专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08850209B2 Schema signing 有权
标题翻译：模式签名
公开(公告)号：US08850209B2
公开(公告)日：2014-09-30
申请号：US11519274
申请日：2006-09-12
申请人： Tanmoy Dutta , Raul Garcia , Steven Richard Gott , Ruslan Pavlovich Ovechkin , Roger Lynn Wolter
发明人： Tanmoy Dutta , Raul Garcia , Steven Richard Gott , Ruslan Pavlovich Ovechkin , Roger Lynn Wolter
IPC分类号： H04L29/06 , H04L9/32
CPC分类号： H04L9/321 , H04L9/3247 , H04L2209/80
摘要： In one embodiment, an object in a database schema may be verified as having a valid digital signature associated with a trusted entity. An application may be permitted access to the object of the database schema only when the object of the database schema is verified to have a valid digital signature associated with the trusted entity. In another embodiment, an object in a database schema may be verified as having a digital signature associated with at least one trusted entity. An application may be permitted access to the object of the database schema only when the digital signature for the object is verified to be associated with the at least one trusted entity.
摘要翻译：在一个实施例中，数据库模式中的对象可以被验证为具有与可信实体相关联的有效数字签名。只有当数据库模式的对象被验证为具有与可信实体相关联的有效数字签名时，才允许应用访问数据库模式的对象。在另一实施例中，数据库模式中的对象可被验证为具有与至少一个可信实体相关联的数字签名。只有当对象的数字签名被验证为与至少一个可信实体相关联时，应用才可以被允许访问数据库模式的对象。

2. 发明授权

US08572716B2 Integrating operating systems with content offered by web based entities 有权
公开(公告)号：US08572716B2
公开(公告)日：2013-10-29
申请号：US11789270
申请日：2007-04-23
申请人： Girish Chander , Tanmoy Dutta , Cristian Ilac , Bronislav Kavsan , Ziquan Li , Andreas K. Luther , Gennady Medvinsky , Liquiang Zhu
发明人： Girish Chander , Tanmoy Dutta , Cristian Ilac , Bronislav Kavsan , Ziquan Li , Andreas K. Luther , Gennady Medvinsky , Liquiang Zhu
IPC分类号： H04L29/06
CPC分类号： H04L63/083 , G06F21/335 , H04L63/08 , H04L63/0807 , H04L63/0884 , H04L63/10 , H04L63/123
摘要： Example embodiments are provided for integrating operating systems with content offered by internet based entities.

3. 发明申请

US20100242085A1 SYSTEM AND METHOD FOR DOCUMENT ISOLATION 有权
标题翻译：用于文件隔离的系统和方法
公开(公告)号：US20100242085A1
公开(公告)日：2010-09-23
申请号：US12731774
申请日：2010-03-25
申请人： Tanmoy Dutta , Alexander Balikov , Himani Naresh
发明人： Tanmoy Dutta , Alexander Balikov , Himani Naresh
IPC分类号： H04L9/32
CPC分类号： G06Q10/10 , Y10S707/99938
摘要： A computer based system and method of providing document isolation during routing of a document through a workflow is disclosed. The method comprises maintaining a separate “working” copy of the original base document while the document is routed through a workflow. Access controls, which define who may access the original document as well as any versions of the working copy document, are defined and stored in relation to the documents. The access controls further define the types of actions users may take with respect to the document. Users are selectively directed to the appropriate document, either the base document or working copy, and selectively granted permission to perform publishing operations on the working copy document, as determined by the access controls.
摘要翻译：公开了一种基于计算机的系统和在通过工作流程路由文档期间提供文档隔离的方法。该方法包括在通过工作流路由文档时维护原始基本文档的单独“工作”副本。定义谁可以访问原始文档以及任何版本的工作副本文档的访问控制是根据文档进行定义和存储的。访问控制进一步定义用户可能对文档采取的操作类型。用户被选择性地定向到适当的文档，即基本文档或工作副本，并且由访问控制确定，选择性地授予对工作副本文档执行发布操作的权限。

