-
公开(公告)号:US07356711B1
公开(公告)日:2008-04-08
申请号:US10158376
申请日:2002-05-30
申请人: Iulian D. Calinov , Christopher N. Peterson , Wei-Quiang Michael Guo , Danpo Zhang , Gilbert M. McQuillan , Wei Jiang , Sanjeev M. Nagvekar , Jeff Steinbok
发明人: Iulian D. Calinov , Christopher N. Peterson , Wei-Quiang Michael Guo , Danpo Zhang , Gilbert M. McQuillan , Wei Jiang , Sanjeev M. Nagvekar , Jeff Steinbok
CPC分类号: H04L9/3226 , H04L9/3247 , H04L2209/56
摘要: Secure site-to-site transactional communication between at least two network servers coupled to a data communication network, including secure registration by an authentication server associated with a multi-site user authentication system. A network server receives a request via a browser f of a client computer. In response, the network server initiates a transaction with the authentication server and defines a data structure, such as a query string, associated with the transaction. The network server also generates a digital signature of the data structure and then adds it to the data structure before directing the client computer from the network server to the authentication server with the data structure and the added digital signature. The network server also adds an index to the data structure. The index is associated with the transaction and unique, per transaction, to the network server initiating the transaction.
摘要翻译: 在耦合到数据通信网络的至少两个网络服务器之间进行安全的站点到站点事务通信,包括与多站点用户认证系统相关联的认证服务器的安全注册。 网络服务器通过客户端计算机的浏览器f接收请求。 作为响应,网络服务器发起与认证服务器的事务,并定义与该事务相关联的数据结构,例如查询字符串。 网络服务器还生成数据结构的数字签名,然后将其添加到数据结构中,然后将客户端计算机从网络服务器引导到具有数据结构和附加数字签名的认证服务器。 网络服务器还向数据结构添加索引。 该索引与事务相关联,并且每个事务对发起事务的网络服务器是唯一的。
-
公开(公告)号:US06553409B1
公开(公告)日:2003-04-22
申请号:US09350331
申请日:1999-07-09
申请人: Danpo Zhang , Josh Cohen , Rajeev Dujari , E. Castedo Ellerman
发明人: Danpo Zhang , Josh Cohen , Rajeev Dujari , E. Castedo Ellerman
IPC分类号: G06F1300
CPC分类号: G06F12/0815 , G06F12/0866
摘要: Two new cache control headers in the cache control header, “post-check” and “pre-check”, enable the display of content from the cache, with a later synchronization of the content performed in the background via a conditional request such as an IMS request. These headers enable the server to define a non-validate time period relative to the cached content's age in which the user will receive content from the cache, a background synchronization period in which the user will receive content from the cache and automatically queue a request for background synchronization thereof, and a validate period in which the cached content may or may not be used, depending on a response to a validation request sent to the server. The content is quickly rendered for the user in the non-validate and background synchronization periods, and the hit count is correct in the background synchronization and validate periods. In the background synchronization time period, the user has a fast experience with rapidly rendered content, while via the background synchronization, the server receives the proper number of hits.
摘要翻译: 高速缓存控制头中的两个新的高速缓存控制头,即“后检查”和“预检”,使得能够从高速缓存中显示内容,随后通过条件请求(例如 IMS请求。 这些标头使得服务器能够定义相对于缓存的内容的年龄的非验证时间段,其中用户将从缓存中接收内容,后台同步期间,用户将从缓存中接收内容并自动排队请求 取决于对发送到服务器的验证请求的响应,可以或可以不使用缓存的内容的验证周期。 在非验证和后台同步期间,用户将迅速呈现内容,并且后台同步和验证周期中的命中计数是正确的。 在后台同步时间段内,用户具有快速渲染内容的快速体验,而通过后台同步,服务器接收到适当数量的命中。
-
公开(公告)号:US07606915B1
公开(公告)日:2009-10-20
申请号:US10374036
申请日:2003-02-25
CPC分类号: H04L63/08 , G06F21/36 , H04L63/0428
摘要: Methods and system of preventing unauthorized scripting. The invention includes providing one or more tests to a user for distinguishing the user from a machine when the user requests access to the server. By storing information on a correct solution to the test in a block of data and sending the block of data together with the test, the invention provides stateless operation. Moreover, maintaining a database of previously used correct responses prevents replay attacks. The invention also includes providing combinations of alternative tests, such as visually altered textual character strings, audible character strings, and computational puzzles. Other aspects of the invention are directed to computer-readable media for use with the methods and system.
