专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20130340027A1 Provisioning Managed Devices with States of Arbitrary Type 有权
标题翻译：为具有任意类型的国家提供管理设备
公开(公告)号：US20130340027A1
公开(公告)日：2013-12-19
申请号：US13526494
申请日：2012-06-18
申请人： Dan A. Knudson , James J. Simmons , Siddharth Bhai
发明人： Dan A. Knudson , James J. Simmons , Siddharth Bhai
IPC分类号： G06F21/00
CPC分类号： G06F21/00 , G06F9/4411 , G06F9/44505 , H04L41/0806 , H04L63/20
摘要： Described is a technology by which a target machine (managed device) is provisioned with arbitrary states for subsequent communication with a central authority, in which the configuration provisioning of the device is decoupled from the collection of the provisioning data. In a provisioning phase, arbitrary state information for provisioning the managed device is obtained and packaged in a container. In a configuration phase, the container is accessed, and the arbitrary state information is unpackaged to apply state to the managed device. The target machine thus may be provisioned with arbitrary states without actively communicating with the central authority.
摘要翻译：描述了将目标机器（被管理设备）配备有用于随后与中央机构进行通信的任意状态的技术，其中将设备的配置供应从供应数据的收集中分离。在供应阶段，获得用于供应被管理设备的任意状态信息并将其打包在容器中。在配置阶段，访问容器，并且任意状态信息被解包以将状态应用于被管理设备。因此，目标机器可以被配置为任意状态，而不与中央机构主动通信。

2. 发明授权

US09047442B2 Provisioning managed devices with states of arbitrary type 有权
标题翻译：配置具有任意类型状态的受管设备
公开(公告)号：US09047442B2
公开(公告)日：2015-06-02
申请号：US13526494
申请日：2012-06-18
申请人： Dan A. Knudson , James J. Simmons , Siddharth Bhai
发明人： Dan A. Knudson , James J. Simmons , Siddharth Bhai
IPC分类号： G06F21/00 , H04L29/06 , H04L12/24 , G06F9/445
CPC分类号： G06F21/00 , G06F9/4411 , G06F9/44505 , H04L41/0806 , H04L63/20
摘要： Described is a technology by which a target machine (managed device) is provisioned with arbitrary states for subsequent communication with a central authority, in which the configuration provisioning of the device is decoupled from the collection of the provisioning data. In a provisioning phase, arbitrary state information for provisioning the managed device is obtained and packaged in a container. In a configuration phase, the container is accessed, and the arbitrary state information is unpackaged to apply state to the managed device. The target machine thus may be provisioned with arbitrary states without actively communicating with the central authority.
摘要翻译：描述了将目标机器（被管理设备）配备有用于随后与中央机构进行通信的任意状态的技术，其中将设备的配置供应从供应数据的收集中分离。在供应阶段，获得用于供应被管理设备的任意状态信息并将其打包在容器中。在配置阶段，访问容器，并且任意状态信息被解包以将状态应用于被管理设备。因此，目标机器可以被配置为任意状态，而不与中央机构主动通信。

3. 发明申请

US20130347063A1 HANDLING CLAIMS TRAVERSING SECURITY BOUNDARIES 审中-公开
标题翻译：处理安全边界的索赔
公开(公告)号：US20130347063A1
公开(公告)日：2013-12-26
申请号：US13529853
申请日：2012-06-21
申请人： Sarath Madakasira , Siddharth Bhai , James J. Simmons , Ryan J. Fairfax , Qi Cao , Arun K. Nanda , Mark Fishel Novak
发明人： Sarath Madakasira , Siddharth Bhai , James J. Simmons , Ryan J. Fairfax , Qi Cao , Arun K. Nanda , Mark Fishel Novak
IPC分类号： G06F21/00
CPC分类号： G06F21/604 , H04L63/20
摘要： Sharing security claims across different security contexts. A method includes, for a first security context, identifying a first set of security claims. The method further includes for the first security context identifying a second set of security claims from the first set of security claims that is allowed to be sent from the first security context. The first set of security claims is modified to create the second set of security claims. For a second security context, security claim requirements are identified. The second set of security claims is modified to satisfy the security claim requirements for the second security context.
摘要翻译：在不同的安全环境中共享安全声明。对于第一安全上下文，一种方法包括识别第一组安全权利要求。所述方法还包括用于从所述第一安全声明集合允许从所述第一安全上下文发送的所述第一安全性上下文标识第二组安全声明。修改第一组安全声明以创建第二组安全声明。对于第二个安全上下文，确定了安全声明要求。修改第二组安全声明以满足第二安全上下文的安全声明要求。

