予代码组件的权限。权限请求用于过滤权限集以生成权限授予集。

2. 发明授权

US07310822B2 Filtering a permission set using permission requests associated with a code assembly 有权
公开(公告)号：US07310822B2
公开(公告)日：2007-12-18
申请号：US11272639
申请日：2005-11-14
申请人： Brian A. LaMacchia , Loren M. Kohnfelder , Gregory D. Fee , Michael J. Toutonghi
发明人： Brian A. LaMacchia , Loren M. Kohnfelder , Gregory D. Fee , Michael J. Toutonghi
IPC分类号： G06F7/04 , G06F17/30 , G06K9/00 , H03M1/58 , H04K1/00 , H04L9/00 , H04L9/32
CPC分类号： G06F21/52
摘要： A security policy manager generates a permission grant set for a code assembly received from a resource location. The policy manager can execute in a computer system (e.g., a Web client) in combination with the verification module and class loader of the run-time environment. The permission grant set generated for a code assembly is applied in the run-time call stack to help the system determine whether a given system operation by the code assembly is authorized. A permission request set may also be received in association with the code assembly. The permission request set may include a minimum request set, specifying permissions required by the code assembly to run properly. The permission request set may also include an optional request set, specifying permissions requested by the code assembly to provide an alternative level of functionality. In addition, the permission request set may include a refuse request set, specifying permissions that are not to be granted to the code assembly. The permission requests are used to filter a permission set to generate a permission grant set.

3. 发明授权

US07051366B1 Evidence-based security policy manager 有权
标题翻译：以证据为基础的安全策略经理
公开(公告)号：US07051366B1
公开(公告)日：2006-05-23
申请号：US09598534
申请日：2000-06-21
申请人： Brian A LaMacchia , Loren M. Kohnfelder , Gregory Darrell Fee , Michael J. Toutonghi
发明人： Brian A LaMacchia , Loren M. Kohnfelder , Gregory Darrell Fee , Michael J. Toutonghi
IPC分类号： G06F15/16 , G06F17/30 , H04L9/32
CPC分类号： G06F21/6218 , G06F21/6209 , G06F2221/2141
摘要： An evidence-based policy manager generates a permission grant set for a code assembly received from a resource location. The policy manager executes in a computer system (e.g., a Web client or server) in combination with the verification module and class loader of the run-time environment. The permission grant set generated for a code assembly is applied in the run-time call stack to help the system determine whether a given system operation by the code assembly is authorized. Both code assemblies and evidence may be received from a local origin or from a remote resource location via a network (e.g., the Internet). The policy manager may comprise execution modules for parsing a security policy specification, generating a one or more code hierarchies, evaluating membership of the received code assembly in one or more code groups, and generating a permission grant set based upon this membership evaluation.
摘要翻译：基于证据的策略管理器为从资源位置接收到的代码集合生成许可授权集。策略管理器与计算机系统（例如，Web客户端或服务器）结合运行时环境的验证模块和类加载器一起执行。为代码组合生成的许可授权集合被应用于运行时调用堆栈中，以帮助系统确定代码组件的给定系统操作是否被授权。代码集合和证据可以经由网络（例如，因特网）从本地来源或远程资源位置接收。策略管理器可以包括用于解析安全策略规范的执行模块，生成一个或多个代码层次，评估在一个或多个代码组中接收的代码组合的成员资格，以及基于该成员资格评估生成许可授权集合。

4. 发明授权

US06981281B1 Filtering a permission set using permission requests associated with a code assembly 有权
标题翻译：使用与代码程序集相关联的权限请求过滤权限集
公开(公告)号：US06981281B1
公开(公告)日：2005-12-27
申请号：US09599015
申请日：2000-06-21
申请人： Brian A. LaMacchia , Loren M. Kohnfelder , Gregory Darrell Fee , Michael J. Toutonghi
发明人： Brian A. LaMacchia , Loren M. Kohnfelder , Gregory Darrell Fee , Michael J. Toutonghi
IPC分类号： G06F21/22 , G06F1/00 , G06F21/00 , H04L9/00 , G06F11/30 , G06F12/14 , H04L9/32
CPC分类号： G06F21/52
摘要： A security policy manager generates a permission grant set for a code assembly received from a resource location. The policy manager can execute in a computer system (e.g., a Web client) in combination with the verification module and class loader of the run-time environment. The permission grant set generated for a code assembly is applied in the run-time call stack to help the system determine whether a given system operation by the code assembly is authorized. A permission request set may also be received in association with the code assembly. The permission request set may include a minimum request set, specifying permissions required by the code assembly to run properly. The permission request set may also include an optional request set, specifying permissions requested by the code assembly to provide an alternative level of functionality. In addition, the permission request set may include a refuse request set, specifying permissions that are not to be granted to the code assembly. The permission requests are used to filter a permission set to generate a permission grant set.
摘要翻译：安全策略管理器为从资源位置接收到的代码集合生成许可权授予集。策略管理器可以与计算机系统（例如，Web客户机）一起在运行时环境的验证模块和类加载器的组合中执行。为代码组合生成的许可授权集合被应用于运行时调用堆栈中，以帮助系统确定代码组件的给定系统操作是否被授权。还可以与代码组合相关联地接收许可请求集合。许可请求集可以包括最小请求集，指定代码组件正确运行所需的权限。许可请求集还可以包括可选的请求集合，指定代码组件请求的许可以提供替代级别的功能。此外，许可请求集合可以包括垃圾请求集合，指定不被授予代码组件的权限。权限请求用于过滤权限集以生成权限授予集。

