Call signs
    1.
    发明申请
    Call signs 失效
    呼号

    公开(公告)号:US20060005013A1

    公开(公告)日:2006-01-05

    申请号:US10882079

    申请日:2004-06-30

    IPC分类号: H04L9/00

    摘要: A method of generating a call sign. A method of generating a call sign comprising determining a distinguished qualifier, finding a distinguished salt, and hashing the distinguished salt with the distinguished qualifier.

    摘要翻译: 一种生成呼号的方法。 一种产生呼号的方法,包括:确定一个不同的限定符,找到一个不同的盐,以及用该区别的限定符散列不同的盐。

    Endpoint Verification Using Call Signs
    3.
    发明申请
    Endpoint Verification Using Call Signs 审中-公开
    端点验证使用呼叫标志

    公开(公告)号:US20070220134A1

    公开(公告)日:2007-09-20

    申请号:US11276798

    申请日:2006-03-15

    IPC分类号: G06F15/173

    摘要: A computer system is configured to verify a connection to a web site. The computer system includes a user interface programmed to receive a uniform resource locator and a call sign associated with the web site. The computer system also includes a validator module programmed to calculate a hash value based on the uniform resource locator, a public key associated with the web site, and a salt, and the validator being programmed to compare the hash value to the call sign to verify the connection to the web site.

    摘要翻译: 计算机系统被配置为验证到网站的连接。 计算机系统包括被编程为接收统一资源定位符的用户界面和与该网站相关联的呼号。 该计算机系统还包括一个验证器模块,该验证器模块被编程为基于统一资源定位器计算散列值,与该网站相关联的公共密钥和一个盐,并且该验证器被编程为将散列值与呼号进行比较以验证 与网站的连接。

    Digitally signing documents using identity context information
    4.
    发明授权
    Digitally signing documents using identity context information 有权
    使用身份上下文信息数字签名文档

    公开(公告)号:US08479006B2

    公开(公告)日:2013-07-02

    申请号:US12143392

    申请日:2008-06-20

    IPC分类号: H04L9/32

    摘要: Creating a token for use by an entity when digitally signing documents. In a computing environment, a digital identity representation for an entity is accessed. The digital identity representation includes information identifying identity attributes about the entity and capabilities of an identity provider that provides tokens for use by the entity. Context information is accessed. The context information includes information about one or more of which, how or where the attributes for the entity identified in the digital identity representation will be used. A security token is created from the information in the digital identity representation and the context information. The security token makes assertions by the identity provider. The assertions are based on the information in the digital identity representation. The token further includes information related to at least a portion of the context information.

    摘要翻译: 创建一个令牌供实体在数字签署文档时使用。 在计算环境中,访问实体的数字身份表示。 数字身份表示包括识别关于实体的身份属性的信息以及提供令牌以供实体使用的身份提供者的能力。 访问上下文信息。 上下文信息包括关于在数字身份表示中识别的实体的属性的一个或多个,如何或何处被使用的信息。 根据数字身份表示和上下文信息中的信息创建安全令牌。 安全令牌由身份提供者进行断言。 断言是基于数字身份表示中的信息。 令牌还包括与上下文信息的至少一部分相关的信息。

    Method and system for identity recognition
    5.
    发明授权
    Method and system for identity recognition 有权
    身份识别的方法和系统

    公开(公告)号:US07822988B2

    公开(公告)日:2010-10-26

    申请号:US10693172

    申请日:2003-10-23

    IPC分类号: H04L9/32

    摘要: In accordance with various aspects, the present invention relates to methods and systems for sending an identity information document comprising selecting identity information from a self-identity information store for inclusion in the identity information document. The selected identity information is read from a self-identity information store. The identity information document is generated to include the selected identity information and one or more keys, and signed using a key associated with one of the keys included in the identity information document. The identity information document is then sent to a recipient. Receiving an identity information document comprises receiving a signed identity information document from an originator. A determination is made as to whether identity information in the identity information document is reliable. The identity information is saved in a recognized identity information store if the identity information is determined to be reliable. If the identity information is determined to be unreliable, an identity recognition number retrieved from the sender is compared to an identity recognition number generated by the recipient based on information in the received identity information document. If the identity recognition number is verified, the identity information is saved in the recognized identity information store.

