公开(公告)号：US20050044423A1

公开(公告)日：2005-02-24

申请号：US10943090

申请日：2004-09-16

申请人： Joseph Mellmer ,  Russell Young ,  Arn Perkins ,  John Robertson ,  Jeffrey Sabin ,  Michael McDonald ,  Douglas Phillips ,  Robert Sheridan ,  Nadeem Nazeer ,  DeeAnne Higley ,  Stephen Carter ,  Douglas Earl ,  Kelly Sonderegger ,  Daniel Ferguson ,  Farrell Brough

发明人： Joseph Mellmer ,  Russell Young ,  Arn Perkins ,  John Robertson ,  Jeffrey Sabin ,  Michael McDonald ,  Douglas Phillips ,  Robert Sheridan ,  Nadeem Nazeer ,  DeeAnne Higley ,  Stephen Carter ,  Douglas Earl ,  Kelly Sonderegger ,  Daniel Ferguson ,  Farrell Brough

IPC分类号： G06F15/16 ,  G06F21/00 ,  H04L29/06

CPC分类号： G06F21/31 ,  G06F21/41 ,  G06F21/604 ,  G06F21/6245 ,  H04L63/104

摘要： A basic architecture for managing digital identity information in a network such as the World Wide Web is provided. A user of the architecture can organize his or her information into one or more profiles which reflect the nature of different relationships between the user and other entities, and grant or deny each entity access to a given profile. Various enhancements which may be provided through the architecture are also described, including tools for filtering email, controlling access to user web pages, locating other users and making one's own location known, browsing or mailing anonymously, filling in web forms automatically with information already provided once by hand, logging in automatically, securely logging in to multiple sites with a single password and doing so from any machine on the network, and other enhancements.

摘要翻译： 提供了一种在万维网等网络中管理数字身份信息的基础架构。 架构的用户可以将他或她的信息组织成一个或多个简档，其反映用户和其他实体之间的不同关系的性质，并且授予或拒绝每个实体访问给定的简档。 还描述了可以通过架构提供的各种增强功能，包括用于过滤电子邮件的工具，控制对用户网页的访问，定位其他用户，使自己的位置已知，浏览或匿名邮寄，自动填写已经提供的信息的Web表单 一次手动登录，自动登录，使用单一密码安全登录多个站点，并从网络上的任何机器进行此操作，以及其他增强功能。

公开(公告)号：US20050172116A1

公开(公告)日：2005-08-04

申请号：US10770677

申请日：2004-02-03

申请人： Lloyd Burch ,  Douglas Earl ,  Stephen Carter

发明人： Lloyd Burch ,  Douglas Earl ,  Stephen Carter

IPC分类号： G06F1/00 ,  H04L9/00

CPC分类号： G06F21/41 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/20

摘要： Techniques are provided for dynamically establishing and managing trust relationships. A first principal initially requests a community list. The community list includes identities of one or more second principals with which the first principal can establish trusted relationships with. The community list is associated with a trust specification. The trust specification defines the policies and access rights associated with interactions between the first principal and the second principals during any active trusted relationships. The first principal can dynamically subdivide, manage, and modify entries of the community list and the trust specification, assuming any such modifications are permissible according to global contracts and policies associated with the first principal.

摘要翻译： 提供了动态建立和管理信任关系的技术。 第一位校长最初要求社区名单。 社区列表包括一个或多个第二主体的身份，第一个主体可以与之建立信任关系。 社区列表与信任规范相关联。 信任规范定义了在任何主动信任关系期间与第一主体和第二主体之间的交互相关联的策略和访问权限。 假设根据与第一主体相关的全球合同和政策允许的任何此类修改，第一委员可以动态细分，管理和修改社区列表和信任规范的条目。

公开(公告)号：US20070124820A1

公开(公告)日：2007-05-31

申请号：US11290971

申请日：2005-11-30

申请人： Lloyd Burch ,  Stephen Carter ,  Douglas Earl

发明人： Lloyd Burch ,  Stephen Carter ,  Douglas Earl

IPC分类号： H04N7/16

CPC分类号： H04L63/0807 ,  G06F21/31 ,  G06F21/552 ,  G06F21/6263

摘要： Techniques are provided for preserving and managing identities within an audit log. Initial entries into a log do not include an explicit and direct reference to an agent that performs a transaction; rather, the agent acquires a temporary transaction identity for the transaction and an indirect reference to the transaction identity is written to the log while the transaction is pending. Once the transaction completes a direct reference to the transaction identity is written to the log, the identity of agent remains transparent until the identity of the agent expires, if at all.

