专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

21. 发明授权

US09286477B2 Secure app ecosystem with key and data exchange according to enterprise information control policy 有权
标题翻译：根据企业信息化管理政策，密钥和数据交换安全应用生态系统
公开(公告)号：US09286477B2
公开(公告)日：2016-03-15
申请号：US13598248
申请日：2012-08-29
申请人： William E. Sobel , Thomas Jeffrey Enderwick , Bruce McCorkendale
发明人： William E. Sobel , Thomas Jeffrey Enderwick , Bruce McCorkendale
IPC分类号： G06F11/30 , G06F21/60 , H04L29/06 , G06F17/30
CPC分类号： G06F21/606 , G06F17/30238 , G06F21/604 , H04L63/0428 , H04L63/20
摘要： Multiple apps of an ecosystem on a computer securely exchange encrypted data according to an information control policy of an enterprise, without allowing unauthorized access from outside of the ecosystem. An ecosystem agent creates an ecosystem directory, which contains policy information and identification information concerning each specific app in the ecosystem, including the ecosystem agent. Each ecosystem app generates an asymmetric key pair, the public key of which it shares only with apps in the ecosystem through the directory. The ecosystem agent's private key is used to encrypt the directory. Data is securely communicated between apps in the ecosystem, by encrypting and decrypting messages and data objects with the appropriate ecosystem app keys. Each specific app in the ecosystem complies with enterprise information control policy. Ecosystem apps can read a policy from the directory, and receive policy updates from the enterprise.
摘要翻译：计算机上生态系统的多个应用程序根据企业的信息控制策略安全地交换加密数据，而不允许从生态系统外面进行未经授权的访问。生态系统代理创建一个生态系统目录，其中包含有关生态系统中每个特定应用程序（包括生态系统代理）的策略信息和标识信息。每个生态系统应用程序都会生成一个非对称密钥对，其公钥仅通过目录与生态系统中的应用共享。生态系统代理的私钥用于加密目录。通过使用适当的生态系统应用程序密钥加密和解密消息和数据对象，可以在生态系统中的应用程序之间安全地传送数据。生态系统中的每个具体应用都符合企业信息控制政策。生态系统应用程序可以从目录中读取策略，并从企业接收策略更新。

22. 发明授权

US09075497B1 Enabling selective policy driven seamless user interface presentation between and among a host and a plurality of guests 有权
标题翻译：启用选择性策略驱动主机和多个客户端之间和之间的无缝用户界面呈现
公开(公告)号：US09075497B1
公开(公告)日：2015-07-07
申请号：US13048668
申请日：2011-03-15
申请人： William E. Sobel , Bruce McCorkendale
发明人： William E. Sobel , Bruce McCorkendale
IPC分类号： G06F3/00 , G06F3/0481 , G06F3/01 , G06F1/16
CPC分类号： G06F3/0481 , G06F1/1626 , G06F9/451 , G06F9/45558
摘要： Selective projection of user interface elements between a host and a plurality of guests is provided according to a configurable policy. User interface elements generated by guests and/or the host are captured. It is determined whether to project captured elements into the user interface with which the user is currently interacting, based on the policy. In some cases, it is determined to project a captured element originating from a first user interface into a second user interface with which the user is currently interacting, based on factors such as source, destination, element attributes, element contents and/or element type. Responsive to such a determination, the captured element is projected into the current user interface, thereby presenting the projected element to the user.
摘要翻译：根据可配置的策略提供主机与多个客户端之间的用户界面元素的选择性投影。捕获由客人和/或主机生成的用户界面元素。基于策略确定是否将捕获的元素投射到用户正在与之进行交互的用户界面中。在一些情况下，基于诸如源，目的地，元素属性，元素内容和/或元素类型的因素，确定将源自第一用户界面的捕获元素投影到用户正在与之进行交互的第二用户界面中。响应于这样的确定，捕获的元素被投影到当前用户界面中，从而向用户呈现投影元素。

