专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20050076248A1 Identity based service system 失效
标题翻译：基于身份的服务体系
公开(公告)号：US20050076248A1
公开(公告)日：2005-04-07
申请号：US10678910
申请日：2003-10-02
申请人： Conor Cahill , David Wexelblat , Norihiro Aoki , Steven Carriere , James Roskind , Christopher Toomey
发明人： Conor Cahill , David Wexelblat , Norihiro Aoki , Steven Carriere , James Roskind , Christopher Toomey
IPC分类号： G06F20060101 , H04L9/00 , H04L29/06
CPC分类号： H04L63/08 , G06Q20/0855 , G06Q20/382 , G06Q20/401
摘要： An identity based service system is provided, in which an identity is created and managed for a user or principal, such that at least a portion of the identity is available to use between one or more system entities. A discovery service enables a system entity to discover a service descriptor, given a service name and a name identifier of the user, whereby system entities can find and invoke the user's other personal web services. The discovery service preferably provides a translation between a plurality of namespaces, to prevent linkable identity information over time between system entities.
摘要翻译：提供了基于身份的服务系统，其中为用户或主体创建和管理身份，使得身份的至少一部分可用于一个或多个系统实体之间使用。发现服务使得系统实体能够发现服务描述符，给定用户的服务名称和名称标识符，由此系统实体可以找到并调用用户的其他个人web服务。发现服务优选地提供多个命名空间之间的转换，以防止系统实体之间随时间的可链接身份信息。

2. 发明申请

US20050216582A1 Seamless cross-site user authentication status detection and automatic login 有权
标题翻译：无缝跨站点用户身份验证状态检测和自动登录
公开(公告)号：US20050216582A1
公开(公告)日：2005-09-29
申请号：US10519774
申请日：2003-07-02
申请人： Christopher Toomey , Conor Cahill
发明人： Christopher Toomey , Conor Cahill
IPC分类号： G06F12/14 , G06F15/173 , G06F21/00 , H04L29/06
CPC分类号： H04L63/0807 , G06F21/41
摘要： A system and method for determining in a global network the user network authentication status as the user goes from site to site within the network is provided. Additionally, the system and method provides for transparent or implicit multi-site logon functionality, including automatic introduction from one site to the other using a baseline authentication agency (102). The system and method provides an architecture for a core global network (100) (referred to herein as NET) that incorporates some or all of the following features and components: a set of baseline authentication agencies responsible for the core global network (NET) services, such as login and user-selected service-provider lookup; a shared NET domain and associated DNS records (106) used for cookie (110) sharing, login routing, and the like; and a collection of partner sites (108) accessible via the NET.
摘要翻译：提供了一种用于在全球网络中确定用户在网络内的站点之间进行的用户网络认证状态的系统和方法。另外，系统和方法提供透明或隐式的多站点登录功能，包括使用基准认证机构自动将一个站点引入另一站点（102）。该系统和方法为包含以下特征和组件的一些或全部的核心全局网络（100）（本文称为NET）提供架构：负责核心全球网络（NET）服务的一组基准认证机构，例如登录和用户选择的服务提供商查找; 用于cookie（110）共享，登录路由等的共享NET域和相关联的DNS记录（106）; 以及通过网络访问的合作伙伴站点（108）的集合。

3. 发明申请

US20060080730A1 Affiliations within single sign-on systems 审中-公开
标题翻译：单点登录系统中的关联
公开(公告)号：US20060080730A1
公开(公告)日：2006-04-13
申请号：US10772843
申请日：2004-10-12
申请人： Conor Cahill , Christopher Toomey , Andrew Feng
发明人： Conor Cahill , Christopher Toomey , Andrew Feng
IPC分类号： G06F17/30 , G06F15/16 , G06F7/04 , G06F7/58 , G06K19/00 , G06K9/00 , H04L9/32
CPC分类号： H04L63/0815 , G06F21/41
摘要： The invention provides an affiliation within a single sign-on system, which affiliation comprises a group of service providers that have chosen to act as a single entity on a network from the point of view of authentication, federation, and authorization. This type of entity is used to implement functionality within a portal site, such as the Yahoo (see http://www.yahoo.com) portal with a Travelocity (see http://www.travelocity.com/) travel section that acts as part of Yahoo and not as part of Travelocity. In the preferred embodiment, there is an owner of the affiliation that is responsible for maintaining a list that shows which service providers are members of the affiliation, as well as any control structure or meta-data associated with the affiliation. Each affiliation must have an identifier that is unique within the single sign-on system in which the affiliation is defined. User actions associated with the affiliation apply to all entities within the affiliation.
摘要翻译：本发明提供了单一登录系统内的隶属关系，该联属系统包括从认证，联合和授权的角度选择在网络上充当单个实体的一组服务提供商。这种类型的实体用于在门户网站中实现功能，例如Yahoo（参见http://www.yahoo.com）门户与Travelocity（参见http://www.travelocity.com/）旅行部分作为雅虎的一部分，而不是Travelocity的一部分。在优选实施例中，存在隶属关系的所有者，其负责维护列出哪些服务提供者是隶属关系的成员，以及与关联关联的任何控制结构或元数据。每个隶属关系必须具有在定义关联的单一登录系统中唯一的标识符。与隶属关系相关联的用户操作适用于隶属关系中的所有实体。

