-
公开(公告)号:US08069476B2
公开(公告)日:2011-11-29
申请号:US11444945
申请日:2006-06-01
CPC分类号: G06F21/31
摘要: Techniques for validating identities are provided. A sign-on request is authenticated for a given principal. Attributes associated with that principal are acquired from an identity service and compared against local maintained attributes for that principal. If the identity-service acquired attributes match the local attributes, then the principal is validated for access. During principal access, selective events drive updates to the identity-service acquired attributes, and the comparison with the local attributes is performed again to determine whether the validated principal is to be invalidated or is to remain validated.
摘要翻译: 提供验证身份的技术。 给定的主体验证登录请求。 与该主体相关联的属性从身份服务获取,并与该主体的本地维护属性进行比较。 如果身份服务获取的属性与本地属性相匹配,则主体将被验证进行访问。 在主要访问期间,选择性事件驱动对所获取的身份服务的属性的更新,并再次执行与本地属性的比较,以确定验证的主体是否被无效或将被保持有效。
-
公开(公告)号:US20090171953A1
公开(公告)日:2009-07-02
申请号:US11964163
申请日:2007-12-26
IPC分类号: G06F17/00
CPC分类号: G06F17/2735 , G06F17/277 , G06F21/46
摘要: Techniques for recognizing multiple patterns within a string of characters are presented. A dictionary is hierarchically organized, such that leaf nodes within the dictionary represents words defined in the dictionary. A string of characters are received. Each character within the string is traversed by attempting to match it with a character defined in the dictionary. As long as a match continues with the dictionary the characters within the string are traversed. Once a longest possible match to a word within the dictionary is found, the next character following the last matched character for the string is processed.
摘要翻译: 提出了识别字符串中多个模式的技术。 字典被分层组织,使得字典中的叶节点表示字典中定义的单词。 收到一串字符。 尝试将字符串中的每个字符与字典中定义的字符进行匹配。 只要匹配继续使用字典,字符串中的字符将被遍历。 一旦找到与字典中的单词最长可能的匹配,则处理字符串最后匹配字符后的下一个字符。
-
13.发明申请Representing extensible markup language (XML) as an executable having conditional authentication or policy logic 有权将可扩展标记语言(XML)表示为具有条件认证或策略逻辑的可执行文件公开(公告)号:US20080120689A1
公开(公告)日:2008-05-22
申请号:US11600349
申请日:2006-11-16
CPC分类号: G06F17/2247 , G06F9/445 , G06F17/2205
摘要: Techniques for representing extensible markup language (XML) in an executable format are presented. An XML document is parsed into its components and content. The components and content are packaged as an executable. Some portions of the executable include authentication logic or policy logic that is subsequently enforced when the executable is processed. The executable is subsequently distributed to recipient machines. The machines process the executable and produce memory loaded versions of the components and content representing the XML document on the machines. The memory loaded versions of the components and content include conditionally added authentication logic of policy logic.
摘要翻译: 介绍了以可执行格式表示可扩展标记语言(XML)的技术。 将XML文档解析成其组件和内容。 组件和内容打包为可执行文件。 可执行文件的一些部分包括当处理可执行文件时随后强制执行的认证逻辑或策略逻辑。 该可执行文件随后分发给接收机。 机器处理可执行文件,并在机器上生成表示XML文档的组件和内容的加载版本。 内存加载的组件和内容版本包括有条件地添加的策略逻辑的认证逻辑。
-
公开(公告)号:US20080114987A1
公开(公告)日:2008-05-15
申请号:US11590360
申请日:2006-10-31
IPC分类号: H04L9/32 , G06K9/00 , H04L9/00 , G06F17/30 , H04K1/00 , G06F15/16 , G06F7/04 , G06F7/58 , G06K19/00
CPC分类号: H04L63/0815 , G06F21/31 , G06F21/606 , G06F2221/2141
摘要: Techniques for using multiple security access mechanisms for a single identifier are presented. A single identifier is permitted to be associated with multiple authentication secrets. The single identifier resolves to a particular identity in response to the particular authentication secret presented with the single identifier. Moreover, in an embodiment, any resolved identity may have a variety of attributes automatically set for a particular communication session, such as role, access rights, etc.
摘要翻译: 介绍了为单个标识符使用多个安全访问机制的技术。 允许单个标识符与多个认证秘密相关联。 单个标识符响应于用单个标识符呈现的特定认证秘密来解析为特定身份。 此外,在一个实施例中,任何解析的身份可以具有为特定通信会话自动设置的各种属性,诸如角色,访问权限等。
-
公开(公告)号:US20080005573A1
公开(公告)日:2008-01-03
申请号:US11479876
申请日:2006-06-30
IPC分类号: H04L9/00
CPC分类号: H04L9/3257
摘要: Techniques for creating and using credentials for blinded intended audiences are provided. A principal desires access to a target service. An identity associated with the target service is hidden from an identity service via a random identifier. The identity service supplies an assertion with credentials and the random identifier. The principal sends the assertion and an access message, which also includes the random identifier to the target service. The target service compares the identifier included with the message to the identifier in the assertion and when a match occurs access is permitted to the target service, assuming other credentials associated with the assertion are satisfied as well.