4. 发明授权

US08302165B2 Establishing trust relationships between computer systems 有权
标题翻译：建立计算机系统之间的信任关系
公开(公告)号：US08302165B2
公开(公告)日：2012-10-30
申请号：US12611822
申请日：2009-11-03
申请人： Siddharth Bhai , Zhe (Jessie) Li , William S. Jack, III , Christopher W. McCarron , James J. Simmons , Qi Cao
发明人： Siddharth Bhai , Zhe (Jessie) Li , William S. Jack, III , Christopher W. McCarron , James J. Simmons , Qi Cao
IPC分类号： G06F7/04
CPC分类号： G06F21/33 , G06F21/445 , H04L41/0803
摘要： An offline trust system establishes a trust relationship between a trust authority computer system and a target computer system without relying on an active network connection between the computer systems. The offline trust system separates the trust establishment operation into a provisioning phase and a configuration phase. The provisioning phase can be performed entirely on the trust authority, while the configuration phase can be performed entirely on the target computer system requesting trust. The two phases can be performed at different times and do not assume any connection between the two computer systems. An administrator may perform the provisioning phase for many target computer systems at the same time. Thus, the offline trust system provides a way to establish trust between computer systems that is more reliable and less prone to failure.
摘要翻译：离线信任系统在信任机构计算机系统和目标计算机系统之间建立信任关系，而不依赖计算机系统之间的活动网络连接。离线信任系统将信任建立操作分为供应阶段和配置阶段。配置阶段可以完全在信任授权机构上完成，同时配置阶段可以完全在目标计算机系统上执行请求信任。这两个阶段可以在不同的时间执行，并且不会在两个计算机系统之间承担任何连接。管理员可以同时为许多目标计算机系统执行供应阶段。因此，离线信任系统提供了一种在更可靠且不容易发生故障的计算机系统之间建立信任的方法。

5. 发明申请

US20090328154A1 ISOLATION OF SERVICES OR PROCESSES USING CREDENTIAL MANAGED ACCOUNTS 有权
标题翻译：使用经授权管理的账户分离服务或流程
公开(公告)号：US20090328154A1
公开(公告)日：2009-12-31
申请号：US12146344
申请日：2008-06-25
申请人： Scott A. Field , Ramesh Chinta , Liqiang Zhu , Umit Akkus , Siddharth Bhai , Gopinathan Kannan , James J. Simmons , Qi Cao , Paul Miller , Ryan Fairfax , Alexandru Hanganu
发明人： Scott A. Field , Ramesh Chinta , Liqiang Zhu , Umit Akkus , Siddharth Bhai , Gopinathan Kannan , James J. Simmons , Qi Cao , Paul Miller , Ryan Fairfax , Alexandru Hanganu
IPC分类号： H04L9/32
CPC分类号： G06F21/46
摘要： This disclosure describes methods, systems, and application programming interfaces for creating a credential managed account. This disclosure describes creating a new password managed account, defining the password managed account, wherein the password managed account is to access a service on a managed computing device, identifying the password managed account for a lifecycle, and automatically managing the password managed account by updating and changing a password for the password managed account on a periodic basis.
摘要翻译：本公开描述了用于创建凭证管理帐户的方法，系统和应用程序编程接口。本公开描述了创建新的密码管理帐户，定义密码管理帐户，其中密码管理帐户将访问受管计算设备上的服务，识别生命周期中的密码管理帐户，以及通过更新来自动管理密码管理帐户并定期更改密码管理帐户的密码。

6. 发明授权

US09501635B2 Isolation of services or processes using credential managed accounts 有权
标题翻译：使用凭据管理帐户隔离服务或进程
公开(公告)号：US09501635B2
公开(公告)日：2016-11-22
申请号：US12146344
申请日：2008-06-25
申请人： Ramesh Chinta , Scott A. Field , Liqiang Zhu , Umit Akkus , Siddharth Bhai , Gopinathan Kannan , James J Simmons , Qi Cao , Paul Miller , Ryan Fairfax , Alexandru Hanganu
发明人： Ramesh Chinta , Scott A. Field , Liqiang Zhu , Umit Akkus , Siddharth Bhai , Gopinathan Kannan , James J Simmons , Qi Cao , Paul Miller , Ryan Fairfax , Alexandru Hanganu
IPC分类号： H04L29/06 , G06F21/46
CPC分类号： G06F21/46
摘要： This disclosure describes methods, systems, and application programming interfaces for creating a credential managed account. This disclosure describes creating a new password managed account, defining the password managed account, wherein the password managed account is to access a service on a managed computing device, identifying the password managed account for a lifecycle, and automatically managing the password managed account by updating and changing a password for the password managed account on a periodic basis.
摘要翻译：本公开描述了用于创建凭证管理帐户的方法，系统和应用程序编程接口。本公开描述了创建新的密码管理帐户，定义密码管理帐户，其中密码管理帐户将访问受管计算设备上的服务，识别生命周期中的密码管理帐户，以及通过更新来自动管理密码管理帐户并定期更改密码管理帐户的密码。

