-
公开(公告)号:US07810148B2
公开(公告)日:2010-10-05
申请号:US11067125
申请日:2005-02-25
IPC分类号: G06F9/00
CPC分类号: H04L63/029
摘要: Systems and methods are described that provide terminal services through a firewall. In one implementation, data is wrapped with an RPC-based protocol, wherein the data to be wrapped is configured according to a stream-based protocol consistent with establishing a server/client relationship. The RPC-based protocol is then layered over HTTPS. The wrapped data is then passed through the firewall.
摘要翻译: 描述了通过防火墙提供终端服务的系统和方法。 在一个实现中,数据被包装有基于RPC的协议,其中待包装的数据根据与建立服务器/客户端关系一致的基于流的协议被配置。 然后基于RPC的协议通过HTTPS分层。 然后将包裹的数据通过防火墙。
-
公开(公告)号:US07453465B2
公开(公告)日:2008-11-18
申请号:US10974092
申请日:2004-10-27
IPC分类号: G06F15/00
CPC分类号: G06F3/1438 , G06F3/14 , G06T1/00 , G06T1/005 , G06T11/60 , G06T2201/0052
摘要: A portable graphics encoder connects with one or more protocol decoder devices based on a particular communication protocol. The portable graphics encoder is not specific to any particular operating system. The portable graphics encoder receives protocol decoder device commands such as input instructions that determine higher-level graphics commands that are sent to the one or more protocol decoder devices. The higher-level graphics commands are extracted from graphics sources such as application programs. The portable graphics encoder encodes the higher-level graphics commands according to a format defined by the communication protocol, and the encoded higher-level graphics commands are sent to the one or more protocol decoder devices.
摘要翻译: 便携式图形编码器基于特定通信协议与一个或多个协议解码器设备连接。 便携式图形编码器不是特定于任何特定的操作系统。 便携式图形编码器接收协议解码器设备命令,例如确定发送到一个或多个协议解码器设备的更高级图形命令的输入指令。 更高级别的图形命令从诸如应用程序的图形源中提取出来。 便携式图形编码器根据由通信协议定义的格式编码较高级别的图形命令,并将编码的较高级图形命令发送到一个或多个协议解码器装置。
-
公开(公告)号:US09038162B2
公开(公告)日:2015-05-19
申请号:US13532593
申请日:2012-06-25
申请人: Costin Hagiu , Elton Saul , Rajneesh Mahajan , Sergey A. Kuzin , Joy Chik , John E. Parsons , Ashwin Palekar , Ara Bernardi
发明人: Costin Hagiu , Elton Saul , Rajneesh Mahajan , Sergey A. Kuzin , Joy Chik , John E. Parsons , Ashwin Palekar , Ara Bernardi
CPC分类号: H04L63/0823 , G06F21/42 , G06F21/606 , G06F2221/2107 , H04L67/14 , H04L67/141
摘要: Implementations of the present invention efficiently establish secure connections between a client and server, at least in part by authenticating the client and server early on in the connection setup phases. A client initiating a connection with a server identifies the secure communication protocols enabled at the client, and identifies these protocols in a connection request it sends to the server. The server processes the message and responds with a communication protocol it deems appropriate for the connection. The client and server then exchange appropriate authentication information, and then establish a connection session that implements the chosen communication protocol, and encrypts messages using the negotiated communication protocol. Additional implementations relate to reestablishing dropped connections behind virtual Internet Protocol addresses, without necessarily having to recommit much connection resource overhead.
摘要翻译: 本发明的实施方式至少部分地通过在连接建立阶段早期认证客户端和服务器来有效地建立客户端和服务器之间的安全连接。 发起与服务器的连接的客户端识别在客户端启用的安全通信协议,并在发送到服务器的连接请求中识别这些协议。 服务器处理消息并使用其认为适合连接的通信协议进行响应。 然后,客户端和服务器交换适当的认证信息,然后建立实现所选通信协议的连接会话,并使用协商的通信协议加密消息。 其他实现涉及在虚拟因特网协议地址之后重新建立丢弃的连接,而不必重新承担大量的连接资源开销。
-
公开(公告)号:US08220042B2
公开(公告)日:2012-07-10
申请号:US11354456
申请日:2006-02-15
申请人: Costin Hagiu , Elton Saul , Rajneesh Mahajan , Sergey A. Kuzin , Joy Chik , John E. Parsons , Ashwin Palekar , Ara Bernardi
发明人: Costin Hagiu , Elton Saul , Rajneesh Mahajan , Sergey A. Kuzin , Joy Chik , John E. Parsons , Ashwin Palekar , Ara Bernardi
IPC分类号: G06F9/00
CPC分类号: H04L63/0823 , G06F21/42 , G06F21/606 , G06F2221/2107 , H04L67/14 , H04L67/141
摘要: Implementations of the present invention efficiently establish secure connections between a client and server, at least in part by authenticating the client and server early on in the connection setup phases. A client initiating a connection with a server identifies the secure communication protocols enabled at the client, and identifies these protocols in a connection request it sends to the server. The server processes the message and responds with a communication protocol it deems appropriate for the connection. The client and server then exchange appropriate authentication information, and then establish a connection session that implements the chosen communication protocol, and encrypts messages using the negotiated communication protocol. Additional implementations relate to reestablishing dropped connections behind virtual Internet Protocol addresses, without necessarily having to recommit much connection resource overhead.
