-
公开(公告)号:US07353535B2
公开(公告)日:2008-04-01
申请号:US10404733
申请日:2003-03-31
申请人: Christopher G. Kaler , John P. Shewchuk , Giovanni M. Della-Libera , Praerit Garg , Brendan W. Dixon
发明人: Christopher G. Kaler , John P. Shewchuk , Giovanni M. Della-Libera , Praerit Garg , Brendan W. Dixon
CPC分类号: G06F21/64
摘要: A flexible way of expressing trust policies using, for example, XML. Multiple statement types may be expressed for a single authority type. Statement types may include less than all of the statements made by an authority type. Authority types may be defined using any manner interpretable by the computing system using the trust policy. In addition, trust policies may be updated as trust levels change. Even multiple trust policies may be used with reconciliation between the multiple trust policies being accomplished by using the more restrictive trust policy with respect to an assertion.
摘要翻译: 使用例如XML来表达信任策略的灵活方式。 单个授权类型可以表示多个语句类型。 语句类型可能包括少于由权限类型所做的全部语句。 可以使用使用信任策略的计算系统可解释的任何方式定义权限类型。 此外,信任策略可能随着信任级别的变化而更新。 甚至可以使用多个信任策略,以便通过使用关于断言的更严格的信任策略来实现多个信任策略之间的对帐。
-
公开(公告)号:US06584480B1
公开(公告)日:2003-06-24
申请号:US09698067
申请日:2000-10-30
IPC分类号: G06F1700
CPC分类号: G06F17/2264 , G06F17/218 , G06F17/2205 , G06F17/2247 , G06F17/24 , G06F17/243
摘要: An authoring environment for producing content for an on-line system is described. This environment includes a story editor which can save files in a Multimedia Document Format (MDF) file. A MDF file is an OLE storage wherein one storage object holds text of the content in a Multimedia Publishing Markup Language. Other parts of the MDF file include storages for holding content search terms and storages for embedded objects.
摘要翻译: 描述了用于生成在线系统的内容的创作环境。 这个环境包括一个可以在多媒体文件格式(MDF)文件中保存文件的故事编辑器。 MDF文件是OLE存储,其中一个存储对象保存多媒体发布标记语言中的内容的文本。 MDF文件的其他部分包括用于保存嵌入对象的内容搜索项和存储的存储。
-
公开(公告)号:US06230173B1
公开(公告)日:2001-05-08
申请号:US08503307
申请日:1995-07-17
IPC分类号: G06F1730
CPC分类号: G06F17/2264 , G06F17/218 , G06F17/2205 , G06F17/2247 , G06F17/24 , G06F17/243
摘要: An authoring environment for producing content for an on-line system is described. This environment includes a story editor which can save files in a Multimedia Document Format (MDF) file. A MDF file is an OLE storage wherein one storage object holds text of the content in a Multimedia Publishing Markup Language. Other parts of the MDF file include storages for holding content search terms and storages for embedded objects.
摘要翻译: 描述了用于生成在线系统的内容的创作环境。 这个环境包括一个可以在多媒体文件格式(MDF)文件中保存文件的故事编辑器。 MDF文件是OLE存储,其中一个存储对象保存多媒体发布标记语言中的内容的文本。 MDF文件的其他部分包括用于保存嵌入对象的内容搜索项和存储的存储。
-
公开(公告)号:US08001189B2
公开(公告)日:2011-08-16
申请号:US10270445
申请日:2002-10-15
申请人: Henrik F. Nielsen , John P. Shewchuk , Erik B. Christensen , Alfred M. Lee , Christian Huitema , James M. Lyon , Mark H. Lukovsky , Andrew J. Layman , Satish R. Thatte , Christopher Kaler
发明人: Henrik F. Nielsen , John P. Shewchuk , Erik B. Christensen , Alfred M. Lee , Christian Huitema , James M. Lyon , Mark H. Lukovsky , Andrew J. Layman , Satish R. Thatte , Christopher Kaler
IPC分类号: G06F15/16
CPC分类号: H04L45/00 , H04L45/34 , H04L45/566 , H04L63/0428 , H04L63/102 , H04L63/123 , H04L63/126 , H04L67/02
摘要: A routing protocol is provided for exchanging messages between an initial sender and an ultimate receiver, potentially via a set of intermediaries. The routing protocol provides an optional reverse message path that enables two-way message exchange patterns. The routing protocol can be expressed as a header entry within a message envelope, is independent of the underlying protocol, and can be generated at the application layer of a protocol stack. The routing protocol may allow each intermediary to process the message and dynamically alter the message path en route to the intended recipient.
