CA2479626A1 - A system and method of mobile lightweight cryptographic directory access - Google Patents
A system and method of mobile lightweight cryptographic directory access Download PDFInfo
- Publication number
- CA2479626A1 CA2479626A1 CA002479626A CA2479626A CA2479626A1 CA 2479626 A1 CA2479626 A1 CA 2479626A1 CA 002479626 A CA002479626 A CA 002479626A CA 2479626 A CA2479626 A CA 2479626A CA 2479626 A1 CA2479626 A1 CA 2479626A1
- Authority
- CA
- Canada
- Prior art keywords
- data
- ldap
- ldap query
- query
- throttled
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/58—Message adaptation for wireless communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4523—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using lightweight directory access protocol [LDAP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/60—Network streaming of media packets
- H04L65/65—Network streaming protocols, e.g. real-time transport protocol [RTP] or real-time control protocol [RTCP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10—TECHNICAL SUBJECTS COVERED BY FORMER USPC
- Y10S—TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10S707/00—Data processing: database and file management or data structures
- Y10S707/99931—Database or file accessing
Abstract
A system for handling an LDAP service request to an LDAP server for an LDAP service comprises a client program executable on a client system and a handl er program executable on a handler system. The client program is operable to generate LDAP service request data corresponding to the LDAP service and provide the LDAP service request data for transmission from the client syste m, and further operable to receive LDAP service reply data in response to the LDAP service request data. The handler program is operable to receive the LD AP service request data transmitted from the client system and execute the LDAP service request to the LDAP server, receive LDAP service reply data from the LDAP server during one or more passes, and upon completion of the LDAP service, provide the LDAP service reply data for transmission to the client system in a single pass.
Claims (60)
1. A system for handling a Lightweight Directory Access Protocol (LDAP) query to an LDAP server for an LDAP service, the system comprising:
a client program executable on a client system, the client program operable to generate LDAP query data corresponding to the LDAP service and provide the LDAP query data for transmission from the client system, and further operable to receive LDAP query reply data in response to the LDAP query data; and a handler program executable on a handler system, the handler program operable to receive the LDAP query data transmitted from the client system and execute the LDAP query to the LDAP server, receive LDAP query reply data from the LDAP
server during one or more passes, and upon completion of the LDAP service, provide the LDAP
query reply data for transmission to the client system in a single pass.
a client program executable on a client system, the client program operable to generate LDAP query data corresponding to the LDAP service and provide the LDAP query data for transmission from the client system, and further operable to receive LDAP query reply data in response to the LDAP query data; and a handler program executable on a handler system, the handler program operable to receive the LDAP query data transmitted from the client system and execute the LDAP query to the LDAP server, receive LDAP query reply data from the LDAP
server during one or more passes, and upon completion of the LDAP service, provide the LDAP
query reply data for transmission to the client system in a single pass.
2. The system of claim 1, wherein the handler program is further operable to throttle the LDAP query reply data to generate throttled LDAP query reply data if the LDAP
query reply data exceeds a threshold, and provide the throttled LDAP query reply data for transmission to the client system in a single pass.
query reply data exceeds a threshold, and provide the throttled LDAP query reply data for transmission to the client system in a single pass.
3. The system of claim 2, wherein the handler program is further operable to append refinement data to the throttled LDAP query reply data.
4. The system of claim 3, wherein the client program is further operable to generate revised LDAP query data in response to receiving the refinement data and provide the revised LDAP query data for transmission from the client system.
5. The system of claim 4, wherein the client system comprises a mobile device operable to communicate over a wireless network.
6. The system of claim 5, wherein the LDAP query data comprises a Uniform Resource Identifier (URI).
7. The system of claim 6, wherein the URI comprises an LDAP query for a digital certificate.
8. The system of claim 6, wherein the URI comprises ate LDAP query for a public key.
9. The system of claim 3, wherein the handier program is further operable to compress the LDAP query reply data and the throttled LDAP query reply data prior to transmission to the client system.
10. The system of claim 3, wherein the LDAP query reply data comprises data records, and threshold comprises a record count.
11. The system of claim 10, wherein the LDAP query reply data is throttled to generate the throttled LDAP query reply data by limiting the LDAP query reply data to the record count of data records.
