公开(公告)号：US08671385B2

公开(公告)日：2014-03-11

申请号：US12986699

申请日：2011-01-07

申请人： Nathaniel David Byrd ,  Stephen Christopher Kirk ,  Cynthia Elizabeth Pilling

发明人： Nathaniel David Byrd ,  Stephen Christopher Kirk ,  Cynthia Elizabeth Pilling

IPC分类号： G06F9/44 ,  G06Q30/06

CPC分类号： G06F21/45 ,  G06F21/604

摘要： A method and system for throttling a volume of request messages to a service application stored within a service provider (SP) computer system through an open application programming interface (API) platform is provided. The SP computer system is in communication with a memory device. The method includes storing a throttling profile for a developer application within the memory device wherein the throttling profile includes at least a throttling amount threshold and a throttling time period, receiving at the API platform a request message initiated by the developer application wherein the request message is included within a volume of request messages initiated by the developer application, identifying the request message as being associated with the developer application, retrieving the throttling profile for the developer application, and validating the volume of request messages as complying with the throttling profile.

摘要翻译： 提供了一种通过开放的应用编程接口（API）平台将存储在服务提供商（SP）计算机系统中的服务应用程序的一系列请求消息扼制的方法和系统。 SP计算机系统与存储器件通信。 该方法包括将开发者应用程序的节流简档存储在存储设备中，其中节流简档包括至少节流量阈值和节流时间段，在API平台上接收由开发者应用发起的请求消息，其中请求消息是 包括在开发者应用程序启动的一系列请求消息中，将请求消息标识为与开发者应用程序相关联，检索开发人员应用程序的限制配置文件，以及根据限制配置文件验证请求消息量。

公开(公告)号：US09083534B2

公开(公告)日：2015-07-14

申请号：US13335496

申请日：2011-12-22

申请人： Stephen Christopher Kirk ,  Nathaniel David Byrd ,  Eric G. Alger

发明人： Stephen Christopher Kirk ,  Nathaniel David Byrd ,  Eric G. Alger

IPC分类号： H04L9/32 ,  G06F21/00 ,  G06F21/10 ,  H04L29/06

CPC分类号： H04L9/3247 ,  G06F21/10 ,  H04L63/0807 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/168 ,  H04L63/20 ,  H04L2209/56

摘要： A method and system for securely propagating client identities in a service call from a first system to a target service system are provided. The system includes a memory device for storing data and a service provider (SP) computer system. The SP computer system is programmed to determine identities to transmit to the target system in association with a request, construct a data structure to represent each identity and additional information related to the identity, digitally sign the identity information, pair the identity information and the corresponding digital signature in a header of a request message from the first system to the target service system, receive the request message and extract the identity information and corresponding digital signatures from the header, validate the corresponding digital signatures, and construct using the corresponding identity information a data structure that represents each of the original identities established in the first system.

摘要翻译： 提供了一种用于将服务呼叫中的客户端标识从第一系统安全地传播到目标服务系统的方法和系统。 该系统包括用于存储数据的存储设备和服务提供商（SP）计算机系统。 SP计算机系统被编程为确定与请求相关联地传送到目标系统的身份，构建表示每个身份的数据结构和与身份相关的附加信息，对身份信息进行数字签名，将身份信息和对应的对 从第一系统到目标服务系统的请求消息的报头中的数字签名，接收请求消息，并从报头中提取标识信息和对应的数字签名，验证相应的数字签名，并使用对应的身份信息 表示在第一系统中建立的每个原始身份的数据结构。

公开(公告)号：US20120179913A1

公开(公告)日：2012-07-12

申请号：US13335496

申请日：2011-12-22

申请人： Stephen Christopher Kirk ,  Nathaniel David Byrd ,  Eric G. Alger

发明人： Stephen Christopher Kirk ,  Nathaniel David Byrd ,  Eric G. Alger

IPC分类号： H04L9/32

CPC分类号： H04L9/3247 ,  G06F21/10 ,  H04L63/0807 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/168 ,  H04L63/20 ,  H04L2209/56

摘要： A method and system for securely propagating client identities in a service call from a first system to a target service system are provided. The system includes a memory device for storing data and a service provider (SP) computer system. The SP computer system is programmed to determine identities to transmit to the target system in association with a request, construct a data structure to represent each identity and additional information related to the identity, digitally sign the identity information, pair the identity information and the corresponding digital signature in a header of a request message from the first system to the target service system, receive the request message and extract the identity information and corresponding digital signatures from the header, validate the corresponding digital signatures, and construct using the corresponding identity information a data structure that represents each of the original identities established in the first system.

