公开(公告)号：US20100064134A1

公开(公告)日：2010-03-11

申请号：US11565250

申请日：2006-11-30

Applicant: Thomas R. Gross ,  Birgit M. Pfitzmann

Inventor： Thomas R. Gross ,  Birgit M. Pfitzmann

IPC: H04L29/06

CPC classification number: H04L63/0815 ,  G06F21/41

Abstract: The invention relates to a method for providing an identity-related information (IRI) to a requesting entity (50) by means of an identity provider (40). The invention comprises: a first authenticity reference part generation step (IVa), comprising the generation of a first authenticity reference part (art 1) by the identity provider (40); a first authenticity reference communication step (IVb, IVd) between the client application (30) and the identity provider (40) comprising the communication of the first authenticity reference part (art 1); a second authenticity reference part generation step (VI), comprising the generation of a second authenticity reference part (art 2) by the identity provider (40); a second authenticity reference communication step (VIII, IX) between the identity provider (40) and the requesting entity (50) by means of the first communication protocol comprising the communication of the second authenticity reference part (art 2) and in the referrer element the communication of the first authenticity reference part (art 1).

Abstract translation: 本发明涉及一种通过身份提供者（40）向请求实体（50）提供身份相关信息（IRI）的方法。 本发明包括：第一真实性参考部分生成步骤（IVa），包括由身份提供者（40）生成第一真实性参考部分（艺术1）; 在客户端应用程序（30）和身份提供者（40）之间的第一真实性参考通信步骤（IVb，IVd）包括第一真实性参考部分的通信（第1条）; 第二真伪参考部分生成步骤（VI），包括由身份提供商（40）生成第二真实性参考部分（艺术2）; 通过包括第二真实性参考部分（技术2）的通信的第一通信协议和参照元素中的身份提供商（40）和请求实体（50）之间的第二真实性参考通信步骤（VIII，IX） 第一真实性参考部分的通信（第1条）。

公开(公告)号：US20080235805A1

公开(公告)日：2008-09-25

申请号：US10597664

申请日：2005-01-28

Applicant: Birgit M. Pfitzmann ,  Michael P. Waidner

Inventor： Birgit M. Pfitzmann ,  Michael P. Waidner

IPC: G06F1/00

CPC classification number: G06F21/10 ,  G06F21/105 ,  G06F2221/0773 ,  G06F2221/2137

Abstract: Software licence management systems are provided in which a licence to use a software product is represented by a data token. The systems have a software controller for controlling use of the software product at a user device, and a licence management server for communicating with the software controller via a data communications network. The software controller allows use of the software product at the user device substantially only during a use period associated with a current data token supplied to the software controller by the licence management server. An exchange token can be supplied to another, similar software controller when necessary to transfer the licence, e.g. in the event of a breakdown. The software controller is adapted to supply either the current data token, or the exchange token, to the licence management server to be exchanged for a new data token.

Abstract translation: 提供了软件许可证管理系统，其中使用软件产品的许可证由数据令牌表示。 该系统具有用于控制在用户设备处使用软件产品的软件控制器，以及用于经由数据通信网络与软件控制器进行通信的许可证管理服务器。 软件控制器允许基本上仅在与由许可证管理服务器提供给软件控制器的当前数据令牌相关联的使用期间内在用户设备处使用软件产品。 交换令牌可以在必要时提供给另一个类似的软件控制器来传送许可证，例如 发生故障时。 软件控制器适于将当前数据令牌或交换令牌提供给许可证管理服务器，以交换新的数据令牌。

公开(公告)号：US07302569B2

公开(公告)日：2007-11-27

申请号：US10643798

申请日：2003-08-19

Applicant: Linda Betz ,  John C. Dayka ,  Walter B. Farrell ,  Richard H. Guski ,  Guenter Karjoth ,  Mark A. Nelson ,  Birgit M. Pfitzmann ,  Matthias Schunter ,  Michael P. Waidner

