IDENTITY AND POLICY ENABLED COLLABORATION
    2.
    发明申请
    IDENTITY AND POLICY ENABLED COLLABORATION 审中-公开
    身份和政策启用协作

    公开(公告)号:US20100043049A1

    公开(公告)日:2010-02-18

    申请号:US12192688

    申请日:2008-08-15

    IPC分类号: H04L9/32

    摘要: Techniques for identity and policy enabled collaboration are provided. Access to assets of an enterprise is governed by identity relationships. A policy defines security restrictions between collaborating network resources based on identities assigned to the network resources. During collaboration, the security restrictions are enforced.

    摘要翻译: 提供了身份和政策启用协作的技术。 访问企业的资产由身份关系管理。 一种策略定义了基于分配给网络资源的身份的协作网络资源之间的安全限制。 在合作期间,执行安全限制。

    System and method for transparent access and management of user accessible cloud assets
    4.
    发明授权
    System and method for transparent access and management of user accessible cloud assets 有权
    用于透明访问和管理用户可访问的云资产的系统和方法

    公开(公告)号:US08429716B2

    公开(公告)日:2013-04-23

    申请号:US12613077

    申请日:2009-11-05

    IPC分类号: H04L29/06

    CPC分类号: H04L9/32 H04L63/105 H04L63/20

    摘要: System and method for enabling user access of cloud assets are described. In one embodiment, a method comprises authenticating a user to a system comprising a cloud computing environment in which a plurality of cloud assets are hosted; assembling a deployment associated with the authenticated user in accordance with a policy, the deployment comprising designated ones of the cloud assets; and providing a secure mechanism by which the designated ones of the cloud assets comprising the deployment are accessible by the authenticated user.

    摘要翻译: 描述了允许用户访问云资产的系统和方法。 在一个实施例中,一种方法包括将系统的用户认证到系统,该系统包括托管多个云资产的云计算环境; 根据策略组装与认证用户相关联的部署,该部署包括指定的云资产; 并提供一种安全机制,通过该安全机制,包括部署的指定云资产中的这些云资产可以被认证的用户访问。

    Techniques for anonymous internet access
    6.
    发明授权
    Techniques for anonymous internet access 有权
    匿名互联网接入技术

    公开(公告)号:US08302161B2

    公开(公告)日:2012-10-30

    申请号:US12036523

    申请日:2008-02-25

    CPC分类号: H04L63/0281 H04L63/0407

    摘要: Techniques are presented for anonymous Internet access. Internet requests are intercepted within a firewalled environment before being routed over the Internet to destination sites. Each Internet requests is evaluated in view of policy and one or more anonymizers are selected in response to that evaluation. The Internet requests are then routed through the appropriate anonymizers for processing to the destination sites. A relationship between an Internet Protocol (IP) address associated with the firewalled environment and IP addresses of the destination sites is masked and hidden via the anonymizers from Internet observers. Moreover, a secure communication between the firewalled environment and the anonymizers is maintained.

    摘要翻译: 为匿名上网提供技术。 互联网请求在通过Internet路由到目标站点之前在防火墙环境中被拦截。 根据策略评估每个互联网请求,并根据该评估选择一个或多个匿名器。 然后通过适当的匿名器路由Internet请求,以便处理到目标站点。 与防火墙环境相关联的因特网协议(IP)地址和目的地站点的IP地址之间的关系通过来自互联网观察者的匿名器被屏蔽和隐藏。 此外,保护防火墙环境和匿名者之间的安全通信。

    System and method for implementing a cloud workflow
    7.
    发明申请
    System and method for implementing a cloud workflow 有权
    用于实施云工作流的系统和方法

    公开(公告)号:US20110106926A1

    公开(公告)日:2011-05-05

    申请号:US12612895

    申请日:2009-11-05

    IPC分类号: G06F15/173

    CPC分类号: H04L67/1097 H04L63/00

    摘要: System and method for implementing a workflow of a first domain, wherein the workflow is implemented as a series of steps to accomplish a workload and wherein at least one of the steps utilizes a process, are described. In one embodiment, the method comprises establishing a mutual trust relationship between the first domain and a second domain; wherein one of the steps is authored by the second domain, the method further comprising associating with the step authored by the second domain a digital attestation for enabling the first domain to verify authorship and non-modification thereof.

