-
公开(公告)号:US20060242427A1
公开(公告)日:2006-10-26
申请号:US11112844
申请日:2005-04-22
申请人: David Ruzyski , James Hong , Brian McNeil , Chris Guzak , Brian Wentz , Klaus Schutz , Stefan Richards , Eric Perlin , Cristian Ilac , Sterling Reasor , Eric Flo , John Stephens , Benjamin Hutz
发明人: David Ruzyski , James Hong , Brian McNeil , Chris Guzak , Brian Wentz , Klaus Schutz , Stefan Richards , Eric Perlin , Cristian Ilac , Sterling Reasor , Eric Flo , John Stephens , Benjamin Hutz
IPC分类号: G06F12/14 , H04K1/00 , H04L9/32 , G06F12/00 , H04L9/00 , G06F13/00 , G06F17/30 , G06F7/04 , G06F7/58 , G06K19/00 , G11C7/00
CPC分类号: H04L63/0861 , G06F9/451 , G06F21/31
摘要: Systems and/or methods are described that enable a credential interface. These systems and/or methods may build a credential user interface enabling a user to choose between multiple credentials and submit an authenticator for a chosen credential. These systems and/or methods may also gather information about arbitrary credentials and build a user interface for submission of authenticators for these arbitrary credentials.
摘要翻译: 描述启用凭证接口的系统和/或方法。 这些系统和/或方法可以构建凭证用户界面,使得用户能够在多个凭证之间进行选择,并为选定的凭证提交验证器。 这些系统和/或方法还可以收集关于任意凭证的信息,并构建用于为这些任意凭证提交认证者的用户界面。
-
公开(公告)号:US20050091213A1
公开(公告)日:2005-04-28
申请号:US10693585
申请日:2003-10-24
申请人: Klaus Schutz , Stefan Richards , Eric Perlin , Cristian Ilac , Sterling Reasor , Eric Flo , John Stephens , Benjamin Hutz
发明人: Klaus Schutz , Stefan Richards , Eric Perlin , Cristian Ilac , Sterling Reasor , Eric Flo , John Stephens , Benjamin Hutz
CPC分类号: G06F21/31 , Y10S707/99938 , Y10S707/99939
摘要: A credential is translated with one of different credential provider modules each translating a corresponding different type of credential into a common protocol. The translated credential is communicated through an API to a logon UI module to an operating system (OS) of a local machine. An OS logon module is called by the logon UI module to authenticate the translated credential against a credential database. A user identified by the translated credential is logged on to access the local machine when the authentication is successful. The credential can also be used with a selection received from the logon UI module via a corresponding one of different pre-log access provider (PLAP) modules that each communicate with the API. The API establishes a network session with an access service specified by the selected PLAP module when the credential is authenticated with the credential database.
摘要翻译: 用不同凭证提供者模块之一翻译凭证,每个凭证提供者模块将相应的不同类型的凭证翻译成公共协议。 翻译的凭证通过API传送到登录UI模块到本地机器的操作系统(OS)。 登录UI模块调用操作系统登录模块,以根据凭据数据库验证转换的凭据。 当认证成功时,由登录的凭证登录的用户访问本地计算机。 证书还可以与从登录UI模块通过每个与API进行通信的不同预登录访问提供程序(PLAP)模块中的相应一个模块接收到的选择一起使用。 当凭证凭证凭证数据库进行身份验证时,API与所选择的PLAP模块指定的访问服务建立网络会话。
-
公开(公告)号:US20050188210A1
公开(公告)日:2005-08-25
申请号:US10787871
申请日:2004-02-25
申请人: Eric Perlin , Klaus Schutz , Stefan Richards , Sermet Iskin
发明人: Eric Perlin , Klaus Schutz , Stefan Richards , Sermet Iskin
摘要: A system and method facilitating secure credential management is provided. An aspect of the present invention provides for a credential management system including a credential user interface component, a trusted proxy component and a secure user interface component. The system can facilitate the secure acquisition, storage and/or application of credential(s) for a user (e.g., when accessing a particular resource) through a secure, isolated environment. For example, the system can be a core building block for operating system component(s) and/or application(s) that handle credential(s) in a secure manner.
