-
1.发明授权公开(公告)号:US07702914B2
公开(公告)日:2010-04-20
申请号:US12104146
申请日:2008-04-16
CPC分类号: H04L63/102 , H04L63/0815
摘要: A method for providing access control to a single sign-on computer network is disclosed. A user is assigned to multiple groups within a computer network. In response to an access request by the user, the computer network determines a group pass count based on a user profile of the user. The group pass count is a number of groups in which the access request meets all their access requirements. The computer network grants the access request if the group pass count is greater than a predetermined high group pass threshold value.
摘要翻译: 公开了一种用于向单点登录计算机网络提供访问控制的方法。 用户被分配到计算机网络内的多个组。 响应于用户的访问请求,计算机网络基于用户的用户简档确定组通过计数。 组传递计数是访问请求满足其所有访问要求的一组组。 如果组通过计数大于预定的高组通过阈值,则计算机网络授予访问请求。
-
公开(公告)号:US07694336B2
公开(公告)日:2010-04-06
申请号:US11950007
申请日:2007-12-04
CPC分类号: G06F21/31 , G06F21/6218 , G06F2221/2119
摘要: An apparatus and method for authenticating users on a data processing system is implemented. The present invention provides for aggregating authenticated identities and related authorization information. A security context created in response to a first user logon is saved in response to a second logon. A composite or aggregate security context is created based on the identity passed in the second logon. Access may then be granted (or denied) based on the current, aggregated security context. Upon logout of the user based on the second identity, the aggregate security context is destroyed, and the security context reverts to the context previously saved.
摘要翻译: 实现了一种在数据处理系统上认证用户的装置和方法。 本发明提供聚合认证身份和相关授权信息。 响应于第一个用户登录而创建的安全上下文将被保存以响应第二次登录。 基于在第二次登录中传递的身份创建复合或聚合安全上下文。 然后可以基于当前的聚合安全上下文来授予(或拒绝)访问。 在基于第二个身份注销用户时,聚合安全上下文被破坏,并且安全上下文返回到先前保存的上下文。
-
公开(公告)号:US07356704B2
公开(公告)日:2008-04-08
申请号:US09731623
申请日:2000-12-07
CPC分类号: G06F21/31 , G06F21/6218 , G06F2221/2119
摘要: An apparatus and method for authenticating users on a data processing system is implemented. The present invention provides for aggregating authenticated identities and related authorization information. A security context created in response to a first user logon is saved in response to a second logon. A composite or aggregate security context is created based on the identity passed in the second logon. Access may then be granted (or denied) based on the current, aggregated security context. Upon logout of the user based on the second identity, the aggregate security context is destroyed, and the security context reverts to the context previously saved.
摘要翻译: 实现了一种在数据处理系统上认证用户的装置和方法。 本发明提供聚合认证身份和相关授权信息。 响应于第一个用户登录而创建的安全上下文将被保存以响应第二次登录。 基于在第二次登录中传递的身份创建复合或聚合安全上下文。 然后可以基于当前的聚合安全上下文来授予(或拒绝)访问。 在基于第二个身份注销用户时,聚合安全上下文被破坏,并且安全上下文返回到先前保存的上下文。
-
公开(公告)号:USD524823S1
公开(公告)日:2006-07-11
申请号:US29222378
申请日:2005-01-27
-
5.发明授权Method and system for usage of non-local data within a lightweight directory access protocol directory environment 有权在轻量级目录访问协议目录环境中使用非本地数据的方法和系统公开(公告)号:US06708170B1
公开(公告)日:2004-03-16
申请号:US09460849
申请日:1999-12-14
IPC分类号: G06F1730
CPC分类号: H04L61/1523 , H04L63/0815 , Y10S707/99939
摘要: A process for maintaining authentication information in a distributed network of servers generates and maintains a non-local access server list, queries non-local servers using a Lightweight Directory Access Protocol (LDAP) search request, caches responses to queries from non-local servers, updates the cached directory entries and applies an LDAP operation to the cached directory entries and the local access control data. A variety of techniques are used to update cache information. When a request to authenticate a user with a distinguished name is received, the cached directory entries and the local access control data are searched for the distinguished name and, once the distinguished name is located, the user is authenticated with each server in the non-local access server list.
