公开(公告)号：US20160080324A1

公开(公告)日：2016-03-17

申请号：US14487414

申请日：2014-09-16

申请人： International Business Machines Corporation

发明人： Richard Jay Cohen ,  Anne Louise Bolgert ,  Randolph Michael Forlenza ,  Miguel Sang ,  Krishna Kishore Yellepeddy

IPC分类号： H04L29/06 ,  H04L29/08

CPC分类号： H04L63/0281 ,  H04L63/1425 ,  H04L63/168 ,  H04L63/20 ,  H04L67/02 ,  H04L67/22

摘要： This disclosure describes an automated process of discovering characteristics needed to integrate a web-based application to a web portal, such as a reverse proxy. This process eliminates the need for application owners and security analysts to manually discover the information needed for the on-boarding process. To this end, application-specific information is determined by monitoring network traffic flows in and out of the application, user authentication and authorization event data, and the like. An application discovery engine analyzes the discovered data, preferably against a set of patterns and heuristic-based rules, to discover or identify the one or more application characteristics. A set of configuration data is then generated, and this configuration data is then used to integrate the application into the web reverse proxy and, in particular, by specifying the configuration needed to “board” the application. Preferably, the monitoring and application characterization determination functions occur in an automated manner.

摘要翻译： 本公开描述了发现将基于网络的应用程序集成到诸如反向代理之类的门户网站所需的特征的自动化过程。 此过程不需要应用程序所有者和安全分析人员手动发现上载过程所需的信息。 为此，通过监视进出应用的网络流量流，用户认证和授权事件数据等来确定特定于应用的信息。 应用发现引擎优选地针对一组模式和基于启发式的规则分析所发现的数据，以发现或识别一个或多个应用特征。 然后生成一组配置数据，然后使用该配置数据将应用程序集成到Web反向代理中，特别是通过指定“登记”应用程序所需的配置。 优选地，监测和应用特征确定功能以自动方式发生。

公开(公告)号：US20130254101A1

公开(公告)日：2013-09-26

申请号：US13781801

申请日：2013-03-01

申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION

发明人： Anne Louise Bolgert ,  Richard Jay Cohen ,  Randolph Michael Forlenza ,  Raghuraman Kalyanaraman

IPC分类号： G06Q20/40

CPC分类号： G06Q20/405 ,  G06Q40/02

摘要： A method enables user-directed, selective control of payment transactions for a user's payment device by enabling a payment device user to create and manage self-defined policies on how a particular payment device (tangible or intangible) may be used. This approach enables the end user, as opposed to the financial or commercial institution, to control transactions with respect to the account. Thus, for example, using a display interface, the account holder can control factors such as: allowed or disallowed vendors, a number of charges, timing of charges, a charge frequency, types of purchases allowed, and the amount charged. This fine-grained, device-specific control mechanism enables account holders to protect financial assets against fraudulent or improper activity. The approach provides a policy management system by which user-directed options for selectively controlling and restricting payment transactions may be realized, thereby providing better security and more customized account control.

摘要翻译： 通过使支付设备用户能够创建和管理关于如何使用特定支付设备（有形或无形）的自定义策略，一种方法使得用户可以选择性地控制用户支付设备的支付交易。 这种方法使最终用户（而不是金融或商业机构）控制与该帐户相关的交易。 因此，例如，使用显示界面，账户持有者可以控制诸如允许或不允许的供应商，收费，收费时间，收费频率，允许的购买类型以及所收取的数量等因素。 这种细粒度的设备特定控制机制使帐户持有人能够保护金融资产免受欺诈或不正当的活动。 该方法提供了一种策略管理系统，通过该策略管理系统可以实现用于选择性地控制和限制支付交易的用户导向的选项，从而提供更好的安全性和更多的定制的账户控制。