12. The system of claim 11, wherein the LDAP query data comprises an LDAP
query for a digital certificate.
query for a digital certificate.
13. The system of claim 12, wherein the handler program is further operable to append refinement data to the throttled LDAP query reply data and provide the refinement data for transmission to the client system.
14. The system of claim 13, wherein the client program is further operable to generate revised LDAP query data in response to receiving the refinement data and provide the revised LDAP query data for transmission from the client system.
15. The system of claim 1, wherein the LDAP query data comprises an LDAP
query for a digital certificate, and wherein the LDAP query reply data comprises digital certificate data.
query for a digital certificate, and wherein the LDAP query reply data comprises digital certificate data.
16. The system of claim 2, wherein the handler system is operable to redirect a data item to the client system, and the handler program is further operable to determine whether the data item includes encryption data and upon a determination that data item includes encryption data generate automatic LDAP query data and execute a corresponding automatic LDAP query to the LDAP server.
17. The system of claim 16, wherein the handler program is further operable to store the data item at the handler system until the LDAP query reply data is received, and then redirect the data item and the LDAP query reply data or the throttled LDAP
query reply data to the client system.
query reply data to the client system.
18. The system of claim 17, wherein the handler system is a wireless gateway.
19. The system of claim 17, wherein the handler system is a redirector system.
20. A system for handling a Lightweight Directory Access Protocol (LDAP) query to an LDAP server for an LDAP service, the system comprising:
a handler program executable on a handler system, the handler program operable to receive LDAP query data corresponding to the LDAP query and execute the LDAP query to the LDAP server, receive LDAP query reply data from the LDAP
server during one or more passes, throttle the LDAP query reply data to generate throttled LDAP
query reply data if the LDAP query reply data exceeds a threshold, and provide the LDAP
query reply data or throttled LDAP query reply data for transmission to a client system in a single pass.
a handler program executable on a handler system, the handler program operable to receive LDAP query data corresponding to the LDAP query and execute the LDAP query to the LDAP server, receive LDAP query reply data from the LDAP
server during one or more passes, throttle the LDAP query reply data to generate throttled LDAP
query reply data if the LDAP query reply data exceeds a threshold, and provide the LDAP
query reply data or throttled LDAP query reply data for transmission to a client system in a single pass.
21. The system of claim 20, wherein the handler program is further operable to append refinement data to the throttled LDAP query reply data.
22. The system of claim 21, wherein the handler program is further operable to compress the LDAP query reply data and the throttled LDAP query reply data prior to transmission to the client system.
23. The system of claim 22, wherein the LDAP query reply data comprises data records, and the threshold comprises a record count.
24. The system of claim 23, wherein the LDAP query reply data is throttled to generate the throttled LDAP query reply data by limiting the LDAP query reply data to the record count of data records.
25. The system of claim 24, wherein the LDAP query comprises a query for a digital certificate.
26. The system of claim 20, wherein the handler system is operable to redirect a data item to the client system, and the handler program is further operable to determine whether the data item includes encryption data and upon a determination that data item includes encryption data generate automatic LDAP query data and execute a corresponding automatic LDAP query to the LDAP server.
27. The system of claim 26, wherein the handler program is further operable to store the data item at the handler system until the LDAP query reply data is received, and then redirect the data item and the LDAP query reply data or the throttled LDAP
query reply data to the client system.
query reply data to the client system.
28. A method for handling a Lightweight Directory Access Protocol (LDAP) query to an LDAP server for an LDAP service, the method comprising the steps of:
receiving LDAP query data transmitted from a client system, the LDAP query data corresponding to the LDAP query;
executing at a handler system the LDAP query;
receiving at the handler system LDAP query reply data from the LDAP server during one or more passes during execution of the LDAP service; and transmitting the LDAP query reply data received at the handler system to the client system in a single pass.
receiving LDAP query data transmitted from a client system, the LDAP query data corresponding to the LDAP query;
executing at a handler system the LDAP query;
receiving at the handler system LDAP query reply data from the LDAP server during one or more passes during execution of the LDAP service; and transmitting the LDAP query reply data received at the handler system to the client system in a single pass.
