专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20050193196A1 Cryptographically enforced, multiple-role, policy-enabled object dissemination control mechanism 有权
标题翻译：密码执法，多角色，有策略的对象传播控制机制
公开(公告)号：US20050193196A1
公开(公告)日：2005-09-01
申请号：US10788151
申请日：2004-02-26
申请人： Ming-Yuh Huang , Paul Allen , Phyllis Melvin , Keith Williamson , Philip Attfield
发明人： Ming-Yuh Huang , Paul Allen , Phyllis Melvin , Keith Williamson , Philip Attfield
IPC分类号： G06F21/00 , H04L9/00
CPC分类号： G06F21/6218
摘要： An apparatus to implement role based access control which reduces administrative expenses associated with managing access in accordance with policies and roles. The apparatus includes a memory storing a first role based access control condition associated with an action and a subsystem executing an enforcement entity and a decision entity. In one preferred form, the two entities are independent entities. The enforcement entity receives a request for the action from a requestor with a role. Additionally, the enforcement entity communicates the role and the request to the decision entity for the decision entity's decision of whether the role satisfies the first condition. The decision entity then communicates the decision to the enforcement entity. Accordingly, the enforcement entity allows or denies the requestor the action based on the decision made by the decision entity.
摘要翻译：实现基于角色的访问控制的装置，其减少与根据策略和角色管理访问相关联的管理费用。该装置包括存储与动作相关联的第一基于角色的访问控制条件的存储器和执行执行实体和决策实体的子系统。在一个优选形式中，两个实体是独立实体。执行实体从具有角色的请求者接收到该操作的请求。此外，执行实体将角色和请求传达给决策实体，以便决策实体决定角色是否满足第一个条件。决策实体然后将决定传达给执行实体。因此，执行实体根据决策实体作出的决定允许或拒绝请求者采取行动。

2. 发明申请

US20070056019A1 Implementing access control policies across dissimilar access control platforms 有权
标题翻译：在不同的访问控制平台上实现访问控制策略
公开(公告)号：US20070056019A1
公开(公告)日：2007-03-08
申请号：US11209987
申请日：2005-08-23
申请人： Paul Allen , Ming-Yuh Huang , Phyllis Melvin
发明人： Paul Allen , Ming-Yuh Huang , Phyllis Melvin
IPC分类号： H04L9/00
CPC分类号： G06Q10/06 , G06F21/6236
摘要： A method of implementing access control requirements to control access to a plurality of system resources. The requirements are modeled as contents of security policies. The security policy contents are integrated into a policy set. Representations of the integrated policy set are generated, each representation corresponding to a target system that controls access to the resources. The policy set representation(s) are integrated with the corresponding target system(s) to implement the policy set. This method makes it possible to implement high-level security requirements correctly and consistently across systems of a system-of-systems (SoS) and/or distributed system.
摘要翻译：一种实现访问控制要求以控制对多个系统资源的访问的方法。这些要求被模拟为安全策略的内容。安全策略内容被集成到策略集中。生成集成策略集的表示形式，每个表示对应于控制对资源的访问的目标系统。策略集表示与相应的目标系统集成以实现策略集。这种方法使得可以在系统级（SoS）和/或分布式系统的系统上正确和一致地实现高级安全性要求。

3. 发明授权

US07640429B2 Cryptographically enforced, multiple-role, policy-enabled object dissemination control mechanism 有权
标题翻译：密码执法，多角色，有策略的对象传播控制机制
公开(公告)号：US07640429B2
公开(公告)日：2009-12-29
申请号：US10788151
申请日：2004-02-26
申请人： Ming-Yuh Huang , Paul L. Allen , Phyllis Melvin , Keith E. Williamson , Philip J. Attfield
发明人： Ming-Yuh Huang , Paul L. Allen , Phyllis Melvin , Keith E. Williamson , Philip J. Attfield
IPC分类号： H04L29/06
CPC分类号： G06F21/6218
摘要： An apparatus to implement role based access control which reduces administrative expenses associated with managing access in accordance with policies and roles. The apparatus includes a memory storing a first role based access control condition associated with an action and a subsystem executing an enforcement entity and a decision entity. In various forms, the two entities are independent entities. The enforcement entity receives a request for the action from a requestor with a role. Additionally, the enforcement entity communicates the role and the request to the decision entity for the decision entity's decision of whether the role satisfies the first condition. The decision entity then communicates the decision to the enforcement entity. Accordingly, the enforcement entity allows or denies the requester the action based on the decision made by the decision entity.
摘要翻译：实现基于角色的访问控制的装置，其减少与根据策略和角色管理访问相关联的管理费用。该装置包括存储与动作相关联的第一基于角色的访问控制条件的存储器和执行执行实体和决策实体的子系统。以各种形式，这两个实体是独立实体。执行实体从具有角色的请求者接收到该操作的请求。此外，执行实体将角色和请求传达给决策实体，以便决策实体决定角色是否满足第一个条件。决策实体然后将决定传达给执行实体。因此，执行实体允许或拒绝请求者基于决策实体作出的决定的动作。

