公开(公告)号：US20080235805A1

公开(公告)日：2008-09-25

申请号：US10597664

申请日：2005-01-28

Applicant: Birgit M. Pfitzmann ,  Michael P. Waidner

Inventor： Birgit M. Pfitzmann ,  Michael P. Waidner

IPC: G06F1/00

CPC classification number: G06F21/10 ,  G06F21/105 ,  G06F2221/0773 ,  G06F2221/2137

Abstract: Software licence management systems are provided in which a licence to use a software product is represented by a data token. The systems have a software controller for controlling use of the software product at a user device, and a licence management server for communicating with the software controller via a data communications network. The software controller allows use of the software product at the user device substantially only during a use period associated with a current data token supplied to the software controller by the licence management server. An exchange token can be supplied to another, similar software controller when necessary to transfer the licence, e.g. in the event of a breakdown. The software controller is adapted to supply either the current data token, or the exchange token, to the licence management server to be exchanged for a new data token.

Abstract translation: 提供了软件许可证管理系统，其中使用软件产品的许可证由数据令牌表示。 该系统具有用于控制在用户设备处使用软件产品的软件控制器，以及用于经由数据通信网络与软件控制器进行通信的许可证管理服务器。 软件控制器允许基本上仅在与由许可证管理服务器提供给软件控制器的当前数据令牌相关联的使用期间内在用户设备处使用软件产品。 交换令牌可以在必要时提供给另一个类似的软件控制器来传送许可证，例如 发生故障时。 软件控制器适于将当前数据令牌或交换令牌提供给许可证管理服务器，以交换新的数据令牌。

公开(公告)号：US07302569B2

公开(公告)日：2007-11-27

申请号：US10643798

申请日：2003-08-19

Applicant: Linda Betz ,  John C. Dayka ,  Walter B. Farrell ,  Richard H. Guski ,  Guenter Karjoth ,  Mark A. Nelson ,  Birgit M. Pfitzmann ,  Matthias Schunter ,  Michael P. Waidner

Inventor： Linda Betz ,  John C. Dayka ,  Walter B. Farrell ,  Richard H. Guski ,  Guenter Karjoth ,  Mark A. Nelson ,  Birgit M. Pfitzmann ,  Matthias Schunter ,  Michael P. Waidner

IPC: H04L29/00

CPC classification number: G06F21/629 ,  G06F21/6245 ,  G06F2221/2101 ,  G06F2221/2113 ,  G06F2221/2141 ,  G06F2221/2149

Abstract: A data access control facility is implemented by assigning personally identifying information (PII) classification labels to PII data objects, with each PII data object having one PII classification label assigned thereto. The control facility further includes at least one PII purpose serving function set (PSFS) comprising a list of application functions that read or write PII data objects. Each PII PSFS is also assigned a PII classification label. A PII data object is accessible via an application function of a PII PSFS having a PII classification label that is identical to or dominant of the PII classification label of the PII object. A user of the control facility is assigned a PII clearance set which contains a list of at least one PII classification label, which is employed in determining whether the user is entitled to access a particular function.

Abstract translation: 通过将个人识别信息（PII）分类标签分配给PII数据对象来实现数据访问控制设施，每个PII数据对象分配有一个PII分类标签。 控制设备还包括至少一个PII目的服务功能集（PSFS），其包括读或写PII数据对象的应用功能列表。 每个PII PSFS也被分配了一个PII分类标签。 PII数据对象可通过具有与PII对象的PII分类标签相同或占优势的PII分类标签的PII PSFS的应用功能来访问。 控制设备的用户被分配有PII间隙组，其包含至少一个PII分类标签的列表，该列表用于确定用户是否有权访问特定功能。

公开(公告)号：US08949812B2

公开(公告)日：2015-02-03

申请号：US12871468

申请日：2010-08-30

Applicant: Nikolai A. Joukov ,  Joel P. Ossher ,  Birgit M. Pfitzmann ,  Vasily Tarasov

Inventor： Nikolai A. Joukov ,  Joel P. Ossher ,  Birgit M. Pfitzmann ,  Vasily Tarasov

IPC: G06F9/44 ,  G06F9/445

CPC classification number: G06F9/44505

Abstract: A system and method includes discovering one or more instances of external resource access by statically analyzing application code. One or more locations of constants are identified in the application code and a configuration repository that specify addresses of discovered instances of external resource access. The application code and the configuration repository are updated to change values of the constants to enable migration.

