-
公开(公告)号:US20090217362A1
公开(公告)日:2009-08-27
申请号:US12432606
申请日:2009-04-29
申请人: Arun K. Nanda , Hervey Wilson , Dan Guberman , Vijay K. Gajjala , Raman Chikkamagalur , Oren Melzer
发明人: Arun K. Nanda , Hervey Wilson , Dan Guberman , Vijay K. Gajjala , Raman Chikkamagalur , Oren Melzer
CPC分类号: H04L63/0884 , G06F21/33 , G06F21/42 , G06F21/73 , H04L29/00 , H04L63/0815 , H04L63/105
摘要: A server provisions a client with digital identity representations such as information cards. A provisioning request to the server includes filtering parameters. The server assembles a provisioning response containing cards that satisfy the filtering parameters, and transmits the response to a client, possibly by way of a proxy. The provisioning response may include provisioning state information to help a server determine in subsequent exchanges which cards are already present on the client. A client may keep track the source of information cards and discard cards which a server has discarded. A proxy may make the provisioning request on behalf of a client, providing the server with the proxy's own authentication and with a copy of the request from the client to the proxy.
摘要翻译: 服务器为客户端提供数字身份表示,如信息卡。 向服务器的配置请求包括过滤参数。 服务器组装包含满足过滤参数的卡的配置响应,并且可能通过代理将响应发送给客户端。 供应响应可以包括供应状态信息以帮助服务器在随后的交换机中确定哪些卡已经存在于客户端上。 客户端可以跟踪服务器已丢弃的信息卡和丢弃卡的来源。 代理可以代表客户端提供供应请求,为服务器提供代理自己的身份验证,并将客户端的请求副本提供给代理。
-
公开(公告)号:US08078870B2
公开(公告)日:2011-12-13
申请号:US12465725
申请日:2009-05-14
申请人: Arun K. Nanda , Hervey Wilson
发明人: Arun K. Nanda , Hervey Wilson
IPC分类号: H04L9/32
CPC分类号: H04L63/08 , H04L63/0807 , H04L63/168
摘要: A system and method for authenticating an HTTP message. A relying party may respond to a request from a requester by sending an HTTP message with authentication specifications to the requester. The requester responds with a new request that adheres to a scheme specified by the relying party. A framework allows for a security token to be located in an HTTP header or a message body, with various options such as fragmenting the token available. An option allows for cryptographically binding the security token to the body of a message. An authentication framework provides for an implementation by an HTTP stack or by an application.
摘要翻译: 用于认证HTTP消息的系统和方法。 依赖方可以通过向请求者发送具有认证规范的HTTP消息来响应请求者的请求。 请求者响应一个遵守依赖方规定的方案的新请求。 框架允许将安全令牌位于HTTP头或消息体中,具有各种选项,如将可用令牌分段。 一个选项允许将安全令牌加密地绑定到消息正文。 认证框架提供了HTTP堆栈或应用程序的实现。
-
公开(公告)号:US20100293385A1
公开(公告)日:2010-11-18
申请号:US12465725
申请日:2009-05-14
申请人: Arun K. Nanda , Hervey Wilson
发明人: Arun K. Nanda , Hervey Wilson
IPC分类号: H04L9/32
CPC分类号: H04L63/08 , H04L63/0807 , H04L63/168
摘要: A system and method for authenticating an HTTP message. A relying party may respond to a request from a requester by sending an HTTP message with authentication specifications to the requester. The requester responds with a new request that adheres to a scheme specified by the relying party. A framework allows for a security token to be located in an HTTP header or a message body, with various options such as fragmenting the token available. An option allows for cryptographically binding the security token to the body of a message. An authentication framework provides for an implementation by an HTTP stack or by an application.
摘要翻译: 用于认证HTTP消息的系统和方法。 依赖方可以通过向请求者发送具有认证规范的HTTP消息来响应请求者的请求。 请求者响应一个遵守依赖方规定的方案的新请求。 框架允许将安全令牌位于HTTP头或消息体中,具有各种选项,如将可用令牌分段。 一个选项允许将安全令牌加密地绑定到消息正文。 认证框架提供了HTTP堆栈或应用程序的实现。
-
公开(公告)号:US20060117024A1
公开(公告)日:2006-06-01
申请号:US11325690
申请日:2006-01-04
CPC分类号: G06F17/30067 , H04L29/12132 , H04L29/12594 , H04L61/1552 , H04L61/3015 , Y10S707/99931 , Y10S707/99942 , Y10S707/99943 , Y10S707/99944 , Y10S707/99945 , Y10S707/99948
摘要: Implementations of the present invention relate in part to optimizations to peer-to-peer communication systems. For example, one implementation relates to use of a smart transceiver that creates, caches, and manages communication channels dynamically between peers. Another implementation relates to use of a central tracking object that can be used to efficiently register and distribute peer messages among the various peers. In one implementation, the central tracking object is shared amongst peers in the group. Still another implementation relates to associating peer groups with namespaces, and for including peer groups of one namespace within still other peer groups of different namespaces. These and other aspects of the invention can also be used to ensure delivery intent of a given peer message is preserved, and to ensure that optimal numbers of messages are communicated to any given peer at any given time.
