WO2001011845A3 - Security architecture with environment sensitive credentials - Google Patents

Security architecture with environment sensitive credentials Download PDF

Info

Publication number
WO2001011845A3
WO2001011845A3 PCT/US2000/020929 US0020929W WO0111845A3 WO 2001011845 A3 WO2001011845 A3 WO 2001011845A3 US 0020929 W US0020929 W US 0020929W WO 0111845 A3 WO0111845 A3 WO 0111845A3
Authority
WO
WIPO (PCT)
Prior art keywords
credential
sufficiency
configurations
access
connection type
Prior art date
Application number
PCT/US2000/020929
Other languages
French (fr)
Other versions
WO2001011845A2 (en
Inventor
David L Wood
Thomas Pratt
Michael B Dilger
Derk Norton
Yunas Nadiadi
Original Assignee
Sun Microsystems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sun Microsystems Inc filed Critical Sun Microsystems Inc
Priority to EP00955304A priority Critical patent/EP1205057A2/en
Priority to AU67527/00A priority patent/AU6752700A/en
Publication of WO2001011845A2 publication Critical patent/WO2001011845A2/en
Publication of WO2001011845A3 publication Critical patent/WO2001011845A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2111Location-sensitive, e.g. geographical location, GPS

Abstract

By including environment information in a security policy, a security architecture advantageously allows temporal, locational, connection type and/or client capabilities-related information to affect the sufficiency of a given credential type (and associated authentication scheme) for access to a particular information resource (e.g., 191, 192 or 193). In some configurations, time of access, originating location (physical or network) and/or connection type form a risk profile that can be factored into credential type sufficiency. In some configurations, changing environmental parameters may cause a previously sufficient credential to become insufficient. Alternatively, an authenticated credential (e.g., 420) previously insufficient for access at a given trust level may be sufficient based on a changed or more fully parameterized session environment. In some configurations, the use of session tracking facilities (e.g., the information content of session tokens) can be tailored to environmental parameters (e.g., connection type or location). Similarly, capabilities of a particular client entity (e.g., browser support for 128-bit cipher or availability of a fingerprint scanner or card reader) may affect the availability or sufficiency of particular authentication schemes to achieve a desired trust level.
PCT/US2000/020929 1999-08-05 2000-07-31 Security architecture with environment sensitive credentials WO2001011845A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP00955304A EP1205057A2 (en) 1999-08-05 2000-07-31 Security architecture with environment sensitive credentials
AU67527/00A AU6752700A (en) 1999-08-05 2000-07-31 Security architecture with environment sensitive credential sufficiency evaluation

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/368,504 1999-08-05
US09/368,504 US6691232B1 (en) 1999-08-05 1999-08-05 Security architecture with environment sensitive credential sufficiency evaluation

Publications (2)

Publication Number Publication Date
WO2001011845A2 WO2001011845A2 (en) 2001-02-15
WO2001011845A3 true WO2001011845A3 (en) 2001-08-16

Family

ID=23451529

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2000/020929 WO2001011845A2 (en) 1999-08-05 2000-07-31 Security architecture with environment sensitive credentials

Country Status (4)

Country Link
US (1) US6691232B1 (en)
EP (1) EP1205057A2 (en)
AU (1) AU6752700A (en)
WO (1) WO2001011845A2 (en)

