专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08671446B2 Method and system for configuring a rule file for firewall of web server 有权
标题翻译：配置Web服务器防火墙规则文件的方法和系统
公开(公告)号：US08671446B2
公开(公告)日：2014-03-11
申请号：US12500674
申请日：2009-07-10
申请人： Da Ming Hao , Lin Luo , Ye Wang , Yu Zhang
发明人： Da Ming Hao , Lin Luo , Ye Wang , Yu Zhang
IPC分类号： H04L29/06 , G06F15/16
CPC分类号： H04L67/34 , H04L63/0245 , H04L63/0263 , H04L63/1416 , H04L67/2819 , H04L69/22
摘要： A method, a system, and a computer program product embodying computer readable code for configuring a rule file for a Web application firewall. The method includes: blocking a response created by a Web application; modifying the response by adding capturing code for capturing a regular expression and an associated parameter value embedded in the response while being executed; sending the modified response to the browser; receiving a request submitted by the browser and at least one regular expression and an associated parameter value captured by the capturing code; determining a parameter name and a regular expression associated with the same parameter value, and configuring the rule file of the firewall by use of the determined parameter name and regular expression associated with one another as a filtering rule.
摘要翻译：一种包含用于配置Web应用程序防火墙的规则文件的计算机可读代码的方法，系统和计算机程序产品。该方法包括：阻止由Web应用程序创建的响应; 通过添加用于捕获正常表达式的捕获代码和在执行时嵌入在响应中的关联参数值来修改响应; 将修改的响应发送到浏览器; 接收由浏览器提交的请求和由捕获代码捕获的至少一个正则表达式和相关联的参数值; 确定与相同参数值相关联的参数名称和正则表达式，并且通过使用确定的参数名称和彼此相关联的正则表达式来将防火墙的规则文件配置为过滤规则。

2. 发明授权

US08407481B2 Secure apparatus and method for protecting integrity of software system and system thereof 失效
标题翻译：用于保护软件系统完整性的安全装置和方法及其系统
公开(公告)号：US08407481B2
公开(公告)日：2013-03-26
申请号：US12163797
申请日：2008-06-27
申请人： Ya Bin Dang , Da Ming Hao , Shih-Gong Li , Lin Luo , Shun Xiang Yang
发明人： Ya Bin Dang , Da Ming Hao , Shih-Gong Li , Lin Luo , Shun Xiang Yang
IPC分类号： G06F11/30 , G06F12/14 , G06F7/04 , G06F17/30 , G06F21/00 , H04N7/16
CPC分类号： G06F21/125
摘要： Provided is a secure apparatus for protecting the integrity of a software system and a method thereof. The apparatus comprises: a template repository for storing templates required for generating an agent module; a template generator for randomly selecting one template from said template repository and generating a new agent module according to the selected template; and a transceiver for sending said new agent module to an external apparatus communicating with said secure apparatus to update a current agent module which is running in said external apparatus, wherein said current agent module is used to verify the integrity of said software system running in said external apparatus. The secure apparatus can protect software in an insecure environment with a high software protection level to prevent the software from being tampered or bypassed.
摘要翻译：提供一种用于保护软件系统的完整性的安全装置及其方法。该装置包括：用于存储生成代理模块所需的模板的模板存储库; 模板生成器，用于从所述模板存储库中随机选择一个模板，并根据所选模板生成新的代理模块; 以及收发器，用于将所述新代理模块发送到与所述安全装置通信的外部设备，以更新在所述外部设备中运行的当前代理模块，其中所述当前代理模块用于验证在所述外部设备中运行的所述软件系统的完整性外部设备安全设备可以在具有高软件保护级别的不安全环境中保护软件，以防止软件被篡改或绕过。

