公开(公告)号：WO2021113882A2

公开(公告)日：2021-06-10

申请号：PCT/US2021/017615

申请日：2021-02-11

Applicant: FUTUREWEI TECHNOLOGIES, INC.

Inventor： SU, Han ,  LI, Jian

IPC: H04L29/06 ,  H04L29/08 ,  H04L63/104 ,  H04L63/105 ,  H04L67/104 ,  H04L67/1097

Abstract: The present technology discloses storing data in a peer-to-peer network. A first computing device identifies other computing devices in the peer-to-peer network. Each of the computing devices have an established social relationship with at least another one of the computing devices. A degree of connection between the first computing device and each of the other computing devices is detected. A group of the other of computing devices is selected based on the degree of connection for storing the data, and a storage trust level is assigned to each of the other computing devices in the group. The storage trust level of each of the other computing devices is based on the established social relationship. The data is then transmitted to each of the other computing devices in the group for storage.

公开(公告)号：WO2021249654A1

公开(公告)日：2021-12-16

申请号：PCT/EP2020/066349

申请日：2020-06-12

Applicant: SWISS REINSURANCE COMPANY LTD.

Inventor： WERDER, Marc ,  TAHA, Philipp

IPC: H04L29/06 ,  H04L29/08 ,  G06Q10/10 ,  G06K9/6222 ,  G06K9/6262 ,  G06K9/6276 ,  G06N20/00 ,  G06N20/10 ,  G06N5/025 ,  H04L63/083 ,  H04L63/104 ,  H04L63/20 ,  H04L67/10 ,  H04L67/2809 ,  H04L67/306

Abstract: Proposed is a digital platform (1) and method for providing controlled data- and process-driven cross-network interaction and program (41, 42, …, 4i) development between heterogeneous units (2/3) with network-enabled devices on a secured cloud- based network (5/51, 52, …, 5i). Each unit has a unit or user (2/3) account in the digital cross-network platform (1) with assigned authentication and authorization credentials for authentication and authorization controlled network access (5) to the digital cross- network platform (1) and the secured cloud-based network (5). Each unit (2/3) further has an assigned relationship with one or more other units (2/3) comprised in a persistent storage (12) of the digital networking platform (1), each assigned relationship providing a defined relationship between the one or more other units (2/3) or a subgroup of the one or more other units (2/3) and an associated program (41, 42,…,4i), the digital cross- network platform (1), enabling the controlled process-driven cross-network development of the international programs (41, 42, …, 4i).

公开(公告)号：WO2021248342A1

公开(公告)日：2021-12-16

申请号：PCT/CN2020/095262

申请日：2020-06-10

Applicant: CITRIX SYSTEMS, INC. ,  XU, Sai ,  WANG, Yiming

Inventor： XU, Sai ,  WANG, Yiming

IPC: H04L29/06 ,  G06F16/245 ,  G06F16/27 ,  G06F16/285 ,  G06Q10/06311 ,  H04L63/104

Abstract: Described embodiments provide systems and methods for providing remote application action feed cards. A ticket can be received from a client device. The ticket can be indicative of an action of a remote application and the remote application can be accessible by a group of users. The device can receive information about the action identified in the received ticket from at least one user of the group of users in response to provision of a determined key and the received ticket to the group of users. The device can provide the received information to client devices of user of the group of users to identify actions of other users of the group of users.

公开(公告)号：WO2021252064A1

公开(公告)日：2021-12-16

申请号：PCT/US2021/026078

申请日：2021-04-07

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： STEPHENS, Michael Eugene ,  MOROWCZYNSKI, Mark David ,  ENACHE, Oana Elena ,  LIEBERMAN, Steven Jay

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/604 ,  G06F2221/2141 ,  H04L63/08 ,  H04L63/102 ,  H04L63/104 ,  H04L63/105

Abstract: A secure cloud-based privileged access management (CBPAM) service manages on-premise resources. While enrolling an on-premise authentication domain admin group, a secured cloud-based shadow administrating group (SCBSAG) is created; a SCBSAG security identification includes at least part of the enrollee's security identification. The SCBSAG belongs to a clean CBPAM authentication domain which may be secured by defense in depth controls such as time limits on authentication or authorization, password avoidance, least privilege, one-way syncing, and one-way trust. Management via the configured SCBSAG may be fostered by emptying the on-premise admin group, although a break glass account may be kept. CBPAM services direct administrative actions toward on-premise resources through SCBSAGs for cloud tenants, providing secure management control as a service, with broader geographic scope and lower maintenance burdens and costs than privileged access management approaches that are not cloud-based.

