公开(公告)号：WO2023086582A1

公开(公告)日：2023-05-19

申请号：PCT/US2022/049721

申请日：2022-11-11

Applicant: DANVAS, INC.

Inventor： LOPEZ, Hernan ,  ANDERSON, Jeanne ,  TSIBEL, Sergey ,  JEON, David ,  KIM, James ,  MAGNUS, Robert ,  CIONCI, Juan, Pablo ,  FORASTIERO, Franco

IPC: G06F21/60 ,  G06F21/44 ,  G06F21/10 ,  G06F21/33 ,  H04L9/32 ,  G06F3/14 ,  G06F3/0481

Abstract: A display device establishes a secure communications session with a mobile device and receives an image-based item associated with a unique cryptographic token. The display device determines, based on metadata parsed from the unique cryptographic token, authenticity information and chain-of-ownership information for the cryptographic token. In response to determining that user account information for the secure communications session corresponds to an item included in the chain-of- ownership information, the display device displays the image-based item, and an indicator component of the display device provides an indication of authenticity for the image-based item.

公开(公告)号：WO2023029830A1

公开(公告)日：2023-03-09

申请号：PCT/CN2022/108541

申请日：2022-07-28

Applicant: 北京字节跳动网络技术有限公司

Inventor： 王文超

IPC: G06F21/33

Abstract: 本申请提供了一种电子凭证生成方法、装置、电子设备及存储介质，该电子凭证生成方法包括：在确定邀请用户满足电子凭证生成条件的情况下，展示至少一个待绑定组别信息。响应于所述邀请用户从至少一个待绑定组别中选择目标组别，生成电子凭证生成请求。其中，所述电子凭证生成请求携带分组标识，所述分组标识对应于所述目标组别。接收基于所述电子凭证生成请求生成的对应于所述目标组别的至少一个电子凭证。其中，所述至少一个电子凭证为所述目标组别对应电子凭证集合的子集，且电子凭证用于供被邀请用户直接加入所述目标组别。本申请可提升用户的交互体验。

公开(公告)号：WO2023027756A1

公开(公告)日：2023-03-02

申请号：PCT/US2021/071288

申请日：2021-08-26

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： BALINSKY, Yelena Helen ,  ABAD PEIRO, Josep

IPC: G06F21/33 ,  H04L9/28

Abstract: A non-transitory computer readable medium is provided. The computer readable medium is encoded with instructions which when executed by a processor, cause the processor to receive a certificate of authentication from an authentication entity, the certificate of authentication certifying that a user has been authenticated by the authentication entity, verify the certificate of authentication, receive a cryptographic key associated to the user, generate a secure ledger transaction request, the transaction request comprising the cryptographic key, identification data associated to the user and the certificate of authentication and communicate the transaction request to the secure ledger.

公开(公告)号：WO2023014005A1

公开(公告)日：2023-02-09

申请号：PCT/KR2022/011267

申请日：2022-08-01

Applicant: 주식회사 올링크

Inventor： 김경동

IPC: H04L9/40 ,  G06F21/33

Abstract: 본 발명은 이동 단말기를 이용하여 디지털 증명서를 관리하도록 구성되는 시스템 및 방법에 관한 것이다. 본 발명은 증명서 관리 서버에서 인증서버로부터 이동 단말기의 사용자에 대한 인증 결과를 수신하는 단계; 상기 증명서 관리 서버에서 상기 이동 단말기로부터 디지털 증명서 발급을 위한 신청 정보를 수신하는 단계; 처리단말로부터 발급정보를 수신하는 단계; 상기 증명서 관리 서버에서 소정의 코드를 이용하여 디지털 증명서를 수신하도록 예정된 이동 단말기를 인증하는 단계; 및 상기 증명서 관리 서버에서 상기 인증된 이동 단말기에 상기 디지털 증명서를 전송하는 단계로 이루어지는 디지털 증명서 관리방법을 제공할 수 있다.

公开(公告)号：WO2023009274A1

公开(公告)日：2023-02-02

申请号：PCT/US2022/035886

申请日：2022-07-01

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： AKHTER, Saeed Javed ,  SONEFF, Steven

IPC: H04L9/40 ,  G06F21/33 ,  G06F21/62 ,  H04L9/32

Abstract: Techniques described herein are directed to proxies configured to handle identity and access management for a web application. For instance, a first proxy receives requests to the application from a browser. The first proxy redirects the browser to an identity endpoint, which prompts the user to enter authentication credentials for the application. Upon successful authentication, the endpoint provides an access token for accessing web APIs to the first proxy. The first proxy provides the token to a second proxy, which stores the token. The second proxy receives anonymous API calls from the web application to the web APIs. When receiving an anonymous API call, the second proxy obtains the token and inserts it into an outgoing request to the API. Responsive to the API returning a message indicating that the token is invalid, the second proxy communicates with the first proxy to obtain a new token from the endpoint.

