利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

16 条记录 (耗时 0.014 秒)

    Methods, systems and computer program products for multi-packet message authentication for secured SSL-based communication sessions
    2.
    发明授权
    Methods, systems and computer program products for multi-packet message authentication for secured SSL-based communication sessions 失效
    用于安全的基于SSL的通信会话的多分组消息认证的方法,系统和计算机程序产品

    公开(公告)号:US06920556B2

    公开(公告)日:2005-07-19

    申请号:US09909709

    申请日:2001-07-20

    申请人: David Kuehr-McLaren Timothy G. Shoriak

    发明人: David Kuehr-McLaren Timothy G. Shoriak

    IPC分类号: H04L29/06 H04L9/00

    CPC分类号: H04L63/04 H04L63/08

    摘要: Methods, systems and computer program products are provided of message authentication for an SSL-based protocol connection between a source device and a destination device. A group message authentication code (MAC) is generated based on a plurality of communication packets. Each of the communication packets has at least one data record. The plurality of communication packets is transmitted using the SSL-based protocol connection along with the generated group MAC. Individual ones of the plurality of communication packets do not include an associated packet MAC as transmitted. A data record count to a next group MAC may be transmitted before transmitting the data records corresponding to the data record count and transmitting the next group MAC. The data records of the communication packets may be pre-encrypted and transmitted using the SSL-based protocol connection to encrypt the group MAC but not the data records. Receiver side methods, systems and computer program products are also provided.

    摘要翻译: 提供了方法,系统和计算机程序产品,用于在源设备和目标设备之间的基于SSL的协议连接的消息认证。 基于多个通信分组生成组消息认证码(MAC)。 每个通信分组具有至少一个数据记录。 使用基于SSL的协议连接以及所生成的组MAC来发送多个通信分组。 多个通信分组中的各个不包括所发送的相关联的分组MAC。 在发送对应于数据记录计数的数据记录并发送下一个组MAC之前,可以发送对下一个组MAC的数据记录计数。 可以使用基于SSL的协议连接对通信分组的数据记录进行预加密和传输,以加密组MAC而不是数据记录。 还提供接收机方法,系统和计算机程序产品。

    Automated role discovery
    3.
    发明申请
    Automated role discovery 审中-公开
    自动角色发现

    公开(公告)号:US20050138419A1

    公开(公告)日:2005-06-23

    申请号:US10741634

    申请日:2003-12-19

    申请人: Pratik Gupta Govindaraj Sampathkumar David Kuehr-McLaren Vincent Williams Sharon Cutcher Sumit Taank Brian Stube Hari Shankar

    发明人: Pratik Gupta Govindaraj Sampathkumar David Kuehr-McLaren Vincent Williams Sharon Cutcher Sumit Taank Brian Stube Hari Shankar

    IPC分类号: G06F11/30 H04L9/32

    CPC分类号: G06F21/6218

    摘要: An automated, bottom-up role discovery method for a role based control system includes automatically extracting identities and attributes from data sources and automatically clustering the identities based on the attributes to form recommended roles. The recommended roles may be modified by intervention of an administrator. Additionally, the recommended roles may be aggregated by defining the role definition as an attribute of each constituent identity, and re-clustering the identities to generate refined roles. The recommended, modified, and/or refined roles may then be utilized in a role based control system, such as a role based access control system. Periodically performing the role discovery process provides a means to audit a role based access control system.

    摘要翻译: 用于基于角色的控制系统的自动化的自下而上角色发现方法包括自动从数据源提取身份和属性,并根据属性自动聚类身份以形成推荐角色。 推荐的角色可以通过管理员的干预来修改。 另外,推荐的角色可以通过将角色定义定义为每个组成标识的属性来进行聚合,并重新聚集身份以生成精细角色。 然后,可以在基于角色的控制系统(例如基于角色的访问控制系统)中使用推荐的,修改的和/或细化的角色。 定期执行角色发现过程提供了一种审核基于角色的访问控制系统的方法。

    Automatic role hierarchy generation and inheritance discovery
    5.
    发明申请
    Automatic role hierarchy generation and inheritance discovery 审中-公开
    自动角色层次生成和继承发现

