专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09436820B1 Controlling access to resources in a network 有权
标题翻译：控制对网络资源的访问
公开(公告)号：US09436820B1
公开(公告)日：2016-09-06
申请号：US10909755
申请日：2004-08-02
申请人： Robert E. Gleichauf , Susan E. Thomson , Dany J. Rochefort , Joseph A. Salowey , Hao Zhou , Fan Wu , Venkateswara Rao Yarlagadda , Russell E. Rice
发明人： Robert E. Gleichauf , Susan E. Thomson , Dany J. Rochefort , Joseph A. Salowey , Hao Zhou , Fan Wu , Venkateswara Rao Yarlagadda , Russell E. Rice
IPC分类号： G06F15/16 , G06F21/50 , H04L29/06
CPC分类号： G06F21/50 , G06F21/577 , H04L63/02 , H04L63/08 , H04L63/20
摘要： A computerized device transmits an access request to a data communications device of a network in an attempt to access network resources within the network. The data communications device, in response and in real-time, transmits a challenge request to the computerized device that directs the computerized device to retrieve configuration, or posture, credentials associated with the computerized device. A policy server receives the challenge response and, based upon a real-time analysis of the posture credentials of the computerized device, determines a security state of the computerized device and either provides some level or denies the computerized device access to the network resources based upon the analysis of posture. The data communications device detects the real-time security state of the computerized device prior to providing the computerized device with controlled access to the network resources, thereby limiting vulnerable computerized devices from accessing the network resources and minimizing the risk that the network resources receive or transmit malware.
摘要翻译：计算机化设备向网络的数据通信设备发送访问请求，以试图访问网络内的网络资源。数据通信设备作为响应并且实时地向计算机化设备发送质询请求，该计算机化设备指导计算机化设备检索与计算机化设备相关联的配置或姿势凭据。策略服务器接收挑战响应，并且基于对计算机化设备的姿态凭证的实时分析来确定计算机化设备的安全状态，并且基于以下方式提供一些级别或拒绝计算机化设备对网络资源的访问姿势分析。在向计算机化设备提供对网络资源的受控访问之前，数据通信设备检测计算机化设备的实时安全状态，从而限制易受攻击的计算机化设备访问网络资源并最小化网络资源接收或传输的风险恶意软件

2. 发明授权

US08381268B2 Network authorization status notification 有权
标题翻译：网络授权状态通知
公开(公告)号：US08381268B2
公开(公告)日：2013-02-19
申请号：US12115677
申请日：2008-05-06
申请人： Nancy Cam Winget , Joseph A. Salowey , James Edward Burns , Susan Elizabeth Thomson , Hao Zhou
发明人： Nancy Cam Winget , Joseph A. Salowey , James Edward Burns , Susan Elizabeth Thomson , Hao Zhou
IPC分类号： G06F7/04
CPC分类号： H04L63/10 , Y02D30/30
摘要： A system that enables network authorization status to be conveyed to the device requesting network services within or outside the scope of an authentication exchange is provided. The authorization status notification or information can be automatically generated or otherwise triggered by a request from the user or device. For instance, a query can be employed to solicit device authorization status related to a particular service or group of services. Additionally, authorization status notification can be automatically triggered based upon a change in the device authorization state.
摘要翻译：提供了一种能够将网络授权状态传送到在认证交换的范围之内或之外请求网络服务的设备的系统。授权状态通知或信息可以由用户或设备的请求自动生成或以其他方式触发。例如，可以使用查询来征求与特定服务或服务组相关的设备授权状态。另外，根据设备授权状态的变化，可以自动触发授权状态通知。

