公开(公告)号：US20130191894A1

公开(公告)日：2013-07-25

申请号：US13354324

申请日：2012-01-19

申请人： Vadim Eydelman ,  Brian Kress ,  Matthias Leibmann ,  Moustafa Noureddine ,  Lei Yu ,  Haibo Luo

发明人： Vadim Eydelman ,  Brian Kress ,  Matthias Leibmann ,  Moustafa Noureddine ,  Lei Yu ,  Haibo Luo

IPC分类号： G06F21/22

CPC分类号： H04L63/0823 ,  H04L9/321 ,  H04L9/3263 ,  H04L61/3065 ,  H04L61/35 ,  H04L63/062 ,  H04L69/22

摘要： Online and on-premise applications identify trusted authentication providers. The applications are configured with a list of trusted issuers of authentication credentials. When an application receives a request requiring authentication, the application returns a 401 response that includes the trusted issuer list. The requesting application compares the trusted issuer list from the 401 response to its own list of authentication providers. If there is a match between the two lists, then the requesting application creates a self-issued token for the authentication provider. The authentication provider uses the self-issued token to generate an authentication token for the requesting application. The requesting application may also directly create a token for a target partner application, without an authentication provider, if there is a direct trust between the two applications.

摘要翻译： 在线和内部部署应用程序标识可信赖的身份验证提供程序。 这些应用程序配置有可靠的认证凭证发行者列表。 当应用程序接收到需要认证的请求时，应用程序返回包含受信任发行者列表的401响应。 请求应用将可信发行者列表从401响应与其自己的认证提供者列表进行比较。 如果两个列表之间存在匹配，则请求的应用程序将为身份验证提供程序创建自发证券。 认证提供者使用自发证令牌为请求的应用程序生成认证令牌。 如果两个应用程序之间存在直接的信任，请求应用程序也可以直接为目标伙伴应用程序创建令牌，而不需要身份验证提供程序。

公开(公告)号：US20080134310A1

公开(公告)日：2008-06-05

申请号：US11606671

申请日：2006-11-30

申请人： Shrikrishna V. Borde ,  Shawn Farkas ,  Haibo Luo ,  Michael D. Downen ,  Raja Krishnaswamy ,  Thottam R. Sriram ,  Chris King

发明人： Shrikrishna V. Borde ,  Shawn Farkas ,  Haibo Luo ,  Michael D. Downen ,  Raja Krishnaswamy ,  Thottam R. Sriram ,  Chris King

IPC分类号： H04L9/32 ,  G06F21/00

CPC分类号： G06F21/53 ,  G06F21/629 ,  H04L63/10

摘要： Various technologies and techniques are disclosed that use code access security for providing runtime accessibility checks. A request is received from a first program to access at least one private member of a second program at runtime. If the first program has a greater than or equal security context than the second program, then the first program is granted access to the at least one private member of the second program. This code access security check can be provided in a framework environment that is responsible for managing programs that are from unknown or untrusted sources.

摘要翻译： 公开了使用代码访问安全性来提供运行时可访问性检查的各种技术和技术。 从第一程序接收到在运行时访问第二程序的至少一个专用成员的请求。 如果第一程序具有比第二程序大的或相等的安全上下文，则允许第一程序访问第二程序的至少一个私有成员。 该代码访问安全检查可以在负责管理来自未知或不可信源的程序的框架环境中提供。

公开(公告)号：US08819794B2

公开(公告)日：2014-08-26

申请号：US13354324

申请日：2012-01-19

申请人： Vadim Eydelman ,  Brian Kress ,  Matthias Leibmann ,  Moustafa Noureddine ,  Lei Yu ,  Haibo Luo

发明人： Vadim Eydelman ,  Brian Kress ,  Matthias Leibmann ,  Moustafa Noureddine ,  Lei Yu ,  Haibo Luo

IPC分类号： G06F15/16

CPC分类号： H04L63/0823 ,  H04L9/321 ,  H04L9/3263 ,  H04L61/3065 ,  H04L61/35 ,  H04L63/062 ,  H04L69/22

摘要： Online and on-premise applications identify trusted authentication providers. The applications are configured with a list of trusted issuers of authentication credentials. When an application receives a request requiring authentication, the application returns a 401 response that includes the trusted issuer list. The requesting application compares the trusted issuer list from the 401 response to its own list of authentication providers. If there is a match between the two lists, then the requesting application creates a self-issued token for the authentication provider. The authentication provider uses the self-issued token to generate an authentication token for the requesting application. The requesting application may also directly create a token for a target partner application, without an authentication provider, if there is a direct trust between the two applications.

摘要翻译： 在线和内部部署应用程序标识可信赖的身份验证提供程序。 这些应用程序配置有可信赖的认证凭证发行者列表。 当应用程序接收到需要认证的请求时，应用程序返回包含受信任发行者列表的401响应。 请求应用将可信发行者列表从401响应与其自己的认证提供者列表进行比较。 如果两个列表之间存在匹配，则请求的应用程序将为身份验证提供程序创建自发证券。 认证提供者使用自发证令牌为请求的应用程序生成认证令牌。 如果两个应用程序之间存在直接的信任，请求应用程序也可以直接为目标伙伴应用程序创建令牌，而不需要身份验证提供程序。

公开(公告)号：US08443188B2

公开(公告)日：2013-05-14

申请号：US11606671

申请日：2006-11-30

申请人： Shrikrishna V. Borde ,  Shawn Farkas ,  Haibo Luo ,  Michael D. Downen ,  Raja Krishnaswamy ,  Thottam R. Sriram ,  Chris King

发明人： Shrikrishna V. Borde ,  Shawn Farkas ,  Haibo Luo ,  Michael D. Downen ,  Raja Krishnaswamy ,  Thottam R. Sriram ,  Chris King

IPC分类号： H04L29/06 ,  G06F12/14 ,  G06F7/04 ,  G06F9/44

CPC分类号： G06F21/53 ,  G06F21/629 ,  H04L63/10

摘要： Various technologies and techniques are disclosed that use code access security for providing runtime accessibility checks. A request is received from a first program to access at least one private member of a second program at runtime. If the first program has a greater than or equal security context than the second program, then the first program is granted access to the at least one private member of the second program. This code access security check can be provided in a framework environment that is responsible for managing programs that are from unknown or untrusted sources.

摘要翻译： 公开了使用代码访问安全性来提供运行时可访问性检查的各种技术和技术。 从第一程序接收到在运行时访问第二程序的至少一个专用成员的请求。 如果第一程序具有比第二程序大的或相等的安全上下文，则允许第一程序访问第二程序的至少一个私有成员。 该代码访问安全检查可以在负责管理来自未知或不可信源的程序的框架环境中提供。