摘要翻译： 提供了在审核日志中保存和管理身份的技术。 日志中的初始条目不包括对执行事务的代理的显式和直接引用; 相反，代理获取事务的临时事务标识，并且在事务处于待处理状态时，将对事务标识的间接引用写入日志。 一旦事务完成，对事务身份的直接引用将被写入日志，代理的身份将保持透明，直到代理的身份到期为止（如果有的话）。

公开(公告)号：US20060059565A1

公开(公告)日：2006-03-16

申请号：US10927553

申请日：2004-08-26

申请人： Tammy Green ,  Lloyd Burch ,  Stephen Carter ,  Douglas Earl

发明人： Tammy Green ,  Lloyd Burch ,  Stephen Carter ,  Douglas Earl

IPC分类号： H04L9/32

CPC分类号： H04L63/0823 ,  G06F9/50 ,  G06F9/5044 ,  H04L47/15 ,  H04L47/70 ,  H04L47/808 ,  H04L47/822 ,  H04L63/10

摘要： Techniques are provided for allocating resources over a network. A resource consumer requests access to a resource over a network. As part of that request, the resource consumer acquires information that permits it to securely communicate with a resource provider. The resource provider controls the resource and once satisfied with the security of a request from a resource consumer allocates the resource for access by the resource consumer.

摘要翻译： 提供了通过网络分配资源的技术。 资源消费者请求通过网络访问资源。 作为该请求的一部分，资源消费者获取允许其与资源提供商安全通信的信息。 资源提供者控制资源，一旦满足来自资源消费者的请求的安全性，就分配资源以供资源消费者访问。

公开(公告)号：US20070294750A1

公开(公告)日：2007-12-20

申请号：US11844532

申请日：2007-08-24

申请人： Lloyd Burch ,  Douglas Earl ,  Stephen Carter ,  Robert Ward

发明人： Lloyd Burch ,  Douglas Earl ,  Stephen Carter ,  Robert Ward

IPC分类号： G06F7/04

CPC分类号： H04L63/0815 ,  G06Q40/04

摘要： Techniques are provided for dynamically establishing and managing authentication and trust relationships. An identity service acquires and evaluates contracts associated with relationships between principals. The contracts permit the identity service to assemble authentication information, aggregated attributes, and aggregated policies which will drive and define the various relationships. That assembled information is consumed by the principals during interactions with one another and constrains those interactions. In some embodiments, the constraints are dynamically modified during on-going interactions between the principals.

摘要翻译： 提供了动态建立和管理认证和信任关系的技术。 身份服务获取和评估与校长之间关系相关的合同。 合同允许身份服务组合认证信息，聚合属性和聚合策略，以驱动和定义各种关系。 这些组合信息在彼此交互过程中由主体消耗，并限制这些交互。 在一些实施例中，约束在主体之间的持续交互期间被动态修改。

公开(公告)号：US20050171872A1

公开(公告)日：2005-08-04

申请号：US10767884

申请日：2004-01-29

申请人： Lloyd Leon Burch ,  Douglas Earl ,  Stephen Carter

发明人： Lloyd Leon Burch ,  Douglas Earl ,  Stephen Carter

IPC分类号： G06F1/00 ,  G06F17/60

CPC分类号： H04L63/0815 ,  G06F17/30575 ,  G06Q10/0875 ,  H04L67/10 ,  H04L67/1095

摘要： Techniques are provided for establishing and managing a distributed credential store. An identity service aggregates identity information from one or more identity stores and maintains the information as a remote credential store. Initially, the remote credential store, or portions thereof, is transmitted to a principal service as an initial configuration of a local credential store. A principal interacts with the principal service for defining or modifying a policy that identifies portions of the remote credential store which are to be synchronized with the local credential store. In some embodiments, the principal interacts with the principal service for defining a local policy that identifies portions of the local credential store which are not synchronized with the remote credential store. The interactions between the credential stores are trusted and secured.