    摘要翻译: 描述了用于实现第一域的工作流的系统和方法,其中所述工作流被实现为完成工作负载的一系列步骤,并且其中至少一个步骤利用过程被描述。 在一个实施例中,该方法包括建立第一域与第二域之间的相互信任关系; 其中所述步骤之一由所述第二域创建,所述方法还包括与由所述第二域创建的步骤相关联的数字证明,以使所述第一域能够验证其作者身份和不修改。

    SYSTEM AND METHOD FOR PROVIDING KEY-ENCRYPTED STORAGE IN A CLOUD COMPUTING ENVIRONMENT
    8.
    发明申请
    SYSTEM AND METHOD FOR PROVIDING KEY-ENCRYPTED STORAGE IN A CLOUD COMPUTING ENVIRONMENT 有权
    在云计算环境中提供主要加密存储的系统和方法

    公开(公告)号:US20100235630A1

    公开(公告)日:2010-09-16

    申请号:US12613098

    申请日:2009-11-05

    IPC分类号: H04L9/00

    摘要: System and method for providing cloud computing services are described. In one embodiment, the system comprises a cloud computing environment comprising resources for supporting cloud workloads, each cloud workload having associated therewith an internal cloud address; and a routing system disposed between external workloads of an external computing environment and the cloud workloads, the routing system for directing traffic from an external address to the internal cloud addresses of the cloud workloads. A designated one of the cloud workloads obtains one key of a first pair of cryptographic keys, the first pair of cryptographic keys for decrypting encrypted storage hosted within the cloud computing environment.

    摘要翻译: 描述了用于提供云计算服务的系统和方法。 在一个实施例中,该系统包括云计算环境,其包括用于支持云工作负载的资源,每个云工作负载与其相关联的内部云地址; 以及布置在外部计算环境的外部工作负载和云工作负载之间的路由系统,路由系统用于将流量从外部地址引导到云工作负载的内部云地址。 指定的一个云工作负载获得第一对加密密钥的一个密钥,第一对加密密钥用于解密在云计算环境内托管的加密存储。

    Techniques for attesting to content
    9.
    发明授权
    Techniques for attesting to content 有权
    认证内容的技巧

    公开(公告)号:US07574479B2

    公开(公告)日:2009-08-11

    申请号:US11338393

    申请日:2006-01-24

    IPC分类号: G06F15/16

    摘要: Techniques for attesting to content received from an author (sender) are provided. A sender's content is represented by a message digest. The message digest is signed by an identity service. The signed message digest represents an attestation as to the authenticity of the content from the sender. The sender transmits the signed message digest and content in a message to a recipient. The recipient verifies the signature and message digest to authenticate the content from the sender.

    摘要翻译: 提供了证明从作者(发件人)收到的内容的技术。 发件人的内容由消息摘要表示。 消息摘要由身份服务签名。 签名的消息摘要表示来自发件人的内容的真实性的证明。 发件人将签名的消息摘要和消息中的内容发送到收件人。 收件人验证签名和消息摘要以验证发件人的内容。

    TECHNIQUES FOR NON-UNIQUE IDENTITY ESTABLISHMENT
    10.
    发明申请
    TECHNIQUES FOR NON-UNIQUE IDENTITY ESTABLISHMENT 有权
    非唯一身份识别技术

    公开(公告)号:US20090199282A1

    公开(公告)日:2009-08-06

    申请号:US12024640

    申请日:2008-02-01

    IPC分类号: H04L9/32

    摘要: Techniques for non-unique identity establishment are presented. A plurality of biometric data associated with a user is acquired from a plurality of biometric devices. The intersection of the biometric data is registered or a vector for the biometric data is registered. This information is also registered along with answers to questions provided by the user. When a user attempts to subsequently access a secure resource of a network, the retained information is compared against user-supplied biometric data and in some cases where appropriate user-supplied answers to establish an identity of the user and to authenticate the user for access to the secure resource.

    摘要翻译: 介绍了非唯一身份建立的技术。 从多个生物测定装置获取与用户相关联的多个生物特征数据。 登记生物体数据的交点,或者登记生物体数据的矢量。 此信息也与用户提供的问题的答案一起注册。 当用户尝试随后访问网络的安全资源时,将保留的信息与用户提供的生物特征数据进行比较,并且在某些情况下,其中适当的用户提供的答案建立用户的身份并且认证用户访问 安全资源。