JP5513500B2 - クレームを使用したセキュリティアイデンティティの表示 - Google Patents

クレームを使用したセキュリティアイデンティティの表示 Download PDF

Info

Publication number
JP5513500B2
JP5513500B2 JP2011517472A JP2011517472A JP5513500B2 JP 5513500 B2 JP5513500 B2 JP 5513500B2 JP 2011517472 A JP2011517472 A JP 2011517472A JP 2011517472 A JP2011517472 A JP 2011517472A JP 5513500 B2 JP5513500 B2 JP 5513500B2
Authority
JP
Japan
Prior art keywords
identity
computer
entity
component
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
JP2011517472A
Other languages
English (en)
Japanese (ja)
Other versions
JP2011527482A5 (enExample
JP2011527482A (ja
Inventor
アレクサンダー ジャン
ケー.カーラー クリストファー
アール.リーヴス チャールズ
オー.ウィルソン ハーヴェイ
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Corp
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Publication of JP2011527482A publication Critical patent/JP2011527482A/ja
Publication of JP2011527482A5 publication Critical patent/JP2011527482A5/ja
Application granted granted Critical
Publication of JP5513500B2 publication Critical patent/JP5513500B2/ja
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
JP2011517472A 2008-07-07 2009-06-26 クレームを使用したセキュリティアイデンティティの表示 Expired - Fee Related JP5513500B2 (ja)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US7867308P 2008-07-07 2008-07-07
US61/078,673 2008-07-07
US12/485,859 2009-06-16
US12/485,859 US8910257B2 (en) 2008-07-07 2009-06-16 Representing security identities using claims
PCT/US2009/048893 WO2010005813A2 (en) 2008-07-07 2009-06-26 Representing security identities using claims

Publications (3)

Publication Number Publication Date
JP2011527482A JP2011527482A (ja) 2011-10-27
JP2011527482A5 JP2011527482A5 (enExample) 2012-08-09
JP5513500B2 true JP5513500B2 (ja) 2014-06-04

Family

ID=41463919

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2011517472A Expired - Fee Related JP5513500B2 (ja) 2008-07-07 2009-06-26 クレームを使用したセキュリティアイデンティティの表示

Country Status (5)

Country Link
US (1) US8910257B2 (enExample)
EP (1) EP2321760B1 (enExample)
JP (1) JP5513500B2 (enExample)
CN (1) CN102084374B (enExample)
WO (1) WO2010005813A2 (enExample)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8776255B2 (en) 2010-09-30 2014-07-08 Microsoft Corporation Claims-aware role-based access control
US8528069B2 (en) * 2010-09-30 2013-09-03 Microsoft Corporation Trustworthy device claims for enterprise applications
US9237155B1 (en) 2010-12-06 2016-01-12 Amazon Technologies, Inc. Distributed policy enforcement with optimizing policy transformations
US8769642B1 (en) * 2011-05-31 2014-07-01 Amazon Technologies, Inc. Techniques for delegation of access privileges
US9507927B2 (en) * 2011-09-30 2016-11-29 Oracle International Corporation Dynamic identity switching
US20130275282A1 (en) * 2012-04-17 2013-10-17 Microsoft Corporation Anonymous billing
US9356918B2 (en) * 2013-03-13 2016-05-31 Google Inc. Identification delegation for devices
US10158647B2 (en) * 2015-08-25 2018-12-18 Oracle International Corporation Permissive access control for modular reflection
US10282184B2 (en) 2016-09-16 2019-05-07 Oracle International Corporation Metadata application constraints within a module system based on modular dependencies
US11328115B2 (en) 2018-05-10 2022-05-10 Microsoft Technology Licensing, Llc. Self-asserted claims provider
US11870766B2 (en) 2020-12-16 2024-01-09 Microsoft Technology Licensing, Llc. Integration of legacy authentication with cloud-based authentication

