利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

11 条记录 (耗时 0.024 秒)

    System and method for supporting service networks in a service-oriented architecture environment
    2.
    发明授权
    System and method for supporting service networks in a service-oriented architecture environment 有权
    在面向服务的架构环境中支持服务网络的系统和方法

    公开(公告)号:US07814226B2

    公开(公告)日:2010-10-12

    申请号:US11857988

    申请日:2007-09-19

    申请人: Paul B. Patrick

    发明人: Paul B. Patrick

    IPC分类号: G06F15/173 H04L12/28

    CPC分类号: H04L45/00 H04L41/145 H04L41/5096 H04L45/122 H04L45/22 H04L45/28 H04L45/302

    摘要: A system and method for supporting Service Networks in a SOA environment. In accordance with an embodiment, the principles governing the topology of computer networks can be similarly applied to the service space—from small federated Service Segments (or sub-domains), to large public federated Service Domains. At the heart of the Service Network are one or more Service Routers, that are themselves responsible for transparently bridging between federated Service Segments. The Service Routers determine where services reside in the Service Network and, based on routing information gathered through interaction with other Service Routers, Network Routers and other mechanisms, deliver service requests, using optimal routes, from a source Service Segment to the target Service Segment. Working in concert with the Service Router, an Enterprise Service Bus (ESB) can abstract the location of services, and hide the existence of the Service Network from service requestors.

    摘要翻译: 用于在SOA环境中支持服务网络的系统和方法。 根据实施例,管理计算机网络拓扑的原理可以类似地应用于从小型联合服务段(或子域)到大型公共联合服务域的服务空间。 服务网络的核心是一个或多个服务路由器,它们本身负责在联合服务段之间透明地桥接。 服务路由器确定服务驻留在服务网络中的位置,并且基于通过与其他服务路由器,网络路由器和其他机制的交互收集的路由信息​​,使用最佳路由从源服务段向目标服务段提供服务请求。 与服务路由器协同工作,企业服务总线(ESB)可以抽象服务的位置,并隐藏服务请求者的服务网络的存在。

    System and method for dynamic role association
    5.
    发明授权
    System and method for dynamic role association 有权
    动态角色关联的系统和方法

    公开(公告)号:US07823189B2

    公开(公告)日:2010-10-26

    申请号:US12142451

    申请日:2008-06-19

    申请人: Paul B. Patrick

    发明人: Paul B. Patrick

    IPC分类号: H04L9/00 G06F15/16

    CPC分类号: G06F21/6245 G06F2221/2141 G06F2221/2145

    摘要: A pluggable architecture allows security and business logic plugins to be inserted into a security service hosted by a server, and to control access to one or more secured resources on that server, on another server within the security domain, or between security domains. The security service may act as a focal point for security enforcement, and access rights determination, and information used or determined within one login process can flow transparently and automatically to other login processes. Entitlements denote what a particular user may or may not do with a particular resource, in a particular context. Entitlements reflect not only the technical aspects of the secure environment (the permit or deny concept), but can be used to represent the business logic or functionality required by the server provider. In this way entitlements bridge the gap between a simple security platform, and a complex business policy platform.

    摘要翻译: 可插拔架构允许将安全性和业务逻辑插件插入由服务器托管的安全服务中,并控制对该服务器上的一个或多个安全资源,安全域内的其他服务器上或安全域之间的访问。 安全服务可以作为安全执行的协调中心,访问权限确定以及在一个登录过程中使用或确定的信息可以透明地自动地流向其他登录过程。 在特定的上下文中,授权表示特定用户对特定资源可能做什么或不可能做什么。 权利不仅反映了安全环境(许可证或拒绝概念)的技术方面,而且可以用于表示服务器提供商所要求的业务逻辑或功能。 以这种方式,权利弥合了简单的安全平台和复杂的业务策略平台之间的差距。

    Security data redaction
    7.
    发明授权
    Security data redaction 有权
    安全数据修改

    公开(公告)号:US08086615B2

    公开(公告)日:2011-12-27

    申请号:US11341836

    申请日:2006-01-27

    申请人: Paul B. Patrick Naveen Gupta

    发明人: Paul B. Patrick Naveen Gupta

    IPC分类号: A63F9/24

    CPC分类号: G06F21/6227 G06F21/6218

    摘要: In accordance with one embodiment of the present invention, there are provided mechanisms and methods for securing access to data. These mechanisms and methods for securing access to data make it possible for systems to have improved control over accesses to information by redacting responses made by services based upon access policies. Requestors may be users, proxies or automated entities. This ability of a system to redact responses to queries or requests for services in accordance with access policies makes it possible to attain improved security in computing systems over conventional access control mechanisms that control based upon privileges for accessing a file, an account, a storage device or a machine upon which the information is stored.

