公开(公告)号：JP2002319001A

公开(公告)日：2002-10-31

申请号：JP2002041283

申请日：2002-02-19

Applicant: IBM

Inventor： HIND JOHN R ,  MATHEWSON JAMES M JR ,  PETERS MARCIA L

IPC: G06F12/14 ,  G06F21/24 ,  G06K17/00 ,  G06K19/00 ,  G06K19/07 ,  G06K19/073 ,  G06K19/077 ,  G06Q20/20 ,  G06F17/60

Abstract: PROBLEM TO BE SOLVED: To provide a method, an apparatus, a system and a computer program product for using RFID techniques for storing product information on a tag attached to a commodity. SOLUTION: The method includes (a) writing a value into a first memory 560 which forms a portion of an RFID tag and which has a length; (b) writing a form in the second memory 550 of the RFID tag: and (c) imposing access control rules on the first memory 560 in response to (a) and (b). This can prevent alteration of the stored information, tracking of customers and purchased merchandise on a global scale, and the discrepancy of prices which occurs at points of sale.

公开(公告)号：DE10116640B4

公开(公告)日：2012-09-13

申请号：DE10116640

申请日：2001-04-04

Applicant: IBM

Inventor： GAGE CHRISTOPHER A S ,  HIND JOHN R ,  PETERS MARCIA L

IPC: G06F15/173 ,  H04L29/06 ,  H04L29/08

Abstract: Verfahren zur Herstellung einer dauerhaften Beziehung zwischen einem Client-System und einem Server, wobei der Server aus einer Vielzahl von Servern stammt, die von einem Dispatcher verwaltet werden, und das Client-System unter Benutzung eines Universellen Ressourcen-Lokalisierers (URL) auf den Server zugreift, bei dem der Dispatcher eine Informationsanforderung vom Client-System empfängt und bestimmt, welcher aus der Vielzahl von Servern für die Erfüllung der Anforderung auszuwählen ist; dadurch gekennzeichnet, – dass der ausgewählte Server ein Token erzeugt, das wenigstens einen Bezeichner für den ausgewählten Server, eine Datums-Zeit-Markierung und einen Schlüssel umfasst, wobei der Schlüssel für den Zugriff auf einen Speicherbereich für Informationen bezüglich der dauerhaften Beziehung zum Client-System verwendet wird; – dass das Token in den URL eingefügt wird; und – dass der ausgewählte Server eine Antwort mit dem in den URL eingefügten Token zum Client-System sendet, um das Client-System für die Dauer einer Sitzung an diesen...

公开(公告)号：GB2359969A

公开(公告)日：2001-09-05

申请号：GB0026181

申请日：2000-10-26

Applicant: IBM

Inventor： HIND JOHN R ,  PETERS MARCIA L

IPC: G06F21/00 ,  H04L9/32 ,  H04L29/06 ,  H04L29/12 ,  G06F1/00

Abstract: A device certificate identifies a particular device using a globally-unique device identifier and contains a public key associated therewith. A private key stored in protected storage of the device is used to digitally sign outbound messages, enabling communicating devices to authenticate one another using the associated device certificate and public key, before returning a response. Devices functioning as servers can thereby securely participate in dynamic, automatic address assignment services using a service such as a Boot Protocol or Dynamic Host Configuration Protocol, and/or to update address information stored in a Domain Name System (DNS) server, ensuring that the update is authentic, and when the DNS is also authenticated, ensuring that a legitimate DNS has been contacted.

公开(公告)号：CA2100539A1

公开(公告)日：1994-05-20

申请号：CA2100539

申请日：1993-07-14

Applicant: IBM

Inventor： DERBY JEFFREY H ,  DRAKE JOHN E JR ,  DUDLEY JOHN G ,  HERVATIC ELIZABETH A ,  JANNIELLO JAMES P ,  KAPLAN MARC A ,  KESNER BARRY A ,  KOPERDA FRANCIS R ,  PETERS MARCIA L ,  POTTER KENNETH H ,  TSIGLER ANDREV L ,  MARIN GERALD A ,  GOPAL INDER S ,  CIDON ISRAEL

IPC: H04L12/18 ,  H04L12/56 ,  H04Q11/04

公开(公告)号：DE10051571A1

公开(公告)日：2001-04-26

申请号：DE10051571

申请日：2000-10-18

Applicant: IBM

Inventor： DAVIS MARK C ,  HIND JOHN R ,  PETERS MARCIA L ,  TOPOL BRAD B

IPC: G06F1/00 ,  G06F21/00 ,  H04L9/08 ,  H04L9/00 ,  G06F12/14

Abstract: Documents are subject to selective encoding for protecting the information against unintentional publication, and include XML-documents and XSL-processors, and following preparation of an input-document, one or several support objects are prepared, and then a document-type definition (DTD) corresponding to the given input document. Selected prescribed support objects are carried out during use of one or more style-sheets on the given input document, resulting in an interim document. One or several randomly generated encoding keys are then generated, and the selected elements of the interim documents are encoded, to prepared producing an encoded output document with zero or more unencoded elements. The find (result) documents is produced on a given client device, with encoding of the given received documents for a discrete user or process on the stated client device.