    公开(公告)号:US20050138420A1

    公开(公告)日:2005-06-23

    申请号:US10741904

    申请日:2003-12-19

    申请人: Govindaraj Sampathkumar Pratik Gupta David Kuehr-McLaren Vincent Williams Sharon Cutcher Sumit Taank Brian Stube Hari Shankar

    发明人: Govindaraj Sampathkumar Pratik Gupta David Kuehr-McLaren Vincent Williams Sharon Cutcher Sumit Taank Brian Stube Hari Shankar

    IPC分类号: H04L9/00

    CPC分类号: G06Q10/10 G06F21/604 G06F21/6218 G06F2221/2145

    摘要: A role hierarchy is automatically generated by hierarchically ranking roles in a role based control system, each role including a plurality of identities having attributes. Iteratively at each hierarchical level: each non-cohesive role (wherein, in this case, at least one attribute is not possessed by every identity in the role) is replaced, at the same hierarchical level, by a cohesive role formed by grouping identities having at least one common attribute. The remaining identities are clustered into children roles based on attributes other than the common attribute, and the children roles are added to the role hierarchy at a hierarchical level below the cohesive role. If no common attribute exists in the non-cohesive role, the role is clustered into two or more new roles based on all the attributes in the role, and the non-cohesive role is replaced with the new roles at the same hierarchical level.

    摘要翻译: 通过在基于角色的控制系统中对角色进行分级排序自动生成角色层次结构,每个角色包括具有属性的多个身份。 迭代地在每个层次级别:每个非凝聚的角色(其中,在这种情况下,角色中的每个身份不具有至少一个属性)在相同的层次上由通过将身份分组 至少有一个共同的属性。 剩余的身份基于公共属性以外的属性聚类成儿童角色,并且儿童角色被添加到角色层次结构中,层级低于凝聚角色。 如果非凝聚角色中不存在共同属性,则该角色将基于角色中的所有属性聚集到两个或多个新角色中,并且将非相关角色替换为同一层次级别的新角色。

    Method, system, and computer program product for digital verification of collected privacy policies in electronic transactions
    6.
    发明申请
    Method, system, and computer program product for digital verification of collected privacy policies in electronic transactions 有权
    方法,系统和计算机程序产品,用于电子交易中收集的隐私政策的数字验证

    公开(公告)号:US20050102155A1

    公开(公告)日:2005-05-12

    申请号:US10706334

    申请日:2003-11-12

    申请人: David Kuehr-McLaren Martin Presler-Marshall Calvin Powers Timothy Shoriak John Walczyk

    发明人: David Kuehr-McLaren Martin Presler-Marshall Calvin Powers Timothy Shoriak John Walczyk

    IPC分类号: G06F15/00 G06F21/20 G06Q10/00 H04L9/32 G06F17/60

    CPC分类号: G06Q30/06 G06F21/645 G06Q30/0601

    摘要: Parties involved in transacting business in an E-marketplace (E-marketplace participants) each identify and submit to the E-marketplace their P3P policy and/or other relevant characteristics related to their privacy policy needs (those that they adhere to, referred to as “privacy policies”; those that they require, referred to as “privacy preferences”, or both). Submitted with the privacy policy is a digital signature that is tied to the owner of the web objects to which the privacy policy pertains. Using a digital signature assures the integrity of the privacy policy since it travels with the privacy policy and thus refers back to the original sender of the policy rather than the middleman (the E-marketplace), and if the document (the privacy policy) to which it is attached has been tampered with, the digital signature will be invalidated.

