利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

23 条记录 (耗时 0.052 秒)

    Support of tamper detection for a log of records
    3.
    发明授权
    Support of tamper detection for a log of records 失效
    支持篡改检测记录日志

    公开(公告)号:US08230228B2

    公开(公告)日:2012-07-24

    申请号:US12263427

    申请日:2008-10-31

    申请人: Timothy J. Hahn Heather M. Hinton

    发明人: Timothy J. Hahn Heather M. Hinton

    IPC分类号: H04L29/06 H04L29/00

    CPC分类号: G06F21/64 G06F2221/2101

    摘要: Tamper detection of audit records comprises configuring a proxy for adding tamper evidence information to audit information by obtaining audit records from at least one audit record generating source, grouping obtained audit records into subsets of audit records and providing tamper evidence processing to the subsets utilizing a cryptographic mechanism to calculate a signature over each subset of audit records. The proxy groups the subsets such that each subset contains at least one designated carryover audit record that overlaps into a next subset so that each carryover audit record is associated with at least two signatures. As such, the proxy creates an overlapping chain of digitally signed audit records subsets. The proxy further forwards the tamper evident audit records from the tamper evidence adding proxy to a corresponding audit log storage subsystem for storage, storing the calculated signatures.

    摘要翻译: 审计记录的篡改检测包括配置代理,通过从至少一个审计记录产生源获得审计记录,将获取的审计记录分组到审计记录的子集中,并通过加密方式向子集提供篡改证据处理,从而将审计信息添加到审计信息中 计算每个审计记录子集签名的机制。 代理对子集进行分组,使得每个子集包含至少一个与下一个子集重叠的指定的结转审核记录,使得每个结转审核记录与至少两个签名相关联。 因此,代理创建一个数字签名的审计记录子集的重叠链。 代理进一步将篡改明显的审计记录从篡改证据添加代理转发到相应的审计日志存储子系统进行存储,存储计算的签名。

    SUPPORT OF TAMPER DETECTION FOR A LOG OF RECORDS
    4.
    发明申请
    SUPPORT OF TAMPER DETECTION FOR A LOG OF RECORDS 失效
    支持记录记录的篡改检测

    公开(公告)号:US20100115284A1

    公开(公告)日:2010-05-06

    申请号:US12263427

    申请日:2008-10-31

    申请人: Timothy J. Hahn Heather M. Hinton

    发明人: Timothy J. Hahn Heather M. Hinton

    IPC分类号: H04L9/32 H04L9/06

    CPC分类号: G06F21/64 G06F2221/2101

    摘要: Tamper detection of audit records comprises configuring a proxy for adding tamper evidence information to audit information by obtaining audit records from at least one audit record generating source, grouping obtained audit records into subsets of audit records and providing tamper evidence processing to the subsets utilizing a cryptographic mechanism to calculate a signature over each subset of audit records. The proxy groups the subsets such that each subset contains at least one designated carryover audit record that overlaps into a next subset so that each carryover audit record is associated with at least two signatures. As such, the proxy creates an overlapping chain of digitally signed audit records subsets. The proxy further forwards the tamper evident audit records from the tamper evidence adding proxy to a corresponding audit log storage subsystem for storage, storing the calculated signatures.

    摘要翻译: 审计记录的篡改检测包括配置代理,通过从至少一个审计记录产生源获得审计记录,将获取的审计记录分组到审计记录的子集中,并通过加密方式向子集提供篡改证据处理,从而将审计信息添加到审计信息中 计算每个审计记录子集签名的机制。 代理对子集进行分组,使得每个子集包含至少一个与下一个子集重叠的指定的结转审核记录,使得每个结转审核记录与至少两个签名相关联。 因此,代理创建一个数字签名的审计记录子集的重叠链。 代理进一步将篡改明显的审计记录从篡改证据添加代理转发到相应的审计日志存储子系统进行存储,存储计算的签名。

    Role-based access control management for multiple heterogeneous application components
    5.
    发明授权
    Role-based access control management for multiple heterogeneous application components 失效
    基于角色的多个异构应用程序组件的访问控制管理

    公开(公告)号:US07676831B2

    公开(公告)日:2010-03-09

    申请号:US11221630

    申请日:2005-09-08

    申请人: Kathryn H. Britton Dieter Buehler Ching-Yun Chao Timothy J. Hahn Anthony J. Nadalin Nataraj Nagaratnam Yi-Hsiu Wei ChunHui Yang

    发明人: Kathryn H. Britton Dieter Buehler Ching-Yun Chao Timothy J. Hahn Anthony J. Nadalin Nataraj Nagaratnam Yi-Hsiu Wei ChunHui Yang

    IPC分类号: H04L9/32 H04L9/00 G06F7/04

    CPC分类号: G06F21/6236

    摘要: Embodiments of the present invention address deficiencies of the art in respect to access control and provide a method, system and computer program product for access control management for a collection of heterogeneous application components. In a first embodiment, a data processing system for role-based access control management for multiple heterogeneous application components can include at least one business role descriptor associating a business role with multiple, different application roles for corresponding, disparate application components. The system also can include at least one access policy associating a user with the business role. Finally, the system can include policy deployment logic include program code enabled to process the access policy to assign the user to the different application roles in the disparate application components.