-
公开(公告)号:US20060034431A1
公开(公告)日:2006-02-16
申请号:US10918907
申请日:2004-08-15
申请人: Keith Ballinger , Hervey Wilson
发明人: Keith Ballinger , Hervey Wilson
IPC分类号: H04M1/64
CPC分类号: H04L69/32
摘要: Methods, systems, and computer program products for processing network messages in a manner that simplifies messaging application logic. Processing layers of a messaging system architecture that may include a transport layer, a channel layer, a send/receive layer, a service/client layer, and potentially others, are aware of an End Point Reference (“EPR”) within a network message The transport layer retrieves message data from a message transport. The channel layer de-serializing the network message consistent with an underlying type system. The send/receive layer filters and dispatches the network message to messaging logic (other layers or application logic) based on the EPRs. The service/client message layer dispatches the network message to messaging application logic based on the EPRs. These EPR aware message processing layers implement dispatch logic so that messaging applications written for the architecture need not provide the dispatch logic, simplifying the messaging application logic and development of the messaging application itself.
摘要翻译: 用于以简化消息传递应用逻辑的方式处理网络消息的方法,系统和计算机程序产品。 可以包括传输层,信道层,发送/接收层,服务/客户端层以及潜在的其它消息系统架构的处理层知道网络消息内的端点参考(“EPR”) 传输层从消息传输中检索消息数据。 信道层将网络消息序列化,与基础类型系统一致。 发送/接收层基于EPR将网络消息过滤并分发到消息传递逻辑(其他层或应用程序逻辑)。 服务/客户端消息层基于EPR将网络消息分派到消息传递应用程序逻辑。 这些EPR感知消息处理层实现调度逻辑,使得针对架构编写的消息传递应用程序不需要提供调度逻辑,简化了消息应用程序逻辑和消息传递应用程序本身的开发。
-
公开(公告)号:US20100287603A1
公开(公告)日:2010-11-11
申请号:US12437681
申请日:2009-05-08
申请人: Jan Alexander , Hervey Wilson
发明人: Jan Alexander , Hervey Wilson
CPC分类号: G06F21/6218
摘要: Techniques for implementing flexible identity issuance systems to allow users to specify one or more evaluation processes to be carried out by the issuance system based on input identity information. These evaluation processes may be specified in any suitable manner to allow an issuance system to carry out any process for generating output identity information for a content consumer. In some embodiments, an evaluation process may be specified to the issuance system as a series of tasks to be carried out, where each task corresponds to a conditions and an action to be taken when the condition is met. In this way, an evaluation process may be simply and easily specified by what operations are to be carried out, rather than how the operations are to be carried out. An issuer may interpret the specification to determine a functional process for carrying out the tasks.
摘要翻译: 用于实现灵活身份发行系统的技术,以允许用户基于输入身份信息来指定由发行系统执行的一个或多个评估过程。 这些评估过程可以以任何适当的方式来指定,以允许发行系统执行用于为内容消费者生成输出身份信息的任何过程。 在一些实施例中,可以将评估过程指定为作为要执行的一系列任务,其中每个任务对应于当条件满足时要采取的条件和动作。 以这种方式,可以通过什么操作来执行评估过程,而不是如何执行操作。 发行人可以解释规范来确定执行任务的功能过程。
-
公开(公告)号:US20060041636A1
公开(公告)日:2006-02-23
申请号:US10892007
申请日:2004-07-14
申请人: Keith Ballinger , Hervey Wilson , Vick Mukherjee
发明人: Keith Ballinger , Hervey Wilson , Vick Mukherjee
IPC分类号: G06F15/16
CPC分类号: H04L67/16 , H04L67/28 , H04L67/2852
摘要: Example embodiments provide for processing policies that include policy assertions associated with incoming or outgoing messages of an application in a distributed system, without having to have code within the application for executing the policy assertions. When a message is received by a Web service engine, a policy document associated with an application may be accessed for identifying objects corresponding to policy assertions within the policy document. The objects identified can then be used to generate assertion handlers, which are software entities that include executable code configured to determine if messages can satisfy requirements described by the policy assertions.
