Communication channel claim dependent security precautions
    11.
    发明授权
    Communication channel claim dependent security precautions 有权
    通信渠道声称依赖安全预防措施

    公开(公告)号:US08914874B2

    公开(公告)日:2014-12-16

    申请号:US12506568

    申请日:2009-07-21

    摘要: A set of security claims for a communication channel are obtained, the set of security claims including one or more security claims each identifying a security characteristic of the communication channel. The security claims are stored, as is a digital signature generated over the set of security claims by an entity. The security claims and digital signature are subsequently accessed when a computing device is to transfer data to and/or from the communication channel. The set of security claims is compared to a security policy of the computing device, and the entity that digitally signed the set of security claims is identified. One or more security precautions that the computing device is to use in transferring data to and/or from the communication channel are determined based at least in part on the comparing and the entity that has digitally signed the set of security claims.

    摘要翻译: 获得一组用于通信信道的安全权利要求,该组安全权利要求包括一个或多个安全权利要求,每个安全权利要求各自标识通信信道的安全特性。 存储安全声明,以及由实体在该组安全声明上生成的数字签名。 随后当计算设备将数据传送到通信信道和/或从通信信道传送数据时,随后访问安全声明和数字签名。 将该组安全声明与计算设备的安全策略进行比较,并且识别对该组安全声明进行数字签名的实体。 至少部分地基于所述比较和对所述一组安全权利要求进行数字签名的实体来确定所述计算设备将用于向所述通信信道传送数据和/或从所述通信信道传送数据的一个或多个安全预防措施。

    COMMUNICATION CHANNEL ACCESS BASED ON CHANNEL IDENTIFIER AND USE POLICY
    12.
    发明申请
    COMMUNICATION CHANNEL ACCESS BASED ON CHANNEL IDENTIFIER AND USE POLICY 有权
    基于通道识别器的通信通道访问和使用策略

    公开(公告)号:US20100211792A1

    公开(公告)日:2010-08-19

    申请号:US12372476

    申请日:2009-02-17

    IPC分类号: H04L9/32 H04L9/00 G06F12/14

    摘要: A communication channel has an associated channel authenticator that includes a channel identifier, a use policy identifying how an owner of the communication channel indicates the communication channel is used, and a digital signature over the channel identifier and use policy. The identifier of the communication channel and the use policy can be verified by a computing device, and a check made as to whether a current security policy of the computing device is satisfied by the use policy. An access that the computing device is allowed to have to the communication channel is determined based at least in part on both whether the current security policy is satisfied by the use policy and whether the identifier of the communication channel and the use policy are verified.

    摘要翻译: 通信信道具有关联的信道认证器,其包括信道标识符,识别通信信道的所有者如何指示通信信道的使用策略,以及通过信道标识符和使用策略的数字签名。 可以由计算设备来验证通信信道的标识符和使用策略,并且通过使用策略来检查计算设备的当前安全策略是否被满足。 至少部分地基于使用策略来满足当前安全策略以及通信信道的标识符和使用策略是否被验证,允许计算设备被允许对通信信道的访问。

    COMMUNICATION CHANNEL CLAIM DEPENDENT SECURITY PRECAUTIONS
    13.
    发明申请
    COMMUNICATION CHANNEL CLAIM DEPENDENT SECURITY PRECAUTIONS 有权
    通信渠道索赔相关安全注意事项

    公开(公告)号:US20110019820A1

    公开(公告)日:2011-01-27

    申请号:US12506568

    申请日:2009-07-21

    IPC分类号: H04L9/00 G06F12/14

    摘要: A set of security claims for a communication channel are obtained, the set of security claims including one or more security claims each identifying a security characteristic of the communication channel. The security claims are stored, as is a digital signature generated over the set of security claims by an entity. The security claims and digital signature are subsequently accessed when a computing device is to transfer data to and/or from the communication channel. The set of security claims is compared to a security policy of the computing device, and the entity that digitally signed the set of security claims is identified. One or more security precautions that the computing device is to use in transferring data to and/or from the communication channel are determined based at least in part on the comparing and the entity that has digitally signed the set of security claims.

    摘要翻译: 获得一组用于通信信道的安全权利要求,该组安全权利要求包括一个或多个安全权利要求,每个安全权利要求各自标识通信信道的安全特性。 存储安全声明,以及由实体在该组安全声明上生成的数字签名。 随后当计算设备将数据传送到通信信道和/或从通信信道传送数据时,随后访问安全声明和数字签名。 将该组安全声明与计算设备的安全策略进行比较,并且识别对该组安全声明进行数字签名的实体。 至少部分地基于所述比较和对所述一组安全权利要求进行数字签名的实体来确定所述计算设备将用于向所述通信信道传送数据和/或从所述通信信道传送数据的一个或多个安全预防措施。