-
公开(公告)号:US20110247055A1
公开(公告)日:2011-10-06
申请号:US13162834
申请日:2011-06-17
IPC分类号: H04L9/32
CPC分类号: G06F21/31 , G06F21/32 , G06F21/34 , H04L9/3234 , H04L9/3263 , H04L63/0823 , H04L63/0876 , H04L63/105 , H04L2209/56
摘要: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.
摘要翻译: 认证系统将设备凭据验证与用户凭证验证相结合,提供了更加强大的身份验证机制,方便用户,跨企业边界有效。 在一个实现中,组合用户凭证验证和设备凭证验证以提供方便的双因素认证。 以这种方式,帐户权限服务或其他认证提供者验证两个因素并根据用户打算访问的帐户网络资源的安全策略提供安全令牌。 目标帐户网络资源授予的权限级别可以根据帐户权限服务验证的因素的数量和类型而有所不同。
-
公开(公告)号:US20090300720A1
公开(公告)日:2009-12-03
申请号:US12130555
申请日:2008-05-30
申请人: Wei-Qiang Michael Guo , Vaishali De , Rui Chen , Geoffrey John Hulten , Lin Huang , Vikas Rajvanshy
发明人: Wei-Qiang Michael Guo , Vaishali De , Rui Chen , Geoffrey John Hulten , Lin Huang , Vikas Rajvanshy
IPC分类号: G06F21/00
CPC分类号: H04L63/102 , G06Q10/107 , H04L51/12 , H04L67/306
摘要: A centralized account reputation system differentiates between illegitimate users and legitimate users using reputation scores associated with the users' online accounts. The system restricts the access of illegitimate users to certain network services while minimizing its negative effects on legitimate users. The system can manage the life cycle of an online account, considering data about the account that is obtained throughout the account network to compute the online account reputation score and allocating access to network services based on the online account reputation score. For example, a reputation score may be embedded in a security token that can be accessed by multiple services on the account network, so that each service can determine the appropriate level of access to be granted to the associated user account based on the reputation score. Various types of online account behavior over time can improve or diminish the online account's reputation.
摘要翻译: 集中帐户信誉系统区分非法用户和合法用户使用与用户在线账户相关联的信誉评分。 该系统限制非法用户访问某些网络服务,同时最大限度地减少其对合法用户的负面影响。 系统可以管理在线帐户的生命周期,考虑在整个帐户网络中获得的帐户的数据,以计算在线帐户信誉分数,并根据在线帐户信誉评分分配对网络服务的访问。 例如,信誉分数可以嵌入在可由帐户网络上的多个服务访问的安全令牌中,使得每个服务可以基于信誉分数来确定被授予相关联的用户帐户的适当的访问级别。 随着时间的推移,各种类型的在线帐户行为可以改善或减少在线帐户的声誉。
-
公开(公告)号:US20090300168A1
公开(公告)日:2009-12-03
申请号:US12131140
申请日:2008-06-02
IPC分类号: G06F15/173
CPC分类号: G06F21/73 , G06F2221/2129
摘要: A device identifier (ID) is used across enterprise boundaries. A user can use the device ID to publish a device for sharing with other remote users. The remote users can discover devices that are shared by other users based on device IDs, connect to a selected device, and then verify that they have connected to the correct device based on its device ID. An account authority service may be used to manage the publication and/or discovery of the shared devices and their device IDs.
摘要翻译: 跨企业边界使用设备标识符(ID)。 用户可以使用设备ID发布设备以与其他远程用户共享。 远程用户可以基于设备ID发现其他用户共享的设备,连接到所选设备,然后根据设备ID验证是否连接到正确的设备。 可以使用帐户权限服务来管理共享设备及其设备ID的发布和/或发现。
-
公开(公告)号:US08626897B2
公开(公告)日:2014-01-07
申请号:US12463497
申请日:2009-05-11
IPC分类号: G06F15/173
CPC分类号: G06F11/3442 , G06F11/3495 , G06F2201/87 , G06F2201/875 , G06F2201/88 , H04L43/0817 , H04L67/1002
摘要: Techniques and systems are disclosed that can measure capacity of a server farm, and project capacity needs based on traffic and resources. Server farm system information is collected for managing the server farm by identifying a list of servers in the server farm. Performance metrics are collected from identified servers and stored in a collection database. The stored performance metrics are analyzed in accordance with a server farm management request.
