-
公开(公告)号:US5892904A
公开(公告)日:1999-04-06
申请号:US761484
申请日:1996-12-06
摘要: A certification or signing method ensures the authenticity and integrity of a computer program, an executable file, or code received over a computer network. The method is used by a publisher or distributor to "sign" an executable file so it can be transmitted with confidence to a recipient over an open network like the Internet. The executable file may be of any executable form, including an executable or portable executable .exe file format, a .cab cabinet file format, an .ocx object control format, or a Java class file. The code signing method assures the recipient of the identity of the publisher as the source of file (i.e., its authenticity) and that the file has not been modified after being transmitted by the publisher (i.e., the integrity of the file). As a result, the code signing method allows an executable file to be transmitted over open computer networks like the Internet with increased certainty in the identity of the source of the file and minimized risk of contracting a computer virus or other malicious executable computer files.
摘要翻译: 认证或签名方法确保计算机程序,可执行文件或通过计算机网络接收的代码的真实性和完整性。 发布商或经销商使用该方法“签署”可执行文件,以便可以通过互联网等开放式网络将信息自动传送给收件人。 可执行文件可以是任何可执行形式,包括可执行文件或便携式可执行文件.exe文件格式,.cab文件格式,.ocx对象控件格式或Java类文件。 代码签名方法确保发件人的身份的收件人作为文件的来源(即其真实性),并且该文件在由发布者发送之后尚未被修改(即,文件的完整性)。 因此,代码签名方法允许可执行文件通过诸如互联网的开放式计算机网络传送,同时文件来源的身份确定性更高,并减少了计算机病毒或其他恶意可执行计算机文件的收缩风险。
-
2.发明授权公开(公告)号:US06367012B1
公开(公告)日:2002-04-02
申请号:US08761698
申请日:1996-12-06
申请人: Robert G. Atkinson , James W. Kelly, Jr. , Bryan W. Tuttle , Robert M. Price , Robert P. Reichel
发明人: Robert G. Atkinson , James W. Kelly, Jr. , Bryan W. Tuttle , Robert M. Price , Robert P. Reichel
IPC分类号: H04L930
CPC分类号: H04L63/123 , G06F21/51 , G06F21/64 , H04L63/126 , H04L63/145
摘要: A certification or signature is incorporated in a computer program, an executable file, or code to assure its authenticity and integrity, particularly for receiving it over an open computer network like the Internet. The executable file may be of any executable form, including an executable or portable executable .exe file format, a .cab cabinet file format, an .ocx object control format, or a Java class file. The certification includes a keyed source confirmation with a secure representation of the executable file. In an embodiment, the certification is referenced in a header of the executable file, the reference including a pointer to the keyed source confirmation and an indication of the size of the keyed source confirmation.
摘要翻译: 认证或签名被并入计算机程序,可执行文件或代码,以确保其真实性和完整性,特别是通过诸如互联网的开放式计算机网络接收证书或签名。 可执行文件可以是任何可执行形式,包括可执行文件或便携式可执行文件.exe文件格式,.cab文件格式,.ocx对象控件格式或Java类文件。 该认证包括具有安全表示可执行文件的密钥源确认。 在一个实施例中,认证在可执行文件的标题中被引用,该引用包括指向该密钥源确认的指针以及该密钥源确认的大小的指示。
-
公开(公告)号:US07904608B2
公开(公告)日:2011-03-08
申请号:US11124366
申请日:2005-05-04
申请人: Robert M. Price
发明人: Robert M. Price
IPC分类号: G06F3/00
CPC分类号: G06F8/65
摘要: Particular embodiments include a system and method to enable a user-controlled proxy system or coordinating computer to automatically or semi-automatically communicate with multiple devices, determine the currently operating software contents and versions for each device, and to automatically or semi-automatically upgrade each device with updated software without requiring user intervention. The software may include communication, operating system or application-specific program codes that improve a given device's designed function.
