公开(公告)号：US08595792B2

公开(公告)日：2013-11-26

申请号：US13553332

申请日：2012-07-19

Applicant: Alain C. Azagury ,  Murthy V. Devarakonda ,  Nikolai A. Joukov ,  Manoj Kumar ,  Birgit M. Pfitzmann ,  Norbert G. Vogl ,  Konstantinos Magoutis

Inventor： Alain C. Azagury ,  Murthy V. Devarakonda ,  Nikolai A. Joukov ,  Manoj Kumar ,  Birgit M. Pfitzmann ,  Norbert G. Vogl ,  Konstantinos Magoutis

IPC: G06F17/30

CPC classification number: G06F21/604 ,  G06F2221/2101

Abstract: A method, system, computer program product, and computer program storage device for transforming a high-level policy associated with a high layer to a low-level policy associated with a low layer. Mapping between high-level objects in a high layer and low-level objects in a low layer is derived by an automated discovery tool. The high-level policy is mapped to the low-level policy according to the mapping (e.g., by substituting the high-level objects with the low-level objects and by performing a syntax transformation). In one embodiment, a low-level policy is transformed to a high-level policy according to the mapping. As exemplary embodiments, policy transformations in traffic shaping and data retention are disclosed.

Abstract translation: 一种用于将与高层相关联的高级策略变换为与低层相关联的低级策略的方法，系统，计算机程序产品和计算机程序存储设备。 高层的高层对象与低层对象之间的映射是通过自动发现工具得出的。 高级策略根据映射映射到低级策略（例如，通过用低级对象替换高级对象，并通过执行语法转换）。 在一个实施例中，根据映射将低级策略转换为高级策略。 作为示例性实施例，公开了流量整形和数据保持中的策略转换。

公开(公告)号：US20120204149A1

公开(公告)日：2012-08-09

申请号：US13020525

申请日：2011-02-03

Applicant: Nikolai A. Joukov ,  Birgit M. Pfitzmann

Inventor： Nikolai A. Joukov ,  Birgit M. Pfitzmann

IPC: G06F9/44

CPC classification number: G06F11/3051 ,  G06F8/71 ,  G06F11/302

Abstract: Software components migrated from a source server to a target server may be compared before and after a migration. In one aspect, discovery tools may be used to discover the source server's configurations before the migration. Similarly, discovery tools may be used to discover the target server's configurations after the migration. A migration design or plan may be applied to the discovered source server configurations to generate a desired target server configuration. The desired target server configurations may be compared with the discovered target server configurations. Deviations or differences between the discovered target server configurations and the desired target server configurations may be determined. A database of common or typical changes, which might not be specified in the migration plan, may be used to identify the common changes that occur as part of a migration process, from the deviations.

Abstract translation: 可以在迁移之前和之后比较从源服务器迁移到目标服务器的软件组件。 在一个方面，可以使用发现工具在迁移之前发现源服务器的配置。 类似地，发现工具可以用于在迁移之后发现目标服务器的配置。 可以将迁移设计或计划应用于发现的源服务器配置，以生成所需的目标服务器配置。 可以将期望的目标服务器配置与所发现的目标服务器配置进行比较。 可以确定所发现的目标服务器配置与期望的目标服务器配置之间的偏差或差异。 常见或典型更改的数据库（可能未在迁移计划中指定）可用于根据偏差来识别作为迁移过程一部分的常见更改。

公开(公告)号：US20120072903A1

公开(公告)日：2012-03-22

申请号：US12885752

申请日：2010-09-20

Applicant: NIKOLAI A. JOUKOV ,  Birgit M. Pfitzmann

Inventor： NIKOLAI A. JOUKOV ,  Birgit M. Pfitzmann

IPC: G06F9/445

CPC classification number: G06F9/45558 ,  G06F8/63 ,  G06F2009/4557

Abstract: A system and method for application migration include matching an infrastructure of a source application with a plurality of multi-image work sets from a catalog by selecting a mapping of components of the infrastructure with components in the multi-image work sets to provide one or more selected multi-images. The source application is migrated to a target environment using the one or more selected multi-images.