Families Citing this family (236)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6088515A (en) 1995-11-13 2000-07-11 Citrix Systems Inc Method and apparatus for making a hypermedium interactive
US6618806B1 (en) * 1998-04-01 2003-09-09 Saflink Corporation System and method for authenticating users in a computer network
US6928547B2 (en) 1998-07-06 2005-08-09 Saflink Corporation System and method for authenticating users in a computer network
WO2000034867A1 (en) 1998-12-09 2000-06-15 Network Ice Corporation A method and apparatus for providing network and computer system security
US7346929B1 (en) * 1999-07-29 2008-03-18 International Business Machines Corporation Method and apparatus for auditing network security
US6892307B1 (en) * 1999-08-05 2005-05-10 Sun Microsystems, Inc. Single sign-on framework with trust-level mapping to authentication requirements
AU7596200A (en) * 1999-09-20 2001-04-24 Ethentica, Inc. Electronic commerce with cryptographic authentication
US7260724B1 (en) * 1999-09-20 2007-08-21 Security First Corporation Context sensitive dynamic authentication in a cryptographic system
US7877492B2 (en) * 1999-10-12 2011-01-25 Webmd Corporation System and method for delegating a user authentication process for a networked application to an authentication agent
US8006243B2 (en) * 1999-12-07 2011-08-23 International Business Machines Corporation Method and apparatus for remote installation of network drivers and software
US7434219B2 (en) 2000-01-31 2008-10-07 Commvault Systems, Inc. Storage of application specific profiles correlating to document versions
US7444368B1 (en) * 2000-02-29 2008-10-28 Microsoft Corporation Methods and systems for selecting methodology for authenticating computer systems on a per computer system or per user basis
US7050989B1 (en) * 2000-03-16 2006-05-23 Coremetrics, Inc. Electronic commerce personalized content delivery system and method of operation
US20050075946A1 (en) * 2000-03-16 2005-04-07 Keith Henning Data accumulation and segmentation system in electronic commerce
US7698565B1 (en) 2000-03-30 2010-04-13 Digitalpersona, Inc. Crypto-proxy server and method of using the same
US7409543B1 (en) * 2000-03-30 2008-08-05 Digitalpersona, Inc. Method and apparatus for using a third party authentication server
IL152502A0 (en) * 2000-04-28 2003-05-29 Internet Security Systems Inc Method and system for managing computer security information
AU2001257400A1 (en) * 2000-04-28 2001-11-12 Internet Security Systems, Inc. System and method for managing security events on a network
AUPQ724700A0 (en) * 2000-05-02 2000-05-25 Canon Kabushiki Kaisha Printing using secure pickup
US7716492B1 (en) * 2000-05-09 2010-05-11 Oracle America, Inc. Method and apparatus to obtain service capability credentials
US7174454B2 (en) 2002-11-19 2007-02-06 America Online, Inc. System and method for establishing historical usage-based hardware trust
US7216361B1 (en) * 2000-05-19 2007-05-08 Aol Llc, A Delaware Limited Liability Company Adaptive multi-tier authentication system
US7426530B1 (en) 2000-06-12 2008-09-16 Jpmorgan Chase Bank, N.A. System and method for providing customers with seamless entry to a remote server
US7076653B1 (en) * 2000-06-27 2006-07-11 Intel Corporation System and method for supporting multiple encryption or authentication schemes over a connection on a network
US7434257B2 (en) * 2000-06-28 2008-10-07 Microsoft Corporation System and methods for providing dynamic authorization in a computer system
US7162649B1 (en) * 2000-06-30 2007-01-09 Internet Security Systems, Inc. Method and apparatus for network assessment and authentication
US9038170B2 (en) 2000-07-10 2015-05-19 Oracle International Corporation Logging access system events
US7080077B2 (en) * 2000-07-10 2006-07-18 Oracle International Corporation Localized access
US7249369B2 (en) * 2000-07-10 2007-07-24 Oracle International Corporation Post data processing
US7194764B2 (en) * 2000-07-10 2007-03-20 Oracle International Corporation User authentication
US7134137B2 (en) * 2000-07-10 2006-11-07 Oracle International Corporation Providing data to applications from an access system
US8661539B2 (en) * 2000-07-10 2014-02-25 Oracle International Corporation Intrusion threat detection
US7124203B2 (en) * 2000-07-10 2006-10-17 Oracle International Corporation Selective cache flushing in identity and access management systems
US7464162B2 (en) * 2000-07-10 2008-12-09 Oracle International Corporation Systems and methods for testing whether access to a resource is authorized based on access information
US7188158B1 (en) * 2000-07-15 2007-03-06 Hewlett-Packard Development Company, L.P. System and method for component-based software development
US9098685B2 (en) * 2000-07-25 2015-08-04 Activcard Ireland Limited Flexible method of user authentication
US7137008B1 (en) * 2000-07-25 2006-11-14 Laurence Hamid Flexible method of user authentication
JP2004506245A (en) * 2000-08-04 2004-02-26 ファースト データ コーポレイション Linking the device's public key with information during manufacture
JP3393604B2 (en) * 2000-09-01 2003-04-07 株式会社インターナショナルビジネスリンク Service provision method
US6826698B1 (en) * 2000-09-15 2004-11-30 Networks Associates Technology, Inc. System, method and computer program product for rule based network security policies
US7089498B1 (en) * 2000-09-26 2006-08-08 Rathjen Alicemarie G Method for preparing and using personal and genetic profiles
US9027121B2 (en) 2000-10-10 2015-05-05 International Business Machines Corporation Method and system for creating a record for one or more computer security incidents
US8799463B1 (en) 2000-10-19 2014-08-05 Ariba, Inc. Method and apparatus for processing information related to interactive web sites
US7146305B2 (en) * 2000-10-24 2006-12-05 Vcis, Inc. Analytical virtual machine
CA2327078C (en) * 2000-11-30 2005-01-11 Ibm Canada Limited-Ibm Canada Limitee Secure session management and authentication for web sites
US7130466B2 (en) * 2000-12-21 2006-10-31 Cobion Ag System and method for compiling images from a database and comparing the compiled images with known images
AU2002243763A1 (en) * 2001-01-31 2002-08-12 Internet Security Systems, Inc. Method and system for configuring and scheduling security audits of a computer network
