专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08572716B2 Integrating operating systems with content offered by web based entities 有权
公开(公告)号：US08572716B2
公开(公告)日：2013-10-29
申请号：US11789270
申请日：2007-04-23
申请人： Girish Chander , Tanmoy Dutta , Cristian Ilac , Bronislav Kavsan , Ziquan Li , Andreas K. Luther , Gennady Medvinsky , Liquiang Zhu
发明人： Girish Chander , Tanmoy Dutta , Cristian Ilac , Bronislav Kavsan , Ziquan Li , Andreas K. Luther , Gennady Medvinsky , Liquiang Zhu
IPC分类号： H04L29/06
CPC分类号： H04L63/083 , G06F21/335 , H04L63/08 , H04L63/0807 , H04L63/0884 , H04L63/10 , H04L63/123
摘要： Example embodiments are provided for integrating operating systems with content offered by internet based entities.

2. 发明授权

US07913084B2 Policy driven, credential delegation for single sign on and secure access to network resources 有权
标题翻译：政策驱动，凭据授权单点登录和安全访问网络资源
公开(公告)号：US07913084B2
公开(公告)日：2011-03-22
申请号：US11441588
申请日：2006-05-26
申请人： Gennady Medvinsky , Cristian Ilac , Costin Hagiu , John E. Parsons , Mohamed Emad El Din Fathalla , Paul J. Leach , Tarek Bahaa El-Din Mahmoud Kamel
发明人： Gennady Medvinsky , Cristian Ilac , Costin Hagiu , John E. Parsons , Mohamed Emad El Din Fathalla , Paul J. Leach , Tarek Bahaa El-Din Mahmoud Kamel
IPC分类号： H04L9/32
CPC分类号： H04L63/0815 , H04L9/3273 , H04L63/20 , H04L2209/80
摘要： A credential security support provider (Cred SSP) is provided that enables any application to securely delegate a user's credentials from the client, via client side Security Support Provider (SSP) software, to a target server, via server side SSP software in a networked computing environment. The Cred SSP of the invention provides a secure solution that is based in part upon a set of policies, including a default policy that is secure against a broad range of attacks, which are used to control and restrict the delegation of user credentials from a client to a server. The policies can be for any type of user credentials and the different policies are designed to mitigate a broad range of attacks so that appropriate delegation can occur for given delegation circumstances, network conditions, trust levels, etc. Additionally, only a trusted subsystem, e.g., a trusted subsystem of the Local Security Authority (LSA), has access to the clear text credentials such that neither the calling application of the Cred SSP APIs on the server side nor the calling application of the Cred SSP APIs on the client side have access to clear text credentials.
摘要翻译：提供了一种凭证安全支持提供者（Cred SSP），使任何应用程序能够通过客户端安全支持提供商（SSP）软件将客户端的凭据安全地委派给目标服务器，通过网络计算中的服务器端SSP软件环境。本发明的Cred SSP提供了一种安全解决方案，该解决方案部分地基于一组策略，包括针对广泛的攻击的安全性的默认策略，其用于控制和限制从客户机委派用户凭证到服务器。这些策略可以用于任何类型的用户凭证，并且不同的策略被设计为减轻广泛的攻击，从而可以针对给定的授权情况，网络条件，信任级别等进行适当的委托。此外，只有可信的子系统，例如，本地安全机构（LSA）的受信任的子系统可以访问明文凭据，使得服务器端的Cred SSP API的呼叫应用程序和客户端的Cred SSP API的呼叫应用都不具有访问权清除文本凭据。

