公开(公告)号：JP2005129032A

公开(公告)日：2005-05-19

申请号：JP2004278406

申请日：2004-09-24

Applicant: Microsoft Corp ,  マイクロソフト コーポレーション

Inventor： HUTZ BENJAMIN A ,  ILAC CHRISTIAN ,  PERLIN ERIC C ,  FLO ERIC R ,  STEPHENS JOHN ,  SCHUTZ KLAUS U ,  RICHARDS STEFAN ,  REASOR STERLING M

IPC: G06F21/20 ,  G06F21/00 ,  G09C1/00 ,  H04L9/32 ,  G06F15/00

CPC classification number: G06F21/31 ,  Y10S707/99938 ,  Y10S707/99939

Abstract: PROBLEM TO BE SOLVED: To allow a user to log on to coexistent authentication infrastructures different from each other. SOLUTION: A credential is translated with one of different credential provider modules each translating a corresponding different type of credential into a common protocol. The translated credential is communicated through an API to a logon UI module to an OS of a local machine. An OS logon module is called by the logon UI module to authenticate the translated credential against a credential database. A user identified by the translated credential is logged on to access the local machine when the authentication is successful. The API establishes a network session with an access service specified by the selected PLAP module when the credential is authenticated with the credential database. COPYRIGHT: (C)2005,JPO&NCIPI

Abstract translation: 要解决的问题：允许用户登录到彼此不同的共存认证基础设施。 解决方案：使用不同凭证提供者模块之一翻译凭证，每个凭证提供者模块将相应的不同类型的凭证翻译成公共协议。 翻译的凭证通过API传达到登录UI模块到本地机器的操作系统。 登录UI模块调用操作系统登录模块，以根据凭据数据库验证转换的凭据。 当认证成功时，由登录的凭证登录的用户访问本地计算机。 当凭证凭证凭证数据库进行身份验证时，API与所选择的PLAP模块指定的访问服务建立网络会话。 版权所有（C）2005，JPO＆NCIPI

公开(公告)号：JP2004048742A

公开(公告)日：2004-02-12

申请号：JP2003180213

申请日：2003-06-24

Applicant: Microsoft Corp ,  マイクロソフト コーポレイションMicrosoft Corporation

Inventor： GRIFFIN DANIEL C ,  PERLIN ERIC C ,  PITTAWAY GLENN D ,  SCHUTZ KLAUS U

IPC: G06F12/14 ,  G06F1/00 ,  G06F21/00 ,  G06K17/00 ,  G06K19/10 ,  H04L9/10

CPC classification number: G06F21/602 ,  G06Q20/105

Abstract: PROBLEM TO BE SOLVED: To provide apparatuses and methods for interface logic which is configurable to operatively couple cryptography support logic and cryptography providing logic. SOLUTION: The interface logic provides at least one management function to the cryptography providing logic. The management function includes at least one of the following four functions; an identity management function, a file management function, a container management function, and a cryptography management function. COPYRIGHT: (C)2004,JPO

公开(公告)号：WO2008091277A3

公开(公告)日：2008-12-18

申请号：PCT/US2007014718

申请日：2007-06-25

Applicant: MICROSOFT CORP

Inventor： CROSS DAVID B ,  LEACH PAUL J ,  SCHUTZ KLAUS U ,  YOUNG ROBERT D ,  SHERMAN NATHAN C

IPC: H04L9/32 ,  H04L12/22

CPC classification number: G06F21/32 ,  G06F21/335 ,  G06Q20/40145 ,  H04L63/0428 ,  H04L63/067 ,  H04L63/0807 ,  H04L63/0823 ,  H04L63/083 ,  H04L63/0861 ,  H04L63/10 ,  H04L63/126

Abstract: Use of a biometric identification device in a client computer system to subsequently access an authentication system includes receiving biometric sample data which is digitally signed and combining the data with a user ID and PIN. This package of data is then securely transmitted to a biometric matching server to validate the user and the biometric sample. Once validated, the biometric matching server return the data package plus a temporary certificate and a public/private key pair to the client computer. The client computer may then use this information to access an authentication system to subsequently gain access to a secure resource.

