PAUL WILLIAM WESCHLER
Pilots at Utica Pl, Westminster, CO

6470332, Oct 22, 2002

May 19, 1999

09/314690

Paul Weschler - Broomfield CO

Sun Microsystems, Inc. - Palo Alto CA

G06F 1730

707 3, 707103 Y, 709226

A system, method and computer program product for searching for, and retrieving, profile (or directory) attributes based on other attributes of the target profile and that of associated profiles. In a specific implementation, the LDAP RFC 2254 string search syntax may be utilized to allow multiple related search filters to be specified at one time. The first of the sequence of query strings defined is used as a filter to retrieve candidate results and the succeeding filters, or query strings, are used to determine if a specific profile or directory should even be considered.

6609198, Aug 19, 2003

Aug 5, 1999

09/368506

David L. Wood - Louisville CO
Paul Weschler - Broomfield CO
Derk Norton - Louisville CO
Chris Ferris - Whitinsville MA
Yvonne Wilson - Mountain View CA
William R. Soley - Campbell CA

Sun Microsystems, Inc. - Santa Clara CA

G06F 126

713155, 713182, 713200, 713201

A security architecture has been developed in which a single sign-on is provided for multiple information resources. Rather than specifying a single authentication scheme for all information resources, the security architecture associates trust-level requirements with information resources. Authentication schemes (e. g. , those based on passwords, certificates, biometric techniques, smart cards, etc. ) are employed depending on the trust-level requirement(s) of an information resource (or information resources) to be accessed. Once credentials have been obtained for an entity and the entity has been authenticated to a given trust level, access is granted, without the need for further credentials and authentication, to information resources for which the authenticated trust level is sufficient. The security architecture allows upgrade of credentials for a given session. This capability is particularly advantageous in the context of a single, enterprise-wide log-on.

6807181, Oct 19, 2004

May 19, 1999

09/314804

Paul Weschler - Broomfield CO

Sun Microsystems, Inc. - Palo Alto CA

G06F 1516

370400, 370901, 709203, 719315, 713182

A method, system, and computer program product for accessing server resources by a client communicating control data to a server. A context object is associated to the control data. The context object includes methods for recording within the context object a set of properties identifying the client. A request packet is created from the control data and the context object. The request packet is transmitted to the server. The context object is passed to at least one method on the server. The method uses the context object to access the server resources.

6892307, May 10, 2005

Aug 5, 1999

09/368507

David L. Wood - Louisville CO, US
Derk Norton - Louisville CO, US
Paul Weschler - Broomfield CO, US
Chris Ferris - Whitinsville MA, US
Yvonne Wilson - Mountain View CA, US

Sun Microsystems, Inc. - Santa Clara CA

G06F011/30, G06F012/14, H04L009/00, H04L009/32

713201, 713200, 713155, 713156, 713175

A security architecture has been developed in which a single sign-on is provided for multiple information resources. Rather than specifying a single authentication scheme for all information resources, the security architecture associates trust-level requirements with information resources. Authentication schemes (e. g. , those based on passwords, certificates, biometric techniques, smart cards, etc. ) are associated with trust levels and a log-on service obtains credentials for an entity commensurate with the trust-level requirement(s) of an information resource (or information resources) to be accessed. Once credentials have been obtained for an entity and the entity has been authenticated to a given trust level, access is granted, without the need for further credentials and authentication, to information resources for which the authenticated trust level is sufficient.

6842903, Jan 11, 2005

May 19, 1999

09/314644

Paul Weschler - Broomfield CO, US

Sun Microsystems, Inc. - Palo Alto CA

G06F 900

719328, 717162, 717167

A system and method for providing dynamic references between services in a computer system which allows a first service (e. g. an application program running on a client computer in a local environment) to gain reference to a second service (e. g. a service running on a server computer in a distributed environment) without requiring knowledge of how to find the service or a particular version of the service on a distributed computer network. In a particular embodiment disclosed, when a getService method is called, a reference back to an instance of the service is returned and an implementation of a service connector interface encapsulates the logic necessary to lookup an instance of a specific service and return a reference to that service. In this regard, developers of a service may write, or program, a module that adheres to a service connector interface. Users of a service specify that the service connector provided by the service can be used to dynamically gain a reference to the service in their application.