3. 发明申请

US20090327745A1 SECURE APPARATUS AND METHOD FOR PROTECTING INTEGRITY OF SOFTWARE SYSTEM AND SYSTEM THEREOF 失效
标题翻译：用于保护软件系统及其系统的完整性的安全设备和方法
公开(公告)号：US20090327745A1
公开(公告)日：2009-12-31
申请号：US12163797
申请日：2008-06-27
申请人： Ya Bin Dang , Da Ming Hao , Shih-Gong Li , Lin Luo , Shun Xiang Yang
发明人： Ya Bin Dang , Da Ming Hao , Shih-Gong Li , Lin Luo , Shun Xiang Yang
IPC分类号： G06F21/00 , G06F12/14
CPC分类号： G06F21/125
摘要： Provided is a secure apparatus for protecting the integrity of a software system and a method thereof. The apparatus comprises: a template repository for storing templates required for generating an agent template; a template generator for randomly selecting one template from said template repository and generating a new agent template according to the selected template; and a transceiver for sending said new agent module to an external apparatus communicating with said secure apparatus to update a current agent module which is running in said external apparatus, wherein said current agent module is used to verify the integrity of said software system running in said external apparatus. The secure apparatus can protect software in an insecure environment with a high software protection level to prevent the software from being tampered or bypassed.
摘要翻译：提供一种用于保护软件系统的完整性的安全装置及其方法。该装置包括：用于存储生成代理模板所需的模板的模板存储库; 模板生成器，用于从所述模板存储库中随机选择一个模板，并根据所选模板生成新的代理模板; 以及收发器，用于将所述新代理模块发送到与所述安全装置通信的外部设备，以更新在所述外部设备中运行的当前代理模块，其中所述当前代理模块用于验证在所述外部设备中运行的所述软件系统的完整性外部设备安全设备可以在具有高软件保护级别的不安全环境中保护软件，以防止软件被篡改或绕过。

4. 发明申请

US20100017868A1 METHOD AND SYSTEM FOR CONFIGURING A RULE FILE FOR FIREWALL OF WEB SERVER 有权
标题翻译：用于配置WEB服务器防火墙的规则文件的方法和系统
公开(公告)号：US20100017868A1
公开(公告)日：2010-01-21
申请号：US12500674
申请日：2009-07-10
申请人： Da Ming Hao , Lin Luo , Ye Wang , Yu Zhang
发明人： Da Ming Hao , Lin Luo , Ye Wang , Yu Zhang
IPC分类号： G06F17/00 , G06F15/18 , G06F1/24
CPC分类号： H04L67/34 , H04L63/0245 , H04L63/0263 , H04L63/1416 , H04L67/2819 , H04L69/22
摘要： A method, a system, and a computer program product embodying computer readable code for configuring a rule file for a Web application firewall. The method includes: blocking a response created by a Web application; modifying the response by adding capturing code for capturing a regular expression and an associated parameter value embedded in the response while being executed; sending the modified response to the browser; receiving a request submitted by the browser and at least one regular expression and an associated parameter value captured by the capturing code; determining a parameter name and a regular expression associated with the same parameter value, and configuring the rule file of the firewall by use of the determined parameter name and regular expression associated with one another as a filtering rule.
摘要翻译：一种包含用于配置Web应用程序防火墙的规则文件的计算机可读代码的方法，系统和计算机程序产品。该方法包括：阻止由Web应用程序创建的响应; 通过添加用于捕获正常表达式的捕获代码和在执行时嵌入在响应中的关联参数值来修改响应; 将修改的响应发送到浏览器; 接收由浏览器提交的请求和由捕获代码捕获的至少一个正则表达式和相关联的参数值; 确定与相同参数值相关联的参数名称和正则表达式，并且通过使用确定的参数名称和彼此相关联的正则表达式来将防火墙的规则文件配置为过滤规则。

5. 发明申请

US20080021922A1 METHOD AND SYSTEM FOR MAINTAINING ORIGINALITY-RELATED INFORMATION ABOUT ELEMENTS IN AN EDITABLE OBJECT 有权
标题翻译：用于维护可编辑对象中的元素的原始相关信息的方法和系统
公开(公告)号：US20080021922A1
公开(公告)日：2008-01-24
申请号：US11780583
申请日：2007-07-20
申请人： Brent Tzion Hailpern , Da Ming Hao , Lin Luo , Peter Kenneth Malkin , Harold Ossher , Lawrence Scott Rich , Dave Thomson , Zhong Tian , John Wiegand , Hang Jun Ye
发明人： Brent Tzion Hailpern , Da Ming Hao , Lin Luo , Peter Kenneth Malkin , Harold Ossher , Lawrence Scott Rich , Dave Thomson , Zhong Tian , John Wiegand , Hang Jun Ye
IPC分类号： G06F17/30
CPC分类号： G06F21/6209 , G06F8/33 , G06F8/36 , G06F8/71 , G06F21/552 , G06F21/6227 , G06F2221/0737
摘要： A method and system for maintaining originality-related information about elements in an editable object. It is determined that an element has been edited in the editable object. The originality-related information about the element, including the element's creator, is identified and recorded by embedding the originality-related information in the editable object, storing the originality-related information in an attached file, or storing the originality-related information in association with the element in a repository configured to be shared by different editable objects and further configured to be queried for elements of the different editable objects in association with originality-related information pertaining to the elements of the different editable objects. Whether the element is in compliance with a policy relating to the originality-related information about the element is assessed, and a result of the assessing (indicating compliance or non-compliance of the element with the policy) may be transmitted to a user.
摘要翻译：一种用于维护关于可编辑对象中的元素的原创性相关信息的方法和系统。确定在可编辑对象中已经编辑了一个元素。通过将原创性相关信息嵌入可编辑对象中，将原始性相关信息存储在附加文件中，或将原始性相关信息存储在关联中来识别和记录关于元素的与原始内容有关的信息，包括元素的创建者其中所述存储库中的元素被配置为由不同的可编辑对象共享，并且还被配置为针对与不同可编辑对象的元素有关的原始性相关信息关联的不同可编辑对象的元素进行查询。评估该元素是否符合有关元素的原始性相关信息的政策，并且评估结果（指示元素与策略的合规性或不符合性）可以被传送给用户。

