Patents by Inventor Duane Buss
Duane Buss has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8793773Abstract: System and method for providing reciprocity in a reputation system are described.Type: GrantFiled: January 30, 2008Date of Patent: July 29, 2014Assignee: Apple Inc.Inventor: Duane Buss
-
Patent number: 8707400Abstract: A system and method for consumer-side authorization and authentication is disclosed. In one embodiment, the method comprises receiving a request for a credential from a business-side party, matching the credential request to a set of available credentials, the available credentials comprising consumer-side information. The credential is retrieved from a credential store, and the authorization of the business-side party to receive the credential is evaluated before returning a response. In another embodiment, the system comprises a receiver module adapted to receive credential requests from business-side parties. The credential request is passed to a selection and matching module for matching against consumer-side credentials. The credential is retrieved from a storage and retrieval module, but is not passed until an authorization module allows a sender module to return a credential response to the business-side party.Type: GrantFiled: January 22, 2007Date of Patent: April 22, 2014Assignee: Apple Inc.Inventor: Duane Buss
-
Patent number: 8701172Abstract: System and method for facilitating user authentication of web page content are described. In one embodiment, the method comprises receiving a request from a web browser for web page content; and responsive to receipt of the request, providing to the web browser the requested web page content and associated digitally signed content; wherein prior to display of the web page content by the web browser, the digitally signed content is evaluated by a plug-in portion of the web browser to determine whether the digitally signed content is verified, indicating that a provider of the web page content is trustworthy.Type: GrantFiled: August 13, 2008Date of Patent: April 15, 2014Assignee: Apple Inc.Inventors: Daniel Sanders, Duane Buss
-
Patent number: 8571990Abstract: A method for expressing and evaluating signed reputation assertions is disclosed. In one embodiment, a first entity receives a request to generate a signed assertion relating to a piece of content. The first entity generates a reputation statement about a second entity from reputation-forming information (RFI) about the second entity available to the first entity. The first entity then generates a signed assertion from the reputation statement and the piece of content at least in part by binding the piece of content to the reputation statement and signing a portion encompassing at least one of the bound piece of content and the bound reputation statement. The signed assertion is then transmitted to a receiving entity.Type: GrantFiled: August 1, 2008Date of Patent: October 29, 2013Assignee: EMC CorporationInventor: Duane Buss
-
Patent number: 8561172Abstract: A client includes a card selector, and receives a security policy from a relying party. If the client does not have an information card that can satisfy the security policy, the client can define a virtual information card, either from the security policy or by augmenting an existing information card. The client can also use a local security policy that controls how and when a virtual information card is defined. The virtual information card can then be used to generate a security token to satisfy the security policy.Type: GrantFiled: August 29, 2008Date of Patent: October 15, 2013Assignee: Novell Intellectual Property Holdings, Inc.Inventors: Duane Buss, Andrew Hodgkinson, Tom Doman
-
Patent number: 8301901Abstract: A method for expressing and evaluating signed reputation assertions is disclosed. In one embodiment, a first entity receives a request to generate a signed assertion relating to a piece of content. The first entity generates a reputation statement about a second entity from reputation-forming information (RFI) about the second entity available to the first entity. The first entity then generates a signed assertion from the reputation statement and the piece of content at least in part by binding the piece of content to the reputation statement and signing a portion encompassing at least one of the bound piece of content and the bound reputation statement. The signed assertion is then transmitted to a receiving entity.Type: GrantFiled: March 6, 2007Date of Patent: October 30, 2012Assignee: EMC CorporationInventor: Duane Buss
-
Patent number: 7725416Abstract: System and method for rule location, ordering, and combining in a polyhierarchical environment are described. In one embodiment, a polyhierarchical environment contains at least one rule, at least one logical structure representable by a graph and at least two connections between one or more of the logical structures and a rule set evaluator (RSE). The RSE retrieves an assembly definition associated with a particular ordering or combination of rules. Each assembly definition is associated with one or more location chains, and each location chain is associated with one of the connections to a logical structure. For each location chain, a rule location policy is invoked, returning a rule. An assembly policy is invoked upon the returned rules, forming the returned rule into a dataset that conforms to the ordering or combination associated with the assembly definition.Type: GrantFiled: December 13, 2006Date of Patent: May 25, 2010Assignee: Novell, Inc.Inventor: Duane Buss