3. 发明申请

US20060053417A1 Update at shutdown 有权
标题翻译：关机时更新
公开(公告)号：US20060053417A1
公开(公告)日：2006-03-09
申请号：US10934343
申请日：2004-09-03
申请人： Gary Henderson , David Switzer , Chung Chow , Cristian Ilac , Cathelijne Bertels , Richard Swaney
发明人： Gary Henderson , David Switzer , Chung Chow , Cristian Ilac , Cathelijne Bertels , Richard Swaney
IPC分类号： G06F9/44
CPC分类号： G06F9/442 , G06F8/65
摘要： An update at shutdown process is disclosed that installs software updates on a computer during the computer's shutdown procedures. On a computing device with an automated shutdown procedure, during the shutdown procedure an update at shutdown process is executed. The update at shutdown process evaluates whether any software updates are currently stored, or are locally available, on the computing device. If there are software updates to be installed, a further evaluation determines whether any of the software updates may be installed without any user interaction. Accordingly, each downloaded/locally available software update that is identified as being installable without user interaction, is installed during the shutdown procedure, thus minimizing the impact that the software updates have on the computer user's use time.
摘要翻译：披露了在关机过程中的更新，在计算机关机过程中，在计算机上安装软件更新。在具有自动关机过程的计算设备上，在关机过程中，执行关机过程中的更新。关机过程中的更新会评估计算设备上是否存在任何软件更新或本地可用。如果要安装软件更新，则进一步的评估可确定是否可以在没有任何用户交互的情况下安装任何软件更新。因此，在关闭过程期间安装被识别为可安装而无用户交互的每个下载/本地可用的软件更新，从而最小化软件更新对计算机用户的使用时间的影响。

4. 发明申请

US20090328140A1 ADVANCED SECURITY NEGOTIATION PROTOCOL 有权
标题翻译：高级安全谈判协议
公开(公告)号：US20090328140A1
公开(公告)日：2009-12-31
申请号：US12147054
申请日：2008-06-26
申请人： Dave M. McPherson , Tanmoy Dutta , Cristian Ilac , Liqiang Zhu
发明人： Dave M. McPherson , Tanmoy Dutta , Cristian Ilac , Liqiang Zhu
IPC分类号： G06F21/00
CPC分类号： H04L63/20 , H04L63/08 , H04L63/205 , H04L69/24
摘要： This disclosure describes methods, systems and application programming interfaces for creating an advanced security negotiation package. This disclosure describes creating an advanced security negotiation protocol under a Simple and Protected Negotiation Mechanism (SPNEGO) protocol to negotiate an authentication scheme. The protocol describes defining a Windows Security Type (WST) Library message to protect negotiation data during the advanced security negotiation protocol. The protocol sends an initial message that carries multiple authentication messages to reduce redundant roundtrips and implements key exchanges by a mini Security Support Provider (SSP).
摘要翻译：本公开描述了用于创建高级安全协商包的方法，系统和应用程序编程接口。本公开描述了在简单和受保护的协商机制（SPNEGO）协议下创建高级安全协商协议以协商认证方案。该协议描述了在高级安全协商协议期间定义Windows安全类型（WST）库消息以保护协商数据。该协议发送一个携带多个认证消息的初始消息，以减少冗余往返，并通过小型安全支持提供商（SSP）实现密钥交换。

5. 发明授权

US07577659B2 Interoperable credential gathering and access modularity 有权
标题翻译：可互操作的凭证采集和访问模块化
公开(公告)号：US07577659B2
公开(公告)日：2009-08-18
申请号：US10693585
申请日：2003-10-24
申请人： Klaus U. Schutz , Stefan Richards , Eric C. Perlin , Cristian Ilac , Sterling M. Reasor , Eric Flo , John Stephens , Benjamin A. Hutz
发明人： Klaus U. Schutz , Stefan Richards , Eric C. Perlin , Cristian Ilac , Sterling M. Reasor , Eric Flo , John Stephens , Benjamin A. Hutz
IPC分类号： G06F7/00 , G06F17/30
CPC分类号： G06F21/31 , Y10S707/99938 , Y10S707/99939
摘要： A credential is translated with one of different credential provider modules each translating a corresponding different type of credential into a common protocol. The translated credential is communicated through an API to a logon UI module to an operating system (OS) of a local machine. An OS logon module is called by the logon UI module to authenticate the translated credential against a credential database. A user identified by the translated credential is logged on to access the local machine when the authentication is successful. The credential can also be used with a selection received from the logon UI module via a corresponding one of different pre-log access provider (PLAP) modules that each communicate with the API. The API establishes a network session with an access service specified by the selected PLAP module when the credential is authenticated with the credential database.
摘要翻译：用不同凭证提供者模块之一翻译凭证，每个凭证提供者模块将相应的不同类型的凭证翻译成公共协议。翻译的凭证通过API传送到登录UI模块到本地机器的操作系统（OS）。登录UI模块调用操作系统登录模块，以根据凭据数据库验证转换的凭据。当认证成功时，由登录的凭证登录的用户访问本地计算机。证书还可以与从登录UI模块通过每个与API进行通信的不同预登录访问提供程序（PLAP）模块中的相应一个模块接收到的选择一起使用。当凭证凭证凭证数据库进行身份验证时，API与所选择的PLAP模块指定的访问服务建立网络会话。