Abstract translation: 用于应用迁移的系统和方法包括通过选择基础设施的组件与多图像工作集中的组件的映射来匹配源应用的基础设施与来自目录的多个多图像工作集，以提供一个或多个 选择多图像。 源应用程序使用一个或多个所选的多个映像迁移到目标环境。

公开(公告)号：US20110029946A1

公开(公告)日：2011-02-03

申请号：US12511506

申请日：2009-07-29

Applicant: Nikolai A. Joukov ,  Birgit M. Pfitzmann ,  Marco Pistoia ,  Vasily Tarasov ,  Takaaki Tateishi ,  Norbert G. Vogl

Inventor： Nikolai A. Joukov ,  Birgit M. Pfitzmann ,  Marco Pistoia ,  Vasily Tarasov ,  Takaaki Tateishi ,  Norbert G. Vogl

IPC: G06F9/44

CPC classification number: G06F11/3692 ,  G06F8/70

Abstract: Calls to stop functions are identified in a computer program file. The stop functions are functions that interact with external resources. Parameters of the calls to the stop functions that are references to the external resources are identified. An analysis is performed over the computer program file to find out possible values of the parameters of the calls.

Abstract translation: 在计算机程序文件中标识了停止功能的呼叫。 停止功能是与外部资源交互的功能。 标识对引用外部资源的停止功能的调用参数。 对计算机程序文件执行分析，以查找调用参数的可能值。

公开(公告)号：US20120284389A1

公开(公告)日：2012-11-08

申请号：US13553342

申请日：2012-07-19

Applicant: Alain C. Azagury ,  Murthy V. Devarakonda ,  Nikolai Joukov ,  Manoj Kumar ,  Konstantinos Magoutis ,  Birgit M. Pfitzmann ,  Norbert G. Vogl

Inventor： Alain C. Azagury ,  Murthy V. Devarakonda ,  Nikolai Joukov ,  Manoj Kumar ,  Konstantinos Magoutis ,  Birgit M. Pfitzmann ,  Norbert G. Vogl

IPC: G06F15/173

CPC classification number: G06F21/604 ,  G06F2221/2101

Abstract: A method, system, computer program product, and computer program storage device for transforming a high-level policy associated with a high layer to a low-level policy associated with a low layer. Mapping between high-level objects in a high layer and low-level objects in a low layer is derived by an automated discovery tool. The high-level policy is mapped to the low-level policy according to the mapping (e.g., by substituting the high-level objects with the low-level objects and by performing a syntax transformation). In one embodiment, a low-level policy is transformed to a high-level policy according to the mapping. As exemplary embodiments, policy transformations in traffic shaping and data retention are disclosed.

公开(公告)号：US07987253B2

公开(公告)日：2011-07-26

申请号：US12187861

申请日：2008-08-07

Applicant: Birgit M. Pfitzmann

Inventor： Birgit M. Pfitzmann

IPC: G06F15/173

CPC classification number: G06F21/6209

Abstract: Provides methods, apparatus and systems for determining an applicable policy for an incoming message having a service-level addressing element. A method includes the following steps: a) applying a potentially applicable policy (P1) on the incoming message to make the service-level addressing element of the incoming message visible, b) if the service-level addressing element of the incoming message gets visible and is the one to which the currently applied policy (P1) is associated, the currently applied policy (P1) is determined to be the applicable policy, and if not associated c) repeating steps a) and b) with a further potentially applicable policy (P2 . . . Pn).

