公开(公告)号：US20080178272A1

公开(公告)日：2008-07-24

申请号：US11856636

申请日：2007-09-17

申请人： Vijay K. Gajjala ,  Colin H. Brace ,  Derek T. Del Conte ,  Arun K. Nanda ,  Stuart L.S. Kwan ,  Rashmi Raj ,  Vijayavani Nori

发明人： Vijay K. Gajjala ,  Colin H. Brace ,  Derek T. Del Conte ,  Arun K. Nanda ,  Stuart L.S. Kwan ,  Rashmi Raj ,  Vijayavani Nori

IPC分类号： G06F7/04

CPC分类号： H04L63/0815 ,  G06F21/33 ,  G06F21/42 ,  H04L63/104

摘要： A system and method for provisioning digital identity representations (“DIRs”) uses various techniques and structures to ease administration, increase accuracy, and decrease inconsistencies of a digital-identity provisioning system. Various methods are provided for creating new DIRs, requesting DIRs, notifying principals of available DIRs, and approving issuance of new DIRs.

摘要翻译： 用于提供数字身份表示（“DIR”）的系统和方法使用各种技术和结构来简化管理，增加准确性并减少数字身份提供系统的不一致性。 提供了各种方法来创建新的DIR，请求DIR，通知主体可用的DIR，并批准发布新的DIR。

公开(公告)号：US08087072B2

公开(公告)日：2011-12-27

申请号：US11856617

申请日：2007-09-17

申请人： Vijay K. Gajjala ,  Colin H. Brace ,  Derek T. Del Conte ,  Kim Cameron ,  Arun K. Nanda ,  Hervey O. Wilson ,  Stuart L. S. Kwan ,  Rashmi Raj ,  Vijayavani Nori

发明人： Vijay K. Gajjala ,  Colin H. Brace ,  Derek T. Del Conte ,  Kim Cameron ,  Arun K. Nanda ,  Hervey O. Wilson ,  Stuart L. S. Kwan ,  Rashmi Raj ,  Vijayavani Nori

IPC分类号： G06F21/20 ,  H04L9/32

CPC分类号： G06F21/33 ,  H04L9/3213 ,  H04L63/08 ,  H04L63/102 ,  H04L2209/56 ,  H04L2209/80

摘要： A system and method for provisioning digital identity representations (“DIRs”) uses various techniques and structures to ease administration, increase accuracy, and decrease inconsistencies of a digital-identity provisioning system. A system is provided using a common identity data store for both DIR issuance and identity token issuance, decreasing synchronization issues. Various methods are provided for creating new DIRs, notifying principals of available DIRs, and approving issuance of new DIRs.

摘要翻译： 用于提供数字身份表示（“DIR”）的系统和方法使用各种技术和结构来简化管理，增加准确性并减少数字身份提供系统的不一致性。 使用公共标识数据存储来提供系统以用于DIR发行和身份令牌发行，从而减少同步问题。 提供了各种方法来创建新的DIR，通知可用DIR的主体，并批准发布新的DIR。

公开(公告)号：US08407767B2

公开(公告)日：2013-03-26

申请号：US11856636

申请日：2007-09-17

申请人： Vijay K. Gajjala ,  Colin H. Brace ,  Derek T. Del Conte ,  Arun K. Nanda ,  Stuart L. S. Kwan ,  Rashmi Raj ,  Vijayavani Nori

发明人： Vijay K. Gajjala ,  Colin H. Brace ,  Derek T. Del Conte ,  Arun K. Nanda ,  Stuart L. S. Kwan ,  Rashmi Raj ,  Vijayavani Nori

IPC分类号： H04L29/06

CPC分类号： H04L63/0815 ,  G06F21/33 ,  G06F21/42 ,  H04L63/104

摘要： A system and method for provisioning digital identity representations (“DIRs”) uses various techniques and structures to ease administration, increase accuracy, and decrease inconsistencies of a digital-identity provisioning system. Various methods are provided for creating new DIRs, requesting DIRs, notifying principals of available DIRs, and approving issuance of new DIRs.

摘要翻译： 用于提供数字身份表示（DIR）的系统和方法使用各种技术和结构来简化管理，提高准确性并减少数字身份提供系统的不一致性。 提供了各种方法来创建新的DIR，请求DIR，通知主体可用的DIR，并批准发布新的DIR。

公开(公告)号：US20090307744A1

公开(公告)日：2009-12-10

申请号：US12135570

申请日：2008-06-09

申请人： Arun K. Nanda ,  Matthew F. Steele ,  Danver W. Hartop ,  Sriram Vasudevan ,  Edward P. Johns ,  Colin H. Brace ,  Vijay K. Gajjala

发明人： Arun K. Nanda ,  Matthew F. Steele ,  Danver W. Hartop ,  Sriram Vasudevan ,  Edward P. Johns ,  Colin H. Brace ,  Vijay K. Gajjala

IPC分类号： G06F17/00

CPC分类号： H04L63/0807 ,  G06F21/335 ,  G06F2221/2101 ,  H04L63/20

摘要： A federated identity verification system includes an identity provider that provides security tokens ultimately to one or more relying parties for access by the client to services at a relying party. Specifically, the relying party can validate the security token from an identity provider (whether directly or via a client) when verifying that the received security token conforms to security configuration data previously exchanged with the identity provider. To establish the trust relationship, the identity provider and one or more relying parties exchange security configuration information through an agreed-to communication channel. The security configuration information indicates the settings that the other party needs to use for establishing, maintaining, and/or monitoring the trust relationship. The communication channel allows both parties to flexibly and continually synchronize changes to security configurations, and thus maintain, change, or end the trust relationship automatically, as desired.

