公开(公告)号：US20040268151A1

公开(公告)日：2004-12-30

申请号：US10819300

申请日：2004-04-07

申请人： TOKYO ELECTRON LIMITED

发明人： Katsuhiko Matsuda

IPC分类号： H04L009/00

CPC分类号： G06F21/6218

摘要： A maintenance/diagnosis data storage server includes: a data storing unit that obtains maintenance/diagnosis data pertaining to equipment that is connected to a first network, from the equipment via a first firewall, and stores the maintenance/diagnosis data; a request receiving unit that receives a data access request in which to request an access to the maintenance/diagnosis data, from a client provided for obtaining data and connected to a second network, via a second firewall; an authenticating unit that authenticates the data access request based on authentication information; and a data transmitting unit that transmits the maintenance/diagnosis data stored in the data storing unit to the client via the second firewall in a case where the authenticating unit authenticates the data access request is valid.

公开(公告)号：US20040268146A1

公开(公告)日：2004-12-30

申请号：US10606624

申请日：2003-06-25

申请人： Microsoft Corporation

发明人： Shawn Oberst

IPC分类号： H04L009/00

CPC分类号： H04L63/105 ,  G06F21/604 ,  G06F21/6218 ,  G06F2221/2119

摘要： A distributed access control technique assigns permission to a user without permission explosion, thereby facilitating the system administration of user access to a piece of content represented by a Web service. Permissions are granted to pieces of content through expressions rather than explicitly coupled between a piece of content and a user. Each expression defines an access scope for either a user or a piece of content. An expression defining the access scope for a user can be created and maintained independently of an expression defining the access scope to a piece of content, hence simplifying management information system implementation and administration.

摘要翻译： 分布式访问控制技术在没有权限爆炸的情况下向用户分配权限，从而便于用户访问由Web服务表示的内容的内容的系统管理。 权限通过表达式而不是明确地耦合在一块内容和用户之间的内容中。 每个表达式定义用户或一段内容的访问范围。 定义用户访问范围的表达式可以独立于定义一段内容的访问范围的表达式来创建和维护，从而简化了管理信息系统的实施和管理。

公开(公告)号：US20040268139A1

公开(公告)日：2004-12-30

申请号：US10606089

申请日：2003-06-25

申请人： MICROSOFT CORPORATION

发明人： Brian S. Christian ,  Russell M. Eames ,  Thomas Fakes ,  Bhavesh R. Thaker

IPC分类号： H04L009/00 ,  H04L009/32 ,  G06F011/30 ,  G06F012/14

CPC分类号： H04L63/0227 ,  H04L63/14

摘要： Systems and methods are described for declarative client input security screening. A configuration module in a web-based application (or project) that includes one or more web pages is designed to allow client input to be screened for the web pages by declaring particular screening attributes and actions therein. A global section in such a configuration module includes security screens that apply to input of all types, while other individual sections include security screens that apply only to input of particular type. The global section provides a way to consolidate screening that applies to all client input types, thereby precluding redundant screens having to be maintained in each individual section. Client input that survives the security screening is cached and used in normal page processing. By including the security screens in a declarative section, maintenance is made more efficient and reliable.

摘要翻译： 描述用于声明性客户端输入安全性筛选的系统和方法。 包括一个或多个网页的基于Web的应用程序（或项目）中的配置模块被设计为允许通过在其中声明特定的筛选属性和动作来筛选网页的客户端输入。 这种配置模块中的全局部分包括适用于所有类型的输入的安全屏幕，而其他单独的部分包括仅适用于特定类型的输入的安全屏幕。 全局部分提供了一种整合适用于所有客户端输入类型的筛选的方法，从而排除了必须在每个单独部分中维护冗余的屏幕。 在安全筛选中幸存的客户端输入被缓存并用于正常的页面处理。 通过将安全屏幕包含在声明部分中，维护更加高效可靠。

