-
公开(公告)号:US20100088672A1
公开(公告)日:2010-04-08
申请号:US12244949
申请日:2008-10-03
申请人: David E. Langworthy , Bradford H. Lovering , Donald F. Box , Douglas A. Walter , Giovanni M. Della-Libera , Jeffrey S. Pinkston , John D. Doty , John L. Hamby
发明人: David E. Langworthy , Bradford H. Lovering , Donald F. Box , Douglas A. Walter , Giovanni M. Della-Libera , Jeffrey S. Pinkston , John D. Doty , John L. Hamby
IPC分类号: G06F9/44
摘要: The subject disclosure relates to a syntax for a scripting language that allows data intensive applications to be written in a compact, human friendly, textual format. The scripting language can be a declarative programming language, such as the “D” programming language, which is well suited to the authoring of data intensive programs. A compact query syntax is provided for D that simplifies the expression of complex and data intensive programs. In another non-limiting aspect, conventional operator precedence is modified to accommodate the compact syntax and other unique features of a general purpose declarative programming language.
摘要翻译: 主题公开涉及一种脚本语言的语法,其允许以紧凑,人性化的文本格式写入数据密集型应用。 脚本语言可以是一种声明式编程语言,例如“D”编程语言,非常适合于编写数据密集型程序。 为D提供了紧凑的查询语法,简化了复杂和数据密集型程序的表达。 在另一个非限制性方面,修改常规运算符优先级以适应通用声明式编程语言的紧凑语法和其他独特特征。
-
公开(公告)号:US20080083009A1
公开(公告)日:2008-04-03
申请号:US11537029
申请日:2006-09-29
IPC分类号: H04L9/00
CPC分类号: H04L63/20
摘要: Communicating and requesting specialized policy information. A message is sent by a client to a service which provides the services requested by the message or a specialized processor that evaluates messages. The message is evaluated for compliance with a policy particular to the message. If the message does not comply with a policy particular to the message, policy information is sent, where the policy information indicates the correct policy particular to the message. In one embodiment, if the message complies with a policy particular to the message, policy information is sent, where the policy information indicates that the message complies with a policy particular to the message.
摘要翻译: 沟通和请求专门的政策信息。 消息由客户端发送到提供消息请求的服务或评估消息的专用处理器的服务。 评估消息是否符合消息特有的策略。 如果消息不符合消息特有的策略,则发送策略信息,其中策略信息指示消息特有的正确策略。 在一个实施例中,如果消息符合消息特有的策略,则发送策略信息,其中策略信息指示消息符合消息的特定策略。
-
公开(公告)号:US20070294743A1
公开(公告)日:2007-12-20
申请号:US11424415
申请日:2006-06-15
IPC分类号: H04L9/00
CPC分类号: G06F21/6218
摘要: The present invention extends to methods, systems, and computer program products for selecting policy for compatible communication. Hierarchical policy document data structures represent communication (e.g., security) aspects and options such that lower aspects and options are accessed in the context of corresponding higher aspects and options to define applicable scope. Use of a hierarchical description also facilitates separation of what is being protected from how it is being protected thereby allowing security policy to be considered at different locations of a description document.
摘要翻译: 本发明扩展到用于选择兼容通信的策略的方法,系统和计算机程序产品。 分级政策文件数据结构表示通信(例如,安全性)方面和选项,使得在对应的较高方面和选项的上下文中访问较低方面和选项以定义适用范围。 使用分层描述还有助于将被保护的内容与被保护的内容进行分离,从而允许在描述文档的不同位置处考虑安全策略。
-
公开(公告)号:US08051469B2
公开(公告)日:2011-11-01
申请号:US12620444
申请日:2009-11-17
IPC分类号: G06F7/04
CPC分类号: H04L9/3271 , H04L9/3213 , H04L9/3297 , H04L2209/56 , H04L2209/80
摘要: A cryptographic session key is utilized to maintain security of a digital identity. The session key is valid only for a limited period of time. Additional security is provided via a bimodal credential allowing different levels of access to the digital identify. An identity token contains pertinent information associated with the digital identity. The identity token is encrypted utilizing public-key cryptography. An identifier utilized to verify the validity of the digital identity is encrypted with the cryptographic session key. The encrypted identity token and the encrypted identifier are provided to a service for example. The service decrypts the encrypted identity token utilizing public key cryptography, and decrypts, with the cryptographic session key obtained from the identity token, the encrypted identifier. If the identifier is determined to be valid, the transaction proceeds normally. If the identifier is determined to be invalid, the transaction is halted.