29. The method of claim 28, further comprising the steps of:
throttling the LDAP query reply data to generate throttled LDAP query reply data if the LDAP query reply data exceeds a threshold; and transmitting the throttled LDAP query reply to the client system in a single pass.
throttling the LDAP query reply data to generate throttled LDAP query reply data if the LDAP query reply data exceeds a threshold; and transmitting the throttled LDAP query reply to the client system in a single pass.
30. The method of claim 29, further comprising the step of generating refinement data for the throttled LDAP query reply data; and transmitting the refinement data to the client system.
31. The method of claim 30, wherein the LDAP query data comprises a Uniform Resource Identifier (URI).
32. The method of claim 31, wherein the URI comprises an LDAP query for a digital certificate.
33. The method of claim 30, further comprising the step of compressing the LDAP
query reply data and the throttled LDAP query reply data prior to transmission to the client system.
query reply data and the throttled LDAP query reply data prior to transmission to the client system.
34. The method of claim 29, wherein the step of throttling the LDAP query reply data to generate the throttled LDAP query reply data if the LDAP query reply data exceeds a threshold comprises the steps of:
determining the amount of the LDAP query reply data received;
comparing the amount of LDAP query reply data received to the threshold; and transmitting only the threshold amount of the LDAP query reply data received if the LDAP query reply data received exceeds the threshold.
determining the amount of the LDAP query reply data received;
comparing the amount of LDAP query reply data received to the threshold; and transmitting only the threshold amount of the LDAP query reply data received if the LDAP query reply data received exceeds the threshold.
35. The system of claim 34, wherein the LDAP query reply data comprises digital certificate data.
36. The system of claim 34, further comprising the step of compressing the LDAP
query reply data and the throttled LDAP query reply data before transmission.
query reply data and the throttled LDAP query reply data before transmission.
37. A method for accessing digital certificate data stored in a Lightweight Directory Access Protocol (LDAP) server, the digital certificate data requested by a client system, the method comprising the steps of:
receiving at a handler system a Uniform Resource Identifier (URI) query for the digital certificate data, the query transmitted from a mobile device;
executing at the handler system the query to the LDAP server;
receiving the digital certificate data from the LDAP server during one or more passes during execution of the query;
determining if the digital certificate data received exceeds a threshold;
upon a determination that the digital certificate data received exceeds a threshold:
throttling the digital certificate data received to create throttled digital certificate data; and transmitting the throttled digital certificate data to the mobile device in a single pass; and upon a determination that the digital certificate data received does not exceed a threshold, transmitting the digital certificate data received to the mobile device in a single pass.
receiving at a handler system a Uniform Resource Identifier (URI) query for the digital certificate data, the query transmitted from a mobile device;
executing at the handler system the query to the LDAP server;
receiving the digital certificate data from the LDAP server during one or more passes during execution of the query;
determining if the digital certificate data received exceeds a threshold;
upon a determination that the digital certificate data received exceeds a threshold:
throttling the digital certificate data received to create throttled digital certificate data; and transmitting the throttled digital certificate data to the mobile device in a single pass; and upon a determination that the digital certificate data received does not exceed a threshold, transmitting the digital certificate data received to the mobile device in a single pass.
38. The method of claim 37, further comprising the step of compressing the digital certificate data and the throttled digital certificate data prior to transmitting the digital certificate data and the throttled digital certificate data to the mobile device.
39. The method of claim 38, wherein the step of throttling the digital certificate data received to create throttled digital certificate data comprises the step of selecting only the threshold amount of the digital certificate data received for transmission to the mobile device in a single pass.
40. A system for handling a Lightweight Directory Access Protocol (LDAP) query to an LDAP server for an LDAP service, the system comprising:
handler means for receiving the LDAP query data corresponding to the LDAP
query and executing the LDAP query to the LDAP server, for receiving LDAP query reply data from the LDAP server during one or more passes, for throttling the LDAP query reply data to generate throttled LDAP query reply data, and for transmitting the LDAP query reply data or the throttled LDAP query reply data; and client means for generating the LDAP query data corresponding to the LDAP
service and transmitting the LDAP query data to the handler means, and for receiving the LDAP
query reply data or the throttled LDAP query reply data from the handler means.
handler means for receiving the LDAP query data corresponding to the LDAP
query and executing the LDAP query to the LDAP server, for receiving LDAP query reply data from the LDAP server during one or more passes, for throttling the LDAP query reply data to generate throttled LDAP query reply data, and for transmitting the LDAP query reply data or the throttled LDAP query reply data; and client means for generating the LDAP query data corresponding to the LDAP
service and transmitting the LDAP query data to the handler means, and for receiving the LDAP
query reply data or the throttled LDAP query reply data from the handler means.
