专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08688591B2 Anonymous separation of duties with credentials 失效
标题翻译：匿名分离职责与凭证
公开(公告)号：US08688591B2
公开(公告)日：2014-04-01
申请号：US12536874
申请日：2009-08-06
申请人： Jan L. Camenisch , Christopher J. Giblin , Thomas R. Gross , Guenter Karjoth
发明人： Jan L. Camenisch , Christopher J. Giblin , Thomas R. Gross , Guenter Karjoth
IPC分类号： G06Q20/00
CPC分类号： G06Q10/00 , G06Q10/063 , G06Q20/383 , G06Q30/018
摘要： A system for anonymous separation of duties with credentials includes an identity provider, the identity provider configured to issue anonymous credentials to a user based on one or more attributes of the user; a service provider, the service provider configured to issue a pseudonym to the user based on the user's anonymous credentials, and to associate the user's pseudonym with a step of an instance of a business process hosted on the service provider, the step being completed by the user; and an auditor, the auditor configured to determine if the completion of the step of the instance of the business process by the user is compliant with a separation of duties policy.
摘要翻译：用于凭借凭证匿名分离职责的系统包括身份提供者，身份提供者被配置为基于用户的一个或多个属性向用户发布匿名凭证; 服务提供商，所述服务提供商被配置为基于所述用户的匿名凭证向所述用户发布假名，并且将所述用户的假名与所述服务提供商上托管的业务流程的实例的步骤相关联，所述步骤由用户; 和审核员，审核员被配置为确定用户完成业务流程实例的步骤是否符合职责分离政策。

2. 发明申请

US20110035241A1 Anonymous Separation of Duties with Credentials 失效
标题翻译：匿名分离职责与证书
公开(公告)号：US20110035241A1
公开(公告)日：2011-02-10
申请号：US12536874
申请日：2009-08-06
申请人： Jan Camenisch , Christopher J. Giblin , Thomas R. Gross , Guenter Karjoth
发明人： Jan Camenisch , Christopher J. Giblin , Thomas R. Gross , Guenter Karjoth
IPC分类号： G06Q10/00 , G06Q99/00
CPC分类号： G06Q10/00 , G06Q10/063 , G06Q20/383 , G06Q30/018
摘要： A system for anonymous separation of duties with credentials includes an identity provider, the identity provider configured to issue anonymous credentials to a user based on one or more attributes of the user; a service provider, the service provider configured to issue a pseudonym to the user based on the user's anonymous credentials, and to associate the user's pseudonym with a step of an instance of a business process hosted on the service provider, the step being completed by the user; and an auditor, the auditor configured to determine if the completion of the step of the instance of the business process by the user is compliant with a separation of duties policy.
摘要翻译：用于凭借凭证匿名分离职责的系统包括身份提供者，身份提供者被配置为基于用户的一个或多个属性向用户发布匿名凭证; 服务提供商，所述服务提供商被配置为基于所述用户的匿名凭证向所述用户发布假名，并且将所述用户的假名与所述服务提供商上托管的业务流程的实例的步骤相关联，所述步骤由用户; 和审核员，审核员被配置为确定用户完成业务流程实例的步骤是否符合职责分离政策。

3. 发明申请

US20110247046A1 Access control in data processing systems 失效
标题翻译：数据处理系统中的访问控制
公开(公告)号：US20110247046A1
公开(公告)日：2011-10-06
申请号：US13077881
申请日：2011-03-31
申请人： Thomas R. Gross , Guenter Karjoth
发明人： Thomas R. Gross , Guenter Karjoth
IPC分类号： G06F21/00
CPC分类号： H04L63/10 , G06F21/00 , G06F21/6218 , G06F2221/2141 , H04L63/20
摘要： A policy data structure defines predetermined authorizations, each relating to authorization of at least one user to access at least one resource as well as to dynamic access requests. Each dynamic access request indicates a condition to be satisfied by a respective set of attributes associated with a user request to access a resource and for the request to be granted in absence of an authorization determinative of the request. If the structure does not define an authorization for a request to access a resource, it is determined whether the structure defines a dynamic access requirement determinative for the request, and if so, whether to grant the request in accordance with the respective set of attributes associated with the request. For at least one request, after determining whether to grant the request, a dynamic authorization relating to authorization to access the resource within the request is added to the structure.
摘要翻译：策略数据结构定义了预定授权，每个授权涉及至少一个用户访问至少一个资源以及动态访问请求的授权。每个动态访问请求指示通过与访问资源的用户请求相关联的相应属性集以及在没有对请求的授权决定性的情况下被授予的请求来满足的条件。如果结构没有定义对访问资源的请求的授权，则确定结构是否定义了针对请求的动态访问需求确定性，如果是，则是否根据相关属性集合来授予请求与请求。对于至少一个请求，在确定是否授予请求之后，向该结构添加与请求中访问资源的授权有关的动态授权。