7325128, Jan 29, 2008

Sep 19, 2006

11/533296

David L. Wood - Louisville CO, US
Paul Weschler - Broomfield CO, US
Derk Norton - Louisville CO, US
Chris Ferris - Whitinsville MA, US
Yvonne Wilson - Mountain View CA, US
William R. Soley - Campbell CA, US

Sun Microsystems, Inc. - Palo Alto CA

G06F 9/00

713155, 713169, 713182

A security architecture has been developed in which a single sign-on is provided for multiple information resources. Rather than specifying a single authentication scheme for all information resources, the security architecture associates trust-level requirements with information resources. Authentication schemes (e. g. , those based on passwords, certificates, biometric techniques, smart cards, etc. ) are employed depending on the trust-level requirement(s) of an information resource (or information resources) to be accessed. Once credentials have been obtained for an entity and the entity has been authenticated to a given trust level, access is granted, without the need for further credentials and authentication, to information resources for which the authenticated trust level is sufficient.

7117359, Oct 3, 2006

Sep 12, 2005

11/224675

David L. Wood - Louisville CO, US
Paul Weschler - Broomfield CO, US
Derk Norton - Louisville CO, US
Chris Ferris - Whitinsville MA, US
Yvonne Wilson - Mountain View CA, US
William R. Soley - Campbell CA, US

Sun Microsystems, Inc. - Santa Clara CA

G06F 1/24

713155, 713182, 713169

A security architecture has been developed in which a single sign-on is provided for multiple information resources. Rather than specifying a single authentication scheme for all information resources, the security architecture associates trust-level requirements with information resources. Authentication schemes (e. g. , those based on passwords, certificates, biometric techniques, smart cards, etc. ) are employed depending on the trust-level requirement(s) of an information resource (or information resources) to be accessed. Once credentials have been obtained for an entity and the entity has been authenticated to a given trust level, access is granted, without the need for further credentials and authentication, to information resources for which the authenticated trust level is sufficient. In addition, an entity can be allocated a new session and associated default credential if the entity's access request indicates an invalid session token or does not indicate a token.

6944761, Sep 13, 2005

Aug 19, 2003

10/643813

David L. Wood - Louisville CO, US
Paul Weschler - Broomfield CO, US
Derk Norton - Louisville CO, US
Chris Ferris - Whitinsville MA, US
Yvonne Wilson - Mountain View CA, US
William R. Soley - Campbell CA, US

Sun Microsystems, Inc. - Sunnyvale CA

G06F011/30

713155, 713182, 713200, 713201, 713169

A security architecture has been developed in which a single sign-on is provided for multiple information resources. Rather than specifying a single authentication scheme for all information resources, the security architecture associates trust-level requirements with information resources. Authentication schemes (e. g. , those based on passwords, certificates, biometric techniques, smart cards, etc. ) are employed depending on the trust-level requirement(s) of an information resource (or information resources) to be accessed. Once credentials have been obtained for an entity and the entity has been authenticated to a given trust level, access is granted, without the need for further credentials and authentication, to information resources for which the authenticated trust level is sufficient.

6920455, Jul 19, 2005

May 19, 1999

09/315200

Paul Weschler - Broomfield CO, US

Sun Microsystems, Inc. - Palo Alto CA

G06F017/30

707100, 707103 R, 707103 Y, 707103 Z, 709227, 709228

A profiling service for accessing user data. The profiling service includes a hierarchical structure of profile objects. Each profile object contains true-data attributes and meta-data attributes associated to the true-data attributes. Methods in the profiling service allow a client to access user data according to meta-data attribute settings. The true-data attributes may include the user data, or an external reference to the user data. The profile objects may also include bindings to other profile objects. Meta-data attributes can be identified with a prefix field in a meta-data value field, and methods to read and write the true and meta-data attributes may be included in the profile objects. The methods may also set an owner, an access privilege, a group, a creation time, a update time, expiration time, a trigger location, a binding flag, and an assurance level of true-data attributes. The profile objects can include profile level meta-data attributes.