23. 发明授权

US08312547B1 Anti-malware scanning in a portable application virtualized environment 有权
标题翻译：在可移植应用程序虚拟化环境中的反恶意软件扫描
公开(公告)号：US08312547B1
公开(公告)日：2012-11-13
申请号：US12059764
申请日：2008-03-31
申请人： William E. Sobel , Bruce McCorkendale
发明人： William E. Sobel , Bruce McCorkendale
IPC分类号： H04L29/06
CPC分类号： G06F21/567
摘要： A computer includes a portable environment including a portable file system located on a removable storage device, the portable environment using virtualization in a host operating system. A path translation module translates a virtualized path of a file in the portable file system to an actual path of the file. The virtualized path is the path in the context of a portable user application running in the portable environment, and the actual path is the path in the context of the host operating system. A malware detection module executing directly under the host operating system determines whether the file contains malware using the actual path of the file and takes remedial actions if malware is detected.
摘要翻译：计算机包括便携式环境，其包括位于可移动存储设备上的便携式文件系统，所述便携式环境在主机操作系统中使用虚拟化。路径转换模块将便携式文件系统中的文件的虚拟路径转换为文件的实际路径。虚拟化路径是在便携式环境中运行的便携式用户应用程序的上下文中的路径，实际路径是主机操作系统上下文中的路径。在主机操作系统下直接执行的恶意软件检测模块确定该文件是否包含使用该文件的实际路径的恶意软件，并在检测到恶意软件时采取补救措施。

24. 发明申请

US20120240181A1 TECHNIQUES FOR SECURING A CHECKED-OUT VIRTUAL MACHINE IN A VIRTUAL DESKTOP INFRASTRUCTURE 有权
标题翻译：在虚拟桌面基础设施中安全检查虚拟机的技术
公开(公告)号：US20120240181A1
公开(公告)日：2012-09-20
申请号：US13049480
申请日：2011-03-16
申请人： Bruce McCorkendale , William E. Sobel , Matthew R. Barnes
发明人： Bruce McCorkendale , William E. Sobel , Matthew R. Barnes
IPC分类号： G06F21/00
CPC分类号： G06F21/57 , G06F9/452 , G06F9/45558 , G06F21/53
摘要： Techniques for securing checked-out virtual machines in a virtual desktop infrastructure (VDI) are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for securing a checked-out guest virtual machine including receiving a request for checking-out a guest virtual machine hosted by a server network element, wherein checking-out the guest virtual machine comprises transferring hosting of the guest virtual machine from the server network element to a client network element. The method for securing a checked-out guest virtual machines may also include configuring a security module for the guest virtual machine in order to secure the guest virtual machine and providing the security module to the guest virtual machine when the guest virtual machine is checked-out.
摘要翻译：公开了在虚拟桌面基础设施（VDI）中确保检出的虚拟机的技术。在一个特定的示例性实施例中，这些技术可以被实现为用于保护被检出的客户虚拟机的方法，包括接收由服务器网络元件托管的访客虚拟机的检出请求，其中，检出来宾虚拟机包括将来宾虚拟机的主机从服务器网络元件传送到客户端网络元件。用于保护签出来宾虚拟机的方法还可以包括：为访客虚拟机配置安全模块，以便在访客虚拟机被检出时保护访客虚拟机并将该安全模块提供给客体虚拟机。

25. 发明授权

US08140804B1 Systems and methods for determining whether to perform a computing operation that is optimized for a specific storage-device-technology type 有权
标题翻译：用于确定是否执行针对特定存储设备技术类型而优化的计算操作的系统和方法
公开(公告)号：US08140804B1
公开(公告)日：2012-03-20
申请号：US12337132
申请日：2008-12-17
申请人： William E. Sobel , Bruce McCorkendale
发明人： William E. Sobel , Bruce McCorkendale
IPC分类号： G06F3/00 , G06F12/00
CPC分类号： G06F3/0653 , G06F3/0605 , G06F3/0634 , G06F3/0679
摘要： A computer-implemented method for determining whether to perform a computing operation that is optimized for a specific storage-device-technology type may comprise: 1) performing at least one proximate read operation by accessing a control location on a storage device and then accessing a test location on the storage device that is logically proximate to the control location, 2) performing at least one remote read operation by accessing a test location on the storage device that is logically remote from the control location, 3) determining, by comparing a length of time to access the proximate test location with a length of time to access the remote test location, a technology type of the storage device, and then 4) determining, based on the technology type of the storage device, whether to perform the computing operation. Corresponding systems and computer-readable media are also disclosed.
摘要翻译：用于确定是否执行针对特定存储设备技术类型优化的计算操作的计算机实现的方法可以包括：1）通过访问存储设备上的控制位置并且然后访问在逻辑上靠近控制位置的存储设备上的测试位置，2）通过访问逻辑上远离控制位置的存储设备上的测试位置来执行至少一个远程读取操作，3）通过比较长度的时间以访问远程测试位置的时间长度，存储设备的技术类型，然后4）基于存储设备的技术类型来确定是否执行计算操作。还公开了相应的系统和计算机可读介质。