4. 发明授权

US08875224B2 Access control in data processing system 有权
标题翻译：数据处理系统中的访问控制
公开(公告)号：US08875224B2
公开(公告)日：2014-10-28
申请号：US13460842
申请日：2012-05-01
申请人： Thomas R. Gross , Guenter Karjoth
发明人： Thomas R. Gross , Guenter Karjoth
IPC分类号： G06F9/00 , G06F21/00
CPC分类号： H04L63/10 , G06F21/00 , G06F21/6218 , G06F2221/2141 , H04L63/20
摘要： A policy data structure defines predetermined authorizations, each relating to authorization of at least one user to access at least one resource as well as to dynamic access requests. Each dynamic access request indicates a condition to be satisfied by a respective set of attributes associated with a user request to access a resource and for the request to be granted in absence of an authorization determinative of the request. If the structure does not define an authorization for a request to access a resource, it is determined whether the structure defines a dynamic access requirement determinative for the request, and if so, whether to grant the request in accordance with the respective set of attributes associated with the request. For at least one request, after determining whether to grant the request, a dynamic authorization relating to authorization to access the resource within the request is added to the structure.
摘要翻译：策略数据结构定义了预定授权，每个授权涉及至少一个用户访问至少一个资源以及动态访问请求的授权。每个动态访问请求指示通过与访问资源的用户请求相关联的相应属性集以及在没有对请求的授权决定性的情况下被授予的请求来满足的条件。如果结构没有定义用于访问资源的请求的授权，则确定结构是否定义了针对请求的动态访问需求确定性，并且如果是，是否根据相关属性集合来授予请求与请求。对于至少一个请求，在确定是否授予请求之后，向该结构添加与请求中访问资源的授权有关的动态授权。

5. 发明申请

US20120216247A1 Access control in data processing system 有权
标题翻译：数据处理系统中的访问控制
公开(公告)号：US20120216247A1
公开(公告)日：2012-08-23
申请号：US13460842
申请日：2012-05-01
申请人： Thomas R. Gross , Guenter Karjoth
发明人： Thomas R. Gross , Guenter Karjoth
IPC分类号： G06F21/00
CPC分类号： H04L63/10 , G06F21/00 , G06F21/6218 , G06F2221/2141 , H04L63/20
摘要： A policy data structure defines predetermined authorizations, each relating to authorization of at least one user to access at least one resource as well as to dynamic access requests. Each dynamic access request indicates a condition to be satisfied by a respective set of attributes associated with a user request to access a resource and for the request to be granted in absence of an authorization determinative of the request. If the structure does not define an authorization for a request to access a resource, it is determined whether the structure defines a dynamic access requirement determinative for the request, and if so, whether to grant the request in accordance with the respective set of attributes associated with the request. For at least one request, after determining whether to grant the request, a dynamic authorization relating to authorization to access the resource within the request is added to the structure.
摘要翻译：策略数据结构定义了预定授权，每个授权涉及至少一个用户访问至少一个资源以及动态访问请求的授权。每个动态访问请求指示通过与访问资源的用户请求相关联的相应属性集以及在没有对请求的授权决定性的情况下被授予的请求来满足的条件。如果结构没有定义用于访问资源的请求的授权，则确定结构是否定义了针对请求的动态访问需求确定性，并且如果是，是否根据相关属性集合来授予请求与请求。对于至少一个请求，在确定是否授予请求之后，向该结构添加与请求中访问资源的授权有关的动态授权。

6. 发明申请

US20080204243A1 Tag Identification System 失效
标题翻译：标签识别系统
公开(公告)号：US20080204243A1
公开(公告)日：2008-08-28
申请号：US11957695
申请日：2007-12-17
申请人： Michael Backes , Thomas R. Gross , Guenter Karjoth
发明人： Michael Backes , Thomas R. Gross , Guenter Karjoth
IPC分类号： G08B13/14
CPC分类号： G06Q10/08 , G06Q10/087 , G08B13/14
摘要： The present invention relates to a tag identification system comprising: a plurality of tags, each tag being identifiable by an associated tag identifier, and at least one tag comprising at least one link to at least one other tag in said group.
摘要翻译：标签识别系统技术领域本发明涉及一种标签识别系统，包括：多个标签，每个标签可由关联的标签标识符识别，以及至少一个标签，其包括至少一个链接到所述组中的至少一个其他标签。