7. 发明申请

US20110107401A1 ESTABLISHING TRUST RELATIONSHIPS BETWEEN COMPUTER SYSTEMS 有权
标题翻译：建立计算机系统之间的信任关系
公开(公告)号：US20110107401A1
公开(公告)日：2011-05-05
申请号：US12611822
申请日：2009-11-03
申请人： Siddharth Bhai , Zhe (Jessie) Li , William S. Jack, III , Christopher W. McCarron , James J. Simmons , Qi Cao
发明人： Siddharth Bhai , Zhe (Jessie) Li , William S. Jack, III , Christopher W. McCarron , James J. Simmons , Qi Cao
IPC分类号： H04L29/06 , G06F7/04 , G06F15/16 , G06F17/30
CPC分类号： G06F21/33 , G06F21/445 , H04L41/0803
摘要： An offline trust system establishes a trust relationship between a trust authority computer system and a target computer system without relying on an active network connection between the computer systems. The offline trust system separates the trust establishment operation into a provisioning phase and a configuration phase. The provisioning phase can be performed entirely on the trust authority, while the configuration phase can be performed entirely on the target computer system requesting trust. The two phases can be performed at different times and do not assume any connection between the two computer systems. An administrator may perform the provisioning phase for many target computer systems at the same time. Thus, the offline trust system provides a way to establish trust between computer systems that is more reliable and less prone to failure.
摘要翻译：离线信任系统在信任机构计算机系统和目标计算机系统之间建立信任关系，而不依赖计算机系统之间的活动网络连接。离线信任系统将信任建立操作分为供应阶段和配置阶段。配置阶段可以完全在信任授权机构上完成，同时配置阶段可以完全在目标计算机系统上执行请求信任。这两个阶段可以在不同的时间执行，并且不会在两个计算机系统之间承担任何连接。管理员可以同时为许多目标计算机系统执行供应阶段。因此，离线信任系统提供了一种在更可靠且不容易发生故障的计算机系统之间建立信任的方法。

8. 发明授权

US08074264B2 Secure key distribution to internet clients 有权
标题翻译：安全的密钥分发给互联网客户端
公开(公告)号：US08074264B2
公开(公告)日：2011-12-06
申请号：US12104425
申请日：2008-04-16
申请人： Daniel W. Hitchcock , Siddharth Bhai , Nathan D. Muggli , Brian W. Puhl , Lee F. Walker
发明人： Daniel W. Hitchcock , Siddharth Bhai , Nathan D. Muggli , Brian W. Puhl , Lee F. Walker
IPC分类号： H04L9/32 , H04L9/00 , G06F17/30
CPC分类号： H04L63/08 , G06F21/335 , H04L63/0281
摘要： A server may bridge between a wide area network, such as the Internet, and a local area network and may process authentication requests from clients on the wide area network. The server may filter the requests to enable specific types of requests to pass, and may forward the requests to a credential server within the local area network and pass any responses back to the client. The server may be configured with some or all of a set of domain services objects, but such objects may be stored in a read only format. The server may further contain a minimum of or no sensitive data such that, if compromised, an attacker may gain little advantage. The client may request evidence of authentication available to devices within the local area network and may use the evidence of authentication to access services made available to the wide area network.
摘要翻译：服务器可以在广域网（例如因特网）和局域网之间桥接，并且可以处理来自广域网上的客户端的认证请求。服务器可以过滤请求以允许特定类型的请求通过，并且可以将请求转发到局域网内的凭证服务器，并将任何响应传回客户端。服务器可以配置有一些域服务对象的一些或全部，但是这些对象可以以只读格式存储。服务器还可以包含最少或不存在敏感数据，使得如果受到攻击，则攻击者可能获得很少的优势。客户端可以请求可用于局域网内的设备的认证证据，并且可以使用认证证据来访问可用于广域网的服务。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式