摘要翻译: 公开了可以测量服务器场的容量和基于流量和资源的项目容量需求的技术和系统。 收集服务器场系统信息以通过标识服务器场中的服务器列表来管理服务器场。 性能指标从标识的服务器收集并存储在收集数据库中。 根据服务器场管理请求分析存储的性能指标。
-
公开(公告)号:US20090300744A1
公开(公告)日:2009-12-03
申请号:US12131142
申请日:2008-06-02
IPC分类号: H04L9/32
CPC分类号: G06F21/31 , G06F21/32 , G06F21/34 , H04L9/3234 , H04L9/3263 , H04L63/0823 , H04L63/0876 , H04L63/105 , H04L2209/56
摘要: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.
摘要翻译: 认证系统将设备凭据验证与用户凭证验证相结合,提供了更加强大的身份验证机制,方便用户,跨企业边界有效。 在一个实现中,组合用户凭证验证和设备凭证验证以提供方便的双因素认证。 以这种方式,帐户权限服务或其他认证提供者验证两个因素并根据用户打算访问的帐户网络资源的安全策略提供安全令牌。 目标帐户网络资源授予的权限级别可以根据帐户权限服务验证的因素的数量和类型而有所不同。
-
公开(公告)号:US20100299716A1
公开(公告)日:2010-11-25
申请号:US12470656
申请日:2009-05-22
申请人: Yordan I. Rouskov , Wei-Qiang Michael Guo , Orville Charles McDonald , Ramu Movva , Kyle Stapley Young , Kok Wai Chau
发明人: Yordan I. Rouskov , Wei-Qiang Michael Guo , Orville Charles McDonald , Ramu Movva , Kyle Stapley Young , Kok Wai Chau
CPC分类号: H04L9/3234 , G06F21/42 , H04L9/3228 , H04L9/3271 , H04L63/105 , H04L63/205 , H04L2209/80 , H04L2463/082 , H04W12/06
摘要: Authentication is widely used to protect consumer data and computing services, such as email, document storage, and online banking. Current authentication models, such as those employed by online identity providers, may have limited options and configurations for authentication schemes. Accordingly, as provided herein, a model based authentication scheme may be configured based upon a policy and/or an authentication mechanism list. The policy may define the target resource, a user, a group the user belongs to, devices used to connect to the target resource, a service owning the target resource, etc. The authentication mechanism list may comprise predefined authentication mechanisms and/or user plug-in authentication mechanisms (e.g., user created authentication mechanism). Once the authentication scheme is configured, it may be enforced upon authentication requests from a user. Feedback may be provided to the user based upon patterns of usage of the target resource.
摘要翻译: 认证广泛用于保护消费者数据和计算服务,如电子邮件,文档存储和网络银行。 当前的身份验证模型,例如在线身份提供者使用的身份验证模型,可能具有有限的认证方案选项和配置。 因此,如本文所提供的,基于模型的认证方案可以基于策略和/或认证机制列表来配置。 策略可以定义目标资源,用户,用户所属的组,用于连接到目标资源的设备,拥有目标资源的服务等。认证机制列表可以包括预定义的认证机制和/或用户插件 - 认证机制(例如,用户创建的认证机制)。 一旦认证方案被配置,它可以在来自用户的认证请求时被执行。 可以基于目标资源的使用模式向用户提供反馈。
-
公开(公告)号:US20100088753A1
公开(公告)日:2010-04-08
申请号:US12245580
申请日:2008-10-03
CPC分类号: G06F21/41
摘要: An identity and authentication platform utilizes a data model that enables multiple identities such as e-mail addresses, mobile phone numbers, nicknames, gaming IDs, and other user IDs to be utilized as aliases which are unique sub-identities of a main account name. A user may utilize the aliases supported by the platform to project multiple different on-line identities while using the authentication credentials of the main account. The platform is configured to expose the aliases to various client applications and Internet-accessible sites and services such as e-mail, instant messaging, media sharing, gaming and social networks, and the like, to enable the implementation of a variety of usage scenarios that employ aliases.
