Information security – Policy
Reexamination Certificate
2004-02-16
2009-12-29
Moazzami, Nasser G (Department: 2436)
Information security
Policy
C726S002000, C726S026000, C713S182000
Reexamination Certificate
active
07640573
ABSTRACT:
A system for processing multiple types of security schemes includes a server having a claims engine that extracts claim(s) from security token(s) and maps extracted claims to other claims. The term claim as used in this context is a statement about a token's subject. The claims engine can extract claim(s) from one or more different types of security tokens corresponding to the multiple security schemes. These extracted claim(s) can then be selectively mapped to other claims using mapping information that is accessible to the server. The security decision can then be based on the extracted and/or derived claim(s) rather than tokens. This system can thereby support multiple security schemes and simplify the security process for the user.
REFERENCES:
patent: 5446903 (1995-08-01), Abraham et al.
patent: 5638448 (1997-06-01), Nguyen
patent: 5838903 (1998-11-01), Blakely, III et al.
patent: 5850446 (1998-12-01), Berger et al.
patent: 5915024 (1999-06-01), Kitaori et al.
patent: 5996076 (1999-11-01), Rowney et al.
patent: 6002767 (1999-12-01), Kramer
patent: 6014666 (2000-01-01), Helland et al.
patent: 6058426 (2000-05-01), Godwin et al.
patent: 6061684 (2000-05-01), Glasser et al.
patent: 6088805 (2000-07-01), Davis et al.
patent: 6141754 (2000-10-01), Choy
patent: 6163772 (2000-12-01), Kramer et al.
patent: 6233576 (2001-05-01), Lewis
patent: 6253027 (2001-06-01), Weber et al.
patent: 6279111 (2001-08-01), Jensenworth et al.
patent: 6381602 (2002-04-01), Shoroff et al.
patent: 6405212 (2002-06-01), Samu et al.
patent: 6412070 (2002-06-01), Van Dyke et al.
patent: 6434607 (2002-08-01), Haverstock et al.
patent: 6446206 (2002-09-01), Feldbaum
patent: 6449633 (2002-09-01), Van et al.
patent: 6473800 (2002-10-01), Jerger et al.
patent: 6487600 (2002-11-01), Lynch
patent: 6513721 (2003-02-01), Salmre et al.
patent: 6625603 (2003-09-01), Garg et al.
patent: 6658573 (2003-12-01), Bischof et al.
patent: 6754829 (2004-06-01), Butt et al.
patent: 6807636 (2004-10-01), Hartman et al.
patent: 6854056 (2005-02-01), Benantar et al.
patent: 6915338 (2005-07-01), Hunt et al.
patent: 6931532 (2005-08-01), Davis et al.
patent: 7010681 (2006-03-01), Fletcher et al.
patent: 7024662 (2006-04-01), Elvanoglu et al.
patent: 7062566 (2006-06-01), Amara et al.
patent: 7065706 (2006-06-01), Sankar
patent: 7535488 (2009-05-01), Wakao et al.
patent: 2002/0040431 (2002-04-01), Kato et al.
patent: 2004/0148508 (2004-07-01), Alev et al.
patent: 2004/0181756 (2004-09-01), Berringer et al.
RFC 1808, R. Fielding, Relative Uniform Resource Locators. Jun. 1995.
XML Path Language, Clark et al, W3C Recommendation, Nov. 1999.
“XML Path Language,” Clark et al., W3C Recommendation Nov. 1999.
“Apache HTTP Server Version 2.0: Authentication, Authorization and Access Control,” http://httpd.apache.org/docs-2.0/howto/auth.html, pp. 1-5 and 1-4, Jan. 2004.
“X.509 Certificates and Certificate Revocation LIsts (CRLs)”, Sun Microsystems, Inc., pp. 1-5, May 2001.
Aaron Skonnard, “Understanding SOAP”, Web Service Basics: Understanding SOAP (SOAP Technical Articles), pp. 1-12, Mar. 2003.
Jeannine Hall Gailey, “Encrypting SOAP Messages Using Web Services Enhancements”, Web Services Enhancements (WSE): Encrypting SOAP Messages Using Web Service Enhancements, pp. 1-14, Mar. 2003.
Mohan Rao Cavale, “Dynamic Groups in Windows Server 2003 Authorization Manager”, pp. 1-6, Jan. 2003.