6. 发明申请

US20080301784A1 Native Use Of Web Service Protocols And Claims In Server Authentication 有权
标题翻译：在服务器认证中本地使用Web服务协议和声明
公开(公告)号：US20080301784A1
公开(公告)日：2008-12-04
申请号：US11755968
申请日：2007-05-31
申请人： Liqiang Zhu , Gennady Medvinsky , Tanmoy Dutta , Cristian Ilac , Andreas Luther , John P. Shewchuk
发明人： Liqiang Zhu , Gennady Medvinsky , Tanmoy Dutta , Cristian Ilac , Andreas Luther , John P. Shewchuk
IPC分类号： G06F7/04
CPC分类号： H04L63/0823 , H04L63/166 , H04L67/02
摘要： Architecture for natively authenticating a client application to a web server via HTTP authentication. The Web Services Architecture, and more specifically, Web Services Security, is leveraged to enable legacy applications to access web services transparently to the existing legacy applications. A security support provider (SSP) is created that employs WS-* protocol to at least emulate ws-trust and ws-mex thereby enabling policy exchange via an HTTP protocol stack. Policy can be exchanged via a WWW-Authenticate header enabling legacy applications to use the WS-* family of protocols without modifying the client application. The WS-* protocols are abstracted into a generic programming interface for native client application use.
摘要翻译：通过HTTP认证将客户端应用程序本地验证到Web服务器的体系结构。 Web服务体系结构，更具体地说，Web服务安全性是有利于使传统应用程序能够透明地访问现有的遗留应用程序的Web服务。创建了一个安全支持提供程序（SSP），它使用WS- *协议来至少模拟ws-trust和ws-mex，从而通过HTTP协议栈实现策略交换。可以通过WWW-Authenticate标头来交换策略，使得遗留应用程序能够使用WS- *系列协议，而无需修改客户端应用程序。将WS- *协议抽象为通用编程接口，用于本机客户机应用程序的使用。

7. 发明申请

US20060242427A1 Credential interface 有权
标题翻译：凭证界面
公开(公告)号：US20060242427A1
公开(公告)日：2006-10-26
申请号：US11112844
申请日：2005-04-22
申请人： David Ruzyski , James Hong , Brian McNeil , Chris Guzak , Brian Wentz , Klaus Schutz , Stefan Richards , Eric Perlin , Cristian Ilac , Sterling Reasor , Eric Flo , John Stephens , Benjamin Hutz
发明人： David Ruzyski , James Hong , Brian McNeil , Chris Guzak , Brian Wentz , Klaus Schutz , Stefan Richards , Eric Perlin , Cristian Ilac , Sterling Reasor , Eric Flo , John Stephens , Benjamin Hutz
IPC分类号： G06F12/14 , H04K1/00 , H04L9/32 , G06F12/00 , H04L9/00 , G06F13/00 , G06F17/30 , G06F7/04 , G06F7/58 , G06K19/00 , G11C7/00
CPC分类号： H04L63/0861 , G06F9/451 , G06F21/31
摘要： Systems and/or methods are described that enable a credential interface. These systems and/or methods may build a credential user interface enabling a user to choose between multiple credentials and submit an authenticator for a chosen credential. These systems and/or methods may also gather information about arbitrary credentials and build a user interface for submission of authenticators for these arbitrary credentials.
摘要翻译：描述启用凭证接口的系统和/或方法。这些系统和/或方法可以构建凭证用户界面，使得用户能够在多个凭证之间进行选择，并为选定的凭证提交验证器。这些系统和/或方法还可以收集关于任意凭证的信息，并构建用于为这些任意凭证提交认证者的用户界面。

