专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

31. 发明授权

US08413146B1 Hypervisor assisted single instance data access by multiple virtual machines 有权
标题翻译：虚拟机管理程序辅助多个虚拟机的单一实例数据访问
公开(公告)号：US08413146B1
公开(公告)日：2013-04-02
申请号：US12940835
申请日：2010-11-05
申请人： Bruce McCorkendale , David Buches , William E. Sobel
发明人： Bruce McCorkendale , David Buches , William E. Sobel
IPC分类号： G06F9/455
CPC分类号： G06F9/45558 , G06F2009/45575 , G06F2009/45579 , G06F2009/45583
摘要： A data instance to be shared by multiple virtual machines is stored at a hypervisor level. A file system driver is provided to each virtual machine. Each virtual machine mounts a file system backed by the data instance, and thus has read access to the data through its mounted file system. A virtual machine is suspended. A copy of the data instance is saved as part of the stored image of the suspended virtual machine. The suspended virtual machine is subsequently restored from the stored image, and the copy of the data instance is present in the restored virtual machine. The copy of the data instance is detected at a hypervisor level, and the restored virtual machine is provided with read access to the data instance through its mounted filed system.
摘要翻译：要由多个虚拟机共享的数据实例存储在管理程序级别。文件系统驱动程序提供给每个虚拟机。每个虚拟机安装由数据实例支持的文件系统，从而通过其安装的文件系统读取对数据的访问。虚拟机被暂停。数据实例的副本将作为已暂停虚拟机的存储映像的一部分进行保存。被暂停的虚拟机随后从存储的映像还原，并且数据实例的副本存在于还原的虚拟机中。在虚拟机管理程序级别检测数据实例的副本，并通过其安装的现场系统向恢复的虚拟机提供对数据实例的读取访问。

32. 发明授权

US07818809B1 Confidential data protection through usage scoping 有权
标题翻译：机密数据保护通过使用范围
公开(公告)号：US07818809B1
公开(公告)日：2010-10-19
申请号：US10958477
申请日：2004-10-05
申请人： William E. Sobel , Bruce McCorkendale , Richard Willey
发明人： William E. Sobel , Bruce McCorkendale , Richard Willey
IPC分类号： G06F7/04 , G06Q30/00 , G06F21/00 , G06F15/173
CPC分类号： G06Q30/00 , G06F21/6218 , G06F2221/2113 , G06Q30/0633
摘要： Methods, apparatuses, and computer-readable media for protecting confidential data on a network. An embodiment of the inventive method comprises the steps of: monitoring 110 data directed to a website; identifying 120 a data string having at least one confidential characteristic; categorizing the data string with a categorization level; examining 140 the website for at least one characteristic consistent with confidential data; creating 155 a website characteristic profile; comparing 170 the website characteristic profile with the data string's categorization level for compatibility; and determining 180 whether the data string can be communicated to the website.
摘要翻译：用于保护网络上机密数据的方法，装置和计算机可读介质。本发明方法的一个实施例包括以下步骤：监视指向网站的110个数据; 识别120具有至少一个机密特征的数据串; 将数据串与分类级别进行分类; 检查140个网站至少一个与机密数据一致的特征; 创建155个网站特色档案; 将网站特征配置文件与数据字符串的分类级别进行比较，以实现兼容性; 并确定180是否可以将数据串传送到网站。

