中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

13 records (took 0.016 seconds)

    Tunneling session detection to provide single-sign on (SSO) functionality for a VPN gateway
    1.
    发明授权
    Tunneling session detection to provide single-sign on (SSO) functionality for a VPN gateway 有权
    隧道会话检测,为VPN网关提供单点登录(SSO)功能

    公开(公告)号:US08776209B1

    公开(公告)日:2014-07-08

    申请号:US13416786

    申请日:2012-03-09

    Applicant: Kartik Kumar Ankur Agrawal Roger A. Chickering James Wood Vamsi K. Anne

    Inventor: Kartik Kumar Ankur Agrawal Roger A. Chickering James Wood Vamsi K. Anne

    IPC: H04L29/06 G06F21/00

    CPC classification number: H04L63/0815 G06F21/31 H04L63/0272

    Abstract: A VPN gateway is described that provides single sign-on (SSO) functionality with respect to remote users who have established tunneling sessions with the VPN gateway and who attempt to access a protected resource. The VPN gateway may receive, from a client device, a security assertion request that includes a request for a security assertion to be made by the VPN gateway with respect to a user of a private network associated with the VPN gateway, determine whether the security assertion request was received via a tunneling session established for the user between the client device and the VPN gateway, and issue a security assertion for the user in response to determining that the security assertion request was received via the tunneling session. In this way, a VPN gateway may act as an SSO identity provider for users that have an established tunneling session with the gateway.

    Abstract translation: 描述了一种VPN网关,其针对已经与VPN网关建立隧道会话以及尝试访问受保护资源的远程用户提供单点登录(SSO)功能。 VPN网关可以从客户端设备接收安全断言请求,该安全断言请求包括关于VPN网关对与VPN网关相关联的专用网络的用户进行安全断言的请求,确定安全性断言 通过在客户端设备和VPN网关之间为用户建立的隧道会话接收到请求,并且响应于确定通过隧道会话接收到安全断言请求,为用户发出安全断言。 以这种方式,VPN网关可以作为与网关建立隧道会话的用户的SSO身份提供者。

    Virtual single sign-on for certificate-protected resources
    2.
    发明授权
    Virtual single sign-on for certificate-protected resources 有权
    用于证书保护资源的虚拟单点登录

    公开(公告)号:US08549300B1

    公开(公告)日:2013-10-01

    申请号:US12711094

    申请日:2010-02-23

    Applicant: Kartik Kumar James Wood

    Inventor: Kartik Kumar James Wood

    IPC: H04L9/32 H04L29/06 G06F7/04 G06F17/00 G06F12/14

    CPC classification number: H04L9/3247 H04L9/3263 H04L63/0272 H04L63/0815 H04L63/0823 H04L63/0884

    Abstract: In general, the invention is directed to techniques for enabling single sign-on (SSO) for a client seeking access to multiple resources protected by a certificate-based authentication scheme. For example, as described herein, a secure gateway comprises a certificate repository to store a digital certificate as well as a policy that includes one or more policy rules. A network interface of the secure gateway receives a message from a client device, wherein the message comprises a request to access a protected resource and an identifier for the requesting agent. The secure gateway also comprises a resource authentication module to map the identifier and the protected resource to the digital certificate based on the policy. The resource authentication module retrieves the digital certificate from the certificate repository and sends the digital certificate to the protected resource to authenticate the secure gateway to the protected resource.