    摘要翻译: 根据各方面,本发明涉及用于发送身份信息文档的方法和系统,包括从自身身份信息存储中选择身份信息以包括在身份信息文档中。 所选择的身份信息从自身身份信息存储器读取。 生成身份信息文档以包括所选择的身份信息和一个或多个密钥,并且使用与包括在身份信息文档中的密钥之一相关联的密钥进行签名。 然后将身份信息文档发送给收件人。 接收身份信息文档包括从发起者接收签名的身份信息文档。 确定身份信息文档中的身份信息是否可靠。 如果身份信息被确定为可靠,则身份信息被保存在识别的身份信息存储器中。 如果身份信息被确定为不可靠,则根据接收到的身份信息文档中的信息,将从发送者检索到的身份识别号码与由接收者产生的身份识别号码进行比较。 如果身份识别号码被验证,身份信息被保存在识别的身份信息存储中。

    Security tokens including displayable claims
    6.
    发明授权
    Security tokens including displayable claims 有权
    安全令牌,包括可显示的索赔

    公开(公告)号:US07788499B2

    公开(公告)日:2010-08-31

    申请号:US11312920

    申请日:2005-12-19

    IPC分类号: G06F21/00

    摘要: A system for providing a digital identity includes a claims transformer programmed to generate a security token including a computational token and a display token, the computational token including one or more claims associated with an identity of a principal, and the display token including display information about the claims in the computational token. The display information is configured to allow the principal to view the display token.

    摘要翻译: 一种用于提供数字身份的系统包括被编程为生成包括计算令牌和显示令牌的安全令牌的声明变换器,所述计算令牌包括与主体的身份相关联的一个或多个权利要求,并且所述显示令牌包括关于 计算令牌中的声明。 显示信息被配置为允许主体查看显示令牌。

    PASSIVE SECURITY ENFORCEMENT
    7.
    发明申请
    PASSIVE SECURITY ENFORCEMENT 有权
    被动安全执行

    公开(公告)号:US20100192209A1

    公开(公告)日:2010-07-29

    申请号:US12359220

    申请日:2009-01-23

    IPC分类号: H04L9/32 G06F21/00

    摘要: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.

    摘要翻译: 技术被描述为能够在计算系统上实现被动执行安全性。 计算系统的组件可以基于用户与计算系统的交互作用的观察来被动地认证或授权用户。 该技术可以根据观察结果增加或减少认证或授权级别。 该级别可以指示应该授予用户的访问级别。 当用户或计算设备的组件启动请求时,应用或服务可以确定该级别是否足以满足该请求。 如果级别不足,则应用程序或服务可以提示用户凭据,以便用户被主动认证。 该技术可以使计算系统“信任”认证,使得两个邻近的设备可以共享认证级别。

    Identity Tokens Using Biometric Representations
    8.
    发明申请
    Identity Tokens Using Biometric Representations 审中-公开
    身份令牌使用生物特征表示

    公开(公告)号:US20080289020A1

    公开(公告)日:2008-11-20

    申请号:US11749020

    申请日:2007-05-15

    IPC分类号: H04L9/32

    摘要: An identity system and method uses biometric representation(s) in identity tokens. When a principal requests access to a relying party, the relying party may request an identity token containing a first claim about the principal and a biometric representation of the principal. An identity provider may then create the identity token, including a digital signature. The relying party may receive the identity token through a first channel and decode it. The relying party may also receive and use biometric information about the principal received through a second channel to verify the validity of the first claim at least in part through comparison of the biometric representation to the biometric information.

    摘要翻译: 身份系统和方法使用身份令牌中的生物特征表示。 当委托人请求访问依赖方时,依赖方可以请求包含关于主体的第一个声明的身份令牌和主体的生物特征表示。 身份提供者然后可以创建身份令牌,包括数字签名。 依赖方可以通过第一个通道接收身份令牌并对其进行解码。 依赖方还可以接收和使用通过第二信道接收到的主体的生物特征信息,至少部分地通过生物特征表示与生物特征信息的比较来验证第一权利要求的有效性。

    Workflow management based on an integrated view of resource identity
    10.
    发明授权
    Workflow management based on an integrated view of resource identity 有权
    基于资源身份的综合视图的工作流管理

    公开(公告)号:US07389335B2

    公开(公告)日:2008-06-17

    申请号:US09995004

    申请日:2001-11-26

    IPC分类号: G06F15/173

    CPC分类号: G06Q10/10

    摘要: The described arrangements and procedures use a directory, with its integrated view of resource identity across a distributed system to dynamically execute and manage workflow solutions responsive to changes in the directory. Specifically, a state change to an object in a directory is detected. Responsive to detecting the state change, the state change is mapped to a corresponding workflow, which includes sequences of tasks. The identified sequences of tasks are then executed to achieve a desired state in the directory. The desired state is based on the detected state change.

    摘要翻译: 所描述的安排和过程使用一个目录,并在分布式系统中集成了资源标识视图,以便根据目录的变化来动态地执行和管理工作流程解决方案。 具体地,检测到对目录中的对象的状态改变。 响应于检测状态变化,状态变化被映射到相应的工作流,其中包括任务序列。 然后执行所识别的任务序列以在目录中实现期望的状态。 所需状态基于检测到的状态变化。