公开(公告)号：US20050204051A1

公开(公告)日：2005-09-15

申请号：US10801999

申请日：2004-03-15

申请人： Donald Box ,  Christopher Kaler ,  David Langworthy ,  Steven Lucco ,  John Shewchuk ,  Luis Cabrera ,  Craig Critchley ,  Geary Eppley ,  Bradford Lovering ,  Jeffrey Schlimmer ,  David Wortendyke ,  Henrik Nielsen

发明人： Donald Box ,  Christopher Kaler ,  David Langworthy ,  Steven Lucco ,  John Shewchuk ,  Luis Cabrera ,  Craig Critchley ,  Geary Eppley ,  Bradford Lovering ,  Jeffrey Schlimmer ,  David Wortendyke ,  Henrik Nielsen

IPC分类号： H04M1/64

CPC分类号： G06F9/546 ,  H04L51/066 ,  H04L67/02 ,  H04M1/22

摘要： Systems and methods for open content model Web service messaging in a networked computing environment are described. In one aspect, a transport neutral message is generated that includes message recipient, endpoint addressing information, and one or more reference properties. The reference properties include selectively opaque message context. The transport neutral message is bound to a transport protocol for communication to the message recipient. At least a portion of the selectively opaque message context is. not directed to the message recipient.

摘要翻译： 描述了用于开放内容的系统和方法在网络计算环境中的Web服务消息传递。 在一个方面，生成包括消息接收者，端点寻址信息和一个或多个参考属性的传输中性消息。 引用属性包括选择性地不透明的消息上下文。 传输中性消息被绑定到用于与消息接收者通信的传输协议。 选择性地不透明的消息上下文的至少一部分是。 没有指向消息收件人。

公开(公告)号：US20050177602A1

公开(公告)日：2005-08-11

申请号：US11097355

申请日：2005-04-04

申请人： Christopher Kaler ,  John Shewchuk ,  David Langworthy ,  Donald Box

发明人： Christopher Kaler ,  John Shewchuk ,  David Langworthy ,  Donald Box

IPC分类号： H04L12/56 ,  H04L29/06 ,  H04L29/08 ,  G06F7/00

CPC分类号： H04L45/34 ,  H04L45/566 ,  H04L63/02 ,  H04L63/04 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/0823 ,  H04L63/102 ,  H04L63/104 ,  H04L63/108 ,  H04L63/123 ,  H04L63/126 ,  H04L67/02 ,  H04L2463/101 ,  Y10S707/99942 ,  Y10S707/99943

摘要： Methods, systems, and data structures for communicating object metadata are provided. A generic metadata container is presented that allows object metadata to be described in an extensible manner using protocol-neutral and platform-independent methodologies. A metadata scope refers to a dynamic universe of targets to which the included metadata statements correspond. Metadata properties provide a mechanism to describe the metadata itself, and metadata security can be used to ensure authentic metadata is sent and received. Mechanisms are also provided to allow refinement and replacement of metadata statements. Communication of metadata is expedited using hash digests to confirm metadata versions, and by piggybacking policy metadata requests and responses on other substantive data communication messages, thereby dynamically altering future communications.

摘要翻译： 提供了传达对象元数据的方法，系统和数据结构。 提出了一个通用的元数据容器，允许使用协议中立和平台无关的方法以可扩展的方式描述对象元数据。 元数据范围是指所包含的元数据语句对应的目标的动态范围。 元数据属性提供了一种描述元数据本身的机制，并且可以使用元数据安全性来确保发送和接收真实的元数据。 还提供了机制来允许细化和替换元数据语句。 通过使用散列摘要来确认元数据版本，并通过捎带政策元数据请求和对其他实质性数据通信消息的响应来加速元数据的通信，从而动态地改变将来的通信。

公开(公告)号：US20060047947A1

公开(公告)日：2006-03-02

申请号：US11249410

申请日：2005-10-14

申请人： David Langworthy ,  Christopher Kaler ,  Luis Cabrera ,  Patrick Helland ,  Steven Lucco ,  John Shewchuk

发明人： David Langworthy ,  Christopher Kaler ,  Luis Cabrera ,  Patrick Helland ,  Steven Lucco ,  John Shewchuk

IPC分类号： H04L9/00

CPC分类号： H04L69/16 ,  H04L67/02 ,  H04L69/162 ,  H04L69/163

摘要： Reliable end-to-end messaging in which tracking and acknowledgement information are contained in the electronic message that is visible to layers above the transport layer, thereby being independent of what transport protocols, and whether different transport protocols, are used to communicate between the two end points. Furthermore, acknowledgment messages may identify multiple ranges of sequence numbers corresponding to received electronic messages, thereby permitting further flexibility and completeness in acknowledging received messages.