Family Cites Families (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7698381B2 (en) * 2001-06-20 2010-04-13 Microsoft Corporation Methods and systems for controlling the scope of delegation of authentication credentials
US20030074579A1 (en) * 2001-10-16 2003-04-17 Microsoft Corporation Virtual distributed security system
US7221935B2 (en) 2002-02-28 2007-05-22 Telefonaktiebolaget Lm Ericsson (Publ) System, method and apparatus for federated single sign-on services
US8037299B2 (en) * 2002-06-18 2011-10-11 Ericsson Ab Domain-less service selection
US7200674B2 (en) * 2002-07-19 2007-04-03 Open Invention Network, Llc Electronic commerce community networks and intra/inter community secure routing implementation
US7526798B2 (en) * 2002-10-31 2009-04-28 International Business Machines Corporation System and method for credential delegation using identity assertion
US8108920B2 (en) * 2003-05-12 2012-01-31 Microsoft Corporation Passive client single sign-on for web applications
US8528063B2 (en) * 2004-03-31 2013-09-03 International Business Machines Corporation Cross domain security information conversion
US7454623B2 (en) * 2004-06-16 2008-11-18 Blame Canada Holdings Inc Distributed hierarchical identity management system authentication mechanisms
US8607322B2 (en) * 2004-07-21 2013-12-10 International Business Machines Corporation Method and system for federated provisioning
JP4782139B2 (ja) * 2004-10-26 2011-09-28 テレコム・イタリア・エッセ・ピー・アー モバイルユーザーをトランスペアレントに認証してウェブサービスにアクセスする方法及びシステム
US20070094400A1 (en) * 2005-10-20 2007-04-26 Childress Rhonda L Software installation within a federation
CN100401687C (zh) 2005-10-20 2008-07-09 华为技术有限公司 网络中的个人数据搜索系统和方法
GB0523871D0 (en) * 2005-11-24 2006-01-04 Ibm A system for updating security data
US8418234B2 (en) 2005-12-15 2013-04-09 International Business Machines Corporation Authentication of a principal in a federation
US7788499B2 (en) * 2005-12-19 2010-08-31 Microsoft Corporation Security tokens including displayable claims
JP2007179171A (ja) * 2005-12-27 2007-07-12 Internatl Business Mach Corp <Ibm> 秘密保持が要求されるモデル用のソフトウエア開発装置
US8117459B2 (en) * 2006-02-24 2012-02-14 Microsoft Corporation Personal identification information schemas
US8201215B2 (en) 2006-09-08 2012-06-12 Microsoft Corporation Controlling the delegation of rights
US7676586B2 (en) 2006-10-05 2010-03-09 Microsoft Corporation Hierarchical federation metadata
US20080263644A1 (en) * 2007-04-23 2008-10-23 Doron Grinstein Federated authorization for distributed computing

Also Published As

Publication number Publication date
CN102084374B (zh) 2013-08-07
EP2321760A4 (en) 2016-10-26
WO2010005813A2 (en) 2010-01-14
US8910257B2 (en) 2014-12-09
WO2010005813A3 (en) 2010-03-11
US20100001833A1 (en) 2010-01-07
JP2011527482A (ja) 2011-10-27
CN102084374A (zh) 2011-06-01
EP2321760A2 (en) 2011-05-18
EP2321760B1 (en) 2020-08-19

Similar Documents

Publication Publication Date Title
JP5513500B2 (ja) クレームを使用したセキュリティアイデンティティの表示
EP3424176B1 (en) Systems and methods for distributed data sharing with asynchronous third-party attestation
KR101150108B1 (ko) 피어-투-피어 인증 및 허가
US8151317B2 (en) Method and system for policy-based initiation of federation management
US8607322B2 (en) Method and system for federated provisioning
US8528058B2 (en) Native use of web service protocols and claims in server authentication
Squicciarini et al. PP-trust-X: A system for privacy preserving trust negotiations
US20060048216A1 (en) Method and system for enabling federated user lifecycle management
US20060021017A1 (en) Method and system for establishing federation relationships through imported configuration files
TW201027384A (en) Digital rights management (DRM)-enabled policy management for an identify provider in a federated environment
TW201025068A (en) Digital rights management (DRM)-enabled policy management for a service provider in a federated environment
CN104255007A (zh) Oauth框架
CN108259438A (zh) 一种基于区块链技术的认证的方法和装置
US8479006B2 (en) Digitally signing documents using identity context information
Bhatti et al. An integrated approach to federated identity and privilege management in open systems
Koshutanski et al. Distributed identity management model for digital ecosystems
Singh et al. Identity management in cloud computing through claim-based solution
Breggeman An Authentication Service for Domestic Self-Hosting
Koshutanski et al. Towards user-centric identity interoperability for digital ecosystems
CN120034367A (zh) 基于Oauth授权框架的统一认证方法及计算机设备
Akram et al. User-centric identity management in ambient environments
CN118647998A (zh) 权限管理方法和系统
Akram Secured Identity Management in Ambient Environments: Vulnerabilities and Proposed Remedies
Brown et al. Microsoft Windows Identity Foundation (WIF) Whitepaper for Developers
Chen et al. A framework for managing access of large-scale distributed resources in a collaborative platform

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20120620

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20120620

RD03 Notification of appointment of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7423

Effective date: 20130701

RD04 Notification of resignation of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7424

Effective date: 20130718

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20131030

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20131206

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20140205

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20140226

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20140327

R150 Certificate of patent or registration of utility model

Ref document number: 5513500

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

S111 Request for change of ownership or part of ownership

Free format text: JAPANESE INTERMEDIATE CODE: R313113

R350 Written notification of registration of transfer

Free format text: JAPANESE INTERMEDIATE CODE: R350

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

LAPS Cancellation because of no payment of annual fees