专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07822980B2 Authenticated identity propagation and translation within a multiple computing unit environment 有权
标题翻译：在多个计算单元环境中的经过身份验证的身份传播和翻译
公开(公告)号：US07822980B2
公开(公告)日：2010-10-26
申请号：US11468139
申请日：2006-08-29
申请人： Patrick S. Botz , John C. Dayka , Donna N. Dillenberger , Richard H. Guski , Timothy J. Hahn , Margaret K. LaBelle , Mark A. Nelson
发明人： Patrick S. Botz , John C. Dayka , Donna N. Dillenberger , Richard H. Guski , Timothy J. Hahn , Margaret K. LaBelle , Mark A. Nelson
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , G06F21/31 , G06F2221/2151
摘要： An authenticated identity propagation and translation technique is provided based on a trust relationship between multiple user identification and authentication services resident on different computing components of a multi-component transaction processing computing environment including distributed and mainframe computing components. The technique includes, in one embodiment, forwarding, in association with transaction requests, identified and authenticated user identification and authentication information from a distributed component to a mainframe component, facilitating the selection of the appropriate mainframe user identity with which to execute the mainframe portion of the transaction, and creating the appropriate run-time security context.
摘要翻译：基于多个用户识别和驻留在包括分布式和大型计算组件的多组件事务处理计算环境的不同计算组件的认证服务之间的信任关系来提供认证身份传播和翻译技术。在一个实施例中，该技术包括与事务请求相关联地将已识别和认证的用户标识和认证信息从分布式组件转发到主机组件，便于选择适当的主机用户身份，用于执行主机部分的主机部分事务，并创建适当的运行时安全上下文。

2. 发明授权

US06711679B1 Public key infrastructure delegation 有权
标题翻译：公钥基础设施委托
公开(公告)号：US06711679B1
公开(公告)日：2004-03-23
申请号：US09282871
申请日：1999-03-31
申请人： Richard H. Guski , Timothy J. Hahn
发明人： Richard H. Guski , Timothy J. Hahn
IPC分类号： H04L900
CPC分类号： H04L63/0428 , H04L9/006 , H04L9/3247 , H04L9/3263 , H04L9/3297 , H04L63/0823 , H04L63/126 , H04L2209/80
摘要： An approach for allowing a server to act on behalf of an original requestor (originator) which includes an approach for indicating the chain of servers through which the original request came has been defined. This provides a mechanism for a server to act as a “delegate” for a request made by an originator. This approach uses PKI constructs and relies upon public-private key digital signatures for verifying the validity if the “delegation” information. The approach described here allows the originator some control over the extent to which its identity can be used on its behalf by servers that it contacts and servers that are contacted on its behalf. The entire “delegation chain” is contained within the construct, allowing examination of the “path” that a request has taken in getting to a server from which service was requested.
摘要翻译：允许服务器代表原始请求者（发起方）采取行动的方法，其中包括用于指示原始请求到达的服务器链的方法。这提供了一种机制，使服务器充当发起者发出的请求的“委托”。这种方法使用PKI结构，并且依赖于公共 - 私人密钥数字签名来验证“授权”信息的有效性。这里描述的方法允许发起者对其联系的服务器以及代表其联系的服务器代表其身份可以使用的程度进行一些控制。整个“代理链”包含在构造中，允许检查请求在获得服务所请求的服务器上所采用的“路径”。

