-
公开(公告)号:US20100100953A1
公开(公告)日:2010-04-22
申请号:US12647327
申请日:2009-12-24
申请人: David R. Mowers , John Banes , Daniel R. Simon , Paul J. Leach
发明人: David R. Mowers , John Banes , Daniel R. Simon , Paul J. Leach
CPC分类号: H04L63/08 , H04L63/0442 , H04L63/0807 , H04L63/0869 , H04L63/10 , H04L63/12 , H04L63/166 , H04L67/42
摘要: This disclosure pertains generally to client authentication. One aspect of the disclosure relates to a first server for presenting evidence to a Domain Controller (DC) of a first authentication context being submitted from a client to the first server to obtain a delegable credential, wherein the credential can be used to request a second authentication context from that client to a second server. Another aspect relates to the first server providing a pass-thru with evidence to a DC. The evidence relates to a first authentication context being submitted from a client to the first server that it obtained a delegable credential. The pass-thru is used in combination with the credential to request a second authentication context from the client to a second server.
摘要翻译: 本公开通常涉及客户端认证。 本公开的一个方面涉及一种用于向第一认证上下文的域控制器(DC)呈现证据的第一服务器,该第一认证上下文从客户端提交到第一服务器以获得可委托的证书,其中该凭证可用于请求第二认证上下文 认证上下文从该客户端到第二个服务器。 另一方面涉及第一台服务器向DC提供证据。 证据涉及从客户端向第一服务器提交的第一个身份验证上下文,它获取了一个可委托凭证。 通过与凭证组合使用以从客户端请求第二认证上下文到第二服务器。
-
公开(公告)号:US08332650B2
公开(公告)日:2012-12-11
申请号:US10105014
申请日:2002-03-22
IPC分类号: G06F21/00
CPC分类号: G06F21/34 , G06F21/31 , G06F2221/2131 , H04L9/0891 , H04L9/0894
摘要: A password reset disk is created using a private key/public key pair. The private key is stored on a removable computer-readable medium so that it can be removed and securely stored remote from the computer system on which it was created. The public key is stored on the computer system and used to maintain an encrypted copy of the current password to be stored on the computer system. If the user forgets a password, the user may insert the password reset disk into the computer system. The private key is retrieved from the password reset disk and the encrypted password is decrypted using the private key. If the decryption is successful, the user is allowed to set a new password. The password reset disk is effective even if the user password has been changed since the creation of the password reset disk.
摘要翻译: 使用私钥/公钥对创建密码重置磁盘。 私钥存储在可移动的计算机可读介质上,使得其可以被远离其创建的计算机系统并被安全地存储。 公钥存储在计算机系统上,用于维护要存储在计算机系统上的当前密码的加密副本。 如果用户忘记密码,用户可以将密码重置磁盘插入计算机系统。 从密码重置磁盘检索私钥,并使用私钥解密加密的密码。 如果解密成功,则允许用户设置新密码。 密码重置磁盘即使自创建密码重置磁盘以来已更改用户密码也是有效的。
-
公开(公告)号:US07644275B2
公开(公告)日:2010-01-05
申请号:US10413799
申请日:2003-04-15
申请人: David R. Mowers , John Banes , Daniel R. Simon , Paul J. Leach
发明人: David R. Mowers , John Banes , Daniel R. Simon , Paul J. Leach
IPC分类号: H04L9/00
CPC分类号: H04L63/08 , H04L63/0442 , H04L63/0807 , H04L63/0869 , H04L63/10 , H04L63/12 , H04L63/166 , H04L67/42
摘要: This disclosure pertains generally to client authentication. One aspect of the disclosure relates to a first server for presenting evidence to a Domain Controller (DC) of a first authentication context being submitted from a client to the first server to obtain a delegable credential, wherein the credential can be used to request a second authentication context from that client to a second server. Another aspect relates to the first server providing a pass-thru with evidence to a DC. The evidence relates to a first authentication context being submitted from a client to the first server that it obtained a delegable credential. The pass-thru is used in combination with the credential to request a second authentication context from the client to a second server.