摘要翻译: 提供了一种促进安全凭证管理的系统和方法。 本发明的一个方面提供了一种包括凭证用户界面组件,可信代理组件和安全用户界面组件的凭证管理系统。 该系统可以通过安全的隔离环境促进对用户的证书的安全获取,存储和/或应用(例如,当访问特定资源时)。 例如,系统可以是用于以安全的方式处理凭证的操作系统组件和/或应用的核心构建块。
-
公开(公告)号:US20090222888A1
公开(公告)日:2009-09-03
申请号:US12038815
申请日:2008-02-28
申请人: Raghavendra Malpani , Cristian Ilac , Tanmoy Dutta , Klaus Schutz
发明人: Raghavendra Malpani , Cristian Ilac , Tanmoy Dutta , Klaus Schutz
CPC分类号: G06F21/556
摘要: A secure (e.g., HTTPS) connection is established between a client and a server. Communication over the connection may utilize an application (e.g., a Web browser) that is not part of the client's trusted computing base. A password is sent from the client to the server over the connection such that the clear text password is unavailable to the application. For example, the password can be encrypted and inserted directly into the HTTPS stream from the client's trusted computing base.
摘要翻译: 在客户端和服务器之间建立安全(例如HTTPS)连接。 通过连接的通信可以利用不是客户机的可信计算基础的一部分的应用(例如,Web浏览器)。 密码通过连接从客户端发送到服务器,使得明文密码对应用程序不可用。 例如,密码可以被加密并直接从客户端的可信计算基础插入到HTTPS流中。
-
公开(公告)号:US20070186112A1
公开(公告)日:2007-08-09
申请号:US11046607
申请日:2005-01-28
申请人: Eric Perlin , Klaus Schutz , Paul Leach , Peter Brundrett , Thomas Jones
发明人: Eric Perlin , Klaus Schutz , Paul Leach , Peter Brundrett , Thomas Jones
IPC分类号: H04L9/00
CPC分类号: G06F21/62 , G06F21/31 , G06F21/54 , G06F2221/2141
摘要: Systems and methods are described that control attempts made by an application to access data. In one embodiment, the application is associated with a security token that includes an application ID. In operation, the system receives a request, initiated by the application, for access to the data. The system is configured to evaluate the request for access based in part on comparison of the security token and a listing of approved application IDs associated with the data.
摘要翻译: 描述了控制由应用访问数据的尝试的系统和方法。 在一个实施例中,该应用与包括应用ID的安全令牌相关联。 在操作中,系统接收由应用程序发起的用于访问数据的请求。 该系统被配置为基于安全令牌的比较和与数据相关联的已批准应用ID的列表来部分地评估访问请求。
-
公开(公告)号:US20050160041A1
公开(公告)日:2005-07-21
申请号:US10761489
申请日:2004-01-20
申请人: Daniel Griffin , Philip Hallin , Eric Perlin , Klaus Schutz
发明人: Daniel Griffin , Philip Hallin , Eric Perlin , Klaus Schutz
CPC分类号: G06F21/57 , G06F2221/2153 , H04L9/3234 , H04L9/3263
摘要: Methods and apparatuses are provided for use with smartcards or other like shared computing resources. One or more root certificates are stored on a smartcard. The root certificates can be selectively copied to a certificate store or other like mechanism of an operatively coupled computing or like device and available to support certificate and other trust related processes of the device. When the smartcard is no longer operatively available to the device, the root certificates are no longer available to support such certificate and other trust related processes of the device.
