-
1.发明授权Computer system having an authentication and/or authorization routing service and a CORBA-compliant interceptor for monitoring the same 失效具有认证和/或授权路由服务的计算机系统和用于监视它的CORBA兼容拦截器公开(公告)号:US07437732B1
公开(公告)日:2008-10-14
申请号:US11009469
申请日:2004-12-10
CPC分类号: H04L69/40 , H04L41/0233 , H04L43/00 , H04L63/08 , H04L63/1425 , H04L67/42
摘要: A CORBA-compliant computer network includes a registration server on which an AAR service resides, a registry database and an ORB which couples the registry server to the registry database. A CORBA-compliant interceptor residing on the ORB intercepts each message, generated by the AAR service, invoking the registry database and each message, generated by the registry database, responding to the invocation message generated by the service of the client server. The interceptor selects information useful in determining the cause of a failed usage of the service residing in the client server from each intercepted invocation and response messages, writes the selected information to a data store residing in the client server and then re-invokes the intercepted invocation and response messages. In the event of a network failure, the data written to the data store may be reviewed to obtain useful information regarding the network failure.
摘要翻译: 符合CORBA的计算机网络包括AAR服务所在的注册服务器,注册表数据库和将注册表服务器耦合到注册表数据库的ORB。 驻留在ORB上的CORBA兼容拦截器拦截由AAR服务生成的每个消息,调用由注册表数据库生成的注册表数据库和每个消息,响应由客户端服务器的服务生成的调用消息。 拦截器选择有用的信息,用于确定从每个拦截的调用和响应消息中驻留在客户端服务器中的服务的失效使用的原因,将选定的信息写入驻留在客户端服务器中的数据存储,然后重新调用拦截的调用 和响应消息。 在发生网络故障的情况下,可能会审查写入数据存储区的数据,以获取有关网络故障的有用信息。
-
2.发明授权Computer system having an authentication and/or authorization routing service and a CORBA-compliant interceptor for monitoring the same 失效具有认证和/或授权路由服务的计算机系统和用于监视它的CORBA兼容拦截器公开(公告)号:US06839708B1
公开(公告)日:2005-01-04
申请号:US10083430
申请日:2002-02-26
CPC分类号: H04L69/40 , H04L41/0233 , H04L43/00 , H04L63/08 , H04L63/1425 , H04L67/42
摘要: A CORBA-compliant computer network includes a registration server on which an AAR service resides, a registry database and an ORB which couples the registry server to the registry database. A CORBA-compliant interceptor residing on the ORB intercepts each message, generated by the AAR service, invoking the registry database and each message, generated by the registry database, responding to the invocation message generated by the service of the client server. The interceptor selects information useful in determining the cause of a failed usage of the service residing in the client server from each intercepted invocation and response messages, writes the selected information to a data store residing in the client server and then re-invokes the intercepted invocation and response messages. In the event of a network failure, the data written to the data store may be reviewed to obtain useful information regarding the network failure.
摘要翻译: 符合CORBA的计算机网络包括AAR服务所在的注册服务器,注册表数据库和将注册表服务器耦合到注册表数据库的ORB。 驻留在ORB上的CORBA兼容拦截器拦截由AAR服务生成的每个消息,调用由注册表数据库生成的注册表数据库和每个消息,响应由客户端服务器的服务生成的调用消息。 拦截器选择有用的信息,用于确定从每个拦截的调用和响应消息中驻留在客户端服务器中的服务的失效使用的原因,将选定的信息写入驻留在客户端服务器中的数据存储,然后重新调用拦截的调用 和响应消息。 在发生网络故障的情况下,可能会审查写入数据存储区的数据,以获取有关网络故障的有用信息。
-
公开(公告)号:US07263717B1
公开(公告)日:2007-08-28
申请号:US10738244
申请日:2003-12-17
CPC分类号: H04L63/08 , H04L63/102 , Y10S707/99939
摘要: A system and method for bridging requests for access to resources between requestors in a distributed network and an authenticator servicing the distributed network is provided. The bridging mechanism has security features including a naming service for machine authentication and machine process rules to authorize what process machines can perform. The security proxy bridge intercepts an access request, and checks the IP address for machine authentication as well as the machine process rules and if both verifications are successful, the bridge then forwards the request for access to the authenticator. The security proxy framework utilizes a data structure that provides a method for storing selected security information stored as data records supporting an authentication and authorization system for users to access resources on multiple components of a distributed network supporting multiple business units of an enterprise. Primary authentication information stored herein includes general user information, security, and contact information.
摘要翻译: 提供了一种用于桥接在分布式网络中的请求者之间访问资源的请求的系统和方法以及服务于分布式网络的认证器。 桥接机制具有安全功能,包括机器认证的命名服务和机器过程规则,以授权什么过程机器可以执行。 安全代理网桥拦截访问请求,并检查机器认证的IP地址以及机器进程规则,并且如果两个验证都成功,则桥接器将转发请求以访问验证方。 安全代理框架利用提供一种存储选择的安全信息的方法的数据结构,该安全信息被存储为支持认证和授权系统的数据记录,用于访问支持企业多个业务单元的分布式网络的多个组件上的资源。 此处存储的主验证信息包括一般用户信息,安全性和联系人信息。
-
公开(公告)号:US07827615B1
公开(公告)日:2010-11-02
申请号:US11626087
申请日:2007-01-23
申请人: Mouaz Allababidi , Balagurunathan Balasubramanian , Bharath N. Kuruvalli , Lih-Jong Ma , Paul L. Taylor
发明人: Mouaz Allababidi , Balagurunathan Balasubramanian , Bharath N. Kuruvalli , Lih-Jong Ma , Paul L. Taylor
CPC分类号: G06F21/6218 , G06Q10/10
摘要: A method for access control is provided. A request is received from an administrator to modify a user role for a user. Whether the user is in a user group that belongs exclusively to the administrator is determined. Whether the administrator role permits the request is determined in response to a determination that the user is in the user group. The user role is modified based on the request in response to a determination that the administrator role permits the request, wherein the user accesses a resource based on the user role.