摘要翻译: 具体实施例包括使用户控制的代理系统或协调计算机能够自动或半自动地与多个设备通信的系统和方法,确定每个设备的当前操作的软件内容和版本,以及自动或半自动地升级每个 具有更新软件的设备,无需用户干预。 软件可以包括改善给定设备的设计功能的通信,操作系统或专用程序代码。
-
4.发明授权Methods and arrangements for controlling resource access in a networked computing environment 有权控制网络计算环境中的资源访问的方法和安排公开(公告)号:US06308173B1
公开(公告)日:2001-10-23
申请号:US09501845
申请日:2000-02-10
IPC分类号: G06F1730
CPC分类号: G06F17/30221 , G06F21/6218 , G06F2221/2145 , H04L63/101 , H04L63/20 , Y10S707/99939 , Y10S707/99944
摘要: A unified and straightforward approach to managing file and other resource security in a networked computing environment is disclosed. The invention can be implemented in a multi-user computer network that includes a client computer, a server computer that controls a resource sharable among users of the network, such as a shared file folder or directory, and a communications pathway between the client computer and the server computer. The resource is organized as a hierarchy of elements with a root elemnent at the top of the hierarchy and additional elements below the root element. According to the invention, a request is received to change a protection, such as an access permission, of an element of the resource hierarchy (other than the root) with respect to a particular network user. If the element in question lacks an associated access control list, a nearest ancestor element of the hierarchy is located that has an associated access control list. The first (descendant) element inherits the access control list of the second (ancestor) element. This inheritance is done by generating a copy of the access control list of the second element and associating the generated copy with the first element. The requested change in protection is then incorporated into the generated copy that has been associated with the first element so as to establish an updated access control list for the first element. Further, the requested change can be propagated downwards in the hierarchy from the first element to its descendants having access control lists.
摘要翻译: 公开了一种在网络计算环境中管理文件和其他资源安全性的统一和直接的方法。 本发明可以在多用户计算机网络中实现,该多用户计算机网络包括客户端计算机,控制在诸如共享文件夹或目录之类的网络用户之间可共享的资源的服务器计算机,以及客户端计算机与 服务器计算机。 资源被组织为层次结构,在层次结构的顶部具有根元素,并且根元素下面的附加元素。 根据本发明,接收到相对于特定网络用户改变资源层级(除根以外)的元素的保护(例如访问许可)的请求。 如果所讨论的元素缺少关联的访问控制列表,则定位具有相关联的访问控制列表的层次结构的最近祖先元素。 第一个(后代)元素继承第二个(祖先)元素的访问控制列表。 该继承是通过生成第二个元素的访问控制列表的副本并将生成的副本与第一个元素关联来完成的。 然后将所请求的保护改变并入到已经与第一元素相关联的生成副本中,以建立用于第一元素的更新的访问控制列表。 此外,所请求的改变可以在层次结构中从第一元素向下传播到具有访问控制列表的后代。
-
5.发明授权Method and system for authenticating access to heterogeneous computing services 失效用于认证访问异构计算服务的方法和系统
公开(公告)号:US5655077A
公开(公告)日:1997-08-05
申请号:US356071
申请日:1994-12-13
CPC分类号: G06F21/6236
摘要: A method and system for authenticating access to heterogeneous computing services is provided. In a preferred embodiment, logon providers are configured into the computer system, which provide secure access to their services by requiring authentication of user identification information using a logon mechanism. According to this embodiment, a user designates a primary logon provider to provide an initial logon user interface. The user enters identification information when this user interface is displayed, for example a user name, a password and a domain. The computer system executes a logon sequence, which first invokes the primary logon provider to collect identification information and to authenticate the user for access to services provided by the primary logon provider. The system then authenticates the collected identification information to provide the user access to operating system computer services. If the system logon authentication procedure is not successful, then the logon sequence displays its own user interface to collect additional identification information. The logon sequence then invokes the logon routines of other logon providers to enable them to authenticate already collected identification information without displaying additional user interfaces. A preferred embodiment enables the system logon sequence to use authentication information stored on a network to authenticate the user for access to local computing services. Also, logon providers can be provided for drivers other than network drivers when a logon mechanism is required to access their computing services. Further, using a primary logon provider, the initial logon user interface displayed to collect identification information can be replaced.
