-
1.发明专利
公开(公告)号:MY148801A
公开(公告)日:2013-05-31
申请号:MYPI20084402
申请日:2007-05-25
Applicant: MICROSOFT CORP
Inventor: GENNADY MEDVINSKY , CRISTIAN ILAC , COSTIN HAGIU , PARSONS JOHN E , DIN FATHALLA MOHAMED EMAD EL , LEACH PAUL J , MAHMOUD KAMEL TAREK BUHAA EL-DIN
IPC: H04L9/32
Abstract: A CREDENTIAL SECURITY SUPPORT PROVIDER (CRED SSP) IS PROVIDED THAT ENABLES ANY APPLICATION TO SECURELY DELEGATE A USER'S CREDENTIALS FROM THE CLIENT, VIA CLIENT SIDE SECURITY SUPPORT PROVIDER (SSP) SOFTWARE, TO A TARGET SERVER, VIA SERVER SIDE SSP SOFTWARE IN A NETWORKED COMPUTING ENVIRONMENT. THE CRED SSP OF THE INVENTION PROVIDES A SECURE SOLUTION THAT IS BASED IN PART UPON A SET OF POLICIES, INCLUDING A DEFAULT POLICY THAT IS SECURE AGAINST A BROAD RANGE OF ATTACKS, WHICH ARE USED TO CONTROL AND RESTRICT THE DELEGATION OF USER CREDENTIALS FROM A CLIENT TO A SERVER. THE POLICIES CAN BE FOR ANY TYPE OF USER CREDENTIALS AND THE DIFFERENT POLICIES ARE DESIGNED TO MITIGATE A BROAD RANGE OF ATTACKS SO THAT APPROPRIATE DELEGATION CAN OCCUR FOR GIVEN DELEGATION CIRCUMSTANCES, NETWORK CONDITIONS, TRUST LEVELS, ETC. ADDITIONALLY, ONLY A TRUSTED SUBSYSTEM, E.G., A TRUSTED SUBSYSTEM OF THE LOCAL SECURITY AUTHORITY (LSA), HAS ACCESS TO THE CLEAR TEXT CREDENTIALS SUCH THAT NEITHER THE CALLING APPLICATION OF THE CRED SSP APIs ON THE SERVER SIDE NOR THE CALLING APPLICATION OF THE CRED SSP APIs ON THE CLIENT SIDE HAVE ACCESS TO CLEAR TEXT CREDENTIALS.
-
公开(公告)号:CL2007001510A1
公开(公告)日:2008-01-25
申请号:CL2007001510
申请日:2007-05-25
Inventor: JOHN E PARSONS , GENNADY MEDVINSKY , CRISTIAN ILAC , COSTIN HAGIU , MOHAMED EMAD EL DIN FATHALLA , PAUL J LEACH , TAREK BUHA
Abstract: Método para delegar credenciales de usuario a un cliente para un servidor en un entorno de red computacional y dispositivo de computación cliente.
-
Search Results
2
records
(took 0.022 seconds)