摘要翻译: 提供了与智能卡或其他类似的共享计算资源一起使用的方法和装置。 一个或多个根证书存储在智能卡上。 可以将根证书选择性地复制到可操作耦合的计算或类似设备的证书存储或其他类似的机制,并且可用于支持设备的证书和其他信任相关过程。 当智能卡不再可用于设备时,根证书不再可用于支持设备的此类证书和其他信任相关进程。
-
公开(公告)号:US20050022169A1
公开(公告)日:2005-01-27
申请号:US10919727
申请日:2004-08-16
申请人: Eric Perlin , Vinay Deo , David Milstein , Gilad Odinak , Scott Guthery , Klaus Schutz
发明人: Eric Perlin , Vinay Deo , David Milstein , Gilad Odinak , Scott Guthery , Klaus Schutz
CPC分类号: G06F11/3656 , G06Q20/105 , G06Q20/401
摘要: An integrated circuit (IC) card is presented comprising an input/output (I/O) interface and a smart card development interface (SCDI), coupled to the I/O interface, to receive and identify debug frames interlaced within a normal communication flow between the IC card and a host system.
-
公开(公告)号:US20060174334A1
公开(公告)日:2006-08-03
申请号:US11046281
申请日:2005-01-28
申请人: Eric Perlin , Klaus Schutz , Paul Leach , Peter Brundrett , Thomas Jones
发明人: Eric Perlin , Klaus Schutz , Paul Leach , Peter Brundrett , Thomas Jones
IPC分类号: H04L9/32
CPC分类号: G06F21/6218 , G06F21/6281 , G06F2221/2141
摘要: Systems and methods are described that control attempts made by an application to access data. In one embodiment, the application is associated with a security token that includes an application ID. In operation, the system receives a request, initiated by the application, for access to the data. The system is configured to evaluate the request for access based in part on comparison of the security token and a listing of approved application IDs associated with the data.
摘要翻译: 描述了控制由应用访问数据的尝试的系统和方法。 在一个实施例中,该应用与包括应用ID的安全令牌相关联。 在操作中,系统接收由应用程序发起的用于访问数据的请求。 该系统被配置为基于安全令牌的比较和与数据相关联的已批准应用ID的列表来部分地评估访问请求。
-
公开(公告)号:US20050154672A1
公开(公告)日:2005-07-14
申请号:US10756045
申请日:2004-01-13
申请人: Daniel Griffin , Eric Perlin , Klaus Schutz
发明人: Daniel Griffin , Eric Perlin , Klaus Schutz
CPC分类号: G06F9/5027 , G06F2209/5016 , G06Q20/10
摘要: Methods and apparatuses are provided for use with smartcards or other like shared computing resources. By selectively granting exclusive use to a requesting entity for a period of time, performance is improved by reducing unnecessary redundant overhead data, communication, storage and/or processing for an applicable series of transactions associated with a granted access request operation.
摘要翻译: 提供了与智能卡或其他类似的共享计算资源一起使用的方法和装置。 通过选择性地向请求实体授权一段时间,通过减少对与授权的访问请求操作相关联的一系列适用的事务的不必要的冗余开销数据,通信,存储和/或处理来提高性能。
-
公开(公告)号:US20050149476A1
公开(公告)日:2005-07-07
申请号:US10752745
申请日:2004-01-06
申请人: Daniel Griffin , Eric Perlin , Klaus Schutz
发明人: Daniel Griffin , Eric Perlin , Klaus Schutz
CPC分类号: G06Q20/3552 , G06F21/34 , G07F7/1008
摘要: Methods and apparatuses are provided for use with smartcards or other like shared computing resources. A global smartcard cache is maintained on one or more computers to reduce the burden on the smartcard. The global smartcard cache data is associated with a freshness indicator that is compared to the current freshness indicator from the smartcard to verify that the cached item data is current.
摘要翻译: 提供了与智能卡或其他类似的共享计算资源一起使用的方法和装置。 在一台或多台计算机上维护全球智能卡缓存,以减轻智能卡的负担。 全局智能卡高速缓存数据与新鲜度指示器相关联,其与来自智能卡的当前新鲜度指示符进行比较,以验证缓存的项目数据是否为当前值。
-
-
-
-
-
-
-
-
-