8. 发明授权

US08281368B2 Communicating a password securely 有权
标题翻译：安全地通信密码
公开(公告)号：US08281368B2
公开(公告)日：2012-10-02
申请号：US12038815
申请日：2008-02-28
申请人： Raghavendra Malpani , Cristian Ilac , Tanmoy Dutta , Klaus Schultz
发明人： Raghavendra Malpani , Cristian Ilac , Tanmoy Dutta , Klaus Schultz
IPC分类号： G06F7/04 , G06F15/16 , G06F17/30 , H04L29/06
CPC分类号： G06F21/556
摘要： A secure (e.g., HTTPS) connection is established between a client and a server. Communication over the connection may utilize an application (e.g., a Web browser) that is not part of the client's trusted computing base. A password is sent from the client to the server over the connection such that the clear text password is unavailable to the application. For example, the password can be encrypted and inserted directly into the HTTPS stream from the client's trusted computing base.
摘要翻译：在客户端和服务器之间建立安全（例如HTTPS）连接。通过连接的通信可以利用不是客户机的可信计算基础的一部分的应用（例如，Web浏览器）。密码通过连接从客户端发送到服务器，使得明文密码对应用程序不可用。例如，密码可以被加密并直接从客户端的可信计算基础插入到HTTPS流中。

9. 发明授权

US07810143B2 Credential interface 有权
标题翻译：凭证界面
公开(公告)号：US07810143B2
公开(公告)日：2010-10-05
申请号：US11112844
申请日：2005-04-22
申请人： David M. Ruzyski , James H. Hong , Brian K. McNeil , Chris J. Guzak , Brian D. Wentz , Klaus U. Schutz , Stefan Richards , Eric C. Perlin , Cristian Ilac , Sterling M. Reasor , Eric R. Flo , John Stephens , Benjamin A. Hutz
发明人： David M. Ruzyski , James H. Hong , Brian K. McNeil , Chris J. Guzak , Brian D. Wentz , Klaus U. Schutz , Stefan Richards , Eric C. Perlin , Cristian Ilac , Sterling M. Reasor , Eric R. Flo , John Stephens , Benjamin A. Hutz
IPC分类号： G06F7/04 , G06F15/16 , G06F17/30 , H04L29/06
CPC分类号： H04L63/0861 , G06F9/451 , G06F21/31
摘要： Systems and/or methods are described that enable a credential interface. These systems and/or methods may build a credential user interface enabling a user to choose between multiple credentials and submit an authenticator for a chosen credential. These systems and/or methods may also gather information about arbitrary credentials and build a user interface for submission of authenticators for these arbitrary credentials.
摘要翻译：描述启用凭证接口的系统和/或方法。这些系统和/或方法可以构建凭证用户界面，使得用户能够在多个凭证之间进行选择，并提交所选证书的认证者。这些系统和/或方法还可以收集关于任意凭证的信息，并构建用于为这些任意凭证提交认证者的用户界面。

10. 发明申请

US20090222888A1 COMMUNICATING A PASSWORD SECURELY 有权
标题翻译：传播密码
公开(公告)号：US20090222888A1
公开(公告)日：2009-09-03
申请号：US12038815
申请日：2008-02-28
申请人： Raghavendra Malpani , Cristian Ilac , Tanmoy Dutta , Klaus Schutz
发明人： Raghavendra Malpani , Cristian Ilac , Tanmoy Dutta , Klaus Schutz
IPC分类号： G06F21/00 , H04L9/00
CPC分类号： G06F21/556
摘要： A secure (e.g., HTTPS) connection is established between a client and a server. Communication over the connection may utilize an application (e.g., a Web browser) that is not part of the client's trusted computing base. A password is sent from the client to the server over the connection such that the clear text password is unavailable to the application. For example, the password can be encrypted and inserted directly into the HTTPS stream from the client's trusted computing base.
摘要翻译：在客户端和服务器之间建立安全（例如HTTPS）连接。通过连接的通信可以利用不是客户机的可信计算基础的一部分的应用（例如，Web浏览器）。密码通过连接从客户端发送到服务器，使得明文密码对应用程序不可用。例如，密码可以被加密并直接从客户端的可信计算基础插入到HTTPS流中。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式