-
公开(公告)号:US20120167158A1
公开(公告)日:2012-06-28
申请号:US12978451
申请日:2010-12-24
申请人: Paul Leach , David McPherson , Vishal Agarwal , Mark Fishel Novak , Ming Tang , Ramaswamy Ranganathan , Pranav Kukreja , Andrey Popov , Nir Ben Zvi , Arun K. Nanda
发明人: Paul Leach , David McPherson , Vishal Agarwal , Mark Fishel Novak , Ming Tang , Ramaswamy Ranganathan , Pranav Kukreja , Andrey Popov , Nir Ben Zvi , Arun K. Nanda
IPC分类号: G06F17/00
CPC分类号: G06F21/604 , G06Q10/06
摘要: Resource authorization policies and resource scopes may be defined separately, thereby decoupling a set of authorization rules from the scope of resources to which those rules apply. In one example, a resource includes anything that can be used in a computing environment (e.g., a file, a device, etc.). A scope describes a set of resources (e.g., all files in folder X, all files labeled “Y”, etc.). Policies describe what can be done with a resource (e.g., “read-only,” “read/write,” “delete, if requestor is a member of the admin group,” etc.). When scopes and policies have been defined, they may be linked, thereby indicating that the policy applies to any resource within the scope. When a request for the resource is made, the request is evaluated against all policies associated with scopes that contain the resource. If the conditions specified in the policies apply, then the request may be granted.
摘要翻译: 可以单独定义资源授权策略和资源作用域,从而将一组授权规则与这些规则适用的资源范围分离。 在一个示例中,资源包括可以在计算环境(例如,文件,设备等)中使用的任何内容。 范围描述一组资源(例如,文件夹X中的所有文件,标记为“Y”的所有文件等)。 策略描述了资源可以做什么(例如,“只读”,“读/写”,“删除,如果请求者是管理组的成员”等)。 当定义了范围和策略时,可以链接它们,从而指示策略适用于范围内的任何资源。 当对资源进行请求时,会根据与包含资源的范围相关联的所有策略来评估该请求。 如果策略中指定的条件适用,则可以授予请求。
-
公开(公告)号:US09208332B2
公开(公告)日:2015-12-08
申请号:US12978451
申请日:2010-12-24
申请人: Paul Leach , David McPherson , Vishal Agarwal , Mark Fishel Novak , Ming Tang , Ramaswamy Ranganathan , Pranav Kukreja , Andrey Popov , Nir Ben Zvi , Arun K. Nanda
发明人: Paul Leach , David McPherson , Vishal Agarwal , Mark Fishel Novak , Ming Tang , Ramaswamy Ranganathan , Pranav Kukreja , Andrey Popov , Nir Ben Zvi , Arun K. Nanda
CPC分类号: G06F21/604 , G06Q10/06
摘要: Resource authorization policies and resource scopes may be defined separately, thereby decoupling a set of authorization rules from the scope of resources to which those rules apply. In one example, a resource includes anything that can be used in a computing environment (e.g., a file, a device, etc.). A scope describes a set of resources (e.g., all files in folder X, all files labeled “Y”, etc.). Policies describe what can be done with a resource (e.g., “read-only,” “read/write,” “delete, if requestor is a member of the admin group,” etc.). When scopes and policies have been defined, they may be linked, thereby indicating that the policy applies to any resource within the scope. When a request for the resource is made, the request is evaluated against all policies associated with scopes that contain the resource. If the conditions specified in the policies apply, then the request may be granted.
