-
1.发明授权Managing state information across communication sessions between a client and a server via a stateless protocol 有权通过无状态协议在客户端和服务器之间的通信会话中管理状态信息公开(公告)号:US07634570B2
公开(公告)日:2009-12-15
申请号:US10425516
申请日:2003-04-29
申请人: Ismail Cem Paya , Trevin Chow , Stephen J. Purpura
发明人: Ismail Cem Paya , Trevin Chow , Stephen J. Purpura
IPC分类号: G06F15/16
CPC分类号: G06F17/30902
摘要: Managing state information across communication sessions between a client and a server via a stateless protocol. The server delivers to the client a cacheable web page with a hyperlink to non-cacheable embedded content. In the hyperlink to the non-cacheable embedded content, the server adds a token or an identifier uniquely associated with the user. When the user obtains embedded content from the cached web page via the hyperlink, the identifier is also sent to the server. Upon receipt of the identifier from the client, the server accesses the stored state information. In this manner, the server manages state information related to the client across communication sessions without the use of cookies as long as the client caches the web page with the unique identifier.
摘要翻译: 通过无状态协议在客户端和服务器之间的通信会话中管理状态信息。 服务器向客户端发送可缓存的网页,其中包含超高速缓存的嵌入式内容。 在到不可缓存的嵌入式内容的超链接中,服务器添加与用户唯一相关联的令牌或标识符。 当用户通过超链接从缓存的网页获取嵌入的内容时,该标识符也被发送到服务器。 当从客户端接收到标识符时,服务器访问所存储的状态信息。 以这种方式,只要客户端使用唯一标识符缓存网页,服务器就不需要使用cookie来管理与客户端相关的状态信息。
-
2.发明授权公开(公告)号:US08776199B2
公开(公告)日:2014-07-08
申请号:US12686495
申请日:2010-01-13
CPC分类号: H04L63/1483 , H04L9/0844 , H04L9/3234 , H04L9/3271 , H04L63/0869 , H04L2209/60 , H04N21/2265 , H04N21/25816 , H04N21/25875
摘要: Protecting a user against web spoofing in which the user confirms the authenticity of a web page prior to submitting sensitive information such as user credentials (e.g., a login name and password) via the web page. The web page provides the user with an identifiable piece of information representing a shared secret between the user and the server. The user confirms the correctness of the shared secret to ensure the legitimacy of the web page prior to disclosing any sensitive information via the web page.
摘要翻译: 保护用户免受Web欺骗,用户在通过网页提交敏感信息(例如登录名和密码)之前确认网页的真实性。 该网页向用户提供表示用户和服务器之间的共享密钥的可识别信息。 用户在通过网页披露任何敏感信息之前,确认共享秘密的正确性,以确保网页的合法性。
-
3.发明申请公开(公告)号:US20100115594A1
公开(公告)日:2010-05-06
申请号:US12686495
申请日:2010-01-13
CPC分类号: H04L63/1483 , H04L9/0844 , H04L9/3234 , H04L9/3271 , H04L63/0869 , H04L2209/60 , H04N21/2265 , H04N21/25816 , H04N21/25875
摘要: Protecting a user against web spoofing in which the user confirms the authenticity of a web page prior to submitting sensitive information such as user credentials (e.g., a login name and password) via the web page. The web page provides the user with an identifiable piece of information representing a shared secret between the user and the server. The user confirms the correctness of the shared secret to ensure the legitimacy of the web page prior to disclosing any sensitive information via the web page.
摘要翻译: 保护用户免受Web欺骗,用户在通过网页提交敏感信息(例如登录名和密码)之前确认网页的真实性。 该网页向用户提供表示用户和服务器之间的共享密钥的可识别信息。 用户在通过网页披露任何敏感信息之前,确认共享秘密的正确性,以确保网页的合法性。
-
4.发明授权Combining a browser cache and cookies to improve the security of token-based authentication protocols 有权结合浏览器缓存和Cookie来提高基于令牌的身份验证协议的安全性公开(公告)号:US07240192B1
公开(公告)日:2007-07-03
申请号:US10388072
申请日:2003-03-12
申请人: Ismail Cem Paya , Trevin Chow
发明人: Ismail Cem Paya , Trevin Chow
IPC分类号: H04L29/00
CPC分类号: H04L63/0807 , H04L2463/102
摘要: Combining a browser cache and cookies to improve the security of token-based authentication protocols. A client stores a first portion of an authentication token as information (e.g., a cookie) in a first memory area. The client stores a second portion of the authentication token as server-inaccessible information (e.g., cached web content) in a second memory area. A server obtains the first and second portions from the client to recreate the authentication token to authenticate the client.
