公开(公告)号：US10097589B2

公开(公告)日：2018-10-09

申请号：US15403396

申请日：2017-01-11

Applicant: Oracle International Corporation

Inventor： William S. Hopkins ,  Craig Perez ,  David A. Guy ,  Peter Bower ,  Juan Li ,  Jeff J. Tancill ,  Krishnakumar Sriramadhesikan

IPC: G06F15/16 ,  H04L29/06

Abstract: In accordance with an embodiment, described herein is a system and method for providing security in a multitenant application server environment. In accordance with an embodiment, per-partition security configuration includes: per-partition security realm (including configuration for authentication, authorization, credential mapping, auditing, password validation, certificate validation, and user lockout); SSL configuration, including keys, certificates, and other configuration attributes; and access control for partition and global resources. An administrator can designate one or more partition users as partition administrators, via grant of roles.

公开(公告)号：US20160315943A1

公开(公告)日：2016-10-27

申请号：US14975208

申请日：2015-12-18

Applicant: Oracle International Corporation

Inventor： Srivatsa Manjunath ,  Yulong Cao ,  Premal Ramesh Desai ,  Juan Li ,  Cai Wenliang ,  Ding Wenfang

IPC: H04L29/06

CPC classification number: H04L63/102 ,  H04L63/20

Abstract: In certain embodiments, techniques are provided (e.g., a method, a system, non-transitory computer-readable medium storing code or instructions executable by one or more processors) to provide fine grained protection of resources in an access management environment. An access management service can intercept requests for resources (e.g., content in a content management system) and provide fine-grained authorization service for content management systems, such as Microsoft Office Sharepoint Server. The access management service can provide external policy management, evaluation and enforcement for content management systems. The access management service can include a plurality of plugins associated with different types of resources available through the content management systems. Integrating an access management service with content management systems provides both user and administrator efficiencies while enforcing a consistent level of access security across an enterprise system.

Abstract translation: 在某些实施例中，提供了技术（例如，方法，系统，存储可由一个或多个处理器执行的代码或指令的非暂时计算机可读介质），以在访问管理环境中提供对资源的细粒度保护。 访问管理服务可以拦截对资源的请求（例如，内容管理系统中的内容），并为内容管理系统（例如Microsoft Office Sharepoint Server）提供细粒度的授权服务。 访问管理服务可以为内容管理系统提供外部策略管理，评估和执行。 访问管理服务可以包括与通过内容管理系统可用的不同类型的资源相关联的多个插件。 将访问管理服务与内容管理系统集成在一起提供用户和管理员的效率，同时在整个企业系统中实施一致的访问安全级别。

公开(公告)号：US20170126742A1

公开(公告)日：2017-05-04

申请号：US15403396

申请日：2017-01-11

Applicant: Oracle International Corporation

Inventor： William S. Hopkins ,  Craig Perez ,  David A. Guy ,  Peter Bower ,  Juan Li ,  Jeff J. Tancill ,  Krishnakumar Sriramadhesikan

IPC: H04L29/06

CPC classification number: H04L63/20 ,  G06F17/30584 ,  G06F21/604 ,  G06F21/62 ,  H04L47/70 ,  H04L63/08 ,  H04L63/105 ,  H04L67/02 ,  H04L67/10

Abstract: In accordance with an embodiment, described herein is a system and method for providing security in a multitenant application server environment. In accordance with an embodiment, per-partition security configuration includes: per-partition security realm (including configuration for authentication, authorization, credential mapping, auditing, password validation, certificate validation, and user lockout); SSL configuration, including keys, certificates, and other configuration attributes; and access control for partition and global resources. An administrator can designate one or more partition users as partition administrators, via grant of roles.