摘要翻译: 可以单独定义资源授权策略和资源作用域,从而将一组授权规则与这些规则适用的资源范围分离。 在一个示例中,资源包括可以在计算环境(例如,文件,设备等)中使用的任何内容。 范围描述一组资源(例如,文件夹X中的所有文件,标记为“Y”的所有文件等)。 策略描述了资源可以做什么(例如,“只读”,“读/写”,“删除,如果请求者是管理组的成员”等)。 当定义了范围和策略时,可以链接它们,从而指示策略适用于范围内的任何资源。 当对资源进行请求时,会根据与包含资源的范围相关联的所有策略来评估该请求。 如果策略中指定的条件适用,则可以授予请求。
-
公开(公告)号:US08813170B2
公开(公告)日:2014-08-19
申请号:US13294162
申请日:2011-11-10
申请人: Mark F. Novak , Paul Leach , Vishal Agarwal , David McPherson , Sunil Gottumukkala , Jignesh Shah , Arun K. Nanda , Nir Ben Zvi , Pranav Kukreja , Ramaswamy Ranganathan
发明人: Mark F. Novak , Paul Leach , Vishal Agarwal , David McPherson , Sunil Gottumukkala , Jignesh Shah , Arun K. Nanda , Nir Ben Zvi , Pranav Kukreja , Ramaswamy Ranganathan
IPC分类号: G06F17/00
摘要: A policy that governs access to a resource may be tested against real-world access requests before being used to control access to the resource. In one example, access to a resource is governed by a policy, referred to as an effective policy. When the policy is to be modified or replaced, the modification or replacement may become a test policy. When a request is made to access the resource, the request may be evaluated under both the effective policy and the test policy. Whether access is granted is determined under the effective policy, but the decision that would be made under the test policy is noted, and may be logged. If the test policy is determined to behave acceptably when confronted with real-world access requests, then the current effective policy may be replaced with the test policy.
摘要翻译: 管理对资源的访问的策略可以在被用于控制对资源的访问之前被针对真实的访问请求进行测试。 在一个示例中,对资源的访问受政策管辖,被称为有效策略。 当修改或更换策略时,修改或替换可能成为测试策略。 当请求访问资源时,可以根据有效策略和测试策略对请求进行评估。 是否授予访问是根据有效策略确定的,但是将根据测试策略作出的决定被注明,并可能被记录。 如果测试策略在面对现实访问请求时被确定为可接受的行为,则可以用测试策略替换当前的有效策略。
-
公开(公告)号:US20130125199A1
公开(公告)日:2013-05-16
申请号:US13294162
申请日:2011-11-10
申请人: Mark F. Novak , Paul Leach , Vishal Agarwal , David McPherson , Sunil Gottumukkala , Jignesh Shah , Arun K. Nanda , Nir Ben Zvi , Pranav Kukreja , Ramaswamy Ranganathan
发明人: Mark F. Novak , Paul Leach , Vishal Agarwal , David McPherson , Sunil Gottumukkala , Jignesh Shah , Arun K. Nanda , Nir Ben Zvi , Pranav Kukreja , Ramaswamy Ranganathan
IPC分类号: G06F21/00
摘要: A policy that governs access to a resource may be tested against real-world access requests before being used to control access to the resource. In one example, access to a resource is governed by a policy, referred to as an effective policy. When the policy is to be modified or replaced, the modification or replacement may become a test policy. When a request is made to access the resource, the request may be evaluated under both the effective policy and the test policy. Whether access is granted is determined under the effective policy, but the decision that would be made under the test policy is noted, and may be logged. If the test policy is determined to behave acceptably when confronted with real-world access requests, then the current effective policy may be replaced with the test policy.
摘要翻译: 管理对资源的访问的策略可以在被用于控制对资源的访问之前被针对真实的访问请求进行测试。 在一个示例中,对资源的访问受政策管辖,被称为有效策略。 当修改或更换策略时,修改或替换可能成为测试策略。 当请求访问资源时,可以根据有效策略和测试策略对请求进行评估。 是否授予访问是根据有效策略确定的,但是将根据测试策略作出的决定被注明,并可能被记录。 如果测试策略在面对现实访问请求时被确定为可接受的行为,则可以用测试策略替换当前的有效策略。
-
公开(公告)号:US20130347063A1
公开(公告)日:2013-12-26
申请号:US13529853
申请日:2012-06-21
申请人: Sarath Madakasira , Siddharth Bhai , James J. Simmons , Ryan J. Fairfax , Qi Cao , Arun K. Nanda , Mark Fishel Novak
发明人: Sarath Madakasira , Siddharth Bhai , James J. Simmons , Ryan J. Fairfax , Qi Cao , Arun K. Nanda , Mark Fishel Novak
IPC分类号: G06F21/00
CPC分类号: G06F21/604 , H04L63/20
摘要: Sharing security claims across different security contexts. A method includes, for a first security context, identifying a first set of security claims. The method further includes for the first security context identifying a second set of security claims from the first set of security claims that is allowed to be sent from the first security context. The first set of security claims is modified to create the second set of security claims. For a second security context, security claim requirements are identified. The second set of security claims is modified to satisfy the security claim requirements for the second security context.