公开(公告)号：US20040268133A1

公开(公告)日：2004-12-30

申请号：US10286018

申请日：2002-11-01

发明人： Patrick S. Lee ,  Sterling D. Du ,  Hyang-Kyun Oh ,  Ching-Yung Han

IPC分类号： H04L009/00

CPC分类号： G06F21/34

摘要： A secure personal identification entry system provides an integrated approach to secure identification data entry. A controller resides in a secure PIN smart card keyboard that also contains a numeric keypad and a smart card reader and allows the numeric keypad to server two purposes: the first as a normal keypad in a keyboard and the second as a secure PIN entry keypad. The user inserts his smart card, with his PIN number information stored in the smart card's memory, into the smart card reader. An application program running on a PC that requires secure identification from the user requests that the user enter his PIN number using the keypad on the keyboard. The controller receives the PIN request and switches the keypad from normal mode to PIN entry mode. The keypad is switched to be dedicated to PIN entry and communicates with the controller. The user enters his PIN number into the keypad. The controller receives the PIN number and forwards the PIN number to the smart card. The smart card validates the PIN number and sends a pass/fail indicator back to the controller. The controller forwards the pass/fail indication to the PC. Another preferred embodiment of the invention connects a biometric device to the keyboard from which the controller obtains a user's biometric identification information.

公开(公告)号：US20040268128A1

公开(公告)日：2004-12-30

申请号：US10875357

申请日：2004-06-24

申请人： Sony Corporation

发明人： Satoshi Kitani ,  Jun Hirai

IPC分类号： H04L009/00

CPC分类号： G11B20/0021 ,  G11B20/00086 ,  G11B20/00115 ,  G11B20/00181 ,  G11B20/00246 ,  G11B20/00253 ,  G11B20/00449 ,  G11B20/00528 ,  G11B20/00753 ,  G11B20/00884 ,  H04L9/0836 ,  H04L9/0891 ,  H04L9/32 ,  H04L2209/608

摘要： A content, restored in an information processing apparatus, for replaying a content, such as a personal computer, is fed back to a drive device. The drive device detects an electronic watermark from the transferred restored content, and controls content outputting from the drive device. In this arrangement, an electronic watermark is reliably detected and content replay control is performed based on the detected electronic watermark in any type of coding including MPEG 2, MPEG-1, MPEG-4 regardless of type of coding or even if the content is encrypted.

摘要翻译： 在信息处理装置中恢复的用于重放诸如个人计算机的内容的内容被反馈到驱动装置。 驱动装置从传送的恢复内容中检测电子水印，并控制从驱动装置输出的内容。 在这种布置中，无论编码类型如何，或者即使内容被加密，也可以基于检测到的电子水印，以包括MPEG2，MPEG-1，MPEG-4在内的任何类型的编码来可靠地检测电子水印并进行内容重放控制 。

公开(公告)号：US20040268123A1

公开(公告)日：2004-12-30

申请号：US10721504

申请日：2003-11-26

申请人： Nokia Corporation

发明人： Franck Le ,  Stefano M. Faccin

IPC分类号： H04L009/00

CPC分类号： H04L63/123 ,  H04L9/3073 ,  H04L9/3247 ,  H04L9/3297 ,  H04L69/22 ,  H04L2209/80

摘要： A method for protecting packets to be sent from a first network node to a second network node is provided. According to one embodiment, the method includes the steps of generating validity information for a packet, and generating a header for the packet, including the validity information. The method also includes the step of sending the packet including the header from the first network node to the second network node. The validity information includes all necessary information required for performing a validity check of the packet. Thus, no pre-established security association is needed to verify the validity of a packet.

摘要翻译： 提供了一种用于保护要从第一网络节点发送到第二网络节点的分组的方法。 根据一个实施例，该方法包括以下步骤：产生分组的有效性信息，以及生成分组的报头，包括有效性信息。 该方法还包括将包括头部的分组从第一网络节点发送到第二网络节点的步骤。 有效性信息包括执行分组的有效性检查所需的所有必要信息。 因此，不需要预先建立的安全关联来验证分组的有效性。

公开(公告)号：US20040267946A1

公开(公告)日：2004-12-30

申请号：US10489766

申请日：2004-03-17

发明人： Paul Caplin ,  Martin James Tyler

IPC分类号： G06F015/16 ,  H04L009/00

CPC分类号： G06F21/34

摘要： A method of controlling access to a data server, in which a web server receives a request from a client for a web page, the web page being configured to receive data from the data server for display by the client. In response to the request, a program associated with the web server generates a password signed with a private key to provide the client with access to the data server. The corresponding public key has previously been sent to the data server. The password is returned to the client and program code in the web page directs the client to connect to the data server. The data server receives the password and attempts to validate it using the public key received from the web server. Data is sent to the client in the event that the password is successfully validated.

