-
1.发明申请公开(公告)号:US20130024907A1
公开(公告)日:2013-01-24
申请号:US13187455
申请日:2011-07-20
申请人: Dmitri V. Pal , Sumit Bose
发明人: Dmitri V. Pal , Sumit Bose
IPC分类号: G06F21/00
CPC分类号: G06F21/6218 , G06F21/604 , H04L63/0884
摘要: A method and apparatus for integrating Sudo rules into a Lightweight Directory Access Protocol (LDAP) repository. An LDAP directory server receives a request to add a sudo rule to the LDAP repository. The sudo rule defines at least one sudo command and one or more entities associated with the execution of the sudo command. The LDAP directory server creates an LDAP entry for the sudo rule, and links in the LDAP entry of the sudo rule an LDAP entry of the sudo command and LDAP entries of the entities associated with the execution of the sudo command.
摘要翻译: 一种用于将Sudo规则集成到轻量级目录访问协议(LDAP)存储库中的方法和装置。 LDAP目录服务器接收到向LDAP存储库添加sudo规则的请求。 sudo规则至少定义一个sudo命令和一个或多个与执行sudo命令相关联的实体。 LDAP目录服务器为sudo规则创建一个LDAP条目,并在sudo规则的LDAP条目中链接sudo命令的LDAP条目和与执行sudo命令相关联的实体的LDAP条目。
-
2.发明授权公开(公告)号:US09015790B2
公开(公告)日:2015-04-21
申请号:US13187455
申请日:2011-07-20
申请人: Dmitri V. Pal , Sumit Bose
发明人: Dmitri V. Pal , Sumit Bose
CPC分类号: G06F21/6218 , G06F21/604 , H04L63/0884
摘要: A method and apparatus for integrating Sudo rules into a Lightweight Directory Access Protocol (LDAP) repository. An LDAP directory server receives a request to add a sudo rule to the LDAP repository. The sudo rule defines at least one sudo command and one or more entities associated with the execution of the sudo command. The LDAP directory server creates an LDAP entry for the sudo rule, and links in the LDAP entry of the sudo rule an LDAP entry of the sudo command and LDAP entries of the entities associated with the execution of the sudo command.
摘要翻译: 一种用于将Sudo规则集成到轻量级目录访问协议(LDAP)存储库中的方法和装置。 LDAP目录服务器接收到向LDAP存储库添加sudo规则的请求。 sudo规则至少定义一个sudo命令和一个或多个与执行sudo命令相关联的实体。 LDAP目录服务器为sudo规则创建一个LDAP条目,并在sudo规则的LDAP条目中链接sudo命令的LDAP条目和与执行sudo命令相关联的实体的LDAP条目。
-
3.发明申请公开(公告)号:US20120233678A1
公开(公告)日:2012-09-13
申请号:US13045061
申请日:2011-03-10
申请人: Dmitri V. Pal
发明人: Dmitri V. Pal
CPC分类号: H04L9/3228 , G06F21/445 , H04L9/321 , H04L63/0209 , H04L63/0272 , H04L63/0838
摘要: A method and system for securely and automatically connecting a virtual machine in a public cloud to corporate resources. A cloud computing system is coupled to an enterprise computing system via a network. The enterprise computing system includes a management server, an authentication server and a virtual private network (VPN) server. A cloud engine runs on the management server. The cloud engine starts an exchange with the authentication server that leads to a state in which both parties know a one-time password (OTP) and an identifier (ID) of a virtual machine (VM) hosted by the cloud computing system. The cloud engine sends the OTP and the ID to the VM. The VPN server then receives credentials from the VM. If the credentials are successfully authenticated against the OTP and the ID, a secure connection is established between the enterprise computing system and the VM.