41. The system of claim 40, wherein the handler means is further adapted for appending refinement data to the throttled LDAP query reply data and for transmitting the refinement data with the throttled LDAP query reply data.
42. The system of claim 41, wherein the handler means is further adapted for compressing the LDAP query reply data and the throttled LDAP query reply data prior to transmission.
43. A system for accessing digital certificates stored in a Lightweight Directory Access Protocol (LDAP) server, the system comprising:
a client program executable on a client system, the client program operable to generate an LDAP query requesting digital certificate data and provide the LDAP query for transmission from the client system, and further operable to receive digital certificate data in response to the LDAP query; and a handler program executable on a handler system, the handler program operable to receive the LDAP query transmitted from the client system and execute the LDAP
query, receive the digital certificate data in response to the LDAP query during one or more passes, and upon completion of the execution of the LDAP query, provide the digital certificate data for transmission to the client system in a single pass.
a client program executable on a client system, the client program operable to generate an LDAP query requesting digital certificate data and provide the LDAP query for transmission from the client system, and further operable to receive digital certificate data in response to the LDAP query; and a handler program executable on a handler system, the handler program operable to receive the LDAP query transmitted from the client system and execute the LDAP
query, receive the digital certificate data in response to the LDAP query during one or more passes, and upon completion of the execution of the LDAP query, provide the digital certificate data for transmission to the client system in a single pass.
44. The system of claim 43, wherein the handler program is further operable to throttle the digital certificate data to generate throttled digital certificate data if the digital certificate data exceeds a threshold, and provide the throttled digital certificate data for transmission to the client system in a single pass.
45. The system of claim 44, wherein the handler program is further operable to append refinement data to the throttled digital certificate data and provide the refinement data for transmission to the client system.
46. The system of claim 45, wherein the client program is further operable to generate a revised LDAP query for digital certificate data it response to receiving the refinement data and provide the revised LDAP query for transmission from the client system.
47. The system of claim 46, wherein the client system comprises a mobile device operable to communicate over a wireless network.
48. The system of claim 47, wherein the handler system comprises a wireless gateway.
49. The system of claim 47, wherein the handler system comprises an LDAP
server.
server.
50. The system of claim 47; wherein the handler system comprises a redirector system.
51. A system for accessing digital certificates stored in a Lightweight Directory Access Protocol (LDAP) server, the system comprising:
a handler program executable on a handler system, the handler program operable to receive an LDAP query requesting digital certificate data from a client system and execute the LDAP query, receive the digital certificate data in response to the LDAP query during one or more passes, and upon completion of the execution of the LDAP
query, throttle the digital certificate data to generate throttled digital certificate data, and provide the digital certificate data or throttled digital certificate data for transmission to the client system in a single pass.
a handler program executable on a handler system, the handler program operable to receive an LDAP query requesting digital certificate data from a client system and execute the LDAP query, receive the digital certificate data in response to the LDAP query during one or more passes, and upon completion of the execution of the LDAP
query, throttle the digital certificate data to generate throttled digital certificate data, and provide the digital certificate data or throttled digital certificate data for transmission to the client system in a single pass.
52. The system of claim 50, wherein the handler program is further operable to append refinement data to the throttled digital certificate data.
53. The system of claim 52, wherein the handler system is a wireless gateway.
54. The system of claim 53, wherein the client system is a mobile device.
55. The system of claim 52, wherein the handler system is an LDAP server.
56. The system of claim 55, wherein the client system is a wireless gateway.
57. A method for accessing encryption data stored in a database server, the encryption data requested by a client system, the method comprising the steps of:
receiving at a handler system a database query for the encryption data, the query transmitted from a mobile device;
executing at the handler system the database query to the database server;
receiving the encryption data, from the database server during one or more passes during execution of the query; and transmitting the encryption data received to the mobile device in a single pass.
receiving at a handler system a database query for the encryption data, the query transmitted from a mobile device;
executing at the handler system the database query to the database server;
receiving the encryption data, from the database server during one or more passes during execution of the query; and transmitting the encryption data received to the mobile device in a single pass.