Abstract translation: 提供用于确定具有服务级别寻址元素的输入消息的适用策略的方法，装置和系统。 一种方法包括以下步骤：a）对传入消息应用可能适用的策略（P1），使得传入消息的服务级寻址元素可见，b）如果传入消息的服务级寻址元素可见 并且是当前应用策略（P1）所关联的策略（P1）的当前应用策略（P1）被确定为适用策略，如果不是相关联的c）重复步骤a）和b）具有进一步潜在适用的策略 （P2 ... Pn）。

公开(公告)号：US20090307743A1

公开(公告)日：2009-12-10

申请号：US12134933

申请日：2008-06-06

Applicant: Alain C. Azagury ,  Murthy V. Devarakonda ,  Nikolai Joukov ,  Manoj Kumar ,  Konstantinos Magoutis ,  Birgit M. Pfitzmann ,  Norbert G. Vogl

Inventor： Alain C. Azagury ,  Murthy V. Devarakonda ,  Nikolai Joukov ,  Manoj Kumar ,  Konstantinos Magoutis ,  Birgit M. Pfitzmann ,  Norbert G. Vogl

IPC: G06F21/00

CPC classification number: G06F21/604 ,  G06F2221/2101

Abstract: A method, system, computer program product, and computer program storage device for transforming a high-level policy associated with a high layer to a low-level policy associated with a low layer. Mapping between high-level objects in a high layer and low-level objects in a low layer is derived by an automated discovery tool. The high-level policy is mapped to the low-level policy according to the mapping (e.g., by substituting the high-level objects with the low-level objects and by performing a syntax transformation). In one embodiment, a low-level policy is transformed to a high-level policy according to the mapping. As exemplary embodiments, policy transformations in traffic shaping and data retention are disclosed.

Abstract translation: 一种用于将与高层相关联的高级策略变换为与低层相关联的低级策略的方法，系统，计算机程序产品和计算机程序存储设备。 高层的高层对象与低层对象之间的映射是通过自动发现工具得出的。 高级策略根据映射映射到低级策略（例如，通过用低级对象替换高级对象，并通过执行语法转换）。 在一个实施例中，根据映射将低级策略转换为高级策略。 作为示例性实施例，公开了流量整形和数据保持中的策略转换。

公开(公告)号：US07240362B2

公开(公告)日：2007-07-03

申请号：US10638184

申请日：2003-08-08

Applicant: Birgit M. Pfitzmann ,  Michael Waidner

Inventor： Birgit M. Pfitzmann ,  Michael Waidner

IPC: H04L9/32

CPC classification number: H04L63/0815 ,  G06Q20/4014 ,  H04L63/1466 ,  H04L63/1483

Abstract: This invention provides identity-related information about a client application to an honest requesting entity, ensuring identity of client applications and preventing man-in-the-middle attacks. An example method comprises transferring identity-related information hosted on an identity provider about a client application to an honest requesting entity by: the client application receiving from a particular entity a request to forward an inner request comprising an identifier of the honest requesting entity to an identity provider selected by the client application; the client application forwards the inner request to the identity provider holding the identity-related information; the client application receives from the identity provider a response envelope instructing the client application to forward an inner response comprising the identity-related information requested in the inner request and the identifier; the client application derives an address of the honest requesting entity having the identifier; and the client application forwards the inner response to the derived address.

Abstract translation: 本发明提供关于客户端应用程序到诚实请求实体的身份相关信息，确保客户端应用程序的身份并防止中间人攻击。 示例性方法包括：通过以下方式将托管在身份提供商上的身份相关信息转移到诚实请求实体：客户端应用程序从特定实体接收将包含诚实请求实体的标识符的内部请求转发到 身份提供者由客户端应用程序选择; 客户应用程序将内部请求转发给持有身份相关信息的身份提供者; 客户端应用程序从身份提供者接收响应包络，指示客户端应用程序转发包含内部请求中请求的身份相关信息和标识符的内部响应; 客户端应用程序导出具有标识符的诚实请求实体的地址; 并且客户端应用程序将内部响应转发到派生地址。