Inventor： Linda Betz ,  John C. Dayka ,  Walter B. Farrell ,  Richard H. Guski ,  Guenter Karjoth ,  Mark A. Nelson ,  Birgit M. Pfitzmann ,  Matthias Schunter ,  Michael P. Waidner

IPC: H04L29/00

CPC classification number: G06F21/629 ,  G06F21/6245 ,  G06F2221/2101 ,  G06F2221/2113 ,  G06F2221/2141 ,  G06F2221/2149

Abstract: A data access control facility is implemented by assigning personally identifying information (PII) classification labels to PII data objects, with each PII data object having one PII classification label assigned thereto. The control facility further includes at least one PII purpose serving function set (PSFS) comprising a list of application functions that read or write PII data objects. Each PII PSFS is also assigned a PII classification label. A PII data object is accessible via an application function of a PII PSFS having a PII classification label that is identical to or dominant of the PII classification label of the PII object. A user of the control facility is assigned a PII clearance set which contains a list of at least one PII classification label, which is employed in determining whether the user is entitled to access a particular function.

Abstract translation: 通过将个人识别信息（PII）分类标签分配给PII数据对象来实现数据访问控制设施，每个PII数据对象分配有一个PII分类标签。 控制设备还包括至少一个PII目的服务功能集（PSFS），其包括读或写PII数据对象的应用功能列表。 每个PII PSFS也被分配了一个PII分类标签。 PII数据对象可通过具有与PII对象的PII分类标签相同或占优势的PII分类标签的PII PSFS的应用功能来访问。 控制设备的用户被分配有PII间隙组，其包含至少一个PII分类标签的列表，该列表用于确定用户是否有权访问特定功能。

公开(公告)号：US09916147B2

公开(公告)日：2018-03-13

申请号：US12857996

申请日：2010-08-17

Applicant: Hai Huang ,  Nikolai A. Joukov ,  Birgit M. Pfitzmann

Inventor： Hai Huang ,  Nikolai A. Joukov ,  Birgit M. Pfitzmann

IPC: G06Q10/00 ,  G06F9/445 ,  G06F11/36

CPC classification number: G06F8/60 ,  G06F11/3672

Abstract: Configuration information associated with software installed on a production system may be discovered. A script is automatically generated for capturing data traffic from and to the software installed on the production system using the configuration information. The script may be executed to capture data traffic of the software running on the production system. A migrated version of the software may be executed on a test system using requests extracted from the captured data traffic. The responses in the captured data traffic may be compared with responses from the migrated version of the software.

公开(公告)号：US09778953B2

公开(公告)日：2017-10-03

申请号：US12485345

申请日：2009-06-16

Applicant: Louis E. Aiken ,  John K. Baker ,  Kamal Bhattacharya ,  Robert P. Boettcher ,  Murthy V. Devarakonda ,  Nikolai A. Joukov ,  Timothy P. Kane, Sr. ,  Steve Lee ,  Matthew A. Markley ,  Birgit M. Pfitzmann ,  Michael Tacci ,  Norbert G. Vogl ,  Anthony G. D. Walker

Inventor： Louis E. Aiken ,  John K. Baker ,  Kamal Bhattacharya ,  Robert P. Boettcher ,  Murthy V. Devarakonda ,  Nikolai A. Joukov ,  Timothy P. Kane, Sr. ,  Steve Lee ,  Matthew A. Markley ,  Birgit M. Pfitzmann ,  Michael Tacci ,  Norbert G. Vogl ,  Anthony G. D. Walker

IPC: G06F9/44 ,  G06F9/50 ,  H04L29/06

CPC classification number: G06F9/50 ,  H04L63/10

Abstract: A method and system for discovering dependencies, configurations and utilizations among IT resources are disclosed. A discovery team writes a prediscovery script without requesting credentials and sends it to a system administrator (SA) who already has necessary credentials to execute the prediscovery script. Then, the SA reviews the prediscovery script and executes the prediscovery script on a target server. While or after executing the prediscovery script, the target server generates a result of an execution of the prediscovery script and provides the result to an analysis system. The analysis system analyzes and parses the result and generates a user-friendly data (e.g., graph or spreadsheet) that represents the result. Then, the analysis system provides the user-friendly data to the discovery team. The analysis system does not require credentials and does not directly communicate with the target server except receiving the result of the executed prediscovery script from the target server.

