-
1.发明授权公开(公告)号:US08776199B2
公开(公告)日:2014-07-08
申请号:US12686495
申请日:2010-01-13
CPC分类号: H04L63/1483 , H04L9/0844 , H04L9/3234 , H04L9/3271 , H04L63/0869 , H04L2209/60 , H04N21/2265 , H04N21/25816 , H04N21/25875
摘要: Protecting a user against web spoofing in which the user confirms the authenticity of a web page prior to submitting sensitive information such as user credentials (e.g., a login name and password) via the web page. The web page provides the user with an identifiable piece of information representing a shared secret between the user and the server. The user confirms the correctness of the shared secret to ensure the legitimacy of the web page prior to disclosing any sensitive information via the web page.
摘要翻译: 保护用户免受Web欺骗,用户在通过网页提交敏感信息(例如登录名和密码)之前确认网页的真实性。 该网页向用户提供表示用户和服务器之间的共享密钥的可识别信息。 用户在通过网页披露任何敏感信息之前,确认共享秘密的正确性,以确保网页的合法性。
-
2.发明申请公开(公告)号:US20100115594A1
公开(公告)日:2010-05-06
申请号:US12686495
申请日:2010-01-13
CPC分类号: H04L63/1483 , H04L9/0844 , H04L9/3234 , H04L9/3271 , H04L63/0869 , H04L2209/60 , H04N21/2265 , H04N21/25816 , H04N21/25875
摘要: Protecting a user against web spoofing in which the user confirms the authenticity of a web page prior to submitting sensitive information such as user credentials (e.g., a login name and password) via the web page. The web page provides the user with an identifiable piece of information representing a shared secret between the user and the server. The user confirms the correctness of the shared secret to ensure the legitimacy of the web page prior to disclosing any sensitive information via the web page.
摘要翻译: 保护用户免受Web欺骗,用户在通过网页提交敏感信息(例如登录名和密码)之前确认网页的真实性。 该网页向用户提供表示用户和服务器之间的共享密钥的可识别信息。 用户在通过网页披露任何敏感信息之前,确认共享秘密的正确性,以确保网页的合法性。
-
3.发明授权公开(公告)号:US07685631B1
公开(公告)日:2010-03-23
申请号:US10358814
申请日:2003-02-05
CPC分类号: H04L63/1483 , H04L9/0844 , H04L9/3234 , H04L9/3271 , H04L63/0869 , H04L2209/60 , H04N21/2265 , H04N21/25816 , H04N21/25875
摘要: Protecting a user against web spoofing in which the user confirms the authenticity of a web page prior to submitting sensitive information such as user credentials (e.g., a login name and password) via the web page. The web page provides the user with an identifiable piece of information representing a shared secret between the user and the server. The user confirms the correctness of the shared secret to ensure the legitimacy of the web page prior to disclosing any sensitive information via the web page.
摘要翻译: 保护用户免受Web欺骗,用户在通过网页提交敏感信息(例如登录名和密码)之前确认网页的真实性。 该网页向用户提供表示用户和服务器之间的共享密钥的可识别信息。 用户在通过网页披露任何敏感信息之前,确认共享秘密的正确性,以确保网页的合法性。
-
4.发明授权Managing state information across communication sessions between a client and a server via a stateless protocol 有权通过无状态协议在客户端和服务器之间的通信会话中管理状态信息公开(公告)号:US07634570B2
公开(公告)日:2009-12-15
申请号:US10425516
申请日:2003-04-29
申请人: Ismail Cem Paya , Trevin Chow , Stephen J. Purpura
发明人: Ismail Cem Paya , Trevin Chow , Stephen J. Purpura
IPC分类号: G06F15/16
CPC分类号: G06F17/30902
摘要: Managing state information across communication sessions between a client and a server via a stateless protocol. The server delivers to the client a cacheable web page with a hyperlink to non-cacheable embedded content. In the hyperlink to the non-cacheable embedded content, the server adds a token or an identifier uniquely associated with the user. When the user obtains embedded content from the cached web page via the hyperlink, the identifier is also sent to the server. Upon receipt of the identifier from the client, the server accesses the stored state information. In this manner, the server manages state information related to the client across communication sessions without the use of cookies as long as the client caches the web page with the unique identifier.
