-
11.发明授权公开(公告)号:US08527757B2
公开(公告)日:2013-09-03
申请号:US12666276
申请日:2008-06-23
IPC分类号: H04L29/06
CPC分类号: H04L63/0853 , G06F21/6263 , H04L63/1441 , H04L63/18
摘要: The invention relates to a portable authentication token comprising connection means for connecting to a computer, browser communication means for communicating with a browser running on the computer, and user authentication means for authenticating a user of the token to a server. The user authentication means are triggered via the browser communication means when the user connects to the server from the browser of the computer. The user authentication means are set to authenticate the user by communicating with the server through the browser. The token comprises out-of-band token communication means set to validate user authentication by establishing a communication channel between the token and the server, the communication channel bypassing the browser.The invention also relates to an authentication method and to a system comprising a token, a computer and a server to which the user authenticates with the token.
摘要翻译: 本发明涉及包括用于连接到计算机的连接装置的便携式认证令牌,用于与在计算机上运行的浏览器进行通信的浏览器通信装置以及用于将令牌的用户认证到服务器的用户认证装置。 当用户从计算机的浏览器连接到服务器时,通过浏览器通信装置触发用户认证装置。 用户认证装置设置为通过浏览器与服务器通信来认证用户。 令牌包括带外令牌通信装置,设置为通过在令牌和服务器之间建立通信信道来验证用户认证,通信信道绕过浏览器。 本发明还涉及一种认证方法以及一种系统,该系统包括令牌,计算机和服务器,用户使用令牌进行认证。
-
12.发明申请SYSTEM AND METHOD FOR PROVIDING SECURITY IN BROWSER-BASED ACCESS TO SMART CARDS 有权基于浏览器的智能卡访问安全的系统和方法公开(公告)号:US20110320818A1
公开(公告)日:2011-12-29
申请号:US13255106
申请日:2010-03-05
IPC分类号: H04L9/32
CPC分类号: H04L63/126 , G06F21/34 , H04L67/02 , H04L67/34 , H04W8/205
摘要: A method of operating a host computer having a web-browser with the capability of executing at least one web-browser add-on to provide a web application access to a smart card to protect the smart card from security threats associated with being connected to the Internet. Prior to establishing a connection between a web application executing in the web browser, verifying that the web application has been authorized to connect to a smart care using the web-browser add-on to provide a web application access to a smart card.
摘要翻译: 一种操作具有网络浏览器的主计算机的方法,所述主机具有执行至少一个网络浏览器附件的能力,以提供对智能卡的web应用访问,以保护智能卡免受与连接到智能卡相关联的安全威胁 互联网。 在建立在web浏览器中执行的web应用程序之间的连接之后,验证Web应用程序是否被授权使用web浏览器附件来连接到智能护理以提供web应用程序访问智能卡。
-
13.发明授权User to user delegation service in a federated identity management environment 有权联合身份管理环境中的用户到用户委派服务公开(公告)号:US09401918B2
公开(公告)日:2016-07-26
申请号:US14007328
申请日:2012-03-26
CPC分类号: H04L63/10 , G06F21/00 , G06F21/6218 , G06F2221/2137 , H04L9/32 , H04L29/06
摘要: Method for providing user-to-user delegation service in federated identity environment, characterized in that it comprises a delegation or assignment step wherein a delegator specifies said delegation at an identity provider for delegating a privilege or task to a delegatee to be performed at a service provider.
摘要翻译: 用于在联合身份环境中提供用户到用户委托服务的方法,其特征在于,其包括委托或分配步骤,其中委托者在身份提供者处指定所述委托以将特权或任务委托给在服务中执行的委托人 提供者
-
公开(公告)号:US20090064301A1
公开(公告)日:2009-03-05
申请号:US11849117
申请日:2007-08-31
IPC分类号: G06F7/04
CPC分类号: G06F17/30896 , G06F9/468 , G06F21/33 , G06F21/34 , G06F2221/2119
摘要: A client-side application extension executable on a host computer from within a web-browser having the capability of executing at least one web-browser add-on to provide a user access to a smart card, connected to the host computer having a smart card resource manager, via the web-browser. The web-browser extension has instructions to direct the central processing unit to access data on the smart card via a web-browser and platform independent interface module and a web-browser and platform dependent wrapper module connected to the web-browser and platform independent interface module and to the smart card resource manager having a function processing module operable to receive a call to the at least one function for accessing data on the smart card and for transforming the function call into a corresponding call to the smart card resource manager.