4. 发明申请

US20050108551A1 Method and apparatus for trust-based, fine-grained rate limiting of network requests 有权
标题翻译：用于基于信任的细粒度网络请求速率限制的方法和装置
公开(公告)号：US20050108551A1
公开(公告)日：2005-05-19
申请号：US10759596
申请日：2004-01-15
申请人： Christopher Toomey
发明人： Christopher Toomey
IPC分类号： G06F20060101 , G06F21/00 , H04K1/00 , H04L9/32 , H04L29/06
CPC分类号： H04L63/08 , G06F21/31 , G06F21/33 , H04L9/002 , H04L9/3234 , H04L9/3297 , H04L63/123 , H04L63/126 , H04L63/1458 , H04L2209/42 , H04L2209/76 , H04L2209/80
摘要： A method and apparatus for fine-grained, trust-based rate limiting of network requests distinguishes trusted network traffic from untrusted network traffic at the granularity of an individual user/machine combination, so that network traffic policing measures are readily implemented against untrusted and potentially hostile traffic without compromising service to trusted users. A server establishes a user/client pair as trusted by issuing a trust token to the client when successfully authenticating to the server for the first time. Subsequently, the client provides the trust token at login. At the server, rate policies apportion bandwidth according to type of traffic: network requests that include a valid trust token are granted highest priority. Rate policies further specify bandwidth restrictions imposed for untrusted network traffic. This scheme enables the server to throttle untrusted password-guessing requests from crackers without penalizing most friendly logins and only slightly penalizing the relatively few untrusted friendly logins.
摘要翻译：用于细粒度，基于信任的速率限制网络请求的方法和装置以单个用户/机器组合的粒度区分可信任网络流量与不受信任网络流量，从而可以容易地实现网络流量监管措施来抵御不可信任和潜在的敌意流量，而不损害对可信用户的服务。当服务器首次成功验证时，服务器通过向客户端发出信任令牌来将用户/客户端对建立为受信任的。随后，客户端在登录时提供信任令牌。在服务器上，根据流量类型对速率策略分配带宽：包含有效信任令牌的网络请求被授予最高优先级。费率政策还规定了对不可信网络流量施加的带宽限制。该方案使服务器能够遏制来自饼干的不受信任的密码猜测请求，而不会对最友好的登录进行惩罚，并且只会对相对较少的不受信任的友好登录进行轻微惩罚。

5. 发明授权

US08464352B2 Techniques for detecting and preventing unintentional disclosures of sensitive data 有权
标题翻译：检测和防止敏感数据无意泄露的技术
公开(公告)号：US08464352B2
公开(公告)日：2013-06-11
申请号：US13205478
申请日：2011-08-08
申请人： Christopher Toomey
发明人： Christopher Toomey
IPC分类号： H04L9/32
CPC分类号： H04L63/1408 , G06F21/57 , G06F21/6245 , H04L63/1483
摘要： Protection is provided to prevent a computer user from unintentionally giving away sensitive data (e.g., security credentials, credit card number, PINs, personal data, or bank account number) to an illegitimate or unintended entity by means of a client application capable of communicating the sensitive data across a network to other computer users. To provide the protection, user input is monitored to detect a user entry of the sensitive data into the client application for communication to other users. When such an entry occurs, action is taken to reduce the likelihood of an unintentional giveaway of the sensitive data or to reduce the effects of an unintentional giveaway.
摘要翻译：提供保护以防止计算机用户通过能够通信的非法或非预期实体将敏感数据（例如，安全凭证，信用卡号，PIN，个人数据或银行帐号）通过网络向其他计算机用户提供敏感数据。为了提供保护，监视用户输入以检测敏感数据的用户输入到客户端应用程序以与其他用户通信。当这种情况发生时，采取行动来减少敏感数据的无意的赠送的可能性，或减少无意的赠品的影响。