4. 发明授权

US07698379B2 System and method for document isolation 失效
标题翻译：用于文档隔离的系统和方法
公开(公告)号：US07698379B2
公开(公告)日：2010-04-13
申请号：US11354445
申请日：2006-02-15
申请人： Tanmoy Dutta , Alexander G. Balikov , Himani Naresh
发明人： Tanmoy Dutta , Alexander G. Balikov , Himani Naresh
IPC分类号： G06F15/16 , G06F7/00
CPC分类号： G06Q10/10 , Y10S707/99938
摘要： A computer based system and method of providing document isolation during routing of a document through a workflow is disclosed. The method comprises maintaining a separate “working” copy of the original base document while the document is routed through a workflow. Access controls, which define who may access the original document as well as any versions of the working copy document, are defined and stored in relation to the documents. The access controls further define the types of actions users may take with respect to the document. Users are selectively directed to the appropriate document, either the base document or working copy, and selectively granted permission to perform publishing operations on the working copy document, as determined by the access controls.
摘要翻译：公开了一种基于计算机的系统和在通过工作流程路由文档期间提供文档隔离的方法。该方法包括在通过工作流路由文档时维护原始基本文档的单独“工作”副本。定义谁可以访问原始文档以及任何版本的工作副本文档的访问控制是根据文档进行定义和存储的。访问控制进一步定义用户可能对文档采取的操作类型。用户被选择性地定向到适当的文档，即基本文档或工作副本，并且由访问控制确定，选择性地授予对工作副本文档执行发布操作的权限。

5. 发明授权

US07613711B2 Specification of a hierarchical authorization model for a DBMS—SQL language extensions 有权
标题翻译：规范DBMS-SQL语言扩展的分层授权模型
公开(公告)号：US07613711B2
公开(公告)日：2009-11-03
申请号：US11151998
申请日：2005-06-14
申请人： Tanmoy Dutta , Girish Chander , Ziquan Li , Steven Richard Gott , Clifford T. Dibble
发明人： Tanmoy Dutta , Girish Chander , Ziquan Li , Steven Richard Gott , Clifford T. Dibble
IPC分类号： G06F17/30
CPC分类号： G06F21/6227 , G06F17/30421 , G06F21/6218 , G06F2221/2145 , Y10S707/99939 , Y10S707/99952
摘要： Provided are systems and methods that facilitate providing permission to entities of a database. A system includes a component that authorizes a principal of a containing entity to grant a permission to that entity, and a component that grants the permission to the containing entity, the grantee of the permission inherits a set of permissions to one or more entities contained by the containing entity. When a permission is granted to a parent in a hierarchy of a relational database, the permission is inherited by the child nodes. Also provided is a method for transferring ownership of entities in a relational database. The method includes a two-part handshake that can be audited to avoid repudiation issues.
摘要翻译：提供了有助于向数据库的实体提供许可的系统和方法。系统包括授权包含实体的委托人向该实体授予许可的组件，以及向该包含实体授予许可的组件，该许可的授予者将继承一组或多个由包含实体。当向关系数据库的层次结构中的父级授予权限时，权限将由子节点继承。还提供了一种用于转移关系数据库中的实体的所有权的方法。该方法包括两部分握手，可以进行审核，以避免否认问题。