5. 发明授权

US07620731B1 Isolated persistent storage 有权
标题翻译：隔离持久存储
公开(公告)号：US07620731B1
公开(公告)日：2009-11-17
申请号：US09790840
申请日：2001-02-21
申请人： Shajan Dasan , Loren M. Kohnfelder , Michael J. Toutonghi
发明人： Shajan Dasan , Loren M. Kohnfelder , Michael J. Toutonghi
IPC分类号： G06F15/173
CPC分类号： G06F9/52
摘要： An isolated persistent storage object accesses an isolated persistent storage region using identities of the application, an underlying component of the application, and optionally the user. Direct access to the isolated persistent storage region is available only to the isolated persistent storage object and is unavailable to other components. Accordingly, other components access the isolated persistent storage region through the isolated persistent storage object, which determines the specific location (e.g., specified by an internally constructed path name) and performs the access operation on behalf of the calling component. The application identity and the component identity are converted to typed identity names for use in the construction of the path name.
摘要翻译：孤立的持久存储对象使用应用程序的标识，应用程序的底层组件以及可选的用户来访问隔离的持久存储区域。对隔离的持久存储区域的直接访问仅对隔离的持久存储对象可用，对其他组件不可用。因此，其他组件通过隔离的持久存储对象访问隔离的持久存储区域，该隔离的持久存储对象确定特定位置（例如，由内部构造的路径名称指定），并代表主叫组件执行访问操作。应用程序标识和组件标识将转换为类型化的标识名称，以用于构建路径名。

6. 发明授权

US07155606B1 Method and system for accepting preverified information 失效
标题翻译：接受预验证信息的方法和系统
公开(公告)号：US07155606B1
公开(公告)日：2006-12-26
申请号：US09548056
申请日：2000-04-12
申请人： Michael D. Smith , Brian A. Lamacchia , Michael J. Toutonghi
发明人： Michael D. Smith , Brian A. Lamacchia , Michael J. Toutonghi
IPC分类号： H04L9/32
CPC分类号： H04L9/3247 , G06F21/51 , H04L63/12 , H04L2209/80
摘要： A method for ensuring the integrity of a receiving system in a distributed computing environment includes receiving information from a transmitting system. The method also includes testing whether the information is preverified information. If the information is not preverified, the method includes verifying the information or rejecting receipt of the information. If the information is preverified, the method includes testing if the information was received from a trusted transmitting system. If the information was received from a trusted transmitting system, the method includes accepting receipt of the information without reverifying. If the information was not received from a trusted transmitting system, the method includes verifying the information or rejecting receipt of the information.
摘要翻译：一种用于确保分布式计算环境中的接收系统的完整性的方法包括从发送系统接收信息。该方法还包括测试信息是否是预验证信息。如果信息未被预验证，则该方法包括验证信息或拒绝接收信息。如果信息被预验证，则该方法包括测试是否从可信发送系统接收到该信息。如果从受信任的发送系统接收到该信息，则该方法包括接收该信息而不重新验证。如果没有从可信任的发送系统接收到该信息，则该方法包括验证该信息或拒绝该信息的接收。

7. 发明授权

US07475058B2 Method and system for providing a distributed querying and filtering system 有权
标题翻译：提供分布式查询和过滤系统的方法和系统
公开(公告)号：US07475058B2
公开(公告)日：2009-01-06
申请号：US10017689
申请日：2001-12-14
申请人： GopalaKrishna Reddy Kakivaya , Michael J. Toutonghi , Savithri Dani
发明人： GopalaKrishna Reddy Kakivaya , Michael J. Toutonghi , Savithri Dani
IPC分类号： G06F17/30
CPC分类号： G06F17/30914 , G06F17/30427 , G06F17/30545 , Y10S707/99933
摘要： In a distributed system querying and navigating data structures, databases, and XML documents in uniform and extensible manner is provided. Queries are defined that provide type information to a variety of digital objects. As such, the underlying data format is abstracted thereby allowing a single query to apply to multiple digital devices even though the multiple digital devices store their data in a different native format.
摘要翻译：在分布式系统中，以统一和可扩展的方式查询和导航数据结构，数据库和XML文档。定义了向各种数字对象提供类型信息的查询。因此，底层数据格式被抽象，从而允许将单个查询应用于多个数字设备，即使多个数字设备以不同的本机格式存储其数据。

