-
公开(公告)号:US08209394B2
公开(公告)日:2012-06-26
申请号:US12131140
申请日:2008-06-02
申请人: Wei-Qiang Guo , Vaishali De , Rui Chen , Yordan Rouskov , Vikas Rajvanshy
发明人: Wei-Qiang Guo , Vaishali De , Rui Chen , Yordan Rouskov , Vikas Rajvanshy
IPC分类号: G06F15/16
CPC分类号: G06F21/73 , G06F2221/2129
摘要: A device identifier (ID) is used across enterprise boundaries. A user can use the device ID to publish a device for sharing with other remote users. The remote users can discover devices that are shared by other users based on device IDs, connect to a selected device, and then verify that they have connected to the correct device based on its device ID. An account authority service may be used to manage the publication and/or discovery of the shared devices and their device IDs.
摘要翻译: 跨企业边界使用设备标识符(ID)。 用户可以使用设备ID发布设备以与其他远程用户共享。 远程用户可以基于设备ID发现其他用户共享的设备,连接到所选设备,然后根据设备ID验证是否连接到正确的设备。 可以使用帐户权限服务来管理共享设备及其设备ID的发布和/或发现。
-
公开(公告)号:US20110078448A1
公开(公告)日:2011-03-31
申请号:US12965449
申请日:2010-12-10
申请人: Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Wai Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Kalyan Sayyaparaju , Dilip Pai , Avinash Belur
发明人: Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Wai Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Kalyan Sayyaparaju , Dilip Pai , Avinash Belur
CPC分类号: H04L9/3213 , H04L9/3263 , H04L51/04 , H04L63/0807 , H04L63/0823 , H04L63/0846 , H04L63/20 , H04L2209/56
摘要: An integrated authentication service is described which may receive a bundled request from one or more clients. One or more of the described techniques may be utilized to provide, in response to a single bundled request, a token for proof of identity and a certificate for establishing secure communications.
摘要翻译: 描述了可以从一个或多个客户端接收捆绑请求的集成认证服务。 所述技术中的一个或多个可以用于响应于单个捆绑的请求提供用于证明身份的令牌和用于建立安全通信的证书。
-
公开(公告)号:US20090254978A1
公开(公告)日:2009-10-08
申请号:US12060869
申请日:2008-04-02
申请人: Yordan Rouskov , Michael Guo , Rui Chen , Kyle Young
发明人: Yordan Rouskov , Michael Guo , Rui Chen , Kyle Young
CPC分类号: H04L63/102 , G06F21/335 , H04L9/321 , H04L9/3234 , H04L9/3247 , H04L2209/60
摘要: Embodiments of the claimed subject matter provide a method and an apparatus for enabling delegated authentication for web services. Delegated authentication is provided without divulging the information the user requires to complete an authorization procedure of another web service or otherwise subjecting the user to unnecessary risk. Furthermore, delegated authentication is granted for a limited duration and access is subject to further limitations to prevent unnecessary intrusion to the user, the user's data, and the host web service.One embodiment of the claimed subject matter is implemented as a method for enabling delegated authentication to allow a third party service access to protected data on a host service. A user attempting to utilize functionality of a third party website that requests access to the user's data stored on a separate host website is enabled as a delegate with authorization to access the data stored on the host website.
摘要翻译: 所要求保护的主题的实施例提供了一种用于启用用于web服务的委托认证的方法和装置。 提供委托认证,而不泄露用户需要的信息来完成另一个Web服务的授权过程,或以其他方式使用户受到不必要的风险。 此外,委托认证在有限的时间内被授予,并且访问受到进一步的限制,以防止对用户,用户的数据和主机web服务的不必要的入侵。 所要求保护的主题的一个实施例被实现为用于使得委托认证允许第三方服务访问主机服务上的受保护数据的方法。 尝试利用请求访问存储在单独的主机网站上的用户数据的第三方网站的功能的用户被启用为具有访问存储在主机网站上的数据的授权的代理。
-
公开(公告)号:US20070118875A1
公开(公告)日:2007-05-24
申请号:US11282174
申请日:2005-11-18
申请人: Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Kalyan Sayyaparaju , Dilip Pai , Avinash Belur
发明人: Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Kalyan Sayyaparaju , Dilip Pai , Avinash Belur
IPC分类号: H04L9/32
CPC分类号: H04L9/3213 , H04L9/3263 , H04L51/04 , H04L63/0807 , H04L63/0823 , H04L63/0846 , H04L63/20 , H04L2209/56
摘要: An integrated authentication service is described which may receive a bundled request from one or more clients. One or more of the described techniques may be utilized to provide, in response to a single bundled request, a token for proof of identity and a certificate for establishing secure communications.