摘要翻译: 本发明的实施方式至少部分地通过在连接建立阶段早期认证客户端和服务器来有效地建立客户端和服务器之间的安全连接。 发起与服务器的连接的客户端识别在客户端启用的安全通信协议,并在发送到服务器的连接请求中识别这些协议。 服务器处理消息并使用其认为适合连接的通信协议进行响应。 然后,客户端和服务器交换适当的认证信息,然后建立实现所选通信协议的连接会话,并使用协商的通信协议加密消息。 其他实现涉及在虚拟因特网协议地址之后重新建立丢弃的连接,而不必重新承担大量的连接资源开销。
-
公开(公告)号:US08015331B2
公开(公告)日:2011-09-06
申请号:US11171005
申请日:2005-06-29
IPC分类号: G06F13/14
摘要: A workstation including a host machine and a plurality of consoles directly connected to the host machine. Each of the consoles are configured as a separate console, and each of the consoles include a respective input device adapted to receive input from a user and a respective output device adapted to provide output to the user. A method provided herein includes configuring the host machine to support a plurality of users concurrently on a plurality of consoles, and connecting each of the consoles directly to the host machine so as to enable direct communication therebetween.
摘要翻译: 包括主机和直接连接到主机的多个控制台的工作站。 每个控制台被配置为单独的控制台,并且每个控制台包括适于从用户接收输入的相应输入设备和适于向用户提供输出的相应输出设备。 本文提供的方法包括配置主机以在多个控制台上同时支持多个用户,并且将每个控制台直接连接到主机,以便能够直接在其间进行通信。
-
16.发明授权Policy driven, credential delegation for single sign on and secure access to network resources 有权政策驱动,凭据授权单点登录和安全访问网络资源公开(公告)号:US07913084B2
公开(公告)日:2011-03-22
申请号:US11441588
申请日:2006-05-26
申请人: Gennady Medvinsky , Cristian Ilac , Costin Hagiu , John E. Parsons , Mohamed Emad El Din Fathalla , Paul J. Leach , Tarek Bahaa El-Din Mahmoud Kamel
发明人: Gennady Medvinsky , Cristian Ilac , Costin Hagiu , John E. Parsons , Mohamed Emad El Din Fathalla , Paul J. Leach , Tarek Bahaa El-Din Mahmoud Kamel
IPC分类号: H04L9/32
CPC分类号: H04L63/0815 , H04L9/3273 , H04L63/20 , H04L2209/80
摘要: A credential security support provider (Cred SSP) is provided that enables any application to securely delegate a user's credentials from the client, via client side Security Support Provider (SSP) software, to a target server, via server side SSP software in a networked computing environment. The Cred SSP of the invention provides a secure solution that is based in part upon a set of policies, including a default policy that is secure against a broad range of attacks, which are used to control and restrict the delegation of user credentials from a client to a server. The policies can be for any type of user credentials and the different policies are designed to mitigate a broad range of attacks so that appropriate delegation can occur for given delegation circumstances, network conditions, trust levels, etc. Additionally, only a trusted subsystem, e.g., a trusted subsystem of the Local Security Authority (LSA), has access to the clear text credentials such that neither the calling application of the Cred SSP APIs on the server side nor the calling application of the Cred SSP APIs on the client side have access to clear text credentials.
摘要翻译: 提供了一种凭证安全支持提供者(Cred SSP),使任何应用程序能够通过客户端安全支持提供商(SSP)软件将客户端的凭据安全地委派给目标服务器,通过网络计算中的服务器端SSP软件 环境。 本发明的Cred SSP提供了一种安全解决方案,该解决方案部分地基于一组策略,包括针对广泛的攻击的安全性的默认策略,其用于控制和限制从客户机委派用户凭证 到服务器。 这些策略可以用于任何类型的用户凭证,并且不同的策略被设计为减轻广泛的攻击,从而可以针对给定的授权情况,网络条件,信任级别等进行适当的委托。此外,只有可信的子系统,例如 ,本地安全机构(LSA)的受信任的子系统可以访问明文凭据,使得服务器端的Cred SSP API的呼叫应用程序和客户端的Cred SSP API的呼叫应用都不具有访问权 清除文本凭据。
-
17.发明授权公开(公告)号:US06657625B1
公开(公告)日:2003-12-02
申请号:US09329163
申请日:1999-06-09
IPC分类号: G06T1100
CPC分类号: G06F17/2229
摘要: A method and system of operating a remote terminal by a terminal server caches representation data of glyphs to be displayed on the remote terminal to reduce the amount of glyph data that have to be transmitted to the remote terminal through a network connection. The glyph caching is performed on a level of text fragments each of which includes a plurality of glyphs. The remote terminal stores a fragment cache for caching fragments and glyph caches for caching individual glyphs. Each entry in the fragment cache contains data indicating where the glyph data for the glyphs of the fragment are stored in the glyph caches. When the terminal server receives a request to display a text fragment on the remote terminal, it checks whether that fragment is cached at the remote terminal. If so, the terminal server sends a fragment index to the client identifying the entry in the fragment cache for that fragment. The terminal client retrieves the information in the fragment cache entry and then retrieves the glyph data for the glyphs of the fragment from the glyph cache, and displays them on the remote terminal.
