-
公开(公告)号:US20120281196A1
公开(公告)日:2012-11-08
申请号:US13460973
申请日:2012-05-01
申请人: Ulrich Loering , Vladimir Kamenov , Dirk Heinrich Ehm , Stefan-Wolfgang Schmidt , Moritz Becker , Andreas Wurmbrand
发明人: Ulrich Loering , Vladimir Kamenov , Dirk Heinrich Ehm , Stefan-Wolfgang Schmidt , Moritz Becker , Andreas Wurmbrand
CPC分类号: G02B1/113 , G02B5/005 , G02B17/0663 , G02B27/0006 , G02B27/0018 , G03F7/70808 , G03F7/70941
摘要: A projection lens of a projection exposure apparatus, for imaging a mask which can be positioned in an object plane onto a light-sensitive layer which can be positioned in an image plane, includes a housing, in which at least one optical element is arranged, at least one partial housing which is arranged within said housing and which at least regionally surrounds light passing from the object plane as far as the image plane during the operation of the projection lens, and a reflective structure, which reduces a light proportion which reaches the image plane after reflection at the at least one partial housing, by comparison with an analogous arrangement without said reflective structure.
摘要翻译: 投影曝光装置的投影透镜,用于将可位于物平面中的掩模成像到可位于像平面中的感光层上的投影透镜包括其中布置有至少一个光学元件的外壳, 至少一个部分壳体布置在所述壳体内,并且至少在区域上围绕在投影透镜的操作期间从物体平面延伸至图像平面的光,以及反射结构,其减少到达 通过与没有所述反射结构的类似布置进行比较,在至少一个部分壳体上反射之后的图像平面。
-
公开(公告)号:US08339576B2
公开(公告)日:2012-12-25
申请号:US13460973
申请日:2012-05-01
申请人: Ulrich Loering , Vladimir Kamenov , Dirk Heinrich Ehm , Stefan-Wolfgang Schmidt , Moritz Becker , Andreas Wurmbrand
发明人: Ulrich Loering , Vladimir Kamenov , Dirk Heinrich Ehm , Stefan-Wolfgang Schmidt , Moritz Becker , Andreas Wurmbrand
CPC分类号: G02B1/113 , G02B5/005 , G02B17/0663 , G02B27/0006 , G02B27/0018 , G03F7/70808 , G03F7/70941
摘要: A projection lens of a projection exposure apparatus, for imaging a mask which can be positioned in an object plane onto a light-sensitive layer which can be positioned in an image plane, includes a housing, in which at least one optical element is arranged, at least one partial housing which is arranged within said housing and which at least regionally surrounds light passing from the object plane as far as the image plane during the operation of the projection lens, and a reflective structure, which reduces a light proportion which reaches the image plane after reflection at the at least one partial housing, by comparison with an analogous arrangement without said reflective structure.
摘要翻译: 投影曝光装置的投影透镜,用于将可位于物平面中的掩模成像到可位于像平面中的感光层上的投影透镜包括其中布置有至少一个光学元件的外壳, 至少一个部分壳体布置在所述壳体内,并且至少在区域上围绕在投影透镜的操作期间从物体平面延伸至图像平面的光,以及反射结构,其减少到达 通过与没有所述反射结构的类似布置进行比较,在至少一个部分壳体上反射之后的图像平面。
-
公开(公告)号:US09251342B2
公开(公告)日:2016-02-02
申请号:US13194349
申请日:2011-07-29
申请人: Moritz Becker
发明人: Moritz Becker
CPC分类号: G06F21/556 , G06F21/577 , G06F21/604 , G06F2221/2141 , H04L63/1433 , H04L63/20
摘要: Techniques for evaluating detectablity of confidential information stored in authorization policies are described. In an example, an authorization policy has a confidential property. The confidential property is defined by whether application of a test probe to the authorization policy results in the grant of access to a resource. A processor automatically determines whether at least one witness policy can be generated that is observationally equivalent to the authorization policy from the perspective of a potential attacker, but the application of the test probe to the witness policy generates an access denial result. In the case that such a witness policy can be generated, an indication that the confidential property cannot be detected using the test probe is output. In the case that such a witness policy cannot be generated, an indication that the confidential property can be detected using the test probe is output.