摘要翻译: 结合浏览器缓存和Cookie来提高基于令牌的身份验证协议的安全性。 客户端将认证令牌的第一部分作为信息(例如,cookie)存储在第一存储器区域中。 客户端将认证令牌的第二部分作为服务器不可访问的信息(例如,缓存的web内容)存储在第二存储器区域中。 服务器从客户端获取第一和第二部分,以重新创建认证令牌以验证客户端。
-
5.发明授权公开(公告)号:US07685631B1
公开(公告)日:2010-03-23
申请号:US10358814
申请日:2003-02-05
CPC分类号: H04L63/1483 , H04L9/0844 , H04L9/3234 , H04L9/3271 , H04L63/0869 , H04L2209/60 , H04N21/2265 , H04N21/25816 , H04N21/25875
摘要: Protecting a user against web spoofing in which the user confirms the authenticity of a web page prior to submitting sensitive information such as user credentials (e.g., a login name and password) via the web page. The web page provides the user with an identifiable piece of information representing a shared secret between the user and the server. The user confirms the correctness of the shared secret to ensure the legitimacy of the web page prior to disclosing any sensitive information via the web page.
摘要翻译: 保护用户免受Web欺骗,用户在通过网页提交敏感信息(例如登录名和密码)之前确认网页的真实性。 该网页向用户提供表示用户和服务器之间的共享密钥的可识别信息。 用户在通过网页披露任何敏感信息之前,确认共享秘密的正确性,以确保网页的合法性。
-
公开(公告)号:US08621592B2
公开(公告)日:2013-12-31
申请号:US13533470
申请日:2012-06-26
申请人: Josh D. Benaloh , Ismail Cem Paya
发明人: Josh D. Benaloh , Ismail Cem Paya
IPC分类号: H04L29/06
CPC分类号: H04L9/3236 , H04L9/3213 , H04L9/3226 , H04L63/0807
摘要: An authentication ticket is validated to ensure authenticated communications between a client and an online service provider. In an embodiment an authentication request is received from a user agent associated with the client and the authentication request includes a set of identification information and a set of authentication information. Additionally, it is determined that the set of identification information and the set of authentication information are associated with a user and an authentication ticket is created including a user identification and an authentication, indicating to the online service provider that the user is authenticated to access one or more online services. Further, a validation token is embedded into the authentication ticket that provides enhanced verification that the access provided by the online service provider is authenticated.
摘要翻译: 验证凭证被验证,以确保客户端和在线服务提供商之间的经过身份验证的通信。 在一个实施例中,从与客户端相关联的用户代理接收认证请求,并且认证请求包括一组标识信息和一组认证信息。 此外,确定该组识别信息和一组认证信息与用户相关联,并且创建包括用户标识和认证的认证券,向在线服务提供商指示用户被认证以访问一个 或更多的在线服务。 此外,验证令牌被嵌入到认证券中,该认证券提供增强的验证,即由在线服务提供商提供的访问被认证。
-
公开(公告)号:US08560861B1
公开(公告)日:2013-10-15
申请号:US12209855
申请日:2008-09-12
IPC分类号: H04K1/00
CPC分类号: H04L63/0807 , H04L63/166
摘要: A permission level associated with an associate's web access is identified. A relationship ticket is obtained from an authentication server and a request is generated to set the identified permission level. The request and the relationship ticket are sent to a Web server and a success code is received from the Web server if the requested permission level is established.
摘要翻译: 识别与联系人的Web访问相关联的权限级别。 从认证服务器获得关系证,并且生成请求以设置所识别的许可级别。 请求和关系票据发送到Web服务器,如果请求的权限级别建立,则从Web服务器接收到成功代码。
-
公开(公告)号:US08352749B2
公开(公告)日:2013-01-08
申请号:US13235375
申请日:2011-09-17
申请人: Rob von Behren , Jonathan Wall , Ismail Cem Paya
发明人: Rob von Behren , Jonathan Wall , Ismail Cem Paya
IPC分类号: H04L29/06
CPC分类号: G06Q20/3552 , G06Q20/3278 , G06Q20/35765 , G06Q20/3823 , G07F7/1008 , G07F7/1016
摘要: Systems, methods, computer programs, and devices are disclosed herein for deploying a local trusted service manager within a secure element of a contactless smart card device. The secure element is a component of a contactless smart card incorporated into a contactless smart card device. An asymmetric cryptography algorithm is used to generate public-private key pairs. The private keys are stored in the secure element and are accessible by a trusted service manager (TSM) software application or a control software application in the secure element. A non-TSM computer with access to the public key encrypts and then transmits encrypted application data or software applications to the secure element, where the TSM software application decrypts and installs the software application to the secure element for transaction purposes.
