METHOD AND SYSTEM FOR CONSOLIDATED SIGN-OFF IN A HETEROGENEOUS FEDERATED ENVIRONMENT
    1.
    发明申请
    METHOD AND SYSTEM FOR CONSOLIDATED SIGN-OFF IN A HETEROGENEOUS FEDERATED ENVIRONMENT 审中-公开
    在异质联合环境中统一标识的方法和系统

    公开(公告)号:WO2004059478A3

    公开(公告)日:2005-08-11

    申请号:PCT/EP0314847

    申请日:2003-11-27

    Applicant: IBM IBM FRANCE

    CPC classification number: H04L63/0815 H04L63/0807 H04L63/104 H04L67/10

    Abstract: A method is presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated single-sign-on operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the domain to manage trust relationships between the domain and the federation. Trust proxies interpret assertions from other federated domains as necessary. Trust proxies may have a trust relationship with one or more trust brokers, and a trust proxy may rely upon a trust broker for assistance in interpreting assertions. When a user requests to logoff from a domain that has initiated federated single-sign-on operations for the user at other federated domains, the domain initiates a consolidated logoff operation by requesting logoff operations at those other federated domains, which may also initiate logoff operations in a cascaded fashion to the domains at which they have initiated federated single-sign-on operations.

    Abstract translation: 提出了一种方法,其中联合域在联合环境中相互作用。 联盟内的域可以为其他联盟域的用户启动联合单点登录操作。 域内的联络点服务器依赖于域内的信任代理来管理域和联盟之间的信任关系。 信任代理根据需要解释其他联盟域的断言。 信托代理可能与一个或多个信托经纪人有信任关系,信托代理可以依靠信托代理人来解释断言。 当用户请求从其他联盟域的用户启动了联合单点登录操作的域注销时,域通过请求在其他联盟域的注销操作来启动合并注销操作,这些操作也可以启动注销操作 以级联方式发布到已启动联合单点登录操作的域。

    METHOD AND SYSTEM FOR NATIVE AUTHENTIFICATION PROTOCOLS IN A HETEROGENEOUS FEDERATED ENVIRONMENT
    2.
    发明申请
    METHOD AND SYSTEM FOR NATIVE AUTHENTIFICATION PROTOCOLS IN A HETEROGENEOUS FEDERATED ENVIRONMENT 审中-公开
    异构联合环境中本地认证协议的方法与系统

    公开(公告)号:WO2004059415A2

    公开(公告)日:2004-07-15

    申请号:PCT/EP0314852

    申请日:2003-11-27

    Applicant: IBM IBM FRANCE

    Abstract: A method is presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated single-sign-on operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the domain to manage trust relationships between the domain and the federation. Trust proxies interpret assertions from other federated domains as necessary. Trust proxies may have a trust relationship with one or more trust brokers, and a trust proxy may rely upon a trust broker for assistance in interpreting assertions.

    Abstract translation: 提出了一种方法,其中联合域在联合环境中相互作用。 联盟内的域可以为其他联盟域的用户启动联合单点登录操作。 域内的联络点服务器依赖域内的信任代理来管理域和联盟之间的信任关系。 信任代理根据需要解释其他联盟域的断言。 信托代理可能与一个或多个信托经纪人有信任关系,信托代理可以依靠信托代理人来解释断言。

    Method and system for consolidated sign-off in a heterogeneous federated environment

    公开(公告)号:AU2003294951A8

    公开(公告)日:2004-07-22

    申请号:AU2003294951

    申请日:2003-11-27

    Applicant: IBM

    Abstract: A method is presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated single-sign-on operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the domain to manage trust relationships between the domain and the federation. Trust proxies interpret assertions from other federated domains as necessary. Trust proxies may have a trust relationship with one or more trust brokers, and a trust proxy may rely upon a trust broker for assistance in interpreting assertions. When a user requests to logoff from a domain that has initiated federated single-sign-on operations for the user at other federated domains, the domain initiates a consolidated logoff operation by requesting logoff operations at those other federated domains, which may also initiate logoff operations in a cascaded fashion to the domains at which they have initiated federated single-sign-on operations.

    METHOD AND SYSTEM FOR NATIVE AUTHENTIFICATION PROTOCOLS IN A HETEROGENEOUS FEDERATED ENVIRONMENT

    公开(公告)号:AU2003288261A1

    公开(公告)日:2004-07-22

    申请号:AU2003288261

    申请日:2003-11-27

    Applicant: IBM

    Abstract: A method is presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated single-sign-on operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the domain to manage trust relationships between the domain and the federation. Trust proxies interpret assertions from other federated domains as necessary. Trust proxies may have a trust relationship with one or more trust brokers, and a trust proxy may rely upon a trust broker for assistance in interpreting assertions.

    Conditional access control
    9.
    发明专利

    公开(公告)号:GB2365561A

    公开(公告)日:2002-02-20

    申请号:GB0030228

    申请日:2000-12-12

    Applicant: IBM

    Abstract: In a multi-user application environment with Java, both codesource access checking and verification of the user who is executing code are employed for access checking. An end user uses a Web browser to access a Web server. An execution thread is established for an end user. The HTTP page and function requested by the user cause the Web application server to invoke a Java Virtual Machine (JVM) which in turn invokes a requested Java servlet. When the Secure Class Loader loads a Java class into the JVM, the code base Uniform URL and the Digital Certificate that was used to sign the class are used by the Secure Class Loader to create the codesource Java object. The JVM includes a Java Security Manager (JSM) class that invokes classes that invoke an underlying system security manager. Conditional access checking includes the capability to control access to resources based on the user and on the Java servlet classes being executed. If the codesource indicated by a Conditional Access List matches the codesource specified in the profile, the system security manager will allow access.

    METHOD AND SYSTEM FOR CONSOLIDATED SIGN-OFF IN A HETEROGENEOUS FEDERATED ENVIRONMENT

    公开(公告)号:CA2508464C

    公开(公告)日:2011-06-07

    申请号:CA2508464

    申请日:2003-11-27

    Applicant: IBM

    Abstract: A method is presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated single-sign-on operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the domain to manage trust relationships between the domain and the federation. Trust proxies interpret assertions from other federated domains as necessary. Trust proxies may have a trust relationship with one or more trust brokers, and a trust proxy may rely upon a trust broker for assistance in interpreting assertions. When a user requests to logoff from a domain that has initiated federated single-sign-on operations for the user at other federated domains, the domain initiates a consolidated logoff operation by requesting logoff operations at those other federated domains, which may also initiate logoff operations in a cascaded fashion to the domains at which they have initiated federated single-sign-on operations.

Patent Agency Ranking