公开(公告)号：AT337667T

公开(公告)日：2006-09-15

申请号：AT00100477

申请日：2000-01-11

Applicant: IBM

Inventor： HERRENDOERFER DIRK ,  SULZMANN ROBERT ,  WELSCH MARTIN DR

IPC: H04L29/06 ,  G06K7/06

Abstract: A system and method for processing information contained in a smart card (130) uses a local computer (100) on which a proxy server (120) is installed. The local computer is connected to a data communication network (110), such as the Internet, and comprises a network browser which is used to generate access requests to data stored on a smart card and in a local storage (122). The requests are received by an HTTP server (210) and passed to request brokers (214, 215, 216). In response to a request parsing operation access functions (226, 228, 340, 440, 350, 460) are activated for accessing the local storage and a smart card (130). Data read from a smart card may be inserted into a HTML document accessed in the local storage, and data from the local storage or from remote sources may be uploaded to a smart card. Data modifier means (232, 234, 236) are provided to translate data read from the smart card into a data format corresponding to a user interface, and for translating data to be uploaded to said smart card into a predetermined smart card data format. The proxy server may be readily adapted to any smart card data format, and it may provide data security functions and data compression/decompression facilities.

公开(公告)号：DE60100680D1

公开(公告)日：2003-10-09

申请号：DE60100680

申请日：2001-04-24

Applicant: IBM

Inventor： HENN DR ,  HERRENDOERFER DIRK ,  SCHAECK THOMAS ,  WEBER ROLAND

IPC: H04L29/06 ,  H04L29/08

Abstract: The present invention relates to a client-server system having a security system for controlling access to application functions. The security system separated from the clients and the application functions routes all incoming requests created by various PVC-devices to a centralized security system providing an authentication component and a security component. The authentication component provides several authentication mechanisms which may be selected by information contained in the client's request. The authentication mechanism may be changed or extended without changing conditions on the client as well on the server or application side. The security component provides a security policy describing security requirements for accessing application functions which may be invoked by the security component. If the selected authentication mechanism succeeds and fulfills the security policy associated to that application function then the application function will be invoked by the security component.

公开(公告)号：DE19957235A1

公开(公告)日：2000-07-20

申请号：DE19957235

申请日：1999-11-27

Applicant: IBM

Inventor： HERRENDOERFER DIRK ,  SULZMANN ROBERT ,  WELSCH MARIN

IPC: G06F9/46 ,  G06F15/163 ,  G06F9/54

Abstract: The arrangement contains applications that do not support Java that generate a standard TCP/IP communications call for a routine in a Java class in the database. An arrangement receives the call and associated parameter data, and an arrangement converts the call and data into Java data types. An arrangement calls and runs Java routines using the converted data. An arrangement generates a response to the client application by converting the result data back into a transfer format and an arrangement transfers the data to the non-Java application. An Independent claim is also included for a process for accessing Java routines and a program product stored on a data medium containing the steps of an access process.

公开(公告)号：DE112020004699T5

公开(公告)日：2022-06-23

申请号：DE112020004699

申请日：2020-09-04

Applicant: IBM

Inventor： NUNEZ MENCIAS ANGEL ,  MORJAN PETER ,  HERRENDOERFER DIRK ,  POLEPALLI YESHWANTH PREETHI

IPC: G06F21/57

Abstract: Aspekte der Erfindung weisen ein Erhalten eines originalen Docker-Abbildes von einem Kunden, Verschlüsseln eines Speicherplattenabbildes unter Verwendung von Inhalten aus dem originalen Docker-Abbild und sicheres Verschlüsseln eines Startladeprogramms durch einen Prozessor auf. Aus dem verschlüsselten Festplattenabbild und dem sicheren verschlüsselten Startladeprogramm wird ein neu gepacktes Abbild erstellt. Das neu gepackte Abbild wird bereitgestellt, indem das neu gepackte Abbild in einen Pod-Container eingefügt wird und ein gesicherter Kubernetes-Pod zum Schutz von Arbeitslasten erzeugt wird, wobei der gesicherte Kubernetes-Pod mindestens eine virtuelle Maschine besitzt, die den Pod-Container enthält.

公开(公告)号：DE19945862A1

公开(公告)日：2001-04-05

申请号：DE19945862

申请日：1999-09-24

Applicant: IBM

Inventor： HANSMANN UWE ,  HERRENDOERFER DIRK ,  MERK LOTHAR ,  STOBER THOMAS

IPC: G06F12/02 ,  G07F7/10 ,  G06F17/60

Abstract: For dynamic management of storage for the run time of a Java applet (small portion of application code), a suitable storage management object and associated storage management methods are used. To accommodate the data sets (14, 16, 18, 21, 22), the data object (10, 12) has more memory space at its disposal than required for storage of a data set. An Independent claim is included for computing equipment, a system and a computer program in accordance with the method.