摘要翻译: 描述了用于评估存储在授权策略中的机密信息的可检测性的技术。 在一个示例中,授权策略具有机密属性。 保密属性的定义是将测试探针应用于授权策略是否导致授予访问资源的权限。 处理器自动确定是否可以从潜在攻击者的角度确定是否至少可以生成一个观察性地等同于授权策略的证人策略,但是将测试探针应用于证人策略会生成访问拒绝结果。 在可以生成这种见证策略的情况下,输出使用测试探针不能检测到机密属性的指示。 在不能产生这种见证策略的情况下,输出可以使用测试探针检测到机密属性的指示。
-
公开(公告)号:US09160738B2
公开(公告)日:2015-10-13
申请号:US12789277
申请日:2010-05-27
申请人: Moritz Becker
发明人: Moritz Becker
IPC分类号: H04L29/06
CPC分类号: H04L63/0807 , H04L63/1408
摘要: Delegation-based authorization is described. In one example, a reference monitor receives from a first entity a request and a credential statement comprising a delegation of authority over a fact to a further entity. An authorization node then determines whether the further entity consents to provide the fact to the first entity and evaluates the request in accordance with an authorization policy and the credential statement. In another example, an assertion comprising a statement delegating authority over a fact to a further entity is received at an authorization node from a first entity. An authorization policy is then used to determine that the first entity vouches for the fact if each of these conditions are met: i) the first entity consents to import the fact from the further entity, ii) the further entity consents to export the fact to the first entity, and iii) the further entity asserts the fact.
摘要翻译: 描述了基于授权的授权。 在一个示例中,参考监视器从第一实体接收请求和证明声明,该声明包括对另一个实体的事实的授权。 然后,授权节点确定另外的实体是否同意向第一实体提供事实,并且根据授权策略和凭证语句来评估请求。 在另一个示例中,在第一实体的授权节点处接收包括对事实的语句委派权限给另一个实体的断言。 然后,使用授权政策来确定第一个实体如果满足这些条件中的每一个条件,则提供事实:i)第一实体同意从另一实体导入事实,ii)另一实体同意将事实导出为 第一个实体,和iii)另一个实体声称事实。
-
公开(公告)号:US20110016507A1
公开(公告)日:2011-01-20
申请号:US12502909
申请日:2009-07-14
申请人: Moritz Becker
发明人: Moritz Becker
IPC分类号: G06F21/00
CPC分类号: H04L63/102 , G06F21/305 , G06F21/335 , G06F21/6218 , G06F2221/2105 , G06F2221/2141 , G06F2221/2149
摘要: State-updating authorization is described. In an embodiment, an authorization system comprises an authorization node, a storage device and a reference monitor. The authorization node executes an authorization policy, and the storage device stores an authorization state associated with the authorization policy. Requests for access to a secured resource are received at the reference monitor, and the reference monitor queries the authorization node, which uses the authorization policy to determine whether to grant access to the secured resource based on a rule having at least one access condition. The rule, executed as part of the authorization policy on the authorization node, is configured to update all the entries in the authorization state for which an update condition is met.
摘要翻译: 描述状态更新授权。 在一个实施例中,授权系统包括授权节点,存储设备和参考监视器。 授权节点执行授权策略,存储设备存储与授权策略关联的授权状态。 在参考监视器处接收对安全资源的访问的请求,并且参考监视器查询授权节点,授权节点使用授权策略来确定是否基于具有至少一个访问条件的规则来授予对安全资源的访问。 作为授权节点授权策略的一部分执行的规则被配置为更新满足更新条件的授权状态中的所有条目。
-
公开(公告)号:US20110296497A1
公开(公告)日:2011-12-01
申请号:US12789277
申请日:2010-05-27
申请人: Moritz Becker
发明人: Moritz Becker
CPC分类号: H04L63/0807 , H04L63/1408
摘要: Delegation-based authorization is described. In one example, a reference monitor receives from a first entity a request and a credential statement comprising a delegation of authority over a fact to a further entity. An authorization node then determines whether the further entity consents to provide the fact to the first entity and evaluates the request in accordance with an authorization policy and the credential statement. In another example, an assertion comprising a statement delegating authority over a fact to a further entity is received at an authorization node from a first entity. An authorization policy is then used to determine that the first entity vouches for the fact if each of these conditions are met: i) the first entity consents to import the fact from the further entity, ii) the further entity consents to export the fact to the first entity, and iii) the further entity asserts the fact.