摘要翻译: 提供了用于认证对异构计算服务的访问的方法和系统。 在优选实施例中,登录提供者被配置到计算机系统中,其通过使用登录机制要求认证用户识别信息来提供对其服务的安全访问。 根据本实施例,用户指定主登录提供者以提供初始登录用户界面。 当用户界面显示时,用户输入识别信息,例如用户名,密码和域名。 计算机系统执行登录序列,其首先调用主登录提供者以收集标识信息并且验证用户对主登录提供商提供的服务的访问。 然后,系统对所收集的识别信息进行认证,以向用户提供对操作系统计算机服务的访问。 如果系统登录认证过程不成功,则登录序列显示自己的用户界面来收集附加的标识信息。 然后,登录序列调用其他登录提供程序的登录例程,使其能够对已收集的标识信息进行身份验证,而不显示其他用户界面。 优选实施例使得系统登录序列能够使用存储在网络上的认证信息来认证用户访问本地计算服务。 此外,当需要访问其计算服务的登录机制时,可以为除网络驱动程序之外的驱动程序提供登录提供程序。 此外,使用主登录提供者,可以替换显示收集标识信息的初始登录用户界面。
-
6.发明授权Method and system for controlling user access to a resource in a networked computing environment 有权控制用户对联网计算环境中资源的访问的方法和系统
公开(公告)号:US6061684A
公开(公告)日:2000-05-09
申请号:US241099
申请日:1999-01-29
CPC分类号: G06F17/30221 , G06F21/6218 , H04L63/101 , H04L63/20 , G06F2221/2145 , Y10S707/99939 , Y10S707/99944
摘要: A unified and straightforward approach to managing file and other resource security in a networked computing environment is disclosed. The invention can be implemented in a multi-user computer network that includes a client computer, a server computer that controls a resource sharable among users of the network, such as a shared file folder or directory, and a communications pathway between the client computer and the server computer. The resource is organized as a hierarchy of elements with a root element at the top of the hierarchy and additional elements below the root element. According to the invention, a request is received to change a protection, such as an access permission, of an element of the resource hierarchy (other than the root) with respect to a particular network user. If the element in question lacks an associated access control list, a nearest ancestor element of the hierarchy is located that has an associated access control list. The first (descendant) element inherits the access control list of the second (ancestor) element. This inheritance is done by generating a copy of the access control list of the second element and associating the generated copy with the first element. The requested change in protection is then incorporated into the generated copy that has been associated with the first element so as to establish an updated access control list for the first element. Further, the requested change can be propagated downwards in the hierarchy from the first element to its descendants having access control lists.
