-
公开(公告)号:US20050193202A1
公开(公告)日:2005-09-01
申请号:US10788108
申请日:2004-02-26
CPC分类号: H04L9/3236 , H04L9/3247 , H04L2209/68
摘要: A signature system with a mechanism to identify element(s) of a signed document includes a sender having a signature module with a digest generator. The digest generator generates digests for identifying selected elements of the document. The resulting “identifying” digests are then used in generating a signature in which the sender signs the digests rather than the original elements. The receiver can then process the signature and use these digests to distinguish between elements, as needed.
摘要翻译: 具有识别签名文档的元素的机制的签名系统包括具有带摘要生成器的签名模块的发送者。 摘要生成器生成用于识别文档的所选元素的摘要。 然后,所得到的“识别”摘要用于生成签名,其中发送者签署摘要而不是原始元素。 然后,接收者可以处理签名,并根据需要使用这些摘要来区分元素。
-
公开(公告)号:US20060150200A1
公开(公告)日:2006-07-06
申请号:US11003307
申请日:2004-12-03
申请人: Shy Cohen , Geary Eppley , Douglas Purdy , James Johnson , Stephen Millet , Stephen Swartz , Vijay Gajjala , Aaron Stern , Alexander DeJarnatt , Alfred Lee , Anand Rjagopalan , Anastasios Kasiolas , Chaitanya Upadhyay , Christopher Kaler , Craig Critchley , David Levin , David Driver , David Wortendyke , Douglas Walter , Elliot Waingold , Erik Christensen , Erin Honeycutt , Eugene Shvets , Evgeny Osovetsky , Giovanni Della-Libera , Jesus Ruiz-Scougall , John Doty , Jonathan Wheeler , Kapil Gupta , Kenneth Wolf , Krishnan Srinivasan , Lance Olson , Matthew Tavis , Mauro Ottaviani , Max Feingold , Michael Coulson , Michael Marucheck , Michael Vernal , Michael Dice , Mohamed-Hany Ramadan , Mohammad Makarechian , Natasha Jethanandani , Richard Dievendorff , Richard Hill , Ryan Sturgell , Saurab Nog , Scott Seely , Serge Sverdlov , Siddhartha Puri , Sowmyanarayanan Srinivasan , Stefan Batres , Stefan Pharies , Tirunelveli Vishwanath , Tomasz Janczuk , Uday Hegde , Umesh Madan , Vaithialingam Balayogan , Vipul Modi , Yaniv Pessach , Yasser Shohoud
发明人: Shy Cohen , Geary Eppley , Douglas Purdy , James Johnson , Stephen Millet , Stephen Swartz , Vijay Gajjala , Aaron Stern , Alexander DeJarnatt , Alfred Lee , Anand Rjagopalan , Anastasios Kasiolas , Chaitanya Upadhyay , Christopher Kaler , Craig Critchley , David Levin , David Driver , David Wortendyke , Douglas Walter , Elliot Waingold , Erik Christensen , Erin Honeycutt , Eugene Shvets , Evgeny Osovetsky , Giovanni Della-Libera , Jesus Ruiz-Scougall , John Doty , Jonathan Wheeler , Kapil Gupta , Kenneth Wolf , Krishnan Srinivasan , Lance Olson , Matthew Tavis , Mauro Ottaviani , Max Feingold , Michael Coulson , Michael Marucheck , Michael Vernal , Michael Dice , Mohamed-Hany Ramadan , Mohammad Makarechian , Natasha Jethanandani , Richard Dievendorff , Richard Hill , Ryan Sturgell , Saurab Nog , Scott Seely , Serge Sverdlov , Siddhartha Puri , Sowmyanarayanan Srinivasan , Stefan Batres , Stefan Pharies , Tirunelveli Vishwanath , Tomasz Janczuk , Uday Hegde , Umesh Madan , Vaithialingam Balayogan , Vipul Modi , Yaniv Pessach , Yasser Shohoud
IPC分类号: G06F9/46
摘要: A web services namespace pertains to an infrastructure for enabling creation of a wide variety of applications. The infrastructure provides a foundation for building message-based applications of various scale and complexity. The infrastructure or framework provides APIs for basic messaging, secure messaging, reliable messaging and transacted messaging. In some embodiments, the associated APIs are factored into a hierarchy of namespaces in a manner that balances utility, usability, extensibility and versionability.