摘要翻译: 描述了基于授权的授权。 在一个示例中,参考监视器从第一实体接收请求和证明声明,该声明包括对另一个实体的事实的授权。 然后,授权节点确定另外的实体是否同意向第一实体提供事实,并且根据授权策略和凭证语句来评估请求。 在另一个示例中,在第一实体的授权节点处接收包括对事实的语句委派权限给另一个实体的断言。 然后,使用授权政策来确定第一个实体如果满足这些条件中的每一个条件,则提供事实:i)第一实体同意从另一实体导入事实,ii)另一实体同意将事实导出为 第一个实体,和iii)另一个实体声称事实。
-
公开(公告)号:US08296822B2
公开(公告)日:2012-10-23
申请号:US12502909
申请日:2009-07-14
申请人: Moritz Becker
发明人: Moritz Becker
IPC分类号: G06F21/00
CPC分类号: H04L63/102 , G06F21/305 , G06F21/335 , G06F21/6218 , G06F2221/2105 , G06F2221/2141 , G06F2221/2149
摘要: An authorization system includes an authorization node, a storage device and a reference monitor. The authorization node executes an authorization policy, and the storage device stores an authorization state associated with the authorization policy. Requests for access to a secured resource are received at the reference monitor, and the reference monitor queries the authorization node, which uses the authorization policy to determine whether to grant access to the secured resource based on a rule having at least one access condition. The rule, executed as part of the authorization policy on the authorization node, is configured to update all the entries in the authorization state for which an update condition is met.
摘要翻译: 授权系统包括授权节点,存储设备和参考监视器。 授权节点执行授权策略,存储设备存储与授权策略关联的授权状态。 在参考监视器处接收对安全资源的访问的请求,并且参考监视器查询授权节点,授权节点使用授权策略来确定是否基于具有至少一个访问条件的规则来授予对安全资源的访问。 作为授权节点授权策略的一部分执行的规则被配置为更新满足更新条件的授权状态中的所有条目。
-
公开(公告)号:US20130031596A1
公开(公告)日:2013-01-31
申请号:US13194349
申请日:2011-07-29
申请人: Moritz Becker
发明人: Moritz Becker
IPC分类号: G06F21/00
CPC分类号: G06F21/556 , G06F21/577 , G06F21/604 , G06F2221/2141 , H04L63/1433 , H04L63/20
摘要: Techniques for evaluating detectablity of confidential information stored in authorization policies are described. In an example, an authorization policy has a confidential property. The confidential property is defined by whether application of a test probe to the authorization policy results in the grant of access to a resource. A processor automatically determines whether at least one witness policy can be generated that is observationally equivalent to the authorization policy from the perspective of a potential attacker, but the application of the test probe to the witness policy generates an access denial result. In the case that such a witness policy can be generated, an indication that the confidential property cannot be detected using the test probe is output. In the case that such a witness policy cannot be generated, an indication that the confidential property can be detected using the test probe is output.
摘要翻译: 描述了用于评估存储在授权策略中的机密信息的可检测性的技术。 在一个示例中,授权策略具有机密属性。 保密属性的定义是将测试探针应用于授权策略是否导致授予访问资源的权限。 处理器自动确定是否可以从潜在攻击者的角度确定是否至少可以生成一个观察性地等同于授权策略的证人策略,但是将测试探针应用于证人策略会生成访问拒绝结果。 在可以生成这种见证策略的情况下,输出使用测试探针不能检测到机密属性的指示。 在不能产生这种见证策略的情况下,输出可以使用测试探针检测到机密属性的指示。
-
-
-
-
-
-
-
搜索结果
8 条记录 (耗时 0.024 秒)