US7444404B2 (en) * 2001-02-05 2008-10-28 Arbor Networks, Inc. Network traffic regulation including consistency based detection and filtering of packets with spoof source addresses
US7185364B2 (en) * 2001-03-21 2007-02-27 Oracle International Corporation Access system interface
US7322040B1 (en) * 2001-03-27 2008-01-22 Microsoft Corporation Authentication architecture
US8185938B2 (en) * 2001-03-29 2012-05-22 International Business Machines Corporation Method and system for network single-sign-on using a public key certificate and an associated attribute certificate
US7237257B1 (en) * 2001-04-11 2007-06-26 Aol Llc Leveraging a persistent connection to access a secured service
TWI270270B (en) * 2001-05-14 2007-01-01 Ntt Docomo Inc System for managing program
US7873734B1 (en) * 2001-05-17 2011-01-18 Computer Associates Think, Inc. Management of multiple user sessions and user requests for multiple electronic devices
WO2002095553A2 (en) * 2001-05-18 2002-11-28 Imprivata Inc. Biometric authentication for remote initiation of actions and services
US20050198379A1 (en) * 2001-06-13 2005-09-08 Citrix Systems, Inc. Automatically reconnecting a client across reliable and persistent communication sessions
US7562146B2 (en) * 2003-10-10 2009-07-14 Citrix Systems, Inc. Encapsulating protocol for session persistence and reliability
US7657419B2 (en) * 2001-06-19 2010-02-02 International Business Machines Corporation Analytical virtual machine
US7062622B2 (en) * 2001-06-29 2006-06-13 Microsoft Corporation Protection of content stored on portable memory from unauthorized usage
NL1018494C2 (en) * 2001-07-09 2003-01-10 Koninkl Kpn Nv Method and system for delivering a service to a client through a service process.
US7702918B2 (en) 2001-07-18 2010-04-20 Daon Holdings Limited Distributed network system using biometric authentication access
US7174383B1 (en) * 2001-08-31 2007-02-06 Oracle International Corp. Method and apparatus to facilitate single sign-on services in a hosting environment
US20030051002A1 (en) * 2001-09-13 2003-03-13 Bogia Douglas P. Method of connecting to a remote computer
US20060248349A1 (en) * 2001-09-24 2006-11-02 Rathjen Alicemarie G Method for preparing and using personal and genetic profiles
JP2005505039A (en) 2001-09-28 2005-02-17 コムヴォールト・システムズ・インコーポレーテッド Apparatus and method for archiving objects in an information storage device
US7076797B2 (en) * 2001-10-05 2006-07-11 Microsoft Corporation Granular authorization for network user sessions
US7412720B1 (en) * 2001-11-02 2008-08-12 Bea Systems, Inc. Delegated authentication using a generic application-layer network protocol
US7225256B2 (en) 2001-11-30 2007-05-29 Oracle International Corporation Impersonation in an access system
US7987501B2 (en) 2001-12-04 2011-07-26 Jpmorgan Chase Bank, N.A. System and method for single session sign-on
US7062783B1 (en) * 2001-12-21 2006-06-13 Mcafee, Inc. Comprehensive enterprise network analyzer, scanner and intrusion detection framework
US7154857B1 (en) 2001-12-21 2006-12-26 Mcafee, Inc. Enterprise network analyzer zone controller system and method
WO2003058451A1 (en) * 2002-01-04 2003-07-17 Internet Security Systems, Inc. System and method for the managed security control of processes on a computer system
US7246230B2 (en) * 2002-01-29 2007-07-17 Bea Systems, Inc. Single sign-on over the internet using public-key cryptography
GB2384874B (en) * 2002-01-31 2005-12-21 Hewlett Packard Co Apparatus for setting access requirements
US7941533B2 (en) * 2002-02-19 2011-05-10 Jpmorgan Chase Bank, N.A. System and method for single sign-on session management without central server
US7984157B2 (en) * 2002-02-26 2011-07-19 Citrix Systems, Inc. Persistent and reliable session securely traversing network components using an encapsulating protocol
US7661129B2 (en) * 2002-02-26 2010-02-09 Citrix Systems, Inc. Secure traversal of network components
US7149806B2 (en) * 2002-02-27 2006-12-12 Hewlett-Packard Development Company, L.P. Data access in a distributed environment
US7191467B1 (en) * 2002-03-15 2007-03-13 Microsoft Corporation Method and system of integrating third party authentication into internet browser code
US7249262B2 (en) * 2002-05-06 2007-07-24 Browserkey, Inc. Method for restricting access to a web site by remote users
US7100049B2 (en) * 2002-05-10 2006-08-29 Rsa Security Inc. Method and apparatus for authentication of users and web sites
US7370360B2 (en) * 2002-05-13 2008-05-06 International Business Machines Corporation Computer immune system and method for detecting unwanted code in a P-code or partially compiled native-code program executing within a virtual machine
US20040059920A1 (en) * 2002-09-19 2004-03-25 International Business Machines Corporation Security health checking tool
US20040059941A1 (en) * 2002-09-19 2004-03-25 Myfamily.Com, Inc. Systems and methods for identifying users and providing access to information in a network environment
US7616638B2 (en) 2003-07-29 2009-11-10 Orbital Data Corporation Wavefront detection and disambiguation of acknowledgments
US8233392B2 (en) * 2003-07-29 2012-07-31 Citrix Systems, Inc. Transaction boundary detection for reduction in timeout penalties
US8270423B2 (en) 2003-07-29 2012-09-18 Citrix Systems, Inc. Systems and methods of using packet boundaries for reduction in timeout prevention
US7630305B2 (en) * 2003-07-29 2009-12-08 Orbital Data Corporation TCP selective acknowledgements for communicating delivered and missed data packets
US20040172558A1 (en) * 2002-11-18 2004-09-02 Terrance Callahan Method and system for access control
US7441116B2 (en) * 2002-12-30 2008-10-21 International Business Machines Corporation Secure resource distribution through encrypted pointers
US7913303B1 (en) 2003-01-21 2011-03-22 International Business Machines Corporation Method and system for dynamically protecting a computer system from attack
US7340525B1 (en) * 2003-01-24 2008-03-04 Oracle International Corporation Method and apparatus for single sign-on in a wireless environment
US7694330B2 (en) 2003-05-23 2010-04-06 Industrial Technology Research Institute Personal authentication device and system and method thereof
US8238241B2 (en) * 2003-07-29 2012-08-07 Citrix Systems, Inc. Automatic detection and window virtualization for flow control
US8432800B2 (en) * 2003-07-29 2013-04-30 Citrix Systems, Inc. Systems and methods for stochastic-based quality of service