33. 发明授权

US07739494B1 SSL validation and stripping using trustworthiness factors 有权
标题翻译：使用可信赖因素进行SSL验证和剥离
公开(公告)号：US07739494B1
公开(公告)日：2010-06-15
申请号：US11226766
申请日：2005-09-13
申请人： Bruce McCorkendale , William E. Sobel
发明人： Bruce McCorkendale , William E. Sobel
IPC分类号： H04L29/06
CPC分类号： H04L63/0823 , H04L63/166
摘要： Computer-implemented methods, apparati, and computer-readable media for thwarting computer attacks. A method embodiment of the present invention comprises the steps of examining (52) a digital certificate (20) presented by a server computer (2); compiling (53) a set of suspicion indications (31) gleaned from said examining step (52); feeding (54) said suspicion indications (31) to a trustworthiness calculation engine (30); and outputting from said engine (30) a trustworthiness factor (32) that determines whether SSL stripping is to be used (57) on communications with said server computer (2).
摘要翻译：用于阻止计算机攻击的计算机实现的方法，设备和计算机可读介质。本发明的方法实施例包括检查（52）由服务器计算机（2）呈现的数字证书（20）的步骤; 编译（53）从所述检查步骤（52）收集的一组怀疑指示（31）; 将所述怀疑指示（31）馈送（54）到可信度计算引擎（30）; 以及从所述引擎（30）输出在与所述服务器计算机（2）通信时确定是否使用SSL剥离（57）的可信任因子（32）。

34. 发明授权

US07549169B1 Alternated update system and method 有权
标题翻译：交替更新系统和方法
公开(公告)号：US07549169B1
公开(公告)日：2009-06-16
申请号：US10928687
申请日：2004-08-26
申请人： William E. Sobel , Peter Szor , Bruce McCorkendale
发明人： William E. Sobel , Peter Szor , Bruce McCorkendale
IPC分类号： G06F12/14
CPC分类号： H04L63/1441 , G06F21/56
摘要： A method includes generating new update name lists and providing malicious code protection update information including the new update name lists to host computer systems. In one embodiment, the new update name lists are generated by registering domain names, and only a subset of the registered domain names are used to create an update name list provided to any one of the host computer systems.
摘要翻译：一种方法包括生成新的更新名称列表，并向主机系统提供包括新的更新名称列表的恶意代码保护更新信息。在一个实施例中，通过注册域名来生成新的更新名称列表，并且仅使用注册的域名的子集来创建提供给任何一个主计算机系统的更新名称列表。

35. 发明授权

US07490244B1 Blocking e-mail propagation of suspected malicious computer code 有权
标题翻译：阻止可疑恶意计算机代码的电子邮件传播
公开(公告)号：US07490244B1
公开(公告)日：2009-02-10
申请号：US10941527
申请日：2004-09-14
申请人： Mark Kennedy , William E. Sobel , Bruce McCorkendale , Carey Nachenberg
发明人： Mark Kennedy , William E. Sobel , Bruce McCorkendale , Carey Nachenberg
IPC分类号： H04L9/00
CPC分类号： H04L63/1408 , G06F21/566 , H04L51/12
摘要： Methods, apparatuses, and computer-readable media for preventing the spread of malicious computer code. An embodiment of the inventive method comprises the steps of: identifying (110) a computer application that is data mining an e-mail address; determining (130) whether the computer application associates at least one executable application and the data mined e-mail address with an e-mail message (120); and blocking (140) the transmission of the e-mail message when the e-mail message is associated with the at least one executable application and the data mined e-mail address.
摘要翻译：用于防止恶意计算机代码扩散的方法，装置和计算机可读介质。本发明方法的实施例包括以下步骤：识别（110）数据挖掘电子邮件地址的计算机应用程序; 确定（130）计算机应用程序是否将至少一个可执行应用程序和数据挖掘的电子邮件地址与电子邮件消息（120）相关联; 以及当所述电子邮件消息与所述至少一个可执行应用程序和所述数据挖掘的电子邮件地址相关联时，阻止（140）所述电子邮件消息的发送。