公开(公告)号：US09578009B2

公开(公告)日：2017-02-21

申请号：US14747778

申请日：2015-06-23

Applicant: Oracle International Corporation

Inventor： William S. Hopkins ,  Craig Perez ,  David A. Guy ,  Peter Bower ,  Juan Li ,  Jeff J. Tancill ,  Krishna Sriramadhesikan

IPC: G06F15/16 ,  H04L29/06 ,  G06F21/60 ,  H04L29/08 ,  H04L12/911 ,  G06F17/30 ,  G06F21/62

CPC classification number: H04L63/20 ,  G06F17/30584 ,  G06F21/604 ,  G06F21/62 ,  H04L47/70 ,  H04L63/08 ,  H04L63/105 ,  H04L67/02 ,  H04L67/10

Abstract: In accordance with an embodiment, described herein is a system and method for providing security in a multitenant application server environment. In accordance with an embodiment, per-partition security configuration includes: per-partition security realm (including configuration for authentication, authorization, credential mapping, auditing, password validation, certificate validation, and user lockout); SSL configuration, including keys, certificates, and other configuration attributes; and access control for partition and global resources. An administrator can designate one or more partition users as partition administrators, via grant of roles.

Abstract translation: 根据一个实施例，这里描述了一种用于在多租户应用服务器环境中提供安全性的系统和方法。 根据实施例，每分区安全配置包括：每分区安全领域（包括用于认证，授权，凭证映射，审核，密码验证，证书验证和用户锁定的配置）; SSL配置，包括密钥，证书和其他配置属性; 以及对分区和全局资源的访问控制。 管理员可以通过授予角色将一个或多个分区用户指定为分区管理员。

公开(公告)号：US10104086B2

公开(公告)日：2018-10-16

申请号：US14975208

申请日：2015-12-18

Applicant: Oracle International Corporation

Inventor： Srivatsa Manjunath ,  Yulong Cao ,  Premal Ramesh Desai ,  Juan Li ,  Cai Wenliang ,  Ding Wenfang

IPC: H04L29/06

Abstract: In certain embodiments, techniques are provided (e.g., a method, a system, non-transitory computer-readable medium storing code or instructions executable by one or more processors) to provide fine grained protection of resources in an access management environment. An access management service can intercept requests for resources (e.g., content in a content management system) and provide fine-grained authorization service for content management systems, such as Microsoft Office Sharepoint Server. The access management service can provide external policy management, evaluation and enforcement for content management systems. The access management service can include a plurality of plugins associated with different types of resources available through the content management systems. Integrating an access management service with content management systems provides both user and administrator efficiencies while enforcing a consistent level of access security across an enterprise system.

公开(公告)号：US20150373004A1

公开(公告)日：2015-12-24

申请号：US14747778

申请日：2015-06-23

Applicant: Oracle International Corporation

Inventor： William S. Hopkins ,  Craig Perez ,  David A. Guy ,  Peter Bower ,  Juan Li ,  Jeff J. Tancill ,  Krishna Sriramadhesikan

IPC: H04L29/06 ,  G06F17/30 ,  H04L12/911 ,  G06F21/60 ,  H04L29/08

CPC classification number: H04L63/20 ,  G06F17/30584 ,  G06F21/604 ,  G06F21/62 ,  H04L47/70 ,  H04L63/08 ,  H04L63/105 ,  H04L67/02 ,  H04L67/10

Abstract: In accordance with an embodiment, described herein is a system and method for providing security in a multitenant application server environment. In accordance with an embodiment, per-partition security configuration includes: per-partition security realm (including configuration for authentication, authorization, credential mapping, auditing, password validation, certificate validation, and user lockout); SSL configuration, including keys, certificates, and other configuration attributes; and access control for partition and global resources. An administrator can designate one or more partition users as partition administrators, via grant of roles.

Abstract translation: 根据一个实施例，这里描述了一种用于在多租户应用服务器环境中提供安全性的系统和方法。 根据实施例，每分区安全配置包括：每分区安全领域（包括用于认证，授权，凭证映射，审核，密码验证，证书验证和用户锁定的配置）; SSL配置，包括密钥，证书和其他配置属性; 以及对分区和全局资源的访问控制。 管理员可以通过授予角色将一个或多个分区用户指定为分区管理员。