摘要翻译: 提供路由协议用于在初始发送者和最终接收者之间交换消息,潜在地通过一组中介。 路由协议提供可选的反向消息路径,实现双向消息交换模式。 路由协议可以表示为消息包络内的报头条目,独立于底层协议,并且可以在协议栈的应用层生成。 路由协议可以允许每个中间人处理该消息并且动态地改变到期望接收者的路由中的消息路径。
-
公开(公告)号:US07822200B2
公开(公告)日:2010-10-26
申请号:US11074885
申请日:2005-03-07
申请人: Kim Cameron , Arun K. Nanda , Josh D. Benaloh , John P. Shewchuk , Daniel R. Simon , Andrew Bortz
发明人: Kim Cameron , Arun K. Nanda , Josh D. Benaloh , John P. Shewchuk , Daniel R. Simon , Andrew Bortz
IPC分类号: H04L9/00
CPC分类号: H04L63/0442 , G06F21/445 , G06F2221/2129 , H04L9/0869 , H04L9/3218 , H04L63/06 , H04L2463/061
摘要: Exemplary embodiments disclosed herein may include a method and system for creating pair-wise security keys, comprising receiving an identity key from a website, generating a master key, creating a pair-wise symmetric key or asymmetric key pair by utilizing an encryption function of the identity key and the master key, and storing the pair-wise public or symmetric key at the client and the website.
摘要翻译: 本文公开的示例性实施例可以包括用于创建成对安全密钥的方法和系统,包括从网站接收身份密钥,生成主密钥,通过利用所述密钥对的加密功能来创建成对对称密钥或非对称密钥对 身份密钥和主密钥,并将成对的公有或对称密钥存储在客户端和网站上。
-
公开(公告)号:US07809938B2
公开(公告)日:2010-10-05
申请号:US11254545
申请日:2005-10-20
申请人: Giovanni M. Della-Libera , Christopher G. Kaler , Scott A. Konersmann , Butler W. Lampson , Paul J. Leach , Bradford H. Lovering , Steven E. Lucco , Stephen J. Millet , Richard F. Rashid , John P. Shewchuk
发明人: Giovanni M. Della-Libera , Christopher G. Kaler , Scott A. Konersmann , Butler W. Lampson , Paul J. Leach , Bradford H. Lovering , Steven E. Lucco , Stephen J. Millet , Richard F. Rashid , John P. Shewchuk
IPC分类号: H04L29/06
CPC分类号: H04L63/08 , G06Q20/3676 , H04L63/10 , H04L63/168 , H04L63/20 , H04L67/02 , H04L67/28 , H04L67/2804 , H04L67/2823
摘要: A distributed security system is provided. The distributed security system uses a security policy that is written in a policy language that is transport and security protocol independent as well as independent of cryptographic technologies. This security policy can be expressed using the language to create different security components allowing for greater scalability and flexibility. By abstracting underlying protocols and technologies, multiple environments and platforms can be supported.
摘要翻译: 提供分布式安全系统。 分布式安全系统使用以政策语言编写的安全策略,该策略语言是传输和安全协议独立的,而与密码技术无关。 该安全策略可以用语言来表示,以创建不同的安全组件,从而实现更大的可扩展性和灵活性。 通过抽象底层协议和技术,可以支持多个环境和平台。
-
公开(公告)号:US07743145B2
公开(公告)日:2010-06-22
申请号:US10827474
申请日:2004-04-19
IPC分类号: G06F15/16
CPC分类号: G06F21/445 , G06F2221/2103 , G06F2221/2129
摘要: The present invention extends to validating measurable aspects of computing system. A provider causes a challenge to be issued to the requester, the challenge requesting proof that the requester is appropriately configured to access the resource. The requester accesses information that indicates how the requester is to prove an appropriate configuration for accessing the resource. The requester formulates and sends proof that one or more measurable aspects of the requester's configuration are appropriate. The provider receives proof that one or more measurable aspects of the requester's configuration are appropriate and authorizes the requester to access the resource. Proof of one more measurable aspects of a requester can be used along with other types of authentication to authorize a requester to access a resource of a provider. Solutions to challenges can be pre-computed and stored in a location accessible to a provider.