58. The method of claim 57, further comprising the steps of:
determining if the encryption data received exceeds a threshold; and if the encryption data received exceeds a threshold:
throttling the encryption data received to create throttled encryption data;
and transmitting the throttled encryption data to the mobile device in a single pass.
determining if the encryption data received exceeds a threshold; and if the encryption data received exceeds a threshold:
throttling the encryption data received to create throttled encryption data;
and transmitting the throttled encryption data to the mobile device in a single pass.
59. The method of claim 58, wherein the step of throttling the encryption data received to create throttled encryption data comprises the step of selecting only the threshold amount of the encryption data received for transmission to the mobile device in a single pass.
60. The method of claim 59, wherein the encryption data comprises digital certificate data.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US36551902P | 2002-03-20 | 2002-03-20 | |
US60/365,519 | 2002-03-20 | ||
PCT/CA2003/000407 WO2003079639A1 (en) | 2002-03-20 | 2003-03-20 | Mobile access to lightweight directory access protocol (ldap) server |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2479626A1 true CA2479626A1 (en) | 2003-09-25 |
CA2479626C CA2479626C (en) | 2010-06-29 |
Family
ID=28042030
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA2479626A Expired - Lifetime CA2479626C (en) | 2002-03-20 | 2003-03-20 | A system and method of mobile lightweight cryptographic directory access |
Country Status (9)
Country | Link |
---|---|
US (4) | US7822971B2 (en) |
EP (1) | EP1488606B1 (en) |
CN (1) | CN1653783B (en) |
AT (1) | ATE345012T1 (en) |
AU (1) | AU2003213911A1 (en) |
CA (1) | CA2479626C (en) |
DE (1) | DE60309576T2 (en) |
HK (2) | HK1071648A1 (en) |
WO (1) | WO2003079639A1 (en) |
Families Citing this family (33)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030191748A1 (en) * | 2002-04-04 | 2003-10-09 | Mayel Espino | Method, device and computer program product including a lightweight directory access protocol client architecture |
US7783593B2 (en) * | 2002-04-04 | 2010-08-24 | Verizon Business Global Llc | Method, device and computer program product including a lightweight directory access protocol client |
US8429232B1 (en) | 2003-10-03 | 2013-04-23 | Voltage Security, Inc. | Message authentication using signatures |
JP2007529807A (en) * | 2004-03-17 | 2007-10-25 | コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ | Method and device for generating authentication status list |
US7631183B2 (en) | 2004-09-01 | 2009-12-08 | Research In Motion Limited | System and method for retrieving related certificates |
EP1632871A1 (en) * | 2004-09-01 | 2006-03-08 | Research In Motion Limited | System and method for retrieving related certificates |
DE602005001315T2 (en) | 2005-01-28 | 2008-02-14 | Research In Motion Ltd., Waterloo | Automatic integration of content from multiple data stores using a mobile communication device |
JP4727278B2 (en) * | 2005-04-05 | 2011-07-20 | 株式会社エヌ・ティ・ティ・ドコモ | Application program verification system, application program verification method, and computer program |
JP4852938B2 (en) * | 2005-09-02 | 2012-01-11 | 富士ゼロックス株式会社 | Data server, data management method and program |
GB0610113D0 (en) * | 2006-05-20 | 2006-06-28 | Ibm | Method and system for the storage of authentication credentials |
US8046585B2 (en) * | 2007-05-31 | 2011-10-25 | Red Hat, Inc. | Verifying authenticity of an attribute value signature |
US7984490B2 (en) * | 2007-05-31 | 2011-07-19 | Red Hat, Inc. | Method for issuing attribute certificate from an LDAP entry |
US8099764B2 (en) * | 2007-12-17 | 2012-01-17 | Microsoft Corporation | Secure push and status communication between client and server |
US8892677B1 (en) | 2010-01-29 | 2014-11-18 | Google Inc. | Manipulating objects in hosted storage |
US9071616B2 (en) | 2010-11-18 | 2015-06-30 | Microsoft Technology Licensing, Llc | Securing partner-enabled web service |