摘要翻译： 提供了一种用于将服务呼叫中的客户端标识从第一系统安全地传播到目标服务系统的方法和系统。 该系统包括用于存储数据的存储设备和服务提供商（SP）计算机系统。 SP计算机系统被编程为确定与请求相关联地传送到目标系统的身份，构建表示每个身份的数据结构和与身份相关的附加信息，对身份信息进行数字签名，将身份信息和对应的对 从第一系统到目标服务系统的请求消息的报头中的数字签名，接收请求消息，并从报头中提取标识信息和对应的数字签名，验证相应的数字签名，并使用对应的身份信息 表示在第一系统中建立的每个原始身份的数据结构。

公开(公告)号：US20120180021A1

公开(公告)日：2012-07-12

申请号：US12986699

申请日：2011-01-07

申请人： Nathaniel David Byrd ,  Stephen Christopher Kirk ,  Cynthia Elizabeth Pilling

发明人： Nathaniel David Byrd ,  Stephen Christopher Kirk ,  Cynthia Elizabeth Pilling

IPC分类号： G06F9/44

CPC分类号： G06F21/45 ,  G06F21/604

摘要： A method and system for throttling a volume of request messages to a service application stored within a service provider (SP) computer system through an open application programming interface (API) platform is provided. The SP computer system is in communication with a memory device. The method includes storing a throttling profile for a developer application within the memory device wherein the throttling profile includes at least a throttling amount threshold and a throttling time period, receiving at the API platform a request message initiated by the developer application wherein the request message is included within a volume of request messages initiated by the developer application, identifying the request message as being associated with the developer application, retrieving the throttling profile for the developer application, and validating the volume of request messages as complying with the throttling profile.

摘要翻译： 提供了一种通过开放的应用编程接口（API）平台将存储在服务提供商（SP）计算机系统中的服务应用程序的一系列请求消息扼制的方法和系统。 SP计算机系统与存储器件通信。 该方法包括将开发者应用程序的节流简档存储在存储设备中，其中节流简档包括至少节流量阈值和节流时间段，在API平台上接收由开发者应用发起的请求消息，其中请求消息是 包括在开发者应用程序启动的一系列请求消息中，将请求消息标识为与开发者应用程序相关联，检索开发人员应用程序的限制配置文件，以及根据限制配置文件验证请求消息量。

公开(公告)号：US09032204B2

公开(公告)日：2015-05-12

申请号：US13335579

申请日：2011-12-22

申请人： Nathaniel David Byrd ,  Jenny Qian Zhang ,  Eric G. Alger

发明人： Nathaniel David Byrd ,  Jenny Qian Zhang ,  Eric G. Alger

IPC分类号： H04L29/06 ,  H04L9/32

CPC分类号： H04L9/3268

摘要： A method and system for signing a digital certificate in real time for accessing a service application hosted within a service provider (SP) computer system through an open application programming interface (API) platform is provided. The API platform is in communication with a memory device. The method includes receiving registration data from a developer computer device wherein the developer computer device is associated with a developer and configured to store a developer application, receiving a certificate signing request (CSR) from the developer computer device wherein the CSR includes a public key associated with the developer, verifying the registration data as being associated with the developer, signing the CSR to produce a signed certificate after verifying the registration data wherein the verifying and signing steps are performed by the SP computer system in real time, and transmitting the signed certificate and a client ID to the developer computer device.

摘要翻译： 提供了一种通过开放的应用编程接口（API）平台实时登录数字证书以访问服务提供商（SP）计算机系统内的服务应用的方法和系统。 API平台与存储设备通信。 该方法包括从开发者计算机设备接收注册数据，其中开发者计算机设备与开发者相关联并被配置为存储开发者应用程序，从开发者计算机设备接收证书签名请求（CSR），其中CSR包括与公钥相关联 与开发人员一起验证注册数据与开发者相关联，在验证其中验证和签名步骤由SP计算机系统实时执行的注册数据之后签署CSR以产生签名证书，并且发送签名的证书 以及客户端ID给开发者计算机设备。

公开(公告)号：US20120179907A1

公开(公告)日：2012-07-12

申请号：US13335579

申请日：2011-12-22

申请人： Nathaniel David Byrd ,  Jenny Qian Zhang ,  Eric G. Alger

发明人： Nathaniel David Byrd ,  Jenny Qian Zhang ,  Eric G. Alger

IPC分类号： H04L9/32

CPC分类号： H04L9/3268

摘要： A method and system for signing a digital certificate in real time for accessing a service application hosted within a service provider (SP) computer system through an open application programming interface (API) platform is provided. The API platform is in communication with a memory device. The method includes receiving registration data from a developer computer device wherein the developer computer device is associated with a developer and configured to store a developer application, receiving a certificate signing request (CSR) from the developer computer device wherein the CSR includes a public key associated with the developer, verifying the registration data as being associated with the developer, signing the CSR to produce a signed certificate after verifying the registration data wherein the verifying and signing steps are performed by the SP computer system in real time, and transmitting the signed certificate and a client ID to the developer computer device.

摘要翻译： 提供了一种通过开放的应用编程接口（API）平台实时登录数字证书以访问服务提供商（SP）计算机系统内的服务应用的方法和系统。 API平台与存储设备通信。 该方法包括从开发者计算机设备接收注册数据，其中开发者计算机设备与开发者相关联并被配置为存储开发者应用程序，从开发者计算机设备接收证书签名请求（CSR），其中CSR包括与公钥相关联 与开发人员一起验证注册数据与开发者相关联，在验证其中验证和签名步骤由SP计算机系统实时执行的注册数据之后签署CSR以产生签名证书，并且发送签名的证书 以及客户端ID给开发者计算机设备。