Abstract translation: 系统和方法包括通过静态分析应用代码来发现外部资源访问的一个或多个实例。 在应用程序代码中标识一个或多个常量位置，以及指定外部资源访问的已发现实例的地址的配置库。 更新应用程序代码和配置库以更改常量的值以启用迁移。

公开(公告)号：US08850423B2

公开(公告)日：2014-09-30

申请号：US12608609

申请日：2009-10-29

Applicant: Eric J. Barkie ,  James R. S. Barros, II ,  Kamal Bhattacharya ,  Karen Cheng ,  Robert Filepp ,  Kevin D. Galloway ,  Nikolai Joukov ,  Jing Luo ,  Colm V. Malone ,  Birgit M. Pfitzmann ,  Brian L. Peterson ,  Harigovind V. Ramasamy ,  Kewei Sun ,  Norbert G. Vogl ,  David L. Westerman ,  Christopher C. Young

Inventor： Eric J. Barkie ,  James R. S. Barros, II ,  Kamal Bhattacharya ,  Karen Cheng ,  Robert Filepp ,  Kevin D. Galloway ,  Nikolai Joukov ,  Jing Luo ,  Colm V. Malone ,  Birgit M. Pfitzmann ,  Brian L. Peterson ,  Harigovind V. Ramasamy ,  Kewei Sun ,  Norbert G. Vogl ,  David L. Westerman ,  Christopher C. Young

IPC: G06F9/445

CPC classification number: G06F8/63

Abstract: The present invention describes a method and system for preparing a migration and consolidation of at least one source application to be migrated to or consolidated in at least one heterogeneous server device. A computing system selects at least one prospective target platform component based on an evaluation of at least one source platform component, a requirement of the at least one source application, and a compatibility and an affinity of the at least one prospective target platform component. The computing system collects first metadata of the at least one source platform component and the at least one prospective target platform component. The computing system collects second metadata associated with the migration and consolidation. The computing system groups the first metadata and the second metadata into a RFM (Request For Migration). The computing system prepares and configures a final target platform in accordance with the RFM.

Abstract translation: 本发明描述了一种用于准备迁移和合并至少一个要迁移到或整合到至少一个异构服务器设备中的源应用程序的方法和系统。 计算系统基于至少一个源平台组件的评估，所述至少一个源应用的需求以及所述至少一个潜在目标平台组件的兼容性和亲和度来选择至少一个预期目标平台组件。 所述计算系统收集所述至少一个源平台组件和所述至少一个预期目标平台组件的第一元数据。 计算系统收集与迁移和合并相关联的第二个元数据。 计算系统将第一元数据和第二元数据分组为RFM（请求迁移）。 计算系统根据RFM准备和配置最终目标平台。

公开(公告)号：US08205266B2

公开(公告)日：2012-06-19

申请号：US10597664

申请日：2005-01-28

Applicant: Birgit M. Pfitzmann ,  Michael P. Waidner

Inventor： Birgit M. Pfitzmann ,  Michael P. Waidner

IPC: G06F21/00

CPC classification number: G06F21/10 ,  G06F21/105 ,  G06F2221/0773 ,  G06F2221/2137

Abstract: Software license management systems are provided in which a license to use a software product is represented by a data token. The systems have a software controller for controlling use of the software product at a user device, and a license management server for communicating with the software controller via a data communications network. The software controller allows use of the software product at the user device substantially only during a use period associated with a current data token supplied to the software controller by the license management server. An exchange token can be supplied to another, similar software controller when necessary to transfer the license, e.g. in the event of a breakdown. The software controller is adapted to supply either the current data token, or the exchange token, to the license management server to be exchanged for a new data token.