26. 发明授权

US08104083B1 Virtual machine file system content protection system and method 有权
标题翻译：虚拟机文件系统内容保护系统及方法
公开(公告)号：US08104083B1
公开(公告)日：2012-01-24
申请号：US12059622
申请日：2008-03-31
申请人： William E. Sobel , Bruce McCorkendale , Paul Agbabian
发明人： William E. Sobel , Bruce McCorkendale , Paul Agbabian
IPC分类号： G06F7/04 , G06F12/14 , G06F12/00 , G06F13/00
CPC分类号： G06F21/53 , G06F9/4401 , G06F9/45558 , G06F21/56 , G06F2009/45579
摘要： A method includes creating a first virtual machine comprising a remote file system. The method further includes causing all input/output from a second virtual machine to be redirected to the remote file system, the first virtual machine and the second virtual machine being on a single physical computer. The file system is securely protected from any malicious code executing on the second virtual machine by the hardware enforced partitioning between the first virtual machine and the second virtual machine.
摘要翻译：一种方法包括创建包括远程文件系统的第一虚拟机。该方法还包括使得来自第二虚拟机的所有输入/输出被重定向到远程文件系统，第一虚拟机和第二虚拟机位于单个物理计算机上。通过在第一虚拟机和第二虚拟机之间的硬件强制分区，文件系统被安全地保护免受在第二虚拟机上执行的任何恶意代码。

27. 发明申请

US20100191784A1 Extending Secure Management of File Attribute Information to Virtual Hard Disks 审中-公开
标题翻译：将文件属性信息的安全管理扩展到虚拟硬盘
公开(公告)号：US20100191784A1
公开(公告)日：2010-07-29
申请号：US12362452
申请日：2009-01-29
申请人： William E. SOBEL , Bruce McCorkendale
发明人： William E. SOBEL , Bruce McCorkendale
IPC分类号： G06F17/30 , G06F17/00 , G06F11/00
CPC分类号： G06F21/56 , G06F21/562
摘要： File attribute information is shared between processes running on a virtual machine and processes accessing a virtual hard disk from a host level. When a host level process accesses files on a virtual hard disk, that process updates the relevant file attribute information, and stores the updated file attribute information on the virtual hard disk. When a virtual machine level process subsequently accesses files on the virtual hard disk, that process reads the updated file attribute information, and omits unnecessary operations. When a virtual machine level process accesses files on the virtual hard disk and updates the corresponding file attribute information, that process communicates the updated file attribute information to the host. When a host level process subsequently accesses files on the virtual hard disk, the host level process reads the updated file attribute information.
摘要翻译：文件属性信息在虚拟机上运行的进程之间共享，并处理从主机级访问虚拟硬盘。当主机级进程访问虚拟硬盘上的文件时，该进程将更新相关的文件属性信息，并将更新的文件属性信息存储在虚拟硬盘上。当虚拟机级别进程随后访问虚拟硬盘上的文件时，该进程读取更新的文件属性信息，并省略不必要的操作。当虚拟机级别进程访问虚拟硬盘上的文件并更新相应的文件属性信息时，该进程将更新的文件属性信息传送给主机。当主机级进程随后访问虚拟硬盘上的文件时，主机级进程读取更新的文件属性信息。

