JP5934224B2 - 動的アプリケーション環境において証明可能なアイデンティティのセキュアな展開 - Google Patents

動的アプリケーション環境において証明可能なアイデンティティのセキュアな展開 Download PDF

Info

Publication number
JP5934224B2
JP5934224B2 JP2013532829A JP2013532829A JP5934224B2 JP 5934224 B2 JP5934224 B2 JP 5934224B2 JP 2013532829 A JP2013532829 A JP 2013532829A JP 2013532829 A JP2013532829 A JP 2013532829A JP 5934224 B2 JP5934224 B2 JP 5934224B2
Authority
JP
Japan
Prior art keywords
computer
identity
account
token
full
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2013532829A
Other languages
English (en)
Japanese (ja)
Other versions
JP2013540323A5 (OSRAM
JP2013540323A (ja
Inventor
ジルカ イアン
ジルカ イアン
テボスヤン カーレン
テボスヤン カーレン
サンダース コーリー
サンダース コーリー
ジョージ エム.ムーア
エム.ムーア ジョージ
スリバスタバ モヒト
スリバスタバ モヒト
ユージーン ルシノビッチ マーク
ユージーン ルシノビッチ マーク
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Corp
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Corp
Microsoft Technology Licensing LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp, Microsoft Technology Licensing LLC filed Critical Microsoft Corp
Publication of JP2013540323A publication Critical patent/JP2013540323A/ja
Publication of JP2013540323A5 publication Critical patent/JP2013540323A5/ja
Application granted granted Critical
Publication of JP5934224B2 publication Critical patent/JP5934224B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45562Creating, deleting, cloning virtual machine instances
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45595Network integration; Enabling network access in virtual machine instances

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Multi Processors (AREA)
  • Stored Programmes (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Information Transfer Between Computers (AREA)
JP2013532829A 2010-10-08 2011-09-23 動的アプリケーション環境において証明可能なアイデンティティのセキュアな展開 Active JP5934224B2 (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US12/901,445 2010-10-08
US12/901,445 US8990562B2 (en) 2010-10-08 2010-10-08 Secure deployment of provable identity for dynamic application environments
PCT/US2011/053010 WO2012047555A2 (en) 2010-10-08 2011-09-23 Secure deployment of provable identity for dynamic application environments

Publications (3)

Publication Number Publication Date
JP2013540323A JP2013540323A (ja) 2013-10-31
JP2013540323A5 JP2013540323A5 (OSRAM) 2014-10-30
JP5934224B2 true JP5934224B2 (ja) 2016-06-15

Family

ID=45885938

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2013532829A Active JP5934224B2 (ja) 2010-10-08 2011-09-23 動的アプリケーション環境において証明可能なアイデンティティのセキュアな展開

Country Status (7)

Country Link
US (1) US8990562B2 (OSRAM)
EP (1) EP2625645B1 (OSRAM)
JP (1) JP5934224B2 (OSRAM)
CN (1) CN102404117B (OSRAM)
AU (1) AU2011312611B2 (OSRAM)
CA (1) CA2813601A1 (OSRAM)
WO (1) WO2012047555A2 (OSRAM)

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9135037B1 (en) * 2011-01-13 2015-09-15 Google Inc. Virtual network protocol
US9619662B1 (en) * 2011-01-13 2017-04-11 Google Inc. Virtual network pairs
AU2012210978B2 (en) * 2011-01-28 2015-11-26 Royal Canadian Mint/Monnaie Royal Canadienne Controlled security domains
US9361162B1 (en) * 2011-08-26 2016-06-07 Amazon Technologies, Inc. Executing threads of an application across multiple computing devices in a distributed virtual machine environment
US9992024B2 (en) * 2012-01-25 2018-06-05 Fujitsu Limited Establishing a chain of trust within a virtual machine
US9917736B2 (en) 2012-01-30 2018-03-13 Microsoft Technology Licensing, Llc Automated standalone bootstrapping of hardware inventory
US9367360B2 (en) * 2012-01-30 2016-06-14 Microsoft Technology Licensing, Llc Deploying a hardware inventory as a cloud-computing stamp
US8910161B2 (en) * 2012-07-13 2014-12-09 Vmware, Inc. Scan systems and methods of scanning virtual machines
EP3014507B1 (en) 2013-06-27 2018-04-04 Intel Corporation Continuous multi-factor authentication
CN105282122B (zh) * 2014-07-22 2019-07-12 中兴通讯股份有限公司 基于数字证书的信息安全实现方法及系统
CN104168292A (zh) * 2014-09-01 2014-11-26 宇龙计算机通信科技(深圳)有限公司 动态指令处理方法、动态指令处理装置和终端
US9912478B2 (en) 2015-12-14 2018-03-06 International Business Machines Corporation Authenticating features of virtual server system
US10228924B2 (en) * 2016-04-19 2019-03-12 International Business Machines Corporation Application deployment and monitoring in a cloud environment to satisfy integrity and geo-fencing constraints
US10031735B2 (en) 2016-09-30 2018-07-24 International Business Machines Corporation Secure deployment of applications in a cloud computing platform
CN109688098B (zh) * 2018-09-07 2022-05-20 平安科技(深圳)有限公司 数据的安全通信方法、装置、设备及计算机可读存储介质
US11586470B2 (en) * 2019-08-07 2023-02-21 International Business Machines Corporation Scalable workflow engine with a stateless orchestrator
EP4128703A4 (en) 2020-03-25 2024-03-27 Services Pétroliers Schlumberger Integrated authentication system and method
US11762671B2 (en) * 2021-11-08 2023-09-19 Smashcut, Inc. Virtualization-based collaborative activity framework with predictive preloading of virtual machines
US11695772B1 (en) * 2022-05-03 2023-07-04 Capital One Services, Llc System and method for enabling multiple auxiliary use of an access token of a user by another entity to facilitate an action of the user

