公开(公告)号：US07113994B1

公开(公告)日：2006-09-26

申请号：US09490199

申请日：2000-01-24

申请人： Michael M. Swift ,  Neta Amit ,  Richard B. Ward

发明人： Michael M. Swift ,  Neta Amit ,  Richard B. Ward

IPC分类号： G06F15/16

CPC分类号： G06F21/33 ,  Y10S707/99939

摘要： A method of controlling access to network services enables an authorized proxy client to access a service on behalf of a user. To permit the client to function as a proxy, the user registers proxy authorization information with a trusted security server. The proxy authorization information identifies the proxy client and specifies the extent of proxy authority granted to the proxy client. When the proxy client wants to access a target service on behalf of the user, it sends a proxy request to the trusted security server. The trusted security server checks the proxy authorization information of the user to verify whether the request is within the proxy authority granted to the proxy client. If so, the trusted security server returns to the proxy client a data structure containing information recognizable by the target service to authenticate the proxy client for accessing the target service on behalf of the user.

摘要翻译： 控制对网络服务的访问的方法使得授权代理客户端能够代表用户访问服务。 为了允许客户端作为代理，用户使用可信赖的安全服务器注册代理授权信息。 代理授权信息标识代理客户端，并指定授予代理客户端的代理授权的范围。 当代理客户端想要代表用户访问目标服务时，它向可信安全服务器发送代理请求。 受信任的安全服务器检查用户的代理授权信息，以验证请求是否在授予代理客户端的代理授权内。 如果是这样，则可信赖安全服务器向代理客户端返回包含目标服务可识别的信息的数据结构，以便代表用户验证代理客户端来访问目标服务。

公开(公告)号：US06427209B1

公开(公告)日：2002-07-30

申请号：US09549794

申请日：2000-04-14

申请人： John E. Brezak, Jr. ,  Richard B. Ward ,  Michael M. Swift ,  Paul J. Leach

发明人： John E. Brezak, Jr. ,  Richard B. Ward ,  Michael M. Swift ,  Paul J. Leach

IPC分类号： H04L900

CPC分类号： H04L67/306 ,  G06F21/33 ,  H04L63/0807 ,  H04L63/102 ,  H04L69/329

摘要： A system and method of combined user logon-authentication provides enhanced logon performance by utilizing communications with a network access control server for user authentication to provide user account data required for user logon. When a user logs on a computer, the computer initiates a network access control process with a network access control server for obtaining access to network services, including the computer that the user is logging on. During the access control process, the network access control server authenticates the user and queries a directory service for the account data for the user. The network access control server includes the user account data in one of the communication packets sent to the computer in the network access control process. The computer retrieves the user account data from the communication packet and uses the data to complete the user logon.

摘要翻译： 组合用户登录认证的系统和方法通过利用与网络访问控制服务器的通信进行用户认证来提供增强的登录性能，以提供用户登录所需的用户帐户数据。 当用户登录计算机时，计算机利用网络访问控制服务器启动网络访问控制过程，以获得对网络服务的访问，包括用户正在登录的计算机。 在访问控制过程中，网络访问控制服务器对用户进行身份验证，并向目录服务查询用户的帐户数据。 网络访问控制服务器在网络访问控制过程中包括在发送到计算机的通信分组之一中的用户帐户数据。 计算机从通信包中检索用户帐户数据，并使用数据完成用户登录。

公开(公告)号：US08239633B2

公开(公告)日：2012-08-07

申请号：US12217811

申请日：2008-07-09

申请人： David A. Wood ,  Mark D. Hill ,  Michael M. Swift ,  Michael R. Marty ,  Luke Yen ,  Kevin E. Moore ,  Jayaram Bobba ,  Haris Volos

发明人： David A. Wood ,  Mark D. Hill ,  Michael M. Swift ,  Michael R. Marty ,  Luke Yen ,  Kevin E. Moore ,  Jayaram Bobba ,  Haris Volos

IPC分类号： G06F12/08

CPC分类号： G06F12/0815

摘要： A coherence controller in hardware of an apparatus in an example detects conflicts on coherence requests through direct, non-broadcast employment of signatures that: summarize read-sets and write-sets of memory transactions; and provide false positives but no false negatives for the conflicts on the coherence requests. The signatures comprise fixed-size representations of a substantially arbitrary set of addresses for the read-sets and the write-sets of the memory transactions.

