-
公开(公告)号:US08584210B2
公开(公告)日:2013-11-12
申请号:US13085127
申请日:2011-04-12
申请人: Robert E. Walsh , Varun Goel
发明人: Robert E. Walsh , Varun Goel
IPC分类号: H04L29/06
摘要: An access management system receives an access request for a target computer from a client computer. The access request comprises a digital certificate belonging to a user. The access management system verifies the identity of the user by validating the digital certificate. When so verified, the user receives access privileges from a policy database. The access privileges contain one or more access attributes. The access management system evaluates the access request based the one or more access attributes and grants the user access to the target computer if all the one or more access attributes are satisfied.
-
2.发明申请System and Method for Managing Access to a Plurality of Servers in an Organization 有权管理对组织中多个服务器的访问的系统和方法公开(公告)号:US20100325717A1
公开(公告)日:2010-12-23
申请号:US12487380
申请日:2009-06-18
申请人: Varun Goel , Robert Walsh
发明人: Varun Goel , Robert Walsh
CPC分类号: H04L63/102
摘要: A system for managing access to resources in a plurality of servers by a plurality of client computers by using an operating system independent Secure Shell (SSH) protocol running in each server and using a central policy database that centrally stores access rules which specify access to the servers for a plurality of users/accounts. Each time a target server receives a user request to establish an SSH session, it retrieves associated access rules from the central policy database to obtain the latest access rules. Based on the retrieved rules and the identity of the user and the identity of the client computer, the target server determines whether the user has permission to establish the SSH session with the target server. Using a centralized database and requiring the servers to always retrieve the latest access rules from a central database provides consistent application of the access rules across all servers and all client computers.
摘要翻译: 一种用于通过使用在每个服务器中运行的独立于操作系统的安全壳(SSH)协议来管理由多个客户端计算机访问多个服务器的系统的系统,并且使用集中存储访问规则的中央策略数据库,所述访问规则指定访问 用于多个用户/帐户的服务器。 每次目标服务器接收到建立SSH会话的用户请求时,它将从中央策略数据库检索相关的访问规则,以获取最新的访问规则。 基于检索到的规则和用户的身份以及客户端计算机的身份,目标服务器确定用户是否有权与目标服务器建立SSH会话。 使用集中式数据库并要求服务器始终从中央数据库检索最新的访问规则,可以提供所有服务器和所有客户端计算机上的访问规则的一致应用。
-
公开(公告)号:US20110252459A1
公开(公告)日:2011-10-13
申请号:US13085127
申请日:2011-04-12
申请人: Robert E. Walsh , Varun Goel
发明人: Robert E. Walsh , Varun Goel
IPC分类号: H04L9/32
CPC分类号: H04L63/20 , G06F21/33 , H04L9/3263 , H04L63/0823 , H04L63/168
摘要: An access management system receives an access request for a target computer from a client computer. The access request comprises a digital certificate belonging to a user. The access management system verifies the identity of the user by validating the digital certificate. When so verified, the user receives access privileges from a policy database. The access privileges contain one or more access attributes. The access management system evaluates the access request based the one or more access attributes and grants the user access to the target computer if all the one or more access attributes are satisfied.
摘要翻译: 访问管理系统从客户端计算机接收目标计算机的访问请求。 访问请求包括属于用户的数字证书。 访问管理系统通过验证数字证书来验证用户的身份。 经过验证后,用户从策略数据库接收访问权限。 访问权限包含一个或多个访问属性。 访问管理系统基于一个或多个访问属性来评估访问请求,并且如果满足所有一个或多个访问属性,则授予用户对目标计算机的访问。
-
4.发明授权System and method for managing access to a plurality of servers in an organization 有权用于管理对组织中的多个服务器的访问的系统和方法公开(公告)号:US08959613B2
公开(公告)日:2015-02-17
申请号:US12487380
申请日:2009-06-18
申请人: Varun Goel , Robert Walsh
发明人: Varun Goel , Robert Walsh
CPC分类号: H04L63/102
摘要: A system for managing access to resources in a plurality of servers by a plurality of client computers by using an operating system independent Secure Shell (SSH) protocol running in each server and using a central policy database that centrally stores access rules which specify access to the servers for a plurality of users/accounts. Each time a target server receives a user request to establish an SSH session, it retrieves associated access rules from the central policy database to obtain the latest access rules. Based on the retrieved rules and the identity of the user and the identity of the client computer, the target server determines whether the user has permission to establish the SSH session with the target server. Using a centralized database and requiring the servers to always retrieve the latest access rules from a central database provides consistent application of the access rules across all servers and all client computers.
摘要翻译: 一种用于通过使用在每个服务器中运行的独立于操作系统的安全壳(SSH)协议来管理由多个客户端计算机访问多个服务器的系统的系统,并且使用集中存储访问规则的中央策略数据库,所述访问规则指定访问 用于多个用户/帐户的服务器。 每次目标服务器接收到建立SSH会话的用户请求时,它将从中央策略数据库检索相关的访问规则,以获取最新的访问规则。 基于检索到的规则和用户的身份以及客户端计算机的身份,目标服务器确定用户是否有权与目标服务器建立SSH会话。 使用集中式数据库并要求服务器始终从中央数据库检索最新的访问规则,可以提供所有服务器和所有客户端计算机上的访问规则的一致应用。
-
公开(公告)号:US20140109179A1
公开(公告)日:2014-04-17
申请号:US14074654
申请日:2013-11-07
申请人: Robert E. Walsh , Varun Goel
发明人: Robert E. Walsh , Varun Goel
IPC分类号: H04L29/06
CPC分类号: H04L63/20 , G06F21/33 , H04L9/3263 , H04L63/0823 , H04L63/168
摘要: An access management system receives an access request for a target computer from a client computer. The access request comprises a digital certificate belonging to a user. The access management system verifies the identity of the user by validating the digital certificate. When so verified, the user receives access privileges from a policy database. The access privileges contain one or more access attributes. The access management system evaluates the access request based the one or more access attributes and grants the user access to the target computer if all the one or more access attributes are satisfied.
摘要翻译: 访问管理系统从客户端计算机接收目标计算机的访问请求。 访问请求包括属于用户的数字证书。 访问管理系统通过验证数字证书来验证用户的身份。 经过验证后,用户从策略数据库接收访问权限。 访问权限包含一个或多个访问属性。 访问管理系统基于一个或多个访问属性来评估访问请求,并且如果满足所有一个或多个访问属性,则授予用户对目标计算机的访问。
-
-
-
-
搜索结果
5 条记录 (耗时 0.01 秒)