US8437284B2 (en) 2003-07-29 2013-05-07 Citrix Systems, Inc. Systems and methods for additional retransmissions of dropped packets
DE10346007A1 (en) * 2003-10-02 2005-04-28 Siemens Ag Communication device and method for setting a security configuration of a communication device
US7904487B2 (en) * 2003-10-09 2011-03-08 Oracle International Corporation Translating data access requests
US7882132B2 (en) * 2003-10-09 2011-02-01 Oracle International Corporation Support for RDBMS in LDAP system
US7657938B2 (en) * 2003-10-28 2010-02-02 International Business Machines Corporation Method and system for protecting computer networks by altering unwanted network data traffic
US8661158B2 (en) 2003-12-10 2014-02-25 Aventail Llc Smart tunneling to resources in a network
US8590032B2 (en) 2003-12-10 2013-11-19 Aventail Llc Rule-based routing to resources through a network
US8255973B2 (en) * 2003-12-10 2012-08-28 Chris Hopen Provisioning remote computers for accessing resources
US7650509B1 (en) * 2004-01-28 2010-01-19 Gordon & Howard Associates, Inc. Encoding data in a password
US7617531B1 (en) 2004-02-18 2009-11-10 Citrix Systems, Inc. Inferencing data types of message components
US7437736B2 (en) * 2004-03-10 2008-10-14 Citibank, N.A. Method and apparatus for managing workflow in a single sign-on framework
WO2006002068A2 (en) * 2004-06-15 2006-01-05 Passmark Security, Inc. Method and apparatus for making accessible a set of services to users
US7698734B2 (en) * 2004-08-23 2010-04-13 International Business Machines Corporation Single sign-on (SSO) for non-SSO-compliant applications
US20060059569A1 (en) * 2004-08-27 2006-03-16 Microsoft Corporation Application and device user verification from an operating system-based authentication service
US8171479B2 (en) 2004-09-30 2012-05-01 Citrix Systems, Inc. Method and apparatus for providing an aggregate view of enumerated system resources from various isolation layers
US20060069662A1 (en) * 2004-09-30 2006-03-30 Citrix Systems, Inc. Method and apparatus for remapping accesses to virtual system resources
US7752600B2 (en) 2004-09-30 2010-07-06 Citrix Systems, Inc. Method and apparatus for providing file-type associations to multiple applications
US7680758B2 (en) 2004-09-30 2010-03-16 Citrix Systems, Inc. Method and apparatus for isolating execution of software applications
US7748032B2 (en) 2004-09-30 2010-06-29 Citrix Systems, Inc. Method and apparatus for associating tickets in a ticket hierarchy
US8095940B2 (en) * 2005-09-19 2012-01-10 Citrix Systems, Inc. Method and system for locating and accessing resources
US8117559B2 (en) * 2004-09-30 2012-02-14 Citrix Systems, Inc. Method and apparatus for virtualizing window information
US8613048B2 (en) 2004-09-30 2013-12-17 Citrix Systems, Inc. Method and apparatus for providing authorized remote access to application sessions
US7711835B2 (en) 2004-09-30 2010-05-04 Citrix Systems, Inc. Method and apparatus for reducing disclosure of proprietary data in a networked environment
US8181219B2 (en) * 2004-10-01 2012-05-15 Microsoft Corporation Access authorization having embedded policies
US7818781B2 (en) * 2004-10-01 2010-10-19 Microsoft Corporation Behavior blocking access control
US20060075220A1 (en) * 2004-10-01 2006-04-06 Baugher Mark J System and method to authorize a device to receive a content work based on device capabilities and content-work permissions
WO2006039944A1 (en) * 2004-10-12 2006-04-20 Swisscom Ag Method and system for the automatic adaptation of a service parameter
WO2006044820A2 (en) 2004-10-14 2006-04-27 Aventail Corporation Rule-based routing to resources through a network
US8077632B2 (en) * 2005-01-20 2011-12-13 Citrix Systems, Inc. Automatic LAN/WAN port detection
US8024568B2 (en) 2005-01-28 2011-09-20 Citrix Systems, Inc. Method and system for verification of an endpoint security scan
US20060230279A1 (en) * 2005-03-30 2006-10-12 Morris Robert P Methods, systems, and computer program products for establishing trusted access to a communication network
US20060230278A1 (en) * 2005-03-30 2006-10-12 Morris Robert P Methods,systems, and computer program products for determining a trust indication associated with access to a communication network
US20060265737A1 (en) * 2005-05-23 2006-11-23 Morris Robert P Methods, systems, and computer program products for providing trusted access to a communicaiton network based on location
WO2006130615A2 (en) * 2005-05-31 2006-12-07 Tricipher, Inc. Secure login using single factor split key asymmetric cryptography and an augmenting factor
US20070011100A1 (en) * 2005-06-21 2007-01-11 Phil Libin Preventing identity theft
US7941668B2 (en) * 2005-07-08 2011-05-10 Stapleton Jeff J Method and system for securely managing application transactions using cryptographic techniques
US7779034B2 (en) * 2005-10-07 2010-08-17 Citrix Systems, Inc. Method and system for accessing a remote file in a directory structure associated with an application program executing locally
US8131825B2 (en) * 2005-10-07 2012-03-06 Citrix Systems, Inc. Method and a system for responding locally to requests for file metadata associated with files stored remotely
US20070083610A1 (en) * 2005-10-07 2007-04-12 Treder Terry N Method and a system for accessing a plurality of files comprising an application program
US7685298B2 (en) * 2005-12-02 2010-03-23 Citrix Systems, Inc. Systems and methods for providing authentication credentials across application environments
US20070130289A1 (en) * 2005-12-07 2007-06-07 Christopher Defazio Remote access
CN1852094B (en) * 2005-12-13 2010-09-29 华为技术有限公司 Method and system for protecting account of network business user
US8099508B2 (en) * 2005-12-16 2012-01-17 Comcast Cable Holdings, Llc Method of using tokens and policy descriptors for dynamic on demand session management
US8688813B2 (en) 2006-01-11 2014-04-01 Oracle International Corporation Using identity/resource profile and directory enablers to support identity management
US8424067B2 (en) * 2006-01-19 2013-04-16 International Business Machines Corporation Smart password determination
US20070174429A1 (en) 2006-01-24 2007-07-26 Citrix Systems, Inc. Methods and servers for establishing a connection between a client system and a virtual machine hosting a requested computing environment
