公开(公告)号：WO2008121471A1

公开(公告)日：2008-10-09

申请号：PCT/US2008/055299

申请日：2008-02-28

Applicant: MICROSOFT CORPORATION

Inventor： LAMPSON, Butler ,  PANDYA, Ravindra, Nath ,  LEACH, Paul, J. ,  PARAMASIVAM, Muthukrishnan ,  ELLISON, Carl, M. ,  KAUFMAN, Charles, William

IPC: G06F15/16 ,  G06F17/00

CPC classification number: G06F21/604 ,  G06F21/6218

Abstract: Access control as it relates to policies or permissions is provided based on a created model. A security policy is abstracted and can be independent of a mechanism used to protect resources. An asbstract model of a potential user, user role and/or resource is created without associating a specific individual and/or resource with a model. These abstract user models and abstract resource models can be used across applications or within disparate applications. The abstracted security policies can be selectively applied to the model. Specific users and/or resources can be associated with one or more abstract user model or abstract resource model. The models can be nested to provide configurations for larger systems.

Abstract translation: 基于创建的模型提供与策略或权限相关的访问控制。 安全策略被抽象出来，可以独立于用于保护资源的机制。 创建潜在用户，用户角色和/或资源的抽象模型，而不将特定个人和/或资源与模型相关联。 这些抽象用户模型和抽象资源模型可以跨应用程序或不同的应用程序使用。 抽象的安全策略可以选择性地应用于模型。 特定用户和/或资源可以与一个或多个抽象用户模型或抽象资源模型相关联。 这些型号可以嵌套，以提供更大系统的配置。

公开(公告)号：WO2007047087A2

公开(公告)日：2007-04-26

申请号：PCT/US2006/038518

申请日：2006-10-02

Applicant: MICROSOFT CORPORATION

Inventor： ELLISON, Carl, M. ,  MURPHY, Elissa, E.S. ,  MISHRA, Manav

IPC: G06F17/00 ,  G06Q10/00

CPC classification number: H04L63/126 ,  H04L9/3247 ,  H04L63/101

Abstract: A method and system for determining the reputation of a sender for sending desirable communications is provided. The reputation system identifies senders of communications by keys sent along with the communications. The reputation system then may process a communication to determine whether it is a desirable communication. The reputation system then establishes a reputation for the sender of the communication based on the assessment of whether that communication and other communications sent by that sender are desirable. Once the reputation of a sender is established, the reputation system can discard communications from senders with undesired reputations, provide to the recipient communications from senders with desired reputations, and place in a suspect folder communications from senders with an unknown reputation.

Abstract translation: 提供了一种用于确定用于发送所需通信的发送者的信誉的方法和系统。 信誉系统通过与通信一起发送的密钥来识别通信的发送者。 信誉系统然后可以处理通信以确定它是否是期望的通信。 信誉系统然后基于对该发送者发送的通信和其他通信是否期望的评估来确定通信发送者的声誉。 一旦建立了发送者的声誉，信誉系统就可以丢弃具有不良声誉的发送者的通信，向具有所需信誉的发送者的接收者通信提供信息，并将其置于具有未知信誉的发件人的可疑文件夹通信中。