3. 发明授权

US08230228B2 Support of tamper detection for a log of records 失效
标题翻译：支持篡改检测记录日志
公开(公告)号：US08230228B2
公开(公告)日：2012-07-24
申请号：US12263427
申请日：2008-10-31
申请人： Timothy J. Hahn , Heather M. Hinton
发明人： Timothy J. Hahn , Heather M. Hinton
IPC分类号： H04L29/06 , H04L29/00
CPC分类号： G06F21/64 , G06F2221/2101
摘要： Tamper detection of audit records comprises configuring a proxy for adding tamper evidence information to audit information by obtaining audit records from at least one audit record generating source, grouping obtained audit records into subsets of audit records and providing tamper evidence processing to the subsets utilizing a cryptographic mechanism to calculate a signature over each subset of audit records. The proxy groups the subsets such that each subset contains at least one designated carryover audit record that overlaps into a next subset so that each carryover audit record is associated with at least two signatures. As such, the proxy creates an overlapping chain of digitally signed audit records subsets. The proxy further forwards the tamper evident audit records from the tamper evidence adding proxy to a corresponding audit log storage subsystem for storage, storing the calculated signatures.
摘要翻译：审计记录的篡改检测包括配置代理，通过从至少一个审计记录产生源获得审计记录，将获取的审计记录分组到审计记录的子集中，并通过加密方式向子集提供篡改证据处理，从而将审计信息添加到审计信息中计算每个审计记录子集签名的机制。代理对子集进行分组，使得每个子集包含至少一个与下一个子集重叠的指定的结转审核记录，使得每个结转审核记录与至少两个签名相关联。因此，代理创建一个数字签名的审计记录子集的重叠链。代理进一步将篡改明显的审计记录从篡改证据添加代理转发到相应的审计日志存储子系统进行存储，存储计算的签名。

4. 发明申请

US20100115284A1 SUPPORT OF TAMPER DETECTION FOR A LOG OF RECORDS 失效
标题翻译：支持记录记录的篡改检测
公开(公告)号：US20100115284A1
公开(公告)日：2010-05-06
申请号：US12263427
申请日：2008-10-31
申请人： Timothy J. Hahn , Heather M. Hinton
发明人： Timothy J. Hahn , Heather M. Hinton
IPC分类号： H04L9/32 , H04L9/06
CPC分类号： G06F21/64 , G06F2221/2101
摘要： Tamper detection of audit records comprises configuring a proxy for adding tamper evidence information to audit information by obtaining audit records from at least one audit record generating source, grouping obtained audit records into subsets of audit records and providing tamper evidence processing to the subsets utilizing a cryptographic mechanism to calculate a signature over each subset of audit records. The proxy groups the subsets such that each subset contains at least one designated carryover audit record that overlaps into a next subset so that each carryover audit record is associated with at least two signatures. As such, the proxy creates an overlapping chain of digitally signed audit records subsets. The proxy further forwards the tamper evident audit records from the tamper evidence adding proxy to a corresponding audit log storage subsystem for storage, storing the calculated signatures.
摘要翻译：审计记录的篡改检测包括配置代理，通过从至少一个审计记录产生源获得审计记录，将获取的审计记录分组到审计记录的子集中，并通过加密方式向子集提供篡改证据处理，从而将审计信息添加到审计信息中计算每个审计记录子集签名的机制。代理对子集进行分组，使得每个子集包含至少一个与下一个子集重叠的指定的结转审核记录，使得每个结转审核记录与至少两个签名相关联。因此，代理创建一个数字签名的审计记录子集的重叠链。代理进一步将篡改明显的审计记录从篡改证据添加代理转发到相应的审计日志存储子系统进行存储，存储计算的签名。