US9118656B2 (en) * 2006-01-26 2015-08-25 Imprivata, Inc. Systems and methods for multi-factor authentication
US20070194881A1 (en) 2006-02-07 2007-08-23 Schwarz Stanley G Enforcing payment schedules
US20080028453A1 (en) * 2006-03-30 2008-01-31 Thinh Nguyen Identity and access management framework
DE102006017765A1 (en) * 2006-04-12 2007-10-18 Deutsche Telekom Ag A method and communication system for providing personalized access to a group of devices
US8151323B2 (en) 2006-04-12 2012-04-03 Citrix Systems, Inc. Systems and methods for providing levels of access and action control via an SSL VPN appliance
US7930734B2 (en) * 2006-04-28 2011-04-19 Cisco Technology, Inc. Method and system for creating and tracking network sessions
US7685630B2 (en) * 2006-05-04 2010-03-23 Citrix Online, Llc Methods and systems for providing scalable authentication
US20080034412A1 (en) * 2006-08-02 2008-02-07 Informed Control Inc. System to prevent misuse of access rights in a single sign on environment
US7770002B2 (en) * 2006-08-17 2010-08-03 Fiserv, Inc. Multi-factor authentication
US8607303B2 (en) * 2006-10-31 2013-12-10 Apple Inc. Techniques for modification of access expiration conditions
US20080115192A1 (en) * 2006-11-07 2008-05-15 Rajandra Laxman Kulkarni Customizable authentication for service provisioning
US8533846B2 (en) 2006-11-08 2013-09-10 Citrix Systems, Inc. Method and system for dynamically associating access rights with a resource
US7874011B2 (en) 2006-12-01 2011-01-18 International Business Machines Corporation Authenticating user identity when resetting passwords
US8380841B2 (en) * 2006-12-07 2013-02-19 Microsoft Corporation Strategies for investigating and mitigating vulnerabilities caused by the acquisition of credentials
US7734669B2 (en) 2006-12-22 2010-06-08 Commvault Systems, Inc. Managing copies of data
US8788419B2 (en) 2006-12-30 2014-07-22 First Data Corporation Method and system for mitigating risk of fraud in internet banking
US8583564B2 (en) * 2007-03-26 2013-11-12 Microsoft Corporation Differential pricing based on social network standing
US7992198B2 (en) * 2007-04-13 2011-08-02 Microsoft Corporation Unified authentication for web method platforms
US8327456B2 (en) * 2007-04-13 2012-12-04 Microsoft Corporation Multiple entity authorization model
US7908642B2 (en) * 2007-04-18 2011-03-15 Canon Kabushiki Kaisha Policy store
EP1990750A1 (en) * 2007-05-09 2008-11-12 Nokia Siemens Networks Oy Method and device for data processing and communication system comprising such device
US8230490B2 (en) * 2007-07-31 2012-07-24 Keycorp System and method for authentication of users in a secure computer system
US20090064134A1 (en) * 2007-08-30 2009-03-05 Citrix Systems,Inc. Systems and methods for creating and executing files
US8396838B2 (en) * 2007-10-17 2013-03-12 Commvault Systems, Inc. Legal compliance, electronic discovery and electronic document handling of online and offline copies of data
US7925694B2 (en) 2007-10-19 2011-04-12 Citrix Systems, Inc. Systems and methods for managing cookies via HTTP content layer
US8171483B2 (en) 2007-10-20 2012-05-01 Citrix Systems, Inc. Method and system for communicating between isolation environments
US8539551B2 (en) * 2007-12-20 2013-09-17 Fujitsu Limited Trusted virtual machine as a client
WO2009094657A1 (en) * 2008-01-26 2009-07-30 Citrix Systems, Inc. Systems and methods for fine grain policy driven cookie proxying
US9832069B1 (en) 2008-05-30 2017-11-28 F5 Networks, Inc. Persistence based on server response in an IP multimedia subsystem (IMS)
US8769048B2 (en) * 2008-06-18 2014-07-01 Commvault Systems, Inc. Data protection scheduling, such as providing a flexible backup window in a data protection system
US9128883B2 (en) 2008-06-19 2015-09-08 Commvault Systems, Inc Data storage resource allocation by performing abbreviated resource checks based on relative chances of failure of the data storage resources to determine whether data storage requests would fail
US8352954B2 (en) 2008-06-19 2013-01-08 Commvault Systems, Inc. Data storage resource allocation by employing dynamic methods and blacklisting resource request pools
US8725688B2 (en) * 2008-09-05 2014-05-13 Commvault Systems, Inc. Image level copy or restore, such as image level restore without knowledge of data object metadata
US20100070474A1 (en) 2008-09-12 2010-03-18 Lad Kamleshkumar K Transferring or migrating portions of data objects, such as block-level data migration or chunk-based data migration
US20100070466A1 (en) * 2008-09-15 2010-03-18 Anand Prahlad Data transfer techniques within data storage devices, such as network attached storage performing data migration
US8281379B2 (en) * 2008-11-13 2012-10-02 Vasco Data Security, Inc. Method and system for providing a federated authentication service with gradual expiration of credentials
US8544083B2 (en) * 2009-02-19 2013-09-24 Microsoft Corporation Identification security elevation
US8090797B2 (en) * 2009-05-02 2012-01-03 Citrix Systems, Inc. Methods and systems for launching applications into existing isolation environments
WO2010144898A1 (en) * 2009-06-12 2010-12-16 General Instrument Corporation Certificate status information protocol (csip) proxy and responder
US9531695B2 (en) * 2009-06-12 2016-12-27 Microsoft Technology Licensing, Llc Access control to secured application features using client trust levels
US8202205B2 (en) * 2010-02-09 2012-06-19 GoBe Healthy, LLC Omni-directional exercise device
US9294479B1 (en) * 2010-12-01 2016-03-22 Google Inc. Client-side authentication
US8849762B2 (en) 2011-03-31 2014-09-30 Commvault Systems, Inc. Restoring computing environments, such as autorecovery of file systems at certain points in time
US9294452B1 (en) * 2011-12-09 2016-03-22 Rightquestion, Llc Authentication translation
US11475105B2 (en) 2011-12-09 2022-10-18 Rightquestion, Llc Authentication translation
US10157184B2 (en) 2012-03-30 2018-12-18 Commvault Systems, Inc. Data previewing before recalling large data files
US9781129B1 (en) * 2012-03-30 2017-10-03 EMC IP Holding Company LLC Authenticating an entity
US9203818B1 (en) * 2012-08-23 2015-12-01 Amazon Technologies, Inc. Adaptive timeouts for security credentials
US9213827B2 (en) 2012-09-27 2015-12-15 Intel Corporation Security data aggregation and business intelligence for web applications