摘要翻译： 提供了用于建立和管理分布式凭证存储的技术。 身份服务聚合来自一个或多个身份存储的身份信息，并将信息维护为远程证书存储。 最初，远程凭证存储或其部分作为本地凭证存储的初始配置被发送到主服务。 主体与主体服务进行交互以定义或修改标识将与本地凭据存储同步的远程凭证存储的部分的策略。 在一些实施例中，主体与主服务交互以定义本地策略，该局部策略标识不与远程凭证存储同步的本地凭证存储的部分。 证书存储之间的交互是受信任和安全的。

公开(公告)号：US07603104B2

公开(公告)日：2009-10-13

申请号：US10015996

申请日：2001-12-10

申请人： Stephen Carter ,  Gene Pitkin ,  Henry Tong

发明人： Stephen Carter ,  Gene Pitkin ,  Henry Tong

IPC分类号： H04M1/66 ,  H04M1/68 ,  H04M3/16

CPC分类号： H04M1/72519

摘要： A system of operating a wireless handset capable of making clear and secure calls is claimed. A secure call may be made by pressing a key for a predetermined amount of time. The handset enters a secure mode if the key is held for a time period greater than the predetermined amount of time. The handset enters a clear mode if the key is held for a time period less than the predetermined amount of time.

摘要翻译： 声称操作能够进行清晰和安全呼叫的无线手机的系统。 可以通过按压预定时间量来进行安全呼叫。 如果键持续一段时间大于预定的时间量，手机将进入安全模式。 如果键持续一段时间小于预定的时间，手机将进入清除模式。

公开(公告)号：US20070174406A1

公开(公告)日：2007-07-26

申请号：US11338393

申请日：2006-01-24

申请人： Cameron Morris ,  Lloyd Burch ,  Stephen Carter ,  Stephen Kinser

发明人： Cameron Morris ,  Lloyd Burch ,  Stephen Carter ,  Stephen Kinser

IPC分类号： G06F15/16

CPC分类号： G06F21/64 ,  G06F21/51 ,  G06F21/645 ,  G06F2221/2115

摘要： Techniques for attesting to content received from an author (sender) are provided. A sender's content is represented by a message digest. The message digest is signed by an identity service. The signed message digest represents an attestation as to the authenticity of the content from the sender. The sender transmits the signed message digest and content in a message to a recipient. The recipient verifies the signature and message digest to authenticate the content from the sender.

摘要翻译： 提供了证明从作者（发件人）收到的内容的技术。 发件人的内容由消息摘要表示。 消息摘要由身份服务签名。 签名的消息摘要表示来自发件人的内容的真实性的证明。 发件人将签名的消息摘要和消息中的内容发送到收件人。 收件人验证签名和消息摘要以验证发件人的内容。

公开(公告)号：US20070100835A1

公开(公告)日：2007-05-03

申请号：US11261976

申请日：2005-10-28

申请人： Stephen Carter

发明人： Stephen Carter

IPC分类号： G06F17/30

CPC分类号： G06F17/30867

摘要： Semantic identities are provided. A semantic identity is created for an agent. The semantic identity is associated with one or more categories and the categories are associated with interests. The semantic identity mines a network for information that relates to the one or more categories or the interests and packages the information for the agent's subsequent review and consumption.

摘要翻译： 提供语义身份。 为代理创建语义标识。 语义身份与一个或多个类别相关联，并且类别与兴趣相关联。 语义身份为网络提供与一个或多个类别或兴趣相关的信息，并将代码的后续审查和消费的信息打包。

公开(公告)号：US20060277595A1

公开(公告)日：2006-12-07

申请号：US11145704

申请日：2005-06-06

申请人： Stephen Kinser ,  Lloyd Burch ,  Stephen Carter

发明人： Stephen Kinser ,  Lloyd Burch ,  Stephen Carter

IPC分类号： H04L9/32

CPC分类号： G06F21/6218

摘要： Techniques for providing role-based security with instance-level granularity are provided. A security service detects a request made by a principal for access to a resource. Access to the resource is conditioned on a status of a role. The role is associated with the request, the principal, and the resource. The security service evaluates a constraint associated with the role to determine the status. The status is subsequently consumed to determine whether access to the resource for the purposes of satisfying the request is permissible.

摘要翻译： 提供了提供具有实例级粒度的基于角色的安全性的技术。 安全服务检测主体对资源的访问请求。 资源的访问取决于角色的状态。 该角色与请求，主体和资源相关联。 安全服务评估与角色相关联的约束以确定状态。 随后消耗状态以确定是否允许为了满足请求而访问资源。