公开(公告)号：US07356836B2

公开(公告)日：2008-04-08

申请号：US10186014

申请日：2002-06-28

申请人： Craig Adam Beilinson ,  Raymond J. Chen ,  Ramkumar Ramasubramanian ,  Dennis L. Davis ,  Christopher A. Evans ,  Eric R. Flo ,  Sterling M. Reasor

发明人： Craig Adam Beilinson ,  Raymond J. Chen ,  Ramkumar Ramasubramanian ,  Dennis L. Davis ,  Christopher A. Evans ,  Eric R. Flo ,  Sterling M. Reasor

IPC分类号： G06F21/00 ,  G06F15/16

CPC分类号： G06F21/604

摘要： This invention is directed to provide a method for enabling an administrator to monitor and selectively limit the computer functions available to a user. The method is carried out on a personal computer by an administrator, and administrator decisions can be enforced on other personal computers in a local network. The invention enables an administrator to restrict a user's logon hours, logon duration, access to computer functions, and access to applications based on content rating. In addition, the administrator may temporarily restrict or extend normally allowed access privileges. The invention also allows for the monitoring, auditing, and reporting of a user's computer function usage to an administrator.

摘要翻译： 本发明旨在提供一种使管理员能够监视和选择性地限制用户可用的计算机功能的方法。 该方法由管理员在个人计算机上执行，并且可以在本地网络中的其他个人计算机上实施管理员决定。 本发明使管理员能够限制用户的登录时间，登录持续时间，访问计算机功能以及基于内容分级访问应用程序。 此外，管理员可以临时限制或扩展正常允许的访问权限。 本发明还允许对用户的计算机功能使用的监视，审计和报告给管理员。

公开(公告)号：US07818789B2

公开(公告)日：2010-10-19

申请号：US12019438

申请日：2008-01-24

申请人： Craig Adam Beilinson ,  Raymond J. Chen ,  Ramkumar Ramasubramanian ,  Dennis L. Davis ,  Christopher A. Evans ,  Eric R. Flo ,  Sterling M. Reasor

发明人： Craig Adam Beilinson ,  Raymond J. Chen ,  Ramkumar Ramasubramanian ,  Dennis L. Davis ,  Christopher A. Evans ,  Eric R. Flo ,  Sterling M. Reasor

IPC分类号： G06F21/00 ,  G06F15/16

CPC分类号： G06F21/604

摘要： This invention is directed to provide a method for enabling an administrator to monitor and selectively limit the computer functions available to a user. The method is carried out on a personal computer by an administrator, and administrator decisions can be enforced on other personal computers in a local network. The invention enables an administrator to restrict a user's logon hours, logon duration, access to computer functions, and access to applications based on content rating. In addition, the administrator may temporarily restrict or extend normally allowed access privileges. The invention also allows for the monitoring, auditing, and reporting of a user's computer function usage to an administrator.

摘要翻译： 本发明旨在提供一种使管理员能够监视和选择性地限制用户可用的计算机功能的方法。 该方法由管理员在个人计算机上执行，并且可以在本地网络中的其他个人计算机上执行管理员决定。 本发明使管理员能够限制用户的登录时间，登录持续时间，访问计算机功能以及基于内容分级访问应用程序。 此外，管理员可以临时限制或扩展正常允许的访问权限。 本发明还允许对用户的计算机功能使用的监视，审计和报告给管理员。

公开(公告)号：US07797735B2

公开(公告)日：2010-09-14

申请号：US12037729

申请日：2008-02-26

申请人： Craig Adam Beilinson ,  Raymond J. Chen ,  Ramkumar Ramasubramanian ,  Dennis L. Davis ,  Christopher A. Evans ,  Eric R. Flo ,  Sterling M. Reasor

发明人： Craig Adam Beilinson ,  Raymond J. Chen ,  Ramkumar Ramasubramanian ,  Dennis L. Davis ,  Christopher A. Evans ,  Eric R. Flo ,  Sterling M. Reasor

IPC分类号： G06F21/00 ,  G06F15/16

CPC分类号： G06F21/604

摘要： This invention is directed to provide a method for enabling an administrator to monitor and selectively limit the computer functions available to a user. The method is carried out on a personal computer by an administrator, and administrator decisions can be enforced on other personal computers in a local network. The invention enables an administrator to restrict a user's logon hours, logon duration, access to computer functions, and access to applications based on content rating. In addition, the administrator may temporarily restrict or extend normally allowed access privileges. The invention also allows for the monitoring, auditing, and reporting of a user's computer function usage to an administrator.

