公开(公告)号：US07940780B2

公开(公告)日：2011-05-10

申请号：US12205154

申请日：2008-09-05

申请人： Dan Yamamoto ,  Tadashi Kaji ,  Akifumi Yato ,  Takahiro Fujishiro ,  Shinichi Irube

发明人： Dan Yamamoto ,  Tadashi Kaji ,  Akifumi Yato ,  Takahiro Fujishiro ,  Shinichi Irube

IPC分类号： H04L12/56

CPC分类号： H04L63/061 ,  H04L65/1006 ,  H04L65/1069

摘要： A method and a system for speeding up session establishment are provided, wherein the time required to establish a session is reduced, even in the case where a session management server requires a large amount of time to process respective functions required for establishing the session (such as making a decision regarding whether to permit or deny provision of a service, or generating a session key).The session management server is provided with means for conducting, in parallel, processing to issue processing requests for respective functions required for establishing a session (such as making a decision regarding whether to permit or deny provision of a service, or generating a session key) and processing to forward a communication message transmitted by a communications device or another session management server attempting to establish a session.

摘要翻译： 提供了一种用于加速会话建立的方法和系统，其中即使在会话管理服务器需要大量时间来处理建立会话所需的各种功能的情况下，建立会话所需的时间被减少（例如 作为决定是否允许或拒绝提供服务，还是生成会话密钥）。 会话管理服务器被提供有用于并行处理以发出用于建立会话所需的相应功能的处理请求（例如作出关于是否允许或拒绝提供服务的决定或生成会话密钥）的装置， 以及处理以转发由通信设备或尝试建立会话的另一会话管理服务器发送的通信消息。

公开(公告)号：US20090067439A1

公开(公告)日：2009-03-12

申请号：US12205154

申请日：2008-09-05

申请人： Dan Yamamoto ,  Tadashi Kaji ,  Akifumi Yato ,  Takahiro Fujishiro ,  Shinichi Irube

发明人： Dan Yamamoto ,  Tadashi Kaji ,  Akifumi Yato ,  Takahiro Fujishiro ,  Shinichi Irube

IPC分类号： H04L12/56

CPC分类号： H04L63/061 ,  H04L65/1006 ,  H04L65/1069

摘要： A method and a system for speeding up session establishment are provided, wherein the time required to establish a session is reduced, even in the case where a session management server requires a large amount of time to process respective functions required for establishing the session (such as making a decision regarding whether to permit or deny provision of a service, or generating a session key).The session management server is provided with means for conducting, in parallel, processing to issue processing requests for respective functions required for establishing a session (such as making a decision regarding whether to permit or deny provision of a service, or generating a session key) and processing to forward a communication message transmitted by a communications device or another session management server attempting to establish a session.

摘要翻译： 提供了一种用于加速会话建立的方法和系统，其中即使在会话管理服务器需要大量时间来处理建立会话所需的各种功能的情况下，建立会话所需的时间被减少（例如 作为决定是否允许或拒绝提供服务，还是生成会话密钥）。 会话管理服务器被提供有用于并行处理以发出用于建立会话所需的相应功能的处理请求（例如作出关于是否允许或拒绝提供服务的决定或生成会话密钥）的装置， 以及处理以转发由通信设备或尝试建立会话的另一会话管理服务器发送的通信消息。

公开(公告)号：US20120198039A1

公开(公告)日：2012-08-02

申请号：US13201574

申请日：2010-02-15

申请人： Naoki Hayashi ,  Tadashi Kaji ,  Akifumi Yato ,  Dan Yamamoto ,  Shinichi Irube

发明人： Naoki Hayashi ,  Tadashi Kaji ,  Akifumi Yato ,  Dan Yamamoto ,  Shinichi Irube

IPC分类号： G06F15/173

CPC分类号： H04L67/02 ,  H04L29/12754 ,  H04L61/3085 ,  H04L67/1002 ,  H04L67/1014

摘要： A processing load on service is distributed to improve the availability of linkage service even if the details of the processing of the linkage service are unknown. A service dynamic linkage device (110) sequentially selects pieces of web service which can be executed on the basis of dependence relationship information having identified a web server which should have already been executed among pieces of web service included in a scenario, the execution of which has been requested from a user-side communication terminal (140), and repeatedly performs processing to be executed until there are no pieces of web service included in the scenario.

摘要翻译： 分配服务的处理负荷，以提高链接服务的可用性，即使链接服务的处理细节未知。 服务动态联动装置（110）依次选择可以基于已经在包含在场景中的多个web服务中已经执行的web服务器的依赖关系信息执行的web服务，其执行 已经从用户侧通信终端（140）请求，并且重复执行要执行的处理，直到在场景中没有包括web服务的片段。

公开(公告)号：US20090089866A1

公开(公告)日：2009-04-02

申请号：US12239058

申请日：2008-09-26

申请人： Akifumi Yato ,  Tadashi Kaji ,  Dan Yamamoto ,  Shinichi Irube ,  Naoki Hayashi

发明人： Akifumi Yato ,  Tadashi Kaji ,  Dan Yamamoto ,  Shinichi Irube ,  Naoki Hayashi

IPC分类号： H04L9/32 ,  G06F7/04 ,  G06F17/30

CPC分类号： H04L63/083 ,  G06F21/6218 ,  H04L29/12132 ,  H04L61/1552 ,  H04L63/102

摘要： An access authorization system is provided, which can reduce the user wait time until the provision of a user-requested service. The access authorization system of the present invention specifies the next service to be provided to a UT (a client-side communication device) after the service currently being provided to the UT, and then executes process to make an authorization decision in advance regarding the next service with respect to the user of the UT, before the UT requests the next service.