摘要翻译: 描述了可以从一个或多个客户端接收捆绑请求的集成认证服务。 所述技术中的一个或多个可以用于响应于单个捆绑的请求提供用于证明身份的令牌和用于建立安全通信的证书。
-
公开(公告)号:US09418216B2
公开(公告)日:2016-08-16
申请号:US13187767
申请日:2011-07-21
CPC分类号: H04L63/0853 , G06F21/335 , G06F21/41 , G06F2221/2115 , H04L63/0807 , H04L63/083 , H04L63/0861
摘要: One or more techniques and/or systems are provided for obtaining access to a cloud service. In particular, a user may log into a client device using an operating system (OS) cloud login ID. The user may access cloud services (e.g., a music streaming service, a data storage service, etc.) through applications executing on the client device using merely the OS cloud login ID without providing additional login credentials specific to the cloud services. A client side application may request a token to access a cloud service. The token may be generated by an identity provider based upon the identity provider verifying an application ID identifying the application, a cloud service ID identifying the cloud service and/or OS cloud credentials. In this way, the application may present the token to a cloud service provider for verification to gain access to the cloud service hosted by the cloud service provider.
摘要翻译: 提供一个或多个技术和/或系统以获得对云服务的访问。 特别地,用户可以使用操作系统(OS)云登录ID登录到客户端设备。 用户可以通过仅使用OS云登录ID在客户端设备上执行的应用来访问云服务(例如,音乐流服务,数据存储服务等),而不提供特定于云服务的附加登录凭证。 客户端应用程序可以请求令牌来访问云服务。 令牌可以由身份提供者基于身份提供者生成,该身份提供者验证识别应用的应用ID,识别云服务的云服务ID和/或OS云凭证。 以这种方式,应用程序可以将令牌呈现给云服务提供商以进行验证以获得对由云服务提供商托管的云服务的访问。
-
公开(公告)号:US08800003B2
公开(公告)日:2014-08-05
申请号:US13162834
申请日:2011-06-17
CPC分类号: G06F21/31 , G06F21/32 , G06F21/34 , H04L9/3234 , H04L9/3263 , H04L63/0823 , H04L63/0876 , H04L63/105 , H04L2209/56
摘要: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.
摘要翻译: 认证系统将设备凭据验证与用户凭证验证相结合,提供了更加强大的身份验证机制,方便用户,跨企业边界有效。 在一个实现中,组合用户凭证验证和设备凭据验证以提供方便的双因素认证。 以这种方式,帐户权限服务或其他认证提供者验证两个因素并根据用户打算访问的帐户网络资源的安全策略提供安全令牌。 目标帐户网络资源授予的权限级别可以根据帐户权限服务验证的因素的数量和类型而有所不同。
-
公开(公告)号:US08544074B2
公开(公告)日:2013-09-24
申请号:US12141940
申请日:2008-06-19
申请人: Wei-Qiang Guo , Lynn Ayres , Rui Chen , Sarah Faulkner , Yordan Rouskov
发明人: Wei-Qiang Guo , Lynn Ayres , Rui Chen , Sarah Faulkner , Yordan Rouskov
CPC分类号: H04L63/0815 , G06F17/30864 , G06F21/41 , G06F21/606 , G06F21/6209 , H04L9/3234 , H04L63/08 , H04L63/0853 , H04L63/101
摘要: A federated realm discovery system within a federation determines a “home” realm associated with a portion of the user's credentials before the user's secret information (such as a password) is passed to a non-home realm. A login user interface accepts a user identifier and, based on the user identifier, can use various methods to identify an account authority service within the federation that can authenticate the user. In one method, a realm list of the user device can be used to direct the login to the appropriate home realm of the user. In another method, an account authority service in a non-home realm can look up the user's home realm and provide realm information directing the user device to login at the home realm.
摘要翻译: 联盟内的联合领域发现系统在将用户的秘密信息(例如密码)传递到非住宅领域之前确定与用户凭证的一部分相关联的“家庭”领域。 登录用户界面接受用户标识符,并且基于用户标识符可以使用各种方法来识别可以验证用户的联盟内的帐户授权服务。 在一种方法中,用户设备的领域列表可以用于将登录指向用户的适当的家庭领域。 在另一种方法中,非家庭领域的帐户授权服务可以查找用户的家庭领域,并提供指导用户设备在家庭领域登录的领域信息。
-
公开(公告)号:US08402508B2
公开(公告)日:2013-03-19
申请号:US12060869
申请日:2008-04-02
申请人: Yordan Rouskov , Michael Guo , Rui Chen , Kyle Young
发明人: Yordan Rouskov , Michael Guo , Rui Chen , Kyle Young
IPC分类号: H04L29/06
CPC分类号: H04L63/102 , G06F21/335 , H04L9/321 , H04L9/3234 , H04L9/3247 , H04L2209/60
摘要: Embodiments of the claimed subject matter provide a method and an apparatus for enabling delegated authentication for web services. Delegated authentication is provided without divulging the information the user requires to complete an authorization procedure of another web service or otherwise subjecting the user to unnecessary risk. Furthermore, delegated authentication is granted for a limited duration and access is subject to further limitations to prevent unnecessary intrusion to the user, the user's data, and the host web service.One embodiment of the claimed subject matter is implemented as a method for enabling delegated authentication to allow a third party service access to protected data on a host service. A user attempting to utilize functionality of a third party website that requests access to the user's data stored on a separate host website is enabled as a delegate with authorization to access the data stored on the host website.