公开(公告)号：US09495649B2

公开(公告)日：2016-11-15

申请号：US13114679

申请日：2011-05-24

Applicant: Murthy Devarakonda ,  Keith C. Goodman ,  Birgit M. Pfitzmann ,  Shaya Potter

Inventor： Murthy Devarakonda ,  Keith C. Goodman ,  Birgit M. Pfitzmann ,  Shaya Potter

IPC: G06F9/455 ,  G06F9/46 ,  G06F15/173 ,  G06F15/16 ,  G06Q10/00 ,  G06F9/50

CPC classification number: G06F9/505 ,  G06F9/4856 ,  G06F9/5072 ,  G06Q10/00

Abstract: Methods and systems for evaluating compatibility of a cloud of computers to perform one or more workload tasks. One or more computing solution aspects are determined that corresponding to one or more sets of workload factors, where the workload factors characterize one or more workloads, to characterize one or more computing solutions. The workload factors are compared to the computing solution aspects in a rule-based system to exclude computing solutions that cannot satisfy the workload factors. A computing solution is selected that has aspects that accommodate all of the workload factors to find a solution that accommodates the one or more individual workloads.

Abstract translation: 评估计算机云执行一个或多个工作负载任务的兼容性的方法和系统。 确定对应于一组或多组工作负载因素的一个或多个计算方案方面，其中工作负载因素表征一个或多个工作负载以表征一个或多个计算解决方案。 将工作负载因素与基于规则的系统中的计算解决方案进行比较，以排除不能满足工作负载因素的计算解决方案。 选择具有容纳所有工作负载因素的方面以找到适应一个或多个单独工作负载的解决方案的计算解决方案。

公开(公告)号：US08533659B2

公开(公告)日：2013-09-10

申请号：US12511506

申请日：2009-07-29

Applicant: Nikolai A. Joukov ,  Birgit M. Pfitzmann ,  Marco Pistoia ,  Vasily Tarasov ,  Takaaki Tateishi ,  Norbert G. Vogl

Inventor： Nikolai A. Joukov ,  Birgit M. Pfitzmann ,  Marco Pistoia ,  Vasily Tarasov ,  Takaaki Tateishi ,  Norbert G. Vogl

IPC: G06F9/44

CPC classification number: G06F11/3692 ,  G06F8/70

Abstract: Calls to stop functions are identified in a computer program file. The stop functions are functions that interact with external resources. Parameters of the calls to the stop functions that are references to the external resources are identified. An analysis is performed over the computer program file to find out possible values of the parameters of the calls.

公开(公告)号：US08255972B2

公开(公告)日：2012-08-28

申请号：US12134933

申请日：2008-06-06

Applicant: Alain C. Azagury ,  Murthy V. Devarakonda ,  Nikolai Joukov ,  Manoj Kumar ,  Konstantinos Magoutis ,  Birgit M. Pfitzmann ,  Norbert G. Vogl

Inventor： Alain C. Azagury ,  Murthy V. Devarakonda ,  Nikolai Joukov ,  Manoj Kumar ,  Konstantinos Magoutis ,  Birgit M. Pfitzmann ,  Norbert G. Vogl

IPC: G06F17/00

CPC classification number: G06F21/604 ,  G06F2221/2101

Abstract: A method, system, computer program product, and computer program storage device for transforming a high-level policy associated with a high layer to a low-level policy associated with a low layer. Mapping between high-level objects in a high layer and low-level objects in a low layer is derived by an automated discovery tool. The high-level policy is mapped to the low-level policy according to the mapping (e.g., by substituting the high-level objects with the low-level objects and by performing a syntax transformation). In one embodiment, a low-level policy is transformed to a high-level policy according to the mapping. As exemplary embodiments, policy transformations in traffic shaping and data retention are disclosed.