8. 发明授权

US08355990B2 Sharing and monetization of content 有权
标题翻译：分享内容的货币化
公开(公告)号：US08355990B2
公开(公告)日：2013-01-15
申请号：US11971203
申请日：2008-01-08
申请人： Michael J. Toutonghi
发明人： Michael J. Toutonghi
IPC分类号： G06F21/00
CPC分类号： G06Q20/14 , G06Q20/102 , G06Q20/123 , G06Q30/02 , G06Q30/0273 , G06Q30/0601 , G07F11/002
摘要： Embodiments of the invention provide a method, comprising hosting content on behalf of content owners who own the content; enabling content sharers to share the content through the creation of links to the content; generating revenue through the use of the content; and sharing said revenue with the content owners and the content sharers.
摘要翻译：本发明的实施例提供了一种方法，包括代表拥有内容的内容所有者托管内容; 通过创建链接到内容，使内容共享者能够共享内容; 通过使用内容创造收入; 并与内容所有者和内容共享者共享收入。

9. 发明授权

US07430758B2 Prompt authentication 有权
标题翻译：提示认证
公开(公告)号：US07430758B2
公开(公告)日：2008-09-30
申请号：US10773717
申请日：2004-02-05
申请人： Michael J. Toutonghi
发明人： Michael J. Toutonghi
IPC分类号： G06F7/04 , G06F7/58 , G06F15/16 , G06F17/30 , G06K9/00 , H04L9/32 , G06F12/00 , G06F12/14 , G06F13/00 , G11C7/00 , H04K1/00
CPC分类号： G06F21/31 , G06F21/44 , G06F2221/2103 , G06F2221/2119
摘要： An authentication graphic included in a password prompt can allow a user to visually authenticate the password prompt. In one embodiment, the present invention includes a client device receiving a password challenge from a server, and displaying a prompt asking the user for a password, the prompt including an authentication graphic visible to the user.
摘要翻译：密码提示中包含的认证图形可以允许用户在视觉上验证密码提示。在一个实施例中，本发明包括从服务器接收密码挑战的客户端设备，并且显示提示询问用户密码的提示，该提示包括用户可见的验证图形。

10. 发明授权

US06473800B1 Declarative permission requests in a computer system 失效
标题翻译：计算机系统中的声明权限请求
公开(公告)号：US06473800B1
公开(公告)日：2002-10-29
申请号：US09116551
申请日：1998-07-15
申请人： Michael S. Jerger , Jeffrey A. Bisset , Craig T. Sinclair , Michael J. Toutonghi
发明人： Michael S. Jerger , Jeffrey A. Bisset , Craig T. Sinclair , Michael J. Toutonghi
IPC分类号： G06F1730
CPC分类号： G06F21/52
摘要： Computer-based systems and methods are disclosed for a comprehensive security model for managing active content downloaded from a computer network. The security model includes the configuration of a system security policy that is stored on a host computer. The system security policy is configured by security zone in progressively “finer grain” levels with each level associated with and defining the previous level. These levels may include: protected operations; user permission sets, permissions, parameters and primitives. In the disclosed method and systems, a publisher of active content specifies a requested permission set that includes a list the permissions (defined by parameters, which are defined by primitives) that the active content requires in order to run on the host system. The requested permission set is external to the active content so that it is not necessary to run the active content in order to discover the permissions that the active content requires in order to run. The requested permission set may be included in a signed code package wherein the identity of the active content publisher is guaranteed. A digital signature of the signed code package also guarantees that the contents of the signed code package, including active content, support files, and the requested permission set have not been altered or otherwise corrupted since the signed code package was published. The requested permission set may also be included in a catalog file that can be downloaded separately from the active content.
摘要翻译：公开了基于计算机的系统和方法，用于管理从计算机网络下载的活动内容的综合安全模型。安全模型包括存储在主机上的系统安全策略的配置。系统安全策略由安全区域逐步“细粒度”级配置，每个级别与先前级别相关联并定义。这些级别可能包括：受保护的操作; 用户权限集，权限，参数和原语。在公开的方法和系统中，活动内容的发布者指定所请求的权限集合，其包括活动内容为了在主机系统上运行而需要的权限（由基元定义的参数定义）的列表。所请求的权限集合在活动内容的外部，因此不需要运行活动内容，以便发现活动内容为了运行而需要的权限。所请求的权限集可以被包括在签名的代码包中，其中有效内容发布者的身份被保证。签名代码包的数字签名还保证签名的代码包的内容，包括活动内容，支持文件和请求的权限集合，因为已签发的代码包已发布，所以未被更改或损坏。所请求的权限集还可以被包括在可以与活动内容分开地下载的目录文件中。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式