摘要翻译： 在示例中的装置的硬件中的相干控制器通过直接，非广播使用签名来检测对相干请求的冲突，所述签名总结了存储器事务的读取集和写入集合; 并提供错误的肯定，但对于一致性要求的冲突没有错误的否定。 签名包括对于存储器事务的读取集合和写入集合的基本上任意的地址集的固定大小表示。

公开(公告)号：US06377691B1

公开(公告)日：2002-04-23

申请号：US08762166

申请日：1996-12-09

申请人： Michael M. Swift ,  Bharat Shah

发明人： Michael M. Swift ,  Bharat Shah

IPC分类号： H04L900

CPC分类号： H04L63/04 ,  H04L63/0807 ,  H04L63/0869 ,  H04L63/12

摘要： The disclosed system uses a challenge-response authentication protocol for datagram-based remote procedure calls. Using a challenge-response authentication protocol has many advantages over using a conventional authentication protocol. There are two primary components responsible for communication using the challenge-response protocol: a challenge-response protocol component on the client computer (client C-R component) and a challenge-response protocol component on the server computer (server C-R component). In order to start a session using the challenge-response protocol, the client C-R component first generates a session key. The session key is used by both the client C-R component and the server C-R component for encrypting and decrypting messages. After creating the session key, the client C-R component encrypts a message containing a request for a remote procedure call and sends it to the server C-R component. In response, the server C-R component sends a challenge to the client C-R component. The challenge contains a unique identifier generated by the server C-R component. The client C-R component responds to the challenge by sending a challenge response and the session key. The challenge response is the unique identifier contained within the challenge encrypted with the password of the user of the client computer. The session key is also encrypted using this password. Upon receiving the challenge response, the server C-R component uses its copy of the client's password to create its own version of the challenge response and compares it to the version received from the client C-R component. If the two versions of the challenge response are identical, the identity of the user of the client computer has been verified. If the two versions are not identical, an attempted unauthorized access has been detected. After verification, the server C-R component extracts the session key, decrypts the message, and invokes the requested procedure of the server program. Subsequently, the server C-R component will send and receive encrypted messages from the client C-R component, thereby facilitating a remote procedure call.

公开(公告)号：US06308274B1

公开(公告)日：2001-10-23

申请号：US09096679

申请日：1998-06-12

申请人： Michael M. Swift

发明人： Michael M. Swift

IPC分类号： G06F1214

CPC分类号： G06F21/604 ,  G06F21/6218 ,  G06F2221/2141 ,  G06F2221/2145 ,  G06F2221/2149

摘要： A method and mechanism to enforce reduced access via restricted access tokens. Restricted access tokens are based on an existing token, and have less access than that existing token. A process is associated with a restricted token, and when the restricted process attempts to perform an action on a resource, a security mechanism compares the access token information with security information associated with the resource to grant or deny access. Application programs may have restriction information stored in association therewith, such that when launched, a restricted token is created for that application based on the restriction information thereby automatically reducing that application's access. Applications may be divided into different access levels such as privileged and non-privileged portions, thereby automatically restricting the actions a user can perform via that application. Also, the system may enforce running with reduced access by running user processes with a restricted token, and then requiring a definite action by the user to specifically override actions that are restricted by temporarily running with the user's normal token.

摘要翻译： 一种通过限制访问令牌实现减少访问的方法和机制。 限制访问令牌基于现有令牌，并且具有比现有令牌更少的访问权限。 进程与限制令牌相关联，并且当受限进程尝试对资源执行动作时，安全机制将访问令牌信息与与资源相关联的安全信息进行比较以允许或拒绝访问。 应用程序可以具有与其相关联地存储的限制信息，使得当启动时，基于限制信息为该应用创建受限标记，从而自动减少该应用的访问。 应用程序可以分为不同的访问级别，如特权和非特权部分，从而自动限制用户可以通过该应用程序执行的操作。 此外，系统可以通过使用受限制的令牌运行用户进程来强制执行具有减少的访问的运行，然后由用户需要明确的动作来专门地覆盖由用户正常令牌暂时运行而限制的动作。

