利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

26 条记录 (耗时 0.017 秒)

    Federated mobile authentication using a network operator infrastructure
    1.
    发明授权
    Federated mobile authentication using a network operator infrastructure 有权
    联合移动认证使用网络运营商基础设施

    公开(公告)号:US08881247B2

    公开(公告)日:2014-11-04

    申请号:US12889412

    申请日:2010-09-24

    申请人: Meir Mendelovich John Neystadt Khaja E. Ahmed

    发明人: Meir Mendelovich John Neystadt Khaja E. Ahmed

    IPC分类号: G06F15/16 G06F11/30 H04L9/32 H04W12/06 H04L29/06 H04W88/02

    CPC分类号: H04L9/3213 H04L63/0807 H04L2209/80 H04W12/06 H04W88/02

    摘要: Architecture that utilizes the strong authentication mechanisms of network operators to provide authentication to mobile applications by identity federation. When a mobile client initiates request for access to an application outside the network operation infrastructure, the request is passed to an associated application secure token service. The application secure token service has an established trust and identity federation with the network operator. The application secure token service redirects the request to a network operator security token server, which then passes the request to a network operator authentication server for authentication against an operator identity service. Proof of authentication is then issued and returned from the network operator security token server to the application secure token service and the application, which allows the mobile client to access the application.

    摘要翻译: 利用网络运营商的强认证机制的体系结构,通过身份联合为移动应用提供身份认证。 当移动客户端启动对网络操作基础架构之外的应用的访问请求时,该请求被传递到相关联的应用安全令牌服务。 应用安全令牌服务与网络运营商建立了建立的信任和身份联合。 应用安全令牌服务将请求重定向到网络运营商安全令牌服务器,该服务器然后将该请求传递给网络运营商认证服务器,以针对运营商身份服务进行身份验证。 然后从网络运营商安全令牌服务器发出认证证明,并向应用安全令牌服务和应用程序返回,允许移动客户端访问应用程序。

    FEDERATED MOBILE AUTHENTICATION USING A NETWORK OPERATOR INFRASTRUCTURE
    2.
    发明申请
    FEDERATED MOBILE AUTHENTICATION USING A NETWORK OPERATOR INFRASTRUCTURE 有权
    使用网络操作员基础设施的联合移动认证

    公开(公告)号:US20120079569A1

    公开(公告)日:2012-03-29

    申请号:US12889412

    申请日:2010-09-24

    申请人: Meir Mendelovich John Neystadt Khaja E. Ahmed

    发明人: Meir Mendelovich John Neystadt Khaja E. Ahmed

    IPC分类号: H04L9/32

    CPC分类号: H04L9/3213 H04L63/0807 H04L2209/80 H04W12/06 H04W88/02

    摘要: Architecture that utilizes the strong authentication mechanisms of network operators to provide authentication to mobile applications by identity federation. When a mobile client initiates request for access to an application outside the network operation infrastructure, the request is passed to an associated application secure token service. The application secure token service has an established trust and identity federation with the network operator. The application secure token service redirects the request to a network operator security token server, which then passes the request to a network operator authentication server for authentication against an operator identity service. Proof of authentication is then issued and returned from the network operator security token server to the application secure token service and the application, which allows the mobile client to access the application.

    摘要翻译: 利用网络运营商的强认证机制的体系结构,通过身份联合为移动应用提供身份认证。 当移动客户端启动对网络操作基础架构之外的应用的访问请求时,该请求被传递到相关联的应用安全令牌服务。 应用安全令牌服务与网络运营商建立了建立的信任和身份联合。 应用安全令牌服务将请求重定向到网络运营商安全令牌服务器,该服务器然后将该请求传递给网络运营商认证服务器,以针对运营商身份服务进行身份验证。 然后从网络运营商安全令牌服务器发出认证证明,并向应用安全令牌服务和应用程序返回,允许移动客户端访问应用程序。

    TRUSTWORTHY DEVICE CLAIMS AS A SERVICE
    3.
    发明申请
    TRUSTWORTHY DEVICE CLAIMS AS A SERVICE 有权
    作为服务的TRUSTWORTHY设备索赔

    公开(公告)号:US20120084851A1

    公开(公告)日:2012-04-05

    申请号:US13015180

    申请日:2011-01-27

    申请人: Eugene (John) Neystadt Daniel Alon Yair Tor Mark Novak Khaja E. Ahmed Yoav Yassour

    发明人: Eugene (John) Neystadt Daniel Alon Yair Tor Mark Novak Khaja E. Ahmed Yoav Yassour

    IPC分类号: G06F7/04

    CPC分类号: G06F21/335 G06F21/57 G06F2221/2129 H04L63/0807 H04L63/0876 H04L63/10 H04L63/1433

    摘要: Embodiments of the invention make the issuance of trustworthy device claims available to client devices as a service, so that a client device to which device claims are issues may use the device claims in relation to an attempt to access a network application. The service may conduct an assessment of the device's characteristics and/or state, characterize the results of this assessment in device claims, and issue the device claims to the device. The service may be accessible to a client device from outside administrative boundaries of an entity that makes a network application accessible, and thus may be useful to entities making network applications accessible in business-to-consumer (B2C) and business-to-business (B2B) topologies, such as over the publicly accessible Internet.