公开(公告)号：US08230485B2

公开(公告)日：2012-07-24

申请号：US10941559

申请日：2004-09-15

申请人： Sterling M. Reasor ,  Ramesh Chinta ,  Paul J. Leach ,  John E. Brezak ,  Eric R. Flo

发明人： Sterling M. Reasor ,  Ramesh Chinta ,  Paul J. Leach ,  John E. Brezak ,  Eric R. Flo

IPC分类号： G06F7/04

CPC分类号： H04L63/0272 ,  G06F21/31 ,  G06F21/41 ,  G06F21/57 ,  G06F21/6218 ,  G06F2221/2141 ,  G06F2221/2149 ,  H04L63/0815

摘要： A system and method for controlling access to a computer provides for loose security within a local network while retaining strong security against external access to the network. In one embodiment, a user has access to trusted nodes in a secured group within an unmanaged network, without being required to choose, enter and remember a login password. To establish such a secure blank password or one-click logon account for the user on a computer, a strong random password is generated and stored, and the account is designated as a blank password account. If the device is part of a secured network group, the strong random password is replicated to the other trusted nodes. When a user with a blank password account wishes to log in to a computer, the stored strong random password is retrieved and the user is authenticated.

摘要翻译： 用于控制对计算机的访问的系统和方法提供本地网络中的松散安全性，同时保持对网络的外部访问的强大的安全性。 在一个实施例中，用户可以访问非托管网络内的安全组中的可信节点，而不需要选择，输入和记住登录密码。 要在计算机上为用户建立一个安全的空白密码或一键登录帐户，将生成并存储一个强大的随机密码，并将该帐户指定为空白密码帐户。 如果设备是安全网络组的一部分，则强大的随机密码将复制到其他可信节点。 当具有空白密码帐户的用户希望登录到计算机时，检索所存储的强随机密码，并对用户进行认证。

公开(公告)号：US07823071B2

公开(公告)日：2010-10-26

申请号：US10783382

申请日：2004-02-20

申请人： David A. Matthews ,  Kanwal VedBrat ,  Hillel N. Cooperman ,  Sterling M. Reasor ,  Charles Cummins ,  J. Craig Hally ,  Mark R. Ligameri ,  Timothy P. McKee ,  Giampiero M. Sierra ,  Timothy D. Noonan ,  Eric R. Flo ,  Charles W. Stabb

发明人： David A. Matthews ,  Kanwal VedBrat ,  Hillel N. Cooperman ,  Sterling M. Reasor ,  Charles Cummins ,  J. Craig Hally ,  Mark R. Ligameri ,  Timothy P. McKee ,  Giampiero M. Sierra ,  Timothy D. Noonan ,  Eric R. Flo ,  Charles W. Stabb

IPC分类号： G06F3/00

CPC分类号： G06F3/0481

摘要： In an implementation of user interface start page, the start page includes a user-identifiable indicator associated with a user of a computing system to indicate that the user is logged-on to the computing system. The user interface start page also includes user-selectable controls from one or more regions of a user interface desktop page which is displayed after a transition from the user interface start page to the user interface desktop page. Each of the user-selectable controls on the user interface start page initiate a display of information associated with the user when selected.

摘要翻译： 在用户界面起始页面的实现中，起始页面包括与计算系统的用户相关联的用户可识别的指示符，以指示用户登录到计算系统。 用户界面起始页还包括用户界面桌面页面的一个或多个区域的用户可选择的控件，该页面在从用户界面起始页面转换到用户界面桌面页面之后显示。 用户界面起始页面上的每个用户可选择的控件在选择时启动与用户相关联的信息的显示。

公开(公告)号：US07966572B2

公开(公告)日：2011-06-21

申请号：US10783380

申请日：2004-02-20

申请人： David A. Matthews ,  Kanwal VedBrat ,  Hillel N. Cooperman ,  Sterling M. Reasor ,  Charles Cummins ,  J. Craig Hally ,  Mark R. Ligameri ,  Timothy P. McKee ,  Giampiero M. Sierra ,  Timothy D. Noonan ,  Eric R. Flo ,  Charles W. Stabb

发明人： David A. Matthews ,  Kanwal VedBrat ,  Hillel N. Cooperman ,  Sterling M. Reasor ,  Charles Cummins ,  J. Craig Hally ,  Mark R. Ligameri ,  Timothy P. McKee ,  Giampiero M. Sierra ,  Timothy D. Noonan ,  Eric R. Flo ,  Charles W. Stabb

IPC分类号： G06F3/00

CPC分类号： G06F9/451

摘要： In an implementation of user interface transition, a user interface logon page is displayed with selectable logon controls that each have a corresponding user-identifiable indicator. A transition from the user interface logon page to a user interface desktop page is initiated in response to a selectable logon control being selected. The transition displays the user-identifiable indicator corresponding to the selectable logon control uninterrupted throughout the transition, and the user-identifiable indicator corresponding to the selectable logon control is displayed on the user interface desktop page.

