Patent application number | Description | Published |
20080222697 | Application Server Object-level Security for Distributed Computing Domains - Objects on application servers may be defined into classes which receive different levels of security protection, such as definition of user objects and administrative objects. Domain-wide security may be enforced on administrative objects, which user object security may be configured separately for each application server in a domain. In a CORBA architecture, IOR's for shared objects which are to be secured on a domain-wide basis, such as administrative objects, are provided with tagged components during IOR creation and exporting to a name server. Later, when the IOR is used by a client, the client invokes necessary security measures such as authentication, authorization and transport protection according to the tagged components. | 09-11-2008 |
20080222719 | Fine-Grained Authorization by Traversing Generational Relationships - Methods, systems, and media are disclosed for determining access rights to a resource managed by an application. One embodiment includes receiving a request by the application, wherein the request comprises an action a user seeks to perform on the resource, and locating, based on the request, the resource in both a containment relationship graph and in a structure having groupings of resources, wherein the groupings comprise a grouping having the resource. Further, the embodiment includes traversing a vertex of the containment relationship graph, wherein the vertex comprises a generational resource of the resource, and reading an authorization table associated with a grouping having the generational resource in the groupings. Further still, the embodiment includes determining whether to grant the access rights for performing the action on the resource. | 09-11-2008 |
20090037196 | DETERMINING WHETHER A POSTAL MAIL ITEM CONTAINING A RADIO FREQUENCY IDENTIFIER (RFID) IS JUNK MAIL - A method, computer program product, and apparatus for receiving a postal mail item. The postal mail item is received. The postal mail item contains a radio frequency identifier identifying the sender of the postal mail item. Responsive to receiving the postal mail item in the mailbox, the radio frequency identifier of the postal mail item is scanned with a scanner to identify the sender of the postal mail item. A determination is made whether the sender of the postal mail item is in a junk mail list. The junk mail list includes a list of senders accessible to a processor in the scanner. | 02-05-2009 |
20120047258 | Managing and Securing Manageable Resources in Stateless Web Server Architecture Using Servlet Filters - Access is controlled to managed resources in a stateless web server architecture including a stateless web server computing platform; a resource locator map portion of the stateless web server computing platform providing a unique resource locator code representing each managed resource in a stateless web server architecture, wherein the managed resource is assigned to a plurality of application program components; a set of servlet filters disposed in a portion of the stateless web server computing platform, each servlet filter associated with one of the application program components; a resource locator matcher portion of the stateless web server computing platform, responsive to a user request to a unique resource locator, matching a pattern in the user request to one or more of the application program components using a corresponding servlet filter; and a request dispatcher portion of the stateless web server computing platform sending the user request to the matched application program component, wherein the application program component receives and processes the user request. | 02-23-2012 |
20130007845 | Authentication and authorization methods for cloud computing security platform - An authentication and authorization plug-in model for a cloud computing environment enables cloud customers to retain control over their enterprise information when their applications are deployed in the cloud. The cloud service provider provides a pluggable interface for customer security modules. When a customer deploys an application, the cloud environment administrator allocates a resource group (e.g., processors, storage, and memory) for the customer's application and data. The customer registers its own authentication and authorization security module with the cloud security service, and that security module is then used to control what persons or entities can access information associated with the deployed application. The cloud environment administrator, however, typically is not registered (as a permitted user) within the customer's security module; thus, the cloud environment administrator is not able to access (or release to others, or to the cloud's general resource pool) the resources assigned to the cloud customer (even though the administrator itself assigned those resources) or the associated business information. To further balance the rights of the various parties, a third party notary service protects the privacy and the access right of the customer when its application and information are deployed in the cloud. | 01-03-2013 |
20130311632 | CLOUD COMPUTING DATA CENTER MACHINE MONITOR AND CONTROL - Systems, methods and computer-readable media provide for identifying a physical machine corresponding to a virtual machine. A system assigns a data center machine identifier to a physical computing device in a data center, along with a physical location for the physical computing system. In response to creating a virtual machine on the physical computing device, the system creates a mapping from a virtual machine identifier for the virtual machine to the data center machine identifier for the physical computing system. | 11-21-2013 |
20130346543 | CLOUD SERVICE SELECTOR - In a method for selecting a remote application service from a plurality of remote application services containing a requested electronic resource, a computer receives a request for an electronic resource. The computer sends a request for a geographic location of each node in the plurality of nodes containing the electronic resource. The computer determines a distance between the geographic location of each node in the plurality of nodes and the geographic location of the origin of the request for the electronic resource, respectively. The computer selects a remote application service based at least partially on the distance between the geographic location of each node and the geographic location of the origin of the request for the electronic resource. | 12-26-2013 |
20150222626 | Managing and Securing Manageable Resources in Stateless Web Server Architecture Using Servlet Filters - Access is controlled to managed resources in a stateless web server architecture including a stateless web server computing platform; a resource locator map portion of the stateless web server computing platform providing a unique resource locator code representing each managed resource in a stateless web server architecture, wherein the managed resource is assigned to a plurality of application program components; a set of servlet filters disposed in a portion of the stateless web server computing platform, each servlet filter associated with one of the application program components; a resource locator matcher portion of the stateless web server computing platform, responsive to a user request to a unique resource locator, matching a pattern in the user request to one or more of the application program components using a corresponding servlet filter; and a request dispatcher portion of the stateless web server computing platform sending the user request to the matched application program component, wherein the application program component receives and processes the user request. | 08-06-2015 |