摘要翻译: 由终端服务器操作远程终端的方法和系统缓存要在远程终端上显示的字形的表示数据,以减少必须通过网络连接发送到远程终端的字形数据量。 字形缓存在文本片段的级别上执行,每个文本片段包括多个字形。 远程终端存储缓存用于缓存单个字形的片段和字形缓存的片段缓存。 片段缓存中的每个条目都包含指示片段的字形的字形数据存储在字形缓存中的位置的数据。 当终端服务器收到在远程终端上显示文本片段的请求时,它检查该片段是否在远端终端缓存。 如果是这样,终端服务器向客户端发送一个片段索引,标识该片段的片段高速缓存中的条目。 终端客户端检索片段缓存条目中的信息,然后从字形缓存检索片段的字形的字形数据,并将其显示在远程终端上。
-
公开(公告)号:US5428732A
公开(公告)日:1995-06-27
申请号:US303548
申请日:1994-09-09
CPC分类号: G09B19/04 , G06F17/30017 , G06F3/16 , Y10S345/956
摘要: Multimedia data objects in memory need not be processed serially from beginning to end but may instead be defined as algorithmically generated data streams. This functionality is provided through an architected application programming interface with a mechanism for defining a method of composing a complex object from smaller objects, for defining a behavior for the complex object, and for allowing that behavior to be varied based on external events.
摘要翻译: 存储器中的多媒体数据对象不需要从头到尾串行处理,而是可以被定义为算法生成的数据流。 该功能通过架构化的应用编程接口提供,该接口具有用于定义从较小对象组成复杂对象的方法的机制,用于定义复杂对象的行为,并允许基于外部事件改变行为。
-
公开(公告)号:US08351716B2
公开(公告)日:2013-01-08
申请号:US12835652
申请日:2010-07-13
CPC分类号: H03M7/30 , G06F9/542 , G06F2209/545
摘要: Embodiments provide for efficient encoding and rendering of remote graphic displays by applying one or more of the following: (1) field encoding for identifying fields of a graphics set such that commonalities of various fields across different graphics languages are identified; (2) resource caching, which treats heterogeneous resources in a homogeneous way when it comes to storing them; (3) determining the type of encoding for remoting items within a graphics set based upon the types of compression mechanisms supported by a remote device; (4) improving responsiveness by rendering with partially sent resources; (5) a mechanism for determining what portions (if any) of a graphics set should be sent to a remote device and in what order; and (6) use of dedicated resources already on a remote device in order to eliminate the transfer of a resource between a local device and the remote device when rendering such resource.
摘要翻译: 实施例通过应用以下一个或多个来提供对远程图形显示的有效编码和渲染:(1)用于识别图形集的字段的字段编码,以便识别跨越不同图形语言的各种字段的共同点; (2)资源缓存,在存储它们时以均匀的方式处理异构资源; (3)基于由远程设备支持的压缩机制的类型,确定用于远程处理图形集内的项目的编码类型; (4)通过部分派发资源提高响应能力; (5)用于确定图形组的哪些部分(如果有的话)应该被发送到远程设备并以什么顺序的机制; 和(6)使用已经在远程设备上的专用资源,以便在渲染此类资源时消除本地设备与远程设备之间的资源传输。
-
公开(公告)号:US08326993B2
公开(公告)日:2012-12-04
申请号:US11119407
申请日:2005-04-29
IPC分类号: G06F15/16
CPC分类号: H04L63/104 , H04L67/14 , H04L2463/101
摘要: Techniques relating to managing terminal services scenarios are described. In one instance, a process establishes a new terminal services session having a session configuration consistent with a permitted terminal services session configuration. The process also monitors whether the new terminal services session configuration remains consistent with the permitted terminal services session configuration.
摘要翻译: 描述与管理终端服务场景有关的技术。 在一个实例中,进程建立具有与允许的终端服务会话配置一致的会话配置的新的终端服务会话。 该过程还监视新的终端服务会话配置是否与允许的终端服务会话配置保持一致。
-
-
-
-
-
-
-
-
-
搜索结果
29 条记录 (耗时 0.019 秒)