Abstract translation: 一种用于将与高层相关联的高级策略变换为与低层相关联的低级策略的方法，系统，计算机程序产品和计算机程序存储设备。 高层的高层对象与低层对象之间的映射是通过自动发现工具得出的。 高级策略根据映射映射到低级策略（例如，通过用低级对象替换高级对象，并通过执行语法转换）。 在一个实施例中，根据映射将低级策略转换为高级策略。 作为示例性实施例，公开了流量整形和数据保持中的策略转换。

公开(公告)号：US20120047492A1

公开(公告)日：2012-02-23

申请号：US12857996

申请日：2010-08-17

Applicant: Hai Huang ,  Nikolai A. Joukov ,  Birgit M. Pfitzmann

Inventor： Hai Huang ,  Nikolai A. Joukov ,  Birgit M. Pfitzmann

IPC: G06F9/44

CPC classification number: G06F8/60 ,  G06F11/3672

Abstract: Configuration information associated with software installed on a production system may be discovered. A script is automatically generated for capturing data traffic from and to the software installed on the production system using the configuration information. The script may be executed to capture data traffic of the software running on the production system. A migrated version of the software may be executed on a test system using requests extracted from the captured data traffic. The responses in the captured data traffic may be compared with responses from the migrated version of the software.

Abstract translation: 可能会发现与安装在生产系统上的软件相关联的配置信息。 自动生成脚本，用于使用配置信息从生产系统上安装的软件捕获数据流量。 可以执行脚本来捕获在生产系统上运行的软件的数据流量。 软件的迁移版本可以使用从捕获的数据流量提取的请求在测试系统上执行。 捕获的数据流量中的响应可以与来自软件的迁移版本的响应进行比较。

公开(公告)号：US07617393B2

公开(公告)日：2009-11-10

申请号：US11764487

申请日：2007-06-18

Applicant: Linda Betz ,  John C. Dayka ,  Walter B. Farrell ,  Richard H. Guski ,  Guenter Karjoth ,  Mark A. Nelson ,  Birgit M. Pfitzmann ,  Michael P. Waidner ,  Matthias Schunter

Inventor： Linda Betz ,  John C. Dayka ,  Walter B. Farrell ,  Richard H. Guski ,  Guenter Karjoth ,  Mark A. Nelson ,  Birgit M. Pfitzmann ,  Michael P. Waidner ,  Matthias Schunter

IPC: H04L29/00

CPC classification number: G06F21/629 ,  G06F21/6245 ,  G06F2221/2101 ,  G06F2221/2113 ,  G06F2221/2141 ,  G06F2221/2149

Abstract: A data access control facility is implemented by assigning personally identifying information (PII) classification labels to PII data objects, with each PII data object having one PII classification label assigned thereto. The control facility further includes at least one PII purpose serving function set (PSFS) comprising a list of application functions that read or write PII data objects. Each PII PSFS is also assigned a PII classification label. A PII data object is accessible via an application function of a PII PSFS having a PII classification label that is identical to or dominant of the PII classification label of the PII object. A user of the control facility is assigned a PII clearance set which contains a list of at least one PII classification label, which is employed in determining whether the user is entitled to access a particular function.

Abstract translation: 通过将个人识别信息（PII）分类标签分配给PII数据对象来实现数据访问控制设施，每个PII数据对象分配有一个PII分类标签。 控制设备还包括至少一个PII目的服务功能集（PSFS），其包括读或写PII数据对象的应用功能列表。 每个PII PSFS也被分配了一个PII分类标签。 PII数据对象可通过具有与PII对象的PII分类标签相同或占优势的PII分类标签的PII PSFS的应用功能来访问。 控制设备的用户被分配有PII间隙组，其包含至少一个PII分类标签的列表，该列表用于确定用户是否有权访问特定功能。