US8918841B2 (en) | 2011-08-31 | 2014-12-23 | At&T Intellectual Property I, L.P. | Hardware interface access control for mobile applications |
US8898459B2 (en) * | 2011-08-31 | 2014-11-25 | At&T Intellectual Property I, L.P. | Policy configuration for mobile device applications |
CN102790766A (en) * | 2012-06-29 | 2012-11-21 | 华为技术有限公司 | Object query method, object query system, object query device and object query acquisition device |
US9148449B2 (en) * | 2013-03-13 | 2015-09-29 | Authentify, Inc. | Efficient encryption, escrow and digital signatures |
JP6175679B2 (en) * | 2013-10-16 | 2017-08-09 | 株式会社 日立産業制御ソリューションズ | Business management system |
US9906531B2 (en) * | 2015-11-23 | 2018-02-27 | International Business Machines Corporation | Cross-site request forgery (CSRF) prevention |
US10878079B2 (en) | 2016-05-11 | 2020-12-29 | Oracle International Corporation | Identity cloud service authorization model with dynamic roles and scopes |
US10341410B2 (en) | 2016-05-11 | 2019-07-02 | Oracle International Corporation | Security tokens for a multi-tenant identity and data security management cloud service |
US10425386B2 (en) | 2016-05-11 | 2019-09-24 | Oracle International Corporation | Policy enforcement point for a multi-tenant identity and data security management cloud service |
US9887975B1 (en) * | 2016-08-03 | 2018-02-06 | KryptCo, Inc. | Systems and methods for delegated cryptography |
US10516672B2 (en) | 2016-08-05 | 2019-12-24 | Oracle International Corporation | Service discovery for a multi-tenant identity and data security management cloud service |
US10735394B2 (en) | 2016-08-05 | 2020-08-04 | Oracle International Corporation | Caching framework for a multi-tenant identity and data security management cloud service |
US10791087B2 (en) * | 2016-09-16 | 2020-09-29 | Oracle International Corporation | SCIM to LDAP mapping using subtype attributes |
GB2561822B (en) * | 2017-04-13 | 2020-02-19 | Arm Ip Ltd | Reduced bandwidth handshake communication |
CN107959674B (en) * | 2017-11-22 | 2021-03-05 | 北京安博通科技股份有限公司 | Gateway equipment, and method and system for controlling access to third-party LDAP server user |
US11477197B2 (en) | 2018-09-18 | 2022-10-18 | Cyral Inc. | Sidecar architecture for stateless proxying to databases |
US11606358B2 (en) | 2018-09-18 | 2023-03-14 | Cyral Inc. | Tokenization and encryption of sensitive data |
CN109241712B (en) * | 2018-09-29 | 2021-02-05 | 苏州浪潮智能科技有限公司 | Method and device for accessing file system |
Family Cites Families (33)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5922074A (en) * | 1997-02-28 | 1999-07-13 | Xcert Software, Inc. | Method of and apparatus for providing secure distributed directory services and public key infrastructure |
US6339827B1 (en) * | 1997-11-12 | 2002-01-15 | International Business Machines Corporation | Method for securing sensitive data in a LDAP directory service utilizing a client and/or server control |
US6553368B2 (en) * | 1998-03-03 | 2003-04-22 | Sun Microsystems, Inc. | Network directory access mechanism |
US6085188A (en) * | 1998-03-30 | 2000-07-04 | International Business Machines Corporation | Method of hierarchical LDAP searching with relational tables |
US6073175A (en) * | 1998-04-27 | 2000-06-06 | International Business Machines Corporation | Method for supporting different service levels in a network using web page content information |
US6304753B1 (en) * | 1998-07-16 | 2001-10-16 | Openwave Technologies Inc. | Integration of voice and data services provided to a mobile wireless device |
US6356892B1 (en) * | 1998-09-24 | 2002-03-12 | International Business Machines Corporation | Efficient implementation of lightweight directory access protocol (LDAP) search queries with structured query language (SQL) |
US6347312B1 (en) * | 1998-11-05 | 2002-02-12 | International Business Machines Corporation | Lightweight directory access protocol (LDAP) directory server cache mechanism and method |
US6629132B1 (en) * | 1998-12-23 | 2003-09-30 | Novell, Inc. | Predicate indexing of data stored in a computer with application to indexing cached data |
JP3486125B2 (en) * | 1999-01-14 | 2004-01-13 | 富士通株式会社 | Network device control system and device |