    摘要翻译: 本发明的实施例使可信赖的设备权利要求的发布作为服务可用于客户端设备,使得设备要求的客户端设备是问题,可以使用与访问网络应用的尝试有关的设备权利要求。 该服务可以对设备的特性和/或状态进行评估,表征设备权利要求中的该评估的结果,并向设备发出设备声明。 客户端设备可以从实现网络应用的实体的外部管理边界访问该服务,因此对于使企业对消费者(B2C)和企业对企业(B2C)可访问的网络应用的实体可能是有用的 B2B)拓扑,例如通过可公开访问的互联网。

    Trustworthy device claims as a service
    4.
    发明授权
    Trustworthy device claims as a service 有权
    值得信赖的设备声称为服务

    公开(公告)号:US09111079B2

    公开(公告)日:2015-08-18

    申请号:US13015180

    申请日:2011-01-27

    申请人: Eugene (John) Neystadt Daniel Alon Yair Tor Mark Novak Khaja E. Ahmed Yoav Yassour

    发明人: Eugene (John) Neystadt Daniel Alon Yair Tor Mark Novak Khaja E. Ahmed Yoav Yassour

    IPC分类号: G06F7/04 G06F21/33 G06F21/57 H04L29/06

    CPC分类号: G06F21/335 G06F21/57 G06F2221/2129 H04L63/0807 H04L63/0876 H04L63/10 H04L63/1433

    摘要: Embodiments of the invention make the issuance of trustworthy device claims available to client devices as a service, so that a client device to which device claims are issued may use the device claims in relation to an attempt to access a network application. The service may conduct an assessment of the device's characteristics and/or state, characterize the results of this assessment in device claims, and issue the device claims to the device. The service may be accessible to a client device from outside administrative boundaries of an entity that makes a network application accessible, and thus may be useful to entities making network applications accessible in business-to-consumer (B2C) and business-to-business (B2B) topologies, such as over the publicly accessible Internet.

    摘要翻译: 本发明的实施例使可信赖的设备权利要求的发布可用作客户端设备作为服务,从而发布设备权利要求的客户端设备可以相对于访问网络应用的尝试使用设备权利要求。 该服务可以对设备的特性和/或状态进行评估,表征设备权利要求中的该评估的结果,并向设备发出设备声明。 客户端设备可以从实现网络应用的实体的外部管理边界访问该服务,因此对于使企业对消费者(B2C)和企业对企业(B2C)可访问的网络应用的实体可能是有用的 B2B)拓扑,例如通过可公开访问的互联网。

    CONTENT IDENTIFICATION FOR PEER-TO-PEER CONTENT RETRIEVAL
    5.
    发明申请
    CONTENT IDENTIFICATION FOR PEER-TO-PEER CONTENT RETRIEVAL 有权
    用于同侪内容检索的内容标识

    公开(公告)号:US20110295948A1

    公开(公告)日:2011-12-01

    申请号:US13207925

    申请日:2011-08-11

    申请人: Ravi T. Rao Khaja E. Ahmed R. Scott Briggs Scott A. Plant

    发明人: Ravi T. Rao Khaja E. Ahmed R. Scott Briggs Scott A. Plant

    IPC分类号: G06F15/16

    CPC分类号: H04L9/3236 H04L2209/30 H04L2209/60

    摘要: Described is a technology in which client content requests to a server over a wide area network (WAN) are responded to with hash information by which the client may locate the content among one or more peer sources coupled to the client via a local area network (LAN). The hash information may be in the form of a segment hash that identifies multiple blocks of content, whereby the server can reference multiple content blocks with a single hash value. Segment boundaries may be adaptive by determining them according to criteria, by dividing streamed content into segments, and/or by processing the content based on the content data (e.g., via RDC or content/application type) to determine split points. Also described is content validation using the hash information, including by generating and walking a Merkle tree to determine higher-level segment hashes in order to match a server-provided hash value.

    摘要翻译: 描述了一种技术,其中客户端内容通过广域网(WAN)向服务器请求的哈希信息被响​​应,客户端可以通过该信息来定位经由局域网耦合到客户端的一个或多个对等端点中的内容( LAN)。 哈希信息可以是标识多个内容块的段哈希形式,由此服务器可以引用具有单个散列值的多个内容块。 通过根据标准来确定它们,通过将流内容分成段,和/或通过基于内容数据(例如,经由RDC或内容/应用程序类型)处理内容来确定分割点,来分段边界可以是自适应的。 还描述了使用散列信息的内容验证,包括通过生成和行走Merkle树来确定较高级别的段哈希,以便匹配服务器提供的哈希值。

    Authentication broker service
    6.
    发明授权
    Authentication broker service 有权
    验证代理服务