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4671619B2 (ja) * 2004-03-31 2011-04-20 富士通株式会社 端末正当性保証システムおよび端末正当性保証方法
US20070174429A1 (en) 2006-01-24 2007-07-26 Citrix Systems, Inc. Methods and servers for establishing a connection between a client system and a virtual machine hosting a requested computing environment
EP1826979A1 (en) * 2006-02-27 2007-08-29 BRITISH TELECOMMUNICATIONS public limited company A system and method for establishing a secure group of entities in a computer network
JP4778358B2 (ja) * 2006-05-15 2011-09-21 日本電信電話株式会社 接続先顧客保護システム、その方法及びそのプログラム
US20080104393A1 (en) 2006-09-28 2008-05-01 Microsoft Corporation Cloud-based access control list
US8751815B2 (en) 2006-10-25 2014-06-10 Iovation Inc. Creating and verifying globally unique device-specific identifiers
JP2008171076A (ja) * 2007-01-09 2008-07-24 Vision Arts Kk ジョブ実行装置及びその制御方法
US20080228865A1 (en) 2007-03-15 2008-09-18 Nazareno Brier Cruzada Electronic personal computing and videophone system consisting of a remote server system providing dynamic, subscription based virtual computing services & resources, a thin client hardware device connected to a television set and wireless keyboard & mouse, and a wireless mobile device (a Pocket PC Phone)
CN101022339A (zh) 2007-03-23 2007-08-22 郭传真 一种结合数字证书和印章的电子签章认证方法
US8881253B2 (en) * 2007-03-28 2014-11-04 Symantec Corporation Method and apparatus for accepting a digital identity of a user based on transitive trust among parties
US8418222B2 (en) 2008-03-05 2013-04-09 Microsoft Corporation Flexible scalable application authorization for cloud computing environments
US8108912B2 (en) 2008-05-29 2012-01-31 Red Hat, Inc. Systems and methods for management of secure data in cloud-based network
TW201007574A (en) 2008-08-13 2010-02-16 Inventec Corp Internet server system and method of constructing and starting a virtual machine
US9009329B2 (en) 2008-11-25 2015-04-14 Microsoft Technology Licensing, Llc Platform for enabling terminal services virtualization
JP2010165231A (ja) * 2009-01-16 2010-07-29 Panasonic Corp サーバ認証方法及びクライアント端末
JP5419501B2 (ja) * 2009-03-16 2014-02-19 キヤノン株式会社 情報処理システム及びその処理方法
US8959510B2 (en) * 2009-03-19 2015-02-17 Red Hat, Inc. Providing a trusted environment for provisioning a virtual machine
US20120054491A1 (en) * 2010-08-31 2012-03-01 Peter John Tippett Re-authentication in client-server communications

Also Published As

Publication number Publication date
US8990562B2 (en) 2015-03-24
EP2625645B1 (en) 2020-10-07
AU2011312611B2 (en) 2014-05-29
CA2813601A1 (en) 2012-04-12
AU2011312611A1 (en) 2013-05-02
WO2012047555A2 (en) 2012-04-12
JP2013540323A (ja) 2013-10-31
US20120089833A1 (en) 2012-04-12
EP2625645A2 (en) 2013-08-14
CN102404117B (zh) 2015-05-20
EP2625645A4 (en) 2017-05-03
WO2012047555A3 (en) 2012-05-31
CN102404117A (zh) 2012-04-04

Similar Documents

Publication Publication Date Title
JP5934224B2 (ja) 動的アプリケーション環境において証明可能なアイデンティティのセキュアな展開
US8505083B2 (en) Remote resources single sign on
US9830430B2 (en) Inherited product activation for virtual machines
US8607054B2 (en) Remote access to hosted virtual machines by enterprise users
US8849941B2 (en) Virtual desktop configuration and operation techniques
JP6092428B2 (ja) 特権付き動作を呼び出すためのセキュアインターフェイス
CN102971740B (zh) 计算设备上的用于多个环境的用户管理框架
CN101410803B (zh) 用于提供对计算环境的访问的方法和系统
US20120331032A1 (en) Remote Presentation Session Connectionless Oriented Channel Broker
US20110246786A1 (en) Mechanism for Automatically Encrypting and Decrypting Virtual Disk Content Using a Single User Sign-On
US9792426B1 (en) System and method for providing anonymous access to shared resources
US20120079607A1 (en) Request Based License Mode Selection
US11811749B2 (en) Authentication of plugins in a virtualized computing environment
US20190386980A1 (en) Single sign-on from desktop to network
US20120079393A1 (en) Adaptable License Platform for Remote Sessions
HK1187424A (en) Virtual desktop configuration and operation techniques
HK1187424B (en) Virtual desktop configuration and operation techniques

Legal Events

Date Code Title Description
RD03 Notification of appointment of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7423

Effective date: 20130703

RD04 Notification of resignation of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7424

Effective date: 20130717

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20140908

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20140908

A711 Notification of change in applicant

Free format text: JAPANESE INTERMEDIATE CODE: A711

Effective date: 20150522

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20150708

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20150826

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20151125

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20160407

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20160506

R150 Certificate of patent or registration of utility model

Ref document number: 5934224

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

RD02 Notification of acceptance of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: R3D02