3. 发明申请

US20080282327A1 NETWORK AUTHORIZATION STATUS NOTIFICATION 有权
标题翻译：网络授权状态通知
公开(公告)号：US20080282327A1
公开(公告)日：2008-11-13
申请号：US12115677
申请日：2008-05-06
申请人： Nancy Cam Winget , Joseph A. Salowey , James Edward Burns , Susan Elizabeth Thomson , Hao Zhou
发明人： Nancy Cam Winget , Joseph A. Salowey , James Edward Burns , Susan Elizabeth Thomson , Hao Zhou
IPC分类号： G06F21/00
CPC分类号： H04L63/10 , Y02D30/30
摘要： A system that enables network authorization status to be conveyed to the device requesting network services within or outside the scope of an authentication exchange is provided. The authorization status notification or information can be automatically generated or otherwise triggered by a request from the user or device. For instance, a query can be employed to solicit device authorization status related to a particular service or group of services. Additionally, authorization status notification can be automatically triggered based upon a change in the device authorization state.
摘要翻译：提供了一种能够将网络授权状态传送到在认证交换的范围之内或之外请求网络服务的设备的系统。授权状态通知或信息可以由用户或设备的请求自动生成或以其他方式触发。例如，可以使用查询来征求与特定服务或服务组相关的设备授权状态。另外，可以根据设备授权状态的变化自动触发授权状态通知。

4. 发明授权

US08024488B2 Methods and apparatus to validate configuration of computerized devices 有权
标题翻译：验证计算机化设备配置的方法和设备
公开(公告)号：US08024488B2
公开(公告)日：2011-09-20
申请号：US11070567
申请日：2005-03-02
申请人： Joseph A. Salowey , Hao Zhou
发明人： Joseph A. Salowey , Hao Zhou
IPC分类号： G06F7/04 , G06F15/16 , G06F17/30 , H04L29/06
CPC分类号： H04L63/126 , H04L9/32
摘要： A system verifies configuration of a device within a network via an exchange of verification credentials, which are requested, received and authenticated. The verification credentials indicate that a configuration of the device was acceptable at the time of creation of the verification credentials for that device. The verification credentials of the device are obtained through a certifying process. During the certifying process, the credential certifier receives a current device configuration of the device in the network, and evaluates the current device configuration of a device with respect to its role within a network. The verification credentials are issued to the requesting device and stored within a database. The device submits its verification credentials if being requested by the other peer it's communicating with when it enters the network. It also monitors the current device configuration and if there are changes, it invalidates the existing certification credentials and requests new one.
摘要翻译：系统通过交换请求，接收和认证的验证凭证来验证网络内的设备的配置。验证凭证表明在创建该设备的验证凭据时，该设备的配置是可以接受的。设备的验证凭证通过认证过程获得。在验证过程中，凭证验证者接收网络中设备的当前设备配置，并根据网络中的角色来评估设备的当前设备配置。验证凭证被发送到请求设备并存储在数据库中。当设备进入网络时与其进行通信的其他对等体请求时，设备将提交其验证凭据。它还监视当前设备配置，如果有更改，则会使现有的认证凭据无效，并请求新的认证凭据。

5. 发明授权

US07940656B2 System and method for authenticating an element in a network environment 有权
标题翻译：用于在网络环境中认证元素的系统和方法
公开(公告)号：US07940656B2
公开(公告)日：2011-05-10
申请号：US11949157
申请日：2007-12-03
申请人： Amitava Das , Michael A. Wright , Joseph A. Salowey , William C. Gossman
发明人： Amitava Das , Michael A. Wright , Joseph A. Salowey , William C. Gossman
IPC分类号： H04J3/12 , H04L12/66 , H04W4/00
CPC分类号： H04L12/66 , H04L63/0892 , H04W12/06 , H04W84/12 , H04W88/14 , H04W88/16
摘要： A method for authenticating an element in a network environment is provided that includes receiving a request for one or more triplets. One or more of the triplets may be associated with an authentication communications protocol that may be executed in order to facilitate a communication session. The method further includes returning one or more of the triplets in response to the request and initiating the communication session in response to the triplets after proper authentication of an entity associated with the request.
摘要翻译：提供了一种用于认证网络环境中的元素的方法，包括接收对一个或多个三元组的请求。一个或多个三元组可以与可以被执行以便于通信会话的认证通信协议相关联。该方法还包括响应于该请求返回一个或多个三元组，并且在与该请求相关联的实体进行适当认证之后响应于三元组发起通信会话。