James Clark and Steve DeRose, “XML Path Language (XPath) Version 1.0”, W2C Recommendation Nov. 16, 1999, pp. 1-37, Nov. 1999.
Park, et al., “An Efficient Stream Authentication Scheme”, IEICE Trans. Inf. & Syst., vol. E86-D, No. 4, pp. 704-711, Apr. 2003.
Desmedt et al., “Perfectly Secure Message Transmission Revisited (Extended Abstract)”, L.R. Knudsen (Ed.), Eurocrypt 2002, LNCS 2332, pp. 502-517, 2002.
Ren-Junn Hwang et al., “An Enhanced Authentication Key Exchange Protocol”, Proceedings of the 17th International Conference on Advanced Information Networking and Applications (AINA '03), pp. 3, Mar. 2003.
Mohammed Al-Ibrahim and Josef Pieprzyk, “Authentication of Transit Flows and K-Siblings One-Time Signature”, Advanced Communications and Multimedia Security, pp. 42-55. Sep. 2002.
Matei Ciobanu Morogan and Sead Muftic, “Certificate Management in Ad Hoc Networks”, Department of Computer Science, Royal Institute of Technology, pp. 337-341, Jan. 2003.
David Geer, “Taking Steps to Secure Web Services”, Technology News, IEEE Computer Society, pp. 14-16, Oct. 2003.
Daniel Fremberg, “The Mithra Authentication Protocol”, Dr. Dobb's Journal, www.ddj.com, pp. 44-48, May 2003.
M. Looi, “Enhanced Authentication Services for Internet Systems Using Mobile Networks”, IEEE Global Telecommunications Conference, pp. 3468-3472, Nov. 2001.
Matt Bishop, “What Is Computer Security?”, IEEE Computer Society, pp. 67-69, Jan. 2003.
Kimitake Wakayama et al., “A Remote User Authentication Method Using Fingerprint Matching”, Nagoya Institute of Technology, vol. 44, No. 2, pp. 401-404, Feb. 2003.
Bin-Tsan Hsieh et al., “On The Security of Some Password Authentication Protocols”, Informatica, vol. 14, No. 2, pp. 195-204, 2003.
Chen Lin et al., “A Multi-Hierachy Model for Role-Based Control”, Journal of Huazhong University of Science and Technology (Nature Science Edition), vol. 30, No. 2, pp. 102-104, Feb. 2002.
Yeubin Bai and Hidetsune Kobayashi, “New String Matching Technology for Network Security”, IEEE, pp. 198-201, Mar. 2003.
Richard R. Rogoski, “Safe and Secure”, Health Management Technology, www.healthmgttech.com, pp. 4, Dec. 2002.
Donald Beaver “Network Security and Storage Security: Symmetries and Symmetry-Breaking”, IEEE, pp. 3-9, Dec. 2003.
Sylvia Osborn, “Database Security Integration Using Role-Based Access Control”, Department of Computer Science, The University of Western Ontario, Ch. 22, pp. 245-257, Aug. 2000.
Wolfgang Essmayr and Edgar Weippl, “Identity Mapping—An Approach to Unravel Enterprise Security Management Policies”, Software Competence Center Hagenberg, pp. 78-88, Aug. 2000.
Wei-qiang Sun et al., “A Stateful Multicast Access Control Mechanism for Future Metro-Area Networks”, Electronic Networking Applications and Policy, vol. 13, No. 2, pp. 134-138, Third International Network Conference 2002; Jul. 2002.
Bertino, et al., “On Specifying Security Policies for Web Documents with an XML-Based Language”, ACM, 2001, pp. 57-65.
Chatvichienchai, et al., “Translating Content-Based Authorizations for XML Documents”, IEEE, 2003, pp. 10.
Vuong, et al., “Managing Security Policies in a Distributed Environment Using eXtensible Markup Language (XML)”, ACM, 2001, pp. 405-411.
Della-Libera Giovanni M.
Gajjala Vijay K.
Janczuk Tomasz
Lambert John R.
Waingold Elliot
Lee & Hayes PLLC
Louie Oscar A
Microsoft Corporation
Moazzami Nasser G
LandOfFree
Generic security claim processing model does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Generic security claim processing model, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Generic security claim processing model will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4064908