摘要翻译: 提供了一种用于访问控制的方法。 从管理员接收到修改用户角色的请求。 确定用户是否在专属于管理员的用户组中。 响应于用户在用户组中的确定来确定管理员角色是否允许请求。 响应于确定管理员角色允许请求,基于请求修改用户角色,其中用户基于用户角色访问资源。
-
公开(公告)号:US07496954B1
公开(公告)日:2009-02-24
申请号:US10994997
申请日:2004-11-22
申请人: Rudi Himawan , Bharath N. Kuruvalli
发明人: Rudi Himawan , Bharath N. Kuruvalli
IPC分类号: G06F7/04
CPC分类号: H04L63/0815 , G06F21/41
摘要: A system for single sign-on to a plurality of computing applications is provided. The system includes a plurality of enterprise applications, a policy server, and an authentication data store maintaining authentication information for the enterprise applications. The system also includes internal and external user authorization data stores that maintain user authorization information for the enterprise applications. A synchronization component synchronizes to a consolidated data store information from the internal and external authorization data stores and eliminates duplicate user information. To access a first enterprise application, the user's information is authenticated against the authentication data store and authorized against the consolidated authorization data store. To access a second enterprise application, the user is not required to sign on again since the previously entered user information is used to authenticate the user, and the consolidated data store is automatically checked to determine the user's authorization level for the second enterprise application.
摘要翻译: 提供了一种用于单个登录到多个计算应用的系统。 该系统包括多个企业应用程序,策略服务器和维护企业应用程序的认证信息的认证数据存储。 该系统还包括内部和外部用户授权数据存储,用于维护企业应用程序的用户授权信息。 同步组件与来自内部和外部授权数据存储的综合数据存储信息同步,并消除重复的用户信息。 要访问第一个企业应用程序,用户的信息将针对认证数据存储进行身份验证,并针对合并授权数据存储进行授权。 要访问第二个企业应用程序,用户不需要再次登录,因为先前输入的用户信息用于对用户进行身份验证,并且自动检查合并数据存储以确定用户对第二个企业应用程序的授权级别。
-
公开(公告)号:US08006298B1
公开(公告)日:2011-08-23
申请号:US11484420
申请日:2006-07-11
CPC分类号: G06F21/31
摘要: A computer implemented method is provided for detecting potential fraud or unauthorized activity when resetting an application password in an application in which a computer system including a call center dashboard system and a fraud detection interface. The method includes the steps of initiating the resetting of a user's application password for an application. The method further includes the steps of determining when an application ID is duplicated in the call center dashboard data store for the application and preparing an error report when the application ID is duplicated in the data store. The method also includes the steps of submitting a reset password for the application using the password criteria of the application. The method further includes the steps of storing the reset password in the user profile of the user when the application ID is not duplicated and the password conforms to the password criteria.
摘要翻译: 提供了一种计算机实现的方法,用于在包括呼叫中心仪表板系统和欺诈检测接口的计算机系统的应用中重置应用密码时检测潜在的欺诈或非授权活动。 该方法包括启动对应用程序的用户应用密码的重置的步骤。 该方法还包括以下步骤:确定应用程序ID何时在应用程序的呼叫中心仪表盘数据存储中复制,并在应用程序ID复制在数据存储器中时准备错误报告。 该方法还包括使用应用程序的密码标准提交应用程序的重置密码的步骤。 该方法还包括以下步骤:当应用程序ID不被复制并且密码符合密码标准时,将重置密码存储在用户的用户简档中。
-
公开(公告)号:US07636852B1
公开(公告)日:2009-12-22
申请号:US10960535
申请日:2004-10-07
申请人: Balagurunathan Balasubramanian , Rudi Himawan , Hemanth Jayaraman , Bharath N. Kuruvalli , Stephen L. Marshall
发明人: Balagurunathan Balasubramanian , Rudi Himawan , Hemanth Jayaraman , Bharath N. Kuruvalli , Stephen L. Marshall
IPC分类号: G06F21/00
CPC分类号: G06F21/41 , G06F2221/2115
摘要: A password management system is provided. The password management system includes a plurality of enterprise applications accessible by local and remote desktop computers by providing single sign-on security information. Each of the plurality of enterprise applications require separate login information which is stored in a secure back-end system along with the single sign-on security information. Scripts located, for example, on remotely accessible servers and/or on the local desktop computer, allow a user to logon with a single sign-on and have access to the plurality of enterprise applications. The script uses the single sign-on security information, and perhaps other information, to authenticate the user and access the login information for each of the enterprise applications. The script is further operable to automatically interface with the enterprise applications through user input windows, such as by scripting login information automatically into the enterprise application login windows.
摘要翻译: 提供密码管理系统。 密码管理系统包括通过提供单一登录安全信息的本地和远程桌面计算机可访问的多个企业应用程序。 多个企业应用程序中的每一个都需要独立的登录信息,该登录信息与单一登录安全信息一起存储在安全的后端系统中。 例如,位于远程可访问的服务器和/或本地台式计算机上的脚本允许用户通过单一登录登录并访问多个企业应用程序。 脚本使用单点登录安全信息,也可以使用其他信息来验证用户,并访问每个企业应用程序的登录信息。 该脚本还可以通过用户输入窗口自动与企业应用程序进行接口,例如通过将登录信息自动登录到企业应用程序登录窗口中。
-
-
-
-
-
-
搜索结果
7 条记录 (耗时 0.024 秒)