Abstract translation: 在客户计算机系统中使用生物识别设备随后访问认证系统包括接收数字签名的生物统计样本数据并将数据与用户ID和PIN组合。 然后将这个数据包安全地发送到生物统计学匹配服务器以验证用户和生物统计样本。 一旦生效，生物特征匹配服务器将数据包加上临时证书和公钥/私钥对返回给客户端计算机。 客户端计算机然后可以使用该信息来访问认证系统以随后获得对安全资源的访问。

公开(公告)号：NO20085023L

公开(公告)日：2008-12-12

申请号：NO20085023

申请日：2008-12-03

Applicant: MICROSOFT CORP

Inventor： CROSS DAVID B ,  SCHUTZ KLAUS U ,  LEACH PAUL J ,  YOUNG ROBERT D ,  SHERMAN NATHAN C

IPC: H04L12/22 ,  H04L9/32

Abstract: Use of a biometric identification device in a client computer system to subsequently access an authentication system includes receiving biometric sample data which is digitally signed and combining the data with a user ID and PIN. This package of data is then securely transmitted to a biometric matching server to validate the user and the biometric sample. Once validated, the biometric matching server return the data package plus a temporary certificate and a public/private key pair to the client computer. The client computer may then use this information to access an authentication system to subsequently gain access to a secure resource.

公开(公告)号：BRPI0403559A

公开(公告)日：2005-06-21

申请号：BRPI0403559

申请日：2004-08-26

Applicant: MICROSOFT CORP

Inventor： SCHUTZ KLAUS U ,  RICHARDS STEFAN ,  PERLIN ERIC C ,  ILAC CRISTIAN ,  REASOR STERLING M ,  FLO ERIC ,  STEPHENS JOHN ,  HUTZ BENJAMIN A

IPC: G06F21/20 ,  G06F21/00 ,  G09C1/00 ,  H04L9/32 ,  G07F7/08

Abstract: A credential is translated with one of different credential provider modules each translating a corresponding different type of credential into a common protocol. The translated credential is communicated through an API to a logon UI module to an operating system (OS) of a local machine. An OS logon module is called by the logon UI module to authenticate the translated credential against a credential database. A user identified by the translated credential is logged on to access the local machine when the authentication is successful. The credential can also be used with a selection received from the logon UI module via a corresponding one of different pre-log access provider (FLAP) modules that each communicate with the API. The API establishes a network session with an access service specified by the selected FLAP module when the credential is authenticated with the credential database.

公开(公告)号：CA2482081C

公开(公告)日：2013-11-19

申请号：CA2482081

申请日：2004-09-16

Applicant: MICROSOFT CORP

Inventor： HUTZ BENJAMIN A ,  ILAC CRISTIAN ,  PERLIN ERIC C ,  FLO ERIC R ,  STEPHENS JOHN ,  SCHUTZ KLAUS U ,  RICHARDS STEFAN ,  REASOR STERLING M

IPC: G06F21/20 ,  H04L9/32 ,  G06F21/00 ,  G09C1/00

Abstract: A credential is translated with one of different credential provider modules each translating a corresponding different type of credential into a common protocol. The translated credential is communicated through an API to a logon UI module to an operating system (OS) of a local machine. An OS logon module is called by the logon UI module to authenticate the translated credential against a credential database. A user identified by the translated credential is logged on to access the local machine when the authentication is successful. The credential can also be used with a selection received from the logon UI module via a corresponding one of different pre-log access provider (PLAP) modules that each communicate with the API. The API establishes a network session with an access service specified by the selected PLAP module when the credential is authenticated with the credential database.

公开(公告)号：MX2008015958A

公开(公告)日：2009-03-06

申请号：MX2008015958

申请日：2007-06-25

Applicant: MICROSOFT CORP

Inventor： CROSS DAVID B ,  LEACH PAUL J ,  SCHUTZ KLAUS U ,  YOUNG ROBERT D ,  SHERMAN NATHAN C

IPC: H04L29/00 ,  G06F21/00

Abstract: Se describe el uso de un dispositivo de identificación biométrico en un sistema de computadora de cliente para tener acceso subsecuente a un sistema de autenticación, el cual incluye recibir datos de muestra biométricos que están digitalmente firmados y combinar los datos con una ID y PIN de usuario. Este paquete de datos después es transmitido con seguridad a un servidor de coincidencia biométrico para validar al usuario y la muestra biométrica. Una vez validado, el servidor de coincidencia biométrico regresa el paquete de datos más un certificado temporal y un par de clave pública/privada a la computadora de cliente. La computadora de cliente después puede utilizar esta información para tener acceso a un sistema de autenticación para ganar acceso subsecuente a un recurso seguro.