摘要翻译: 本公开通常涉及客户端认证。 本公开的一个方面涉及一种用于向第一认证上下文的域控制器(DC)呈现证据的第一服务器,该第一认证上下文从客户端提交到第一服务器以获得可委托的证书,其中该凭证可用于请求第二认证上下文 认证上下文从该客户端到第二个服务器。 另一方面涉及第一台服务器向DC提供证据。 证据涉及从客户端向第一服务器提交的第一个身份验证上下文,它获取了一个可委托凭证。 通过与凭证组合使用以从客户端请求第二认证上下文到第二服务器。
-
公开(公告)号:US20050038906A1
公开(公告)日:2005-02-17
申请号:US10639727
申请日:2003-08-13
申请人: John Banes , Joseph Joy , David Mowers , Cem Paya , Feng Sun
发明人: John Banes , Joseph Joy , David Mowers , Cem Paya , Feng Sun
IPC分类号: H04L29/06 , H04L29/08 , G06F15/173
CPC分类号: H04L67/2804 , H04L29/06 , H04L67/1002 , H04L67/1008 , H04L67/1017 , H04L67/1019 , H04L67/1023 , H04L67/1027 , H04L67/14 , H04L67/2819 , H04L69/329 , H04L2029/06054
摘要: A first exemplary media implementation includes processor-executable instructions that direct a device to perform actions including: creating a session identifier using a host identifier; and formulating a host session initiation message with the created session identifier. A first exemplary device implementation includes: at least one processor; and one or more media including processor-executable instructions that direct the device to perform actions including: formulating a host session message with a session identifier that is created responsive to a host identifier; and sending the formulated host session message that includes the session identifier from the device. A second exemplary media implementation includes a data structure that has a message including a session identifier field, at least part of the session identifier field including a host identifier. A second exemplary device implementation includes: a host identifier; and a session identifier creator that is adapted to create a session identifier using the host identifier.
摘要翻译: 第一示例性媒体实现包括指导设备执行动作的处理器可执行指令,包括:使用主机标识符创建会话标识符; 以及使用所创建的会话标识符来制定主机会话发起消息。 第一示例性设备实现包括:至少一个处理器; 以及一个或多个媒体,包括指导设备执行动作的处理器可执行指令,包括:使用响应于主机标识符创建的会话标识符来制定主机会话消息; 并且从设备发送包括会话标识符的配制主机会话消息。 第二示例性媒体实现包括具有包括会话标识符字段的消息的数据结构,该会话标识符字段的至少一部分包括主机标识符。 第二示例性设备实现包括:主机标识符; 以及适于使用主机标识符创建会话标识符的会话标识符创建器。
-
公开(公告)号:US20050038905A1
公开(公告)日:2005-02-17
申请号:US10639516
申请日:2003-08-13
申请人: John Banes , Joseph Joy , David Mowers , Cem Paya , Feng Sun
发明人: John Banes , Joseph Joy , David Mowers , Cem Paya , Feng Sun
IPC分类号: H04L29/06 , H04L29/08 , G06F15/173
CPC分类号: H04L29/06 , H04L29/06197 , H04L29/06319 , H04L29/06326 , H04L29/08252 , H04L29/08576 , H04L67/14 , H04L67/146 , H04L67/327
摘要: An exemplary network gateway is capable of accepting a session-related message having a session identifier field; the network gateway is adapted to extract a host identifier from a value populating the session identifier field and to perform a routing operation for the session-related message using the host identifier. For an exemplary media implementation, processor-executable instructions direct a device to perform actions including: ascertaining a host identifier from a session identifier field of a session message; and routing the session message responsive to the ascertained host identifier. An exemplary apparatus includes: at least one processor; and one or more media including processor-executable instructions that are capable of being executed by the at least one processor to direct the apparatus to perform actions including: receiving a session message having a session identifier including a host identifier; and routing the session message responsive to the host identifier.
摘要翻译: 示例性网络网关能够接受具有会话标识符字段的会话相关消息; 网络网关适于从填充会话标识符字段的值中提取主机标识符,并且使用主机标识符执行与会话相关消息的路由操作。 对于示例性媒体实现,处理器可执行指令指示设备执行动作,包括:从会话消息的会话标识符字段中确定主机标识符; 以及响应于所确定的主机标识符来路由会话消息。 示例性装置包括:至少一个处理器; 以及一个或多个媒体,包括能够由所述至少一个处理器执行以指导所述设备执行动作的处理器可执行指令,包括:接收具有包括主机标识符的会话标识符的会话消息; 以及响应于所述主机标识符路由所述会话消息。
-
-
-
-
搜索结果
5 条记录 (耗时 0.013 秒)