5. 发明授权

US07676831B2 Role-based access control management for multiple heterogeneous application components 失效
标题翻译：基于角色的多个异构应用程序组件的访问控制管理
公开(公告)号：US07676831B2
公开(公告)日：2010-03-09
申请号：US11221630
申请日：2005-09-08
申请人： Kathryn H. Britton , Dieter Buehler , Ching-Yun Chao , Timothy J. Hahn , Anthony J. Nadalin , Nataraj Nagaratnam , Yi-Hsiu Wei , ChunHui Yang
发明人： Kathryn H. Britton , Dieter Buehler , Ching-Yun Chao , Timothy J. Hahn , Anthony J. Nadalin , Nataraj Nagaratnam , Yi-Hsiu Wei , ChunHui Yang
IPC分类号： H04L9/32 , H04L9/00 , G06F7/04
CPC分类号： G06F21/6236
摘要： Embodiments of the present invention address deficiencies of the art in respect to access control and provide a method, system and computer program product for access control management for a collection of heterogeneous application components. In a first embodiment, a data processing system for role-based access control management for multiple heterogeneous application components can include at least one business role descriptor associating a business role with multiple, different application roles for corresponding, disparate application components. The system also can include at least one access policy associating a user with the business role. Finally, the system can include policy deployment logic include program code enabled to process the access policy to assign the user to the different application roles in the disparate application components.
摘要翻译：本发明的实施例解决了本领域在访问控制方面的缺陷，并提供了用于异构应用组件的集合的访问控制管理的方法，系统和计算机程序产品。在第一实施例中，用于多个异构应用组件的用于基于角色的访问控制管理的数据处理系统可以包括将业务角色与用于相应的不同应用组件的多个不同应用角色相关联的至少一个业务角色描述符。系统还可以包括将用户与业务角色相关联的至少一个访问策略。最后，系统可以包括策略部署逻辑，包括能够处理访问策略的程序代码，以将用户分配给不同应用程序组件中的不同应用程序角色。

6. 发明授权

US09946848B2 Software protection using an installation product having an entitlement file 有权
公开(公告)号：US09946848B2
公开(公告)日：2018-04-17
申请号：US12393242
申请日：2009-02-26
申请人： Timothy J. Hahn , Bernard P. Palmer, Jr. , Michael P. Waidner , James J. Whitmore
发明人： Timothy J. Hahn , Bernard P. Palmer, Jr. , Michael P. Waidner , James J. Whitmore
IPC分类号： G06F21/10 , G06F21/12 , H04L9/32
CPC分类号： G06F21/10 , G06F21/105 , G06F21/12 , G06F2221/0737 , H04L9/3247 , H04L9/3263 , H04L2209/60 , H04L2209/68
摘要： Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product. Also, techniques for facilitating security compliance of a computer program product include providing an encoded version of a computer program product, and providing an installation product builder for the computer program product, wherein the installation product builder creates an installation product in a computer storage medium using a client identity and the encoded version of the computer program product during a registration process, and wherein the created installation product comprises an entitlement file to facilitate security compliance of the computer program product.

7. 发明授权

US09898587B2 Software protection using an installation product having an entitlement file 有权
公开(公告)号：US09898587B2
公开(公告)日：2018-02-20
申请号：US13454555
申请日：2012-04-24
申请人： Timothy J. Hahn , Bernard P. Palmer, Jr. , Michael P. Waidner , James J. Whitmore
发明人： Timothy J. Hahn , Bernard P. Palmer, Jr. , Michael P. Waidner , James J. Whitmore
IPC分类号： G06F21/00 , G06F21/10 , H04L9/32
CPC分类号： G06F21/10 , G06F21/105 , G06F21/12 , G06F2221/0737 , H04L9/3247 , H04L9/3263 , H04L2209/60 , H04L2209/68
摘要： Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product. Also, techniques for facilitating security compliance of a computer program product include providing an encoded version of a computer program product, and providing an installation product builder for the computer program product, wherein the installation product builder creates an installation product in a computer storage medium using a client identity and the encoded version of the computer program product during a registration process, and wherein the created installation product comprises an entitlement file to facilitate security compliance of the computer program product.

