专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20050055434A1 Method for access by server-side components using unsupported communication protocols through passthrough mechanism 有权
标题翻译：使用不支持的通信协议通过直通机制访问服务器端组件的方法
公开(公告)号：US20050055434A1
公开(公告)日：2005-03-10
申请号：US10655368
申请日：2003-09-04
申请人： Warwick Burrows , Guenter Karioth , Anthony Moran , Birgit Pfitzmann , Matthias Schunter , Brian Turner
发明人： Warwick Burrows , Guenter Karioth , Anthony Moran , Birgit Pfitzmann , Matthias Schunter , Brian Turner
IPC分类号： H04L29/06 , H04L29/08 , G06F15/173
CPC分类号： H04L67/14 , H04L63/08 , H04L67/02 , H04L67/327
摘要： A method is presented for obtaining information from a client for the benefit of a server using a particular communication protocol that the server does not implement. A primary server receives a client-generated request, and the primary server sends a first request to a secondary server as part of the processing of the client-generated request. While processing the first request, the secondary server determines a need for data obtainable from a client application that supports user interaction using a communication protocol for which the secondary server is not configured to implement. The secondary server sends a second request to the primary server for obtaining data that results from using the communication protocol. The secondary server subsequently receives the resulting data and continues to process the first request using the resulting data, after which the secondary server returns a response for the first request to the primary server.
摘要翻译：提出了一种用于从服务器获取信息以利用服务器不实现的特定通信协议的服务器的方法。主服务器接收客户端生成的请求，主服务器作为处理客户端生成的请求的一部分向第二个服务器发送第一个请求。在处理第一请求时，辅助服务器确定需要使用辅助服务器未被配置为实现的通信协议从支持用户交互的客户端应用获得的数据。辅助服务器向主服务器发送第二个请求，以获取使用通信协议产生的数据。次服务器随后接收所得到的数据，并使用所得到的数据继续处理第一请求，之后辅助服务器向主服务器返回对第一请求的响应。

2. 发明申请

US20080294480A1 Creating a privacy policy from a process model and verifying the compliance 审中-公开
标题翻译：从过程模型创建隐私策略并验证合规性
公开(公告)号：US20080294480A1
公开(公告)日：2008-11-27
申请号：US12186257
申请日：2008-08-05
申请人： Michael Backes , Guenter Karioth , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
发明人： Michael Backes , Guenter Karioth , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
IPC分类号： G06Q10/00
CPC分类号： G06Q10/06 , G06Q10/063
摘要： The present invention provides methods and apparatus for creating a privacy policy from a process model, and methods and apparatus for checking the compliance of a privacy policy. An example of a method for creating a privacy policy from a process model according to the invention comprises the following steps. First, a task from the process model is chosen. Then one or more of the elements role, data, purpose, action, obligation, and condition are gathered from the task and a rule is build up by means of these elements. Finally the rule is added to the privacy policy.
摘要翻译：本发明提供了用于从过程模型创建隐私策略的方法和装置，以及用于检查隐私策略的合规性的方法和装置。根据本发明的用于从过程模型创建隐私策略的方法的示例包括以下步骤。首先，选择过程模型的任务。然后，从任务中收集一个或多个元素的角色，数据，目的，行为，义务和条件，并通过这些元素建立规则。最后将规则添加到隐私政策中。

3. 发明授权

US07685300B2 Method for access by server-side components using unsupported communication protocols through passthrough mechanism 有权
标题翻译：使用不支持的通信协议通过直通机制访问服务器端组件的方法
公开(公告)号：US07685300B2
公开(公告)日：2010-03-23
申请号：US10655368
申请日：2003-09-04
申请人： Warwick Leslie Burrows , Guenter Karioth , Birgit Monika Pfitzmann , Matthias Schunter , Anthony Scott Moran , Brian James Turner
发明人： Warwick Leslie Burrows , Guenter Karioth , Birgit Monika Pfitzmann , Matthias Schunter , Anthony Scott Moran , Brian James Turner
IPC分类号： G06F15/16
CPC分类号： H04L67/14 , H04L63/08 , H04L67/02 , H04L67/327
摘要： A method is presented for obtaining information from a client for the benefit of a server using a particular communication protocol that the server does not implement. A primary server receives a client-generated request, and the primary server sends a first request to a secondary server as part of the processing of the client-generated request. While processing the first request, the secondary server determines a need for data obtainable from a client application that supports user interaction using a communication protocol for which the secondary server is not configured to implement. The secondary server sends a second request to the primary server for obtaining data that results from using the communication protocol. The secondary server subsequently receives the resulting data and continues to process the first request using the resulting data, after which the secondary server returns a response for the first request to the primary server.
摘要翻译：提出了一种用于从服务器获取信息以利用服务器不实现的特定通信协议的服务器的方法。主服务器接收客户端生成的请求，主服务器作为处理客户端生成的请求的一部分向第二个服务器发送第一个请求。在处理第一请求时，辅助服务器确定需要使用辅助服务器未被配置为实现的通信协议从支持用户交互的客户端应用获得的数据。辅助服务器向主服务器发送第二个请求，以获取使用通信协议产生的数据。次服务器随后接收所得到的数据，并使用所得到的数据继续处理第一请求，之后辅助服务器向主服务器返回对第一请求的响应。