摘要翻译： 在用户界面转换的实现中，显示用户界面登录页面，其中可选择的登录控件各自具有相应的用户可识别的指示符。 响应于所选择的可选登录控制，启动从用户界面登录页面到用户界面桌面页面的转换。 该转换在整个转换期间显示对应于可选择登录控制的用户可识别指示符，并且在用户界面桌面页面上显示与可选登录控制对应的用户可识别指示符。

公开(公告)号：US07810143B2

公开(公告)日：2010-10-05

申请号：US11112844

申请日：2005-04-22

申请人： David M. Ruzyski ,  James H. Hong ,  Brian K. McNeil ,  Chris J. Guzak ,  Brian D. Wentz ,  Klaus U. Schutz ,  Stefan Richards ,  Eric C. Perlin ,  Cristian Ilac ,  Sterling M. Reasor ,  Eric R. Flo ,  John Stephens ,  Benjamin A. Hutz

发明人： David M. Ruzyski ,  James H. Hong ,  Brian K. McNeil ,  Chris J. Guzak ,  Brian D. Wentz ,  Klaus U. Schutz ,  Stefan Richards ,  Eric C. Perlin ,  Cristian Ilac ,  Sterling M. Reasor ,  Eric R. Flo ,  John Stephens ,  Benjamin A. Hutz

IPC分类号： G06F7/04 ,  G06F15/16 ,  G06F17/30 ,  H04L29/06

CPC分类号： H04L63/0861 ,  G06F9/451 ,  G06F21/31

摘要： Systems and/or methods are described that enable a credential interface. These systems and/or methods may build a credential user interface enabling a user to choose between multiple credentials and submit an authenticator for a chosen credential. These systems and/or methods may also gather information about arbitrary credentials and build a user interface for submission of authenticators for these arbitrary credentials.

摘要翻译： 描述启用凭证接口的系统和/或方法。 这些系统和/或方法可以构建凭证用户界面，使得用户能够在多个凭证之间进行选择，并提交所选证书的认证者。 这些系统和/或方法还可以收集关于任意凭证的信息，并构建用于为这些任意凭证提交认证者的用户界面。

公开(公告)号：US07743022B2

公开(公告)日：2010-06-22

申请号：US10376430

申请日：2003-02-28

申请人： Shaun A. Kaasten ,  Jason F. Moore ,  Balan Sethu Raman ,  Chris J. Guzak ,  David A. Orbits ,  Sudarshan A. Chitre ,  Eric R. Flo ,  Jeffrey M. Saathoff

发明人： Shaun A. Kaasten ,  Jason F. Moore ,  Balan Sethu Raman ,  Chris J. Guzak ,  David A. Orbits ,  Sudarshan A. Chitre ,  Eric R. Flo ,  Jeffrey M. Saathoff

IPC分类号： G06F17/30

CPC分类号： G06F17/30176

摘要： Disclosed is a data synchronization service for use in a peer-to-peer computing environment. Selected data objects are copied onto selected computing devices. A service running on each device monitors data objects for changes. When a change is detected, the service sends a change notification to the other devices so that they can update their copies of the data object. A user can access a data object from any device, knowing that he will retrieve the latest version of the data object. Instead of incurring the costs of storing a large file on every device, a user “ghosts” the file on some devices. A ghosting device stores only metadata about the file rather than the entire file. The user accesses the file through the ghost: access requests are sent to a device that holds the actual contents, and those contents are presented to the user as if they were stored locally.

摘要翻译： 公开了一种用于对等计算环境的数据同步服务。 选定的数据对象被复制到选定的计算设备上。 每个设备上运行的服务会监视数据对象进行更改。 当检测到更改时，服务向其他设备发送更改通知，以便它们可以更新其数据对象的副本。 用户可以从任何设备访问数据对象，知道他将检索最新版本的数据对象。 用户在某些设备上“复制”文件，而不是在每个设备上存储大文件的费用。 重影设备仅存储有关文件的元数据，而不是整个文件。 用户通过ghost访问文件：访问请求被发送到保存实际内容的设备，并且这些内容被呈现给用户，就像它们被存储在本地一样。

