会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明授权
    • Transparently updating user credentials
    • 透明地更新用户凭据
    • US08856896B1
    • 2014-10-07
    • US13168354
    • 2011-06-24
    • Jesper M. JohanssonNishant MittalDarren E. Canavor
    • Jesper M. JohanssonNishant MittalDarren E. Canavor
    • G06F7/04
    • G06F21/45G06F21/62H04L9/0891H04L2209/16
    • A user password is obfuscated using a first obfuscation algorithm and stored. A security module receives a password from a user a first time and, in response thereto, obfuscates the password using a second obfuscation algorithm and stores the obfuscated password. The security module subsequently receives the password from the user a second time. In response thereto, the security module obfuscates the password using the second algorithm a second time and compares the results of the obfuscation with the stored password obfuscated using the second algorithm. If the results of the obfuscation and the stored password obfuscated using the second algorithm match, the security module replaces the stored password obfuscated using the first algorithm with the password obfuscated using the second algorithm. The operations are performed transparently to the user associated with the password.
    • 使用第一个模糊算法对用户密码进行模糊处理并进行存储。 安全模块第一次从用户接收密码,并且响应于此,使用第二混淆算法对密码进行模糊并存储模糊密码。 安全模块随后第二次从用户接收密码。 响应于此,安全模块第二次使用第二算法模糊密码,并将混淆的结果与使用第二算法模糊的存储密码进行比较。 如果混淆的结果和使用第二种算法混淆的存储密码匹配,则安全模块将使用第一种算法混淆的存储密码替换为使用第二种算法加密的密码。 这些操作对与密码相关的用户透明地执行。
    • 5. 发明授权
    • Confidence-based authentication
    • 基于置信的认证
    • US08621209B1
    • 2013-12-31
    • US13277026
    • 2011-10-19
    • Jesper M. JohanssonDarren E. CanavorDaniel W. Hitchcock
    • Jesper M. JohanssonDarren E. CanavorDaniel W. Hitchcock
    • H04L29/06H04L9/32G06F7/04
    • H04L63/08
    • Disclosed are various embodiments that perform confidence-based authentication of a user. An identification of a user account is obtained from a user, and a minimum confidence threshold is determined. Multiple authentication questions are presented to the user, where the authentication questions are determined based at least in part on stored transaction information associated with the user account. Answers are obtained from the user to a subset of the questions, with each answer having a corresponding authentication point value. A confidence score is generated for the user, where the confidence score is increased by the respective authentication point values of the correct answers. Access by the user to a resource associated with the user account is authorized in response to determining that the confidence score meets the minimum confidence threshold.
    • 公开了执行用户的基于置信度的认证的各种实施例。 从用户获得用户帐户的识别,并确定最小置信阈值。 至少部分地基于与用户帐户相关联的存储的交易信息来确定认证问题的多个认证问题。 答案从用户获得到问题的一个子集,每个答案具有相应的认证点值。 为用户生成置信度分数,其中置信度得分通过正确答案的相应认证点值增加。 响应于确定置信度分数满足最小置信度阈值,授权用户访问与用户帐户相关联的资源。
    • 10. 发明授权
    • System and method utilizing clean groups for security management
    • 系统和方法利用清洁组进行安全管理
    • US07673326B2
    • 2010-03-02
    • US10771840
    • 2004-02-04
    • Art ShelestJesper M. Johansson
    • Art ShelestJesper M. Johansson
    • G06F12/14
    • G06F21/577
    • A system and method that utilizes clean groups for reducing security management complexity. The system reduces the complexity of managing security technologies by automatically assigning objects such as computers or persons to clean groups which are defined by existing management infrastructure. In an embodiment where members are computers, ongoing automatic efforts ensure that clean groups include only computers that satisfy specified security principles, which allows administrators to treat all computers that are in compliance as a group. Separately, the members of the clean group are required to implement self-governance, which is an ability to detect being compromised and to take steps to remove themselves from the clean group when they are compromised. In addition to attempting to remove itself from the clean group, a compromised computer may take additional steps aimed at minimizing further damage, such as erasing or hiding computer domain credentials, hiding/protecting/disabling cryptographic (e.g. EFS) keys, or logging out a user.
    • 一种利用清洁组来降低安全管理复杂度的系统和方法。 该系统通过自动分配诸如计算机或人员的对象来清除由现有管理基础设施定义的组,来降低管理安全技术的复杂性。 在成员是计算机的实施例中,正在进行的自动尝试确保清洁组仅包括满足指定安全原则的计算机,这允许管理员将所有符合规定的计算机视为一组。 另外,清洁小组的成员需要实施自治,这是一种检测被破坏的能力,并且在遭到破坏时采取步骤将其从干净的群体中移出。 除了试图将其从干净的组中删除外,受感染的计算机可能会采取额外的步骤,旨在最大限度地减少进一步的损坏,例如擦除或隐藏计算机域凭据,隐藏/保护/禁用加密(例如EFS)密钥或注销 用户。