6. 发明授权

US07715562B2 System and method for access authentication in a mobile wireless network 有权
标题翻译：用于移动无线网络中接入认证的系统和方法
公开(公告)号：US07715562B2
公开(公告)日：2010-05-11
申请号：US11419382
申请日：2006-05-19
申请人： Parviz Yegani , Joseph A. Salowey , Jayaraman R. Iyer , Anand K. Oswal
发明人： Parviz Yegani , Joseph A. Salowey , Jayaraman R. Iyer , Anand K. Oswal
IPC分类号： H04K1/00
CPC分类号： H04W12/06 , H04L63/08 , H04L63/0892 , H04L63/162
摘要： A system and method is provided for authenticating access in a mobile wireless network. The system and method comprise exchanging an extensible authentication protocol (EAP) packet with an access terminal over a high rate packet data radio link and a signaling interface through a radio access network, encapsulating the EAP packet in an authentication authorization and accounting (AAA) packet, and sending the AAA packet to an authentication server for authentication.
摘要翻译：提供了一种用于在移动无线网络中认证访问的系统和方法。该系统和方法包括通过高速率分组数据无线电链路与接入终端交换可扩展认证协议（EAP）分组和通过无线接入网络的信令接口，将EAP分组封装在认证授权和计费（AAA）分组中并将AAA分组发送到认证服务器进行认证。

7. 发明申请

US20080065883A1 AUTHENTICATION FOR DEVICES LOCATED IN CABLE NETWORKS 有权
标题翻译：电缆网络中设备的认证
公开(公告)号：US20080065883A1
公开(公告)日：2008-03-13
申请号：US11467002
申请日：2006-08-24
申请人： Shengyou Zeng , Jason Frazier , Joshua B. Littlefield , Joseph A. Salowey
发明人： Shengyou Zeng , Jason Frazier , Joshua B. Littlefield , Joseph A. Salowey
IPC分类号： H04L9/00
CPC分类号： H04L63/0892 , H04L63/062 , H04L63/0823 , H04L63/0869 , H04L63/162
摘要： An extensible authentication framework is used in cable networks such as Data Over Cable Service Interface Specification (DOCSIS) cable networks. The authentication scheme allows for centralized authentication of cable modems, as well as authentication of the cable network by cable modems. Additionally, the authentication scheme allows a Cable Modem Termination System (CMTS) to authenticate devices downstream from cable modems, such as Customer Premise Equipment (CPE) devices.
摘要翻译：有线网络中使用可扩展的认证框架，如电缆数据服务接口规范（DOCSIS）电缆网络。认证方案允许对电缆调制解调器进行集中认证，以及电缆调制解调器对有线网络的认证。此外，认证方案允许有线调制解调器终端系统（CMTS）认证电缆调制解调器（如客户端设备（CPE））设备下游的设备。

