公开(公告)号：US20080263365A1

公开(公告)日：2008-10-23

申请号：US12108869

申请日：2008-04-24

申请人： Bryan E. Aupperle ,  Julie H. King ,  Sridhar R. Muppidi

发明人： Bryan E. Aupperle ,  Julie H. King ,  Sridhar R. Muppidi

IPC分类号： H04L9/00

CPC分类号： H04L63/0815 ,  H04L63/083

摘要： The present invention provides methods, systems, computer program products, and methods of doing business whereby legacy host application/system access is integrated with single sign-on in a modern distributed computing environment. A security token used for signing on to the modern computing environment is leveraged, and is mapped to user credentials for the legacy host environment. These user credentials are programmatically inserted into a legacy host data stream, thereby giving the end user the look and feel of seamless access to all applications/systems, including not only modern computing applications/systems but also those residing on (or accessible through) legacy hosts. In addition to providing users with the advantages of single sign-on, the disclosed techniques enable limiting the number of user identifiers and passwords an enterprise has to manage.

摘要翻译： 本发明提供了方法，系统，计算机程序产品和业务方法，其中传统的主机应用/系统访问与现代分布式计算环境中的单点登录集成。 用于登录到现代计算环境的安全令牌被利用，并被映射到传统主机环境的用户凭据。 这些用户凭据以编程方式插入到传统主机数据流中，从而为最终用户提供对所有应用/系统的无缝访问的外观和感觉，包括不仅现代计算应用/系统，还包括驻留在（或可通过）传统 主机。 除了为用户提供单点登录的优点外，所公开的技术还能够限制企业必须管理的用户标识符和密码的数量。

公开(公告)号：US06934848B1

公开(公告)日：2005-08-23

申请号：US09619205

申请日：2000-07-19

申请人： Julie H. King ,  Susan D. Kirkman ,  Daniel J. Labrecque ,  Linwood H. Overby, Jr. ,  Steven Wayne Pogue

发明人： Julie H. King ,  Susan D. Kirkman ,  Daniel J. Labrecque ,  Linwood H. Overby, Jr. ,  Steven Wayne Pogue

IPC分类号： G06F11/30 ,  G06F21/00 ,  H04L9/00

CPC分类号： G06F21/33 ,  G06Q20/367 ,  Y10S707/99939

摘要： The present invention provides a method, system, and computer program product for enabling a user to provide a single system sign-on for accessing one or more legacy host applications and/or one or more systems which provide legacy host data (such as legacy database systems) during a secure host access session which is authenticated using a digital certificate and is protected by a host-based security system, such as RACF (Resource Access Control Facility, a product offered by the IBM Corporation), where the same set of credentials must be provided more than once during the secure session. The subsequent provision of the credentials may be transparent to the user, and does not require change to existing legacy applications or systems.

摘要翻译： 本发明提供了一种方法，系统和计算机程序产品，用于使用户能够提供用于访问一个或多个传统主机应用的单个系统登录和/或提供传统主机数据的一个或多个系统（诸如传统数据库 系统），在安全的主机访问会话期间，它使用数字证书进行身份验证，并受到基于主机的安全系统的保护，例如RACF（资源访问控制设施，由IBM公司提供的产品），其中相同的凭据集 必须在安全会话期间多次提供。 证书的后续提供可能对用户是透明的，并且不需要改变现有的遗留应用或系统。

公开(公告)号：US08006098B2

公开(公告)日：2011-08-23

申请号：US12108869

申请日：2008-04-24

申请人： Bryan E. Aupperle ,  Julie H. King ,  Sidhar R. Muppidi

发明人： Bryan E. Aupperle ,  Julie H. King ,  Sidhar R. Muppidi

IPC分类号： G06F21/00

CPC分类号： H04L63/0815 ,  H04L63/083

摘要： The present invention provides methods, systems, computer program products, and methods of doing business whereby legacy host application/system access is integrated with single sign-on in a modern distributed computing environment. A security token used for signing on to the modern computing environment is leveraged, and is mapped to user credentials for the legacy host environment. These user credentials are programmatically inserted into a legacy host data stream, thereby giving the end user the look and feel of seamless access to all applications/systems, including not only modern computing applications/systems but also those residing on (or accessible through) legacy hosts. In addition to providing users with the advantages of single sign-on, the disclosed techniques enable limiting the number of user identifiers and passwords an enterprise has to manage.

