Patents by Inventor Derek Wan Hok Ho
Derek Wan Hok Ho has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 7299288Abstract: A system and method for concurrent security connections is presented. An association table is used that includes a list of active credentials. An active credential includes information such as user id and password information for a given domain. The active credential may also include dynamic data that is retrieved from a user, such as a pseudo-random code or a fingerprint scan. The active credential is sent to a domain, or the managing server of the domain, when domain access is requested. This access request does not involve the user of the client unless dynamic input data is requested.Type: GrantFiled: November 15, 2005Date of Patent: November 20, 2007Assignee: International Business Machines CorporationInventors: David Yu Chang, Derek Wan Hok Ho
-
Patent number: 6996620Abstract: A system and method for concurrent security connections is presented. An association table is used that includes a list of active credentials. An active credential includes information such as user id and password information for a given domain. The active credential may also include dynamic data that is retrieved from a user, such as a pseudo-random code or a fingerprint scan. The active credential is sent to a domain, or the managing server of the domain, when domain access is requested. This access request does not involve the user of the client unless dynamic input data is requested.Type: GrantFiled: January 9, 2002Date of Patent: February 7, 2006Assignee: International Business Machines CorporationInventors: David Yu Chang, Derek Wan Hok Ho
-
Patent number: 6898717Abstract: A method and implementing computer system are provided in which a Quality Of Protection (QOP) indication is established in a tagged component for servers in a network domain. Each server may have one QOP setting associated with the server for inbound messages and another QOP setting associated with the server for outbound messages. In an exemplary embodiment, the QOP settings are contained in a list which may be updated to include additional QOPs which the server may be equipped to support.Type: GrantFiled: July 20, 2000Date of Patent: May 24, 2005Assignee: International Business Machines CorporationInventors: John Alexander Buslawski, David Yu Chang, Robert H. High, Jr., Derek Wan Hok Ho
-
Publication number: 20040030764Abstract: Identity token principal mapping, including receiving in a target system a CORBA message invoking a member method on the target system, the message including a security context including an identity token including an asserted identity, the identity token having an identity token type, the target system having an authentication type, and granting to the asserted identity, in dependence upon the authentication type and in dependence upon the identity token type, authorization privileges of a corresponding user account in the target system.Type: ApplicationFiled: August 8, 2002Publication date: February 12, 2004Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Peter Daniel Birk, David Yu Chang, Derek Wan Hok Ho
-
Publication number: 20030236975Abstract: A system and method for improved electronic security credentials is presented. A client sends a request to a server wherein the request includes a user's identity information. The server authenticates the user using the user's identity information, and creates an authentication credential. The server stores the user's identity information in the authentication credential in the same form as it was received. If the server determines that the request should be sent to a downstream server, the server creates a message and includes the user's identity information in the message. The continued propagation of the user's original identity information preserves the integrity of the user's identity on a server-by-server basis. Each server may map this information to a credential in a way that it chooses based upon the server's underlying authentication mechanism and mapping rules.Type: ApplicationFiled: June 20, 2002Publication date: December 25, 2003Applicant: International Business Machines CorporationInventors: Peter Daniel Birk, David Yu Chang, Derek Wan Hok Ho
-
Publication number: 20030221126Abstract: Methods for mutual authentication between a client and a server, including providing to the client an object reference comprising a component identifying the server's client authentication protocol, establishing an SSL connection between the client and the server, including authenticating the server with the server's public key, and authenticating the client using the client authentication protocol identified in the component in the object reference.Type: ApplicationFiled: May 24, 2002Publication date: November 27, 2003Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Eve Suzanne Berman, David Yu Chang, Derek Wan Hok Ho, Stephen Patrick Lyons
-
Publication number: 20030131110Abstract: A system and method for concurrent security connections is presented. An association table is used that includes a list of active credentials. An active credential includes information such as user id and password information for a given domain. The active credential may also include dynamic data that is retrieved from a user, such as a pseudo-random code or a fingerprint scan. The active credential is sent to a domain, or the managing server of the domain, when domain access is requested. This access request does not involve the user of the client unless dynamic input data is requested.Type: ApplicationFiled: January 9, 2002Publication date: July 10, 2003Applicant: International Business Machines CorporationInventors: David Yu Chang, Derek Wan Hok Ho
-
Publication number: 20030030675Abstract: A method and implementing computer system are provided in which user alert signals are generated whenever an underlying display window in a multi-window display environment requires user attention. In one exemplary embodiment, the user is enabled to specify various preferred characteristics of the alert signals. The alert signals include audio signals, video signals and combinations of selected audio and visual signals. The user is further enabled to specify input an alert repeat interval to define an elapsed time between successive alert signals.Type: ApplicationFiled: August 9, 2001Publication date: February 13, 2003Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: William Hsiao-Yu Ku, John Shih-Yuan Wang, Derek Wan Hok Ho, Joey Allen Perry
-
Patent number: 5701408Abstract: A method for testing programming interfaces including application program interfaces and command line utilities. Each interface may be called from a loop instruction in a test instruction a number of times corresponding to a number of parameter sets which are needed to test each interface. The parameter sets are maintained in a separate data file and are retrieved for each call being made to an interface. One or more return value are included in the parameter set. The operating system generates one or more return values which are compared with the stored return value. A judgment is made based on the comparison of the stored return values and the programming interface-generated return value. When this comparison is not as expected, the return values are written to a file along with the parameter set which produced the unexpected comparison.Type: GrantFiled: July 10, 1995Date of Patent: December 23, 1997Assignee: International Business Machines CorporationInventors: Julie Eileen Cornell, Jorge Lazaro Diaz, Derek Wan Hok Ho, Son Duc Nguyen, Cuong Huu Tran