公开(公告)号：CA2094409A1

公开(公告)日：1993-12-19

申请号：CA2094409

申请日：1993-04-20

Applicant: IBM

Inventor： AUERBACH JOSHUA S ,  CHOW CHEE-SENG ,  DRAKE JOHN E JR ,  GOPAL PRABANDHAM M ,  HERVATIC ELIZABETH A ,  KAPLAN MARC A ,  PETERS MARCIA L ,  WARD MICHAEL J

IPC: H04L12/18 ,  H04L12/24 ,  H04L12/56

Abstract: In a multicast network communication system, administration of the communication path making up the multicast tree itself has been separated from control and administration of the network. Creation of a multicast distribution tree and control over the membership thereof, is separately controlled independently from the creation and use of the tree transmission path used to communicate among the members of a multicast set. Transmission distribution trees are set up when a transmission request is received and the properties of the transmission path that is required are known. Transmission paths are created and controlled by all nodes in the communications system, each node having necessary control code and processors for responding to requests from set members to transmit a message to groups of users by creating and activating the necessary tree communication path distribution linkages. A distribution tree is created by the Tree Leader by generating a tree address using a random number generator. A tree address correlator is generated utilizing network and node identifiers unique for the network, and a list of subnodes or users connected for each member of the multicast tree set is generated. Using this information, a tree distribution path is computed to cover all of the subnodes required and a tree set up request message is sent by the Tree Leader along a computed path to each involved subnode. Each subnode returns a message indicating whether the tree address is already in use or is available for use. Successfully negotiated tree addresses are marked at the path link initiation and termination points at each node through the network.

公开(公告)号：DE10051571B4

公开(公告)日：2006-06-29

申请号：DE10051571

申请日：2000-10-18

Applicant: IBM

Inventor： DAVIS MARK C ,  HIND JOHN R ,  PETERS MARCIA L ,  TOPOL BRAD B

IPC: H04L9/00 ,  G06F1/00 ,  G06F12/14 ,  G06F21/00 ,  H04L9/08

Abstract: A method, system, and computer program product for selectively encrypting one or more elements of a document using style sheet processing. Disclosed is a policy-driven augmented style sheet processor (e.g. an Extensible Stylesheet Language, or "XSL", processor) that creates a selectively-encrypted document (e.g. an Extensible Markup Language, or "XML", document) carrying key-distribution material, such that by using an augmented document processor (e.g. an augmented XML processing engine), an agent can recover only the information elements for which it is authorized. The Document Type Definition (DTD) or schema associated with a document is modified, such that the DTD or schema specifies a reference to stored security policy to be applied to document elements. Each document element may specify a different security policy, such that the different elements of a single document can be encrypted differently (and, some elements may remain unencrypted). The key distribution material enables a document to be encrypted for decryption by an audience that is unknown at the time of document creation, and enables access to the distinct elements of a single encrypted document to be controlled for multiple users and/or groups of users. In this manner, group collaboration is improved by giving more people easier access to information for which they are authorized, while protecting sensitive data from unauthorized agents. A key recovery technique is also defined, whereby the entire document can be decrypted by an authorized agent regardless of how the different elements were originally encrypted and the access protections which were applied to those elements.

公开(公告)号：CA2094410A1

公开(公告)日：1993-12-19

申请号：CA2094410

申请日：1993-04-20

Applicant: IBM

Inventor： AUERBACH JOSHUA S ,  DRAKE JOHN E JR ,  GOPAL PRABANDHAM M ,  HERVATIC ELIZABETH A ,  KAPLAN MARC A ,  KUTTEN SHAY ,  PETERS MARCIA L ,  WARD MICHAEL J

IPC: H04L12/18 ,  H04L12/24 ,  H04L12/56

Abstract: A multinode, multicast communications network has a distributed control for the creation, administration and operational mode selection operative in each of the nodes of the network. Each node is provided with a Set Manager for controlling either creation of, administration or access to a set of users to whom a multicast is to be directed. The Set Manager maintains a record of the local membership of all users associated with the node in which the Set Manager resides. A given Set Manager for each designated set of users is assigned the task of being the Set Leader to maintain membership information about the entire set of users in the multicast group. One of the Set Managers in the communications network is designated to be the Registrar which maintains a list of all the Set Leaders in the network. The Registrar insures that there is one and only one Set Leader for each set of users, answers inquiries about the membership of the sets and directs inquiries to appropriate Set Leaders if necessary. All of the set creation, administration and control functions can therefore be carried out by any node of the system and provision is made to assume the function at a new node when failure or partition in the network occurs.

公开(公告)号：GB2359969B

公开(公告)日：2004-03-31

申请号：GB0026181

申请日：2000-10-26

Applicant: IBM

Inventor： HIND JOHN R ,  PETERS MARCIA L

IPC: G06F21/00 ,  H04L9/32 ,  H04L29/06 ,  H04L29/12 ,  G06F1/00

Abstract: A device certificate identifies a particular device using a globally-unique device identifier and contains a public key associated therewith. A private key stored in protected storage of the device is used to digitally sign outbound messages, enabling communicating devices to authenticate one another using the associated device certificate and public key, before returning a response. Devices functioning as servers can thereby securely participate in dynamic, automatic address assignment services using a service such as a Boot Protocol or Dynamic Host Configuration Protocol, and/or to update address information stored in a Domain Name System (DNS) server, ensuring that the update is authentic, and when the DNS is also authenticated, ensuring that a legitimate DNS has been contacted.

公开(公告)号：DE10116640A1

公开(公告)日：2001-12-20

申请号：DE10116640

申请日：2001-04-04

Applicant: IBM

Inventor： GAGE CHRISTOPHER A S ,  HIND JOHN R ,  PETERS MARCIA L

IPC: H04L29/06 ,  H04L29/08 ,  G06F15/173

Abstract: The method involves receiving an information request from an end user system at a dispatcher, determining which server to select to fulfill the request, generating a token with at least one selected server identifier, a date-time marker and a key for access to a memory area for information relating to the on-going relationship to the end user device, inserting the token into the URL and sending a response with the token to the client system. Independent claims are also included for the following: a method of distributing a request by an end user system to a defined server from a number of redundant servers, a method of sending information to a requesting end user, a computer program product and a network dispatcher.