公开(公告)号：WO2021195052A1

公开(公告)日：2021-09-30

申请号：PCT/US2021/023633

申请日：2021-03-23

Applicant: SPIDEROAK, INC.

Inventor： MOORE, Jonathan Andrew Crockett

IPC: G06F21/00 ,  G06F21/62 ,  H04L29/06 ,  G06F21/60 ,  G06F21/335 ,  G06F21/6218 ,  G06F21/64 ,  G06F2221/2141 ,  H04L2209/38 ,  H04L63/04 ,  H04L63/10 ,  H04L63/104 ,  H04L63/12 ,  H04L9/0643 ,  H04L9/0833 ,  H04L9/085 ,  H04L9/0894 ,  H04L9/3213 ,  H04L9/3239 ,  H04L9/3263

Abstract: A block chain defining authority and access to confidential data may not be encrypted, and the access to the block chain can be regulated by the block chain itself and an access control server operating in an enterprise information technology (IT) environment. To incorporate authority defined in multiple sources, such as the block chain and the access control server, a token can be created containing multiple layers of permissions, i.e. constraints, coming from multiple sources. Each additional permission attenuates the authority granted by the token. When a processor controlling the access to the block chain receives the token, the processor can check the validity of the token and the authority granted by the token to determine whether the requester is authorized to access at least a portion of the block chain.

公开(公告)号：WO2021121962A1

公开(公告)日：2021-06-24

申请号：PCT/EP2020/084086

申请日：2020-12-01

Applicant: ENDRESS+HAUSER PROCESS SOLUTIONS AG

Inventor： EIDMANN, Axel ,  SPIELMANN, Benedikt ,  MERKLIN, Simon ,  ALBER, Thomas ,  PÖSCHMANN, Axel

IPC: H04L29/06 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/104 ,  H04L63/105 ,  H04L63/20

Abstract: Die Erfindung umfasst ein Verfahren zur Übertragung von Sicherheitseinstellungen (SE) zwischen einem ersten Feldgerät (FG1) der Automatisierungstechnik und einem zweiten Feldgerät (FG2) der Automatisierungstechnik, umfassend: a. Identifizieren und Authentifizieren eines Bedieners mittels einer Bedieneinheit (BE1, BE2, BE3); b. Zuweisen einer Berechtigungsgruppe anhand des Identifizierens und Authentifizierens des Bedieners; c. Im Falle, dass dem Bediener die Administrator-Berechtigungsgruppe zugewiesen wird: i. Verschlüsseln von zumindest einer der Sicherheitseinstellungen (SE), welche in Klartext vorliegt, durch das erste Feldgerät (FG1); ii. Exportieren der verschlüsselten Sicherheitseinstellung (SE); iii. Importieren der verschlüsselten Sicherheitseinstellung (SE) auf dem zweiten Feldgerät (FG2); iv. Entschlüsseln der verschlüsselten Sicherheitseinstellung (SE); v. Aufspielen der entschlüsselten Sicherheitseinstellung (SE) auf den Datenspeicher (DS2) des zweiten Feldgeräts (FG2) und Betreiben des zweiten Feldgeräts (FG2) mit den aufgespielten Sicherheitseinstellung (SE) des ersten Feldgeräts (FG1).

