-
1.发明申请System and method for abstracting state transitions without requiring client knowledge 有权用于抽象状态转换而不需要客户知识的系统和方法公开(公告)号:US20050246315A1
公开(公告)日:2005-11-03
申请号:US11174243
申请日:2005-07-01
申请人: Tanmoy Dutta , Jeremy Mazner
发明人: Tanmoy Dutta , Jeremy Mazner
IPC分类号: G06F7/00 , G06F15/163 , G06F17/30
CPC分类号: G06F17/30011
摘要: A system and method employ a client-server architecture that abstracts from the client the states of objects and transitions between the states. As a result, the server maintains objects, along with associated states, and state transitions that are provided to clients on demand. The client is only provided with a set of valid transitions between states that are based on the current state of the object and valid transitions out of that state. The states may be additionally filtered based on the permissions granted to the client. In this way, the client is relieved of prior knowledge of valid object states and state transitions. Hence, in a document management system, for example, new states and transitions for objects may be added at the server and propagated through to the clients.
摘要翻译: 系统和方法采用客户机 - 服务器体系结构,从客户端抽象出状态之间的对象状态和转换状态。 因此,服务器根据需要维护对象以及相关联的状态以及提供给客户端的状态转换。 客户端只能在基于对象的当前状态的状态之间提供一组有效的转换,并从该状态进行有效转换。 可以根据授予客户端的权限额外过滤状态。 以这种方式,客户端可以减轻对有效对象状态和状态转换的先验知识。 因此,在文档管理系统中,例如,可以在服务器处添加对象的新状态和转换,并将其传播到客户端。
-
2.发明授权System and method for abstracting state transitions without requiring client knowledge 有权用于抽象状态转换而不需要客户知识的系统和方法公开(公告)号:US07793300B2
公开(公告)日:2010-09-07
申请号:US11174243
申请日:2005-07-01
申请人: Tanmoy Dutta , Jeremy Mazner
发明人: Tanmoy Dutta , Jeremy Mazner
CPC分类号: G06F17/30011
摘要: A system and method employ a client-server architecture that abstracts from the client the states of objects and transitions between the states. As a result, the server maintains objects, along with associated states, and state transitions that are provided to clients on demand. The client is only provided with a set of valid transitions between states that are based on the current state of the object and valid transitions out of that state. The states may be additionally filtered based on the permissions granted to the client. In this way, the client is relieved of prior knowledge of valid object states and state transitions. Hence, in a document management system, for example, new states and transitions for objects may be added at the server and propagated through to the clients.
摘要翻译: 系统和方法采用客户机 - 服务器体系结构,从客户端抽象出状态之间的对象状态和转换状态。 因此,服务器根据需要维护对象以及相关联的状态以及提供给客户端的状态转换。 客户端只能在基于对象的当前状态的状态之间提供一组有效的转换,并从该状态进行有效转换。 可以根据授予客户端的权限额外过滤状态。 以这种方式,客户端可以减轻对有效对象状态和状态转换的先验知识。 因此,在文档管理系统中,例如,可以在服务器处添加对象的新状态和转换,并将其传播到客户端。
-
3.发明授权Method for abstract state transitions without requiring state machine knowledge 失效抽象状态转换的方法,不需要状态机知识公开(公告)号:US06976259B1
公开(公告)日:2005-12-13
申请号:US09677443
申请日:2000-09-29
申请人: Tanmoy Dutta , Jeremy Mazner
发明人: Tanmoy Dutta , Jeremy Mazner
IPC分类号: G06F7/00 , G06F15/163 , G06F17/30
CPC分类号: G06F17/30011
摘要: A system and method employ a client-server architecture that abstracts from the client the states of objects and transitions between the states. As a result, the server maintains objects, along with associated states, and state transitions that are provided to clients on demand. The client is only provided with a set of valid transitions between states that are based on the current state of the object and valid transitions out of that state. The states may be additionally filtered based on the permissions granted to the client. In this way, the client is relieved of prior knowledge of valid object states and state transitions. Hence, in a document management system, for example, new states and transitions for objects may be added at the server and propagated through to the clients.
摘要翻译: 系统和方法采用客户机 - 服务器体系结构,从客户端抽象出状态之间的对象状态和转换状态。 因此,服务器根据需要维护对象以及相关联的状态以及提供给客户端的状态转换。 客户端只能在基于对象的当前状态的状态之间提供一组有效的转换,并从该状态进行有效转换。 可以根据授予客户端的权限额外过滤状态。 以这种方式,客户端可以减轻对有效对象状态和状态转换的先验知识。 因此,在文档管理系统中,例如,可以在服务器处添加对象的新状态和转换,并将其传播到客户端。
-
公开(公告)号:US08683549B2
公开(公告)日:2014-03-25
申请号:US11690685
申请日:2007-03-23
IPC分类号: H04L29/06
摘要: A computer related security mechanism requires that a human participate in an access verification sequence. Upon a request to access secure data, a puzzle is provided to the requester. Proper solution of the puzzle requires human participation. The puzzle is chosen such that its solution is within the capabilities of a human, but beyond the current state of the art for computer systems. The puzzled can be visually and/or audibly rendered to the user. In one configuration, the puzzle is obtained via a library of pluggable puzzle generators. Puzzle generators in the library can be replaced as the state of the art of computing technology improves.