36. 发明申请

US20090037997A1 METHOD FOR DETECTING DNS REDIRECTS OR FRAUDULENT LOCAL CERTIFICATES FOR SSL SITES IN PHARMING/PHISHING SCHEMES BY REMOTE VALIDATION AND USING A CREDENTIAL MANAGER AND RECORDED CERTIFICATE ATTRIBUTES 有权
标题翻译：通过远程验证和使用经认证的管理人员和记录的证书属性来检测DNS重定向或欺诈性的本地证书，用于药品/打印方案中的SSL站点
公开(公告)号：US20090037997A1
公开(公告)日：2009-02-05
申请号：US11831843
申请日：2007-07-31
申请人： Paul Agbabian , William E. Sobel , Bruce McCorkendale
发明人： Paul Agbabian , William E. Sobel , Bruce McCorkendale
IPC分类号： H04L9/32
CPC分类号： H04L63/1416 , H04L63/0823 , H04L63/166
摘要： Certificate information associated with a received certificate, such as a Secure Sockets Layer (SSL) certificate is stored in a trusted local cache and/or in one or more remote trusted sources, such as a single remote trusted source and/or a trusted peer network. When a site certificate is received on a host computer system, certificate information associated with the received site certificate is obtained and compared with the stored certificate information to determine whether or not the site certificate indicates malicious activity, such as a malicious DNS redirection or a fraudulent local certificate. When a site certificate is not found indicative of malicious activity, the site certificate is released. Alternatively, when a site certificates is found indicative of malicious activity protective action is taken. In some embodiments, a user's log-in credentials are automatically obtained from a trusted local cache and automatically submitted to a web site.
摘要翻译：与接收到的证书（例如安全套接字层（SSL））证书相关联的证书信息被存储在受信任的本地高速缓存和/或一个或多个远程可信源中，诸如单个远程可信源和/或可信对等网络。当在主机系统上接收到站点证书时，获得与接收到的站点证书相关联的证书信息，并将其与存储的证书信息进行比较，以确定站点证书是否指示恶意活动，例如恶意DNS重定向或欺诈本地证书。当找不到指示恶意活动的站点证书时，将发布站点证书。或者，当发现指示恶意行为的现场证书时，采取保护措施。在一些实施例中，从受信任的本地高速缓存自动地获得用户的登录凭证并自动提交给网站。

37. 发明授权

US07249187B2 Enforcement of compliance with network security policies 有权
标题翻译：执行网络安全策略
公开(公告)号：US07249187B2
公开(公告)日：2007-07-24
申请号：US10305622
申请日：2002-11-27
申请人： William E Sobel , Greg Vogel , Bruce McCorkendale
发明人： William E Sobel , Greg Vogel , Bruce McCorkendale
IPC分类号： G06F15/16
CPC分类号： H04L63/105 , H04L63/20
摘要： Methods, apparati, and computer program products enforce computer network security policies by assigning network membership to a client (105) based on the client's compliance with the security policies. When a client (105) requests (305) a network address, the DHCP proxy (110) intercepts the request and assigns (350) that client (105) a logical address on the protected network (140) if the client (105) is in compliance with the security policies. If the client (105) is not in compliance with the security policies, in various embodiments, the DHCP proxy (110) assigns (350) the client (105) an address on a restricted network (145) or no network address at all.
摘要翻译：方法，设备和计算机程序产品通过根据客户端遵守安全策略向客户端（105）分配网络成员来强制执行计算机网络安全策略。当客户端（105）请求（305）网络地址时，如果客户机（105）是（305）的客户端（105）是网络地址，则DHCP代理（110）拦截该请求并且在该保护网络（140）上分配（350）符合安全政策。如果客户端（105）不符合安全策略，则在各种实施例中，DHCP代理（110）分配（350）客户端（105）在受限网络（145）上的地址或根本不分配网络地址。