摘要翻译: 所要求保护的主题的实施例提供了一种用于启用用于web服务的委托认证的方法和装置。 提供委托认证,而不泄露用户需要的信息来完成另一个Web服务的授权过程,或以其他方式使用户受到不必要的风险。 此外,委托认证在有限的时间内被授予,并且访问受到进一步的限制,以防止对用户,用户的数据和主机web服务的不必要的入侵。 所要求保护的主题的一个实施例被实现为用于使得委托认证允许第三方服务访问主机服务上的受保护数据的方法。 尝试利用请求访问存储在单独的主机网站上的用户数据的第三方网站的功能的用户被启用为具有访问存储在主机网站上的数据的授权的代理。
-
公开(公告)号:US20130024919A1
公开(公告)日:2013-01-24
申请号:US13187767
申请日:2011-07-21
IPC分类号: G06F21/20
CPC分类号: H04L63/0853 , G06F21/335 , G06F21/41 , G06F2221/2115 , H04L63/0807 , H04L63/083 , H04L63/0861
摘要: One or more techniques and/or systems are provided for obtaining access to a cloud service. In particular, a user may log into a client device using an operating system (OS) cloud login ID. The user may access cloud services (e.g., a music streaming service, a data storage service, etc.) through applications executing on the client device using merely the OS cloud login ID without providing additional login credentials specific to the cloud services. A client side application may request a token to access a cloud service. The token may be generated by an identity provider based upon the identity provider verifying an application ID identifying the application, a cloud service ID identifying the cloud service and/or OS cloud credentials. In this way, the application may present the token to a cloud service provider for verification to gain access to the cloud service hosted by the cloud service provider.
摘要翻译: 提供一个或多个技术和/或系统以获得对云服务的访问。 特别地,用户可以使用操作系统(OS)云登录ID登录到客户端设备。 用户可以通过仅使用OS云登录ID在客户端设备上执行的应用来访问云服务(例如,音乐流服务,数据存储服务等),而不提供特定于云服务的附加登录凭证。 客户端应用程序可以请求令牌来访问云服务。 令牌可以由身份提供者基于身份提供者生成,该身份提供者验证识别应用的应用ID,识别云服务的云服务ID和/或OS云凭证。 以这种方式,应用程序可以将令牌呈现给云服务提供商以进行验证以获得对由云服务提供商托管的云服务的访问。
-
公开(公告)号:US20120304260A1
公开(公告)日:2012-11-29
申请号:US13176762
申请日:2011-07-06
申请人: David Steeves , Luke Abrams , Hersh Dangayach , Eric Fleischman , Prabu Raju , Krishna Vitaldevara , Niyantha Shekar , Payoj Baral , Meenakshi Ramaswamy , Winfred Wong , Yordan Rouskov , Ramesh Manne
发明人: David Steeves , Luke Abrams , Hersh Dangayach , Eric Fleischman , Prabu Raju , Krishna Vitaldevara , Niyantha Shekar , Payoj Baral , Meenakshi Ramaswamy , Winfred Wong , Yordan Rouskov , Ramesh Manne
IPC分类号: H04L9/32
CPC分类号: H04L63/083 , G06F21/31 , G06F21/316 , G06F2221/2111 , H04L61/609 , H04L63/08 , H04L67/22 , H04L67/306 , H04W4/029
摘要: In one embodiment, a user authentication server may use geo-location tracking to determine whether to present an enhanced identity challenge. A communication interface 180 may receive a user login attempt by a user and a current location of the user login attempt. A data storage 150 may store a user location profile of the user. A processor 120 may execute a comparison of the current location to the user location profile. The communication interface 180 may present the user with an enhanced identity challenge before allowing user access based on the comparison.
摘要翻译: 在一个实施例中,用户认证服务器可以使用地理位置跟踪来确定是否呈现增强的身份挑战。 通信接口180可以接收用户的用户登录尝试和用户登录尝试的当前位置。 数据存储器150可以存储用户的用户位置简档。 处理器120可以执行当前位置与用户位置简档的比较。 通信接口180可以在基于比较允许用户访问之前向用户呈现增强的身份挑战。
-
-
-
-
-
-
-
-
-
搜索结果
31 条记录 (耗时 0.014 秒)