摘要翻译: 防止未经授权的脚本的方法和系统。 本发明包括当用户请求访问服务器时向用户提供一个或多个测试以区分用户与机器。 通过在数据块中存储关于正确解决方案的信息并发送数据块以及测试,本发明提供无状态操作。 此外,维护先前使用正确响应的数据库可防止重放攻击。 本发明还包括提供替代测试的组合,例如视觉上改变的文本字符串,可听话字符串和计算拼图。 本发明的其它方面涉及用于方法和系统的计算机可读介质。
-
公开(公告)号:US07117528B1
公开(公告)日:2006-10-03
申请号:US10279515
申请日:2002-10-24
申请人: Robert M. Hyman , Sachin Kukreja , Danpo Zhang , Barry I. Kelman , Munir Mahmood , Elaine Lan Chen
发明人: Robert M. Hyman , Sachin Kukreja , Danpo Zhang , Barry I. Kelman , Munir Mahmood , Elaine Lan Chen
摘要: Methods and systems for resolving naming contests when a user seeks to register an account associated with a login identifier that is already in use by another user. An authentication server notifies the user of a contested registration when the requested login identifier, such as an e-mail address, matches one of the identifiers stored in an authentication database. The server then solicits confirmation from the user that the login identifier belongs to the requesting user rather than the earlier user. By forcing the earlier user to select a different login identifier, the server renders the existing user account inactive but retains a unique account identifier and associated account information for the inactive user account.
摘要翻译: 当用户尝试注册与另一用户已经使用的登录标识符相关联的帐户时,用于解析命名竞赛的方法和系统。 当请求的登录标识符(诸如电子邮件地址)匹配存储在认证数据库中的一个标识符时,认证服务器通知用户有争议的注册。 服务器然后从用户请求确认登录标识符属于请求用户而不是较早的用户。 通过强制较早的用户选择不同的登录标识符,服务器将现有的用户帐户呈现为非活动状态,但保留了非活动用户帐户的唯一帐户标识符和关联的帐户信息。
-
公开(公告)号:US07454508B2
公开(公告)日:2008-11-18
申请号:US10346885
申请日:2003-01-15
申请人: Ashvin J. Mathew , Puhazholi Vetrivel , Brian Jones , Danpo Zhang , Laurel S. Abbott , Cem Paya , Melissa Dunn
发明人: Ashvin J. Mathew , Puhazholi Vetrivel , Brian Jones , Danpo Zhang , Laurel S. Abbott , Cem Paya , Melissa Dunn
IPC分类号: G06F15/16
CPC分类号: H04L63/0227 , G06F17/30867 , G06F21/62 , G06F2221/2149 , H04L63/0263 , H04L63/102
摘要: A method, system, and computer-readable medium are provided for managing consent between online entities to perform tasks. The consent mechanism uses an asynchronous protocol for submitting consent requests, managing consent requests, and resolving consent requests. An application that requires consent to perform a task submits a request for consent to the consent mechanism. The resolving authority obtains pending request information from the consent mechanism and sends the consent mechanism request resolution information. The application obtains resolved request information from the consent mechanism. If the resolved request is approved, the consent mechanism allows the application to perform the task. If the resolved request is denied, the consent mechanism does not allow the application to perform the task.
摘要翻译: 提供了一种方法,系统和计算机可读介质,用于管理在线实体之间的同意以执行任务。 同意机制使用异步协议提交同意请求,管理同意请求和解决同意请求。 需要同意执行任务的申请提交同意机制的请求。 解决当局从同意机制获得待处理的请求信息,并发送同意机制请求解析信息。 应用程序从同意机制获取解决的请求信息。 如果已解决的请求被批准,则同意机制允许应用程序执行该任务。 如果已解决的请求被拒绝,则同意机制不允许应用程序执行该任务。
-
6.发明授权Presenting customized consumer registration information on behalf of a third party 有权代表第三方呈现定制的消费者注册信息公开(公告)号:US07356560B2
公开(公告)日:2008-04-08
申请号:US10157100
申请日:2002-05-28
IPC分类号: G06F15/16
CPC分类号: H04L63/0807 , G06F21/41 , Y10S707/99931 , Y10S707/99939
摘要: A general provider of a core registration service provides registration services to a special service provider. In one implementation, a first party presents a user registration form to a second party on behalf of a third party The first party receives registration provisioning data from the third party, which is used by the first party to generate a custom registration form. Responsive to receiving a request from a second party to register for a specialized service provided by a third party, the first party communicates the custom registration form to second party.
摘要翻译: 核心注册服务的通用提供商向特殊服务提供商提供注册服务。 在一个实现中,第一方代表第三方向第二方呈现用户注册表。第一方从第三方接收注册提供数据,第三方由第一方使用该数据来生成自定义注册表。 响应于接收第二方注册由第三方提供的专门服务的请求,第一方将定制注册表传达给第二方。
-
-
-
-
-
搜索结果
6 条记录 (耗时 0.113 秒)