摘要翻译: 用于在分布式服务器网络中维护认证信息的过程生成并维护非本地访问服务器列表,使用轻量级目录访问协议(LDAP)搜索请求查询非本地服务器,高速缓存来自非本地服务器的查询的响应, 更新缓存的目录条目,并将LDAP操作应用于缓存的目录条目和本地访问控制数据。 使用各种技术来更新缓存信息。 当接收到对具有可分辨名称的用户进行认证的请求时,搜索缓存的目录条目和本地访问控制数据以识别名称,并且一旦定位了可分辨名称,则用户将在非易失性存储器中的每个服务器进行认证, 本地访问服务器列表。
-
6.发明授权Method and apparatus for manipulating very long lists of data displayed in a graphical user interface using a layered list mechanism 失效用于使用分层列表机制来操纵在图形用户界面中显示的非常长的数据列表的方法和装置
公开(公告)号:US5959626A
公开(公告)日:1999-09-28
申请号:US859943
申请日:1997-05-22
CPC分类号: G06F3/0482 , Y10S715/973
摘要: A method and apparatus for displaying a data collection within a data processing system, wherein the data collection includes a plurality of entries. First a control layer is displayed. Next, entries from the plurality of entries in the data collection are displayed within the control layer. In response to entries within the plurality of entries being undisplayed within the control layer, a secondary layer and entries from the additional entries from the plurality of entries are displayed within the secondary layer, wherein the data collection is efficiently displayed within the data processing system.
摘要翻译: 一种用于在数据处理系统内显示数据收集的方法和装置,其中所述数据收集包括多个条目。 首先显示一个控制层。 接下来,在控制层内显示来自数据收集中的多个条目的条目。 响应于在控制层内未显示的多个条目中的条目,次级层和来自多个条目的附加条目的条目显示在次级层内,其中数据收集被有效地显示在数据处理系统内。
-
7.发明授权Method and system for morphing honeypot with computer security incident correlation 有权计算机安全事件相关性变形蜜罐的方法和系统公开(公告)号:US07694339B2
公开(公告)日:2010-04-06
申请号:US12164020
申请日:2008-06-28
IPC分类号: G06F11/00 , G06F12/14 , G06F15/177
CPC分类号: H04L63/1408 , H04L63/0227 , H04L63/1433 , H04L63/1491
摘要: A method, system, apparatus, or computer program product is presented for morphing a honeypot system on a dynamic and configurable basis. The morphing honeypot emulates a variety of services while falsely presenting information about potential vulnerabilities within the system that supports the honeypot. The morphing honeypot has the ability to dynamically change its personality or displayed characteristics using a variety of algorithms and a database of known operating system and service vulnerabilities. The morphing honeypot's personality can be changed on a timed or scheduled basis, on the basis of activity that is generated by the presented honeypot personality, or on some other basis. The morphing honeypot can also be integrated with intrusion detection systems and other types of computer security incident recognition systems to correlate its personality with detected nefarious activities.
摘要翻译: 提出了一种方法,系统,装置或计算机程序产品,用于在动态和可配置的基础上变形蜜罐系统。 变形蜜罐模拟各种服务,同时虚假呈现系统中支持蜜罐的潜在漏洞信息。 变形蜜罐能够使用各种算法和已知操作系统和服务漏洞的数据库来动态地改变其个性或显示特征。 变形蜜罐的个性可以根据所提供的蜜罐人格或其他基础产生的活动,定时或定期更改。 变形蜜罐还可以与入侵检测系统和其他类型的计算机安全事件识别系统相结合,将其个性与检测到的恶意活动相关联。
-
8.发明申请公开(公告)号:US20090109961A1
公开(公告)日:2009-04-30
申请号:US11931406
申请日:2007-10-31
IPC分类号: H04L12/66
CPC分类号: H04L12/66 , H04M3/4286 , H04M3/564 , H04M2201/40 , H04M2203/6045
摘要: Illustrative embodiments provide a computer implemented method, apparatus, and computer program product for more effectively managing multiple call situations using voice over internet protocol. In one illustrative embodiment, the computer implemented method comprising, responsive to receiving a request to monitor a call from among multiple simultaneous calls using voice over internet protocol, creating a set of trigger criteria for the call and monitoring the call for the set of trigger criteria. Responsive to one of the set of trigger criteria having been met, identifying a triggered criteria and selectively invoking a rule with respect to the triggered criteria to produce a result, and notifying a requester of the result.