公开(公告)号：US20070130478A1

公开(公告)日：2007-06-07

申请号：US11548266

申请日：2006-10-10

申请人： David Langworthy ,  Christopher Kaler ,  Luis Cabrera ,  Patrick Helland ,  Steven Lucco ,  John Shewchuk

发明人： David Langworthy ,  Christopher Kaler ,  Luis Cabrera ,  Patrick Helland ,  Steven Lucco ,  John Shewchuk

IPC分类号： H04L9/00 ,  G06F12/14

CPC分类号： H04L69/16 ,  H04L67/02 ,  H04L69/162 ,  H04L69/163

摘要： Reliable end-to-end messaging in which tracking and acknowledgement information are contained in the electronic message that is visible to layers above the transport layer, thereby being independent of what transport protocols, and whether different transport protocols, are used to comununicate between the two end points. Furthermore, acknowledgment messages may identify multiple ranges of sequence numbers corresponding to received electronic messages, thereby permitting further flexibility and completeness in acknowledging received messages.

摘要翻译： 可靠的端到端消息传递，其中跟踪和确认信息包含在电子消息中，对于传输层之上的层可见，从而独立于什么传输协议以及是否使用不同的传输协议来在两者之间进行通信 终点 此外，确认消息可以标识与所接收的电子消息相对应的多个序列号范围，从而允许在确认所接收的消息时进一步的灵活性和完整性。

公开(公告)号：US20060253700A1

公开(公告)日：2006-11-09

申请号：US11254545

申请日：2005-10-20

申请人： Giovanni Della-Libera ,  Christopher Kaler ,  Scott Konersmann ,  Butler Lampson ,  Paul Leach ,  Bradford Lovering ,  Steven Lucco ,  Stephen Millet ,  Richard Rashid ,  John Shewchuk

发明人： Giovanni Della-Libera ,  Christopher Kaler ,  Scott Konersmann ,  Butler Lampson ,  Paul Leach ,  Bradford Lovering ,  Steven Lucco ,  Stephen Millet ,  Richard Rashid ,  John Shewchuk

IPC分类号： H04L9/00 ,  G06F12/14 ,  H04L9/32 ,  G06F11/30

CPC分类号： H04L63/08 ,  G06Q20/3676 ,  H04L63/10 ,  H04L63/168 ,  H04L63/20 ,  H04L67/02 ,  H04L67/28 ,  H04L67/2804 ,  H04L67/2823

摘要： A distributed security system is provided. The distributed security system uses a security policy that is written in a policy language that is transport and security protocol independent as well as independent of cryptographic technologies. This security policy can be expressed using the language to create different security components allowing for greater scalability and flexibility. By abstracting underlying protocols and technologies, multiple environments and platforms can be supported.

公开(公告)号：US20070150741A1

公开(公告)日：2007-06-28

申请号：US11299463

申请日：2005-12-12

申请人： Christopher Kaler ,  John Shewchuk

发明人： Christopher Kaler ,  John Shewchuk

IPC分类号： H04L9/00

CPC分类号： H04L63/123 ,  G06F21/445

摘要： A method of securing communications between an application that includes a macro and a Web Service. The method includes an act of, at the macro, generating a request for data. The request for data comprises generating commands for retrieving data, generating security information, and embedding the commands for retrieving data and the security information in a request. The request for data is sent to the Web Service. The requested data is received from the Web Service if the security information provides appropriate authorization to receive the requested data.

摘要翻译： 一种确保包含宏和Web服务的应用程序之间通信的方法。 该方法包括在宏处产生数据请求的动作。 数据请求包括生成用于检索数据的命令，生成安全信息，以及在请求中嵌入用于检索数据和安全信息的命令。 数据请求被发送到Web服务。 如果安全信息提供适当的授权以接收所请求的数据，则从Web服务接收所请求的数据。

公开(公告)号：US20050235150A1

公开(公告)日：2005-10-20

申请号：US10827082

申请日：2004-04-19

申请人： Christopher Kaler ,  John Shewchuk ,  Bradford Lovering ,  Daniel Simon

发明人： Christopher Kaler ,  John Shewchuk ,  Bradford Lovering ,  Daniel Simon

IPC分类号： G06F21/00 ,  H04L9/00 ,  H04L29/06

CPC分类号： H04L63/0869 ,  G06F21/31 ,  G06F2221/2103

摘要： The present invention extends to validating measurable aspects of computing system. A provider causes a challenge to be issued to the requester, the challenge requesting proof that the requester is appropriately configured to access the resource. The requester accesses information that indicates how the requester is to prove an appropriate configuration for accessing the resource. The requester formulates and sends proof that one or more measurable aspects of the requester's configuration are appropriate. The provider receives proof that one or more measurable aspects of the requester's configuration are appropriate and authorizes the requester to access the resource. Proof of one more measurable aspects of a requester can be used along with other types of authentication to authorize a requester to access a resource of a provider. Solutions to challenges can be pre-computed and stored in a location accessible to a provider.