Abstract translation: 提供了软件许可证管理系统，其中使用软件产品的许可证由数据令牌表示。 该系统具有用于控制在用户设备处使用软件产品的软件控制器，以及用于经由数据通信网络与软件控制器进行通信的许可证管理服务器。 软件控制器允许基本上仅在与由许可证管理服务器提供给软件控制器的当前数据令牌相关联的使用期间内在用户设备上使用该软件产品。 交换令牌可以在必要时提供给另一个类似的软件控制器来传送许可证，例如 发生故障时。 软件控制器适于将当前数据令牌或交换令牌提供给许可证管理服务器，以交换新的数据令牌。

公开(公告)号：US20110107327A1

公开(公告)日：2011-05-05

申请号：US12608609

申请日：2009-10-29

Applicant: Eric J. Barkie ,  James R. S. Barros, II ,  Kamal Bhattacharya ,  Karen Cheng ,  Robert Filepp ,  Kevin D. Galloway ,  Nikolai Joukov ,  Jing Luo ,  Colm V. Malone ,  Birgit M. Pfitzmann ,  Brian L. Peterson ,  Harigovind V. Ramasamy ,  Kewei Sun ,  Norbert G. Vogl ,  David L. Westerman ,  Christopher C. Young

Inventor： Eric J. Barkie ,  James R. S. Barros, II ,  Kamal Bhattacharya ,  Karen Cheng ,  Robert Filepp ,  Kevin D. Galloway ,  Nikolai Joukov ,  Jing Luo ,  Colm V. Malone ,  Birgit M. Pfitzmann ,  Brian L. Peterson ,  Harigovind V. Ramasamy ,  Kewei Sun ,  Norbert G. Vogl ,  David L. Westerman ,  Christopher C. Young

IPC: G06F9/445 ,  G06F15/177 ,  G06F17/30

CPC classification number: G06F8/63

Abstract: The present invention describes a method and system for preparing a migration and consolidation of at least one source application to be migrated to or consolidated in at least one heterogeneous server device. A computing system selects at least one prospective target platform component based on an evaluation of at least one source platform component, a requirement of the at least one source application, and a compatibility and an affinity of the at least one prospective target platform component. The computing system collects first metadata of the at least one source platform component and the at least one prospective target platform component. The computing system collects second metadata associated with the migration and consolidation. The computing system groups the first metadata and the second metadata into a RFM (Request For Migration). The computing system prepares and configures a final target platform in accordance with the RFM.

Abstract translation: 本发明描述了一种用于准备迁移和合并至少一个要迁移到或整合到至少一个异构服务器设备中的源应用程序的方法和系统。 计算系统基于至少一个源平台组件的评估，所述至少一个源应用的需求以及所述至少一个潜在目标平台组件的兼容性和亲和度来选择至少一个预期目标平台组件。 所述计算系统收集所述至少一个源平台组件和所述至少一个预期目标平台组件的第一元数据。 计算系统收集与迁移和合并相关联的第二个元数据。 计算系统将第一元数据和第二元数据分组为RFM（请求迁移）。 计算系统根据RFM准备和配置最终目标平台。

公开(公告)号：US07836298B2

公开(公告)日：2010-11-16

申请号：US11565250

申请日：2006-11-30

Applicant: Thomas R. Gross ,  Birgit M. Pfitzmann

Inventor： Thomas R. Gross ,  Birgit M. Pfitzmann

IPC: H04L29/06

CPC classification number: H04L63/0815 ,  G06F21/41

Abstract: The invention relates to a method for providing an identity-related information (IRI) to a requesting entity (50) by means of an identity provider (40). The invention comprises: a first authenticity reference part generation step (IVa), comprising the generation of a first authenticity reference part (art 1) by the identity provider (40); a first authenticity reference communication step (IVb, IVd) between the client application (30) and the identity provider (40) comprising the communication of the first authenticity reference part (art 1); a second authenticity reference part generation step (VI), comprising the generation of a second authenticity reference part (art 2) by the identity provider (40); a second authenticity reference communication step (VIII, IX) between the identity provider (40) and the requesting entity (50) by means of the first communication protocol comprising the communication of the second authenticity reference part (art 2) and in the referrer element the communication of the first authenticity reference part (art 1).