摘要翻译: 利用加密会话密钥来维护数字身份的安全性。 会话密钥仅在有限的时间内有效。 通过双峰凭证提供额外的安全性,允许不同级别的访问数字识别。 身份令牌包含与数字身份相关联的相关信息。 使用公钥密码术对身份令牌进行加密。 用于验证数字身份的有效性的标识符被加密会话密钥加密。 加密的身份令牌和加密的标识符例如被提供给服务。 该服务使用公钥加密来解密加密的身份令牌,并且利用从身份令牌获得的加密会话密钥对加密的标识符进行解密。 如果标识符被确定为有效,则事务正常进行。 如果标识符被确定为无效,则停止该事务。
-
公开(公告)号:US07640579B2
公开(公告)日:2009-12-29
申请号:US11222912
申请日:2005-09-09
CPC分类号: H04L9/3271 , H04L9/3213 , H04L9/3297 , H04L2209/56 , H04L2209/80
摘要: A cryptographic session key is utilized to maintain security of a digital identity. The session key is valid only for a limited period of time. Additional security is provided via a bimodal credential allowing different levels of access to the digital identify. An identity token contains pertinent information associated with the digital identity. The identity token is encrypted utilizing public-key cryptography. An identifier utilized to verify the validity of the digital identity is encrypted with the cryptographic session key. The encrypted identity token and the encrypted identifier are provided to a service for example. The service decrypts the encrypted identity token utilizing public key cryptography, and decrypts, with the cryptographic session key obtained from the identity token, the encrypted identifier. If the identifier is determined to be valid, the transaction proceeds normally. If the identifier is determined to be invalid, the transaction is halted.
摘要翻译: 利用加密会话密钥来维护数字身份的安全性。 会话密钥仅在有限的时间内有效。 通过双峰凭证提供额外的安全性,允许不同级别的访问数字识别。 身份令牌包含与数字身份相关联的相关信息。 使用公钥密码术对身份令牌进行加密。 用于验证数字身份的有效性的标识符被加密会话密钥加密。 加密的身份令牌和加密的标识符例如被提供给服务。 该服务使用公钥加密来解密加密的身份令牌,并且利用从身份令牌获得的加密会话密钥对加密的标识符进行解密。 如果标识符被确定为有效,则事务正常进行。 如果标识符被确定为无效,则停止该事务。
-
公开(公告)号:US07636939B2
公开(公告)日:2009-12-22
申请号:US11009926
申请日:2004-12-10
申请人: Christopher G. Kaler , Douglas A. Walter , Giovanni M. Della-Libera , Melissa W. Dunn , Richard L. Hasha , Tomasz Janczuk
发明人: Christopher G. Kaler , Douglas A. Walter , Giovanni M. Della-Libera , Melissa W. Dunn , Richard L. Hasha , Tomasz Janczuk
CPC分类号: H04L63/0428 , H04L63/16
摘要: A data structure with endpoint address and security information. The data structure includes an address field that includes one or more endpoint addresses for an entity. The data structure further includes a security field that includes one or more keys for facilitating secure communications with the entity. The data structure may also be such that the contents of the address field and the security field are serialized in the data structure. The data structure may be extensible such that new address fields and security fields may be added.
摘要翻译: 具有端点地址和安全信息的数据结构。 该数据结构包括一个包含一个或多个实体端点地址的地址字段。 数据结构进一步包括安全领域,其包括用于促进与实体的安全通信的一个或多个密钥。 数据结构还可以使得地址字段和安全字段的内容在数据结构中被序列化。 数据结构可以是可扩展的,使得可以添加新的地址字段和安全字段。
-
公开(公告)号:US20080082626A1
公开(公告)日:2008-04-03
申请号:US11536996
申请日:2006-09-29
IPC分类号: G06F15/16
CPC分类号: H04L63/0823
摘要: Requesting security tokens with typed information. A method includes accessing at a client, information to allow the client to request a token for accessing functionality of a service. The method further includes sending a client request from the client to a token issuer in a token request. The client request includes the information and at least one of information defining the source of the information, proof of the source of the information; or usage information specifying how the information should be used.