公开(公告)号：US06189100B1

公开(公告)日：2001-02-13

申请号：US09107007

申请日：1998-06-30

申请人： Adam D. Barr ,  Michael M. Swift ,  Charles T. Lenzmeier

发明人： Adam D. Barr ,  Michael M. Swift ,  Charles T. Lenzmeier

IPC分类号： G06F124

CPC分类号： G06F21/575 ,  G06F2211/1097 ,  G06F2221/2103

摘要： A remote boot process uses a secret to sign and/or seal the data necessary to remotely boot a client from a server on a network to ensure the integrity of the data. The secret is generated by the server and securely delivered to the client during the initial setup of the client. The secret contains a one-way encryption of the password for the client account on the server. Each side balances a signed message with a verify and a sealed message with an unseal. Subsequent transactions between the client and server are conducted using messages encrypted with a key generated by the server and securely delivered to the client in a message sealed using the secret. The secret can also be used in conjunction with an access data structure to prevent unauthorized users from accessing data stored on the server on behalf of the client or other users. In other aspects of the invention, the secret is replaced by a client private/public key pair.

摘要翻译： 远程引导过程使用秘密来签名和/或密封从网络上的服务器远程引导客户端所需的数据，以确保数据的完整性。 该秘密由服务器生成，并在客户端的初始设置期间安全地传递给客户端。 秘密包含对服务器上客户端帐户密码的单向加密。 每一边平衡一个签名的消息与一个验证和密封的消息与一个开封。 使用由服务器生成的密钥加密的消息进行客户端和服务器之间的后续交易，并使用秘密将密封的消息安全地传递给客户端。 秘密还可以与访问数据结构一起使用，以防止未经授权的用户代表客户端或其他用户访问存储在服务器上的数据。 在本发明的其他方面，秘密由客户端专用/公共密钥对替代。

公开(公告)号：US5675782A

公开(公告)日：1997-10-07

申请号：US465990

申请日：1995-06-06

申请人： David S. Montague ,  Pradyumna K. Misra ,  Michael M. Swift

发明人： David S. Montague ,  Pradyumna K. Misra ,  Michael M. Swift

IPC分类号： G06F21/00 ,  H04L29/06 ,  G06F17/30

CPC分类号： H04L63/20 ,  G06F21/604 ,  G06F21/6236 ,  H04L29/06 ,  H04L63/101 ,  G06F2221/2101 ,  G06F2221/2141 ,  G06F2221/2145

摘要： A method and system for controlling access to entities on a network on which a plurality of servers are installed that use different operating systems. A request is entered by a user at a workstation on the network to set access permissions to an entity on the network in regard to a trustee. In response to the request, various application programming interfaces (APIs) are called to translate the generic request to set permissions on the entity into a format appropriate for the operating system that controls the entity. Assuming that the user has the appropriate rights to set access permissions to the entity as requested, and assuming that the trustee identified by the user is among those who can have rights set to the entity, the request made by the user is granted. Entities include both "containers" and "objects." Entities are either software, such as directories (containers) and files (objects), or hardware, such as printers (objects).

摘要翻译： 一种用于控制对其上安装有使用不同操作系统的多个服务器的网络上的实体的访问的方法和系统。 用户在网络上的工作站输入请求，以设置关于受信任者对网络上的实体的访问权限。 为响应该请求，调用各种应用程序编程接口（API）来转换通用请求以将该实体的权限设置为适用于控制该实体的操作系统的格式。 假设用户具有根据请求设置对实体的访问许可的适当权限，并且假设用户标识的受信者是可以具有设置权限的用户之一，则授予用户的请求。 实体包括“容器”和“对象”。 实体是软件，如目录（容器）和文件（对象）或硬件，如打印机（对象）。

公开(公告)号：US08510597B2

公开(公告)日：2013-08-13

申请号：US13023354

申请日：2011-02-08

申请人： Michael M. Swift ,  Andrea C. Arpaci-Dusseau ,  Remzi H. Arpaci-Dusseau ,  Swaminathan Sundararaman ,  Sriram Subramanian ,  Abhishek Rajimwale

发明人： Michael M. Swift ,  Andrea C. Arpaci-Dusseau ,  Remzi H. Arpaci-Dusseau ,  Swaminathan Sundararaman ,  Sriram Subramanian ,  Abhishek Rajimwale

IPC分类号： G06F11/00

CPC分类号： G06F11/1435

摘要： In general, techniques are described for enabling a restartable file system. A computing device comprising a processor that executes an operating system may implement the techniques. The processor executes kernel and file system functions of the operating system to perform an operation, where both types of functions call each other to perform the operation. The operating system stores data identifying those of the kernel functions that called the file system functions. In response to determining that one of the file system functions that was called has failed, the operating system accesses the data to identify one of the kernel functions that most recently called one of the file system functions, and returns control to the identified one of the kernel functions without executing any of the file system functions called after the identified one of the kernel functions and prior to the one of the file system functions that failed.