摘要翻译: 客户端应用扩展在主机计算机上可在网络浏览器内执行,该网络浏览器具有执行至少一个网络浏览器附件的功能,以向用户提供连接到具有智能卡的主计算机的智能卡的用户访问 资源管理器,通过网络浏览器。 网络浏览器扩展具有指示中央处理单元通过网络浏览器和独立于平台的接口模块访问智能卡上的数据,以及连接到网络浏览器和平台独立接口的网络浏览器和平台依赖的包装器模块 模块和具有功能处理模块的智能卡资源管理器,所述功能处理模块可操作以接收对所述至少一个功能的呼叫以访问所述智能卡上的数据,并用于将所述功能呼叫转换为对所述智能卡资源管理器的对应呼叫。
-
公开(公告)号:US20070101145A1
公开(公告)日:2007-05-03
申请号:US11263324
申请日:2005-10-31
IPC分类号: H04L9/00
CPC分类号: H04L9/3271 , H04L9/3247 , H04L63/0815 , H04L63/12 , H04L2209/68
摘要: A consent service on a host computer providing cryptographically signed consent for user attributes by a user on a host computer to a web service provider. The consent service is operable to provide decryption of the user attributes acquired by the web service provider from an identity provider. The consent service displaying and acquiring user consent to one or more user attributes displayed in a browser web page to the user on the host computer. The consent service is operable to provide encryption of the user consented attributes and to generate cryptographically signed consent of the user. The consent service conveying and transmitting the user consented attribute and cryptographically signed user consent to the web service provider. The web service provider is operable to provide decryption of the user consented attributes and storing the user consented attributes and signed user consent. The web service provider sharing user consented attributes and user signed consent with other web service providers so the user on the host computer can access resources on the other web service providers without multiple authentication or any further interaction with the identity provider.
摘要翻译: 主机上的同意服务,由主机上的用户向Web服务提供商提供加密签名的用户属性同意。 同意服务可操作以从身份提供者提供由web服务提供商获取的用户属性的解密。 同意服务向主机上的用户显示并获取在浏览器网页中显示的一个或多个用户属性的用户同意。 同意服务可操作地提供用户同意的属性的加密并且生成用户的加密签名的同意。 同意服务传达和传送用户同意的属性,并加密地签署用户同意Web服务提供商。 网络服务提供者可操作地提供用户同意属性的解密并存储用户同意的属性和签名的用户同意。 Web服务提供商与其他Web服务提供商共享用户同意的属性和用户签名的同意,因此主计算机上的用户可以访问其他Web服务提供商上的资源,而无需多次身份验证或与身份提供者的任何进一步交互。
-
16.发明授权System and method for using a portable security device to cryptograhically sign a document in response to signature requests from a relying party to a digital signature service 有权响应于来自依赖方到数字签名服务的签名请求,使用便携式安全设备来密文地签署文档的系统和方法公开(公告)号:US09065823B2
公开(公告)日:2015-06-23
申请号:US13583578
申请日:2011-03-08
申请人: HongQian Karen Lu , Kapil Sachdeva
发明人: HongQian Karen Lu , Kapil Sachdeva
CPC分类号: H04L63/0853 , H04L9/3234 , H04L9/3247 , H04L63/126 , H04L2209/80
摘要: (EN)A system, method and computer-readable storage medium with instructions for operating a digital signature server and a portable security device to cooperate to provide digital signature services using a private key stored on the portable security device by delegating to a user's smart card the actual task of digitally signing documents. Other systems and methods are disclosed.
摘要翻译: (EN)一种具有用于操作数字签名服务器和便携式安全设备的指令的系统,方法和计算机可读存储介质,以协作以使用存储在便携式安全设备上的专用密钥提供数字签名服务,通过委托给用户的智能卡 数字签名文件的实际任务。 公开了其它系统和方法。
-
17.发明申请USER TO USER DELEGATION SERVICE IN A FEDERATED IDENTITY MANAGEMENT ENVIRONMENT 有权用户在联合身份管理环境中的用户代理服务公开(公告)号:US20140020051A1
公开(公告)日:2014-01-16
申请号:US14007328
申请日:2012-03-26
IPC分类号: H04L29/06
CPC分类号: H04L63/10 , G06F21/00 , G06F21/6218 , G06F2221/2137 , H04L9/32 , H04L29/06
摘要: Method for providing user-to-user delegation service in federated identity environment, characterized in that it comprises a delegation or assignment step wherein a delegator specifies said delegation at an identity provider for delegating a privilege or task to a delegatee to be performed at a service provider.