8. 发明授权

US06895501B1 Method and apparatus for distributing, interpreting, and storing heterogeneous certificates in a homogenous public key infrastructure 失效
标题翻译：用于在均匀的公共密钥基础设施中分发，解释和存储异构证书的方法和装置
公开(公告)号：US06895501B1
公开(公告)日：2005-05-17
申请号：US09524272
申请日：2000-03-13
申请人： Joseph A. Salowey
发明人： Joseph A. Salowey
IPC分类号： H04L9/00 , H04L29/06
CPC分类号： H04L63/126
摘要： A connection is established between a server and a web browser having access to a first, trusted public key. The server downloads a digitally signed archive to the browser, the archive including a second public key. The browser verifies the digitally signed archive using the first public key, and stores the second public key in response to the verification. The browser then uses the stored second public key to authenticate the server and establish a secure connection with the server. The second public key and its chain of trust need not be known by the browser beforehand, and the archive may include program fragments that store the key in an area where the browser (or an applet running under the browser) can access and use it. The archive may also include a program fragment that performs certificate validation for the client—enabling the client to handle certificate types it does not know about. Advantages include allowing the archive to be transmitted over any insecure connection since it is integrity protected and authenticated; and allowing the client to make a direct connection to the server without having to access certificate stores on the platform.
摘要翻译：在服务器和具有访问第一可信公钥的web浏览器之间建立连接。服务器将数字签名的存档下载到浏览器，归档包括第二个公钥。浏览器使用第一公钥验证数字签名的归档，并且响应于验证存储第二公钥。然后，浏览器使用存储的第二个公钥来验证服务器，并建立与服务器的安全连接。第二个公共密钥及其信任链不需要由浏览器预先知道，并且归档可以包括将密钥存储在浏览器（或浏览器下运行的小程序）可以访问和使用的区域中的程序片段。存档还可以包括为客户机执行证书验证的程序片段，使得客户端能够处理它不知道的证书类型。优点包括允许通过任何不安全的连接传输存档，因为它是完整性保护和认证的; 并允许客户端直接连接到服务器，而无需访问平台上的证书存储。

9. 发明授权

US08453216B2 Authentication for devices located in cable networks 有权
标题翻译：位于有线网络中的设备的认证
公开(公告)号：US08453216B2
公开(公告)日：2013-05-28
申请号：US12951285
申请日：2010-11-22
申请人： Shengyou Zeng , Jason Frazier , Joshua B. Littlefield , Joseph A. Salowey
发明人： Shengyou Zeng , Jason Frazier , Joshua B. Littlefield , Joseph A. Salowey
IPC分类号： G06F21/00
CPC分类号： H04L63/0892 , H04L63/062 , H04L63/0823 , H04L63/0869 , H04L63/162
摘要： An extensible authentication framework is used in cable networks such as Data Over Cable Service Interface Specification (DOCSIS) cable networks. The authentication scheme allows for centralized authentication of cable modems, as well as authentication of the cable network by cable modems. Additionally, the authentication scheme allows a Cable Modem Termination System (CMTS) to authenticate devices downstream from cable modems, such as Customer Premise Equipment (CPE) devices.
摘要翻译：有线网络中使用可扩展的认证框架，如电缆数据服务接口规范（DOCSIS）电缆网络。认证方案允许对电缆调制解调器进行集中认证，以及电缆调制解调器对有线网络的认证。此外，认证方案允许有线调制解调器终端系统（CMTS）认证电缆调制解调器（如客户端设备（CPE））设备下游的设备。

10. 发明申请

US20110066855A1 AUTHENTICATION FOR DEVICES LOCATED IN CABLE NETWORKS 有权
标题翻译：电缆网络中设备的认证
公开(公告)号：US20110066855A1
公开(公告)日：2011-03-17
申请号：US12951285
申请日：2010-11-22
申请人： Shengyou Zeng , Jason Frazier , Joshua B. Littlefield , Joseph A. Salowey
发明人： Shengyou Zeng , Jason Frazier , Joshua B. Littlefield , Joseph A. Salowey
IPC分类号： H04L9/32 , G06F21/00 , H04L12/56
CPC分类号： H04L63/0892 , H04L63/062 , H04L63/0823 , H04L63/0869 , H04L63/162
摘要： An extensible authentication framework is used in cable networks such as Data Over Cable Service Interface Specification (DOCSIS) cable networks. The authentication scheme allows for centralized authentication of cable modems, as well as authentication of the cable network by cable modems. Additionally, the authentication scheme allows a Cable Modem Termination System (CMTS) to authenticate devices downstream from cable modems, such as Customer Premise Equipment (CPE) devices.
摘要翻译：有线网络中使用可扩展的认证框架，如电缆数据服务接口规范（DOCSIS）电缆网络。认证方案允许对电缆调制解调器进行集中认证，以及电缆调制解调器对有线网络的认证。此外，认证方案允许有线调制解调器终端系统（CMTS）认证电缆调制解调器（如客户端设备（CPE））设备下游的设备。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式