公开(公告)号：DE60030181T2

公开(公告)日：2007-10-18

申请号：DE60030181

申请日：2000-01-11

Applicant: IBM

Inventor： HERRENDOERFER DIRK ,  SULZMANN ROBERT ,  WELSCH MARTIN DR

IPC: H04L29/06 ,  G06K7/06

Abstract: A system and method for processing information contained in a smart card (130) uses a local computer (100) on which a proxy server (120) is installed. The local computer is connected to a data communication network (110), such as the Internet, and comprises a network browser which is used to generate access requests to data stored on a smart card and in a local storage (122). The requests are received by an HTTP server (210) and passed to request brokers (214, 215, 216). In response to a request parsing operation access functions (226, 228, 340, 440, 350, 460) are activated for accessing the local storage and a smart card (130). Data read from a smart card may be inserted into a HTML document accessed in the local storage, and data from the local storage or from remote sources may be uploaded to a smart card. Data modifier means (232, 234, 236) are provided to translate data read from the smart card into a data format corresponding to a user interface, and for translating data to be uploaded to said smart card into a predetermined smart card data format. The proxy server may be readily adapted to any smart card data format, and it may provide data security functions and data compression/decompression facilities.

公开(公告)号：DE60030181D1

公开(公告)日：2006-10-05

申请号：DE60030181

申请日：2000-01-11

Applicant: IBM

Inventor： HERRENDOERFER DIRK ,  SULZMANN ROBERT ,  WELSCH MARTIN DR

IPC: H04L29/06 ,  G06K7/06

Abstract: A system and method for processing information contained in a smart card (130) uses a local computer (100) on which a proxy server (120) is installed. The local computer is connected to a data communication network (110), such as the Internet, and comprises a network browser which is used to generate access requests to data stored on a smart card and in a local storage (122). The requests are received by an HTTP server (210) and passed to request brokers (214, 215, 216). In response to a request parsing operation access functions (226, 228, 340, 440, 350, 460) are activated for accessing the local storage and a smart card (130). Data read from a smart card may be inserted into a HTML document accessed in the local storage, and data from the local storage or from remote sources may be uploaded to a smart card. Data modifier means (232, 234, 236) are provided to translate data read from the smart card into a data format corresponding to a user interface, and for translating data to be uploaded to said smart card into a predetermined smart card data format. The proxy server may be readily adapted to any smart card data format, and it may provide data security functions and data compression/decompression facilities.

公开(公告)号：DE60100680T2

公开(公告)日：2004-07-22

申请号：DE60100680

申请日：2001-04-24

Applicant: IBM

Inventor： HENN DR ,  HERRENDOERFER DIRK ,  SCHAECK THOMAS ,  WEBER ROLAND

IPC: H04L29/06 ,  H04L29/08

Abstract: The present invention relates to a client-server system having a security system for controlling access to application functions. The security system separated from the clients and the application functions routes all incoming requests created by various PVC-devices to a centralized security system providing an authentication component and a security component. The authentication component provides several authentication mechanisms which may be selected by information contained in the client's request. The authentication mechanism may be changed or extended without changing conditions on the client as well on the server or application side. The security component provides a security policy describing security requirements for accessing application functions which may be invoked by the security component. If the selected authentication mechanism succeeds and fulfills the security policy associated to that application function then the application function will be invoked by the security component.

公开(公告)号：AT249122T

公开(公告)日：2003-09-15

申请号：AT01109912

申请日：2001-04-24

Applicant: IBM

Inventor： HENN HORST DR ,  HERRENDOERFER DIRK ,  SCHAECK THOMAS ,  WEBER ROLAND

IPC: H04L29/06 ,  H04L29/08

Abstract: The present invention relates to a client-server system having a security system for controlling access to application functions. The security system separated from the clients and the application functions routes all incoming requests created by various PVC-devices to a centralized security system providing an authentication component and a security component. The authentication component provides several authentication mechanisms which may be selected by information contained in the client's request. The authentication mechanism may be changed or extended without changing conditions on the client as well on the server or application side. The security component provides a security policy describing security requirements for accessing application functions which may be invoked by the security component. If the selected authentication mechanism succeeds and fulfills the security policy associated to that application function then the application function will be invoked by the security component.