-
公开(公告)号:US08463289B2
公开(公告)日:2013-06-11
申请号:US13163396
申请日:2011-06-17
申请人: Gil Shklarski , Brian Beckman , Eyal Ofek , Kenn Daniel Cartier , Shai Herzog , Gur Kimchi , Bernard Lawrence Johnston
发明人: Gil Shklarski , Brian Beckman , Eyal Ofek , Kenn Daniel Cartier , Shai Herzog , Gur Kimchi , Bernard Lawrence Johnston
IPC分类号: H04W24/00
摘要: Positional information is provided while minimizing the possibility that personally identifiable information can be derived therefrom. Positional information is received in the form of trails that can be aggregated. Individual cells of a grid reflect a quantity of aggregated trails through those cells, an average intensity and direction of movement through those cells, or a more detailed distribution thereof. Alternatively, individual trails are aggregated to an aggregated trail in the form of a line. Further obfuscation of personally identifiable information occurs by resampling aggregated positional information, by introducing false positional information, or by falsely modifying existing positional information, in a manner that does not impact the overall aggregations, and by pruning, or deleting, positional information, especially around sensitive locations, such as a user's home, place of business, or other location that users typically would seek to keep private. Provision of positional information is delayed until a sufficient amount is received.
摘要翻译: 提供位置信息,同时最小化可以从其导出个人身份信息的可能性。 以可聚合的路径的形式收到位置信息。 网格的单个细胞反映了通过这些细胞的聚集迹线的数量,通过这些细胞的平均强度和移动方向,或其更详细的分布。 或者,单个路径将以行的形式聚合到聚合路径。 对个人识别信息的进一步模糊发生是通过重新采样聚合的位置信息,引入错误的位置信息,或以不影响总体聚集的方式错误地修改现有的位置信息,以及通过修剪或删除位置信息,特别是在 敏感位置,例如用户的家庭,营业地点或用户通常将寻求保密的其他位置。 提供位置信息被延迟直到接收到足够的量。
-
公开(公告)号:US20120090017A1
公开(公告)日:2012-04-12
申请号:US13324723
申请日:2011-12-13
CPC分类号: H04L63/08 , H04L12/1859 , H04L51/38 , H04L63/101 , H04L63/102 , H04L63/166 , H04L67/04 , H04L67/26 , H04L67/303 , H04L67/42 , H04W4/12 , H04W12/08
摘要: Systems and methods of authentication and authorization between a client, a server, and a gateway to facilitate communicating a message between a client and a server through a gateway. The client has a trusted relationship with each of the gateway and the server. A method includes registering the client with the gateway. The client also constructs the address space identifying the gateway and the client. The client communicates the address space to the server. The client receives an identity identifying the server. If the client authorizes to receive a message from the server through the gateway, the client informs the authorization to the gateway. The client puts the identity identifying the server on a list of servers which are authorized to send messages to the client. In addition, the client communicates the list of servers to the gateway.
摘要翻译: 客户端,服务器和网关之间的认证和授权的系统和方法,以便于通过网关在客户端和服务器之间传递消息。 客户端与每个网关和服务器都有可信赖的关系。 一种方法包括向客户端注册网关。 客户端还构建标识网关和客户端的地址空间。 客户端将地址空间传送到服务器。 客户端收到标识服务器的身份。 如果客户端授权通过网关从服务器接收消息,则客户端通知网关的授权。 客户端将身份识别服务器放在被授权向客户端发送消息的服务器列表中。 此外,客户端将服务器列表传送到网关。
-
公开(公告)号:US20110214174A1
公开(公告)日:2011-09-01
申请号:US12713431
申请日:2010-02-26
申请人: Shai Herzog , Gil Shklarski
发明人: Shai Herzog , Gil Shklarski
IPC分类号: H04L9/32
CPC分类号: H04L63/20 , H04L63/08 , H04L63/0807 , H04L63/0884 , H04L63/105 , H04L63/1408 , H04L63/1416
摘要: Web pages and applications commonly consume functionality provided by services to provide users with a rich experience. For example, a backend mapping service may provide access to these services. However, the users and application consuming the services may be anonymous and unverified. Accordingly, a two ticket validation technique is provided to validate service execution requests from anonymous applications. In particular, a user is provided with a client ticket comprising a reputation. The reputation may be adjusted over time based upon how the user consumes services. An application may request access to a service by providing the client ticket and an application ticket for validation. The reputation of the user may be used to determine an access level at which the application may access the service. Users with a high reputation may receive high quality access to the service, while users with a low reputation may receive lower quality access.