摘要翻译: 公开了一种在网络计算环境中管理文件和其他资源安全性的统一和直接的方法。 本发明可以在多用户计算机网络中实现,该多用户计算机网络包括客户端计算机,控制在诸如共享文件夹或目录之类的网络用户之间可共享的资源的服务器计算机,以及客户端计算机与 服务器计算机。 资源被组织为具有根元素在层次结构顶部的元素的层次结构,并且根元素下面的附加元素。 根据本发明,接收到相对于特定网络用户改变资源层级(除根以外)的元素的保护(例如访问许可)的请求。 如果所讨论的元素缺少关联的访问控制列表,则定位具有相关联的访问控制列表的层次结构的最近祖先元素。 第一个(后代)元素继承第二个(祖先)元素的访问控制列表。 该继承是通过生成第二个元素的访问控制列表的副本并将生成的副本与第一个元素关联来完成的。 然后将所请求的保护改变并入到已经与第一元素相关联的生成副本中,以建立用于第一元素的更新的访问控制列表。 此外,所请求的改变可以在层次结构中从第一元素向下传播到具有访问控制列表的后代。
-
7.发明授权
公开(公告)号:US5956715A
公开(公告)日:1999-09-21
申请号:US710975
申请日:1996-09-23
CPC分类号: G06F17/30221 , G06F21/6218 , H04L63/101 , H04L63/20 , G06F2221/2145 , Y10S707/99939 , Y10S707/99944
摘要: A unified and straightforward approach to managing file and other resource security in a networked computing environment is disclosed. The invention can be implemented in a multi-user computer network that includes a client computer, a server computer that controls a resource sharable among users of the network, such as a shared file folder or directory, and a communications pathway between the client computer and the server computer. The resource is organized as a hierarchy of elements with a root element at the top of the hierarchy and additional elements below the root element. According to the invention, a request is received to change a protection, such as an access permission, of an element of the resource hierarchy (other than the root) with respect to a particular network user. If the element in question lacks an associated access control list, a nearest ancestor element of the hierarchy is located that has an associated access control list. The first (descendant) element inherits the access control list of the second (ancestor) element. This inheritance is done by generating a copy of the access control list of the second element and associating the generated copy with the first element. The requested change in protection is then incorporated into the generated copy that has been associated with the first element so as to establish an updated access control list for the first element. Further, the requested change can be propagated downwards in the hierarchy from the first element to its descendants having access control lists.
-
公开(公告)号:US20120192173A1
公开(公告)日:2012-07-26
申请号:US13214847
申请日:2011-08-22
申请人: Robert M. Price
发明人: Robert M. Price
IPC分类号: G06F9/44
CPC分类号: G06F8/65
摘要: A system and method for communicating with one or more software-controlled devices.
摘要翻译: 一种用于与一个或多个软件控制设备通信的系统和方法。
-
公开(公告)号:US20110125926A1
公开(公告)日:2011-05-26
申请号:US13015471
申请日:2011-01-27
申请人: Robert M. Price
发明人: Robert M. Price
IPC分类号: G06F3/00
CPC分类号: G06F8/65
摘要: A system and method for communicating with one or more software-controlled devices.
摘要翻译: 一种用于与一个或多个软件控制设备通信的系统和方法。
-
10.发明授权Method for continuously processing electronic messages throughout a transition between online and offline states 失效在线和离线状态之间的转换期间连续处理电子信息的方法公开(公告)号:US06954782B2
公开(公告)日:2005-10-11
申请号:US10223831
申请日:2002-08-19
CPC分类号: G06Q10/107 , H04L51/00
摘要: An electronic mail (e-mail) application program includes a configurable, e-mail messaging feature for automatically responding to a portable computer's transition between online and offline states. The e-mail application program determines the state of a connection between a portable computer and an electronic mail server and processes electronic messages in accordance with the appropriate state. The portable computer's transition between an online state and an offline state triggers a user-configurable response, designed to permit the continuation of electronic mail message processing in a manner that accommodates the state change. The e-mail application program responds to such a transition by automatically switching between online and offline modes of operation. The e-mail application program can also respond to such a transition by establishing a secondary connection to a mail server when a primary connection is rendered inoperative. A user may configure various aspects of the invention to respond to a transition in a way that accommodates the user's hardware and/or software requirements.
摘要翻译: 电子邮件(电子邮件)应用程序包括可配置的电子邮件消息功能,用于自动响应便携式计算机在线路和离线状态之间的转换。 电子邮件应用程序确定便携式计算机和电子邮件服务器之间的连接的状态,并根据适当的状态处理电子消息。 便携式计算机在在线状态和脱机状态之间的转换触发用户可配置的响应,其被设计为允许以适应状态改变的方式继续电子邮件消息处理。 电子邮件应用程序通过在线和离线操作模式之间自动切换来响应这种转换。 当主连接不起作用时,电子邮件应用程序还可以通过建立到邮件服务器的辅助连接来响应这种转换。 用户可以配置本发明的各个方面以以适应用户的硬件和/或软件需求的方式来响应转换。
-
-
-
-
-
-
-
-
-
搜索结果
14 条记录 (耗时 0.021 秒)