    摘要翻译: 根据本发明的一个实施例,提供了用于确保访问数据的机制和方法。 用于保护对数据访问的这些机制和方法使得系统可以通过根据访问策略来修改由服务产生的响应来改进对信息访问的控制。 请求者可以是用户,代理或自动实体。 系统根据访问策略来修改对查询或服务请求的响应的这种能力使得可以通过基于访问文件,帐户,存储设备的特权来控制的传统访问控制机制来获得计算系统的改进的安全性 或存储信息的机器。

    System and method for dynamic data redaction
    8.
    发明授权
    System and method for dynamic data redaction 有权
    用于动态数据编辑的系​​统和方法

    公开(公告)号:US07748027B2

    公开(公告)日:2010-06-29

    申请号:US11222071

    申请日:2005-09-08

    申请人: Paul B. Patrick

    发明人: Paul B. Patrick

    IPC分类号: H04L9/32 G06F7/04 H04L9/00

    CPC分类号: G06F21/6227 G06F21/62 G06F21/6209 G06F2221/2141

    摘要: A system, method and media for dynamically redacting data based on the evaluation of one or more policies. In one embodiment, the method comprises receiving a request to access one or more resources, receiving responses from the one or more resources and assembling a result set which includes several portions of data, determining current access policies for the requestor to the one or more resources, and redacting from the result set a portion of the data that the requestor is not permitted to receive, based on the current access policies.

    摘要翻译: 一种用于基于一个或多个策略的评估动态地修改数据的系统,方法和媒体。 在一个实施例中,所述方法包括接收访问一个或多个资源的请求,从所述一个或多个资源接收响应并且组合包括若干数据部分的结果集,确定所述请求者到所述一个或多个资源的当前访问策略 ,并且根据当前的访问策略,从结果确定设置请求者不允许接收的数据的一部分。

    Dynamically configurable service oriented architecture
    9.
    发明授权
    Dynamically configurable service oriented architecture 有权
    动态配置的面向服务的架构

    公开(公告)号:US07653008B2

    公开(公告)日:2010-01-26

    申请号:US11221261

    申请日:2005-09-07

    申请人: Paul B. Patrick Ashok Aletty Jayaram Kasi Chet Kapoor Tolga Urhan Matthew Mihic

    发明人: Paul B. Patrick Ashok Aletty Jayaram Kasi Chet Kapoor Tolga Urhan Matthew Mihic

    IPC分类号: H04L12/26

    CPC分类号: H04L67/14 G06F15/16 G06F15/173 H04L29/08 H04L67/10 H04L67/1097 H04L67/2804 H04L67/2819 H04L67/2823

    摘要: A system, method and media for a service oriented architecture, including in one embodiment, a method for configuring a service proxy, comprising configuring a transformation between a reception protocol and a transmission protocol, configuring a potential message processing path capable of processing a message that has been received with the reception protocol, providing the message for transmission to the transmission protocol, wherein the potential message processing path includes a message processing node capable of processing the message, and wherein the message processing node implements an interface and/or a protocol that is compatible with the service proxy. Other features, aspects and objects of the invention can be obtained from a review of the specification, the figures and the claims.

    摘要翻译: 一种用于面向服务的架构的系统,方法和媒体,包括在一个实施例中,用于配置服务代理的方法,包括配置接收协议和传输协议之间的转换,配置能够处理消息的潜在消息处理路径, 已经接收到接收协议,提供用于传输到传输协议的消息,其中潜在消息处理路径包括能够处理消息的消息处理节点,并且其中消息处理节点实现接口和/或协议, 与服务代理兼容。 本发明的其它特征,方面和目的可以通过对说明书,附图和权利要求的回顾来获得。

    System and method for enterprise authentication
    10.
    发明授权
    System and method for enterprise authentication 有权
    企业认证系统和方法

    公开(公告)号:US07610615B2

    公开(公告)日:2009-10-27

    申请号:US11186444

    申请日:2005-07-21

    申请人: Paul B Patrick

    发明人: Paul B Patrick

    IPC分类号: G06F21/00 H04L29/06

    CPC分类号: H04L63/08 G06F21/31 G06F21/41 G06Q30/018 H04L63/083 H04L63/0861 H04L63/168

    摘要: A method for adaptively authenticating a subject, said method adapted to cooperate with a security provider interface hierarchy, said method comprising the steps of providing for the implementation of an authentication interface adapted to extend and implement at least a portion of the security provider hierarchy, providing for the authentication of the subject when so directed by the authentication interface, and providing for the association of a signed principal with the subject upon the successful authentication of the subject.

    摘要翻译: 一种用于自适应地认证对象的方法,所述方法适于与安全提供者接口层次结构协作,所述方法包括以下步骤:提供适于扩展和实现所述安全提供者层次结构的至少一部分的认证接口的实现,提供 用于当由认证接口指示时对主体的认证,并且在成功认证主体时提供签名的主体与主体的关联。