摘要翻译: 使用类型信息请求安全令牌。 一种方法包括在客户端访问信息以允许客户端请求用于访问服务功能的令牌。 该方法还包括在令牌请求中将客户端请求从客户端发送到令牌发行者。 客户请求包括信息和定义信息来源的信息的至少一个信息的来源的证明; 或指定如何使用信息的使用信息。
-
公开(公告)号:US07185060B2
公开(公告)日:2007-02-27
申请号:US10401220
申请日:2003-03-26
IPC分类号: G06F15/16
CPC分类号: H04L65/605 , H04L49/90 , H04L65/4092 , H04L69/22
摘要: Methods, systems, and computer program products that reduce buffer requirements in a messaging system so that the messaging system can send or receive relatively larger messages using a given buffer size. Message handlers are provided, each identifying a corresponding processing operation to perform on a message object having a streamed portion with a stream oriented interface. Pipelines comprising ordered collections of the message handlers are provided as well. The message object is processed by the message handlers in the message pipelines, such that at least one message handler encapsulates the streamed portion of the message object with its corresponding processing operation. The corresponding processing operation is to be performed at a future time, and encapsulates the streamed portion of the message object without materializing the stream portion in a buffer. The messaging system may be an intermediary for routing a message object or an endpoint.
摘要翻译: 方法,系统和计算机程序产品,可减少消息传递系统中的缓冲区要求,以便消息系统可以使用给定的缓冲区大小发送或接收相对较大的消息。 提供消息处理程序,每个标识相应的处理操作以在具有流定向接口的流传输部分的消息对象上执行。 还提供了包含消息处理程序的有序集合的流水线。 消息对象由消息流水线中的消息处理程序处理,使得至少一个消息处理程序将消息对象的流传输部分与其对应的处理操作进行封装。 相应的处理操作将在未来的时间执行,并封装消息对象的流传输部分,而不将流部分实现在缓冲器中。 消息系统可以是用于路由消息对象或端点的中介。
-
公开(公告)号:US07860989B2
公开(公告)日:2010-12-28
申请号:US11049157
申请日:2005-02-02
IPC分类号: G06F15/16
CPC分类号: H04L29/06 , G06F17/3092
摘要: In a computerized system, a sending computer system and recipient computer system exchange an interchange format message in a resource-efficient manner. For example, a transformation writer at the sending computer system selects and transforms only one or few of a plurality of units of the message at the time. The transformed message units are then streamed to the recipient computer system in accordance with a relevant transformation standard, such as the canonicalization standard in the case of XML messages. A transformation reader at the recipient computer system transforms the messages using a buffer big enough for received message units, and passes the transformed units to a file. Thus, the transformation writer acts as a stream writer to pass a message, and the transformation reader acts as a stream reader at the recipient computer system.
摘要翻译: 在计算机化系统中,发送计算机系统和接收者计算机系统以资源有效的方式交换交换格式消息。 例如,发送计算机系统中的变换写入器当时仅选择和转换消息的多个单元中的一个或几个。 然后,转换的消息单元根据相关的转换标准(例如XML消息的规范化标准)被流式传输到接收方计算机系统。 收件人计算机系统的变换阅读器使用足够大的缓冲器对接收的消息单元转换消息,并将转换的单位传递给文件。 因此,变换写入器用作流写入器来传递消息,并且转换读取器在接收者计算机系统处作为流读取器。
-
公开(公告)号:US20090217383A1
公开(公告)日:2009-08-27
申请号:US12037806
申请日:2008-02-26
CPC分类号: H04L63/20 , H04L9/3247 , H04L2209/68 , H04L2209/80
摘要: Well-defined messages may be transmitted from a sending device to a recipient device in order to reduce the processing and resource requirements imposed by the security semantics of general message standards. The well-defined messages may include an expression of a collective intent of the security semantics included in the message. The expression of the security semantics within the message simplifies the discovery process for devices processing the message. The well-defined message may also require that any intermediary devices that process the well-defined message as it is transmitted from the sender device to the receiver device follow the expressed collective intent of the security semantics. If an intermediary device cannot understand or adhere to the expressed intent, the well-defined message must be rejected.
摘要翻译: 良好定义的消息可以从发送设备发送到接收者设备,以便减少由一般消息标准的安全语义强加的处理和资源需求。 明确定义的消息可以包括消息中包括的安全语义的集体意图的表达。 消息内的安全语义表达简化了处理消息的设备的发现过程。 明确定义的消息还可能要求在从发送方设备发送到接收方设备时处理明确定义的消息的任何中间设备遵循安全性语义所表达的集体意图。 如果中介设备无法理解或遵守表达的意图,则明确的消息必须被拒绝。
-
-
-
-
-
-
-
-
-
搜索结果
14 条记录 (耗时 0.02 秒)