    Abstract translation: 通常,本发明涉及用于对寻求对由基于证书的认证方案保护的多个资源的访问的客户端的单点登录(SSO)的技术。 例如,如本文所述,安全网关包括用于存储数字证书的证书存储库以及包括一个或多个策略规则的策略。 安全网关的网络接口从客户端设备接收消息,其中消息包括访问受保护资源的请求和请求代理的标识符。 安全网关还包括资源认证模块,用于基于策略将标识符和受保护资源映射到数字证书。 资源认证模块从证书存储库中检索数字证书,并将数字证书发送到受保护的资源,以认证到受保护资源的安全网关。

    Dynamic resource allocation in virtual environments
    3.
    发明授权
    Dynamic resource allocation in virtual environments 有权
    虚拟环境中的动态资源分配

    公开(公告)号:US08429276B1

    公开(公告)日:2013-04-23

    申请号:US12911337

    申请日:2010-10-25

    Applicant: Kartik Kumar Chandrasekaran Rajagopalan

    Inventor: Kartik Kumar Chandrasekaran Rajagopalan

    IPC: G06F15/173

    CPC classification number: G06F9/5005 G06F9/45533 G06F9/5077

    Abstract: In general, techniques are described for dynamic resource allocation in virtual environments. A network device comprising physical resources, a first virtual machine (VM), a second VM and a hypervisor may implement these techniques. The first VM executes within a first partition of the physical resources to process a first portion of received network traffic, while the second MV executes within a second partition of the physical resources to process a second portion of the received network traffic. The first VM determines whether physical resources in addition to those allocated by way of the first partition are required to process the incoming network traffic and issues a request requesting additional physical resources based on the determination. Either the second VM or the hypervisor, in response to the request, dynamically reallocates at least a portion of the physical resources allocated to the second partition to the first partition.

    Abstract translation: 一般来说,描述了虚拟环境中动态资源分配的技术。 包括物理资源,第一虚拟机(VM),第二VM和管理程序的网络设备可以实现这些技术。 第一VM在物理资源的第一分区内执行以处理接收的网络业务的第一部分,而第二MV在物理资源的第二分区内执行以处理所接收的网络业务的第二部分。 物理资源除了通过第一分区分配的物理资源之外还需要处理传入的网络流量,并根据该确定发出请求额外的物理资源的请求。 无论是第二VM还是管理程序,响应于该请求,动态地将分配给第二分区的物理资源的至少一部分重新分配给第一分区。

    Method and system for managing clustered and non-clustered storage systems
    4.
    发明授权
    Method and system for managing clustered and non-clustered storage systems 有权
    用于管理群集和非群集存储系统的方法和系统

    公开(公告)号:US08051113B1

    公开(公告)日:2011-11-01

    申请号:US12561592

    申请日:2009-09-17

    Applicant: Raja Shekar Ravindra Kumar Kartik Kumar

    Inventor: Raja Shekar Ravindra Kumar Kartik Kumar

    IPC: G06F17/30

    CPC classification number: G06F17/30067 H04L12/1435 H04L41/12 H04L41/22 H04L43/0817 H04L67/1097

    Abstract: Method and system for managing a storage environment having a cluster based storage system and a non-cluster based storage system is provided. A management application collects information regarding components of both the cluster based storage system and the non-cluster based storage system. A layout having a plurality of data structures is generated and maintained by the management application. The data structures include information regarding the components and their relationships with each other, if any. The layout is used for responding to user requests and presenting an integrated view of the storage environment on a display device with selectable options for selecting the cluster based storage system components and the non-cluster based storage system components.

    Abstract translation: 提供了一种用于管理具有基于群集的存储系统和基于非群集的存储系统的存储环境的方法和系统。 管理应用程序收集有关基于群集的存储系统和基于非群集的存储系统的组件的信息。 具有多个数据结构的布局由管理应用程序生成和维护。 数据结构包括关于组件及其彼此之间的关系的信息(如果有的话)。 该布局用于响应用户请求,并在显示设备上呈现存储环境的集成视图,其具有用于选择基于群集的存储系统组件和基于非群集的存储系统组件的可选择选项。

    Method and system for managing clustered and non-clustered storage systems
    7.
    发明授权
    Method and system for managing clustered and non-clustered storage systems 有权
    用于管理群集和非群集存储系统的方法和系统