公开(公告)号：WO2022071993A1

公开(公告)日：2022-04-07

申请号：PCT/US2021/028165

申请日：2021-04-20

Applicant: GOOGLE LLC

Inventor： WANG, Gang ,  YUNG, Marcel M. Moti

IPC: G06F21/62 ,  G06F21/64 ,  H04L29/06 ,  H04L29/08 ,  G06F21/6254 ,  G06F21/645 ,  H04L63/0421 ,  H04L63/104 ,  H04L67/22

Abstract: This disclosure relates to preserving the privacy of users and preventing access to information of other entities. In one aspect, a method includes receiving, from a client device, a content request including request signals specifying user group identifiers that each identify a user group that includes a user of the client device. One or more user group identifiers that satisfy a first k-anonymity process are identified. Selection parameter elements that each include data indicating a respective digital component and a selection parameter for the respective digital component are received from one or more first content platforms. At least a portion of the selection parameters and, for each selection parameter, data identifying the first content platform from which the selection parameter was received are transmitted to a second content platform. Data specifying a given first content platform selected based on the selection parameters is received from the second content platform.

公开(公告)号：WO2022005571A1

公开(公告)日：2022-01-06

申请号：PCT/US2021/028734

申请日：2021-04-23

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： REYNA FERNANDEZ, Ricardo

IPC: G06F21/62 ,  G06F40/166 ,  G06Q10/10 ,  H04L12/58 ,  H04L29/06 ,  G06F21/6218 ,  G06F2221/2141 ,  G06F40/30 ,  G06Q10/101 ,  H04L41/026 ,  H04L51/04 ,  H04L51/046 ,  H04L51/14 ,  H04L51/16 ,  H04L51/18 ,  H04L63/101 ,  H04L63/104 ,  H04L63/108 ,  H04L63/20 ,  H04L65/403

Abstract: Various methods and systems for sharing computer resources and modifying access control rules for computer resources are described. An access control gesture may be defined using a command indicator comprising one or more identifying characters, symbols, or glyphs. For example, an access control gesture may be defined using an @-sign in combination with a modifier that indicates a particular security command to execute and/or a corresponding permission to add/modify/revoke. For example, an input string comprising a plus sign in combination with an @-sign (e.g., "+@") may indicate a command to add a mentioned user to an access control list. An input string comprising a minus sign, hyphen, or dash in combination with an @-sign (e.g., "-@") may indicate a command to remove a mentioned user from an access control list. As such, access control gestures can provide a simple and intuitive mechanism to grant temporary access to a designated resource.

公开(公告)号：WO2021247597A1

公开(公告)日：2021-12-09

申请号：PCT/US2021/035278

申请日：2021-06-01

Applicant: PALO ALTO NETWORKS, INC.

Inventor： DU, Jun ,  ZHAO, Yilin

IPC: H04W8/00 ,  H04W8/18 ,  H04L63/104 ,  H04L63/1408 ,  H04L63/1433 ,  H04L63/162 ,  H04L63/205 ,  H04W8/005 ,  H04W8/183

Abstract: Techniques for performing Internet of Things (IoT) device identification are disclosed. Information associated with a network communication of an IoT device is received. A determination of whether the IoT device has been classified has been made. In response to determining that the IoT device has not been classified, a two-part classification process is performed, where a first portion includes an inline classification, and a second portion includes a subsequent verification of the inline classification. A result of the classification process is provided to a security appliance configured to apply a policy to the IoT device.

公开(公告)号：WO2021262486A1

公开(公告)日：2021-12-30

申请号：PCT/US2021/037491

申请日：2021-06-15

Applicant: SLACK TECHNOLOGIES, INC.

Inventor： FRANK, Ilan ,  DELP, Shanan ,  DEMMER, Michael ,  VASAMSETTI, Sri ,  SHARMA, Neha

IPC: H04L29/06 ,  G06F21/10 ,  H04L51/12 ,  H04L63/101 ,  H04L63/102 ,  H04L63/104 ,  H04W12/08

Abstract: Hosted communication channels associated with a communication platform are described. In an example, a user can utilize communication services available via a communication platform. In some examples, a first organization can invite a second organization to join a communication channel. The two organizations can be different such that they are associated with different organization identifiers and are associated with different permissions. In some examples, content associated with each organization can be private, such that other organizations cannot access content that is owned or otherwise managed by each organization. However, content posted to shared communication channels can be accessed, viewed, interacted with, or the like by any member of the shared communication channels. To address privacy and/or security concerns, some organizations or users of the communication platform may desire to control how end users that join a shared communication channel interact with the shared communication channel.