摘要翻译: 在不同的安全环境中共享安全声明。 对于第一安全上下文,一种方法包括识别第一组安全权利要求。 所述方法还包括用于从所述第一安全声明集合允许从所述第一安全上下文发送的所述第一安全性上下文标识第二组安全声明。 修改第一组安全声明以创建第二组安全声明。 对于第二个安全上下文,确定了安全声明要求。 修改第二组安全声明以满足第二安全上下文的安全声明要求。
-
6.发明授权Method for forming a bipolar junction transistor and a metal oxide semiconductor field effect transistor 有权用于形成双极结型晶体管和金属氧化物半导体场效应晶体管的方法公开(公告)号:US08084313B2
公开(公告)日:2011-12-27
申请号:US12832110
申请日:2010-07-08
申请人: Arun K. Nanda , Venkat Raghavan , Nace Rossi
发明人: Arun K. Nanda , Venkat Raghavan , Nace Rossi
IPC分类号: H01L21/8238
CPC分类号: H01L21/8249 , H01L27/0623
摘要: A method for forming BiCMOS integrated circuits and structures formed according to the method. After forming doped wells and gate stacks for the CMOS devices and collector and base regions for the bipolar junction transistor, an emitter layer is formed within an emitter window. A dielectric material layer is formed over the emitter layer and remains in place during etching of the emitter layer and removal of the etch mask. The dielectric material layer further remains in place during source/drain implant doping and activation of the implanted source/drain dopants. The dielectric material layer functions as a thermal barrier, to limit out-diffusion of the emitter dopants during the activation step.
摘要翻译: 一种用于形成根据该方法形成的BiCMOS集成电路和结构的方法。 在用于CMOS器件的掺杂阱和栅极堆叠以及用于双极结型晶体管的集电极和基极区域之后,在发射极窗口内形成发射极层。 在发射极层上形成介电材料层,并且在蚀刻发射极层和去除蚀刻掩模期间保持原位。 在源极/漏极注入掺杂和注入源极/漏极掺杂剂的激活期间,电介质材料层进一步保持就位。 介电材料层用作热障,以限制在激活步骤期间发射体掺杂物的扩散。
-
公开(公告)号:US07945950B2
公开(公告)日:2011-05-17
申请号:US11925734
申请日:2007-10-26
IPC分类号: G06F7/04
CPC分类号: H04L63/08 , G06F21/31 , G06F2221/2103
摘要: A challenge mechanism in which a challenge is issued from one message processor to another. In generating the challenge, the message processor may select any one or more of a number of available interactive challenge types, where each type of challenge type might use different user-originated information. Upon receiving the challenge, the challengee message processor may identify the challenge type based on information provided in the challenge, and perform different actions depending on the challenge type. The challengee message processor then generates an appropriate challenge response, and issues that challenge response to the challenger message processor. The challenger message processor may then validate the challenge response.
摘要翻译: 挑战机制,其中挑战是从一个消息处理器发出到另一个。 在产生挑战时,消息处理器可以选择多个可用的交互式挑战类型中的任何一个或多个,其中每种类型的挑战类型可以使用不同的用户发起的信息。 在接收到挑战时,挑战者消息处理器可以基于挑战中提供的信息识别挑战类型,并根据挑战类型执行不同的动作。 挑战者消息处理器然后生成适当的挑战响应,并且向挑战者消息处理器发出挑战响应。 挑战者消息处理器然后可以验证挑战响应。
-
8.发明申请THERMALLY STABLE BICMOS FABRICATION METHOD AND BIPOLAR JUNCTION TRNASISTORS FORMED ACCORDING TO THE METHOD 有权根据该方法形成的热稳定的BICMOS制造方法和双极性连接器公开(公告)号:US20100273301A1
公开(公告)日:2010-10-28
申请号:US12832110
申请日:2010-07-08
申请人: Arun K. Nanda , Venkat Raghavan , Nace Rossi
发明人: Arun K. Nanda , Venkat Raghavan , Nace Rossi
IPC分类号: H01L27/06
CPC分类号: H01L21/8249 , H01L27/0623
摘要: A method for forming BiCMOS integrated circuits and structures formed according to the method. After forming doped wells and gate stacks for the CMOS devices and collector and base regions for the bipolar junction transistor, an emitter layer is formed within an emitter window. A dielectric material layer is formed over the emitter layer and remains in place during etching of the emitter layer and removal of the etch mask. The dielectric material layer further remains in place during source/drain implant doping and activation of the implanted source/drain dopants. The dielectric material layer functions as a thermal barrier, to limit out-diffusion of the emitter dopants during the activation step.