公开(公告)号：WO2023281799A1

公开(公告)日：2023-01-12

申请号：PCT/JP2022/006923

申请日：2022-02-21

Applicant: ソニーグループ株式会社

Inventor： 鈴木　典之

IPC: G06F21/33 ,  G06F21/45

Abstract: 本技術は、より簡単に自己主権的なユーザ認証を実現することができるようにする情報処理装置および方法、並びにプログラムに関する。 情報処理装置は、DIDcomm接続のための招待コード要求の送信元の装置に対して、DIDcomm接続を識別するセッションIDを含む招待コードを生成し、招待コードを読み取った接続先の装置からDIDcomm接続を介して受信したセッションIDと、招待コード要求に含まれている送信元の装置を識別するクライアントIDとを対応付けて記録させるセッション管理部と、接続先の装置との間でDIDcomm接続を介した通信を行う通信部とを備え、セッション管理部は、既に接続先の装置とのDIDcomm接続が確立されている場合、接続先の装置とのDIDcomm接続を再利用する。本技術は検証サーバに適用することができる。

公开(公告)号：WO2023274672A1

公开(公告)日：2023-01-05

申请号：PCT/EP2022/065541

申请日：2022-06-08

Applicant: SIEMENS AKTIENGESELLSCHAFT

Inventor： FALK, Rainer ,  RIES, Sebastian ,  SELTZSAM, Stefan ,  WIMMER, Martin

IPC: H04W4/70 ,  G06F21/33 ,  G06F21/12 ,  G06Q30/00 ,  G06F21/121 ,  G06F2221/2151

Abstract: Verfahren zur Überprüfung einer Lizenz für die Nutzung mindestens eines Leistungsmerkmals in einem Internet der Dinge (loT)-Gerät (50) anhand eines Lizenzkenners (LK), umfassend - Festlegen mindestens einer Lizenzbedingung für die Nutzung des Leistungsmerkmals des loT-Geräts (50) durch mindestens ein im Lizenzkenner (LK) enthaltenes Attribut, - Übertragen und Speichern des Lizenzkenners (LK) auf das I oT-Gerät (50), - Prüfen der Lizenzbedingungen durch a) Erzeugen eines dem Leistungsmerkmal des loT-Geräts (50) zugeordneten Pseudozugriffs durch eine auf dem loT-Gerät (50) ausgebildete Pseudo-Halter-Einheit (52), und b) Überprüfen einer Berechtigung für den Pseudozugriff durch Prüfen der Attribute des Lizenzkenners (LK) durch eine auf dem loT-Gerät (50) ausgebildete Verifizierungseinheit (53), und - Aktivieren des mindestens einen Leistungsmerkmals, wenn der Pseudozugriff durch ein positives Prüfergebnis des Lizenzkenners (LK) als erlaubt bestätigt wird, wobei der Lizenzkenner (LK), die Pseudo-Halter-Einheit (52) und die Verifizierungseinheit (53) basierend auf einer Spezifikation zu Verifizierbaren Berechtigungsnachweisen (Verifiable Credentials) eines ausgebildet sind.

公开(公告)号：WO2022234137A2

公开(公告)日：2022-11-10

申请号：PCT/EP2022/062379

申请日：2022-05-06

Applicant: DFINITY STIFTUNG

Inventor： BREITNER, Joachim ,  CAMENISCH, Jan ,  TACKMANN, Björn ,  WILLIAMS, Dominic

IPC: H04L9/40 ,  H04L9/32 ,  G06F21/33 ,  H04L67/146 ,  H04L63/0823 ,  H04L9/0866 ,  H04L9/3247

Abstract: According to an embodiment of an aspect of the invention, there is a computer- implemented method for authenticating users of a network. The method comprises steps of maintaining, by an identity service, user accounts under a main user identifier, wherein the user accounts support a method of authentication by the user. The method further comprises generating, by an application frontend, a session public key of a public key verification scheme and providing, by the application frontend, the session public key to the identity service. Further steps include obtaining, by the application frontend, a certification from the identity service, the certification comprising the session public key and an application user identifier. The application user identifier is derived from the main user identifier and an application frontend identifier.

公开(公告)号：WO2022197474A1

公开(公告)日：2022-09-22

申请号：PCT/US2022/019114

申请日：2022-03-07

Applicant: OKTA, INC.

Inventor： ELSHERIF, Mohamad

IPC: H04L9/40 ,  H04L67/51 ,  G06F21/33 ,  G06F21/60

Abstract: A multi-tenant authentication system facilitates packaging and installing of integrations for authentication services of system tenants. The integrations include cloud resources of one or more cloud services. In order to package an integration, the multi-tenant authentication system retreives resource manifests for cloud resources from corresponding cloud services. The multi-tenant authentication system generates the resource manifests to describe the cloud resource and any dependencies of the cloud resource, and also generates a package manifest including instructions for using the resource manifests to install the corresponding integration. The multi-tenant authentication system further facilitates installation of integration packages for tenants of the multi-tenant authentication system. The multi-tenant authentication system communicates with cloud services associated with resource manifests to install corresponding cloud resources to consistently replicate integrations for different tenants.

公开(公告)号：WO2022197444A1

公开(公告)日：2022-09-22

申请号：PCT/US2022/018412

申请日：2022-03-02

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： GARAEV, Dmitry Dmitrievich ,  OSEGUERA GUERRERO, Carlos Gustavo ,  LUKYANOV, Andrey Anatolyevich ,  SHIDA, Haruya

IPC: G06F9/46 ,  G06F21/33

Abstract: A control plane in a computing system receives a request to perform a management task on a set of computing system resources. The control plane identifies a target scope on which the management task is to be performed and dynamically obtains permissions, for this specific request, to perform the management task on the resources in the identified target scope.