利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

13 条记录 (耗时 0.02 秒)

    Establishment of security context
    1.
    发明申请
    Establishment of security context 有权

    公开(公告)号:US20060015728A1

    公开(公告)日:2006-01-19

    申请号:US10892046

    申请日:2004-07-14

    申请人: Keith Ballinger HongMei Ge Hervey Wilson Vick Mukherjee

    发明人: Keith Ballinger HongMei Ge Hervey Wilson Vick Mukherjee

    IPC分类号: H04L9/00 G06F17/00 H04K1/00

    CPC分类号: H04L63/0428 H04L63/08 H04L63/20

    摘要: The present invention provides for maintaining security context during a communication session between applications, without having to have executable code in either application for obtaining or generating a security context token (SCT) used to secure the communication. On a service side, a configuration file is provided that can be configured to indicate that automatic issuance of a SCT is enabled, thereby allowing a Web service engine to generate the SCT upon request. On the client side, when a message is sent from the client application to the service application, a policy engine accesses a policy that includes assertions indicating that a SCT is required for messages destined for the Web service application. As such, the policy engine requests and receives the SCT, which it uses to secure the message.

    Role-based authorization of network services using diversified security tokens
    2.
    发明申请
    Role-based authorization of network services using diversified security tokens 有权
    基于角色的网络服务授权使用多样化的安全令牌

    公开(公告)号:US20060015933A1

    公开(公告)日:2006-01-19

    申请号:US10891884

    申请日:2004-07-14

    申请人: Keith Ballinger HongMei Ge Hervey Wilson Vick Mukherjee

    发明人: Keith Ballinger HongMei Ge Hervey Wilson Vick Mukherjee

    IPC分类号: H04L9/32

    CPC分类号: H04L63/0823 G06F21/335 H04L63/105

    摘要: A mechanism for performing role-based authorization of the one or more services using security tokens associated with received service request messages. This role-based authentication is performed regardless of the type of security token associated with the received service request messages. Upon receiving a service request message over the network for a particular service offered by the service providing computing system, the service providing computing system accesses a security token associated with the received service request message. Then, the computing system identifies one or more roles that include the identity associated with the security token, and correlates the roles with the security token. These correlated roles are then used to authorize the requested service. This mechanism is performed regardless of the type of the security token.

    摘要翻译: 用于使用与所接收的服务请求消息相关联的安全令牌来执行所述一个或多个服务的基于角色的授权的机制。 无论与接收到的服务请求消息相关联的安全令牌的类型如何,都会执行此基于角色的身份验证。 在由服务提供计算系统提供的特定服务通过网络接收到服务请求消息时,服务提供计算系统访问与所接收的服务请求消息相关联的安全令牌。 然后,计算系统识别包括与安全令牌相关联的身份的一个或多个角色,并且将角色与安全令牌相关联。 然后将这些相关角色用于授权所请求的服务。 无论安全令牌的类型如何,都会执行此机制。

    Extendible security token management architecture and secure message handling methods
    3.
    发明申请
    Extendible security token management architecture and secure message handling methods 有权
    可扩展安全令牌管理架构和安全消息处理方法

    公开(公告)号:US20060015932A1

    公开(公告)日:2006-01-19

    申请号:US10891926

    申请日:2004-07-14

    申请人: Keith Ballinger HongMei Ge Hervey Wilson Vick Mukherjee

    发明人: Keith Ballinger HongMei Ge Hervey Wilson Vick Mukherjee

    IPC分类号: H04L9/32

    CPC分类号: H04L63/0823 H04L63/104 H04L63/126 H04L67/02

    摘要: A message handling computing system that provides security across even transport-independent communication mechanisms, and which allows for convenient extension of security to different security token types, and may provide end-to-end security across different transport protocols. The message handling computing system includes a message handling component configured to send and receive network messages having security tokens. The message handling component interfaces with an expandable and contractible set of security token managers through a standardized application program interface. Each security manager is capable of providing security services for messages that correspond to security tokens of a particular type. A security token plug-in component registers new security token managers with the message handling component.