摘要翻译: 一种用于形成根据该方法形成的BiCMOS集成电路和结构的方法。 在用于CMOS器件的掺杂阱和栅极堆叠以及用于双极结型晶体管的集电极和基极区域之后,在发射极窗口内形成发射极层。 在发射极层上形成介电材料层,并且在蚀刻发射极层和去除蚀刻掩模期间保持原位。 在源极/漏极注入掺杂和注入源极/漏极掺杂剂的激活期间,电介质材料层进一步保持就位。 介电材料层用作热障,以限制在激活步骤期间发射体掺杂物的扩散。
-
9.发明授权公开(公告)号:US07739500B2
公开(公告)日:2010-06-15
申请号:US11074972
申请日:2005-03-07
申请人: Kim Cameron , Arun K. Nanda , Andy Harjanto , Stuart L. S. Kwan
发明人: Kim Cameron , Arun K. Nanda , Andy Harjanto , Stuart L. S. Kwan
IPC分类号: H04L9/00
CPC分类号: H04L63/0823 , H04L9/3263 , H04L2209/56
摘要: Exemplary embodiments disclosed herein may include a method and system for creating an attendance marker and establishing consistent recognition of an ongoing digital relationship, including receiving an identity key about a server, creating an attendance marker, associating the attendance marker with the server. Other embodiments relate to systems and methods for recognizing a server, website, and/or other system for a client, such as a computer system for a user. Such authentication involves receiving an identity key about a web server or other system, creating an attendance marker, associating the attendance marker with the server, requesting an attendance marker associated with a server, and recognizing the server based at least in part on the attendance marker.
摘要翻译: 本文公开的示例性实施例可以包括用于创建考勤标记并建立持续数字关系的一致性识别的方法和系统,包括接收关于服务器的身份密钥,创建考勤标记,将考勤标记与服务器相关联。 其他实施例涉及用于识别用于客户端的服务器,网站和/或其他系统的系统和方法,诸如用于用户的计算机系统。 这种认证涉及接收关于web服务器或其他系统的身份密钥,创建考勤标记,将考勤标记与服务器相关联,请求与服务器相关联的考勤标记,以及至少部分地基于考勤标记识别服务器 。
-
公开(公告)号:US20090319795A1
公开(公告)日:2009-12-24
申请号:US12143392
申请日:2008-06-20
申请人: Tariq Sharif , Arun K. Nanda , Craig H. Wittenberg , Lucas R. Melton , Richard Randall , Kim Cameron , Hervey O. Wilson
发明人: Tariq Sharif , Arun K. Nanda , Craig H. Wittenberg , Lucas R. Melton , Richard Randall , Kim Cameron , Hervey O. Wilson
IPC分类号: H04L9/00
CPC分类号: G06F21/64 , G06F2221/2117 , H04L63/0823 , H04L63/123
摘要: Creating a token for use by an entity when digitally signing documents. In a computing environment, a digital identity representation for an entity is accessed. The digital identity representation includes information identifying identity attributes about the entity and capabilities of an identity provider that provides tokens for use by the entity. Context information is accessed. The context information includes information about one or more of which, how or where the attributes for the entity identified in the digital identity representation will be used. A security token is created from the information in the digital identity representation and the context information. The security token makes assertions by the identity provider. The assertions are based on the information in the digital identity representation. The token further includes information related to at least a portion of the context information.
摘要翻译: 创建一个令牌供实体在数字签署文档时使用。 在计算环境中,访问实体的数字身份表示。 数字身份表示包括识别关于实体的身份属性的信息以及提供令牌以供实体使用的身份提供者的能力。 访问上下文信息。 上下文信息包括关于在数字身份表示中识别的实体的属性的一个或多个,如何或何处被使用的信息。 根据数字身份表示和上下文信息中的信息创建安全令牌。 安全令牌由身份提供者进行断言。 断言是基于数字身份表示中的信息。 令牌还包括与上下文信息的至少一部分相关的信息。
-
-
-
-
-
-
-
-
-
搜索结果
78 条记录 (耗时 0.041 秒)