摘要翻译: 说明性实施例提供了一种计算机实现的方法,装置和计算机程序产品,用于使用网络语音协议更有效地管理多个呼叫情况。 在一个说明性实施例中,计算机实现的方法包括:响应于接收到使用基于因特网协议的语音从多个同时呼叫中监听呼叫的请求,为呼叫创建一组触发准则并监视该组触发标准的呼叫 。 响应于已经满足的一组触发条件之一,识别触发的标准并且相对于触发的标准选择性地调用规则以产生结果,并且通知请求者结果。
-
9.发明申请Method and system for morphing honeypot with computer security incident correlation 有权计算机安全事件相关性变形蜜罐的方法和系统公开(公告)号:US20080271151A1
公开(公告)日:2008-10-30
申请号:US12164020
申请日:2008-06-28
IPC分类号: G06F11/00 , G06F15/173
CPC分类号: H04L63/1408 , H04L63/0227 , H04L63/1433 , H04L63/1491
摘要: A method, system, apparatus, or computer program product is presented for morphing a honeypot system on a dynamic and configurable basis. The morphing honeypot emulates a variety of services while falsely presenting information about potential vulnerabilities within the system that supports the honeypot. The morphing honeypot has the ability to dynamically change its personality or displayed characteristics using a variety of algorithms and a database of known operating system and service vulnerabilities. The morphing honeypot's personality can be changed on a timed or scheduled basis, on the basis of activity that is generated by the presented honeypot personality, or on some other basis. The morphing honeypot can also be integrated with intrusion detection systems and other types of computer security incident recognition systems to correlate its personality with detected nefarious activities.
摘要翻译: 提出了一种方法,系统,装置或计算机程序产品,用于在动态和可配置的基础上变形蜜罐系统。 变形蜜罐模拟各种服务,同时虚假呈现系统中支持蜜罐的潜在漏洞信息。 变形蜜罐能够使用各种算法和已知操作系统和服务漏洞的数据库来动态地改变其个性或显示特征。 变形蜜罐的个性可以根据所提供的蜜罐人格或其他基础产生的活动,定时或定期更改。 变形蜜罐还可以与入侵检测系统和其他类型的计算机安全事件识别系统相结合,将其个性与检测到的恶意活动相关联。
-
10.发明授权公开(公告)号:US07389430B2
公开(公告)日:2008-06-17
申请号:US10313708
申请日:2002-12-05
CPC分类号: H04L63/102 , H04L63/0815
摘要: A method for providing access control to a single sign-on computer network is disclosed. A user is assigned to multiple groups within a computer network. In response to an access request by the user, the computer network determines a group pass count based on a user profile of the user. The group pass count is a number of groups in which the access request meets all their access requirements. The computer network grants the access request if the group pass count is greater than a predetermined high group pass threshold value.
摘要翻译: 公开了一种用于向单点登录计算机网络提供访问控制的方法。 用户被分配到计算机网络内的多个组。 响应于用户的访问请求,计算机网络基于用户的用户简档确定组通过计数。 组传递计数是访问请求满足其所有访问要求的一组组。 如果组通过计数大于预定的高组通过阈值,则计算机网络授予访问请求。
-
-
-
-
-
-
-
-
-
搜索结果
32 条记录 (耗时 0.023 秒)