6. 发明授权

US08832787B1 Implementing single sign-on across a heterogeneous collection of client/server and web-based applications 有权
标题翻译：在异构的客户端/服务器和基于Web的应用程序集合中实现单点登录
公开(公告)号：US08832787B1
公开(公告)日：2014-09-09
申请号：US12390110
申请日：2009-02-20
申请人： Aleksey Sanin , Christopher Toomey , Alan Keister , Andrew L. Wick , Robert Watkins , Xiaopeng Zhang , Russell Richards , Donald Eaves
发明人： Aleksey Sanin , Christopher Toomey , Alan Keister , Andrew L. Wick , Robert Watkins , Xiaopeng Zhang , Russell Richards , Donald Eaves
IPC分类号： G06F7/04 , H04L29/06
CPC分类号： H04L63/08 , G06F21/41 , G06Q20/3674 , H04L9/3234 , H04L9/3271 , H04L63/0815 , H04W12/06
摘要： Leveraging an established authenticated session in obtaining authentication to a client application includes receiving a request for access to a client application requiring authentication of a requestor and determining whether there exist characteristics of leverageable authentications corresponding to established sessions having an authenticated state at a time of the determination. When the determination reveals characteristics of at least one leverageable authentication corresponding to an established session, and attempt is made to obtain access for the requestor to the client application based on the at least one leverageable authentication, and the requestor is provided with a notification related to the 1 attempt to obtain access for the requestor to the client application.
摘要翻译：利用建立的认证会话来获得对客户端应用的认证包括：接收对需要认证请求者的客户端应用的访问请求，并且确定在确定时是否存在对应于具有认证状态的已建立会话的可执行认证的特征。当确定揭示与已建立的会话相对应的至少一个可操作认证的特征时，并且尝试基于所述至少一个可进行认证来获得对客户应用的请求者的访问，并且向请求者提供与 1尝试获取请求者访问客户端应用程序。

7. 发明授权

US07996910B2 Techniques for detecting and preventing unintentional disclosures of sensitive data 有权
标题翻译：检测和防止敏感数据无意泄露的技术
公开(公告)号：US07996910B2
公开(公告)日：2011-08-09
申请号：US11564943
申请日：2006-11-30
申请人： Christopher Toomey
发明人： Christopher Toomey
IPC分类号： H04L9/32 , G06K9/00
CPC分类号： H04L63/1408 , G06F21/57 , G06F21/6245 , H04L63/1483
摘要： Protection is provided to prevent a computer user from unintentionally giving away sensitive data (e.g., security credentials, credit card number, PINs, personal data, or bank account number) to an illegitimate or unintended entity by means of a client application capable of communicating the sensitive data across a network to other computer users. To provide the protection, user input is monitored to detect a user entry of the sensitive data into the client application for communication to other users. When such an entry occurs, action is taken to reduce the likelihood of an unintentional giveaway of the sensitive data or to reduce the effects of an unintentional giveaway.
摘要翻译：提供保护以防止计算机用户通过能够通信的非法或非预期实体将敏感数据（例如，安全凭证，信用卡号，PIN，个人数据或银行帐号）通过网络向其他计算机用户提供敏感数据。为了提供保护，监视用户输入以检测敏感数据的用户输入到客户端应用程序以与其他用户通信。当这种情况发生时，采取行动来减少敏感数据的无意的赠送的可能性，或减少无意的赠品的影响。

8. 发明授权

US07730137B1 Restricting the volume of outbound electronic messages originated by a single entity 有权
标题翻译：限制单个实体发起的出站电子邮件的数量
公开(公告)号：US07730137B1
公开(公告)日：2010-06-01
申请号：US10740820
申请日：2003-12-22
申请人： Christopher Toomey
发明人： Christopher Toomey
IPC分类号： G06F15/16
CPC分类号： H04L51/12
摘要： The volume of outgoing electronic messages from a given entity may be restricted by preventing the messages, such as spam, from being sent. Messages may be restricted, for example, by serializing outgoing messages using a mutual-exclusion locking technique or by using a ticket-based system. Serialization may occur, for example, at a web level in web-based implementations. In one system, a limited-use ticket is generated that allows an entity to send one or more electronic messages, and the ticket is provided to the entity. A request is received from the entity to send an electronic message, and the request is associated with the ticket and the electronic message. After receiving the request, a determination is made as to whether the ticket is valid and, if the ticket is determined to be valid, the electronic message is approved for sending.
摘要翻译：可以通过防止诸如垃圾邮件等消息被发送来限制来自给定实体的传出电子消息的数量。消息可能会受到限制，例如，通过使用互斥锁定技术或通过使用基于票证的系统序列化外发消息。序列化可能发生在例如基于Web的实现中的Web级别。在一个系统中，生成有限使用的票据，其允许实体发送一个或多个电子消息，并且该票据被提供给该实体。从实体接收到发送电子消息的请求，并且请求与票据和电子消息相关联。在接收到请求后，确定该机票是否有效，并且如果该机票被确定为有效，则该电子消息被批准用于发送。