摘要翻译: 提供了为盲目的受众创建和使用凭据的技术。 校长希望访问目标服务。 与目标服务相关联的身份通过随机标识符从身份服务中隐藏。 身份服务提供带有凭证和随机标识符的断言。 主体发送断言和访问消息,该消息还包括到目标服务的随机标识符。 目标服务将该消息中包括的标识符与该断言中的标识符进行比较,并且当允许对目标服务进行匹配时,假设与该断言相关联的其他凭证也被满足。
-
16.发明授权Representing extensible markup language (XML) as an executable having conditional authentication or policy logic 有权将可扩展标记语言(XML)表示为具有条件认证或策略逻辑的可执行文件公开(公告)号:US08799770B2
公开(公告)日:2014-08-05
申请号:US13278899
申请日:2011-10-21
IPC分类号: G06F17/21
CPC分类号: G06F17/2247 , G06F9/445 , G06F17/2205
摘要: Techniques for representing extensible markup language (XML) in an executable format are presented. An XML document is parsed into its components and content. The components and content are packaged as an executable. Some portions of the executable include authentication logic or policy logic that is subsequently enforced when the executable is processed. The executable is subsequently distributed to recipient machines. The machines process the executable and produce memory loaded versions of the components and content representing the XML document on the machines. The memory loaded versions of the components and content include conditionally added authentication logic of policy logic.
摘要翻译: 介绍了以可执行格式表示可扩展标记语言(XML)的技术。 将XML文档解析成其组件和内容。 组件和内容打包为可执行文件。 可执行文件的一些部分包括当处理可执行文件时随后强制执行的认证逻辑或策略逻辑。 该可执行文件随后分发给接收机。 机器处理可执行文件,并在机器上生成表示XML文档的组件和内容的加载版本。 内存加载的组件和内容版本包括有条件地添加的策略逻辑的认证逻辑。
-
公开(公告)号:US20080289049A1
公开(公告)日:2008-11-20
申请号:US11750778
申请日:2007-05-18
IPC分类号: H04L9/00
CPC分类号: G06F21/6218 , G06F17/30867 , G06F21/10
摘要: Techniques for personalizing content are presented. A principal requests access to content. Policy is evaluated in response to the request for the content. Scripts are processed in response to the policy evaluation to rewrite and modify the content. The modified content is then delivered to the requesting principal to personalize the content for the principal.
摘要翻译: 介绍了个性化内容的技巧。 主体请求访问内容。 响应于对内容的请求来评估策略。 响应于策略评估处理脚本以重写和修改内容。 修改的内容然后被传递给请求主体以个性化主体的内容。
-
公开(公告)号:US20080289013A1
公开(公告)日:2008-11-20
申请号:US11750791
申请日:2007-05-18
CPC分类号: G06F17/30905 , G06F21/6209 , G06F2221/2149
摘要: Techniques for the local personalization of content are presented. A content personalization service is dynamically pushed from a server environment to a client processing environment associated with a principal on demand. The content personalization service interjects itself between content that the principal attempts to view and access within the client processing environment and modifies and personalizes that content on behalf of the principal before the principal can view or access the content.
摘要翻译: 介绍了本地个性化内容的技术。 将内容个性化服务从服务器环境动态推送到与主服务器相关联的客户端处理环境。 内容个性化服务在客户端处理环境中试图查看和访问的内容之间插入内容,并在主体可以查看或访问内容之前代表主体修改和个性化该内容。
-
公开(公告)号:US20070294752A1
公开(公告)日:2007-12-20
申请号:US11444944
申请日:2006-06-01
IPC分类号: G06F17/30 , G06F15/16 , G06F17/00 , G06F7/04 , G06F9/00 , G06F7/58 , G06K19/00 , G06K9/00 , H04L9/32
CPC分类号: H04L63/0815 , G06F21/33 , G06F21/41
摘要: Techniques for proxing services with a single sign on are provided. A principal authenticates to a first identity service. The first identity service is in a trusted relationship with a second identity service. An authentication request is sent to the second identity service and the request includes an authentication response supplied by the first identity service in response to successful authentication of the principal to the first identity service. In response to the authentication request and the accompanying response, the principal is authenticated for access to the second identity service. Furthermore, targeted services accessible to the second identity service are proxied from and to the principal during interactions between the principal and an external service of that principal.
摘要翻译: 提供使用单点登录服务的技术。 主体认证第一身份服务。 第一个身份服务与第二个身份服务处于可信赖的关系中。 认证请求被发送到第二身份服务,并且请求包括由第一身份服务提供的认证响应,以响应对第一身份服务的主体的成功认证。 响应于认证请求和伴随的响应,主体被认证用于访问第二身份服务。 此外,第二身份服务可访问的目标服务在委托人的主体和外部服务之间的交互中由委托人代理。
-
公开(公告)号:US08607303B2
公开(公告)日:2013-12-10
申请号:US11590268
申请日:2006-10-31
CPC分类号: G06F21/46 , G06F2221/2137
摘要: Techniques for modification of access expiration conditions are presented. A principal supplies a password associated with establishing access to a target resource. In response to the password, characteristics of the password are examined and a custom expiration condition is generated for the password in response to the characteristics and policy. When the custom expiration condition is satisfied, the password and access to the target resource become invalid for use. Moreover, the principal may interactively change a complexity level of any proposed password for purposes of attempting to enhance the expiration condition or for purposes of attempting to degrade the expiration condition.
摘要翻译: 介绍了修改访问到期条件的技术。 主体提供与建立对目标资源的访问相关联的密码。 响应于密码,检查密码的特征,并根据特征和策略为密码生成自定义到期条件。 当满足自定义到期条件时,密码和对目标资源的访问变得无效使用。 此外,为了尝试增强到期条件或试图降低到期条件的目的,校长可以交互地改变任何提出的密码的复杂度级别。
-
-
-
-
-
-
-
-
-
搜索结果
33 条记录 (耗时 0.023 秒)