摘要翻译: 网页和应用程序通常消耗服务提供的功能,为用户提供丰富的体验。 例如,后端映射服务可以提供对这些服务的访问。 然而,消费服务的用户和应用程序可能是匿名的和未验证的。 因此,提供了两票验证技术来验证来自匿名应用的服务执行请求。 特别地,向用户提供包括声誉的客户机票。 可以根据用户如何消费服务来随时间调整声誉。 应用程序可以通过提供客户端票证和用于验证的应用票证来请求访问服务。 可以使用用户的信誉来确定应用可以访问该服务的访问级别。 具有较高信誉的用户可能会获得高质量的访问服务,而信誉低的用户可能会获得较低质量的访问。
-
公开(公告)号:US20100312899A1
公开(公告)日:2010-12-09
申请号:US12480560
申请日:2009-06-08
申请人: Shai Herzog , Rashid Qureshi , Jorge Raastroem , Xuemei Bao , Rajeev Bansal , Qian Zhang , Scott Michael Bragg
发明人: Shai Herzog , Rashid Qureshi , Jorge Raastroem , Xuemei Bao , Rajeev Bansal , Qian Zhang , Scott Michael Bragg
CPC分类号: H04L65/1066 , H04L67/14 , H04L67/141 , H04L67/145 , H04L67/28 , H04L67/2842 , H04L69/16 , H04L69/163 , H04L69/28
摘要: Systems and methods for use in communication between a client and a server, via a networking device, are provided. The method may include sending a request to establish a data connection from the client to the server via the networking device, setting a data connection keep-alive interval for the data connection to a predetermined safe value, and sending a request to establish a test connection between the client and the server. The method may further include determining an efficient keep-alive interval for communication between the client and server via the networking device, using the test connection, setting the data connection keep-alive interval to the efficient keep-alive interval determined using the test connection, and uploading the efficient keep-alive interval from the client to the server in an efficient keep-alive interval notification message, for communication to other clients connected to the server.
摘要翻译: 提供了通过网络设备在客户端和服务器之间的通信中使用的系统和方法。 该方法可以包括通过网络设备发送建立从客户端到服务器的数据连接的请求,将数据连接的数据连接保持间隔设置为预定的安全值,以及发送建立测试连接的请求 在客户端和服务器之间。 该方法可以进一步包括:使用测试连接,经由网络设备确定用于客户端和服务器之间的通信的有效保持间隔,将数据连接保持间隔设置为使用测试连接确定的有效保持间隔, 并且在有效的保持活动间隔通知消息中将高效的保持活动间隔从客户端上传到服务器,以便与连接到服务器的其他客户端进行通信。
-
5.发明授权公开(公告)号:US07676573B2
公开(公告)日:2010-03-09
申请号:US12028102
申请日:2008-02-08
申请人: Shai Herzog , Marie Hagman , Eric S. Vandenberg , Michael E. Deem
发明人: Shai Herzog , Marie Hagman , Eric S. Vandenberg , Michael E. Deem
IPC分类号: G06F15/173
CPC分类号: H04L41/0869 , H04L41/082 , H04L41/0859 , H04L43/0817 , H04W24/02
摘要: A stateful cache layer is created at a mobile device client that tracks the state on both the mobile device and management service. The states are synchronized between the mobile device and the management service on every management session. Through the statefulness of the cache layer, unauthorized changes on the mobile device are detected and accordingly handled such as internal correction or reporting to the management service for actionable instructions. A cache layer on the management server is configured to identify organizational policy changes that affect specific devices and initiate unsolicited immediate management sessions to update the configuration to the specific devices.