摘要翻译： 提供了访问授权系统，其可以减少用户等待时间，直到提供用户请求的服务。 本发明的访问授权系统在当前提供给UT的服务之后指定要提供给UT（客户端通信设备）的下一个服务，然后执行关于下一个的事先进行授权决定的处理 在UT请求下一个服务之前，对UT的用户进行服务。

公开(公告)号：US20100138899A1

公开(公告)日：2010-06-03

申请号：US12625133

申请日：2009-11-24

申请人： Dan YAMAMOTO ,  Tadashi Kaji ,  Takahiro Fujishiro ,  Shinichi Irube

发明人： Dan YAMAMOTO ,  Tadashi Kaji ,  Takahiro Fujishiro ,  Shinichi Irube

IPC分类号： G06F15/16

CPC分类号： H04L63/0815 ,  G06F21/31 ,  H04L63/0884

摘要： An authentication server is dynamically changed in consideration of a user's situation, a kind of service used by the user and user's convenience. When a terminal device 1 is going to receive provision of service from a service providing server 2, an authentication intermediary server 4 selects an authentication server 3 among authentication servers 3 that satisfy selection conditions previously set by the user of the terminal device 1 such as presence information, priority, usage condition, service providing server conditions and the like, so that the user of the terminal device 1 undergo authentication by the selected authentication server 3.

摘要翻译： 考虑到用户的情况，用户使用的一种服务和用户的便利性，动态地改变认证服务器。 当终端设备1要从服务提供服务器2接收服务提供时，认证中介服务器4选择满足终端设备1的用户预先设置的选择条件的认证服务器3中的认证服务器3，诸如存在 信息，优先权，使用条件，服务提供服务器条件等，使得终端设备1的用户经过所选认证服务器3的认证。

公开(公告)号：US08402524B2

公开(公告)日：2013-03-19

申请号：US13018975

申请日：2011-02-01

申请人： Tadashi Kaji ,  Naoki Hayashi ,  Akifumi Yato ,  Shinichi Irube

发明人： Tadashi Kaji ,  Naoki Hayashi ,  Akifumi Yato ,  Shinichi Irube

IPC分类号： G06F7/04 ,  G06F15/16 ,  G06F17/30 ,  H04L29/06

CPC分类号： H04L63/0815 ,  G06F21/305 ,  G06F21/46 ,  G06F21/6263

摘要： An ID bridge service system manages a type and assurance of identity information required for provision of service by an application service system and a type and assurance of identity information managed by plural authentication service systems, and is provided with a selecting measure that selects an authentication service system that manages identity information corresponding to the identity information required for the provision of the service by the application service system out of the plural authentication service systems when a request for authentication is received from the application service system and a requesting measure that requests the selected authentication service system to authenticate.

摘要翻译： ID桥服务系统管理由应用服务系统提供服务所需的身份信息的类型和保证以及由多个认证服务系统管理的身份信息的类型和保证，并且具有选择认证服务的选择措施 系统，当从应用服务系统接收到认证请求时，管理与多个认证服务系统中的应用服务系统提供服务所需的身份信息相对应的身份信息，以及请求所选认证的请求度量 服务体系认证。

公开(公告)号：US20110239284A1

公开(公告)日：2011-09-29

申请号：US13018975

申请日：2011-02-01

申请人： Tadashi Kaji ,  Naoki Hayashi ,  Akifumi Yato ,  Shinichi Irube

发明人： Tadashi Kaji ,  Naoki Hayashi ,  Akifumi Yato ,  Shinichi Irube

IPC分类号： G06F21/00

CPC分类号： H04L63/0815 ,  G06F21/305 ,  G06F21/46 ,  G06F21/6263

摘要： An ID bridge service system manages a type and assurance of identity information required for provision of service by an application service system and a type and assurance of identity information managed by plural authentication service systems, and is provided with a selecting measure that selects an authentication service system that manages identity information corresponding to the identity information required for the provision of the service by the application service system out of the plural authentication service systems when a request for authentication is received from the application service system and a requesting measure that requests the selected authentication service system to authenticate.