公开(公告)号：US08850423B2

公开(公告)日：2014-09-30

申请号：US12608609

申请日：2009-10-29

Applicant: Eric J. Barkie ,  James R. S. Barros, II ,  Kamal Bhattacharya ,  Karen Cheng ,  Robert Filepp ,  Kevin D. Galloway ,  Nikolai Joukov ,  Jing Luo ,  Colm V. Malone ,  Birgit M. Pfitzmann ,  Brian L. Peterson ,  Harigovind V. Ramasamy ,  Kewei Sun ,  Norbert G. Vogl ,  David L. Westerman ,  Christopher C. Young

Inventor： Eric J. Barkie ,  James R. S. Barros, II ,  Kamal Bhattacharya ,  Karen Cheng ,  Robert Filepp ,  Kevin D. Galloway ,  Nikolai Joukov ,  Jing Luo ,  Colm V. Malone ,  Birgit M. Pfitzmann ,  Brian L. Peterson ,  Harigovind V. Ramasamy ,  Kewei Sun ,  Norbert G. Vogl ,  David L. Westerman ,  Christopher C. Young

IPC: G06F9/445

CPC classification number: G06F8/63

Abstract: The present invention describes a method and system for preparing a migration and consolidation of at least one source application to be migrated to or consolidated in at least one heterogeneous server device. A computing system selects at least one prospective target platform component based on an evaluation of at least one source platform component, a requirement of the at least one source application, and a compatibility and an affinity of the at least one prospective target platform component. The computing system collects first metadata of the at least one source platform component and the at least one prospective target platform component. The computing system collects second metadata associated with the migration and consolidation. The computing system groups the first metadata and the second metadata into a RFM (Request For Migration). The computing system prepares and configures a final target platform in accordance with the RFM.

Abstract translation: 本发明描述了一种用于准备迁移和合并至少一个要迁移到或整合到至少一个异构服务器设备中的源应用程序的方法和系统。 计算系统基于至少一个源平台组件的评估，所述至少一个源应用的需求以及所述至少一个潜在目标平台组件的兼容性和亲和度来选择至少一个预期目标平台组件。 所述计算系统收集所述至少一个源平台组件和所述至少一个预期目标平台组件的第一元数据。 计算系统收集与迁移和合并相关联的第二个元数据。 计算系统将第一元数据和第二元数据分组为RFM（请求迁移）。 计算系统根据RFM准备和配置最终目标平台。

公开(公告)号：US08205266B2

公开(公告)日：2012-06-19

申请号：US10597664

申请日：2005-01-28

Applicant: Birgit M. Pfitzmann ,  Michael P. Waidner

Inventor： Birgit M. Pfitzmann ,  Michael P. Waidner

IPC: G06F21/00

CPC classification number: G06F21/10 ,  G06F21/105 ,  G06F2221/0773 ,  G06F2221/2137

Abstract: Software license management systems are provided in which a license to use a software product is represented by a data token. The systems have a software controller for controlling use of the software product at a user device, and a license management server for communicating with the software controller via a data communications network. The software controller allows use of the software product at the user device substantially only during a use period associated with a current data token supplied to the software controller by the license management server. An exchange token can be supplied to another, similar software controller when necessary to transfer the license, e.g. in the event of a breakdown. The software controller is adapted to supply either the current data token, or the exchange token, to the license management server to be exchanged for a new data token.

Abstract translation: 提供了软件许可证管理系统，其中使用软件产品的许可证由数据令牌表示。 该系统具有用于控制在用户设备处使用软件产品的软件控制器，以及用于经由数据通信网络与软件控制器进行通信的许可证管理服务器。 软件控制器允许基本上仅在与由许可证管理服务器提供给软件控制器的当前数据令牌相关联的使用期间内在用户设备上使用该软件产品。 交换令牌可以在必要时提供给另一个类似的软件控制器来传送许可证，例如 发生故障时。 软件控制器适于将当前数据令牌或交换令牌提供给许可证管理服务器，以交换新的数据令牌。