US6564370B1 (en) * | 1999-05-06 | 2003-05-13 | International Business Machines Corporation | Attribute signature schema and method of use in a directory service |
US6708187B1 (en) * | 1999-06-10 | 2004-03-16 | Alcatel | Method for selective LDAP database synchronization |
US6978367B1 (en) * | 1999-10-21 | 2005-12-20 | International Business Machines Corporation | Selective data encryption using style sheet processing for decryption by a client proxy |
US7376827B1 (en) * | 1999-11-05 | 2008-05-20 | Cisco Technology, Inc. | Directory-enabled network elements |
US6510464B1 (en) * | 1999-12-14 | 2003-01-21 | Verizon Corporate Services Group Inc. | Secure gateway having routing feature |
US6708170B1 (en) * | 1999-12-14 | 2004-03-16 | International Business Machines Corporation | Method and system for usage of non-local data within a lightweight directory access protocol directory environment |
EP1113648A3 (en) * | 1999-12-30 | 2003-07-09 | Nortel Networks Corporation | Generic registration of plug-ins for a directory server |
US6665674B1 (en) * | 2000-02-02 | 2003-12-16 | Nortel Networks Limited | Framework for open directory operation extensibility |
JP2001308841A (en) * | 2000-04-21 | 2001-11-02 | Sony Corp | Device and method for transmission, device and method for reception, and system and method for transmission and reception |
US7134137B2 (en) * | 2000-07-10 | 2006-11-07 | Oracle International Corporation | Providing data to applications from an access system |
US7464162B2 (en) * | 2000-07-10 | 2008-12-09 | Oracle International Corporation | Systems and methods for testing whether access to a resource is authorized based on access information |
US7302637B1 (en) * | 2000-07-24 | 2007-11-27 | Research In Motion Limited | System and method for abbreviating information sent to a viewing device |
US7099475B2 (en) * | 2000-12-07 | 2006-08-29 | Road Runner Holdco Llc | System and method for password authentication for non-LDAP regions |
US7275102B2 (en) * | 2001-01-22 | 2007-09-25 | Sun Microsystems, Inc. | Trust mechanisms for a peer-to-peer network computing platform |
US6877028B2 (en) * | 2001-02-13 | 2005-04-05 | Hewlett-Packard Development Company, L.P. | System and method for transferring a directory in portions of limited size |
US7016945B2 (en) * | 2001-04-27 | 2006-03-21 | Sun Microsystems, Inc. | Entry distribution in a directory server |
US20020174225A1 (en) * | 2001-05-04 | 2002-11-21 | Smith Mark C. | Fractional replication in a directory server |
US6768988B2 (en) * | 2001-05-29 | 2004-07-27 | Sun Microsystems, Inc. | Method and system for incorporating filtered roles in a directory system |
US6970862B2 (en) * | 2001-05-31 | 2005-11-29 | Sun Microsystems, Inc. | Method and system for answering online certificate status protocol (OCSP) requests without certificate revocation lists (CRL) |
US20030088656A1 (en) * | 2001-11-02 | 2003-05-08 | Wahl Mark F. | Directory server software architecture |
US7167448B2 (en) * | 2002-02-04 | 2007-01-23 | Sun Microsystems, Inc. | Prioritization of remote services messages within a low bandwidth environment |
US9087319B2 (en) * | 2002-03-11 | 2015-07-21 | Oracle America, Inc. | System and method for designing, developing and implementing internet service provider architectures |
US20030212738A1 (en) * | 2002-05-10 | 2003-11-13 | Wookey Michael J. | Remote services system message system to support redundancy of data flow |
-
2003
- 2003-03-20 EP EP03709480A patent/EP1488606B1/en not_active Expired - Lifetime
- 2003-03-20 US US10/508,186 patent/US7822971B2/en active Active
- 2003-03-20 AU AU2003213911A patent/AU2003213911A1/en not_active Abandoned
- 2003-03-20 CN CN038107783A patent/CN1653783B/en not_active Expired - Lifetime
- 2003-03-20 AT AT03709480T patent/ATE345012T1/en not_active IP Right Cessation
- 2003-03-20 CA CA2479626A patent/CA2479626C/en not_active Expired - Lifetime
- 2003-03-20 DE DE60309576T patent/DE60309576T2/en not_active Expired - Lifetime
- 2003-03-20 WO PCT/CA2003/000407 patent/WO2003079639A1/en active IP Right Grant
-
2005
- 2005-03-22 HK HK05102478A patent/HK1071648A1/en not_active IP Right Cessation