摘要翻译： ID桥服务系统管理由应用服务系统提供服务所需的身份信息的类型和保证以及由多个认证服务系统管理的身份信息的类型和保证，并且具有选择认证服务的选择措施 系统，当从应用服务系统接收到认证请求时，管理与多个认证服务系统中的应用服务系统提供服务所需的身份信息相对应的身份信息，以及请求所选认证的请求度量 服务体系认证。

公开(公告)号：US20120254942A1

公开(公告)日：2012-10-04

申请号：US13369884

申请日：2012-02-09

申请人： Naoki Hayashi ,  Tadashi Kaji ,  Akifumi Yato ,  Shinichi Irube

发明人： Naoki Hayashi ,  Tadashi Kaji ,  Akifumi Yato ,  Shinichi Irube

IPC分类号： G06F21/00

CPC分类号： G06F9/505

摘要： A connection destination determination device includes a control unit for performing an approval determination process to determine that a user authentication state in a connection destination request is approved if the user authentication state satisfies the user authentication state corresponding to a collaboration service. If the user authentication state is determined to be approved in the approval determination process, the control unit responds to a source of the connection destination determination request with the connection destination of service corresponding to the collaboration service which is the search key. If the user authentication state is not determined to be approved in the approval determination process, the control unit responds to the source of the connection destination determination request with the connection destination of authentication service, in order to obtain the user authentication state that does not satisfy the user authentication state corresponding to the collaboration service which is the search key.

摘要翻译： 连接目的地确定装置包括控制单元，用于执行批准确定处理以确定如果用户认证状态满足与协作服务对应的用户认证状态，则连接目的地请求中的用户认证状态被批准。 如果在批准确定处理中确定用户认证状态被批准，则控制单元使用与作为搜索关键字的协作服务相对应的服务连接目的地来响应连接目的地确定请求的源。 如果在批准确定处理中没有确定用户认证状态被批准，则控制单元用认证服务的连接目的地对连接目的地确定请求的源进行响应，以获得不满足的用户认证状态 与作为搜索关键字的协作服务对应的用户认证状态。

公开(公告)号：US20080256224A1

公开(公告)日：2008-10-16

申请号：US12071592

申请日：2008-02-22

申请人： Tadashi Kaji ,  Takahiro Fujishiro ,  Akifumi Yato ,  Kazuyoshi Hoshino ,  Munetoshi Tsuge

发明人： Tadashi Kaji ,  Takahiro Fujishiro ,  Akifumi Yato ,  Kazuyoshi Hoshino ,  Munetoshi Tsuge

IPC分类号： G06F15/16

CPC分类号： H04L65/1046 ,  H04L67/1002 ,  H04L67/1027 ,  H04L67/14

摘要： A data communication system is provided that is capable of increasing or decreasing the number of session management servers flexibly, and is further capable of implementing data communication while distributing the message processing load in the session management server. The data communication system includes multiple communication devices which perform data communications mutually, multiple session management servers which manage sessions of data communication between the communication devices, and a load balancer which assigns the session management servers for processing a message received from the communication device according to a predetermined criterion, wherein, the session management server is provided with a unit for managing a currently logged-in communication device and a state of the communication performed by the communication device, and a unit for acquiring information necessary for performing communication with the communication device.

摘要翻译： 提供能够灵活地增加或减少会话管理服务器的数量的数据通信系统，并且还能够在会话管理服务器中分发消息处理负载的同时实现数据通信。 数据通信系统包括相互执行数据通信的多个通信设备，管理通信设备之间的数据通信会话的多个会话管理服务器和分配会话管理服务器的负载平衡器，用于处理从通信设备接收的消息，根据 预定标准，其中，会话管理服务器设置有用于管理当前登录的通信设备的单元和由通信设备执行的通信的状态，以及用于获取与通信设备进行通信所需的信息的单元 。

公开(公告)号：US20080219445A1

公开(公告)日：2008-09-11

申请号：US11984676

申请日：2007-11-20

申请人： Akifumi Yato ,  Tadashi Kaji ,  Takahiro Fujishiro ,  Yoko Hashimoto ,  Kazuyoshi Hoshino

发明人： Akifumi Yato ,  Tadashi Kaji ,  Takahiro Fujishiro ,  Yoko Hashimoto ,  Kazuyoshi Hoshino

IPC分类号： H04L9/00 ,  H04K1/00

CPC分类号： H04L63/0428 ,  H04L63/1408

摘要： A communications audit support system is provided, which makes it possible to audit communications of an arbitrary encrypted communication session at any time. The communications audit support system of the present invention stores key information used for encrypted communication in a key management DB in association with a key ID each time the key information is created, stores IP addresses of a user terminal and a service providing server which perform an encrypted communication session using the key information in a communication state management DB in association with the key ID, and stores an encrypted packet sent in an encrypted communication session in a packet DB in association with IP addresses of a sender and a receiver of the encrypted packet.

摘要翻译： 提供通信审计支持系统，使得可以随时审核任意加密通信会话的通信。 本发明的通信审计支持系统在每次创建密钥信息时，与密钥ID相关联地将用于加密通信的密钥信息存储在密钥管理DB中，存储执行密钥信息的用户终端和服务提供服务器的IP地址 使用与密钥ID相关联的通信状态管理DB中的密钥信息的加密通信会话，并且将加密通信会话中发送的加密分组与加密分组的发送者和接收者的IP地址相关联地存储在分组DB中 。