-
公开(公告)号:US20050182957A1
公开(公告)日:2005-08-18
申请号:US10779922
申请日:2004-02-16
CPC分类号: G06F21/60 , G06F21/51 , G06F21/606
摘要: A security system with a mechanism to identify types of information that need to be secured and another mechanism to specify how the types are to be secured. The system includes a sender having an application and a receiver having a security module and one or more datastores to store information related to types of information that need to be secured (e.g. “scopes”), how information is to be secured (e.g., “profiles”), and a mapping (e.g., “bindings”) between the scopes and profiles. Scopes can be implemented by application developers. Profiles can be implemented by application deployers and/or administrators. The security module determines which scope is appropriate for the message, and then determines the profile that is mapped to the scope. The security module can then make an access control decision using the profile.
摘要翻译: 一种具有识别需要保护的信息类型的机制的安全系统和另一种机制来指定类型是如何被保护的。 该系统包括具有应用的发送者和具有安全模块和一个或多个数据存储的接收者,用于存储与需要被保护的信息类型(例如“范围”)有关的信息,如何保护信息(例如“ 配置文件“)以及范围和配置文件之间的映射(例如”绑定“)。 范围可以由应用程序开发人员实现。 配置文件可以由应用程序部署人员和/或管理员实现。 安全模块确定哪个范围适合消息,然后确定映射到范围的配置文件。 安全模块然后可以使用配置文件进行访问控制决定。
-
公开(公告)号:US20050182941A1
公开(公告)日:2005-08-18
申请号:US10780274
申请日:2004-02-16
CPC分类号: G06F21/335
摘要: A system for processing multiple types of security schemes includes a server having a claims engine that extracts claim(s) from security token(s) and maps extracted claims to other claims. The term claim as used in this context is a statement about a token's subject. The claims engine can extract claim(s) from one or more different types of security tokens corresponding to the multiple security schemes. These extracted claim(s) can then be selectively mapped to other claims using mapping information that is accessible to the server. The security decision can then be based on the extracted and/or derived claim(s) rather than tokens. This system can thereby support multiple security schemes and simplify the security process for the user.
摘要翻译: 用于处理多种类型的安全方案的系统包括具有从安全令牌提取权利要求并将提取的权利要求映射到其他权利要求的权利要求引擎的服务器。 在这种情况下使用的这个术语是关于令牌主题的声明。 索赔引擎可以从对应于多个安全方案的一个或多个不同类型的安全令牌中提取索赔。 然后可以使用服务器可访问的映射信息将这些提取的权利要求选择性地映射到其他权利要求。 然后,安全性决定可以基于提取的和/或导出的权利要求而不是令牌。 因此,该系统可以支持多种安全方案,并简化用户的安全过程。
-
5.
公开(公告)号:US20060174016A1
公开(公告)日:2006-08-03
申请号:US11048346
申请日:2005-02-01
申请人: Craig Critchley , David Wortendyke , Elliot Waingold , Eric Zinda , Erik Christensen , Giovanni Della-Libera , Kenneth Wolf , Michael Vernal , Shy Cohen , Stefan Pharies , Stephen Millet , Stephen Swartz , Tomasz Janczuk , Uday Hegde , Yaniv Pessach
发明人: Craig Critchley , David Wortendyke , Elliot Waingold , Eric Zinda , Erik Christensen , Giovanni Della-Libera , Kenneth Wolf , Michael Vernal , Shy Cohen , Stefan Pharies , Stephen Millet , Stephen Swartz , Tomasz Janczuk , Uday Hegde , Yaniv Pessach
CPC分类号: G06F9/546
摘要: The present invention provides for an automated, user friendly way of constructing and using a binding object. A developer is presenting and selects binding elements that will ultimately be used to create a runtime communication channel for transporting a message between a client and service endpoint. After receiving the user input, metadata, a channel factory and listener factory are created. The metadata describes binding elements and provides an abstract representation of a protocol stack that implements communication aspects at runtime. The channel factory is configured to use the collection of metadata at runtime to generate the runtime communication channel. Further, the listener factory is configured to accept the runtime communication channel for de-multiplex the communication aspects in order to process the message at a service endpoint. The present invention also provides for groupings of binding elements and standardized binging objects organized based on industry need.
