公开(公告)号：WO2007105098A3

公开(公告)日：2007-12-21

申请号：PCT/IB2007000656

申请日：2007-03-12

Applicant: AXALTO SA ,  MONTGOMERY MICHAEL ,  MAO YI

Inventor： MONTGOMERY MICHAEL ,  MAO YI

IPC: G06F21/20

CPC classification number: G06F21/6218

Abstract: Role-based hierarchical access control system and method. A computer system having a data storage capacity and a central processing unit and at least one resource has an access control data structure defining role-based access control lists for the resource, wherein the access control list defines based on the role of a user the types of access that the user may have to the at least one resource. A hierarchy of roles having at least a first role and a second role wherein the second role inherits the permissions granted to the first role for the at least one resource. Access to the resource is determined by comparing roles defined to have access privileges to the resource and the permissions granted to such roles to the role of an entity seeking access to the resource.

Abstract translation: 基于角色的分级访问控制系统和方法。 具有数据存储容量和中央处理单元以及至少一个资源的计算机系统具有为资源定义基于角色的访问控制列表的访问控制数据结构，其中，访问控制列表基于用户的角色来定义类型 用户可能必须访问该至少一个资源。 至少具有第一角色和第二角色的角色层次结构，其中第二角色继承为至少一个资源授予第一角色的权限。 对资源的访问是通过将定义为具有对资源的访问权限的角色以及授予此类角色的权限与寻求访问资源的实体的角色进行比较来确定的。

公开(公告)号：WO2006100554A3

公开(公告)日：2007-01-18

申请号：PCT/IB2006000523

申请日：2006-03-10

Applicant: AXALTO SA

Inventor： MAHBOOB ALI ASAD ,  MONTGOMERY MICHAEL

IPC: G06F21/20

CPC classification number: G06F21/36 ,  G06F21/31 ,  G06F21/40

Abstract: A method for authenticating a user for use of a server computing device wherein the server computing device is connected by a network to a host device. Generating a key representation image having thereon a plurality of individual key images placed at random positions, each corresponding to a possible character value in an authentication phrase. Accepting a sequence corresponding to locations of mouse clicks representing user selections of character values in an attempted authentication phrase. Verifying that the sequence of location values corresponds to a correct authentication phrase by mapping the locations of the mouse clicks to the locations of the randomly placed key images. Alternatively, accepting a sequence corresponding to a transformation of personal identification number based on a random number and a numerical operation or selection in a matrix.

Abstract translation: 一种用于认证用户以使用服务器计算设备的方法，其中服务器计算设备通过网络连接到主机设备。 生成其上具有放置在随机位置的多个单独的关键图像的键表示图像，每个对应于认证短语中的可能的字符值。 接受对应于表示用户在尝试的认证短语中选择字符值的鼠标点击的位置的序列。 通过将鼠标点击的位置映射到随机放置的关键图像的位置来验证位置值的顺序对应于正确的认证短语。 或者，基于随机数和矩阵中的数值运算或选择来接受与个人识别号的变换相对应的序列。

公开(公告)号：AT394747T

公开(公告)日：2008-05-15

申请号：AT03780435

申请日：2003-12-17

Applicant: AXALTO SA ,  SCHLUMBERGER MALCO INC

Inventor： MONTGOMERY MICHAEL ,  SINHA ANSHUMAN ,  KUMAMOTO DANNY

IPC: G06F21/00