    公开(公告)号:US08271556B1

    公开(公告)日:2012-09-18

    申请号:US13241000

    申请日:2011-09-22

    Applicant: Raja Shekar Ravindra Kumar Kartik Kumar

    Inventor: Raja Shekar Ravindra Kumar Kartik Kumar

    IPC: G06F17/30 G06F12/00

    CPC classification number: G06F17/30067 H04L12/1435 H04L41/12 H04L41/22 H04L43/0817 H04L67/1097

    Abstract: Method and system for managing a storage environment having a cluster based storage system and a non-cluster based storage system is provided. A management application collects information regarding components of both the cluster based storage system and the non-cluster based storage system. A layout having a plurality of data structures is generated and maintained by the management application. The data structures include information regarding the components and their relationships with each other, if any. The layout is used for responding to user requests and presenting an integrated view of the storage environment on a display device with selectable options for selecting the cluster based storage system components and the non-cluster based storage system components.

    Abstract translation: 提供了一种用于管理具有基于群集的存储系统和基于非群集的存储系统的存储环境的方法和系统。 管理应用程序收集有关基于群集的存储系统和基于非群集的存储系统的组件的信息。 具有多个数据结构的布局由管理应用程序生成和维护。 数据结构包括关于组件及其彼此之间的关系的信息(如果有的话)。 该布局用于响应用户请求,并在显示设备上呈现存储环境的集成视图,其具有用于选择基于群集的存储系统组件和基于非群集的存储系统组件的可选择选项。

    System and method for administration of virtual servers
    8.
    发明授权
    System and method for administration of virtual servers 有权
    用于管理虚拟服务器的系统和方法

    公开(公告)号:US08190641B2

    公开(公告)日:2012-05-29

    申请号:US11845456

    申请日:2007-08-27

    Applicant: Senthilkumar Ponnappan Hemanth Pannem Kartik Kumar Shailaja Kamila Anshu Surana

    Inventor: Senthilkumar Ponnappan Hemanth Pannem Kartik Kumar Shailaja Kamila Anshu Surana

    IPC: G06F17/30

    CPC classification number: G06F17/30067

    Abstract: A system and method administers virtual servers executing on one or more physical storage systems. One or more virtual servers are created and associated with a management group. An administrator is then granted permissions to the group. Upon logging into management software, only information relating to the virtual servers associated with the group are displayed to the administrator, thereby limiting access to information related to other virtual servers and/or physical storage systems.

    Abstract translation: 系统和方法管理在一个或多个物理存储系统上执行的虚拟服务器。 创建一个或多个虚拟服务器并与管理组关联。 然后,管理员将被授予该组的权限。 在登录到管理软件中时,仅向管理员显示与该组相关联的虚拟服务器的信息,从而限制对与其他虚拟服务器和/或物理存储系统相关的信息的访问。

    De-Centralization Of Group Administration Authority
    9.
    发明申请
    De-Centralization Of Group Administration Authority 有权
    集体行政权力集中化

    公开(公告)号:US20090055901A1

    公开(公告)日:2009-02-26

    申请号:US11963646

    申请日:2007-12-21

    Applicant: Kartik Kumar James Hartwell Holl, II Anshu U. Surana Ravindra Kumar

    Inventor: Kartik Kumar James Hartwell Holl, II Anshu U. Surana Ravindra Kumar

    IPC: H04L9/32

    CPC classification number: H04L63/20 G06F21/604 H04L63/105

    Abstract: An embodiment of a network manager permits a resource group administrator (with resource group level permissions but without global permissions) to add a global object to his/her resource group as a managed object, without requiring the administrator to have a global permission, as discussed further below. An embodiment of the network manager permits a resource group administrator to also edit the configuration settings that are attached to his/her resource group without requiring the administrator to have a global permission.

    Abstract translation: 网络管理员的一个实施例允许资源组管理员(具有资源组级别权限,但没有全局权限)将全局对象添加到他/她的资源组作为被管理对象,而不要求管理员具有全局权限,如所讨论的 进一步在下面。 网络管理员的一个实施例允许资源组管理员还编辑附加到他/她的资源组的配置设置,而不需要管理员具有全局权限。

Patent Agency Ranking