-
公开(公告)号:US20070255943A1
公开(公告)日:2007-11-01
申请号:US11379088
申请日:2006-04-18
申请人: David Kern , Shiu Poon , Robert Paganetti
发明人: David Kern , Shiu Poon , Robert Paganetti
IPC分类号: H04L9/00
CPC分类号: H04L9/0894
摘要: A system for automating the recovery of a credential store, in which client software generates a temporary key pair based on a new password, and sends client information including the user's name, the public half of the temporary key pair, and the host name of the client computer system to a server system, from which the client information is passed to a recovery process. The client software process displays a prompt indicating that the user should call a help desk. A help desk administrator verifies the user's identity and approves the user's request by causing an approval message to be sent to the recovery process. The recovery process obtains recovery information consisting of either the decryption key(s) for the credential store, or a decrypted copy of the credential store, and encrypts the recovery information using the temporary public key. The client process downloads the recovery information from the server, and decrypts it using private key of the temporary key pair. The credential store can then be decrypted using the recovery information if necessary, then re-encrypted based on the new password. The encrypted recovery information is stored on the server and re-used for a certain period of time, after which it is deleted, thus allowing multiple copies of the credential store to be conveniently recovered.
摘要翻译: 一种用于自动恢复凭证存储的系统,其中客户端软件基于新密码生成临时密钥对,并且发送包括用户名,临时密钥对的公开一半以及临时密钥对的主机名的客户端信息 客户端计算机系统到服务器系统,客户端信息从该系统传递到恢复过程。 客户端软件进程显示一个提示,指示用户应该呼叫帮助台。 帮助台管理员通过将批准消息发送到恢复过程来验证用户的身份并批准用户的请求。 恢复过程获得由用于证书存储的解密密钥或证书存储的解密密钥组成的恢复信息,并且使用临时公钥加密恢复信息。 客户端进程从服务器下载恢复信息,并使用临时密钥对的私钥对其进行解密。 然后可以使用恢复信息来解密凭证存储,如果需要,然后基于新密码重新加密。 加密的恢复信息存储在服务器上并重新使用一段时间,之后被删除,从而可以方便地恢复凭证存储的多个副本。
-
2.发明申请Method, system, and computer program product for limiting authorization of an executable action to an application session 有权用于将可执行动作的授权限制到应用程序会话的方法,系统和计算机程序产品公开(公告)号:US20060294581A1
公开(公告)日:2006-12-28
申请号:US11158821
申请日:2005-06-22
申请人: Shiu Poon
发明人: Shiu Poon
IPC分类号: H04L9/32
摘要: The present invention provides a method, system, and computer program product for limiting authorization of an executable action to an application session. A method in accordance with an embodiment of the present invention comprises: generating an alert in response to an execution of an action in an application; and allowing a user to temporarily authorize the execution of the action for a current session of the application. The authorization for the execution of the action is removed when the current session of the application ends.
摘要翻译: 本发明提供了一种用于将可执行动作的授权限制到应用会话的方法,系统和计算机程序产品。 根据本发明的实施例的方法包括:响应于应用中的动作的执行而产生警报; 并允许用户暂时授权对应用的当前会话执行该动作。 当应用程序的当前会话结束时,将删除执行操作的授权。
-
搜索结果
2 条记录 (耗时 0.023 秒)