US9633216B2 (en) 2012-12-27 2017-04-25 Commvault Systems, Inc. Application of information management policies based on operation with a geographic entity
CN113536276A (en) 2013-01-15 2021-10-22 施耐德电气美国股份有限公司 System and method for secure access to programmable devices
US9100387B2 (en) * 2013-01-24 2015-08-04 Oracle International Corporation State driven orchestration of authentication components in an access manager
US9459968B2 (en) 2013-03-11 2016-10-04 Commvault Systems, Inc. Single index to query multiple backup formats
US9166970B1 (en) 2013-03-15 2015-10-20 Symantec Corporation Dynamic framework for certificate application configuration
US9780950B1 (en) * 2013-03-15 2017-10-03 Symantec Corporation Authentication of PKI credential by use of a one time password and pin
US9430665B2 (en) * 2013-07-22 2016-08-30 Siemens Aktiengesellschaft Dynamic authorization to features and data in JAVA-based enterprise applications
US9232402B2 (en) * 2013-11-21 2016-01-05 At&T Intellectual Property I, L.P. System and method for implementing a two-person access rule using mobile devices
US9798596B2 (en) 2014-02-27 2017-10-24 Commvault Systems, Inc. Automatic alert escalation for an information management system
US9648100B2 (en) 2014-03-05 2017-05-09 Commvault Systems, Inc. Cross-system storage management for transferring data across autonomous information management systems
US9794227B2 (en) 2014-03-07 2017-10-17 Microsoft Technology Licensing, Llc Automatic detection of authentication methods by a gateway
US9823978B2 (en) 2014-04-16 2017-11-21 Commvault Systems, Inc. User-level quota management of data objects stored in information management systems
US9740574B2 (en) 2014-05-09 2017-08-22 Commvault Systems, Inc. Load balancing across multiple data paths
US11249858B2 (en) 2014-08-06 2022-02-15 Commvault Systems, Inc. Point-in-time backups of a production application made accessible over fibre channel and/or ISCSI as data sources to a remote application by representing the backups as pseudo-disks operating apart from the production application and its host
US9852026B2 (en) 2014-08-06 2017-12-26 Commvault Systems, Inc. Efficient application recovery in an information management system based on a pseudo-storage-device driver
US9444811B2 (en) 2014-10-21 2016-09-13 Commvault Systems, Inc. Using an enhanced data agent to restore backed up data across autonomous storage management systems
GB2535165B (en) * 2015-02-09 2021-09-29 Arm Ip Ltd A method of establishing trust between a device and an apparatus
US10834065B1 (en) 2015-03-31 2020-11-10 F5 Networks, Inc. Methods for SSL protected NTLM re-authentication and devices thereof
US10990428B2 (en) * 2015-07-03 2021-04-27 Telefonaktiebolaget Lm Ericsson (Publ) Virtual machine integrity
US9766825B2 (en) 2015-07-22 2017-09-19 Commvault Systems, Inc. Browse and restore for block-level backups
US9946859B2 (en) 2015-11-04 2018-04-17 Motorola Solutions, Inc. Systems and methods for enabling a lock screen of an electronic device
US9701279B1 (en) 2016-01-12 2017-07-11 Gordon*Howard Associates, Inc. On board monitoring device
US10404698B1 (en) 2016-01-15 2019-09-03 F5 Networks, Inc. Methods for adaptive organization of web application access points in webtops and devices thereof
US10296368B2 (en) 2016-03-09 2019-05-21 Commvault Systems, Inc. Hypervisor-independent block-level live browse for access to backed up virtual machine (VM) data and hypervisor-free file-level recovery (block-level pseudo-mount)
US10838821B2 (en) 2017-02-08 2020-11-17 Commvault Systems, Inc. Migrating content and metadata from a backup system
US10740193B2 (en) 2017-02-27 2020-08-11 Commvault Systems, Inc. Hypervisor-independent reference copies of virtual machine payload data based on block-level pseudo-mount
US10891069B2 (en) 2017-03-27 2021-01-12 Commvault Systems, Inc. Creating local copies of data stored in online data repositories
US10776329B2 (en) 2017-03-28 2020-09-15 Commvault Systems, Inc. Migration of a database management system to cloud storage
US11074140B2 (en) 2017-03-29 2021-07-27 Commvault Systems, Inc. Live browsing of granular mailbox data
US10664352B2 (en) 2017-06-14 2020-05-26 Commvault Systems, Inc. Live browsing of backed up data residing on cloned disks
US11290466B2 (en) * 2017-08-16 2022-03-29 Cable Television Laboratories, Inc. Systems and methods for network access granting
JP6647258B2 (en) 2017-09-11 2020-02-14 Capy株式会社 User authentication method, evaluation device, program, and user authentication system
US10795927B2 (en) 2018-02-05 2020-10-06 Commvault Systems, Inc. On-demand metadata extraction of clinical image data
US10789387B2 (en) 2018-03-13 2020-09-29 Commvault Systems, Inc. Graphical representation of an information management system
US10860443B2 (en) 2018-12-10 2020-12-08 Commvault Systems, Inc. Evaluation and reporting of recovery readiness in a data storage management system
US11070548B2 (en) * 2018-12-21 2021-07-20 Paypal, Inc. Tokenized online application sessions
US11057531B2 (en) * 2019-01-03 2021-07-06 Kodak Alaris Inc. Operating an appliance scanner system
US11494505B2 (en) 2019-03-21 2022-11-08 Microsoft Technology Licensing, Llc Hiding secure area of a file storage system based on client indication
US11025732B2 (en) 2019-06-17 2021-06-01 Vmware, Inc. Method and apparatus to perform user authentication during cloud provider sessions
US11308034B2 (en) 2019-06-27 2022-04-19 Commvault Systems, Inc. Continuously run log backup with minimal configuration and resource usage from the source machine
US11171945B2 (en) * 2019-10-16 2021-11-09 Capital One Services, Llc Time-based token trust depreciation
US11818159B2 (en) 2019-12-11 2023-11-14 Target Brands, Inc. Website guest risk assessment and mitigation
US11888857B2 (en) * 2020-12-21 2024-01-30 Blackberry Limited Risk-aware access control system and related methods
US20220382849A1 (en) * 2021-05-25 2022-12-01 Vmware, Inc. Credentials management and usage in application modernization
CN113779609B (en) * 2021-09-22 2024-03-22 北方健康医疗大数据科技有限公司 Data management method, device, electronic equipment and storage medium
CN116962088B (en) * 2023-09-20 2023-11-28 上海金电网安科技有限公司 Login authentication method, zero trust controller and electronic equipment

