-
公开(公告)号:US08914874B2
公开(公告)日:2014-12-16
申请号:US12506568
申请日:2009-07-21
CPC分类号: H04L63/205 , G06F21/606 , H04L9/3247 , H04L2209/80
摘要: A set of security claims for a communication channel are obtained, the set of security claims including one or more security claims each identifying a security characteristic of the communication channel. The security claims are stored, as is a digital signature generated over the set of security claims by an entity. The security claims and digital signature are subsequently accessed when a computing device is to transfer data to and/or from the communication channel. The set of security claims is compared to a security policy of the computing device, and the entity that digitally signed the set of security claims is identified. One or more security precautions that the computing device is to use in transferring data to and/or from the communication channel are determined based at least in part on the comparing and the entity that has digitally signed the set of security claims.
摘要翻译: 获得一组用于通信信道的安全权利要求,该组安全权利要求包括一个或多个安全权利要求,每个安全权利要求各自标识通信信道的安全特性。 存储安全声明,以及由实体在该组安全声明上生成的数字签名。 随后当计算设备将数据传送到通信信道和/或从通信信道传送数据时,随后访问安全声明和数字签名。 将该组安全声明与计算设备的安全策略进行比较,并且识别对该组安全声明进行数字签名的实体。 至少部分地基于所述比较和对所述一组安全权利要求进行数字签名的实体来确定所述计算设备将用于向所述通信信道传送数据和/或从所述通信信道传送数据的一个或多个安全预防措施。
-
2.发明申请公开(公告)号:US20100211792A1
公开(公告)日:2010-08-19
申请号:US12372476
申请日:2009-02-17
CPC分类号: H04L9/3247 , H04L63/102 , H04L63/126
摘要: A communication channel has an associated channel authenticator that includes a channel identifier, a use policy identifying how an owner of the communication channel indicates the communication channel is used, and a digital signature over the channel identifier and use policy. The identifier of the communication channel and the use policy can be verified by a computing device, and a check made as to whether a current security policy of the computing device is satisfied by the use policy. An access that the computing device is allowed to have to the communication channel is determined based at least in part on both whether the current security policy is satisfied by the use policy and whether the identifier of the communication channel and the use policy are verified.
摘要翻译: 通信信道具有关联的信道认证器,其包括信道标识符,识别通信信道的所有者如何指示通信信道的使用策略,以及通过信道标识符和使用策略的数字签名。 可以由计算设备来验证通信信道的标识符和使用策略,并且通过使用策略来检查计算设备的当前安全策略是否被满足。 至少部分地基于使用策略来满足当前安全策略以及通信信道的标识符和使用策略是否被验证,允许计算设备被允许对通信信道的访问。
-
3.发明授权公开(公告)号:US08838981B2
公开(公告)日:2014-09-16
申请号:US13614612
申请日:2012-09-13
CPC分类号: H04L9/3247 , H04L63/102 , H04L63/126
摘要: A communication channel has an associated channel authenticator that includes a channel identifier, a use policy identifying how an owner of the communication channel indicates the communication channel is used, and a digital signature over the channel identifier and use policy. The identifier of the communication channel and the use policy can be verified by a computing device, and a check made as to whether a current security policy of the computing device is satisfied by the use policy. An access that the computing device is allowed to have to the communication channel is determined based at least in part on both whether the current security policy is satisfied by the use policy and whether the identifier of the communication channel and the use policy are verified.
摘要翻译: 通信信道具有关联的信道认证器,其包括信道标识符,识别通信信道的所有者如何指示通信信道的使用策略以及信道标识符和使用策略上的数字签名。 可以由计算设备来验证通信信道的标识符和使用策略,并且通过使用策略来检查计算设备的当前安全策略是否被满足。 至少部分地基于使用策略来满足当前安全策略以及通信信道的标识符和使用策略是否被验证,允许计算设备被允许对通信信道的访问。
-
4.发明申请公开(公告)号:US20130007463A1
公开(公告)日:2013-01-03
申请号:US13614612
申请日:2012-09-13
IPC分类号: H04L9/30
CPC分类号: H04L9/3247 , H04L63/102 , H04L63/126
摘要: A communication channel has an associated channel authenticator that includes a channel identifier, a use policy identifying how an owner of the communication channel indicates the communication channel is used, and a digital signature over the channel identifier and use policy. The identifier of the communication channel and the use policy can be verified by a computing device, and a check made as to whether a current security policy of the computing device is satisfied by the use policy. An access that the computing device is allowed to have to the communication channel is determined based at least in part on both whether the current security policy is satisfied by the use policy and whether the identifier of the communication channel and the use policy are verified.
