-
公开(公告)号:US07568218B2
公开(公告)日:2009-07-28
申请号:US10285175
申请日:2002-10-31
IPC分类号: H04L9/32
CPC分类号: H04L63/10 , H04L63/08 , H04L63/0807 , H04L63/0815 , H04L63/101
摘要: A selective cross-realm authenticator associates an identifier with a request from an entity authenticated in one realm to access a resource associated with a second realm. The identifier indicates that the entity was authenticated in a realm other than the realm associated with the requested resource. A domain controller associated with the resource performs an access check to verify that the authenticated user is authorized to authenticate to the requested resource. Permissions associated with the resource can be used to specify levels of access to be granted to entities authenticated by a domain controller associated with another realm.
摘要翻译: 选择性跨域认证器将标识符与来自在一个领域中认证的实体的请求相关联,以访问与第二领域相关联的资源。 该标识符表示该实体在与所请求的资源相关联的领域以外的领域中被认证。 与资源相关联的域控制器执行访问检查,以验证经过身份验证的用户是否被授权对请求的资源进行身份验证。 与该资源相关联的权限可用于指定授予由与另一领域相关联的域控制器认证的实体的访问级别。
-
公开(公告)号:US08510818B2
公开(公告)日:2013-08-13
申请号:US12469245
申请日:2009-05-20
IPC分类号: H04L9/32
CPC分类号: H04L63/10 , H04L63/08 , H04L63/0807 , H04L63/0815 , H04L63/101
摘要: A selective cross-realm authenticator associates an identifier with a request from an entity authenticated in one realm to access a resource associated with a second realm. The identifier indicates that the entity was authenticated in a realm other than the realm associated with the requested resource. A domain controller associated with the resource performs an access check to verify that the authenticated user is authorized to authenticate to the requested resource. Permissions associated with the resource can be used to specify levels of access to be granted to entities authenticated by a domain controller associated with another realm.
-
公开(公告)号:US20090228969A1
公开(公告)日:2009-09-10
申请号:US12469245
申请日:2009-05-20
IPC分类号: H04L29/06 , G06F15/173
CPC分类号: H04L63/10 , H04L63/08 , H04L63/0807 , H04L63/0815 , H04L63/101
摘要: A selective cross-realm authenticator associates an identifier with a request from an entity authenticated in one realm to access a resource associated with a second realm. The identifier indicates that the entity was authenticated in a realm other than the realm associated with the requested resource. A domain controller associated with the resource performs an access check to verify that the authenticated user is authorized to authenticate to the requested resource. Permissions associated with the resource can be used to specify levels of access to be granted to entities authenticated by a domain controller associated with another realm.
摘要翻译: 选择性跨域认证器将标识符与来自在一个领域中认证的实体的请求相关联,以访问与第二领域相关联的资源。 该标识符表示该实体在与所请求的资源相关联的领域以外的领域中被认证。 与资源相关联的域控制器执行访问检查,以验证经过身份验证的用户是否被授权对请求的资源进行身份验证。 与该资源相关联的权限可用于指定授予由与另一领域相关联的域控制器认证的实体的访问级别。
-
公开(公告)号:US20090260056A1
公开(公告)日:2009-10-15
申请号:US12477747
申请日:2009-06-03
申请人: Praerit Garg , Cliff Van Dyke , Dave McPherson , Everett McKay
发明人: Praerit Garg , Cliff Van Dyke , Dave McPherson , Everett McKay
IPC分类号: H04L29/06
CPC分类号: G06F21/6218 , G06F21/602 , G06F21/629 , G06F2221/2141 , G06F2221/2145 , G06F2221/2149 , H04L63/102
摘要: A role-based authorization management system maintains an authorization policy store that represents user authorizations to perform operations associated with an application. When a user attempts to perform a function associated with an application, the authorization management system verifies that the user is authorized to perform the requested function. The authorization management system also provides an interface for an application administrator to update role-based user authorization policies associated with one or more applications.