公开(公告)号：US20040260946A1

公开(公告)日：2004-12-23

申请号：US10600121

申请日：2003-06-20

发明人： Conor P. Cahill ,  Christopher Newell Toomey

IPC分类号： H04L009/00

CPC分类号： H04L63/08 ,  H04L63/0815

摘要： A method and apparatus is provided for invoking authenticated transactions on behalf of a user when the user is not present. For example, the invention allows a subscription to take actions that would otherwise require authentication, such as performing collections from a wallet, when the user is not present. Thus, the invention provides a form of delegation of authority.

摘要翻译： 提供了一种方法和装置，用于当用户不存在时代表用户调用经认证的交易。 例如，当用户不存在时，本发明允许订阅采取否则需要认证的动作，诸如从钱包执行收集。 因此，本发明提供了授权的形式。

公开(公告)号：US20040260942A1

公开(公告)日：2004-12-23

申请号：US10463911

申请日：2003-06-18

发明人： Steve Jamieson ,  Anil Balakrishnan ,  Christopher Robert Houser ,  Rex George Torres ,  Joseph W. Sharp ,  Guy Paul Larsen ,  Douglas R. Carrell

IPC分类号： H04L009/00

CPC分类号： G06F21/41

摘要： A system that allows a user of a first domain to access a second domain. A request originates in the first domain to perform an action in the second domain. The request indicates a user of the first domain on whose behalf the request was originated. The access request is received by an adapter in the second domain. The adapter requests an access token for a user of the second domain who corresponds to the user of the first domain. A mapping table is used to identify which user in the second domain corresponds to the user in the first domain. Once the correct user of the second domain is identified, an access token for that user is returned to the adapter. The adapter then carries out the requested action by using the access token to impersonate the user of the second domain.

摘要翻译： 允许第一域的用户访问第二域的系统。 请求在第一个域中产生，以在第二个域中执行操作。 请求指示发起请求的第一个域的用户。 访问请求由第二个域中的适配器接收。 适配器请求与第一个域的用户对应的第二个域的用户的访问令牌。 映射表用于识别第二域中的哪个用户对应于第一域中的用户。 一旦确定了第二个域的正确用户，则该用户的访问令牌将返回给适配器。 然后，适配器通过使用访问令牌来模拟第二域的用户来执行所请求的动作。

公开(公告)号：US20040260935A1

公开(公告)日：2004-12-23

申请号：US10885724

申请日：2004-07-08

申请人： Fuji Photo Film Co., Ltd.

发明人： Yoshinori Usami ,  Wataru Ito ,  Akira Yoda

IPC分类号： H04L009/00

CPC分类号： H04N1/32144 ,  H04N1/32101 ,  H04N1/32122 ,  H04N2201/3252 ,  H04N2201/3254 ,  H04N2201/3274

摘要： Supplementary information related to original data is embedded in the original data without being lost or altered and without degrading the quality of the original data. A photographing condition regarding photographing of the original image data is generated as the supplementary information by supplementary information generating unit and stored on a network in a supplementary information database. Storage management information such as a URL address of where the supplementary information is stored is generated by storage management information generating unit and embedded the original image data by using deep layer encryption. The original image data in which the storage management information has been embedded are recorded in a recording medium. Since the storage management information has a smaller amount of data than the supplementary information, quality of the original data is not degraded even when the storage management information is embedded in the original image data.

摘要翻译： 与原始数据相关的补充信息嵌入原始数据中，不会丢失或更改，而不会降低原始数据的质量。 通过补充信息生成单元生成关于原始图像数据的拍摄的拍摄条件作为补充信息，并存储在补充信息数据库中的网络上。 由存储管理信息生成单元生成存储管理信息，例如存储补充信息的URL地址，并通过深层加密嵌入原始图像数据。 将存储管理信息嵌入其中的原始图像数据记录在记录介质中。 由于存储管理信息具有比辅助信息少的数据量，所以即使存储管理信息嵌入在原始图像数据中，原始数据的质量也不会降低。