摘要翻译: 通信信道具有关联的信道认证器,其包括信道标识符,识别通信信道的所有者如何指示通信信道的使用策略,以及通过信道标识符和使用策略的数字签名。 可以由计算设备来验证通信信道的标识符和使用策略,并且通过使用策略来检查计算设备的当前安全策略是否被满足。 至少部分地基于使用策略来满足当前安全策略以及通信信道的标识符和使用策略是否被验证,允许计算设备被允许对通信信道的访问。
-
5.发明授权公开(公告)号:US08296564B2
公开(公告)日:2012-10-23
申请号:US12372476
申请日:2009-02-17
CPC分类号: H04L9/3247 , H04L63/102 , H04L63/126
摘要: A communication channel has an associated channel authenticator that includes a channel identifier, a use policy identifying how an owner of the communication channel indicates the communication channel is used, and a digital signature over the channel identifier and use policy. The identifier of the communication channel and the use policy can be verified by a computing device, and a check made as to whether a current security policy of the computing device is satisfied by the use policy. An access that the computing device is allowed to have to the communication channel is determined based at least in part on both whether the current security policy is satisfied by the use policy and whether the identifier of the communication channel and the use policy are verified.
摘要翻译: 通信信道具有关联的信道认证器,其包括信道标识符,识别通信信道的所有者如何指示通信信道的使用策略,以及通过信道标识符和使用策略的数字签名。 可以由计算设备来验证通信信道的标识符和使用策略,并且通过使用策略来检查计算设备的当前安全策略是否被满足。 至少部分地基于使用策略来满足当前安全策略以及通信信道的标识符和使用策略是否被验证,允许计算设备被允许对通信信道的访问。
-
公开(公告)号:US20110019820A1
公开(公告)日:2011-01-27
申请号:US12506568
申请日:2009-07-21
CPC分类号: H04L63/205 , G06F21/606 , H04L9/3247 , H04L2209/80
摘要: A set of security claims for a communication channel are obtained, the set of security claims including one or more security claims each identifying a security characteristic of the communication channel. The security claims are stored, as is a digital signature generated over the set of security claims by an entity. The security claims and digital signature are subsequently accessed when a computing device is to transfer data to and/or from the communication channel. The set of security claims is compared to a security policy of the computing device, and the entity that digitally signed the set of security claims is identified. One or more security precautions that the computing device is to use in transferring data to and/or from the communication channel are determined based at least in part on the comparing and the entity that has digitally signed the set of security claims.
摘要翻译: 获得一组用于通信信道的安全权利要求,该组安全权利要求包括一个或多个安全权利要求,每个安全权利要求各自标识通信信道的安全特性。 存储安全声明,以及由实体在该组安全声明上生成的数字签名。 随后当计算设备将数据传送到通信信道和/或从通信信道传送数据时,随后访问安全声明和数字签名。 将该组安全声明与计算设备的安全策略进行比较,并且识别对该组安全声明进行数字签名的实体。 至少部分地基于所述比较和对所述一组安全权利要求进行数字签名的实体来确定所述计算设备将用于向所述通信信道传送数据和/或从所述通信信道传送数据的一个或多个安全预防措施。
-
7.发明授权Access control state determination based on security policy and secondary access control state 有权基于安全策略和二次访问控制状态的访问控制状态确定公开(公告)号:US08387109B2
公开(公告)日:2013-02-26
申请号:US12256742
申请日:2008-10-23
申请人: Octavian T. Ureche , Alex M. Semenko , Ping Xie , Sai Vinayak
发明人: Octavian T. Ureche , Alex M. Semenko , Ping Xie , Sai Vinayak
CPC分类号: G06F21/6218
摘要: In accordance with one or more aspects, a current security policy for accessing a device or volume of a computing device is identified. A secondary access control state for the device or volume is also identified. An access state for the device is determined based on both the current security policy and the secondary access control state.