摘要翻译: 基于角色的授权管理系统维护授权策略存储,其代表用户授权以执行与应用相关联的操作。 当用户尝试执行与应用相关联的功能时,授权管理系统验证用户被授权执行所请求的功能。 授权管理系统还提供用于应用管理员更新与一个或多个应用相关联的基于角色的用户授权策略的接口。
-
公开(公告)号:US08533772B2
公开(公告)日:2013-09-10
申请号:US12477747
申请日:2009-06-03
申请人: Praerit Garg , Cliff Van Dyke , Dave M. McPherson , Everett McKay
发明人: Praerit Garg , Cliff Van Dyke , Dave M. McPherson , Everett McKay
IPC分类号: H04L29/06
CPC分类号: G06F21/6218 , G06F21/602 , G06F21/629 , G06F2221/2141 , G06F2221/2145 , G06F2221/2149 , H04L63/102
摘要: A role-based authorization management system maintains an authorization policy store that represents user authorizations to perform operations associated with an application. When a user attempts to perform a function associated with an application, the authorization management system verifies that the user is authorized to perform the requested function. The authorization management system also provides an interface for an application administrator to update role-based user authorization policies associated with one or more applications.
-
公开(公告)号:US07546633B2
公开(公告)日:2009-06-09
申请号:US10281083
申请日:2002-10-25
申请人: Praerit Garg , Cliff Van Dyke , Dave McPherson , Everett McKay
发明人: Praerit Garg , Cliff Van Dyke , Dave McPherson , Everett McKay
CPC分类号: G06F21/6218 , G06F21/602 , G06F21/629 , G06F2221/2141 , G06F2221/2145 , G06F2221/2149 , H04L63/102
摘要: A role-based authorization management system maintains an authorization policy store that represents user authorizations to perform operations associated with an application. When a user attempts to perform a function associated with an application, the authorization management system verifies that the user is authorized to perform the requested function. The authorization management system also provides an interface for an application administrator to update role-based user authorization policies associated with one or more applications.
摘要翻译: 基于角色的授权管理系统维护授权策略存储,其代表用户授权以执行与应用相关联的操作。 当用户尝试执行与应用相关联的功能时,授权管理系统验证用户被授权执行所请求的功能。 授权管理系统还提供用于应用管理员更新与一个或多个应用相关联的基于角色的用户授权策略的接口。
-
公开(公告)号:US07185359B2
公开(公告)日:2007-02-27
申请号:US10029426
申请日:2001-12-21
CPC分类号: H04L63/0815 , H04L63/083
摘要: An enterprise network architecture has a trust link established between two autonomous network systems that enables transitive resource access between network domains of the two network systems. The trust link is defined by data structures maintained by each of the respective network systems. The first network system maintains namespaces that correspond to the second network system and a domain controller in the first network system, or a first network system administrator, indicates whether to trust individual namespaces. An account managed by a domain in the second network system can request authentication via a domain controller in the first network system. The first network system determines from the trust link to communicate the authentication request to the second network system. The first network system also determines from the trust link where to communicate authorization requests when administrators manage group memberships and access control lists.
摘要翻译: 企业网络架构具有建立在两个自主网络系统之间的信任链路,能够实现两个网络系统的网络域之间的传递资源访问。 信任链接由相应网络系统中的每一个维护的数据结构来定义。 第一网络系统维护对应于第二网络系统的命名空间和第一网络系统中的域控制器,或者第一网络系统管理员指示是否信任个体命名空间。 由第二网络系统中的域管理的帐户可以通过第一网络系统中的域控制器请求认证。 第一网络系统从信任链路确定将认证请求传送到第二网络系统。 当管理员管理组成员身份和访问控制列表时,第一个网络系统还从信任链接确定何处传达授权请求。
-
公开(公告)号:US07617522B2
公开(公告)日:2009-11-10
申请号:US11379998
申请日:2006-04-24
CPC分类号: H04L63/0815 , H04L63/083
摘要: An enterprise network architecture has a trust link established between two autonomous network systems that enables transitive resource access between network domains of the two network systems. The trust link is defined by data structures maintained by each of the respective network systems. The first network system maintains namespaces that correspond to the second network system and a domain controller in the first network system, or a first network system administrator, indicates whether to trust individual namespaces. An account managed by a domain in the second network system can request authentication via a domain controller in the first network system. The first network system determines from the trust link to communicate the authentication request to the second network system. The first network system also determines from the trust link where to communicate authorization requests when administrators manage group memberships and access control lists.