摘要翻译: 在移动设备客户端创建状态缓存层,跟踪移动设备和管理服务上的状态。 在每个管理会话上,移动设备和管理服务之间的状态是同步的。 通过缓存层的有状态,检测移动设备的未经授权的更改,并进行相应的处理,例如内部校正或向管理服务报告可执行的指令。 管理服务器上的缓存层被配置为识别影响特定设备的组织策略更改,并启动未经请求的立即管理会话以将配置更新到特定设备。
-
公开(公告)号:US20120322458A1
公开(公告)日:2012-12-20
申请号:US13163396
申请日:2011-06-17
申请人: Gil Shklarski , Brian Beckman , Eyal Ofek , Kenn Daniel Cartier , Shai Herzog , Gur Kimchi , Bernard Lawrence Johnston
发明人: Gil Shklarski , Brian Beckman , Eyal Ofek , Kenn Daniel Cartier , Shai Herzog , Gur Kimchi , Bernard Lawrence Johnston
IPC分类号: H04W24/00
摘要: Positional information is provided while minimizing the possibility that personally identifiable information can be derived therefrom. Positional information is received in the form of trails that can be aggregated. Individual cells of a grid reflect a quantity of aggregated trails through those cells, an average intensity and direction of movement through those cells, or a more detailed distribution thereof. Alternatively, individual trails are aggregated to an aggregated trail in the form of a line. Further obfuscation of personally identifiable information occurs by resampling aggregated positional information, by introducing false positional information, or by falsely modifying existing positional information, in a manner that does not impact the overall aggregations, and by pruning, or deleting, positional information, especially around sensitive locations, such as a user's home, place of business, or other location that users typically would seek to keep private. Provision of positional information is delayed until a sufficient amount is received.
摘要翻译: 提供位置信息,同时最小化可以从其导出个人身份信息的可能性。 以可聚合的路径的形式收到位置信息。 网格的单个细胞反映了通过这些细胞的聚集迹线的数量,通过这些细胞的平均强度和移动方向,或其更详细的分布。 或者,单个路径将以行的形式聚合到聚合路径。 对个人识别信息的进一步模糊发生是通过重新采样聚合的位置信息,引入错误的位置信息,或以不影响总体聚集的方式错误地修改现有的位置信息,以及通过修剪或删除位置信息,特别是在 敏感位置,例如用户的家庭,营业地点或用户通常将寻求保密的其他位置。 提供位置信息被延迟直到接收到足够的量。
-
公开(公告)号:US20100138501A1
公开(公告)日:2010-06-03
申请号:US12327484
申请日:2008-12-03
申请人: Nathaniel T. Clinton , Adam Sapek , Johannes Klein , Farookh Mohammed , Rashid Qureshi , Shai Herzog , Eric David Deily
发明人: Nathaniel T. Clinton , Adam Sapek , Johannes Klein , Farookh Mohammed , Rashid Qureshi , Shai Herzog , Eric David Deily
IPC分类号: G06F15/16
CPC分类号: G06F9/542 , G06F11/30 , G06F11/3006 , G06F11/3051 , G06F11/3072
摘要: In a push environment having a communication path along which a service provides messages to a computing device via a gateway, an inactivity timeout value and a registration timeout value enable the computing device to detect failures in the communication path. An application executing on the computing device registers an application endpoint with the gateway. The application separately subscribes to the service to receive the messages. If there is inactivity in accordance with the inactivity timeout value, the application de-registers and re-registers with the gateway, and unsubscribes and re-subscribes with the service.
摘要翻译: 在具有服务经由网关向计算设备提供消息的通信路径的推送环境中,非活动超时值和注册超时值使得计算设备能够检测通信路径中的故障。 在计算设备上执行的应用程序向网关注册应用端点。 应用程序单独订阅该服务以接收消息。 如果根据不活动超时值存在不活动状态,应用程序将对网关进行注销和重新注册,并取消订阅并重新订阅该服务。
-
公开(公告)号:US20080183800A1
公开(公告)日:2008-07-31
申请号:US11698639
申请日:2007-01-26
申请人: Shai Herzog , Marie Hagman , Bogdan M. Tepordei , Michael E. Deem
发明人: Shai Herzog , Marie Hagman , Bogdan M. Tepordei , Michael E. Deem
CPC分类号: H04L67/1095 , H04L67/125 , H04L67/28 , H04L67/2838 , H04L67/2847 , H04L67/325
摘要: A general-purpose proxy mobile device management architecture. The architecture serves as a proxy for a mobile client seeking services from backend systems. A virtual client image of state information associated with the mobile client is stored such that when the mobile client interacts with the proxy, the virtual image updates to the latest client state. Based on the changes to the state, the proxy system asynchronously accesses one or more arbitrary services of the backend systems on behalf of the mobile client. When the mobile client connects to the proxy, the proxy will have the latest services associated with the states of the virtual image, and updates the state of the mobile client. Updating and accessing occurs asynchronously on the frontend between the proxy and mobile devices and on the backend between the proxy and the backend systems.