Abstract translation: 本发明涉及一种通过身份提供者（40）向请求实体（50）提供身份相关信息（IRI）的方法。 本发明包括：第一真实性参考部分生成步骤（IVa），包括由身份提供者（40）生成第一真实性参考部分（艺术1）; 在客户端应用程序（30）和身份提供者（40）之间的第一真实性参考通信步骤（IVb，IVd）包括第一真实性参考部分（第1条）的通信; 第二真伪参考部分生成步骤（VI），包括由身份提供商（40）生成第二真实性参考部分（艺术2）; 通过包括第二真实性参考部分（技术2）的通信的第一通信协议和参照元素中的身份提供者（40）和请求实体（50）之间的第二真实性参考通信步骤（VIII，IX） 第一真实性参考部分的通信（第1条）。

公开(公告)号：US07571237B2

公开(公告)日：2009-08-04

申请号：US11333178

申请日：2006-01-17

Applicant: Birgit M. Pfitzmann

Inventor： Birgit M. Pfitzmann

IPC: G06F15/16

CPC classification number: G06F21/6209

Abstract: Provides methods, apparatus and systems for determining an applicable policy for an incoming message having a service-level addressing element. A method includes the following steps: a) applying a potentially applicable policy (P1) on the incoming message to make the service-level addressing element of the incoming message visible, b) if the service-level addressing element of the incoming message gets visible and is the one to which the currently applied policy (P1) is associated, the currently applied policy (P1) is determined to be the applicable policy, and if not associated c) repeating steps a) and b) with a further potentially applicable policy (P2 . . . Pn).

Abstract translation: 提供用于确定具有服务级别寻址元素的输入消息的适用策略的方法，装置和系统。 一种方法包括以下步骤：a）对传入消息应用可能适用的策略（P1），使得传入消息的服务级寻址元素可见，b）如果传入消息的服务级寻址元素可见 并且是当前应用策略（P1）所关联的策略（P1）的当前应用策略（P1）被确定为适用策略，如果不是相关联的c）重复步骤a）和b）具有进一步潜在适用的策略 （P2 ... Pn）。

公开(公告)号：US09916147B2

公开(公告)日：2018-03-13

申请号：US12857996

申请日：2010-08-17

Applicant: Hai Huang ,  Nikolai A. Joukov ,  Birgit M. Pfitzmann

Inventor： Hai Huang ,  Nikolai A. Joukov ,  Birgit M. Pfitzmann

IPC: G06Q10/00 ,  G06F9/445 ,  G06F11/36

CPC classification number: G06F8/60 ,  G06F11/3672

Abstract: Configuration information associated with software installed on a production system may be discovered. A script is automatically generated for capturing data traffic from and to the software installed on the production system using the configuration information. The script may be executed to capture data traffic of the software running on the production system. A migrated version of the software may be executed on a test system using requests extracted from the captured data traffic. The responses in the captured data traffic may be compared with responses from the migrated version of the software.

公开(公告)号：US09778953B2

公开(公告)日：2017-10-03

申请号：US12485345

申请日：2009-06-16

Applicant: Louis E. Aiken ,  John K. Baker ,  Kamal Bhattacharya ,  Robert P. Boettcher ,  Murthy V. Devarakonda ,  Nikolai A. Joukov ,  Timothy P. Kane, Sr. ,  Steve Lee ,  Matthew A. Markley ,  Birgit M. Pfitzmann ,  Michael Tacci ,  Norbert G. Vogl ,  Anthony G. D. Walker

Inventor： Louis E. Aiken ,  John K. Baker ,  Kamal Bhattacharya ,  Robert P. Boettcher ,  Murthy V. Devarakonda ,  Nikolai A. Joukov ,  Timothy P. Kane, Sr. ,  Steve Lee ,  Matthew A. Markley ,  Birgit M. Pfitzmann ,  Michael Tacci ,  Norbert G. Vogl ,  Anthony G. D. Walker

IPC: G06F9/44 ,  G06F9/50 ,  H04L29/06

CPC classification number: G06F9/50 ,  H04L63/10

Abstract: A method and system for discovering dependencies, configurations and utilizations among IT resources are disclosed. A discovery team writes a prediscovery script without requesting credentials and sends it to a system administrator (SA) who already has necessary credentials to execute the prediscovery script. Then, the SA reviews the prediscovery script and executes the prediscovery script on a target server. While or after executing the prediscovery script, the target server generates a result of an execution of the prediscovery script and provides the result to an analysis system. The analysis system analyzes and parses the result and generates a user-friendly data (e.g., graph or spreadsheet) that represents the result. Then, the analysis system provides the user-friendly data to the discovery team. The analysis system does not require credentials and does not directly communicate with the target server except receiving the result of the executed prediscovery script from the target server.