摘要翻译: 通过无状态协议在客户端和服务器之间的通信会话中管理状态信息。 服务器向客户端发送可缓存的网页,其中包含超高速缓存的嵌入式内容。 在到不可缓存的嵌入式内容的超链接中,服务器添加与用户唯一相关联的令牌或标识符。 当用户通过超链接从缓存的网页获取嵌入的内容时,该标识符也被发送到服务器。 当从客户端接收到标识符时,服务器访问所存储的状态信息。 以这种方式,只要客户端使用唯一标识符缓存网页,服务器就不需要使用cookie来管理与客户端相关的状态信息。
-
5.发明授权Combining a browser cache and cookies to improve the security of token-based authentication protocols 有权结合浏览器缓存和Cookie来提高基于令牌的身份验证协议的安全性公开(公告)号:US07240192B1
公开(公告)日:2007-07-03
申请号:US10388072
申请日:2003-03-12
申请人: Ismail Cem Paya , Trevin Chow
发明人: Ismail Cem Paya , Trevin Chow
IPC分类号: H04L29/00
CPC分类号: H04L63/0807 , H04L2463/102
摘要: Combining a browser cache and cookies to improve the security of token-based authentication protocols. A client stores a first portion of an authentication token as information (e.g., a cookie) in a first memory area. The client stores a second portion of the authentication token as server-inaccessible information (e.g., cached web content) in a second memory area. A server obtains the first and second portions from the client to recreate the authentication token to authenticate the client.
摘要翻译: 结合浏览器缓存和Cookie来提高基于令牌的身份验证协议的安全性。 客户端将认证令牌的第一部分作为信息(例如,cookie)存储在第一存储器区域中。 客户端将认证令牌的第二部分作为服务器不可访问的信息(例如,缓存的web内容)存储在第二存储器区域中。 服务器从客户端获取第一和第二部分,以重新创建认证令牌以验证客户端。
-
公开(公告)号:US20070118530A1
公开(公告)日:2007-05-24
申请号:US11282290
申请日:2005-11-18
申请人: Trevin Chow , Asim Memon , Dilip Pai , Naresh Jain , Wei Jiang , Yordan Rouskov
发明人: Trevin Chow , Asim Memon , Dilip Pai , Naresh Jain , Wei Jiang , Yordan Rouskov
IPC分类号: G06F17/30
CPC分类号: G06F8/65
摘要: Software updates are described. In an implementation, a method includes forming an authentication request to be communicated to an authentication service over a network that includes a version identifier of at least one application module of a client. A response is received to the authentication request which includes an indication of whether an update is available for the at least one application module and a token that verifies the authentication.
摘要翻译: 描述软件更新。 在实现中,一种方法包括形成要通过包括客户端的至少一个应用模块的版本标识符的网络传送给认证服务的认证请求。 接收到对认证请求的响应,该认证请求包括对于至少一个应用模块是否可用的更新的指示和验证认证的令牌。
-
公开(公告)号:US20060095578A1
公开(公告)日:2006-05-04
申请号:US10977185
申请日:2004-10-29
申请人: Ismail Paya , Josh Benaloh , Raja Perumal , Trevin Chow , Erren Lester , Jeffrey Steinbok , Julien Couvreur
发明人: Ismail Paya , Josh Benaloh , Raja Perumal , Trevin Chow , Erren Lester , Jeffrey Steinbok , Julien Couvreur
IPC分类号: G06F15/16
CPC分类号: G06F21/31 , G06F2221/2119
摘要: A human interactive proof (HIP) service is described. In response to a request from a web server, the HIP service generates a HIP challenge and an associated attestation. The web server can then embed the generated HIP challenge in a requested web page. The attestation is used to determine whether or not a user response to the HIP challenge is correct.
摘要翻译: 描述了人类交互式证明(HIP)服务。 响应于来自Web服务器的请求,HIP服务产生HIP挑战和相关联的认证。 然后,Web服务器可以将生成的HIP挑战嵌入到所请求的网页中。 该证明用于确定用户对HIP挑战的响应是否正确。
-
公开(公告)号:US07853995B2
公开(公告)日:2010-12-14
申请号:US11282174
申请日:2005-11-18
申请人: Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Wai Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Dilip Pai , Kalyan Sayyaparaju , Avinash Belur
发明人: Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Wai Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Dilip Pai , Kalyan Sayyaparaju , Avinash Belur
CPC分类号: H04L9/3213 , H04L9/3263 , H04L51/04 , H04L63/0807 , H04L63/0823 , H04L63/0846 , H04L63/20 , H04L2209/56
摘要: An integrated authentication service is described which may receive a bundled request from one or more clients. One or more of the described techniques may be utilized to provide, in response to a single bundled request, a token for proof of identity and a certificate for establishing secure communications.