摘要翻译： 一般来说，描述了启用可重新启动的文件系统的技术。 包括执行操作系统的处理器的计算设备可以实现这些技术。 处理器执行操作系统的内核和文件系统功能以执行操作，其中两种类型的功能彼此相互调用以执行操作。 操作系统存储标识称为文件系统功能的内核功能的数据。 响应于确定被调用的文件系统功能之一失败，操作系统访问数据以识别最近称为文件系统功能之一的内核功能之一，并且将控制权返回到所识别的一个 内核函数，而不执行在确定的一个内核函数之后，在失败的文件系统函数之前调用的任何文件系统函数。

公开(公告)号：US20120204060A1

公开(公告)日：2012-08-09

申请号：US13023354

申请日：2011-02-08

申请人： Michael M. Swift ,  Andrea C. Arpaci-Dusseau ,  Remzi H. Arpaci-Dusseau ,  Swaminathan Sundararaman ,  Sriram Subramanian ,  Abhishek Rajimwale

发明人： Michael M. Swift ,  Andrea C. Arpaci-Dusseau ,  Remzi H. Arpaci-Dusseau ,  Swaminathan Sundararaman ,  Sriram Subramanian ,  Abhishek Rajimwale

IPC分类号： G06F11/08

CPC分类号： G06F11/1435

摘要： In general, techniques are described for enabling a restartable file system. A computing device comprising a processor that executes an operating system may implement the techniques. The processor executes kernel and file system functions of the operating system to perform an operation, where both types of functions call each other to perform the operation. The operating system stores data identifying those of the kernel functions that called the file system functions. In response to determining that one of the file system functions that was called has failed, the operating system accesses the data to identify one of the kernel functions that most recently called one of the file system functions, and returns control to the identified one of the kernel functions without executing any of the file system functions called after the identified one of the kernel functions and prior to the one of the file system functions that failed.

摘要翻译： 一般来说，描述了启用可重新启动的文件系统的技术。 包括执行操作系统的处理器的计算设备可以实现这些技术。 处理器执行操作系统的内核和文件系统功能以执行操作，其中两种类型的功能彼此相互调用以执行操作。 操作系统存储标识称为文件系统功能的内核功能的数据。 响应于确定被调用的文件系统功能之一失败，操作系统访问数据以识别最近称为文件系统功能之一的内核功能之一，并且将控制权返回到所识别的一个 内核函数，而不执行在确定的一个内核函数之后，在失败的文件系统函数之前调用的任何文件系统函数。

公开(公告)号：US20090077329A1

公开(公告)日：2009-03-19

申请号：US12217811

申请日：2008-07-09

申请人： David A. Wood ,  Mark D. Hill ,  Michael M. Swift ,  Michael R. Marty ,  Luke Yen ,  Kevin E. Moore ,  Jayaram Bobba ,  Haris Volos

发明人： David A. Wood ,  Mark D. Hill ,  Michael M. Swift ,  Michael R. Marty ,  Luke Yen ,  Kevin E. Moore ,  Jayaram Bobba ,  Haris Volos

IPC分类号： G06F12/00

CPC分类号： G06F12/0815

摘要： A coherence controller in hardware of an apparatus in an example detects conflicts on coherence requests through direct, non-broadcast employment of signatures that: summarize read-sets and write-sets of memory transactions; and provide false positives but no false negatives for the conflicts on the coherence requests. The signatures comprise fixed-size representations of a substantially arbitrary set of addresses for the read-sets and the write-sets of the memory transactions.

摘要翻译： 在示例中的装置的硬件中的相干控制器通过直接，非广播使用签名来检测对相干请求的冲突，所述签名总结了存储器事务的读取集和写入集合; 并提供错误的肯定，但对于一致性要求的冲突没有错误的否定。 签名包括对于存储器事务的读取集合和写入集合的基本上任意的地址集的固定大小表示。