Ut Van Le

8645679, Feb 4, 2014

Jun 17, 2011

13/162744

Elisa Ferracane - Austin TX, US
Paul William Bennett - Austin TX, US
William J. O'Donnell - Fichburg WI, US
Ajay Reddy Karkala - Austin TX, US
Ut Van Le - Austin TX, US
Michael Craig Thompson - Austin TX, US
Maxim Avery Moldenhauer - Durham NC, US

International Business Machines Corporation - Armonk NY

H04L 29/06

713152, 726 1, 726 14, 726 26

A method is described for merging security constraints associated with an application when using security annotations. The application comprises one or more servlets, such as a Java servlet. During application deployment, a list of role names is generated by merging static security constraints, for example, identified in a deployment descriptor, and in a static security annotation that defines a list containing the names of authorized roles for a servlet. Later, during application runtime in an application server, security constraints are retrieved from a plurality of sources, including both dynamic and static security annotations. Using the list of role names and the security constraints retrieved, a set of merged security constraints having a defined and proper order of precedence is generated. In particular, preferably one or more dynamic security annotations are first merged with one or more static security annotations to generate a set of runtime constraints. The security constraints from the deployment descriptor are then merged with the set of runtime constraints and the list of roles to generate the set of merged security constraints.

20080101610, May 1, 2008

Oct 26, 2006

11/553276

PETER D. BIRK - Austin TX, US
Keys D. Botzum - Columbia MD, US
Ching-Yun Chao - Austin TX, US
Hyen V. Chung - Round Rock TX, US
Alaine DeMyers - Austin TX, US
Ut Van Le - Austin TX, US
James L. Lentz - Austin TX, US
Mickella A. Rosiles - Austin TX, US

H04L 9/00

380277, 380 44

Systems, methods and media for managing and generating encryption keys are disclosed. In one embodiment, a processor executes encryption key processing computer code to receive requests for keys from an application program. The processor determines whether the requesting application program executes on a node or server that is within the scope of machines authorized to receive the requested keys. If authorized, the processor produces a key map and sends the key map to the application program, enabling the application program to access one or more keys in the key map. The keys are updated automatically according to a specifiable schedule.

20120317633, Dec 13, 2012

Jun 10, 2011

13/157633

William J. O'Donnell - Fichburg WI, US
Paul William Bennett - , US
Elisa Ferracane - Austin TX, US
Ajay Reddy Karkala - Austin TX, US
Ut Van Le - Austin TX, US
Michael Craig Thompson - Austin TX, US

INTERNATIONAL BUSINESS MACHINES CORPORATION - Armonk NY

G06F 21/00

726 10, 726 3

A method for dynamically assigning a displayable realm name begins upon receipt of an authentication request to an application, such as a web application, being executed by an application server. In response, a determination is made whether an application realm name has been set in a configuration file associated with the application. If not, a custom display property is then evaluated. If the custom display property is set true, a realm name associated with an active authentication mechanism is retrieved and provided for display in an authentication panel. If the custom display property is set false, a default string is provided for display in the authentication panel. In this manner, an application server administrator can control what realm name is displayed to an end user in the event an application developer has not specified the realm name in the application configuration.