4. 发明申请

US20060184995A1 Creating a privacy policy from a process model and verifying the compliance 审中-公开
标题翻译：从过程模型创建隐私策略并验证合规性
公开(公告)号：US20060184995A1
公开(公告)日：2006-08-17
申请号：US11317396
申请日：2005-12-22
申请人： Michael Backes , Guenter Karjoth , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
发明人： Michael Backes , Guenter Karjoth , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
IPC分类号： H04L9/00
CPC分类号： G06Q10/06 , G06Q10/063
摘要： The present invention provides methods and apparatus for creating a privacy policy from a process model, and methods and apparatus for checking the compliance of a privacy policy. An example of a method for creating a privacy policy from a process model according to the invention comprises the following steps. First, a task from the process model is chosen. Then one or more of the elements role, data, purpose, action, obligation, and condition are gathered from the task and a rule is build up by means of these elements. Finally the rule is added to the privacy policy.
摘要翻译：本发明提供了用于从过程模型创建隐私策略的方法和装置，以及用于检查隐私策略的合规性的方法和装置。根据本发明的用于从过程模型创建隐私策略的方法的示例包括以下步骤。首先，选择过程模型的任务。然后，从任务中收集一个或多个元素的角色，数据，目的，行为，义务和条件，并通过这些元素建立规则。最后将规则添加到隐私政策中。

5. 发明申请

US20050289340A1 Reducing access to sensitive information 失效
标题翻译：减少访问敏感信息
公开(公告)号：US20050289340A1
公开(公告)日：2005-12-29
申请号：US10874421
申请日：2004-06-23
申请人： Jan Camenisch , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
发明人： Jan Camenisch , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
IPC分类号： G06F21/00 , H04L9/00
CPC分类号： G06F21/6245
摘要： Method, system, and storage medium for reducing or minimizing access to sensitive information. A method includes identifying processes and data associated with a computer system and classifying each of the data as one of either sensitive information or non-sensitive information. The sensitive information includes at least one of: data that is personal to an individual, confidential data, and data that is legally subject to conditions of restricted use. For each of the processes the method includes selecting a process and a sensitive data item, modifying the sensitive data item, analyzing the behavior of at least the selected process, and preventing access of the sensitive data item by the selected process if, as a result of the analyzing, the sensitive data item is determined not to be needed by the selected process.
摘要翻译：用于减少或最小化敏感信息访问的方法，系统和存储介质。一种方法包括识别与计算机系统相关联的过程和数据，并将每个数据分类为敏感信息或非敏感信息之一。敏感信息包括以下至少一项：对个人个人的数据，机密数据和法律上受限于使用条件的数据。对于每个过程，该方法包括选择过程和敏感数据项，修改敏感数据项，分析至少所选过程的行为，以及如果结果，则阻止敏感数据项的访问。在分析的情况下，敏感数据项被确定为所选择的处理不需要。