摘要翻译: 计算机相关的安全机制要求人们参与访问验证序列。 在请求访问安全数据时,向请求者提供了一个难题。 拼图的正确解决需要人类参与。 这个难题被选中,使得它的解决方案在人类的能力范围之内,但超越了现有的计算机系统的现状。 困惑的可以视觉和/或听觉地呈现给用户。 在一个配置中,拼图通过可插拔拼图发生器库获得。 随着计算技术的先进水平的提高,图书馆中的拼图发生器可以被替代。
-
公开(公告)号:US08555069B2
公开(公告)日:2013-10-08
申请号:US12399615
申请日:2009-03-06
IPC分类号: H04L29/06
CPC分类号: H04L9/3271 , H04L9/3234 , H04L63/0428 , H04W12/06
摘要: Modern network communications often require a client application requesting data to authenticate itself to an application providing the data. Such authentication requests can be redundant, especially in the case of stateless network protocols. When a full authentication is performed, a conversation identifier and one or more encryption keys can be agreed upon. Subsequent authentication requests can be answered with a fast reconnect token comprising the conversation identifier and a cryptographically signed version of it using the one or more encryption keys. Should additional security be desirable, a sequence number can be established and incremented in a pre-determined or a random manner to enable detection of replayed fast reconnect tokens. If the recipient can verify the fast reconnect token, the provider can be considered to have been authenticated based on the prior authentication. If an aspect of the fast re-authentication should fail, recourse can be had to the original full authentication process.
摘要翻译: 现代网络通信通常需要客户端应用程序请求数据对提供数据的应用程序进行身份验证。 这种认证请求可以是冗余的,特别是在无状态网络协议的情况下。 当执行完整认证时,可以同意会话标识符和一个或多个加密密钥。 随后的认证请求可以用包括会话标识符的快速重新连接令牌和使用该一个或多个加密密钥的加密签名版本来应答。 如果需要额外的安全性,则可以以预定或随机的方式建立和递增序列号,以便能够检测重放的快速重新连接令牌。 如果收件人可以验证快速重新连接令牌,则可以认为提供商已经根据先前的身份验证进行了身份验证。 如果快速重新认证的一个方面应该失败,则可能需要对原始的完整身份验证过程进行追索。
-
公开(公告)号:US08281368B2
公开(公告)日:2012-10-02
申请号:US12038815
申请日:2008-02-28
CPC分类号: G06F21/556
摘要: A secure (e.g., HTTPS) connection is established between a client and a server. Communication over the connection may utilize an application (e.g., a Web browser) that is not part of the client's trusted computing base. A password is sent from the client to the server over the connection such that the clear text password is unavailable to the application. For example, the password can be encrypted and inserted directly into the HTTPS stream from the client's trusted computing base.
摘要翻译: 在客户端和服务器之间建立安全(例如HTTPS)连接。 通过连接的通信可以利用不是客户机的可信计算基础的一部分的应用(例如,Web浏览器)。 密码通过连接从客户端发送到服务器,使得明文密码对应用程序不可用。 例如,密码可以被加密并直接从客户端的可信计算基础插入到HTTPS流中。
-
公开(公告)号:US20120216240A1
公开(公告)日:2012-08-23
申请号:US13029616
申请日:2011-02-17
申请人: Ramakanthachary Gottumukkala , Vijay Kurup , Srinivasan Parthasarathy , Edvardas Budrys , Tanmoy Dutta , Arindam Chatterjee
发明人: Ramakanthachary Gottumukkala , Vijay Kurup , Srinivasan Parthasarathy , Edvardas Budrys , Tanmoy Dutta , Arindam Chatterjee
IPC分类号: G06F17/00
CPC分类号: G06F21/6218
摘要: Data security is implemented through a query based policy constraining a primary table. Nested tables inherit the security policy by implementing the policy queries of the primary table. Operations on nested tables such as join actions execute the security policy queries once due to inheritance from the primary table therefore optimizing query modeling. A security policy may respond to a context or a role by executing queries responsive to the context.