摘要翻译: 一种用于将公共云中的虚拟机安全自动连接到企业资源的方法和系统。 云计算系统经由网络耦合到企业计算系统。 企业计算系统包括管理服务器,认证服务器和虚拟专用网(VPN)服务器。 云引擎在管理服务器上运行。 云引擎与认证服务器开始交换,导致双方知道云计算系统托管的虚拟机(VM)的一次性密码(OTP)和标识符(ID)的状态。 云引擎将OTP和ID发送到VM。 VPN服务器然后从VM接收凭证。 如果凭据对OTP和ID成功进行身份验证,则在企业计算系统和VM之间建立安全连接。
-
公开(公告)号:US09342679B2
公开(公告)日:2016-05-17
申请号:US13408747
申请日:2012-02-29
摘要: A user credential comprising a user password and a one-time password (OTP) may be provided to access a computing system. The user password is authenticated and the network connection status of the computing system is determined. If the computing system is offline, the user password and the OTP are stored in memory and the user is granted a first level of access to the computing system. Upon detecting that the network connection status of the computing system has changed to online, the user password and the OTP are provided to an authentication server for authentication. If the authentication of the user password and the OTP is successful, the user is granted a second level of access to the computing system, the second level of access being higher than the first level of access.
-
公开(公告)号:US08997116B2
公开(公告)日:2015-03-31
申请号:US12616938
申请日:2009-11-12
CPC分类号: G06F11/2094
摘要: An event logging interface on a computer system is used to record an event when an application hosted by the computer system encounters the event. The event logging interface receives data pertaining to an event from the application. Using the event logging interface, the computer system determines a logical target of the event, and determines one or more physical destinations referenced by the logical target. The data is then dispatched to one of the physical destinations.
摘要翻译: 当计算机系统托管的应用程序遇到事件时,计算机系统上的事件记录界面用于记录事件。 事件记录界面从应用程序接收与事件有关的数据。 使用事件记录界面,计算机系统确定事件的逻辑目标,并确定逻辑目标引用的一个或多个物理目标。 然后将数据分派到一个物理目的地。
-
公开(公告)号:US08955086B2
公开(公告)日:2015-02-10
申请号:US13422903
申请日:2012-03-16
申请人: Dmitri V. Pal
发明人: Dmitri V. Pal
IPC分类号: G06F7/04
CPC分类号: H04L63/0807 , G06F21/6218 , H04L63/08 , H04L63/102
摘要: A computer system determines whether the computer system is able to access an authentication server. If the computer system is able to access the authentication server, the computer system requesting a first set of credentials from a user. If the first set of credentials is valid, the computer system assigns the user a first role for performing operations on the computer system based on the first set of credentials. If the computer system is unable to access the authentication server, the computer system requests another set of credentials from the user. If the other set of credentials is valid, the computer system assigns the user another role for performing operations on the computer system based on the other set of credentials.
摘要翻译: 计算机系统确定计算机系统是否能够访问认证服务器。 如果计算机系统能够访问认证服务器,则计算机系统从用户请求第一组凭证。 如果第一组凭据有效,则计算机系统基于第一组凭证为用户分配用于在计算机系统上执行操作的第一角色。 如果计算机系统无法访问认证服务器,则计算机系统从用户请求另一组凭证。 如果另一套凭证有效,则计算机系统将根据另一组凭证为用户分配用于在计算机系统上执行操作的另一个角色。
-
公开(公告)号:US20110113436A1
公开(公告)日:2011-05-12
申请号:US12616938
申请日:2009-11-12
IPC分类号: G06F9/54
CPC分类号: G06F11/2094
摘要: An event logging interface on a computer system is used to record an event when an application hosted by the computer system encounters the event. The event logging interface receives data pertaining to an event from the application. Using the event logging interface, the computer system determines a logical target of the event, and determines one or more physical destinations referenced by the logical target. The data is then dispatched to one of the physical destinations.
摘要翻译: 当计算机系统托管的应用程序遇到事件时,计算机系统上的事件记录界面用于记录事件。 事件记录界面从应用程序接收与事件有关的数据。 使用事件记录界面,计算机系统确定事件的逻辑目标,并确定逻辑目标引用的一个或多个物理目标。 然后将数据分派到一个物理目的地。
-
公开(公告)号:US09367678B2
公开(公告)日:2016-06-14
申请号:US13408747
申请日:2012-02-29
CPC分类号: H04L63/105 , G06F21/31 , G06F21/33 , H04L9/321 , H04L9/3213 , H04L9/3215 , H04L9/3226 , H04L9/3228 , H04L63/067 , H04L63/0807 , H04L63/083 , H04L63/0838 , H04L2463/082
摘要: A user credential comprising a user password and a one-time password (OTP) may be provided to access a computing system. The user password is authenticated and the network connection status of the computing system is determined. If the computing system is offline, the user password and the OTP are stored in memory and the user is granted a first level of access to the computing system. Upon detecting that the network connection status of the computing system has changed to online, the user password and the OTP are provided to an authentication server for authentication. If the authentication of the user password and the OTP is successful, the user is granted a second level of access to the computing system, the second level of access being higher than the first level of access.
