摘要:
Techniques for variable security access information are presented. The complexity levels associated with access secrets drive the assigned access rights to target resources. A single target resource may have varying sets of access rights, where each set is associated with a particular complexity level for a given access secret. A requesting principal can custom establish the principal's desired access secret complexity level for a target resource; this in turn drives the set of access rights for the target resource, which the principal may use when accessing the target resource.
摘要:
Techniques for variable security access information are presented. The complexity levels associated with access secrets drive the assigned access rights to target resources. A single target resource may have varying sets of access rights, where each set is associated with a particular complexity level for a given access secret. A requesting principal can custom establish the principal's desired access secret complexity level for a target resource; this in turn drives the set of access rights for the target resource, which the principal may use when accessing the target resource.
摘要:
Techniques for attesting to content received from an author (sender) are provided. A sender's content is represented by a message digest. The message digest is signed by an identity service. The signed message digest represents an attestation as to the authenticity of the content from the sender. The sender transmits the signed message digest and content in a message to a recipient. The recipient verifies the signature and message digest to authenticate the content from the sender.
摘要:
Techniques for personalizing content are presented. A principal requests access to content. Policy is evaluated in response to the request for the content. Scripts are processed in response to the policy evaluation to rewrite and modify the content. The modified content is then delivered to the requesting principal to personalize the content for the principal.
摘要:
Techniques for port hopping are presented. A sender and a receiver engage in a communication session with one another and dynamically switch ports during that communication session. A decision to switch ports is based on a data length or packet count of a given transaction occurring during the communication session. The data length and packet count randomly and dynamically change during the communication session and varies from one transaction to another transaction. Any particular port to switch to during the communication session is also randomly and dynamically generated and varies from one transaction to another transaction.
摘要:
Techniques for establishing implicit trust of authorship certification are provided. A message's domain is validated in response to a valid domain certificate. A message's author is validated in response to an author identification, which is acquired from the message and which is supplied to a domain service of the author. The domain service is implicitly trusted based on the domain being validated via the domain certificate. The domain service uses the author's identification to traverse to a specific location within the domain that houses an author certificate for the author. The author certificate is compared against a message certificate that accompanies the message in order to establish trust with the author and the author's message.
摘要:
Techniques for port hopping are presented. A sender and a receiver engage in a communication session with one another and dynamically switch ports during that communication session. A decision to switch ports is based on a data length or packet count of a given transaction occurring during the communication session. The data length and packet count randomly and dynamically change during the communication session and varies from one transaction to another transaction. Any particular port to switch to during the communication session is also randomly and dynamically generated and varies from one transaction to another transaction.
摘要:
Techniques for the local personalization of content are presented. A content personalization service is dynamically pushed from a server environment to a client processing environment associated with a principal on demand. The content personalization service interjects itself between content that the principal attempts to view and access within the client processing environment and modifies and personalizes that content on behalf of the principal before the principal can view or access the content.
摘要:
Techniques for recognizing multiple patterns within a string of characters are presented. A dictionary is hierarchically organized, such that leaf nodes within the dictionary represents words defined in the dictionary. A string of characters are received. Each character within the string is traversed by attempting to match it with a character defined in the dictionary. As long as a match continues with the dictionary the characters within the string are traversed. Once a longest possible match to a word within the dictionary is found, the next character following the last matched character for the string is processed.
摘要:
Techniques for representing extensible markup language (XML) in an executable format are presented. An XML document is parsed into its components and content. The components and content are packaged as an executable. Some portions of the executable include authentication logic or policy logic that is subsequently enforced when the executable is processed. The executable is subsequently distributed to recipient machines. The machines process the executable and produce memory loaded versions of the components and content representing the XML document on the machines. The memory loaded versions of the components and content include conditionally added authentication logic of policy logic.