摘要翻译： 本发明扩展到验证计算系统的可测量方面。 提供者会向请求者发出一个挑战，质询请求证明请求者被正确地配置为访问资源。 请求者访问指示请求者如何证明访问资源的适当配置的信息。 请求者制定并发送证据，证明请求者配置的一个或多个可衡量的方面是适当的。 提供者收到证据，证明请求者配置的一个或多个可衡量的方面是适当的，并授权请求者访问该资源。 请求者的一个可衡量方面的证明可以与其他类型的认证一起使用，以授权请求者访问提供商的资源。 挑战的解决方案可以预先计算并存储在供应商可访问的位置。

公开(公告)号：US20060041743A1

公开(公告)日：2006-02-23

申请号：US11254264

申请日：2005-10-20

申请人： Giovanni Della-Libera ,  Christopher Kaler ,  Scott Konersmann ,  Butler Lampson ,  Paul Leach ,  Bradford Lovering ,  Steven Lucco ,  Stephen Millet ,  Richard Rashid ,  John Shewchuk

发明人： Giovanni Della-Libera ,  Christopher Kaler ,  Scott Konersmann ,  Butler Lampson ,  Paul Leach ,  Bradford Lovering ,  Steven Lucco ,  Stephen Millet ,  Richard Rashid ,  John Shewchuk

IPC分类号： H04L9/00

CPC分类号： H04L63/08 ,  G06Q20/3676 ,  H04L63/10 ,  H04L63/168 ,  H04L63/20 ,  H04L67/02 ,  H04L67/28 ,  H04L67/2804 ,  H04L67/2823

摘要： A distributed security system is provided. The distributed security system uses a security policy that is written in a policy language that is transport and security protocol independent as well as independent of cryptographic technologies. This security policy can be expressed using the language to create different security components allowing for greater scalability and flexibility. By abstracting underlying protocols and technologies, multiple environments and platforms can be supported.

公开(公告)号：US20060253699A1

公开(公告)日：2006-11-09

申请号：US11254539

申请日：2005-10-20

申请人： Giovanni Della-Libera ,  Christopher Kaler ,  Scott Konersmann ,  Butler Lampson ,  Paul Leach ,  Bradford Lovering ,  Steven Lucco ,  Stephen Millet ,  Richard Rashid ,  John Shewchuk

发明人： Giovanni Della-Libera ,  Christopher Kaler ,  Scott Konersmann ,  Butler Lampson ,  Paul Leach ,  Bradford Lovering ,  Steven Lucco ,  Stephen Millet ,  Richard Rashid ,  John Shewchuk

IPC分类号： H04L9/00 ,  G06F12/14 ,  H04L9/32 ,  G06F11/30

CPC分类号： H04L63/08 ,  G06Q20/3676 ,  H04L63/10 ,  H04L63/168 ,  H04L63/20 ,  H04L67/02 ,  H04L67/28 ,  H04L67/2804 ,  H04L67/2823

摘要： A distributed security system is provided. The distributed security system uses a security policy that is written in a policy language that is transport and security protocol independent as well as independent of cryptographic technologies. This security policy can be expressed using the language to create different security components allowing for greater scalability and flexibility. By abstracting underlying protocols and technologies, multiple environments and platforms can be supported.

公开(公告)号：US20060041929A1

公开(公告)日：2006-02-23

申请号：US11254519

申请日：2005-10-20

申请人： Giovanni Della-Libera ,  Christopher Kaler ,  Scott Konersmann ,  Butler Lampson ,  Paul Leach ,  Bradford Lovering ,  Steven Lucco ,  Stephen Millet ,  Richard Rashid ,  John Shewchuk

发明人： Giovanni Della-Libera ,  Christopher Kaler ,  Scott Konersmann ,  Butler Lampson ,  Paul Leach ,  Bradford Lovering ,  Steven Lucco ,  Stephen Millet ,  Richard Rashid ,  John Shewchuk

IPC分类号： H04L9/00

CPC分类号： H04L63/08 ,  G06Q20/3676 ,  H04L63/10 ,  H04L63/168 ,  H04L63/20 ,  H04L67/02 ,  H04L67/28 ,  H04L67/2804 ,  H04L67/2823

摘要： A distributed security system is provided. The distributed security system uses a security policy that is written in a policy language that is transport and security protocol independent as well as independent of cryptographic technologies. This security policy can be expressed using the language to create different security components allowing for greater scalability and flexibility. By abstracting underlying protocols and technologies, multiple environments and platforms can be supported.