专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07650627B1 Abstract configuration files for efficient implementation of security services 有权
标题翻译：抽象配置文件，有效实现安全服务
公开(公告)号：US07650627B1
公开(公告)日：2010-01-19
申请号：US10857075
申请日：2004-05-28
申请人： Svetlana Stancheva , Jako Blagoev , Ekaterina Zheleva , Ilia Kacarov , Stephan Zlatarev , Hiltrud Jaeschke
发明人： Svetlana Stancheva , Jako Blagoev , Ekaterina Zheleva , Ilia Kacarov , Stephan Zlatarev , Hiltrud Jaeschke
IPC分类号： G06F17/00 , G06F7/04 , G06F17/30 , H04N7/16 , G06F21/00 , G06F11/30 , G06F12/14 , B41K3/38
CPC分类号： G06F12/1491 , G06F21/31 , G06F21/6218 , G06F2221/2115
摘要： A method is described that involves identifying a configuration file in response to a desire to obtain security services. The configuration file describes a security policy tailored for use in the environmental condition set under which the desire arose. The identifying is based upon at least a portion of the environmental condition set. The method also involves using information found within the configuration file to configure code that performs authentication and authorization services so that the code will implement the security policy.
摘要翻译：描述了响应于获得安全服务的愿望来识别配置文件的方法。该配置文件描述了一种针对在这种需求产生的环境条件下使用的安全策略。识别基于环境条件集的至少一部分。该方法还涉及使用配置文件中发现的信息来配置执行认证和授权服务的代码，以便代码实现安全策略。

2. 发明授权

US07823190B1 System and method for implementing a distributed keystore within an enterprise network 有权
标题翻译：在企业网络中实现分布式密钥库的系统和方法
公开(公告)号：US07823190B1
公开(公告)日：2010-10-26
申请号：US10860477
申请日：2004-06-02
申请人： Ilia Kacarov , Hiltrud Jaeschke , Stephan Zlatarev
发明人： Ilia Kacarov , Hiltrud Jaeschke , Stephan Zlatarev
IPC分类号： H04L9/08
CPC分类号： H04L63/06 , G06F21/6218 , H04L9/0836 , H04L9/0894 , H04L9/3226 , H04L9/3263 , H04L63/0823
摘要： A keystore is described which provides unique views of certificates and keys to particular application components and/or users. Upon receiving a request from a user and/or an application component to view keystore data, the keystore system implements a first set of security restrictions associated with the request and provides a limited view of the keystore data to the requesting user and/or application component based on the results of the first set of security restrictions. Then, upon detecting an attempt by the user and/or application component to access specified portions of the keystore data provided in the view, the keystore system implements a second set of security restrictions associated with the attempt to access the specified portions of the keystore data, and provides access to the keystore data to the user and/or application component based on the results of the second set of security restrictions.
摘要翻译：描述了密钥库，其向特定应用组件和/或用户提供证书和密钥的唯一视图。在从用户和/或应用组件接收到查看密钥库数据的请求时，密钥库系统实现与请求相关联的第一组安全限制，并且向请求用户和/或应用组件提供密钥库数据的有限视图基于第一套安全限制的结果。然后，当检测到用户和/或应用组件尝试访问视图中提供的密钥库数据的指定部分时，密钥库系统实现与访问密钥库数据的指定部分的尝试相关联的第二组安全限制，并且基于第二组安全限制的结果向密钥库数据提供对用户和/或应用组件的访问。

3. 发明授权

US07584355B1 Authentication service schemes 有权
标题翻译：认证服务方案
公开(公告)号：US07584355B1
公开(公告)日：2009-09-01
申请号：US10836937
申请日：2004-04-30
申请人： Svetlana Stancheva , Stephan Zlatarev , Maria Jurova , Hiltrud Jaeschke , Jako Blagoev
发明人： Svetlana Stancheva , Stephan Zlatarev , Maria Jurova , Hiltrud Jaeschke , Jako Blagoev
IPC分类号： H04L9/32 , H04L29/06 , H04L29/02
CPC分类号： H04L63/08 , H04L63/101
摘要： Improved authentication service schemes are described. A first technique enables application specific authentication services even if container-wide authentication services are made available. A second technique prevents an authentication service from being performed if an attempt is made to reach an item of insensitivity within a protected area. A third technique introduces “get/set” functions into a login module callback handler arrangement for retrieving/imposing information from/to a communication session with a user that the login module is authenticating. A fourth technique distributes a login context function so that a network resides between separate portions of the login context function. A fifth technique uses a fallback handler in an application based authentication service so that a container-wide authentication service can be used.
摘要翻译：描述了改进的认证服务方案。即使容器范围的身份验证服务可用，第一种技术也使应用程序特定的身份验证服务成为可能。如果试图达到保护区域内的不敏感项目，则第二种技术防止认证服务被执行。第三种技术将“获取/设置”功能引入到登录模块回调处理机构中，用于从登录模块正在认证的用户检索/加密信息到通信会话。第四种技术分配登录上下文功能，使得网络驻留在登录上下文功能的不同部分之间。第五种技术在基于应用程序的身份验证服务中使用回退处理程序，以便可以使用容器范围的身份验证服务。

4. 发明授权

US07490347B1 Hierarchical security domain model 有权
标题翻译：分层安全域模型
公开(公告)号：US07490347B1
公开(公告)日：2009-02-10
申请号：US10837397
申请日：2004-04-30
申请人： Juergen Schneider , Hiltrud Jaeschke , Maria Jurova , Stephan H. Zlatarev
发明人： Juergen Schneider , Hiltrud Jaeschke , Maria Jurova , Stephan H. Zlatarev
IPC分类号： H04L29/00
CPC分类号： H04L63/0815 , H04L63/104 , H04L63/105
摘要： According to one aspect of the invention, a hierarchy of security domains and a method for granting a user access to the security domains are provided. The hierarchy of security domains includes multiple security levels and relationships between particular security domains. When a user is authenticated and/or authorized for access to a first security domain, the user is tagged as having been granted access to that security domain. If the user attempts to access a related security domain with a lower security level, the user is granted access without having to be re-authenticated and/or re-authorized. If the user attempts to access a related security domain with a higher security level, the user must be re-authenticated and/or re-authorized be access is granted to the security domain with the higher security level.
摘要翻译：根据本发明的一个方面，提供了安全域的层次结构和用于授予用户对安全域的访问的方法。安全域的层次结构包括多个安全级别和特定安全域之间的关系。当用户被认证和/或被授权访问第一安全域时，用户被标记为已经被授权对该安全域的访问。如果用户尝试访问安全级别较低的相关安全域，则无需经过重新身份验证和/或重新授权即可授予用户访问权限。如果用户尝试访问具有较高安全级别的相关安全域，则必须对用户进行重新认证和/或重新授权，才能将访问权限授予具有较高安全级别的安全域。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式