4. 发明授权

US09565191B2 Global policy apparatus and related methods 有权
标题翻译：全球政策机制及相关方法
公开(公告)号：US09565191B2
公开(公告)日：2017-02-07
申请号：US12262039
申请日：2008-10-30
申请人： Paul L. Allen , Michael W. Anderson , David J. Finton , Ming-Yuh Huang , Charles T. Kitzmiller , Phyllis Melvin , Stephen A. Ridlon
发明人： Paul L. Allen , Michael W. Anderson , David J. Finton , Ming-Yuh Huang , Charles T. Kitzmiller , Phyllis Melvin , Stephen A. Ridlon
IPC分类号： H04L29/06 , G06Q10/10
CPC分类号： H04L63/102 , G06Q10/10
摘要： A method of implementing requirements applicable to systems of an enterprise includes modeling the requirements as contents of policies applicable to target domains of the enterprise. The policy contents are integrated into a policy model. The policy model is adapted to obtain representations of domain-specific requirements corresponding to target systems in the target domains. The representations are integrated with the corresponding target systems to implement the domain-specific requirements.
摘要翻译：实施适用于企业系统的要求的方法包括将要求建模为对适用于企业目标域的策略内容。政策内容被纳入政策模式。策略模型适用于获取与目标域中的目标系统相对应的域特定要求的表示。这些表示与相应的目标系统集成，以实现域特定的要求。

5. 发明授权

US08056114B2 Implementing access control policies across dissimilar access control platforms 有权
标题翻译：在不同的访问控制平台上实现访问控制策略
公开(公告)号：US08056114B2
公开(公告)日：2011-11-08
申请号：US11209987
申请日：2005-08-23
申请人： Paul L. Allen , Ming-Yuh Huang , Phyllis Melvin
发明人： Paul L. Allen , Ming-Yuh Huang , Phyllis Melvin
IPC分类号： G06F17/00 , H04L29/06
CPC分类号： G06Q10/06 , G06F21/6236
摘要： A method of implementing access control requirements to control access to a plurality of system resources. The requirements are modeled as contents of security policies. The security policy contents are integrated into a policy set. Representations of the integrated policy set are generated, each representation corresponding to a target system that controls access to the resources. The policy set representation(s) are integrated with the corresponding target system(s) to implement the policy set. This method makes it possible to implement high-level security requirements correctly and consistently across systems of a system-of-systems (SoS) and/or distributed system.
摘要翻译：一种实现访问控制要求以控制对多个系统资源的访问的方法。这些要求被模拟为安全策略的内容。安全策略内容被集成到策略集中。生成集成策略集的表示形式，每个表示对应于控制对资源的访问的目标系统。策略集表示与相应的目标系统集成以实现策略集。这种方法使得可以在系统级（SoS）和/或分布式系统的系统上正确和一致地实现高级安全性要求。

6. 发明申请

US20090119746A1 GLOBAL POLICY APPARATUS AND RELATED METHODS 有权
标题翻译：全球政策装置及相关方法
公开(公告)号：US20090119746A1
公开(公告)日：2009-05-07
申请号：US12262039
申请日：2008-10-30
申请人： Paul L. Allen , Michael W. Anderson , David J. Finton , Ming-Yuh Huang , Charles T. Kitzmiller , Phyllis Melvin , Stephen A. Ridlon
发明人： Paul L. Allen , Michael W. Anderson , David J. Finton , Ming-Yuh Huang , Charles T. Kitzmiller , Phyllis Melvin , Stephen A. Ridlon
IPC分类号： G06F21/00
CPC分类号： H04L63/102 , G06Q10/10
摘要： A method of implementing requirements applicable to systems of an enterprise includes modeling the requirements as contents of policies applicable to target domains of the enterprise. The policy contents are integrated into a policy model. The policy model is adapted to obtain representations of domain-specific requirements corresponding to target systems in the target domains. The representations are integrated with the corresponding target systems to implement the domain-specific requirements.
摘要翻译：实施适用于企业系统的要求的方法包括将要求建模为对适用于企业目标域的策略内容。政策内容被纳入政策模式。策略模型适用于获取与目标域中的目标系统相对应的域特定要求的表示。这些表示与相应的目标系统集成，以实现域特定的要求。