38. 发明授权

US07155741B2 Alteration of module load locations 有权
标题翻译：改变模块负载位置
公开(公告)号：US07155741B2
公开(公告)日：2006-12-26
申请号：US10140149
申请日：2002-05-06
申请人： William E Sobel , Bruce McCorkendale
发明人： William E Sobel , Bruce McCorkendale
IPC分类号： H04L9/00
CPC分类号： G06F21/52 , G06F21/51
摘要： Buffer overflow attacks are prevented by altering the load locations of commonly used executable code modules. A monitor layer (210) is associated with an operating system (220) and controls the load locations for predetermined modules containing executable code that can be used in the execution of buffer overflow attacks. The monitor layer (210) applies predetermined criteria to determine whether a module (280) presents a high risk for enabling a buffer overflow attack. If the monitor layer (210) determines that the module (280) presents a high risk, the monitor layer (210) may force the module (280) to load in an alternate location (290) by reserving sections of memory (295) into which the module normally loads. Alternatively, the monitor layer (210) may alter the area of the module that directs the operating system (220) to load it into a particular location (295), thus causing the operation system to load the module to an alternate location (290).
摘要翻译：通过更改常用可执行代码模块的加载位置来防止缓冲区溢出攻击。监视器层（210）与操作系统（220）相关联并且控制包含可用于执行缓冲器溢出攻击的可执行代码的预定模块的加载位置。监视器层（210）应用预定标准来确定模块（280）是否具有启用缓冲器溢出攻击的高风险。如果监视器层（210）确定模块（280）具有高风险，则监视器层（210）可以通过将存储器（295）的部分保留在模块（280）中来将模块（280）加载到备用位置（290）中模块通常加载。或者，监视器层（210）可以改变引导操作系统（220）的模块的区域以将其加载到特定位置（295），从而使操作系统将模块加载到备用位置（290）。

39. 发明授权

US08909845B1 Systems and methods for identifying candidate duplicate memory pages in a virtual environment 有权
标题翻译：用于在虚拟环境中识别候选重复存储器页的系统和方法
公开(公告)号：US08909845B1
公开(公告)日：2014-12-09
申请号：US12946118
申请日：2010-11-15
申请人： William E. Sobel , Bruce McCorkendale
发明人： William E. Sobel , Bruce McCorkendale
IPC分类号： G06F9/455 , G06F3/06
CPC分类号： G06F9/45558 , G06F3/0608 , G06F3/0641 , G06F3/0676 , G06F2009/45583
摘要： A computer-implemented method to identify candidate duplicate memory pages in a virtual environment is described. At least one memory page in memory is analyzed. The at least one memory page is associated with an application executing in a virtual machine. Information for the at least one memory page in memory is collected when the at least one memory page is identified as being a candidate duplicate memory page. The information identifies the application associated with the at least one memory page. A report is generated that includes the collected information for the at least one memory page.
摘要翻译：描述了用于在虚拟环境中识别候选重复存储器页的计算机实现的方法。内存中至少有一个内存页被分析。至少一个存储器页面与在虚拟机中执行的应用程序相关联。当至少一个存储器页被识别为候选重复存储器页面时，收集用于存储器中的至少一个存储器页面的信息。该信息标识与至少一个存储器页相关联的应用。生成包括用于至少一个存储器页面的收集的信息的报告。

40. 发明授权

US08667489B2 Systems and methods for sharing the results of analyses among virtual machines 有权
标题翻译：在虚拟机之间共享分析结果的系统和方法
公开(公告)号：US08667489B2
公开(公告)日：2014-03-04
申请号：US12826122
申请日：2010-06-29
申请人： William E. Sobel , Bruce McCorkendale
发明人： William E. Sobel , Bruce McCorkendale
IPC分类号： G06F3/00 , G06F9/44 , G06F9/46 , G06F13/00
CPC分类号： G06F21/53 , G06F9/45558 , G06F21/563 , G06F2009/45562 , G06F2221/2149 , G06F2221/2151
摘要： A computer-implemented method may include performing a first analysis on at least one file of a master virtual machine and inserting, into the master virtual machine, information that indicates at least one result of the first analysis. The computer-implemented method may also include maintaining at least one additional virtual machine that is based on the master virtual machine. The computer-implemented method may further include directing the additional virtual machine to reference the information in the master virtual machine instead of performing a second analysis on at least one file of the additional virtual machine. Various other systems, methods, and computer-readable media are also disclosed.
摘要翻译：计算机实现的方法可以包括对主虚拟机的至少一个文件执行第一分析，并将主要虚拟机插入指示第一次分析的至少一个结果的信息。计算机实现的方法还可以包括维护基于主虚拟机的至少一个附加虚拟机。计算机实现的方法还可以包括引导附加虚拟机引用主虚拟机中的信息，而不是对附加虚拟机的至少一个文件执行第二分析。还公开了各种其它系统，方法和计算机可读介质。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式