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0465016A2 (en) * 1990-06-25 1992-01-08 Digital Equipment Corporation Distributed multilevel computer security system and method
EP0849680A2 (en) * 1996-12-18 1998-06-24 Sun Microsystems, Inc. Multilevel security port methods, apparatuses, and computer program products

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5610981A (en) 1992-06-04 1997-03-11 Integrated Technologies Of America, Inc. Preboot protection for a data security system with anti-intrusion capability
WO1996042041A2 (en) 1995-06-07 1996-12-27 Open Market, Inc. Internet server access control and monitoring systems
US5774551A (en) 1995-08-07 1998-06-30 Sun Microsystems, Inc. Pluggable account management interface with unified login and logout and multiple user authentication services
US5826014A (en) 1996-02-06 1998-10-20 Network Engineering Software Firewall system for protecting network elements connected to a public network
CA2272649A1 (en) 1996-11-21 1998-06-11 Jordan J. Glogau Web site copy protection system and method
US5875296A (en) 1997-01-28 1999-02-23 International Business Machines Corporation Distributed file system web server user authentication with cookies
US6041357A (en) 1997-02-06 2000-03-21 Electric Classified, Inc. Common session token system and protocol
US6408336B1 (en) * 1997-03-10 2002-06-18 David S. Schneider Distributed administration of access to information
US6275941B1 (en) 1997-03-28 2001-08-14 Hiatchi, Ltd. Security management method for network system
US5944824A (en) 1997-04-30 1999-08-31 Mci Communications Corporation System and method for single sign-on to a plurality of network elements
US5930804A (en) 1997-06-09 1999-07-27 Philips Electronics North America Corporation Web-based biometric authentication system and method
US6308273B1 (en) * 1998-06-12 2001-10-23 Microsoft Corporation Method and system of security location discrimination
US6182142B1 (en) * 1998-07-10 2001-01-30 Encommerce, Inc. Distributed access management of information resources
US6226752B1 (en) 1999-05-11 2001-05-01 Sun Microsystems, Inc. Method and apparatus for authenticating users