    摘要翻译: 一种消息处理计算系统,其提供跨传输独立通信机制的安全性,并且允许将安全性方便地扩展到不同的安全令牌类型,并且可以在不同的传输协议之间提供端到端的安全性。 消息处理计算系统包括被配置为发送和接收具有安全令牌的网络消息的消息处理组件。 消息处理组件通过标准化应用程序接口与可扩展和可收缩的安全令牌管理器集接口。 每个安全管理器能够为与特定类型的安全令牌相对应的消息提供安全服务。 安全令牌插件组件使用消息处理组件注册新的安全令牌管理器。

    Custom routing of object requests
    4.
    发明申请
    Custom routing of object requests 审中-公开
    对象请求的自定义路由

    公开(公告)号:US20050053050A1

    公开(公告)日:2005-03-10

    申请号:US10645279

    申请日:2003-08-20

    申请人: Keith Ballinger HongMei Ge Hervey Wilson Vick Mukherjee

    发明人: Keith Ballinger HongMei Ge Hervey Wilson Vick Mukherjee

    IPC分类号: H04L12/56 G06F15/173

    CPC分类号: H04L45/00 H04L45/34

    摘要: A sending computer system relays a message or a processing request through one or more configurable routers prior to the message or request reaching an ultimate destination. A client at the sending computer system can indicate a routing preference for the message or request, and a module can supplement or override the routing preference by adding or deleting a router from a router list contained within the message or request. This change can be done based on router data, as well as based on content within the message. One or more intermediate routers along the routing path can perform a similar function as the module. The ultimate destination, or receiving computer system, verifies that it is the appropriate recipient of the message or request, and then accepts the data associated with the message or request. This has application to many types of messaging systems, including simple object access protocols.

    摘要翻译: 发送计算机系统在消息或请求到达最终目的地之前通过一个或多个可配置路由器中继消息或处理请求。 发送计算机系统中的客户端可以指示消息或请求的路由选择,并且模块可以通过从包含在消息或请求中的路由器列表添加或删除路由器来补充或覆盖路由选择。 此更改可以基于路由器数据,以及基于消息内的内容来完成。 沿着路由路径的一个或多个中间路由器可以执行与该模块类似的功能。 最终目的地或接收计算机系统验证它是消息或请求的适当接收者,然后接受与该消息或请求相关联的数据。 这可以应用于许多类型的消息系统,包括简单的对象访问协议。

    Custom security tokens
    5.
    发明申请
    Custom security tokens 有权
    自定义安全令牌

    公开(公告)号:US20050044398A1

    公开(公告)日:2005-02-24

    申请号:US10645375

    申请日:2003-08-20

    申请人: Keith Ballinger HongMei Ge Hervey Wilson Vick Mukherjee

    发明人: Keith Ballinger HongMei Ge Hervey Wilson Vick Mukherjee

    IPC分类号: G06F21/00 H04L9/32 G06F11/30 H04L9/00

    CPC分类号: G06F21/6209 H04L9/3234 H04L9/3247 H04L2209/60 H04L2209/68 H04L2209/80

    摘要: A sending computer system generates a message and creates one or more security tokens to encrypt portions of the message. The computer system includes in the message a markup language identifier for the one or more security tokens used for encryption, and includes identification of the value type used to create the tokens. The computer system then serializes at least the portion of the message that identifies the one or more security tokens, without serializing other portions of the message that aid relaying of the message to a receiving computer system. A receiving computer system deserializes at least the portion of the message that identifies the one or more security tokens, and then uses deserialized token data to decrypt encrypted portions of the message. Each created security token can be made with customized data and fields, and can be made with a customized value type.

    摘要翻译: 发送计算机系统生成消息并创建一个或多个安全令牌来加密消息的部分。 计算机系统在消息中包括用于加密的一个或多个安全令牌的标记语言标识符,并且包括用于创建令牌的值类型的标识。 然后,计算机系统至少串行标识一个或多个安全令牌的消息的部分,而不串行化消息的其他部分,该消息有助于将消息中继到接收计算机系统。 接收计算机系统反序列化标识一个或多个安全令牌的消息的至少部分,然后使用反序列化令牌数据来解密消息的加密部分。 每个创建的安全令牌都可以使用自定义的数据和字段进行创建,并且可以使用自定义的值类型。

