Policy-based auditing of identity credential disclosure by a secure token service

Invention Grant

US08370913B2 Policy-based auditing of identity credential disclosure by a secure token service 有权

Title translation: 通过安全令牌服务进行基于策略的身份凭证披露审计

Please log in to see more content

Patent Title: Policy-based auditing of identity credential disclosure by a secure token service
Patent Title (中): 通过安全令牌服务进行基于策略的身份凭证披露审计
Application No.: US11843638

Application Date: 2007-08-22
Publication No.: US08370913B2

Publication Date: 2013-02-05
Inventor: Andrew A. Hodgkinson , Duane F. Buss , Thomas E. Doman , Patrick R. Felsted , James G. Sermersheim
Applicant: Andrew A. Hodgkinson , Duane F. Buss , Thomas E. Doman , Patrick R. Felsted , James G. Sermersheim
Applicant Address: US CA Cupertino
Assignee: Apple Inc.
Current Assignee: Apple Inc.
Current Assignee Address: US CA Cupertino
Agency: Blakely, Sokoloff, Taylor & Zafman LLP
Main IPC: H04L29/06
IPC: H04L29/06 ; G06F15/16 ; G06Q20/00

Policy-based auditing of identity credential disclosure by a secure token service

Abstract:

A user defines an audit policy. The audit policy identifies one or more triggers that, when related information is included in a security token, trigger the performance of the audit. The audit can include notifying the user in some manner that the trigger occurred. The audit can require in-line confirmation of the audit, so that the security token is not transmitted until the user confirms the audit.

Abstract(Chinese):

用户定义审计策略。审计策略标识一个或多个触发器，当相关信息包含在安全令牌中时，触发审计的执行。审计可以包括以某种方式通知用户触发事件。审核可能需要对审核进行直接确认，以便在用户确认审核之前不会传输安全令牌。

Public/Granted literature

US20080229384A1 POLICY-BASED AUDITING OF IDENTITY CREDENTIAL DISCLOSURE BY A SECURE TOKEN SERVICE Public/Granted day:2008-09-18

Information query

Espacenet