6. 发明申请

US20050044409A1 Implementation and use of a PII data access control facility employing personally identifying information labels and purpose serving functions sets 有权
标题翻译：实施和使用使用个人识别信息标签和目的服务功能集的PII数据访问控制设施
公开(公告)号：US20050044409A1
公开(公告)日：2005-02-24
申请号：US10643798
申请日：2003-08-19
申请人： Linda Betz , John Dayka , Walter Farrell , Richard Guski , Guenter Karjoth , Mark Nelson , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
发明人： Linda Betz , John Dayka , Walter Farrell , Richard Guski , Guenter Karjoth , Mark Nelson , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
IPC分类号： G06F21/00 , G06F15/16
CPC分类号： G06F21/629 , G06F21/6245 , G06F2221/2101 , G06F2221/2113 , G06F2221/2141 , G06F2221/2149
摘要： A data access control facility is implemented by assigning personally identifying information (PII) classification labels to PII data objects, with each PII data object having one PII classification label assigned thereto. The control facility further includes at least one PII purpose serving function set (PSFS) comprising a list of application functions that read or write PII data objects. Each PII PSFS is also assigned a PII classification label. A PII data object is accessible via an application function of a PII PSFS having a PII classification label that is identical to or dominant of the PII classification label of the PII object. A user of the control facility is assigned a PII clearance set which contains a list of at least one PII classification label, which is employed in determining whether the user is entitled to access a particular function.
摘要翻译：通过将个人识别信息（PII）分类标签分配给PII数据对象来实现数据访问控制设施，每个PII数据对象分配有一个PII分类标签。控制设备还包括至少一个PII目的服务功能集（PSFS），其包括读或写PII数据对象的应用功能列表。每个PII PSFS也被分配了一个PII分类标签。 PII数据对象可通过具有与PII对象的PII分类标签相同或占优势的PII分类标签的PII PSFS的应用功能来访问。控制设备的用户被分配有PII间隙组，其包含至少一个PII分类标签的列表，该列表用于确定用户是否有权访问特定功能。

7. 发明申请

US20070250913A1 IMPLEMENTATION AND USE OF PII DATA ACCESS CONTROL FACILITY EMPLOYING PERSONALLY IDENTIFYING INFORMATION LABELS AND PURPOSE SERVING FUNCTION SETS 有权
标题翻译：使用个人识别信息标签和目的服务功能集的PII数据访问控制设施的实施和使用
公开(公告)号：US20070250913A1
公开(公告)日：2007-10-25
申请号：US11764487
申请日：2007-06-18
申请人： Linda Betz , John Dayka , Walter Farrell , Richard Guski , Guenter Karjoth , Mark Nelson , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
发明人： Linda Betz , John Dayka , Walter Farrell , Richard Guski , Guenter Karjoth , Mark Nelson , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
IPC分类号： G06F15/16
CPC分类号： G06F21/629 , G06F21/6245 , G06F2221/2101 , G06F2221/2113 , G06F2221/2141 , G06F2221/2149
摘要： A data access control facility is implemented by assigning personally identifying information (PII) classification labels to PII data objects, with each PII data object having one PII classification label assigned thereto. The control facility further includes at least one PII purpose serving function set (PSFS) comprising a list of application functions that read or write PII data objects. Each PII PSFS is also assigned a PII classification label. A PII data object is accessible via an application function of a PII PSFS having a PII classification label that is identical to or dominant of the PII classification label of the PII object. A user of the control facility is assigned a PII clearance set which contains a list of at least one PII classification label, which is employed in determining whether the user is entitled to access a particular function.
摘要翻译：通过将个人识别信息（PII）分类标签分配给PII数据对象来实现数据访问控制设施，每个PII数据对象分配有一个PII分类标签。控制设备还包括至少一个PII目的服务功能集（PSFS），其包括读或写PII数据对象的应用功能列表。每个PII PSFS也被分配了一个PII分类标签。 PII数据对象可通过具有与PII对象的PII分类标签相同或占优势的PII分类标签的PII PSFS的应用功能来访问。控制设备的用户被分配有PII间隙组，其包含至少一个PII分类标签的列表，该列表用于确定用户是否有权访问特定功能。