摘要翻译: 企业网络架构具有建立在两个自主网络系统之间的信任链路,能够实现两个网络系统的网络域之间的传递资源访问。 信任链接由相应网络系统中的每一个维护的数据结构来定义。 第一网络系统维护对应于第二网络系统的命名空间和第一网络系统中的域控制器,或者第一网络系统管理员指示是否信任个体命名空间。 由第二网络系统中的域管理的帐户可以通过第一网络系统中的域控制器请求认证。 第一网络系统从信任链路确定将认证请求传送到第二网络系统。 当管理员管理组成员身份和访问控制列表时,第一个网络系统还从信任链接确定何处传达授权请求。
-
公开(公告)号:US07869383B2
公开(公告)日:2011-01-11
申请号:US12179527
申请日:2008-07-24
申请人: Bassam Tabbara , Praerit Garg
发明人: Bassam Tabbara , Praerit Garg
IPC分类号: H04L12/28
CPC分类号: H04L47/70 , G06Q30/06 , H04L67/1097
摘要: A hardware and/or software facility for durably and securely storing data within a shared community storage network. A user may have a storage device that they intend to share with others in the network. All or a portion of the storage device is registered with the community storage network as a storage node. Once registered with the network, third party data may be stored on the storage node and remotely accessed by third parties. In addition, data stored on the storage device by the user may be stored in the shared community storage network by encrypting the data, adding redundancy, and distributing it to other storage nodes within the storage network. Data that is stored in the storage network is accessible to the user even if their storage device is inaccessible or fails.
摘要翻译: 用于在共享社区存储网络中持久和安全地存储数据的硬件和/或软件设施。 用户可以具有他们打算在网络中与他人共享的存储设备。 存储设备的全部或一部分作为存储节点向社区存储网络注册。 一旦向网络注册,第三方数据可能存储在存储节点上,并被第三方远程访问。 此外,用户存储在存储设备上的数据可以通过加密数据,添加冗余并将其分发到存储网络中的其他存储节点来存储在共享社区存储网络中。 即使存储设备无法访问或出现故障,用户也可以访问存储在存储网络中的数据。
-
公开(公告)号:US20100020718A1
公开(公告)日:2010-01-28
申请号:US12179527
申请日:2008-07-24
申请人: Bassam Tabbara , Praerit Garg
发明人: Bassam Tabbara , Praerit Garg
IPC分类号: H04L12/28
CPC分类号: H04L47/70 , G06Q30/06 , H04L67/1097
摘要: A hardware and/or software facility for durably and securely storing data within a shared community storage network. A user may have a storage device that they intend to share with others in the network. All or a portion of the storage device is registered with the community storage network as a storage node. Once registered with the network, third party data may be stored on the storage node and remotely accessed by third parties. In addition, data stored on the storage device by the user may be stored in the shared community storage network by encrypting the data, adding redundancy, and distributing it to other storage nodes within the storage network. Data that is stored in the storage network is accessible to the user even if their storage device is inaccessible or fails.
摘要翻译: 用于在共享社区存储网络中持久和安全地存储数据的硬件和/或软件设施。 用户可以具有他们打算在网络中与他人共享的存储设备。 存储设备的全部或一部分作为存储节点向社区存储网络注册。 一旦向网络注册,第三方数据可能存储在存储节点上,并被第三方远程访问。 此外,用户存储在存储设备上的数据可以通过加密数据,添加冗余并将其分发到存储网络中的其他存储节点来存储在共享社区存储网络中。 即使存储设备无法访问或出现故障,用户也可以访问存储在存储网络中的数据。
-
-
-
-
-
-
-
-
-
搜索结果
43 条记录 (耗时 0.026 秒)