6. 发明申请

US20080184329A1 LABELING OF DATA OBJECTS TO APPLY AND ENFORCE POLICIES 有权
标题翻译：标示数据对象适用和执行政策
公开(公告)号：US20080184329A1
公开(公告)日：2008-07-31
申请号：US11627059
申请日：2007-01-25
申请人： David B. Cross , Satyajit Nath , George Z. Li , Tanmoy Dutta , Sunil P. Gottumukkala
发明人： David B. Cross , Satyajit Nath , George Z. Li , Tanmoy Dutta , Sunil P. Gottumukkala
IPC分类号： G06F15/18 , G06F17/00
CPC分类号： G06F21/6218
摘要： One or more labels are associated with a data object. One or more policies are associated with each of the labels. Based on the labels associated with the data objects, the associated policies are dispatched to policy decision engines to take one or more actions to enforce the policy. The labels, and the policies associated with the labels, are chosen by a business administrator within an enterprise, and are implemented by an Information Technology (IT) administrator. The association between labels and polices allows the policy to be applied to an object to be decoupled from the characterization of the nature of the object, or its purpose and/or role within an enterprise, business purpose and/or context of the object. Examples of policies are: access, backup, retention, isolation, audit, etc.
摘要翻译：一个或多个标签与数据对象相关联。一个或多个策略与每个标签相关联。基于与数据对象相关联的标签，相关联的策略被分派到策略决策引擎，以采取一个或多个动作来执行策略。标签和与标签相关联的策略由企业内的业务管理员选择，并由信息技术（IT）管理员实现。标签和策略之间的关联允许将策略应用于要从对象的性质的表征或其在企业内的目的和/或作用，商业目的和/或对象的上下文中去脱离的对象。策略的例子有：访问，备份，保留，隔离，审核等。

7. 发明申请

US20070005600A1 Security execution context for a database management system 有权
标题翻译：数据库管理系统的安全执行上下文
公开(公告)号：US20070005600A1
公开(公告)日：2007-01-04
申请号：US11170585
申请日：2005-06-29
申请人： Tanmoy Dutta , Raul Garcia , Ziquan Li , Girish Chander
发明人： Tanmoy Dutta , Raul Garcia , Ziquan Li , Girish Chander
IPC分类号： G06F17/30
CPC分类号： G06F21/629 , G06F21/6218 , G06F2221/2145
摘要： A database management system that supports multiple databases in an instance with controlled sharing between the databases. The invention can also support execution of procedures and other modules in the context of any principal possibly different from that of the caller. Trusted certificates can be employed to permit access to procedures (or other modules). The security context of the invention can enable the building blocks of building a pure trusted sub-system model of authorization.
摘要翻译：数据库管理系统，支持在数据库之间具有受控共享的实例中的多个数据库。本发明还可以支持在可能不同于呼叫者的任何主体的上下文中执行过程和其他模块。可以使用受信任的证书来允许访问过程（或其他模块）。本发明的安全上下文可以使建立一个纯信任子系统授权模型的构建模块。

8. 发明申请

US20060149831A1 System and method for document isolation 失效
标题翻译：用于文档隔离的系统和方法
公开(公告)号：US20060149831A1
公开(公告)日：2006-07-06
申请号：US11354445
申请日：2006-02-15
申请人： Tanmoy Dutta , Alexander Balikov , Himani Naresh
发明人： Tanmoy Dutta , Alexander Balikov , Himani Naresh
IPC分类号： G06F15/16
CPC分类号： G06Q10/10 , Y10S707/99938
摘要： A computer based system and method of providing document isolation during routing of a document through a workflow is disclosed. The method comprises maintaining a separate “working” copy of the original base document while the document is routed through a workflow. Access controls, which define who may access the original document as well as any versions of the working copy document, are defined and stored in relation to the documents. The access controls further define the types of actions users may take with respect to the document. Users are selectively directed to the appropriate document, either the base document or working copy, and selectively granted permission to perform publishing operations on the working copy document, as determined by the access controls.
摘要翻译：公开了一种基于计算机的系统和在通过工作流程路由文档期间提供文档隔离的方法。该方法包括在通过工作流路由文档时维护原始基本文档的单独“工作”副本。定义谁可以访问原始文档以及任何版本的工作副本文档的访问控制是根据文档进行定义和存储的。访问控制进一步定义用户可能对文档采取的操作类型。用户被选择性地定向到适当的文档，即基本文档或工作副本，并且由访问控制确定，选择性地授予对工作副本文档执行发布操作的权限。