摘要翻译： 本发明提供了方法，系统，计算机程序产品和业务方法，其中传统的主机应用/系统访问与现代分布式计算环境中的单点登录集成。 用于登录到现代计算环境的安全令牌被利用，并被映射到传统主机环境的用户凭据。 这些用户凭据以编程方式插入到传统主机数据流中，从而为最终用户提供对所有应用/系统的无缝访问的外观和感觉，包括不仅现代计算应用/系统，还包括驻留在（或可通过）传统 主机。 除了为用户提供单点登录的优点外，所公开的技术还能够限制企业必须管理的用户标识符和密码的数量。

公开(公告)号：US20080126301A1

公开(公告)日：2008-05-29

申请号：US11497983

申请日：2006-08-02

申请人： Judith H. Bank ,  Tamera L. Davis ,  Julie H. King ,  Kaylee M. Thomsen ,  Yuping Connie Wu ,  Xinyi Xu ,  Chunhui Yang

发明人： Judith H. Bank ,  Tamera L. Davis ,  Julie H. King ,  Kaylee M. Thomsen ,  Yuping Connie Wu ,  Xinyi Xu ,  Chunhui Yang

IPC分类号： G06F7/10 ,  G06F17/30

CPC分类号： G06F11/366

摘要： A core dump is processed to locate and optionally alter sensitive information. A core dump copy is created from at least a portion of an original core dump. Also, at least one input parameter is provided that corresponds to select information to be identified in the core dump copy and address information associated with the core dump copy is defined that corresponds to at least one of addresses where the select information can be altered and addresses where the select information should not be altered. Each occurrence of the select information located within the core dump copy is identified and optionally replaced with predetermined replacement data if the occurrence of the select information is within the addresses where the select information can be altered.

摘要翻译： 处理核心转储以定位和可选地更改敏感信息。 从原始核心转储的至少一部分创建核心转储副本。 此外，提供至少一个与核心转储副本中要识别的选择信息相对应的输入参数，并且与核心转储副本相关联的地址信息被定义为对应于可以改变选择信息的地址中的至少一个，并且地址 选择信息不应被更改的地方。 如果选择信息的发生在可以改变选择信息的地址内，则识别位于核心转储副本内的选择信息的每次出现，并且如果出现选择信息，则可选地替换为预定替换数据。

公开(公告)号：US08639896B2

公开(公告)日：2014-01-28

申请号：US11497983

申请日：2006-08-02

申请人： Judith H. Bank ,  Tamera L. Davis ,  Julie H. King ,  Kaylee M. Thomsen ,  Yuping Connie Wu ,  Xinyi Xu ,  Chunhui Yang

发明人： Judith H. Bank ,  Tamera L. Davis ,  Julie H. King ,  Kaylee M. Thomsen ,  Yuping Connie Wu ,  Xinyi Xu ,  Chunhui Yang

IPC分类号： G06F13/00

CPC分类号： G06F11/366

摘要： A core dump is processed to locate and optionally alter sensitive information. A core dump copy is created from at least a portion of an original core dump. Also, at least one input parameter is provided that corresponds to select information to be identified in the core dump copy and address information associated with the core dump copy is defined that corresponds to at least one of addresses where the select information can be altered and addresses where the select information should not be altered. Each occurrence of the select information located within the core dump copy is identified and optionally replaced with predetermined replacement data if the occurrence of the select information is within the addresses where the select information can be altered.

摘要翻译： 处理核心转储以定位和可选地更改敏感信息。 从原始核心转储的至少一部分创建核心转储副本。 此外，提供至少一个与核心转储副本中要识别的选择信息相对应的输入参数，并且与核心转储副本相关联的地址信息被定义为对应于可以改变选择信息的地址中的至少一个，并且地址 选择信息不应被更改的地方。 如果选择信息的发生在可以改变选择信息的地址内，则识别位于核心转储副本内的选择信息的每次出现，并且如果出现选择信息，则可选地替换为预定替换数据。

公开(公告)号：US06976164B1

公开(公告)日：2005-12-13

申请号：US09619912

申请日：2000-07-19

申请人： Julie H. King ,  Susan D. Kirkman ,  Daniel J. Labrecque ,  Linwood H. Overby, Jr. ,  Steven Wayne Pogue

发明人： Julie H. King ,  Susan D. Kirkman ,  Daniel J. Labrecque ,  Linwood H. Overby, Jr. ,  Steven Wayne Pogue