    摘要翻译: 参与电子市场交易业务的各方(电子市场参与者)都会识别并向电子商务提交其P3P政策和/或与其隐私政策需求相关的其他相关特征(他们所遵守的相关特性,简称为 “隐私政策”;他们需要的,被称为“隐私偏好”,或两者兼而有之)。 使用隐私政策提交的是与隐私政策所属的Web对象的所有者绑定的数字签名。 使用数字签名确保隐私政策的完整性,因为它与隐私政策一起旅行,从而指向政策的原始发件人,而不是中间人(电子市场),如果文件(隐私政策)为 它附带的东西已经被篡改,数字签名将被无效。

    Secure delegation using public key authentication
    7.
    发明授权
    Secure delegation using public key authentication 失效
    使用公钥认证进行安全授权

    公开(公告)号:US07698736B2

    公开(公告)日:2010-04-13

    申请号:US12186426

    申请日:2008-08-05

    申请人: John R. McGarvey David Kuehr-McLaren

    发明人: John R. McGarvey David Kuehr-McLaren

    IPC分类号: H04L9/12 H04L9/32 G06F7/04 G06F15/16 H04L9/30

    CPC分类号: H04L63/0823 H04L9/3213 H04L9/3247 H04L9/3263 H04L63/166 H04L2209/56

    摘要: A client is impersonalized to a plurality of servers using a middle-tier server. A common nonce associated with each of the plurality of servers is obtained and the common nonce is provided to the client. The common nonce signed by the client is received at the middle-tier server and provided as a signature for transactions from the client to the plurality of servers so as to authenticate the client to the plurality of servers.

    摘要翻译: 使用中间层服务器,客户端与多个服务器非人性化。 获得与多个服务器中的每个服务器相关联的通用随机数,并且向客户端提供通用随机数。 由中间层服务器接收由客户端签名的通用随机数,并作为从客户端到多个服务器的事务的签名提供,以便向多个服务器认证客户机。

    SECURE DELEGATION USING PUBLIC KEY AUTHENTICATION
    8.
    发明申请
    SECURE DELEGATION USING PUBLIC KEY AUTHENTICATION 失效
    使用公共密钥认证的安全认证

    公开(公告)号:US20090055902A1

    公开(公告)日:2009-02-26

    申请号:US12186420

    申请日:2008-08-05

    申请人: John R. McGarvey David Kuehr-McLaren

    发明人: John R. McGarvey David Kuehr-McLaren

    IPC分类号: G06F21/20 H04L9/06

    CPC分类号: H04L63/0823 H04L9/3213 H04L9/3247 H04L9/3263 H04L63/166 H04L2209/56

    摘要: A client is impersonalized to a plurality of servers using a middle-tier server. A common nonce associated with each of the plurality of servers is obtained and the common nonce is provided to the client. The common nonce signed by the client is received at the middle-tier server and provided as a signature for transactions from the client to the plurality of servers so as to authenticate the client to the plurality of servers.

    摘要翻译: 使用中间层服务器,客户端与多个服务器非人性化。 获得与多个服务器中的每个服务器相关联的通用随机数,并且向客户端提供通用随机数。 由中间层服务器接收由客户端签名的通用随机数,并作为从客户端到多个服务器的事务的签名提供,以便向多个服务器认证客户机。

    Secure delegation using public key authorization
    9.
    发明授权
    Secure delegation using public key authorization 有权
    使用公钥授权进行安全授权

    公开(公告)号:US07428749B2

    公开(公告)日:2008-09-23

    申请号:US09921536

    申请日:2001-08-03

    申请人: John R. McGarvey David Kuehr-McLaren

    发明人: John R. McGarvey David Kuehr-McLaren

    IPC分类号: H04L9/12 H04L9/32 G06F7/04 G06F15/16 H04L9/30

    CPC分类号: H04L63/0823 H04L9/3213 H04L9/3247 H04L9/3263 H04L63/166 H04L2209/56

    摘要: A client is impersonated to a plurality of servers using a middle-tier server. A common nonce associated with each of the plurality of servers is obtained and the common nonce is provided to the client. The common nonce signed by the client is received at the middle-tier server and provided as a signature for transactions from the client to the plurality of servers so as to authenticate the client to the plurality of servers.

    摘要翻译: 使用中间层服务器将客户端模拟到多个服务器。 获得与多个服务器中的每个服务器相关联的通用随机数,并且向客户端提供通用随机数。 由中间层服务器接收由客户端签名的通用随机数,并作为从客户端到多个服务器的事务的签名提供,以便向多个服务器认证客户机。