9. 发明授权

US07500262B1 Implementing single sign-on across a heterogeneous collection of client/server and web-based applications 有权
标题翻译：在异构的客户端/服务器和基于Web的应用程序集合中实现单点登录
公开(公告)号：US07500262B1
公开(公告)日：2009-03-03
申请号：US10424995
申请日：2003-04-29
申请人： Aleksey Sanin , Christopher Toomey , Alan Keister , Andrew L. Wick , Robert Watkins , Donald Eaves , Xiaopeng Zhang , Russell Richards
发明人： Aleksey Sanin , Christopher Toomey , Alan Keister , Andrew L. Wick , Robert Watkins , Donald Eaves , Xiaopeng Zhang , Russell Richards
IPC分类号： G04F7/04 , G06F7/04 , G06F15/16 , H04K1/00
CPC分类号： H04L63/08 , G06F21/41 , G06Q20/3674 , H04L9/3234 , H04L9/3271 , H04L63/0815 , H04W12/06
摘要： Leveraging an established authenticated session in obtaining authentication to a client application includes receiving a request for access to a client application requiring authentication of a requestor and determining whether there exist characteristics of leverageable authentications corresponding to established sessions having an authenticated state at a time of the determination. When the determination reveals characteristics of at least one leverageable authentication corresponding to an established session, and attempt is made to obtain access for the requester to the client application based on the at least one leverageable authentication, and the requestor is provided with a notification related to the attempt to obtain access for the requester to the client application.
摘要翻译：利用建立的认证会话来获得对客户端应用的认证包括：接收对需要认证请求者的客户端应用的访问请求，并且确定在确定时是否存在对应于具有认证状态的已建立会话的可执行认证的特征。当确定揭示与所建立的会话相对应的至少一个可操作认证的特征时，并且尝试基于所述至少一个可操作认证来获得对客户应用的请求者的访问，并且向请求者提供与尝试获取请求者访问客户端应用程序。

10. 发明申请

US20070101427A1 TECHNIQUES FOR DETECTING AND PREVENTING UNINTENTIONAL DISCLOSURES OF SENSITIVE DATA 有权
标题翻译：检测和防止敏感数据的非正式披露的技术
公开(公告)号：US20070101427A1
公开(公告)日：2007-05-03
申请号：US11564943
申请日：2006-11-30
申请人： Christopher Toomey
发明人： Christopher Toomey
IPC分类号： G06F12/14 , G06F11/00 , H04N7/16 , H04L9/32 , G06F12/16 , G06F17/30 , G06F15/18 , G06F7/04 , G08B23/00 , G06K9/00 , H03M1/68 , H04K1/00 , H04L9/00
CPC分类号： H04L63/1408 , G06F21/57 , G06F21/6245 , H04L63/1483
摘要： Protection is provided to prevent a computer user from unintentionally giving away sensitive data (e.g., security credentials, credit card number, PINs, personal data, or bank account number) to an illegitimate or unintended entity by means of a client application capable of communicating the sensitive data across a network to other computer users. To provide the protection, user input is monitored to detect a user entry of the sensitive data into the client application for communication to other users. When such an entry occurs, action is taken to reduce the likelihood of an unintentional giveaway of the sensitive data or to reduce the effects of an unintentional giveaway.
摘要翻译：提供保护以防止计算机用户通过能够通信的非法或非预期实体将敏感数据（例如，安全凭证，信用卡号，PIN，个人数据或银行帐号）通过网络向其他计算机用户提供敏感数据。为了提供保护，监视用户输入以检测敏感数据的用户输入到客户端应用程序以与其他用户通信。当这种情况发生时，采取行动来减少敏感数据的无意的赠送的可能性，或减少无意的赠品的影响。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式