    公开(公告)号:US07607008B2

    公开(公告)日:2009-10-20

    申请号:US10817154

    申请日:2004-04-01

    申请人: John Hal Howard Daniel Salvatore Schiappa Khaja E. Ahmed Kyle S. Young

    发明人: John Hal Howard Daniel Salvatore Schiappa Khaja E. Ahmed Kyle S. Young

    IPC分类号: H04L29/00

    CPC分类号: H04L63/0807 G06F21/31 G06F2221/2115 H04L63/0884

    摘要: A user is authenticated for a relying computing entity (e.g., an enterprise) through an authentication broker service, wherein a trust relationship exists between the relying computing entity and the authentication broker service. The authentication broker service has a trust relationship with the relying computing entity and the authentication service that issued the identity of the user. The relying computing entity asks the authentication broker service to authenticate the identity of the user. The authentication broker service captures the user's credential (or directs the authentication service to do so) and sends an authentication response (e.g., a token) to the relying computing entity in order to authenticate the identity of the user to the relying computing entity. The relying computing entity verifies the authentication response based on the trust relationship between the relying computing entity and the authentication broker service.

    摘要翻译: 用户通过认证代理服务为依赖计算实体(例如,企业)进行认证,其中在依赖计算实体和认证代理服务之间存在信任关系。 认证代理服务与依赖计算实体和颁发用户身份的认证服务具有信任关系。 依赖计算实体请求认证代理服务验证用户的身份。 认证代理服务捕获用户的凭证(或指示认证服务来执行),并将认证响应(例如,令牌)发送到依赖计算实体,以便向依赖计算实体认证用户的身份。 依赖计算实体根据依赖计算实体和认证代理服务之间的信任关系来验证认证响应。

    Trusted intermediary for network data processing
    7.
    发明申请
    Trusted intermediary for network data processing 有权
    用于网络数据处理的可信中介

    公开(公告)号:US20080052509A1

    公开(公告)日:2008-02-28

    申请号:US11509476

    申请日:2006-08-24

    申请人: Khaja E. Ahmed

    发明人: Khaja E. Ahmed

    IPC分类号: H04L9/00

    CPC分类号: H04L63/02 H04L63/0428

    摘要: A networked computer system in which a trusted intermediary device is allowed access to packets transmitted through a secured connection. An endpoint to a secured connection identifies a trusted intermediary device, such as by certificate provided by the intermediary device or by using identification information provided by a trusted server. The endpoint shares with the trusted intermediary device connection information that enables the intermediary device to access packets transmitted through the secured connection. Using the connection information, the intermediary device may modify authenticated packets, such as to perform network address translation, without disrupting the underlying secured connection. Similarly, the intermediary device may use the security information to read encrypted information and perform functions such as network traffic monitoring or filtering of unwanted network traffic.

    摘要翻译: 一种网络计算机系统,其中允许信任的中间设备访问通过安全连接传输的分组。 安全连接的端点标识可信赖的中间设备,例如由中介设备提供的证书或通过使用由可信服务器提供的标识信息。 端点与信任的中间设备连接信息共享,使得中间设备能够访问通过安全连接传输的分组。 使用连接信息,中间设备可以修改认证的分组,例如执行网络地址转换,而不会中断基础的安全连接。 类似地,中间设备可以使用安全信息来读取加密信息并执行诸如网络流量监控或不需要的网络业务的过滤的功能。

    Trusted intermediary for network data processing
    10.
    发明授权
    Trusted intermediary for network data processing 有权
    用于网络数据处理的可信中介

    公开(公告)号:US08543808B2

    公开(公告)日:2013-09-24

    申请号:US11509476

    申请日:2006-08-24

    申请人: Khaja E. Ahmed

    发明人: Khaja E. Ahmed

    IPC分类号: H04L29/06 H04L9/08 G06F11/30

    CPC分类号: H04L63/02 H04L63/0428

    摘要: A networked computer system in which a trusted intermediary device is allowed access to packets transmitted through a secured connection. An endpoint to a secured connection identifies a trusted intermediary device, such as by certificate provided by the intermediary device or by using identification information provided by a trusted server. The endpoint shares with the trusted intermediary device connection information that enables the intermediary device to access packets transmitted through the secured connection. Using the connection information, the intermediary device may modify authenticated packets, such as to perform network address translation, without disrupting the underlying secured connection. Similarly, the intermediary device may use the security information to read encrypted information and perform functions such as network traffic monitoring or filtering of unwanted network traffic.

    摘要翻译: 一种网络计算机系统,其中允许信任的中间设备访问通过安全连接传输的分组。 安全连接的端点标识可信赖的中间设备,例如由中介设备提供的证书或通过使用由可信服务器提供的标识信息。 端点与信任的中间设备连接信息共享,使得中间设备能够访问通过安全连接传输的分组。 使用连接信息,中间设备可以修改认证的分组,例如执行网络地址转换,而不会中断基础的安全连接。 类似地,中间设备可以使用安全信息来读取加密信息并执行诸如网络流量监控或不需要的网络业务的过滤的功能。