摘要翻译: 本发明提供了一种自动化,用户友好的构造和使用绑定对象的方式。 开发人员正在呈现并选择将最终用于创建用于在客户端和服务端点之间传输消息的运行时通信通道的绑定元素。 收到用户输入后,创建元数据,渠道工厂和监听工厂。 元数据描述绑定元素,并提供在运行时实现通信方面的协议栈的抽象表示。 通道工厂配置为在运行时使用元数据的集合来生成运行时通信通道。 此外,收听工厂被配置为接受运行时通信信道以解复用通信方面,以便在服务端点处理消息。 本发明还提供了基于行业需要组织的结合元件和标准化ing物的分组。
-
公开(公告)号:US20060130127A1
公开(公告)日:2006-06-15
申请号:US11009926
申请日:2004-12-10
申请人: Christopher Kaler , Douglas Walter , Giovanni Della-Libera , Melissa Dunn , Richard Hasha , Tomasz Janczuk
发明人: Christopher Kaler , Douglas Walter , Giovanni Della-Libera , Melissa Dunn , Richard Hasha , Tomasz Janczuk
IPC分类号: G06K9/00
CPC分类号: H04L63/0428 , H04L63/16
摘要: A data structure with endpoint address and security information. The data structure includes an address field that includes one or more endpoint addresses for an entity. The data structure further includes a security field that includes one or more keys for facilitating secure communications with the entity. The data structure may also be such that the contents of the address field and the security field are serialized in the data structure. The data structure may be extensible such that new address fields and security fields may be added.
-
公开(公告)号:US07860989B2
公开(公告)日:2010-12-28
申请号:US11049157
申请日:2005-02-02
IPC分类号: G06F15/16
CPC分类号: H04L29/06 , G06F17/3092
摘要: In a computerized system, a sending computer system and recipient computer system exchange an interchange format message in a resource-efficient manner. For example, a transformation writer at the sending computer system selects and transforms only one or few of a plurality of units of the message at the time. The transformed message units are then streamed to the recipient computer system in accordance with a relevant transformation standard, such as the canonicalization standard in the case of XML messages. A transformation reader at the recipient computer system transforms the messages using a buffer big enough for received message units, and passes the transformed units to a file. Thus, the transformation writer acts as a stream writer to pass a message, and the transformation reader acts as a stream reader at the recipient computer system.
摘要翻译: 在计算机化系统中,发送计算机系统和接收者计算机系统以资源有效的方式交换交换格式消息。 例如,发送计算机系统中的变换写入器当时仅选择和转换消息的多个单元中的一个或几个。 然后,转换的消息单元根据相关的转换标准(例如XML消息的规范化标准)被流式传输到接收方计算机系统。 收件人计算机系统的变换阅读器使用足够大的缓冲器对接收的消息单元转换消息,并将转换的单位传递给文件。 因此,变换写入器用作流写入器来传递消息,并且转换读取器在接收者计算机系统处作为流读取器。
-
公开(公告)号:US20120215804A1
公开(公告)日:2012-08-23
申请号:US13162771
申请日:2011-06-17
CPC分类号: G06F17/246 , G06F16/252
摘要: A data-programming environment is disclosed that facilitates data manipulation. Visual representations are presented of available operations with respect to one or more data sources. A preview of data is displayed capturing the state of data with respect to manipulations. Further, a visual representation of a series of selected operations is maintained to capture successive refinements and aid subsequent interaction.