-
2007
- 2007-07-30 HK HK07108270.7A patent/HK1100250A1/en not_active IP Right Cessation
-
2010
- 2010-09-14 US US12/881,523 patent/US8239675B2/en not_active Expired - Lifetime
-
2012
- 2012-06-28 US US13/535,777 patent/US8533467B2/en not_active Expired - Lifetime
-
2013
- 2013-08-23 US US13/974,467 patent/US8943317B2/en not_active Expired - Lifetime
Also Published As
Publication number | Publication date |
---|---|
DE60309576D1 (en) | 2006-12-21 |
US20100332824A1 (en) | 2010-12-30 |
US8239675B2 (en) | 2012-08-07 |
CN1653783B (en) | 2010-06-16 |
DE60309576T2 (en) | 2007-09-13 |
AU2003213911A1 (en) | 2003-09-29 |
US7822971B2 (en) | 2010-10-26 |
CN1653783A (en) | 2005-08-10 |
EP1488606B1 (en) | 2006-11-08 |
US20140173277A1 (en) | 2014-06-19 |
HK1100250A1 (en) | 2007-09-14 |
US8533467B2 (en) | 2013-09-10 |
EP1488606A1 (en) | 2004-12-22 |
US20120265869A1 (en) | 2012-10-18 |
ATE345012T1 (en) | 2006-11-15 |
CA2479626C (en) | 2010-06-29 |
US20050169476A1 (en) | 2005-08-04 |
WO2003079639A1 (en) | 2003-09-25 |
HK1071648A1 (en) | 2005-07-22 |
US8943317B2 (en) | 2015-01-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2479626A1 (en) | A system and method of mobile lightweight cryptographic directory access | |
CN109961292B (en) | Block chain verification code application method, equipment and storage medium | |
US9813249B2 (en) | URL-based certificate in a PKI | |
JP6417472B2 (en) | Use authentication information stored in different directories to access a common endpoint | |
CN1898936B (en) | Connected communication terminal, connecting communication terminal, session management server, and trigger server | |
US7454421B2 (en) | Database access control method, database access controller, agent processing server, database access control program, and medium recording the program | |
US7512973B1 (en) | Wireless-access-provider intermediation to facilliate digital rights management for third party hosted content | |
TWI652585B (en) | Method and server for remotely querying information | |
US7739301B2 (en) | Method and apparatus for improving file system proxy performance and security by distributing information to clients via file handles | |
JP2005512247A (en) | Network user authentication system and method | |
CA2501158A1 (en) | Contact validation and trusted contact updating in mobile wireless communications devices | |
US20090204810A1 (en) | Architecture and Design for Central Authentication and Authorization in an On-Demand Utility Environment | |
CN111355986B (en) | Message processing method and device in live broadcast room and storage medium | |
CN109548022B (en) | Method for mobile terminal user to remotely access local network | |
US20200274935A1 (en) | A method of referencing a connection session with a wireless communication device in a local area, a system for implementing this method, a method of referencing an application user, a machine-readable medium for implementing this method, as well as a method of collecting data on the wireless communication device user, and a machine-readable medium for implementing this method | |
WO2023221591A1 (en) | Data transmission method, and related apparatus, device and storage medium | |
CN111885085A (en) | Electronic data comprehensive certificate storing method and certificate storing system | |
KR102263053B1 (en) | A database structure capable of synchronizing data between devices in a local area network environment and a data synchronization method using the same | |
JP3943867B2 (en) | Server-side proxy, data transfer method and program | |
JP2002268935A (en) | Device, method and program of data transfer | |
CN111614979B (en) | Management method and device for video networking resources | |
CN112667718B (en) | Real estate information sharing query method and system | |
WO2022257928A1 (en) | Secure accelerated service deployment method and apparatus, medium and device | |
JP4041157B2 (en) | Client side proxy device, data transfer method and program | |
CN112689117A (en) | Document data processing method and device and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKEX | Expiry |
Effective date: 20230320 |