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0465016A2 (en) * 1990-06-25 1992-01-08 Digital Equipment Corporation Distributed multilevel computer security system and method
EP0849680A2 (en) * 1996-12-18 1998-06-24 Sun Microsystems, Inc. Multilevel security port methods, apparatuses, and computer program products

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
STALLINGS W: "IPV6: THE NEW INTERNET PROTOCOL", IEEE COMMUNICATIONS MAGAZINE,IEEE SERVICE CENTER. PISCATAWAY, N.J,US, vol. 34, no. 7, 1 July 1996 (1996-07-01), pages 96 - 108, XP000623747, ISSN: 0163-6804 *

Also Published As

Publication number Publication date
US6691232B1 (en) 2004-02-10
EP1205057A2 (en) 2002-05-15
AU6752700A (en) 2001-03-05
WO2001011845A2 (en) 2001-02-15

Similar Documents

Publication Publication Date Title
WO2001011845A3 (en) Security architecture with environment sensitive credentials
US9397996B2 (en) Establishing historical usage-based hardware trust
AU2003262473B2 (en) Methods and systems for authentication of a user for sub-locations of a network location
US8261089B2 (en) Method and system for authenticating a user by means of a mobile device
CN101803272B (en) Authentication system and method
US6668322B1 (en) Access management system and method employing secure credentials
US6892307B1 (en) Single sign-on framework with trust-level mapping to authentication requirements
US6286104B1 (en) Authentication and authorization in a multi-tier relational database management system
US20080015986A1 (en) Systems, methods and computer program products for controlling online access to an account
WO2000030285A8 (en) Method and apparatus for secure distribution of authentication credentials to roaming users
WO2012107058A1 (en) Method and system for supporting user authentication to a service
Pampori et al. Securely eradicating cellular dependency for e-banking applications
NO20012463L (en) Procedure and apparatus for securely distributing authentication credentials to roaming users
KR100544214B1 (en) Method and system of selecting a security level for a electronic transaction
Lu et al. Prevent Online Identity Theft–Using Network Smart Cards for Secure Online Transactions
Pashalidis et al. Using GSM/UMTS for single sign-on
KR100959201B1 (en) Smartcard-Based Remote User Authentication Method
Griffin Biometric-based cybersecurity techniques
Narayanankutty et al. Novel authentication system for personal and domestic network systems using image feature comparison and digital signatures
Mohd et al. Secure User Authentication with Graphical Passwords and PassText
Sedaghat et al. The management of citizen identity in electronic government
Schuba et al. Internet id-flexible re-use of mobile phone authentication security for service access
Milovanovic et al. Implementing Authentication in an E-Procurement System
Hutchison et al. Incremental security in open, untrusted networks
Abdullah et al. Kerberos security evaluation

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

WWE Wipo information: entry into national phase

Ref document number: 2000955304

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2000955304

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Ref document number: 2000955304

Country of ref document: EP