摘要翻译: 公开了一种便于数据操作的数据编程环境。 提供了关于一个或多个数据源的可用操作的视觉表示。 显示数据的预览,捕获关于操作的数据状态。 此外,维持一系列所选操作的视觉表示以捕获连续的细化并辅助随后的交互。
-
公开(公告)号:US20050278390A1
公开(公告)日:2005-12-15
申请号:US11207034
申请日:2005-08-19
CPC分类号: H04L63/126 , G06F21/6218 , G06F2221/2141 , H04L45/34 , H04L45/566 , H04L63/04 , H04L63/0428 , H04L63/08 , H04L63/102 , H04L63/123 , H04L67/02 , Y10S707/99939
摘要: Methods, systems, and data structures for communicating object metadata are provided. A generic metadata container is presented that allows object metadata to be described in an extensible manner using protocol-neutral and platform-independent methodologies. A metadata scope refers to a dynamic universe of targets to which the included metadata statements correspond. Metadata properties provide a mechanism to describe the metadata itself, and metadata security can be used to ensure authentic metadata is sent and received. Mechanisms are also provided to allow refinement and replacement of metadata statements. The generic metadata container can be adapted to dynamically define access control rights to a range of objects by a range of users, including granted and denied access rights.
摘要翻译: 提供了传达对象元数据的方法,系统和数据结构。 提出了一个通用的元数据容器,允许使用协议中立和平台无关的方法以可扩展的方式描述对象元数据。 元数据范围是指所包含的元数据语句对应的目标的动态范围。 元数据属性提供了一种描述元数据本身的机制,并且可以使用元数据安全性来确保发送和接收真实的元数据。 还提供了机制来允许细化和替换元数据语句。 通用元数据容器可以被适配成动态地定义一系列用户对一系列对象的访问控制权限,包括授权和被拒绝的访问权限。
-
公开(公告)号:US20110119654A1
公开(公告)日:2011-05-19
申请号:US12618320
申请日:2009-11-13
申请人: David Michael Miller , David Patrick Wolfe , Neil Alexander MacIntosh , Quetzalcoatl Bradley , Giovanni Della-Libera
发明人: David Michael Miller , David Patrick Wolfe , Neil Alexander MacIntosh , Quetzalcoatl Bradley , Giovanni Della-Libera
IPC分类号: G06F9/44
CPC分类号: G06F11/3664
摘要: A computer system displays an interactive development environment including a domain specific language (DSL) grammar input receiving area that allows the user to view and interact with DSL grammar inputs, a DSL language input receiving area that allows the user to view and interact with DSL language inputs and a parse output area that allows the user to view the current state of the DSL parser. The computer system begins stepping through each DSL language input to determine whether the DSL language inputs have created an error relative to the DSL grammar. The computer system also presents the resulting output for each DSL language input, so that as the user provides subsequent step inputs, the interactive development environment successively steps through each DSL language input and presents, at each step, the DSL grammar inputs, the DSL language inputs and the corresponding output in the parse output area.
摘要翻译: 计算机系统显示交互式开发环境,包括允许用户查看和与DSL语法输入进行交互的域特定语言(DSL)语法输入接收区域,允许用户查看和与DSL语言交互的DSL语言输入接收区域 输入和解析输出区域,允许用户查看DSL解析器的当前状态。 计算机系统开始逐步通过每个DSL语言输入来确定DSL语言输入是否已经产生了相对于DSL语法的错误。 计算机系统还为每个DSL语言输入提供所得到的输出,使得当用户提供后续的步骤输入时,交互式开发环境连续地跨越每个DSL语言输入,并且在每个步骤呈现DSL语法输入,DSL语言 输入和解析输出区域中的相应输出。
-
-
-
-
-
-
-
-
-