摘要翻译: 示例性实施例提供了处理策略,其包括与分布式系统中的应用的传入或传出消息相关联的策略断言,而不必在应用程序内具有用于执行策略断言的代码。 当Web服务引擎接收到消息时,可以访问与应用相关联的策略文档,用于识别与策略文档内的策略断言相对应的对象。 所识别的对象然后可以用于生成断言处理程序,这些软件实体包括被配置为确定消息是否可以满足策略断言描述的要求的可执行代码的软件实体。
-
公开(公告)号:US20050053050A1
公开(公告)日:2005-03-10
申请号:US10645279
申请日:2003-08-20
申请人: Keith Ballinger , HongMei Ge , Hervey Wilson , Vick Mukherjee
发明人: Keith Ballinger , HongMei Ge , Hervey Wilson , Vick Mukherjee
IPC分类号: H04L12/56 , G06F15/173
摘要: A sending computer system relays a message or a processing request through one or more configurable routers prior to the message or request reaching an ultimate destination. A client at the sending computer system can indicate a routing preference for the message or request, and a module can supplement or override the routing preference by adding or deleting a router from a router list contained within the message or request. This change can be done based on router data, as well as based on content within the message. One or more intermediate routers along the routing path can perform a similar function as the module. The ultimate destination, or receiving computer system, verifies that it is the appropriate recipient of the message or request, and then accepts the data associated with the message or request. This has application to many types of messaging systems, including simple object access protocols.
摘要翻译: 发送计算机系统在消息或请求到达最终目的地之前通过一个或多个可配置路由器中继消息或处理请求。 发送计算机系统中的客户端可以指示消息或请求的路由选择,并且模块可以通过从包含在消息或请求中的路由器列表添加或删除路由器来补充或覆盖路由选择。 此更改可以基于路由器数据,以及基于消息内的内容来完成。 沿着路由路径的一个或多个中间路由器可以执行与该模块类似的功能。 最终目的地或接收计算机系统验证它是消息或请求的适当接收者,然后接受与该消息或请求相关联的数据。 这可以应用于许多类型的消息系统,包括简单的对象访问协议。
-
公开(公告)号:US20050044398A1
公开(公告)日:2005-02-24
申请号:US10645375
申请日:2003-08-20
申请人: Keith Ballinger , HongMei Ge , Hervey Wilson , Vick Mukherjee
发明人: Keith Ballinger , HongMei Ge , Hervey Wilson , Vick Mukherjee
CPC分类号: G06F21/6209 , H04L9/3234 , H04L9/3247 , H04L2209/60 , H04L2209/68 , H04L2209/80
摘要: A sending computer system generates a message and creates one or more security tokens to encrypt portions of the message. The computer system includes in the message a markup language identifier for the one or more security tokens used for encryption, and includes identification of the value type used to create the tokens. The computer system then serializes at least the portion of the message that identifies the one or more security tokens, without serializing other portions of the message that aid relaying of the message to a receiving computer system. A receiving computer system deserializes at least the portion of the message that identifies the one or more security tokens, and then uses deserialized token data to decrypt encrypted portions of the message. Each created security token can be made with customized data and fields, and can be made with a customized value type.
摘要翻译: 发送计算机系统生成消息并创建一个或多个安全令牌来加密消息的部分。 计算机系统在消息中包括用于加密的一个或多个安全令牌的标记语言标识符,并且包括用于创建令牌的值类型的标识。 然后,计算机系统至少串行标识一个或多个安全令牌的消息的部分,而不串行化消息的其他部分,该消息有助于将消息中继到接收计算机系统。 接收计算机系统反序列化标识一个或多个安全令牌的消息的至少部分,然后使用反序列化令牌数据来解密消息的加密部分。 每个创建的安全令牌都可以使用自定义的数据和字段进行创建,并且可以使用自定义的值类型。
-
公开(公告)号:US20070150540A1
公开(公告)日:2007-06-28
申请号:US11318768
申请日:2005-12-27
IPC分类号: G06F15/16
CPC分类号: H04L67/104
摘要: Managing peer-to-peer application components. A method may be performed, for example, at a computer system that includes application components including peer-to-peer application components. The peer-to-peer application components allow the computer system to communicate with other agents, such as host computers, operating systems, frameworks, application code and the like, in a peer-to-peer fashion. The computer system includes a launch pad module for coordinating the peer-to-peer application components. The method includes providing an extensible interface that allows peer-to-peer application components to be registered with the launch pad module. Peer-to-peer application components are registered with the launch pad module. Requests are accepted from agents directed to the peer-to-peer application components registered with the launch pad module. Launch functions are performed for the peer-to-peer application components registered with the launch pad module in response to the requests.
摘要翻译: 管理对等应用程序组件。 例如,可以在包括包括对等应用组件在内的应用组件的计算机系统上执行方法。 对等应用程序组件允许计算机系统以对等方式与其他代理(例如主机,操作系统,框架,应用程序代码等)进行通信。 计算机系统包括用于协调对等应用组件的启动板模块。 该方法包括提供允许对等应用组件向启动板模块注册的可扩展接口。 对等应用程序组件在启动板模块中注册。 代理人接受从针对发射台模块注册的对等应用组件的请求。 响应于请求,对启动板模块注册的对等应用组件执行启动功能。
-
-
-
-
-
-
-
-
-
搜索结果
19 条记录 (耗时 0.026 秒)