摘要翻译: 身份和认证平台利用数据模型,其使诸如电子邮件地址,移动电话号码,昵称,游戏ID和其他用户ID的多个身份被用作作为主帐户名称的唯一子身份的别名。 当使用主帐户的认证凭证时,用户可以使用平台支持的别名来投影多个不同的在线身份。 该平台被配置为将别名暴露给各种客户端应用程序和互联网可访问的站点和服务,例如电子邮件,即时消息,媒体共享,游戏和社交网络等,以实现各种使用场景 使用别名。
-
公开(公告)号:US09544147B2
公开(公告)日:2017-01-10
申请号:US12470656
申请日:2009-05-22
申请人: Yordan I. Rouskov , Wei-Qiang Michael Guo , Orville Charles McDonald , Ramu Movva , Kyle Stapley Young , Kok Wai Chan
发明人: Yordan I. Rouskov , Wei-Qiang Michael Guo , Orville Charles McDonald , Ramu Movva , Kyle Stapley Young , Kok Wai Chan
CPC分类号: H04L9/3234 , G06F21/42 , H04L9/3228 , H04L9/3271 , H04L63/105 , H04L63/205 , H04L2209/80 , H04L2463/082 , H04W12/06
摘要: Authentication is widely used to protect consumer data and computing services, such as email, document storage, and online banking. Current authentication models, such as those employed by online identity providers, may have limited options and configurations for authentication schemes. Accordingly, as provided herein, a model based authentication scheme may be configured based upon a policy and/or an authentication mechanism list. The policy may define the target resource, a user, a group the user belongs to, devices used to connect to the target resource, a service owning the target resource, etc. The authentication mechanism list may comprise predefined authentication mechanisms and/or user plug-in authentication mechanisms (e.g., user created authentication mechanism). Once the authentication scheme is configured, it may be enforced upon authentication requests from a user. Feedback may be provided to the user based upon patterns of usage of the target resource.
摘要翻译: 认证广泛用于保护消费者数据和计算服务,如电子邮件,文档存储和网络银行。 当前的身份验证模型,例如在线身份提供者使用的身份验证模型,可能具有有限的认证方案选项和配置。 因此,如本文所提供的,基于模型的认证方案可以基于策略和/或认证机制列表来配置。 策略可以定义目标资源,用户,用户所属的组,用于连接到目标资源的设备,拥有目标资源的服务等。认证机制列表可以包括预定义的认证机制和/或用户插件 - 认证机制(例如,用户创建的认证机制)。 一旦认证方案被配置,它可以在来自用户的认证请求时被执行。 可以基于目标资源的使用模式向用户提供反馈。
-
公开(公告)号:US08800003B2
公开(公告)日:2014-08-05
申请号:US13162834
申请日:2011-06-17
CPC分类号: G06F21/31 , G06F21/32 , G06F21/34 , H04L9/3234 , H04L9/3263 , H04L63/0823 , H04L63/0876 , H04L63/105 , H04L2209/56
摘要: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.
摘要翻译: 认证系统将设备凭据验证与用户凭证验证相结合,提供了更加强大的身份验证机制,方便用户,跨企业边界有效。 在一个实现中,组合用户凭证验证和设备凭据验证以提供方便的双因素认证。 以这种方式,帐户权限服务或其他认证提供者验证两个因素并根据用户打算访问的帐户网络资源的安全策略提供安全令牌。 目标帐户网络资源授予的权限级别可以根据帐户权限服务验证的因素的数量和类型而有所不同。
-
公开(公告)号:US07979899B2
公开(公告)日:2011-07-12
申请号:US12131142
申请日:2008-06-02
CPC分类号: G06F21/31 , G06F21/32 , G06F21/34 , H04L9/3234 , H04L9/3263 , H04L63/0823 , H04L63/0876 , H04L63/105 , H04L2209/56
摘要: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.
摘要翻译: 认证系统将设备凭据验证与用户凭证验证相结合,提供了更加强大的身份验证机制,方便用户,跨企业边界有效。 在一个实现中,组合用户凭证验证和设备凭证验证以提供方便的双因素认证。 以这种方式,帐户权限服务或其他认证提供者验证两个因素并根据用户打算访问的帐户网络资源的安全策略提供安全令牌。 目标帐户网络资源授予的权限级别可以根据帐户权限服务验证的因素的数量和类型而有所不同。
-
-
-
-
-
-
-
-
-