9. 发明申请

US20050216465A1 Systems and methods for fine grained access control of data stored in relational databases 有权
标题翻译：对关系数据库中存储的数据进行细粒度访问控制的系统和方法
公开(公告)号：US20050216465A1
公开(公告)日：2005-09-29
申请号：US10878152
申请日：2004-06-28
申请人： Tanmoy Dutta , Conor Cunningham , Stefano Stefani , Girish Chander , Eric Hanson
发明人： Tanmoy Dutta , Conor Cunningham , Stefano Stefani , Girish Chander , Eric Hanson
IPC分类号： G06F20060101 , G06F7/00 , G06F12/00 , G06F12/14 , G06F17/00 , G06F17/30 , G06F21/00
CPC分类号： G06F21/6227 , G06F17/30306 , Y10S707/99932 , Y10S707/99933 , Y10S707/99934 , Y10S707/99939
摘要： A system and method for facilitating secure access to database(s) is provided. The system relates to authorizing discriminatory access to relational database data. More particularly, the invention provides for an innovative technique of defining secured access to rows in relational database tables in a way that cannot be spoofed while preserving various optimization techniques. The invention affords a persistent scheme via providing for a security architecture whereby discriminatory access policies on persistent entities can be defined and enforced while preserving set based associative query capabilities. A particular aspect of the invention relates to the specification of such policies and the technique by which those policies are enforced. With respect to one particular implementation of the invention, creation, modification and deletion of access control lists called security descriptors is provided. The security descriptors can be provisioned independent of rows in tables of the database and can be shared and embody the policy on what permissions are granted to whom when associated with a row.
摘要翻译：提供了一种用于促进对数据库的安全访问的系统和方法。该系统涉及授权对关系数据库数据的歧视性访问。更具体地，本发明提供了一种创新技术，其以不能欺骗的方式定义对关系数据库表中的行的安全访问，同时保持各种优化技术。本发明通过提供一种安全架构来提供持续方案，从而可以在保持基于集合的关联查询能力的同时定义和实施对持久性实体的区别性访问策略。本发明的一个特定方面涉及这些策略的说明以及执行这些策略的方法。关于本发明的一个具体实现，提供了称为安全描述符的访问控制列表的创建，修改和删除。安全描述符可以独立于数据库表中的行进行配置，并且可以共享，并且包含与哪些权限相关联的权限被授予谁的策略。

10. 发明授权

US08996866B2 Unobtrusive assurance of authentic user intent 有权
标题翻译：真实的用户意图不明智的保证
公开(公告)号：US08996866B2
公开(公告)日：2015-03-31
申请号：US12645465
申请日：2009-12-22
申请人： Crispin Cowan , Matthew Z. Tamayo-Rios , Tanmoy Dutta , John Lambert , Paul J. Leach , Scott A. Field , Thomas C. Jones
发明人： Crispin Cowan , Matthew Z. Tamayo-Rios , Tanmoy Dutta , John Lambert , Paul J. Leach , Scott A. Field , Thomas C. Jones
IPC分类号： G06F21/52 , G06F21/62 , G06F21/53
CPC分类号： G06F21/52 , G06F21/53 , G06F21/62
摘要： Computer-executable instructions that are directed to the performance of consequential actions and automatically elevate to execute at a higher privilege level to do so can perform such consequential actions only after user notification. Doing so can enable monitoring processes to avoid presenting duplicative user notification upon detection of such auto-elevation. In addition, prior to presenting user notification, input from the execution environment can be ignored and access to DLLs for performing consequential actions can be avoided. A static analyzer can identify non-conforming computer-executable instructions. A wrapper can be utilized to provide compliance by otherwise unknown or non-conforming computer-executable instructions.
摘要翻译：针对执行相应操作并自动提升以在较高权限级别执行的计算机可执行指令，只有在用户通知后才能执行此类后续操作。这样做可以实现监控过程，以避免在检测到这种自动升高时呈现重复的用户通知。此外，在呈现用户通知之前，可以忽略来自执行环境的输入，并且可以避免对用于执行相继动作的DLL的访问。静态分析仪可以识别不合格的计算机可执行指令。可以使用包装器来提供否则未知或不合格的计算机可执行指令的符合性。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式