8. 发明授权

US08422686B2 Automated validation and execution of cryptographic key and certificate deployment and distribution 有权
标题翻译：加密密钥和证书部署和分发的自动验证和执行
公开(公告)号：US08422686B2
公开(公告)日：2013-04-16
申请号：US12142009
申请日：2008-06-19
申请人： Christian Cachin , Robert Haas , Timothy J. Hahn , Xiaoyu Hu , Ilias Iliadis , Rene Pawlitzek , John T. Peck
发明人： Christian Cachin , Robert Haas , Timothy J. Hahn , Xiaoyu Hu , Ilias Iliadis , Rene Pawlitzek , John T. Peck
IPC分类号： H04L29/06
CPC分类号： H04L9/083 , H04L9/0891
摘要： A method for automated validation and execution of cryptographic key and certificate deployment and distribution includes providing one or more keys; providing one or more key deployment points; and distributing the one or more keys to the one or more key deployment points in an automated manner based on a matrix or pattern mapping of each of the one or more keys to be distributed to each of the one or more key deployment points.
摘要翻译：用于自动验证和执行加密密钥和证书部署和分发的方法包括提供一个或多个密钥; 提供一个或多个关键部署点; 以及基于要分配给所述一个或多个关键部署点中的每一个的所述一个或多个密钥中的每一个的矩阵或模式映射，以自动方式将所述一个或多个密钥分发到所述一个或多个密钥部署点。

9. 发明申请

US20120216294A1 Software Protection Using an Installation Product Having an Entitlement File 有权
标题翻译：使用具有授权文件的安装产品进行软件保护
公开(公告)号：US20120216294A1
公开(公告)日：2012-08-23
申请号：US13454555
申请日：2012-04-24
申请人： Timothy J. Hahn , Bernard P. Palmer, JR. , Michael P. Waidner , James J. Whitmore
发明人： Timothy J. Hahn , Bernard P. Palmer, JR. , Michael P. Waidner , James J. Whitmore
IPC分类号： G06F21/00
CPC分类号： G06F21/10 , G06F21/105 , G06F21/12 , G06F2221/0737 , H04L9/3247 , H04L9/3263 , H04L2209/60 , H04L2209/68
摘要： Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product. Also, techniques for facilitating security compliance of a computer program product include providing an encoded version of a computer program product, and providing an installation product builder for the computer program product, wherein the installation product builder creates an installation product in a computer storage medium using a client identity and the encoded version of the computer program product during a registration process, and wherein the created installation product comprises an entitlement file to facilitate security compliance of the computer program product.
摘要翻译：提供了用于建立计算机程序产品的权利的技术，并且包括在注册过程中提供客户端身份以产生授权文件，获得计算机程序产品的编码版本，以及将计算机程序产品变换为安装产品计算机存储介质，其中安装产品包括授权文件以建立计算机程序产品的有权使用。此外，用于促进计算机程序产品的安全符合性的技术包括提供计算机程序产品的编码版本，并为计算机程序产品提供安装产品构建器，其中安装产品构建器使用计算机存储介质中的安装产品客户端身份和计算机程序产品的编码版本，并且其中所创建的安装产品包括授权文件，以促进计算机程序产品的安全符合性。

10. 发明授权

US06553384B1 Transactional name service 有权
标题翻译：交易名称服务
公开(公告)号：US06553384B1
公开(公告)日：2003-04-22
申请号：US09333058
申请日：1999-06-14
申请人： Jeffrey A. Frey , David A. Booz , Timothy J. Hahn , Theodore R. Maeurer
发明人： Jeffrey A. Frey , David A. Booz , Timothy J. Hahn , Theodore R. Maeurer
IPC分类号： G06F1700
CPC分类号： G06F9/548 , G06F2209/462 , H04L29/12009 , H04L29/12783 , H04L61/35 , H04L67/1002 , H04L67/1008 , Y10S707/99944
摘要： A transactional name server. One or more objects of the name server are managed as transactional objects, thereby providing a transactional name server. Atomic updates are provided in the name server by the addition of transactional semantics. The transactional semantics include making the objects of the name space managed objects and providing a local interface to a directory service that propagates a transactional context from the name server through a directory down to a resource manager.
摘要翻译：事务名称服务器。名称服务器的一个或多个对象作为事务对象进行管理，从而提供事务名称服务器。原子更新通过添加事务语义在名称服务器中提供。事务语义包括使名称空间的对象管理对象，并向目录服务提供本地接口，该目录服务将事务上下文从名称服务器通过目录下载到资源管理器。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式