摘要翻译： 联合身份验证系统包括身份提供者，该身份提供者最终向一个或多个依赖方提供安全令牌，以供客户端访问依赖方的服务。 具体来说，依赖方可以在验证接收到的安全令牌符合先前与身份提供者交换的安全配置数据时，从身份提供者（无论是直接访问还是通过客户端）验证安全令牌。 为了建立信任关系，身份提供商和一个或多个依赖方通过协商的通信渠道交换安全配置信息。 安全配置信息指示对方需要用于建立，维护和/或监视信任关系的设置。 通信通道允许双方灵活地并且连续地将改变同步到安全配置，从而根据需要自动维护，改变或结束信任关系。

公开(公告)号：US20090217362A1

公开(公告)日：2009-08-27

申请号：US12432606

申请日：2009-04-29

申请人： Arun K. Nanda ,  Hervey Wilson ,  Dan Guberman ,  Vijay K. Gajjala ,  Raman Chikkamagalur ,  Oren Melzer

发明人： Arun K. Nanda ,  Hervey Wilson ,  Dan Guberman ,  Vijay K. Gajjala ,  Raman Chikkamagalur ,  Oren Melzer

IPC分类号： G06F21/22 ,  G06F15/16

CPC分类号： H04L63/0884 ,  G06F21/33 ,  G06F21/42 ,  G06F21/73 ,  H04L29/00 ,  H04L63/0815 ,  H04L63/105

摘要： A server provisions a client with digital identity representations such as information cards. A provisioning request to the server includes filtering parameters. The server assembles a provisioning response containing cards that satisfy the filtering parameters, and transmits the response to a client, possibly by way of a proxy. The provisioning response may include provisioning state information to help a server determine in subsequent exchanges which cards are already present on the client. A client may keep track the source of information cards and discard cards which a server has discarded. A proxy may make the provisioning request on behalf of a client, providing the server with the proxy's own authentication and with a copy of the request from the client to the proxy.

摘要翻译： 服务器为客户端提供数字身份表示，如信息卡。 向服务器的配置请求包括过滤参数。 服务器组装包含满足过滤参数的卡的配置响应，并且可能通过代理将响应发送给客户端。 供应响应可以包括供应状态信息以帮助服务器在随后的交换机中确定哪些卡已经存在于客户端上。 客户端可以跟踪服务器已丢弃的信息卡和丢弃卡的来源。 代理可以代表客户端提供供应请求，为服务器提供代理自己的身份验证，并将客户端的请求副本提供给代理。

公开(公告)号：US07925591B2

公开(公告)日：2011-04-12

申请号：US11392303

申请日：2006-03-28

申请人： Vijay K. Gajjala ,  Krishnamurthy Ganesan ,  Jeffrey R. McKune

发明人： Vijay K. Gajjala ,  Krishnamurthy Ganesan ,  Jeffrey R. McKune

IPC分类号： G06F21/00

CPC分类号： G06F21/10 ,  G06Q30/0241 ,  G06Q30/06 ,  G06Q30/0621

摘要： A retailer facilitates issuance of a digital license from a licensor to a customer for a corresponding piece of digital content. The retailer receives payment for the license from the customer, where the payment is to be shared with the licensor in a pre-determined manner. The retailer also receives customer-based information from the customer. The retailer then composes an actual license request including the obtained customer-based information, and including retailer-based information identifying the retailer to the licensor and acknowledging to the licensor that the retailer owes a portion of the received payment to the licensor. Thereafter, the retailer forwards the actual license request to the licensor. The licensor notes based on the retailer-based information in the actual license request that the retailer identified thereby owes the licensor at least a portion of the forwarded payment. If an individual sends a license request directly to the licensor and thus fails to forward payment for the license to a retailer, the actual license request as composed by the individual fails to include the retailer-based information. Accordingly, the licensor refuses to issue a license as requested based on the lack of retailer-based information.