公开(公告)号：AU2004220758A1

公开(公告)日：2005-05-12

申请号：AU2004220758

申请日：2004-09-29

Applicant: MICROSOFT CORP

Inventor： SCHUTZ KLAUS U ,  STEPHENS JOHN ,  FLO ERIC R ,  PERLIN ERIC C ,  ILAC CRISTIAN ,  HUTZ BENJAMIN A ,  REASOR STERLING M ,  RICHARDS STEFAN

IPC: G06F21/20 ,  G06F21/00 ,  G09C1/00 ,  H04L9/32 ,  G06F12/14

Abstract: A credential is translated with one of different credential provider modules each translating a corresponding different type of credential into a common protocol. The translated credential is communicated through an API to a logon UI module to an operating system (OS) of a local machine. An OS logon module is called by the logon UI module to authenticate the translated credential against a credential database. A user identified by the translated credential is logged on to access the local machine when the authentication is successful. The credential can also be used with a selection received from the logon UI module via a corresponding one of different pre-log access provider (FLAP) modules that each communicate with the API. The API establishes a network session with an access service specified by the selected FLAP module when the credential is authenticated with the credential database.

公开(公告)号：NZ562675A

公开(公告)日：2010-05-28

申请号：NZ56267505

申请日：2005-07-28

Applicant: MICROSOFT CORP

Inventor： RUZYSKI DAVID M ,  HONG JAMES H ,  MCNEIL BRIAN K ,  GUZAK CHRIS J ,  WENTZ BRIAN D ,  SCHUTZ KLAUS U ,  RICHARDS STEFAN ,  PERLIN ERIC C ,  ILAC CRISTIAN ,  REASOR STERLING M ,  FLO ERIC R ,  STEPHENS JOHN ,  HUTZ BENJAMIN A

IPC: H04L9/32 ,  G06F21/00

Abstract: A method of authenticating a user is disclosed. Multiple sets of credential information for multiple credentials and from multiple credential providers are received. Each set of credential information to enable tailoring of a portion of a graphical user interface to present one of the multiple credentials and to specify an acceptable credential type for the one of the multiple credentials. A request to authenticate the user is received. The multiple credentials are presented on the graphical user interface. The graphical user interface includes a corresponding portion for each of the multiple credentials that is tailored based on its set of credential information. An authenticator for one of the multiple credentials that is of the acceptable credential type is received. The authenticator is capable of authenticating the user. Alternatively a method of authenticating a user comprises gathering sets of information associated with two or more credentials. Each of the credentials capable of authenticating users and the sets of information are associated with the each of the credentials including instructions for submitting an authenticator for the each of the credentials to an authenticating entity. A graphical user interface to display the sets of information associated with the two or more credentials is tailored and the graphical user interface is presented. The graphical user interface enables selection of at least one of the two credentials.

公开(公告)号：CA2653615A1

公开(公告)日：2008-07-31

申请号：CA2653615

申请日：2007-06-25

Applicant: MICROSOFT CORP

Inventor： LEACH PAUL J ,  SHERMAN NATHAN C ,  YOUNG ROBERT D ,  SCHUTZ KLAUS U ,  CROSS DAVID B

IPC: H04L9/32 ,  H04L12/22

Abstract: Use of a biometric identification device in a client computer system to s ubsequently access an authentication system includes receiving biometric sam ple data which is digitally signed and combining the data with a user ID and PIN. This package of data is then securely transmitted to a biometric match ing server to validate the user and the biometric sample. Once validated, th e biometric matching server return the data package plus a temporary certifi cate and a public/private key pair to the client computer. The client comput er may then use this information to access an authentication system to subse quently gain access to a secure resource.