摘要翻译: 本发明扩展到验证计算系统的可测量方面。 提供者会向请求者发出一个挑战,质询请求证明请求者被正确地配置为访问资源。 请求者访问指示请求者如何证明访问资源的适当配置的信息。 请求者制定并发送证据,证明请求者配置的一个或多个可衡量的方面是适当的。 提供者收到证据,证明请求者配置的一个或多个可衡量的方面是适当的,并授权请求者访问该资源。 请求者的一个可衡量方面的证明可以与其他类型的认证一起使用,以授权请求者访问提供商的资源。 挑战的解决方案可以预先计算并存储在供应商可访问的位置。
-
公开(公告)号:US07707637B2
公开(公告)日:2010-04-27
申请号:US12058156
申请日:2008-03-28
CPC分类号: G06F21/554
摘要: A method and system are provided for managing a security threat in a distributed system. A distributed element of the system detects and reports suspicious activity to a threat management agent. The threat management agent determines whether an attack is taking place and deploys a countermeasure to the attack when the attack is determined to be taking place. Another method and system are also provided for managing a security threat in a distributed system. A threat management agent reviews reported suspicious activity including suspicious activity reported from at least one distributed element of the system, determines, based on the reports, whether a pattern characteristic of an attack occurred, and predicts when a next attack is likely to occur. Deployment of a countermeasure to the predicted next attack is directed in a time window based on when the next attack is predicted to occur.
摘要翻译: 提供了一种用于管理分布式系统中的安全威胁的方法和系统。 系统的分布式元素会将威胁管理代理的可疑活动检测并报告。 威胁管理代理确定攻击是否发生,并在攻击确定发生时部署对攻击的对策。 还提供另一种方法和系统来管理分布式系统中的安全威胁。 威胁管理代理审查报告了可疑活动,包括从系统的至少一个分布式元素报告的可疑活动,根据报告确定是否发生攻击的模式特征,并预测何时可能发生下一次攻击。 基于预测发生下一次攻击的时间窗口,针对预测的下一次攻击的对策部署。
-
公开(公告)号:US07543267B2
公开(公告)日:2009-06-02
申请号:US10680238
申请日:2003-10-08
IPC分类号: G06F9/44
CPC分类号: G06F8/34 , Y10S715/967
摘要: An environment for developing clientside/serverside code is disclosed. The environment supports programming in an event-driven paradigm while the execution of the resultant programs are executed in a serial execution paradigm. Through shielding the developer from complex scripting segments, the environment provides the developer with the suggestion that that resultant execution model is event-driven. By treating scripts as later-definable objects, the designing phase of a page may be lessened, as the appropriate codings needed to implement a page are determined at a later date. In one example, the codings may be preliminary set as server side or client side, with the environment later adding the appropriate scripting language to complete the developed page.
摘要翻译: 公开了开发客户端/服务器端代码的环境。 环境支持事件驱动范例中的编程,而执行结果程序在串行执行范例中执行。 通过将开发人员从复杂的脚本段中屏蔽,环境为开发人员提供了结果执行模型是事件驱动的建议。 通过将脚本作为可定义的对象,可以减少页面的设计阶段,因为在稍后的日期确定实现页面所需的适当编码。 在一个示例中,编码可以被初步设置为服务器端或客户端,随后环境添加适当的脚本语言以完成开发的页面。
-
公开(公告)号:US07512782B2
公开(公告)日:2009-03-31
申请号:US10218584
申请日:2002-08-15
申请人: Christopher G. Kaler , John P. Shewchuk , Giovanni Moises Della-Libera , Robert George Atkinson
发明人: Christopher G. Kaler , John P. Shewchuk , Giovanni Moises Della-Libera , Robert George Atkinson
摘要: A method and system are provided such that a universal license may be used for authentication and authorization purposes and may include one or more cryptographic keys as well as assertions and related indications of authenticity. In an aspect of the invention, a license may be presented that includes access information, such that authentication and authorization decisions may be made based only on the access information. In other aspects of the invention, rights may be delegated and a trusted party may assert that another party can be trusted.
摘要翻译: 提供了一种方法和系统,使得通用许可证可以用于认证和授权目的,并且可以包括一个或多个密码密钥以及真实性的断言和相关的指示。 在本发明的一个方面,可以呈现包括访问信息的许可证,使得可以仅基于访问信息进行认证和授权决定。 在本发明的其他方面,可以委托权利,并且可信方可以断言另一方可以被信任。
-
-
-
-
-
-
-
-
-
搜索结果
56 条记录 (耗时 0.031 秒)