-
Publication number: 20100058435Abstract: A client includes a card selector, and receives a security policy from a relying party. If the client does not have an information card that can satisfy the security policy, the client can define a virtual information card, either from the security policy or by augmenting an existing information card. The client can also use a local security policy that controls how and when a virtual information card is defined. The virtual information card can then be used to generate a security token to satisfy the security policy.Type: ApplicationFiled: August 29, 2008Publication date: March 4, 2010Applicant: NOVELL, INC.Inventors: Duane Buss, Andrew Hodgkinson, Tom Doman
-
Publication number: 20100043058Abstract: System and method for facilitating user authentication of web page content are described. In one embodiment, the method comprises receiving a request from a web browser for web page content; and responsive to receipt of the request, providing to the web browser the requested web page content and associated digitally signed content; wherein prior to display of the web page content by the web browser, the digitally signed content is evaluated by a plug-in portion of the web browser to determine whether the digitally signed content is verified, indicating that a provider of the web page content is trustworthy.Type: ApplicationFiled: August 13, 2008Publication date: February 18, 2010Applicant: Novell, Inc.Inventors: Daniel Sanders, Duane Buss
-
Publication number: 20090193520Abstract: System and method for providing reciprocity in a reputation system are described.Type: ApplicationFiled: January 30, 2008Publication date: July 30, 2009Applicant: NOVELL, INC.Inventor: Duane Buss
-
Publication number: 20090094041Abstract: System and method for representing agreements as reputation are disclosed. In one embodiment, the method comprises, in response to a request to generate an assertion relating to a piece of content, regenerating a reputation statement concerning an agreement from reputation-forming information (RFI) associated with an agreement; and generating an assertion from the reputation statement and the piece of content, the generating comprising binding the piece of content to the reputation statement.Type: ApplicationFiled: October 9, 2007Publication date: April 9, 2009Applicant: Novell, Inc.Inventor: Duane Buss
-
Publication number: 20090037994Abstract: A system and method for assisting in ordered credential selection is disclosed. In one embodiment, the system enables ordered credential selection for credentials associated with one or more digital identities. The system comprises a plurality of security tokens, with each security token comprising a claim associated with a digital identity and where at least two of the security tokens are different from each other. The system also comprises an ordering module and manager module. The ordering module imposes a preferential ordering on the security tokens in accordance with an ordering policy to select a preferred security token. The manager module transmits at least one security token in response to a request, where at least one of the security tokens transmitted by the manager module is the preferred security token.Type: ApplicationFiled: July 30, 2007Publication date: February 5, 2009Applicant: NOVELL, INC.Inventor: Duane Buss
-
Publication number: 20080288278Abstract: A method for expressing and evaluating signed reputation assertions is disclosed. In one embodiment, a first entity receives a request to generate a signed assertion relating to a piece of content. The first entity generates a reputation statement about a second entity from reputation-forming information (RFI) about the second entity available to the first entity. The first entity then generates a signed assertion from the reputation statement and the piece of content at least in part by binding the piece of content to the reputation statement and signing a portion encompassing at least one of the bound piece of content and the bound reputation statement. The signed assertion is then transmitted to a receiving entity.Type: ApplicationFiled: August 1, 2008Publication date: November 20, 2008Applicant: Novell. Inc.Inventor: Duane Buss
-
Publication number: 20080222425Abstract: A method for expressing and evaluating signed reputation assertions is disclosed. In one embodiment, a first entity receives a request to generate a signed assertion relating to a piece of content. The first entity generates a reputation statement about a second entity from reputation-forming information (RFI) about the second entity available to the first entity. The first entity then generates a signed assertion from the reputation statement and the piece of content at least in part by binding the piece of content to the reputation statement and signing a portion encompassing at least one of the bound piece of content and the bound reputation statement. The signed assertion is then transmitted to a receiving entity.Type: ApplicationFiled: March 6, 2007Publication date: September 11, 2008Applicant: NOVELL, INC.Inventor: Duane Buss