摘要翻译: 本文公开了系统,方法,计算机程序和设备,用于在非接触式智能卡设备的安全元件内部署本地可信服务管理器。 安全元件是结合到非接触式智能卡设备中的非接触式智能卡的组件。 使用非对称加密算法来生成公私密钥对。 私钥存储在安全元件中,并且可由可信服务管理器(TSM)软件应用程序或安全元件中的控制软件应用程序访问。 访问公共密钥的非TSM计算机加密然后将加密的应用数据或软件应用程序发送到安全元件,其中TSM软件应用程序解密并将软件应用程序安装到安全元件以用于交易目的。
-
公开(公告)号:US20120079585A1
公开(公告)日:2012-03-29
申请号:US13312573
申请日:2011-12-06
申请人: Kok Wai Chan , Colin Chow , Trevin M. Chow , Lin Huang , Ryan Hurst , Naresh Jain , Wei Jiang , Yordan I. Rouskov , Pui-Yin Winfred Wong , Ismail Cem Paya , Ryan Hurst
发明人: Kok Wai Chan , Colin Chow , Trevin M. Chow , Lin Huang , Ryan Hurst , Naresh Jain , Wei Jiang , Yordan I. Rouskov , Pui-Yin Winfred Wong , Ismail Cem Paya , Ryan Hurst
CPC分类号: H04L63/0823 , H04L9/3234 , H04L9/3265 , H04L63/0884 , H04L63/166 , H04L2209/56 , H04L2209/76 , H04L2209/80
摘要: Embodiments of proxy authentication and indirect certificate chaining are described herein. In an implementation, authentication for a client occurs via a proxy service. Proxy service communicates between client and server, and caches security tokens on behalf of the client. In an implementation, trustworthiness of certificate presented to a client to establish trust is determined utilizing a signed data package which incorporates a plurality of known certificates. The presented certificate is verified without utilizing root certificates installed on the client device.
摘要翻译: 本文描述了代理认证和间接证书链接的实施例。 在实现中,通过代理服务发生客户端的身份验证。 代理服务在客户端和服务器之间进行通信,代表客户端缓存安全令牌。 在实现中,使用包含多个已知证书的签名数据包来确定呈现给客户端以建立信任的证书的可信赖性。 在不使用客户端设备上安装的根证书的情况下验证所呈现的证书。
-
公开(公告)号:US07653944B2
公开(公告)日:2010-01-26
申请号:US11046996
申请日:2005-01-31
申请人: Kumar H. Chellapilla , Patrice Y. Simard , Shannon A. Kallin , Erren Dusan Lester , Ismail Cem Paya
发明人: Kumar H. Chellapilla , Patrice Y. Simard , Shannon A. Kallin , Erren Dusan Lester , Ismail Cem Paya
CPC分类号: G06T3/00 , G06F21/31 , G06F21/55 , G06Q10/107 , G06Q30/02
摘要: The subject invention provides a unique system and method that facilitates creating HIP challenges (HIPs) that can be readily segmented and solved by human users but that are too difficult for non-human users. More specifically, the system and method utilize a variety of unique alteration techniques that are segmentation-based. For example, the system and method employ thicker arcs or occlusions that do not intersect characters already placed in the HIP. The thickness of the arc can be measured or determined by the thickness of the characters in the HIP. In addition to increasing the thickness, the arcs can be lengthened because longer arcs tend to resemble pieces of characters and may be harder to erode. Usability maps can be generated and used to selectively place clutter or occlusions and to selectively warp characters or the character sequence to facilitate human recognition of the characters.
摘要翻译: 本发明提供了一种独特的系统和方法,其有助于创建可以容易地由人类用户分割和解决的HIP挑战(HIP),但是对于非人类用户来说太难了。 更具体地说,该系统和方法利用了基于分段的各种独特的改变技术。 例如,系统和方法采用较大的弧或闭合不与HIP中已经放置的字符相交。 电弧的厚度可以通过HIP中字符的厚度来测量或确定。 除了增加厚度之外,弧可以延长,因为较长的弧往往类似于一些字符,并且可能难以侵蚀。 可用性图可以被生成并用于选择性地放置杂乱或闭塞,并且选择性地扭曲字符或字符序列以促进人类对字符的识别。
-
-
-
-
-
-
-
-
-
搜索结果
33 条记录 (耗时 0.027 秒)