摘要翻译: 通用代理移动设备管理架构。 该架构作为从后端系统寻求服务的移动客户端的代理。 存储与移动客户端相关联的状态信息的虚拟客户端映像,使得当移动客户端与代理交互时,虚拟映像更新到最新的客户端状态。 基于状态的变化,代理系统代表移动客户端异步访问后端系统的一个或多个任意服务。 当移动客户端连接到代理时,代理将具有与虚拟映像的状态相关联的最新服务,并更新移动客户端的状态。 在代理和移动设备之间的前端以及代理服务器和后端系统之间的后台,异步地进行更新和访问。
-
公开(公告)号:US20070192836A1
公开(公告)日:2007-08-16
申请号:US11276139
申请日:2006-02-15
申请人: Tomer Shiran , Sara Bitan , Nir Nice , Jeroen de Borst , Dave Field , Shai Herzog
发明人: Tomer Shiran , Sara Bitan , Nir Nice , Jeroen de Borst , Dave Field , Shai Herzog
IPC分类号: H04L9/32 , G06K9/00 , G06F15/16 , H04L9/00 , G06F17/30 , G06F17/00 , G06F9/00 , G06F7/04 , G06F7/58 , G06K19/00 , G06F15/173
CPC分类号: H04L9/321 , H04L9/3263 , H04L9/3271 , H04L9/3297
摘要: Systems and methods for performing explicit delegation with strong authentication are described herein. Systems can include one or more clients, one or more end servers, and one or more gateways intermediate or between the client and the end server. The client may include an explicit strong delegation component that is adapted to strongly authenticate the client to the gateway. The explicit strong delegation component may also explicitly delegate to the gateway a right to authenticate on behalf of the client, and to define a period of time over which the explicit delegation is valid. The system may be viewed as being self-contained, in the sense that the system need not access third-party certificate or key distribution authorities. Finally, the client controls the gateways or end servers to which the gateway may authenticate on the client's behalf.
摘要翻译: 这里描述了用于执行具有强认证的显式授权的系统和方法。 系统可以包括一个或多个客户端,一个或多个终端服务器,以及在客户端和终端服务器之间中间或之间的一个或多个网关。 客户端可以包括适合于向网关强烈认证客户端的显式强委派组件。 显式强委托组件还可以向网关显式地委托代表客户端进行认证的权限,并定义显式授权有效的时间段。 在系统不需要访问第三方证书或密钥分发机构的意义上,该系统可以被视为是独立的。 最后,客户端代表客户端控制网关可以对其进行身份验证的网关或终端服务器。
-
公开(公告)号:US09008859B2
公开(公告)日:2015-04-14
申请号:US12975586
申请日:2010-12-22
申请人: Shai Herzog , Eyal Ofek , Jeffrey Couckuyt
发明人: Shai Herzog , Eyal Ofek , Jeffrey Couckuyt
CPC分类号: G01C21/3652 , G06F3/016 , H04M1/72522 , H04M1/72572
摘要: Navigation instructions using low-bandwidth signaling are supported in an alternative user interface that may be utilized as either a full replacement or as an enhancement to conventional visual/audio navigation interfaces. In one illustrative example, the alternative interface makes use of the more constrained, but generally broadly available low-bandwidth signaling capability of mobile devices to encode navigation instructions in the form of varying patterns of tactile vibrations that may be imparted from the device to a user as haptic feedback. The user can sense the vibrations and readily translate them into the navigation instructions without needing any kind of special decoding equipment or using any special techniques. The vibrations may be encoded using easy to remember patterns so that a full and rich navigation feature set may be accessed with minimal training on the user's part.
摘要翻译: 在替代用户界面中支持使用低带宽信令的导航指令,其可以用作传统视觉/音频导航接口的完全替代或增强。 在一个说明性示例中,替代接口利用移动设备的更受约束但通常广泛可用的低带宽信令能力来编码导航指令,其形式可以是从设备向用户传递的触觉振动的变化模式 作为触觉反馈。 用户可以感觉到振动,并且很容易将它们转换成导航指令,而无需任何种类的特殊解码设备或使用任何特殊技术。 可以使用易于记忆的图案对振动进行编码,从而可以通过用户部分的最少训练来访问完整和丰富的导航特征集。
-
-
-
-
-
-
-
-
-
搜索结果
33 条记录 (耗时 0.018 秒)