-
Publication number: 20080178270Abstract: A system and method for consumer-side authorization and authentication is disclosed. In one embodiment, the method comprises receiving a request for a credential from a business-side party, matching the credential request to a set of available credentials, the available credentials comprising consumer-side information The credential is retrieved from a credential store, and the authorization of the business-side party to receive the credential is evaluated before returning a response. In another embodiment, the system comprises a receiver module adapted to receive credential requests from business-side parties. The credential request is passed to a selection and matching module for matching against consumer-side credentials. The credential is retrieved from a storage and retrieval module, but is not passed until an authorization module allows a sender module to return a credential response to the business-side party.Type: ApplicationFiled: January 22, 2007Publication date: July 24, 2008Applicant: NOVELL, INC.Inventor: Duane Buss
-
Publication number: 20080147584Abstract: System and method for rule location, ordering, and combining in a polyhierarchical environment are described. In one embodiment, a polyhierarchical environment contains at least one rule, at least one logical structure representable by a graph and at least two connections between one or more of the logical structures and a rule set evaluator (RSE). The RSE retrieves an assembly definition associated with a particular ordering or combination of rules. Each assembly definition is associated with one or more location chains, and each location chain is associated with one of the connections to a logical structure. For each location chain, a rule location policy is invoked, returning a rule. An assembly policy is invoked upon the returned rules, forming the returned rule into a dataset that conforms to the ordering or combination associated with the assembly definition.Type: ApplicationFiled: December 13, 2006Publication date: June 19, 2008Applicant: NOVELL, INC.Inventor: Duane Buss
-
Publication number: 20080021716Abstract: A system and method for conforming a decision to a compliance expression is described. In one embodiment, the method comprises receiving an intermediate conclusion generated by a decision system as a result of a policy evaluation performed based on at least one of a premise and a policy expression; performing a compliance evaluation to determine conformance of the received intermediate conclusion with a compliance expression; responsive to the performing a compliance evaluation, selectively executing a compliance statement in connection with the intermediate conclusion; and subsequent to the selectively executing, issuing a decision response, wherein the decision response conforms to the compliance expression.Type: ApplicationFiled: July 19, 2006Publication date: January 24, 2008Applicant: Novell, Inc.Inventors: Duane Buss, Roger Harrison
-
Publication number: 20070266006Abstract: System and method for enforcing role membership removal requirements are described. In one embodiment, the method includes, responsive to receipt of a removal request, performing a role evaluation of the removal request to generate a policy request; performing a policy evaluation of the policy request; generating a policy response in accordance with the policy evaluation; and enforcing the policy response.Type: ApplicationFiled: May 15, 2006Publication date: November 15, 2007Applicant: Novell, Inc.Inventor: Duane Buss
-
Publication number: 20070179802Abstract: Policy enforcement via attestations is provided. A principal operates within an environment and assumes roles having certain access rights to resources and the principal takes actions while assuming those roles. The roles and actions are monitored and attestations are raised under the proper set of circumstances. The attestations trigger policy restrictions that are enforced against the principal. The policy restrictions circumscribe the access rights to the resources.Type: ApplicationFiled: December 13, 2006Publication date: August 2, 2007Inventors: Duane Buss, Stephen Carter
-
Publication number: 20070027910Abstract: Methods and systems are provided for enforcing security on attributes of objects. A requestor attempts to assign a value to a target attribute of a target object. The value is a reference to a third object. The target attribute includes security for assigning values and is also linked to a related third attribute associated with the third object. The security associated with the target attribute and security associated with the third attribute are both independently enforced before the assignment of the value to the target attribute is permitted to proceed.Type: ApplicationFiled: September 12, 2006Publication date: February 1, 2007Inventors: Duane Buss, Dale Olds