摘要翻译： 零售商有助于从许可方向客户发放数字许可证以获得相应的数字内容。 零售商从客户那里收到许可证的付款，其中付款将以预先确定的方式与许可人共享。 零售商也从客户那里收到客户信息。 零售商然后组成一个实际的许可证请求，包括所获得的基于客户的信息，并将识别零售商的基于零售商的信息包括在许可方中，并且向许可方确认零售商将所收到的一部分付款的一部分欠许可方。 此后，零售商将实际的许可证请求转发给许可方。 许可人根据实际许可证申请中的零售商信息，注意到零售商认定的至少一部分转发付款欠授权许可人。 如果个人直接向许可人发送许可证请求，因此无法向零售商转发许可证的付款，则由个人组成的实际许可证请求不包括基于零售商的信息。 因此，根据零售商信息的不足，许可人拒绝发出许可证。

公开(公告)号：US20110078212A1

公开(公告)日：2011-03-31

申请号：US12961115

申请日：2010-12-06

申请人： Vijay K. Gajjala ,  Giovanni M. Della-Libera ,  V.B. Balayoghan ,  Tomasz Janczuk

发明人： Vijay K. Gajjala ,  Giovanni M. Della-Libera ,  V.B. Balayoghan ,  Tomasz Janczuk

IPC分类号： G06F17/30

CPC分类号： H04L9/3236 ,  H04L9/3247 ,  H04L2209/68

摘要： A signature system with a mechanism to identify element(s) of a signed document includes a sender having a signature module with a digest generator. The digest generator generates digests for identifying selected elements of the document. The resulting “identifying” digests are then used in generating a signature in which the sender signs the digests rather than the original elements. The receiver can then process the signature and use these digests to distinguish between elements, as needed.

摘要翻译： 具有识别签名文档的元素的机制的签名系统包括具有带摘要生成器的签名模块的发送者。 摘要生成器生成用于识别文档的所选元素的摘要。 然后，所得到的“识别”摘要用于生成签名，其中发送者签署摘要而不是原始元素。 然后，接收者可以处理签名，并根据需要使用这些摘要来区分元素。

公开(公告)号：US07080043B2

公开(公告)日：2006-07-18

申请号：US10108285

申请日：2002-03-26

申请人： Charlie David Chase, Jr. ,  Krishnamurthy Ganesan ,  Philip J. Lafornara ,  Jeffrey Richard McKune ,  Clifford Paul Strom ,  Vijay K. Gajjala

发明人： Charlie David Chase, Jr. ,  Krishnamurthy Ganesan ,  Philip J. Lafornara ,  Jeffrey Richard McKune ,  Clifford Paul Strom ,  Vijay K. Gajjala

IPC分类号： G06Q99/00

CPC分类号： G06F21/10 ,  G06F2221/0771

摘要： Content revocation is achieved by disabling licenses issued to a computing device for the content. A content revocation is delivered within a license to the computing device. Upon license storage the content revocation is recognized, validated, and stored in a secure state store under the public key of the content server (PU-CS) that issued the content. Each license has a (PU-CS) therein, and each license evaluation considers each content revocation stored in the state store and having the same (PU-CS). The license is disabled or otherwise affected based on the considered content revocation. A content revocation is one form of a license modification that may be delivered within a license.

公开(公告)号：US08725776B2

公开(公告)日：2014-05-13

申请号：US12961115

申请日：2010-12-06

申请人： Vijay K. Gajjala ,  Giovanni M. Della-Libera ,  Vaithialingam Balayoghan ,  Tomasz Janczuk

发明人： Vijay K. Gajjala ,  Giovanni M. Della-Libera ,  Vaithialingam Balayoghan ,  Tomasz Janczuk

IPC分类号： G06F17/30

CPC分类号： H04L9/3236 ,  H04L9/3247 ,  H04L2209/68

摘要： A signature system with a mechanism to identify element(s) of a signed document includes a sender having a signature module with a digest generator. The digest generator generates digests for identifying selected elements of the document. The resulting “identifying” digests are then used in generating a signature in which the sender signs the digests rather than the original elements. The receiver can then process the signature and use these digests to distinguish between elements, as needed.

摘要翻译： 具有识别签名文档的元素的机制的签名系统包括具有带摘要生成器的签名模块的发送者。 摘要生成器生成用于识别文档的所选元素的摘要。 然后，所得到的“识别”摘要用于生成签名，其中发送者签署摘要而不是原始元素。 然后，接收者可以处理签名，并根据需要使用这些摘要来区分元素。

公开(公告)号：US07873831B2

公开(公告)日：2011-01-18

申请号：US10788108

申请日：2004-02-26

申请人： Vijay K. Gajjala ,  Giovanni M. Della-Libera ,  Vaithialingam B. Balayoghan ,  Tomasz Janczuk

发明人： Vijay K. Gajjala ,  Giovanni M. Della-Libera ,  Vaithialingam B. Balayoghan ,  Tomasz Janczuk

IPC分类号： H04L9/32

CPC分类号： H04L9/3236 ,  H04L9/3247 ,  H04L2209/68

摘要： A signature system with a mechanism to identify element(s) of a signed document includes a sender having a signature module with a digest generator. The digest generator generates digests for identifying selected elements of the document. The resulting “identifying” digests are then used in generating a signature in which the sender signs the digests rather than the original elements. The receiver can then process the signature and use these digests to distinguish between elements, as needed.

摘要翻译： 具有识别签名文档的元素的机制的签名系统包括具有带摘要生成器的签名模块的发送者。 摘要生成器生成用于识别文档的所选元素的摘要。 然后，所得到的“识别”摘要用于生成签名，其中发送者签署摘要而不是原始元素。 然后，接收者可以处理签名，并根据需要使用这些摘要来区分元素。