摘要翻译: 用于在联合身份环境中提供用户到用户委托服务的方法,其特征在于,其包括委托或分配步骤,其中委托者在身份提供者处指定所述委托以将特权或任务委托给在服务中执行的委托人 提供者
-
18.发明授权System and method for providing security in browser-based access to smart cards 有权用于在基于浏览器的智能卡访问中提供安全性的系统和方法公开(公告)号:US08713644B2
公开(公告)日:2014-04-29
申请号:US13255106
申请日:2010-03-05
CPC分类号: H04L63/126 , G06F21/34 , H04L67/02 , H04L67/34 , H04W8/205
摘要: A method of operating a host computer having a web-browser with the capability of executing at least one web-browser add-on to provide a web application access to a smart card to protect the smart card from security threats associated with being connected to the Internet. Prior to establishing a connection between a web application executing in the web browser, verifying that the web application has been authorized to connect to a smart care using the web-browser add-on to provide a web application access to a smart card.
摘要翻译: 一种操作具有网络浏览器的主计算机的方法,所述主机具有执行至少一个网络浏览器附件的能力,以提供对智能卡的web应用访问,以保护智能卡免受与连接到智能卡相关联的安全威胁 互联网。 在建立在web浏览器中执行的web应用程序之间的连接之后,验证Web应用程序是否被授权使用web浏览器附件来连接到智能护理以提供web应用程序访问智能卡。
-
19.发明申请SYSTEM AND METHOD FOR USING A PORTABLE SECURITY DEVICE TO CRYPTOGRAHICALLY SIGN A DOCUMENT IN RESPONSE TO SIGNATURE REQUESTS FROM A RELYING PARY TO A DIGITAL SIGNATURE 有权使用便携式安全设备进行符号签名的系统和方法,以便从符合数字签名的请求中签署一份文件公开(公告)号:US20130046991A1
公开(公告)日:2013-02-21
申请号:US13583578
申请日:2010-03-08
申请人: HongQian Karen Lu , Kapil Sachdeva
发明人: HongQian Karen Lu , Kapil Sachdeva
IPC分类号: H04L9/32
CPC分类号: H04L63/0853 , H04L9/3234 , H04L9/3247 , H04L63/126 , H04L2209/80
摘要: A system, method and computer-readable storage medium with instructions for operating a digital signature server and a portable security device to cooperate to provide digital signature services using a private key stored on the portable security device by delegating to a user's smart card the actual task of digitally signing documents. Other systems and methods are disclosed.
摘要翻译: 一种具有用于操作数字签名服务器和便携式安全设备的指令的系统,方法和计算机可读存储介质,用于协作以使用存储在便携式安全设备上的私钥来提供数字签名服务,通过向用户的智能卡委托实际任务 数字签名文件。 公开了其它系统和方法。
-
20.发明申请公开(公告)号:US20100235637A1
公开(公告)日:2010-09-16
申请号:US12666276
申请日:2008-06-23
申请人: H.Karen Lu , Asad Mahboob Ali , Kapil Sachdeva
发明人: H.Karen Lu , Asad Mahboob Ali , Kapil Sachdeva
CPC分类号: H04L63/0853 , G06F21/6263 , H04L63/1441 , H04L63/18
摘要: The invention relates to a portable authentication token comprising connection means for connecting to a computer, browser communication means for communicating with a browser running on the computer, and user authentication means for authenticating a user of the token to a server. The user authentication means are triggered via the browser communication means when the user connects to the server from the browser of the computer. The user authentication means are set to authenticate the user by communicating with the server through the browser. The token comprises out-of-band token communication means set to validate user authentication by establishing a communication channel between the token and the server, the communication channel bypassing the browser.The invention also relates to an authentication method and to a system comprising a token, a computer and a server to which the user authenticates with the token.
摘要翻译: 本发明涉及包括用于连接到计算机的连接装置的便携式认证令牌,用于与在计算机上运行的浏览器进行通信的浏览器通信装置以及用于将令牌的用户认证到服务器的用户认证装置。 当用户从计算机的浏览器连接到服务器时,通过浏览器通信装置触发用户认证装置。 用户认证装置设置为通过浏览器与服务器通信来认证用户。 令牌包括带外令牌通信装置,设置为通过在令牌和服务器之间建立通信信道来验证用户认证,通信信道绕过浏览器。 本发明还涉及一种认证方法以及一种系统,该系统包括令牌,计算机和服务器,用户使用令牌进行认证。
-
-
-
-
-
-
-
-
-
搜索结果
21 条记录 (耗时 0.029 秒)