摘要翻译: 根据一个或多个方面,识别用于访问计算设备的设备或卷的当前安全策略。 还识别用于设备或卷的辅助访问控制状态。 基于当前的安全策略和次要访问控制状态来确定设备的访问状态。
-
8.发明申请Access Control State Determination Based on Security Policy and Secondary Access Control State 有权基于安全策略和二次访问控制状态的访问控制状态确定公开(公告)号:US20100107213A1
公开(公告)日:2010-04-29
申请号:US12256742
申请日:2008-10-23
申请人: Octavian T. Ureche , Alex M. Semenko , Ping Xie , Sai Vinayak
发明人: Octavian T. Ureche , Alex M. Semenko , Ping Xie , Sai Vinayak
IPC分类号: G06F21/00
CPC分类号: G06F21/6218
摘要: In accordance with one or more aspects, a current security policy for accessing a device or volume of a computing device is identified. A secondary access control state for the device or volume is also identified. An access state for the device is determined based on both the current security policy and the secondary access control state.
摘要翻译: 根据一个或多个方面,识别用于访问计算设备的设备或卷的当前安全策略。 还识别用于设备或卷的辅助访问控制状态。 基于当前的安全策略和次要访问控制状态来确定设备的访问状态。
-
公开(公告)号:US08595493B2
公开(公告)日:2013-11-26
申请号:US12759406
申请日:2010-04-13
申请人: Octavian T. Ureche , Alex M. Semenko , Hui Huang
发明人: Octavian T. Ureche , Alex M. Semenko , Hui Huang
IPC分类号: H04L9/32
CPC分类号: G06F21/6218
摘要: In accordance with one or more aspects, a storage volume is transformed into an encrypted storage volume or an unencrypted storage volume using a multi-phase process. One or more parts of the storage volume that have not yet been transformed are identified, and one or more parts of the storage volume that are allocated for use are identified. In a first phase of the multi-phase process, one or more parts of the storage volume that have not yet been transformed and that are allocated for use are transformed. In a second phase of the multi-phase process, after the first phase is finished, one or more parts of the storage volume that have not yet been transformed and are not allocated for use are transformed.
摘要翻译: 根据一个或多个方面,使用多阶段过程将存储卷转换成加密的存储卷或未加密的存储卷。 识别尚未变换的存储卷的一个或多个部分,并且识别分配供使用的存储卷的一个或多个部分。 在多阶段过程的第一阶段,存储卷的尚未被转换并被分配供使用的一个或多个部分被转换。 在多相处理的第二阶段中,在第一阶段完成之后,转换尚未被转换并且不被分配使用的存储卷的一个或多个部分。
-
公开(公告)号:US20110252242A1
公开(公告)日:2011-10-13
申请号:US12759406
申请日:2010-04-13
申请人: Octavian T. Ureche , Alex M. Semenko , Hui Huang
发明人: Octavian T. Ureche , Alex M. Semenko , Hui Huang
CPC分类号: G06F21/6218
摘要: In accordance with one or more aspects, a storage volume is transformed into an encrypted storage volume or an unencrypted storage volume using a multi-phase process. One or more parts of the storage volume that have not yet been transformed are identified, and one or more parts of the storage volume that are allocated for use are identified. In a first phase of the multi-phase process, one or more parts of the storage volume that have not yet been transformed and that are allocated for use are transformed. In a second phase of the multi-phase process, after the first phase is finished, one or more parts of the storage volume that have not yet been transformed and are not allocated for use are transformed.
摘要翻译: 根据一个或多个方面,使用多阶段过程将存储卷转换成加密的存储卷或未加密的存储卷。 识别尚未变换的存储卷的一个或多个部分,并且识别分配供使用的存储卷的一个或多个部分。 在多阶段过程的第一阶段,存储卷的尚未被转换并被分配供使用的一个或多个部分被转换。 在多相处理的第二阶段中,在第一阶段完成之后,转换尚未被转换并且不被分配使用的存储卷的一个或多个部分。
-
-
-
-
-
-
-
-
-
搜索结果
14 条记录 (耗时 0.039 秒)
