Preventing Password Cracking and Acceptance of Cracked Passwords

    公开(公告)号:US20240267209A1

    公开(公告)日:2024-08-08

    申请号:US18107086

    申请日:2023-02-08

    CPC classification number: H04L9/0863 H04L9/3242

    Abstract: Mechanisms are provided for salted password protection of computing resources. An entity identifier and password for authenticating an entity to access a protected computing resource are received. A salt value is generated as a random value that is combined with the password to generate a salted password. A hash value is generated based on a hash function and the salted password as an input to the hash function. Based on the password, an encryption key is generated for encrypting the salt value. The salt value is encrypted based on the encryption key and an encryption algorithm to generate an encrypted salt value. The entity identifier, hash value, and encrypted salt value are stored in a secured database for later retrieval to validate subsequent access requests specifying the entity identifier.

    Dynamically selecting an identity provider for a single sign-on request
    14.
    发明授权
    Dynamically selecting an identity provider for a single sign-on request 有权
    动态选择身份提供者进行单一登录请求

    公开(公告)号:US09276869B2

    公开(公告)日:2016-03-01

    申请号:US13732727

    申请日:2013-01-02

    CPC classification number: H04L47/70 H04L63/0815 H04L67/02 H04L67/327

    Abstract: An identity provider (IdP) discovery service operative at a service provider (SP) is described. In operation, and as valid requests are received by the SP via normal IdP-initiated flows, the SP builds-up knowledge about the relationship between the IdP (that redirected the request) and the initiator of the request. The IdP instance typically is inferred from an HTTP referrer field, and information about the initiator may be ascertained from client-specific information, such as client system IP address, client DNS domain, a domain of a user e-mail address, a target URL for the incoming request, or the value associated with a particular HTTP header field. This knowledge is maintained in one or more mapping table(s) that associate request attributes-to-IdP instance data. The mappings are then used to facilitate IdP discovery for a new incoming request to the SP that has been determined to originate from other than an IdP.

    Abstract translation: 描述在服务提供商(SP)处操作的身份提供商(IdP)发现服务。 在操作中,SP通过正常的IdP发起的流程接收到有效请求,SP建立了关于IdP(重定向请求)与请求发起者之间的关系的知识。 IdP实例通常是从HTTP引用者字段推断的,并且可以从客户端特定信息(例如客户端系统IP地址,客户端DNS域,用户电子邮件地址的域,目标URL)中确定关于发起者的信息 对于传入请求,或与特定HTTP头字段相关联的值。 该知识被维护在将请求属性与IdP实例数据相关联的一个或多个映射表中。 然后,使用映射来促进对已经被确定源于除IdP之外的SP的新的传入请求的IdP发现。

    BIDIRECTIONAL INTEGRATION OF INFORMATION BETWEEN A MICROBLOG AND A DATA REPOSITORY
    16.
    发明申请
    BIDIRECTIONAL INTEGRATION OF INFORMATION BETWEEN A MICROBLOG AND A DATA REPOSITORY 有权
    MICROBLOG和数据报告之间的双向信息整合

    公开(公告)号:US20150293987A1

    公开(公告)日:2015-10-15

    申请号:US14251357

    申请日:2014-04-11

    CPC classification number: G06F17/30598 G06F17/30073 G06F17/30705

    Abstract: Arrangements described herein relate to collaborative environments and, more particularly, to use of a microblog to enhance communication in an organization. The present arrangements can include receiving from a first user a first microblog entry into a microblog, identifying at least one keyword associated with the first microblog entry, and assigning to the at least one keyword a tag creating an association between the at least one keyword and at least one data repository. The arrangements further can include establishing bidirectional integration between the microblog and the at least one data repository of information related to the tag creating the association between the at least one keyword and the at least one data repository.

    Abstract translation: 这里描述的安排涉及协作环境,更具体地,涉及使用微博来增强组织中的通信。 目前的布置可以包括从第一用户接收第一微博条目到微博中,识别与第一微博条目相关联的至少一个关键字,以及向至少一个关键字分配标签,该标签创建至少一个关键字与 至少一个数据存储库。 所述安排还可以包括在所述微博和所述至少一个数据存储库之间建立与所述标签相关的信息之间的双向集成,从而创建所述至少一个关键字与所述至少一个数据存储库之间的关联。

    Attack Protection Against XML Encryption Vulnerability
    17.
    发明申请
    Attack Protection Against XML Encryption Vulnerability 审中-公开
    攻击防范XML加密漏洞

    公开(公告)号:US20140165194A1

    公开(公告)日:2014-06-12

    申请号:US13706691

    申请日:2012-12-06

    CPC classification number: H04L63/1441

    Abstract: Protection against an attack which exploits an eXtensible Markup Language (XML) Encryption vulnerability includes receiving a ciphertext request utilizing an EncryptedKey element and detecting either a failure to decrypt the cipher value in the EncryptedData element or a failure to parse the resulting decrypted XML. Upon detecting the failure, a count of failures associated with the EncryptedKey element is incremented, and when the count exceeds a threshold number of failures, subsequent usage of the EncryptedKey element and delivery of the request to an application service are prevented. Optionally, a rejection message is returned to the requester.

    Abstract translation: 利用可扩展标记语言(XML)加密漏洞的攻击防范包括使用EncryptedKey元素接收密文请求,并检测到EncryptedData元素中的密码解密失败或解析生成的解密XML的失败。 在检测到故障时,增加与EncryptedKey元素相关联的故障计数,并且当计数超过阈值数量的故障时,防止EncryptedKey元素的后续使用和向应用服务发送请求。 可选地,拒绝消息被返回给请求者。

Patent Agency Ranking