摘要翻译: 数据安全性通过限制主表的基于查询的策略实现。 嵌套表通过实现主表的策略查询来继承安全策略。 因为嵌套表的操作(如连接操作)由于从主表继承而执行安全策略查询,因此优化了查询建模。 安全策略可以响应于上下文执行查询来响应上下文或角色。
-
公开(公告)号:US20110154505A1
公开(公告)日:2011-06-23
申请号:US12645465
申请日:2009-12-22
申请人: Crispin Cowan , Matthew Z. Tamayo-Rios , Tanmoy Dutta , John Lambert , Paul J. Leach , Scott A. Field , Thomas C. Jones
发明人: Crispin Cowan , Matthew Z. Tamayo-Rios , Tanmoy Dutta , John Lambert , Paul J. Leach , Scott A. Field , Thomas C. Jones
IPC分类号: G06F21/22
摘要: Computer-executable instructions that are directed to the performance of consequential actions and automatically elevate to execute at a higher privilege level to do so can perform such consequential actions only after user notification. Doing so can enable monitoring processes to avoid presenting duplicative user notification upon detection of such auto-elevation. In addition, prior to presenting user notification, input from the execution environment can be ignored and access to DLLs for performing consequential actions can be avoided. A static analyzer can identify non-conforming computer-executable instructions. A wrapper can be utilized to provide compliance by otherwise unknown or non-conforming computer-executable instructions.
摘要翻译: 针对执行相应操作并自动提升以在较高权限级别执行的计算机可执行指令,只有在用户通知后才能执行此类后续操作。 这样做可以实现监控过程,以避免在检测到这种自动升高时呈现重复的用户通知。 此外,在呈现用户通知之前,可以忽略来自执行环境的输入,并且可以避免对用于执行相继动作的DLL的访问。 静态分析仪可以识别不合格的计算机可执行指令。 可以使用包装器来提供否则未知或不合格的计算机可执行指令的符合性。
-
公开(公告)号:US07711750B1
公开(公告)日:2010-05-04
申请号:US10903338
申请日:2004-07-30
CPC分类号: G06F21/6227 , Y10S707/99933 , Y10S707/99939
摘要: The present invention specifies database security at a row level and, optionally, at a column and table level. The systems and methods cluster one or more sets of rows with similar security characteristics and treat them as a named expression, wherein clustered data is accessed based on associated row-level security. The systems and methods specify a syntax that invokes row(s), column(s) and/or table(s) security via programming statements. Such statements include arbitrary Boolean expressions (predicates) defined over, but not restricted to table columns and/or other contextual data. These statements typically are associated with query initiators, incorporated into queries therefrom, and utilized while querying data. Rows of data that return “true” when evaluated against an aggregate of associated security expressions are said to “satisfy” the security expressions and enable access to the data stored therein. Such security expressions can be created and invoked via the Structured Query Language (SQL) database programming language.
摘要翻译: 本发明在行级别和可选地在列和表级别指定数据库安全性。 系统和方法集中一组或多组具有相似安全特性的行,并将其视为命名表达式,其中基于关联的行级安全性访问群集数据。 系统和方法通过编程语句指定调用行,列和/或表的安全性的语法。 这样的语句包括定义在但不限于表列和/或其他上下文数据的任意布尔表达式(谓词)。 这些语句通常与查询启动器相关联,并入查询中,并在查询数据时使用。 对相对于安全表达式的聚合进行评估时返回“true”的数据行被称为“满足”安全表达式并且能够访问存储在其中的数据。 可以通过结构化查询语言(SQL)数据库编程语言创建和调用此类安全表达式。
-
公开(公告)号:US20090222888A1
公开(公告)日:2009-09-03
申请号:US12038815
申请日:2008-02-28
申请人: Raghavendra Malpani , Cristian Ilac , Tanmoy Dutta , Klaus Schutz
发明人: Raghavendra Malpani , Cristian Ilac , Tanmoy Dutta , Klaus Schutz
CPC分类号: G06F21/556
摘要: A secure (e.g., HTTPS) connection is established between a client and a server. Communication over the connection may utilize an application (e.g., a Web browser) that is not part of the client's trusted computing base. A password is sent from the client to the server over the connection such that the clear text password is unavailable to the application. For example, the password can be encrypted and inserted directly into the HTTPS stream from the client's trusted computing base.
摘要翻译: 在客户端和服务器之间建立安全(例如HTTPS)连接。 通过连接的通信可以利用不是客户机的可信计算基础的一部分的应用(例如,Web浏览器)。 密码通过连接从客户端发送到服务器,使得明文密码对应用程序不可用。 例如,密码可以被加密并直接从客户端的可信计算基础插入到HTTPS流中。
-
-
-
-
-
-
-
-
-
搜索结果
48 条记录 (耗时 0.025 秒)