8. 发明申请

US20050004913A1 Dynamic access decision information module 失效
标题翻译：动态访问决策信息模块
公开(公告)号：US20050004913A1
公开(公告)日：2005-01-06
申请号：US10612703
申请日：2003-07-02
申请人： Thomas Gross , Brook Lovatt , Anthony Moran , Matthias Schunter
发明人： Thomas Gross , Brook Lovatt , Anthony Moran , Matthias Schunter
IPC分类号： G06F7/00 , G06Q10/00 , G06Q30/00 , H04L29/06
CPC分类号： G06Q10/10 , G06Q30/02 , H04L29/06 , H04L67/42 , Y10S707/99933 , Y10S707/99934 , Y10S707/99935
摘要： A dynamic information retrieval service is provided that can be configured to retrieve entitlement information from a plurality of providers. Any application that requires entitlement data may make a request for that information to the dynamic information retrieval service using a single standard interface. A request includes information describing the identity of the user and a list of names representing the entitlement data that are required. The dynamic information retrieval service determines the appropriate provider for the entitlement information, retrieves the entitlement data, and returns the requested entitlement data to the application. The dynamic information retrieval service may also cache the entitlement data. The dynamic information retrieval service may process requests requiring several distinct items of entitlement data to be retrieved in parallel. Therefore, applications may send a single request for entitlement data for a single user, but for several providers.
摘要翻译：提供了动态信息检索服务，其可被配置为从多个提供者检索授权信息。任何需要授权数据的应用程序都可以使用单一标准接口向动态信息检索服务发出该信息的请求。请求包括描述用户身份的信息和表示所需权利资料的名称列表。动态信息检索服务确定授权信息的适当提供者，检索授权数据，并将所请求的授权数据返回给应用。动态信息检索服务还可以缓存授权数据。动态信息检索服务可以处理需要并行检索的几个不同的授权数据项目的请求。因此，应用程序可以发送单个用户的授权数据的单个请求，但是对于多个提供者。

9. 发明授权

US08689007B2 Integrity protection in data processing systems 失效
标题翻译：数据处理系统中的完整性保护
公开(公告)号：US08689007B2
公开(公告)日：2014-04-01
申请号：US12054860
申请日：2008-03-25
申请人： Matthias Schunter , Axel Tanner , Bernhard Jansen
发明人： Matthias Schunter , Axel Tanner , Bernhard Jansen
IPC分类号： G06F21/00
CPC分类号： G06F12/145 , G06F12/1491 , G06F21/64 , G06F21/79
摘要： A method for protecting the integrity of a set of memory pages to be accessed by an operating system of a data processing system, includes running the operating system in a virtual machine (VM) of the data processing system; verifying the integrity of the set of memory pages on loading of pages in the set to a memory of the data processing system for access by the operating system; in response to verification of the integrity, designating the set of memory pages as trusted pages and, in a page table to be used by the operating system during the access, marking non-trusted pages as paged; and in response to a subsequent page fault interrupt for a non-trusted page, remapping the set of pages to a region of the data processing system memory which is inaccessible to the virtual machine.
摘要翻译：一种用于保护由数据处理系统的操作系统访问的一组存储器页面的完整性的方法，包括在所述数据处理系统的虚拟机（VM）中运行所述操作系统; 验证所述集合中的页面的集合在所述数据处理系统的存储器中的操作系统的存取的完整性; 响应于完整性的验证，将存储器页面集合指定为可信页面，并且在操作系统在访问期间使用的页表中将不可信页面标记为分页; 并且响应于不可信页面的后续页面错误中断，将该组页面重新映射到数据处理系统存储器的该虚拟机不可访问的区域。

10. 发明授权

US08276201B2 Integrity protection in data processing systems 失效
标题翻译：数据处理系统中的完整性保护
公开(公告)号：US08276201B2
公开(公告)日：2012-09-25
申请号：US12020612
申请日：2008-01-28
申请人： Matthias Schunter , Axel Tanner , Bernhard Jansen
发明人： Matthias Schunter , Axel Tanner , Bernhard Jansen
IPC分类号： G06F21/00
CPC分类号： G06F12/145 , G06F12/1491 , G06F21/64 , G06F21/79
摘要： A method for protecting the integrity of a set of memory pages to be accessed by an operating system of a data processing system, includes running the operating system in a virtual machine (VM) of the data processing system; verifying the integrity of the set of memory pages on loading of pages in the set to a memory of the data processing system for access by the operating system; in response to verification of the integrity, designating the set of memory pages as trusted pages and, in a page table to be used by the operating system during the access, marking non-trusted pages as paged; and in response to a subsequent page fault interrupt for a non-trusted page, remapping the set of pages to a region of the data processing system memory which is inaccessible to the virtual machine.
摘要翻译：一种用于保护由数据处理系统的操作系统访问的一组存储器页面的完整性的方法，包括在所述数据处理系统的虚拟机（VM）中运行所述操作系统; 验证所述集合中的页面的集合在所述数据处理系统的存储器中的操作系统的存取的完整性; 响应于完整性的验证，将存储器页面集合指定为可信页面，并且在操作系统在访问期间使用的页表中将不可信页面标记为分页; 并且响应于不可信页面的后续页面错误中断，将该组页面重新映射到数据处理系统存储器的该虚拟机不可访问的区域。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式