IPC分类号： G06F11/30 ,  H04L9/00 ,  H04L29/06 ,  G04K1/00

CPC分类号： H04L63/0815 ,  G06Q20/202 ,  G06Q20/367 ,  H04L63/0823 ,  Y10S707/99939

摘要： The present invention provides a method, system, and computer program product which enables changing user credentials that are used to access legacy host applications and/or systems which provide legacy host data during a secure host access session which is authenticated using a digital certificate and is protected by a host-based security system, such as RACF (Resource Access Control Facility, a product offered by the IBM Corporation), where these changed credentials are used to authenticate a user after previously-provided credentials have been used for authentication earlier in the same session. The changed credentials may belong to the same user, where that user happens to have a different user ID and/or password for different legacy host applications and wishes to change from accessing one legacy host application to accessing another. Or, the changed credentials may be used to enable a different user to interact with the same legacy host application used by the previously-authenticated user. The disclosed technique may also be used advantageously to authenticate a user for accessing an application, when the user's credentials are not changing.

摘要翻译： 本发明提供一种方法，系统和计算机程序产品，其能够改变用于访问传统主机应用的用户凭证和/或在使用数字证书认证的安全主机访问会话期间提供传统主机数据的系统，并且是 受基于主机的安全系统的保护，例如RACF（资源访问控制设施，IBM公司提供的产品），其中这些更改的凭据用于在之前提供的凭据在 相同的会话 已更改的凭据可能属于同一用户，其中该用户恰好具有不同的传统主机应用程序的不同用户ID和/或密码，并希望从访问一个旧主机应用程序改变为访问另一个。 或者，更改的凭证可以用于使不同的用户能够与先前认证的用户使用的相同的遗留主机应用交互。 当用户的凭证不改变时，所公开的技术也可以有利地用于认证用户访问应用。

公开(公告)号：US06823452B1

公开(公告)日：2004-11-23

申请号：US09466625

申请日：1999-12-17

申请人： Ronald P. Doyle ,  Julie H. King ,  Steven W. Pogue

发明人： Ronald P. Doyle ,  Julie H. King ,  Steven W. Pogue

IPC分类号： H04L900

CPC分类号： H04L63/0815 ,  G06Q20/202 ,  G06Q20/367 ,  H04L63/0823 ,  H04L63/083 ,  H04L63/166 ,  Y10S707/99939

摘要： A method, system, and computer program product for using a digital certificate to access legacy host applications and/or data which are protected by a host-based security system such as RACF (Resource Access Control Facility, a product offered by the IBM Corporation) and which typically require a separate user identification and password. Use of the present invention enables the client to access the host applications and/or data using a single system log on, without requiring modification to host programs.

摘要翻译： 一种用于使用数字证书来访问被基于主机的安全系统（例如，RACF提供的产品RACF（资源访问控制设施））保护的传统主机应用程序和/或数据的方法，系统和计算机程序产品， 并且通常需要单独的用户标识和密码。 使用本发明使得客户端能够使用单个系统登录来访问主机应用和/或数据，而不需要修改主机程序。

公开(公告)号：US07426642B2

公开(公告)日：2008-09-16

申请号：US10294370

申请日：2002-11-14

申请人： Bryan E. Aupperle ,  Julie H. King ,  Sridhar R. Muppidi

发明人： Bryan E. Aupperle ,  Julie H. King ,  Sridhar R. Muppidi

IPC分类号： H04L9/00

CPC分类号： H04L63/0815 ,  H04L63/083

摘要： The present invention provides methods, systems, computer program products, and methods of doing business whereby legacy host application/system access is integrated with single sign-on in a modem distributed computing environment. A security token used for signing on to the modem computing environment is leveraged, and is mapped to user credentials for the legacy host environment. These user credentials are programmatically inserted into a legacy host data stream, thereby giving the end user the look and feel of seamless access to all applications/systems, including not only modem computing applications/systems but also those residing on (or accessible through) legacy hosts. In addition to providing users with the advantages of single sign-on, the disclosed techniques enable limiting the number of user identifiers and passwords an enterprise has to manage.

摘要翻译： 本发明提供方法，系统，计算机程序产品和做生意的方法，其中传统主机应用/系统访问与调制解调器分布式计算环境中的单点登录集成。 用于登录到调制解调器计算环境的安全令牌被利用，并被映射到传统主机环境的用户凭据。 这些用户凭据以编程方式插入到传统主机数据流中，从而为最终用户提供对所有应用/系统的无缝访问的外观和感觉，包括不仅包括调制解调器计算应用/系统，还包括驻留在（或可通过）传统 主机。 除了为用户提供单点登录的优点外，所公开的技术还能够限制企业必须管理的用户标识符和密码的数量。