7. 发明授权

US08434125B2 Distributed security architecture 有权
标题翻译：分布式安全架构
公开(公告)号：US08434125B2
公开(公告)日：2013-04-30
申请号：US12043034
申请日：2008-03-05
申请人： Tirumale K. Ramesh , John L. Meier , Jason Edward Amanatullah , Ming-Yuh Huang
发明人： Tirumale K. Ramesh , John L. Meier , Jason Edward Amanatullah , Ming-Yuh Huang
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , H04L63/0218 , H04L63/0263 , H04L63/101 , H04L63/20 , H04L69/32
摘要： A distributed security architecture may include: a mobile anti-tamper hardware policy enforcement point configured to control communication behaviors of a mobile client by enforcing communication policies within a policy decision point; a mobile anti-tamper hardware policy decision point encapsulated within the mobile anti-tamper hardware policy enforcement point; a policy exchange channel for policy distribution modes configured to distribute and/or update communication and routing security policies to the mobile client; a contextual manager configured to handle system-wide status change update signaling; and a mobility authentication manager configured to provide mobile clients with registration and credential/role assignments based on mobile access policies. The distributed security architecture may be configured to provide open system interconnection layer 3.5 policy-based secure routing, and open system interconnection layer 2 policy-based mandatory access control address filtering to provide secure communication and computing for layers 4, 5, 6, and 7.
摘要翻译：分布式安全架构可以包括：移动防篡改硬件策略执行点，被配置为通过在策略决策点内执行通信策略来控制移动客户端的通信行为; 封装在移动防篡改硬件策略执行点内的移动防篡改硬件策略决策点; 策略分配模式的策略交换通道，被配置为向移动客户端分发和/或更新通信和路由安全策略; 配置为处理全系统状态改变更新信令的上下文管理器; 以及移动性认证管理器，被配置为基于移动接入策略向移动客户端提供注册和凭证/角色分配。分布式安全架构可以被配置为提供开放系统互连层3.5基于策略的安全路由，以及开放的系统互连层2基于策略的强制访问控制地址过滤，以为层4,5,6和7提供安全的通信和计算。

8. 发明申请

US20090228951A1 DISTRIBUTED SECURITY ARCHITECTURE 有权
标题翻译：分布式安全架构
公开(公告)号：US20090228951A1
公开(公告)日：2009-09-10
申请号：US12043034
申请日：2008-03-05
申请人： Tirumale K. Ramesh , John L. Meier , Jason Edward Amanatullah , Ming-Yuh Huang
发明人： Tirumale K. Ramesh , John L. Meier , Jason Edward Amanatullah , Ming-Yuh Huang
IPC分类号： G06F7/04
CPC分类号： H04L63/08 , H04L63/0218 , H04L63/0263 , H04L63/101 , H04L63/20 , H04L69/32
摘要： A distributed security architecture may include: a mobile anti-tamper hardware policy enforcement point configured to control communication behaviors of a mobile client by enforcing communication policies within a policy decision point; a mobile anti-tamper hardware policy decision point encapsulated within the mobile anti-tamper hardware policy enforcement point; a policy exchange channel for policy distribution modes configured to distribute and/or update communication and routing security policies to the mobile client; a contextual manager configured to handle system-wide status change update signaling; and a mobility authentication manager configured to provide mobile clients with registration and credential/role assignments based on mobile access policies. The distributed security architure may be configured to provide open system inteconnection layer 3.5 policy-based secure routing, and open system inteconnection layer 2 policy-based mandatory access control address filtering to provide secure communication and computing for layers 4, 5, 6, and 7.
摘要翻译：分布式安全架构可以包括：移动防篡改硬件策略执行点，被配置为通过在策略决策点内执行通信策略来控制移动客户端的通信行为; 封装在移动防篡改硬件策略执行点内的移动防篡改硬件策略决策点; 策略分配模式的策略交换通道，被配置为向移动客户端分发和/或更新通信和路由安全策略; 配置为处理全系统状态改变更新信令的上下文管理器; 以及移动性认证管理器，被配置为基于移动接入策略向移动客户端提供注册和凭证/角色分配。分布式安全架构可以被配置为提供开放系统连接层3.5基于策略的安全路由，以及开放系统连接层2基于策略的强制访问控制地址过滤，以为层4,5,6和7提供安全的通信和计算。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式