    Custom security tokens
    6.
    发明授权
    Custom security tokens 有权
    自定义安全令牌

    公开(公告)号:US07533264B2

    公开(公告)日:2009-05-12

    申请号:US10645375

    申请日:2003-08-20

    申请人: Keith Ballinger HongMei Ge Hervey Oliver Wilson Vick Bhaskar Mukherjee

    发明人: Keith Ballinger HongMei Ge Hervey Oliver Wilson Vick Bhaskar Mukherjee

    IPC分类号: G06F21/00

    CPC分类号: G06F21/6209 H04L9/3234 H04L9/3247 H04L2209/60 H04L2209/68 H04L2209/80

    摘要: A sending computer system generates a message and creates one or more security tokens to encrypt portions of the message. The computer system includes in the message a markup language identifier for the one or more security tokens used for encryption, and includes identification of the value type used to create the tokens. The computer system then serializes at least the portion of the message that identifies the one or more security tokens, without serializing other portions of the message that aid relaying of the message to a receiving computer system. A receiving computer system deserializes at least the portion of the message that identifies the one or more security tokens, and then uses deserialized token data to decrypt encrypted portions of the message. Each created security token can be made with customized data and fields, and can be made with a customized value type.

    摘要翻译: 发送计算机系统生成消息并创建一个或多个安全令牌来加密消息的部分。 计算机系统在消息中包括用于加密的一个或多个安全令牌的标记语言标识符,并且包括用于创建令牌的值类型的标识。 然后,计算机系统至少串行标识一个或多个安全令牌的消息的部分,而不串行化消息的其他部分,该消息有助于将消息中继到接收计算机系统。 接收计算机系统反序列化标识一个或多个安全令牌的消息的至少部分,然后使用反序列化令牌数据来解密消息的加密部分。 每个创建的安全令牌都可以使用自定义的数据和字段进行创建,并且可以使用自定义的值类型。

    Web API framework
    8.
    发明授权
    Web API framework 有权
    Web API框架

    公开(公告)号:US08918452B2

    公开(公告)日:2014-12-23

    申请号:US13247700

    申请日:2011-09-28

    申请人: Henrik Frystyk Nielsen Glenn Block Randall Tombaugh Ronald A. Cain HongMei Ge Alexander Corradini

    发明人: Henrik Frystyk Nielsen Glenn Block Randall Tombaugh Ronald A. Cain HongMei Ge Alexander Corradini

    IPC分类号: G06F15/16 G06F9/54 H04L29/08

    CPC分类号: H04L67/02 G06F9/546

    摘要: Embodiments allow developers to use HTTP message abstractions inline within their Web API methods to directly access and manipulate HTTP request and response messages. A hosting layer is provided for in-process, in-memory and network-based services. Message handlers and operational handlers may be combined to create a message channel for asynchronous manipulations of the HTTP requests and response. A formatter may be used on the server or client for consuming HTTP and providing desired media types.

    摘要翻译: 实施例允许开发人员在其Web API方法内部使用HTTP消息抽象来直接访问和操纵HTTP请求和响应消息。 为进程内,内存和基于网络的服务提供托管层。 消息处理程序和操作处理程序可以组合以创建用于异步操纵HTTP请求和响应的消息通道。 可以在服务器或客户端上使用格式化程序来消费HTTP并提供所需的媒体类型。

    Establishment of security context
    9.
    发明授权
    Establishment of security context 有权
    建立安全环境

    公开(公告)号:US07533265B2

    公开(公告)日:2009-05-12

    申请号:US10892046

    申请日:2004-07-14

    申请人: Keith W. Ballinger HongMei Ge Hervey O. Wilson Vick B. Mukherjee

    发明人: Keith W. Ballinger HongMei Ge Hervey O. Wilson Vick B. Mukherjee

    IPC分类号: G06F21/00

    CPC分类号: H04L63/0428 H04L63/08 H04L63/20

    摘要: The present invention provides for maintaining security context during a communication session between applications, without having to have executable code in either application for obtaining or generating a security context token (SCT) used to secure the communication. On a service side, a configuration file is provided that can be configured to indicate that automatic issuance of a SCT is enabled, thereby allowing a Web service engine to generate the SCT upon request. On the client side, when a message is sent from the client application to the service application, a policy engine accesses a policy that includes assertions indicating that a SCT is required for messages destined for the Web service application. As such, the policy engine requests and receives the SCT, which it uses to secure the message.

    摘要翻译: 本发明提供在应用之间的通信会话期间维护安全上下文,而不必在任一应用中具有用于获得或生成用于保护通信的安全上下文令牌(SCT)的可执行代码。 在服务端,提供可配置为指示启用SCT的自动发布的配置文件,从而允许Web服务引擎根据请求生成SCT。 在客户端,当从客户端应用程序发送消息到服务应用程序时,策略引擎将访问包含断言的策略,该断言指示为发往Web服务应用程序的消息需要SCT。 因此,策略引擎请求并接收它用于保护消息的SCT。