摘要翻译: 描述了可以从一个或多个客户端接收捆绑请求的集成认证服务。 所述技术中的一个或多个可以用于响应于单个捆绑的请求提供用于证明身份的令牌和用于建立安全通信的证书。
-
9.发明申请公开(公告)号:US20100036848A1
公开(公告)日:2010-02-11
申请号:US12186518
申请日:2008-08-06
申请人: Mark Kar Hong Wong , Trevin Chow , Zachary Steven Emmel , Nathan D. Kile, JR. , Derek Lynn Jamison , Jennifer N. Maertens , Justin James Watkins
发明人: Mark Kar Hong Wong , Trevin Chow , Zachary Steven Emmel , Nathan D. Kile, JR. , Derek Lynn Jamison , Jennifer N. Maertens , Justin James Watkins
CPC分类号: G06F17/2247 , G10L19/22
摘要: A file, including visual information or auditory information may be uploaded to a processing device. Respective portions of content of the file may be identified for compressing and saving at respective bit rates. A number of component files may be created, compressed and saved, at the respective bit rates, based on the identified respective portions of content of the file. A network page, including a reference to the uploaded file, may be created. The reference to the uploaded file, in the network page, may be replaced with references to the compressed, saved component files and the network page may be saved. A processing device of a user may request the network page and the compressed, saved component files. A reasonable facsimile of the file may be reproduced based on an aggregate of the compressed, saved component files.
摘要翻译: 包括视觉信息或听觉信息的文件可以被上传到处理设备。 可以识别文件内容的相应部分,以便以相应的比特率进行压缩和保存。 可以基于所识别的文件内容的相应部分,以相应的比特率创建,压缩和保存多个组件文件。 可以创建网页,包括对上传的文件的引用。 对网络页面上的上传文件的引用可以被替换为对压缩的,保存的组件文件的引用,并且可以保存网络页面。 用户的处理设备可以请求网络页面和压缩的保存的组件文件。 可以基于压缩的保存的组件文件的合计来再现文件的合理传真。
-
10.发明授权公开(公告)号:US08671164B2
公开(公告)日:2014-03-11
申请号:US13472567
申请日:2012-05-16
申请人: Mark Kar Hong Wong , Trevin Chow , Zachary Steven Emmel , Nathan D. Kile, Jr. , Derek Lynn Jamison , Jennifer N. Maertens , Justin James Watkins
发明人: Mark Kar Hong Wong , Trevin Chow , Zachary Steven Emmel , Nathan D. Kile, Jr. , Derek Lynn Jamison , Jennifer N. Maertens , Justin James Watkins
IPC分类号: G06F15/16
CPC分类号: G06F17/2247 , G10L19/22
摘要: A file, including visual information or auditory information may be uploaded to a processing device. Respective portions of content of the file may be identified for compressing and saving at respective bit rates. A number of component files may be created, compressed and saved, at the respective bit rates, based on the identified respective portions of content of the file. A network page, including a reference to the uploaded file, may be created. The reference to the uploaded file, in the network page, may be replaced with references to the compressed, saved component files and the network page may be saved. A processing device of a user may request the network page and the compressed, saved component files. A reasonable facsimile of the file may be reproduced based on an aggregate of the compressed, saved component files.
摘要翻译: 包括视觉信息或听觉信息的文件可以被上传到处理设备。 可以识别文件内容的相应部分,以便以相应的比特率进行压缩和保存。 可以基于所识别的文件内容的相应部分,以相应的比特率创建,压缩和保存多个组件文件。 可以创建网页,包括对上传的文件的引用。 对网络页面上的上传文件的引用可以被替换为对压缩的,保存的组件文件的引用,并且可以保存网络页面。 用户的处理设备可以请求网络页面和压缩的保存的组件文件。 可以基于压缩的保存的组件文件的合计来再现文件的合理传真。
-
-
-
-
-
-
-
-
-
搜索结果
21 条记录 (耗时 0.02 秒)