7. 发明授权

US08566906B2 Access control in data processing systems 失效
标题翻译：数据处理系统中的访问控制
公开(公告)号：US08566906B2
公开(公告)日：2013-10-22
申请号：US13077881
申请日：2011-03-31
申请人： Thomas R. Gross , Guenter Karjoth
发明人： Thomas R. Gross , Guenter Karjoth
IPC分类号： G06F9/00
CPC分类号： H04L63/10 , G06F21/00 , G06F21/6218 , G06F2221/2141 , H04L63/20
摘要： A policy data structure defines predetermined authorizations, each relating to authorization of at least one user to access at least one resource as well as to dynamic access requests. Each dynamic access request indicates a condition to be satisfied by a respective set of attributes associated with a user request to access a resource and for the request to be granted in absence of an authorization determinative of the request. If the structure does not define an authorization for a request to access a resource, it is determined whether the structure defines a dynamic access requirement determinative for the request, and if so, whether to grant the request in accordance with the respective set of attributes associated with the request. For at least one request, after determining whether to grant the request, a dynamic authorization relating to authorization to access the resource within the request is added to the structure.
摘要翻译：策略数据结构定义了预定授权，每个授权涉及至少一个用户访问至少一个资源以及动态访问请求的授权。每个动态访问请求指示通过与访问资源的用户请求相关联的相应属性集以及在没有对请求的授权决定性的情况下被授予的请求来满足的条件。如果结构没有定义对访问资源的请求的授权，则确定结构是否定义了针对请求的动态访问需求确定性，如果是，则是否根据相关属性集合来授予请求与请求。对于至少一个请求，在确定是否授予请求之后，向该结构添加与请求中访问资源的授权有关的动态授权。

8. 发明申请

US20080136586A1 VERIFICATION METHOD AND SYSTEM 审中-公开
标题翻译：验证方法和系统
公开(公告)号：US20080136586A1
公开(公告)日：2008-06-12
申请号：US11925182
申请日：2007-10-26
申请人： Michael Backes , Thomas R. Gross , Guenter Karjoth , Luke J. O'Connor
发明人： Michael Backes , Thomas R. Gross , Guenter Karjoth , Luke J. O'Connor
IPC分类号： H04Q5/22
CPC分类号： G06Q10/087
摘要： A verification method, system and computer program. The method includes the steps of reading first summary information related to a first group of tags, reading tag information for each tag of a second group of tags, computing second summary information based on the read tag information of the second group of tags, comparing the first summary information and second summary information, and verifying whether the first group of tags and the second group of tags are identical based on the comparison.
摘要翻译：验证方法，系统和计算机程序。该方法包括以下步骤：读取与第一组标签相关的第一摘要信息，读取第二组标签的每个标签的标签信息，基于第二组标签的读标签信息计算第二摘要信息，第一摘要信息和第二摘要信息，并且基于比较来验证第一组标签和第二组标签是否相同。

9. 发明授权

US08009016B2 Tag identification system 失效
标题翻译：标签识别系统
公开(公告)号：US08009016B2
公开(公告)日：2011-08-30
申请号：US11957695
申请日：2007-12-17
申请人： Michael Backes , Thomas R. Gross , Guenter Karjoth
发明人： Michael Backes , Thomas R. Gross , Guenter Karjoth
IPC分类号： G08B13/14
CPC分类号： G06Q10/08 , G06Q10/087 , G08B13/14
摘要： The present invention relates to a tag identification system comprising: a plurality of tags, each tag being identifiable by an associated tag identifier, and at least one tag comprising at least one link to at least one other tag in said group.
摘要翻译：标签识别系统技术领域本发明涉及一种标签识别系统，包括：多个标签，每个标签可由关联的标签标识符识别，以及至少一个标签，其包括至少一个链接到所述组中的至少一个其他标签。

10. 发明授权

US08458764B2 Serialization of XACML policies 失效
标题翻译： XACML策略的序列化
公开(公告)号：US08458764B2
公开(公告)日：2013-06-04
申请号：US12419445
申请日：2009-04-07
申请人： Guenter Karjoth , Andreas Schade
发明人： Guenter Karjoth , Andreas Schade
IPC分类号： G06F17/00
CPC分类号： H04L63/101 , G06F21/6227 , G06F2221/2141 , G06F2221/2145 , G06F2221/2149 , H04L63/20 , H04L67/2823
摘要： A computer implemented access control system, the system includes a database for storing a serialized version of an XACML permissions hierarchy. The system also includes a memory for storing an original version of the XACML permissions hierarchy, and an XACML serialization engine configured to convert the XACML permissions hierarchy into the serialized version, wherein the serialized version contains a listing of at least a portion of the predicates possible in the XACML permission hierarchy and the effect on each of the portion of the predicates.
摘要翻译：一种计算机实现的访问控制系统，该系统包括用于存储XACML权限层级的序列化版本的数据库。该系统还包括用于存储XACML许可层次的原始版本的存储器，以及被配置为将XACML权限层级转换为序列化版本的XACML序列化引擎，其中序列化版本包含可能的至少一部分谓词的列表在XACML权限层次结构中以及对谓词中每一部分的影响。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式