公开(公告)号：US06950818B2

公开(公告)日：2005-09-27

申请号：US10254155

申请日：2002-09-24

申请人： Michael W. Dennis ,  Michele L. Freed ,  Daniel Plastina ,  Eric R. Flo ,  David E. Kays, Jr. ,  Robert E. Corrington

发明人： Michael W. Dennis ,  Michele L. Freed ,  Daniel Plastina ,  Eric R. Flo ,  David E. Kays, Jr. ,  Robert E. Corrington

IPC分类号： G06F21/00 ,  H04L29/06 ,  G06F17/30

CPC分类号： H04L63/102 ,  G06F21/10 ,  G06F21/604 ,  G06F21/62 ,  G06Q10/10 ,  H04L63/104 ,  Y10S707/99933 ,  Y10S707/99939 ,  Y10S707/99942 ,  Y10S707/99945 ,  Y10S707/99953

摘要： A method and system for implementing policy by accumulating policies for a policy recipient from policy objects associated with a hierarchically organized structure of containers, such as directory containers (sites, domains and organizational units) that includes the policy recipient. Based on administrator input, policy settings for the policy recipient may be accumulated into a specific order by inheriting policy from higher containers, which may enforce their policy settings over those of lower containers. Policy that is not enforced may be blocked at a container. The result is an accumulated set of group policy objects that are ordered by relative strength to resolve any policy conflicts. Policy may be applied to a policy recipient by calling extensions, such as an extension that layers the policy settings into the registry or an extension that uses policy information from the objects according to the ordering thereof.

摘要翻译： 通过从包含策略接收者的诸如目录容器（站点，域和组织单位）的层次结构的容器相关联的策略对象累积策略收件人的策略来实现策略的方法和系统。 基于管理员输入，策略收件人的策略设置可以通过继承来自较高容器的策略来累积到特定的顺序，这可能会对低级容器的策略设置执行策略设置。 未强制执行的策略可能会在容器中被阻止。 结果是通过相对强度排序的一组累积的组策略对象来解决任何策略冲突。 策略可以通过调用扩展来应用于策略接收者，例如将策略设置分层到注册表中的扩展或者根据其顺序使用来自对象的策略信息的扩展。

公开(公告)号：US06466932B1

公开(公告)日：2002-10-15

申请号：US09268455

申请日：1999-03-16

申请人： Michael W. Dennis ,  Michele L. Freed ,  Daniel Plastina ,  Eric R. Flo ,  David E. Kays, Jr. ,  Robert E. Corrington

发明人： Michael W. Dennis ,  Michele L. Freed ,  Daniel Plastina ,  Eric R. Flo ,  David E. Kays, Jr. ,  Robert E. Corrington

IPC分类号： G06F1730

CPC分类号： H04L63/102 ,  G06F21/10 ,  G06F21/604 ,  G06F21/62 ,  G06Q10/10 ,  H04L63/104 ,  Y10S707/99933 ,  Y10S707/99939 ,  Y10S707/99942 ,  Y10S707/99945 ,  Y10S707/99953

摘要： A method and system for implementing policy by accumulating policies for a policy recipient from policy objects associated with a hierarchically organized structure of containers, such as directory containers (sites, domains and organizational units) that includes the policy recipient. Based on administrator input, policy settings for the policy recipient may be accumulated into a specific order by inheriting policy from higher containers, which may enforce their policy settings over those of lower containers. Policy that is not enforced may be blocked at a container. The result is an accumulated set of group policy objects that are ordered by relative strength to resolve any policy conflicts. Policy may be applied to a policy recipient by calling extensions, such as an extension that layers the policy settings into the registry or an extension that uses policy information from the objects according to the ordering thereof. Linking of group policy objects to one or more containers (e.g., sites, domains and organizational units) is provided, as is exception management. The effects of group policy may be filtered based on users' or computers' membership in security groups.

摘要翻译： 通过从包含策略接收者的诸如目录容器（站点，域和组织单位）的层次结构的容器相关联的策略对象累积策略收件人的策略来实现策略的方法和系统。 基于管理员输入，策略收件人的策略设置可以通过继承来自较高容器的策略来累积到特定的顺序，这可能会对低级容器的策略设置执行策略设置。 未强制执行的策略可能会在容器中被阻止。 结果是通过相对强度排序的一组累积的组策略对象来解决任何策略冲突。 策略可以通过调用扩展来应用于策略接收者，例如将策略设置分层到注册表中的扩展或者根据其顺序使用来自对象的策略信息的扩展。 提供组策略对象与一个或多个容器（例如，站点，域和组织单元）的链接，异常管理也是如此。 组策略的效果可能会根据用户或计算机在安全组中的成员资格进行过滤。