摘要翻译: 可以提供包括用户密码和一次性密码(OTP)的用户凭证以访问计算系统。 验证用户密码,确定计算系统的网络连接状态。 如果计算系统脱机,则用户密码和OTP存储在内存中,并且授予用户对计算系统的第一级访问权限。 在检测到计算系统的网络连接状态已变为在线时,将用户密码和OTP提供给认证服务器进行认证。 如果用户密码和OTP的认证成功,则授予用户对计算系统的第二级访问权限,第二级别的访问权限高于第一级访问权限。
-
公开(公告)号:US20130227677A1
公开(公告)日:2013-08-29
申请号:US13408747
申请日:2012-02-29
IPC分类号: G06F21/00
CPC分类号: H04L63/105 , G06F21/31 , G06F21/33 , H04L9/321 , H04L9/3213 , H04L9/3215 , H04L9/3226 , H04L9/3228 , H04L63/067 , H04L63/0807 , H04L63/083 , H04L63/0838 , H04L2463/082
摘要: A user credential comprising a user password and a one-time password (OTP) may be provided to access a computing system. The user password is authenticated and the network connection status of the computing system is determined. If the computing system is offline, the user password and the OTP are stored in memory and the user is granted a first level of access to the computing system. Upon detecting that the network connection status of the computing system has changed to online, the user password and the OTP are provided to an authentication server for authentication. If the authentication of the user password and the OTP is successful, the user is granted a second level of access to the computing system, the second level of access being higher than the first level of access.
摘要翻译: 可以提供包括用户密码和一次性密码(OTP)的用户凭证以访问计算系统。 验证用户密码,确定计算系统的网络连接状态。 如果计算系统脱机,则用户密码和OTP存储在内存中,并且授予用户对计算系统的第一级访问权限。 在检测到计算系统的网络连接状态已变为在线时,将用户密码和OTP提供给认证服务器进行认证。 如果用户密码和OTP的认证成功,则授予用户对计算系统的第二级访问权限,第二级别的访问权限高于第一级访问权限。
-
10.发明授权公开(公告)号:US08863257B2
公开(公告)日:2014-10-14
申请号:US13045061
申请日:2011-03-10
申请人: Dmitri V. Pal
发明人: Dmitri V. Pal
CPC分类号: H04L9/3228 , G06F21/445 , H04L9/321 , H04L63/0209 , H04L63/0272 , H04L63/0838
摘要: Securely connecting a virtual machine in a public cloud to corporate resources. A cloud computing system is coupled to an enterprise computing system via a network. The enterprise computing system includes a management server, an authentication server and a virtual private network (VPN) server. A cloud engine runs on the management server. The cloud engine starts an exchange with the authentication server that leads to a state in which both parties know a one-time password (OTP) and an identifier (ID) of a virtual machine (VM) hosted by the cloud computing system. The cloud engine sends the OTP and the ID to the VM. The VPN server then receives credentials from the VM. If the credentials are successfully authenticated against the OTP and the ID, a secure connection is established between the enterprise computing system and the VM.
摘要翻译: 将公共云中的虚拟机安全地连接到企业资源。 云计算系统经由网络耦合到企业计算系统。 企业计算系统包括管理服务器,认证服务器和虚拟专用网(VPN)服务器。 云引擎在管理服务器上运行。 云引擎与认证服务器开始交换,导致双方知道云计算系统托管的虚拟机(VM)的一次性密码(OTP)和标识符(ID)的状态。 云引擎将OTP和ID发送到VM。 VPN服务器然后从VM接收凭证。 如果凭据对OTP和ID成功进行身份验证,则在企业计算系统和VM之间建立安全连接。
-
-
-
-
-
-
-
-
-
搜索结果
11 条记录 (耗时 0.016 秒)