28. 发明授权

US07472418B1 Detection and blocking of malicious code 有权
标题翻译：检测和阻止恶意代码
公开(公告)号：US07472418B1
公开(公告)日：2008-12-30
申请号：US10643564
申请日：2003-08-18
申请人： Bruce McCorkendale , William E. Sobel
发明人： Bruce McCorkendale , William E. Sobel
IPC分类号： G06F11/00 , G06F12/14 , G06F12/16 , G06F15/18 , G08B23/00
CPC分类号： G06F21/566 , G06F21/56 , H04L63/1425
摘要： Inbound and outbound traffic on a computer system are intercepted and compared to determine if the presence of malicious code is indicated. Outbound traffic that is sufficiently similar to recently received inbound traffic is indicative of the presence of malicious code. In some embodiments, if the presence of malicious code is indicated, the user, as well as other individuals or systems, are notified of the detection. In some embodiments, if desired, protective actions are initiated to hinder or block the propagation of the malicious code from the host computer system to other computer systems, as well as to remove or inactivate the malicious code on the host computer system.
摘要翻译：拦截和比较计算机系统上的入站和出站流量，以确定是否显示恶意代码的存在。与最近收到的入站流量非常相似的出站流量表示存在恶意代码。在一些实施例中，如果指示恶意代码的存在，则向用户以及其他个人或系统通知该检测。在一些实施例中，如果需要，启动保护动作以阻止或阻止恶意代码从主计算机系统传播到其他计算机系统，以及移除或停用主机计算机系统上的恶意代码。

29. 发明授权

US07366919B1 Use of geo-location data for spam detection 有权
标题翻译：使用地理位置数据进行垃圾邮件检测
公开(公告)号：US07366919B1
公开(公告)日：2008-04-29
申请号：US10424532
申请日：2003-04-25
申请人： William E Sobel , Bruce McCorkendale
发明人： William E Sobel , Bruce McCorkendale
IPC分类号： G06F7/04 , G06F17/30 , G06F11/00 , G06K9/00 , H04L9/32
CPC分类号： H04L51/20 , H04L51/12 , H04L51/28 , H04L63/0227 , H04L63/107 , H04L63/1441
摘要： Computer implemented methods, apparati, and computer-readable media for detecting suspected spam in e-mail (24) originating from a sending computer (21). A method embodiment comprises the steps of determining (11) the actual IP address (23) of the sending computer (21); converting (12) the actual IP address (23) into geo-location data; and, using the geo-location data, ascertaining (13) whether the e-mail (24) contains suspected spam.
摘要翻译：用于检测来自发送计算机（21）的电子邮件（24）中的可疑垃圾邮件的计算机实现的方法，装置和计算机可读介质。方法实施例包括以下步骤：确定（11）发送计算机（21）的实际IP地址（23）; 将（12）实际IP地址（23）转换为地理位置数据; 并且使用地理位置数据确定（13）电子邮件（24）是否包含可疑的垃圾邮件。

30. 发明授权

US08977842B1 Hypervisor enabled secure inter-container communications 有权
标题翻译：管理程序启用安全的集装箱间通信
公开(公告)号：US08977842B1
公开(公告)日：2015-03-10
申请号：US12701399
申请日：2010-02-05
申请人： Bruce McCorkendale , William E. Sobel
发明人： Bruce McCorkendale , William E. Sobel
IPC分类号： H04L29/06 , H04L9/08
CPC分类号： H04L63/0428 , G06F21/53 , G06F21/57 , G06F21/602 , H04L9/0816
摘要： A secure component communication management system provides secure, trusted communication between components in a hypervisor based virtual computing environment. A hypervisor security extension generates a container level private key/public key pair. The hypervisor security extension container injects the container level public key into one or more VM(s) that are to securely receive trustworthy data. The hypervisor security extension container encrypts data to transmit to VMs with the container level private key, and injects the encrypted data into one or more target VM(s), such that the injected data is trusted by the VM(s). The one or more VM(s) receive the container level public key and data encrypted with the container level private key, injected by the hypervisor security extension container. These VM(s) use the public key to decrypt injected data encrypted with the private key, such that the decrypted data is trusted.
摘要翻译：安全组件通信管理系统在基于虚拟机管理程序的虚拟计算环境中的组件之间提供安全的可信任的通信。管理程序安全扩展生成容器级私钥/公钥对。虚拟机管理程序安全扩展容器将容器级公钥注入一个或多个要安全地接收可靠数据的VM。虚拟机管理程序安全扩展容器加密数据以使用容器级私有密钥发送到VM，并将加密的数据注入到一个或多个目标VM中，使得注入的数据被VM信任。一个或多个VM接收容器级公钥和使用由管理程序安全扩展容器注入的容器级别私钥加密的数据。这些VM使用公钥来解密用私钥加密的注入数据，使得解密的数据被信任。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式