    摘要翻译: 本发明的实施例解决了本领域在访问控制方面的缺陷,并提供了用于异构应用组件的集合的访问控制管理的方法,系统和计算机程序产品。 在第一实施例中,用于多个异构应用组件的用于基于角色的访问控制管理的数据处理系统可以包括将业务角色与用于相应的不同应用组件的多个不同应用角色相关联的至少一个业务角色描述符。 系统还可以包括将用户与业务角色相关联的至少一个访问策略。 最后,系统可以包括策略部署逻辑,包括能够处理访问策略的程序代码,以将用户分配给不同应用程序组件中的不同应用程序角色。

    Software Protection Using an Installation Product Having an Entitlement File
    8.
    发明申请
    Software Protection Using an Installation Product Having an Entitlement File 有权
    使用具有授权文件的安装产品进行软件保护

    公开(公告)号:US20120216294A1

    公开(公告)日:2012-08-23

    申请号:US13454555

    申请日:2012-04-24

    申请人: Timothy J. Hahn Bernard P. Palmer, JR. Michael P. Waidner James J. Whitmore

    发明人: Timothy J. Hahn Bernard P. Palmer, JR. Michael P. Waidner James J. Whitmore

    IPC分类号: G06F21/00

    CPC分类号: G06F21/10 G06F21/105 G06F21/12 G06F2221/0737 H04L9/3247 H04L9/3263 H04L2209/60 H04L2209/68

    摘要: Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product. Also, techniques for facilitating security compliance of a computer program product include providing an encoded version of a computer program product, and providing an installation product builder for the computer program product, wherein the installation product builder creates an installation product in a computer storage medium using a client identity and the encoded version of the computer program product during a registration process, and wherein the created installation product comprises an entitlement file to facilitate security compliance of the computer program product.

    摘要翻译: 提供了用于建立计算机程序产品的权利的技术,并且包括在注册过程中提供客户端身份以产生授权文件,获得计算机程序产品的编码版本,以及将计算机程序产品变换为安装产品 计算机存储介质,其中安装产品包括授权文件以建立计算机程序产品的有权使用。 此外,用于促进计算机程序产品的安全符合性的技术包括提供计算机程序产品的编码版本,并为计算机程序产品提供安装产品构建器,其中安装产品构建器使用计算机存储介质中的安装产品 客户端身份和计算机程序产品的编码版本,并且其中所创建的安装产品包括授权文件,以促进计算机程序产品的安全符合性。

    Public key infrastructure delegation
    9.
    发明授权
    Public key infrastructure delegation 有权
    公钥基础设施委托

    公开(公告)号:US06711679B1

    公开(公告)日:2004-03-23

    申请号:US09282871

    申请日:1999-03-31

    申请人: Richard H. Guski Timothy J. Hahn

    发明人: Richard H. Guski Timothy J. Hahn

    IPC分类号: H04L900

    CPC分类号: H04L63/0428 H04L9/006 H04L9/3247 H04L9/3263 H04L9/3297 H04L63/0823 H04L63/126 H04L2209/80

    摘要: An approach for allowing a server to act on behalf of an original requestor (originator) which includes an approach for indicating the chain of servers through which the original request came has been defined. This provides a mechanism for a server to act as a “delegate” for a request made by an originator. This approach uses PKI constructs and relies upon public-private key digital signatures for verifying the validity if the “delegation” information. The approach described here allows the originator some control over the extent to which its identity can be used on its behalf by servers that it contacts and servers that are contacted on its behalf. The entire “delegation chain” is contained within the construct, allowing examination of the “path” that a request has taken in getting to a server from which service was requested.

    摘要翻译: 允许服务器代表原始请求者(发起方)采取行动的方法,其中包括用于指示原始请求到达的服务器链的方法。 这提供了一种机制,使服务器充当发起者发出的请求的“委托”。 这种方法使用PKI结构,并且依赖于公共 - 私人密钥数字签名来验证“授权”信息的有效性。 这里描述的方法允许发起者对其联系的服务器以及代表其联系的服务器代表其身份可以使用的程度进行一些控制。 整个“代理链”包含在构造中,允许检查请求在获得服务所请求的服务器上所采用的“路径”。

    Transactional name service
    10.
    发明授权
    Transactional name service 有权
    交易名称服务

    公开(公告)号:US06553384B1

    公开(公告)日:2003-04-22

    申请号:US09333058

    申请日:1999-06-14

    申请人: Jeffrey A. Frey David A. Booz Timothy J. Hahn Theodore R. Maeurer

    发明人: Jeffrey A. Frey David A. Booz Timothy J. Hahn Theodore R. Maeurer

    IPC分类号: G06F1700

    CPC分类号: G06F9/548 G06F2209/462 H04L29/12009 H04L29/12783 H04L61/35 H04L67/1002 H04L67/1008 Y10S707/99944

    摘要: A transactional name server. One or more objects of the name server are managed as transactional objects, thereby providing a transactional name server. Atomic updates are provided in the name server by the addition of transactional semantics. The transactional semantics include making the objects of the name space managed objects and providing a local interface to a directory service that propagates a transactional context from the name server through a directory down to a resource manager.

    摘要翻译: 事务名称服务器。 名称服务器的一个或多个对象作为事务对象进行管理,从而提供事务名称服务器。 原子更新通过添加事务语义在名称服务器中提供。 事务语义包括使名称空间的对象管理对象,并向目录服务提供本地接口,该目录服务将事务上下文从名称服务器通过目录下载到资源管理器。