6. 发明授权

US07769787B2 Method and system for maintaining originality-related information about elements in an editable object 有权
标题翻译：用于维护与可编辑对象中的元素有关的原创性相关信息的方法和系统
公开(公告)号：US07769787B2
公开(公告)日：2010-08-03
申请号：US11780583
申请日：2007-07-20
申请人： Brent Tzion Hailpern , Da Ming Hao , Lin Luo , Peter Kenneth Malkin , Harold Ossher , Lawrence Scott Rich , Dave Thomson , Zhong Tian , John Wiegand , Hang Jun Ye
发明人： Brent Tzion Hailpern , Da Ming Hao , Lin Luo , Peter Kenneth Malkin , Harold Ossher , Lawrence Scott Rich , Dave Thomson , Zhong Tian , John Wiegand , Hang Jun Ye
IPC分类号： G06F7/00
CPC分类号： G06F21/6209 , G06F8/33 , G06F8/36 , G06F8/71 , G06F21/552 , G06F21/6227 , G06F2221/0737
摘要： A method and system for maintaining originality-related information about elements in an editable object. It is determined that an element has been edited in the editable object. The originality-related information about the element, including the element's creator, is identified and recorded by embedding the originality-related information in the editable object, storing the originality-related information in an attached file, or storing the originality-related information in association with the element in a repository configured to be shared by different editable objects and further configured to be queried for elements of the different editable objects in association with originality-related information pertaining to the elements of the different editable objects. Whether the element is in compliance with a policy relating to the originality-related information about the element is assessed, and a result of the assessing (indicating compliance or non-compliance of the element with the policy) may be transmitted to a user.
摘要翻译：一种用于维护关于可编辑对象中的元素的原创性相关信息的方法和系统。确定在可编辑对象中已经编辑了一个元素。通过将原创性相关信息嵌入可编辑对象中，将原始性相关信息存储在附加文件中，或将原始性相关信息存储在关联中来识别和记录关于元素的与原始内容有关的信息，包括元素的创建者其中所述存储库中的元素被配置为由不同的可编辑对象共享，并且还被配置为针对与不同可编辑对象的元素有关的原始性相关信息关联的不同可编辑对象的元素进行查询。评估该元素是否符合有关元素的原始性相关信息的政策，并且评估结果（指示元素与策略的合规性或不符合性）可以被传送给用户。

7. 发明申请

US20080301798A1 Apparatus and Method for Secure Updating of a Vulnerable System over a Network 审中-公开
标题翻译：通过网络安全更新易受攻击的系统的装置和方法
公开(公告)号：US20080301798A1
公开(公告)日：2008-12-04
申请号：US12016320
申请日：2008-01-18
申请人： Da Ming Hao , Wei Li , Lin Luo , Hang Jun Ye
发明人： Da Ming Hao , Wei Li , Lin Luo , Hang Jun Ye
IPC分类号： G06F9/00
CPC分类号： H04L63/0227 , H04L43/00
摘要： An apparatus interposed between a vulnerable system and a network for secure updating of the system includes an internal interface connected to the system; an external interface connected to the network; and one or more filter modules for filtering out specific incoming network packets to block possible network attacks. The filtering may comprise filtering out all incoming TCP SYN packets; filtering out all incoming TCP SYN packets and UDP packets; and/or only allowing packets pertinent to any outgoing connection initiated by the system.
摘要翻译：插入在脆弱系统和用于系统的安全更新的网络之间的装置包括连接到系统的内部接口; 连接到网络的外部接口; 以及一个或多个过滤器模块，用于过滤掉特定的传入网络数据包以阻止可能的网络攻击。过滤可以包括过滤所有传入的TCP SYN分组; 过滤所有传入的TCP SYN数据包和UDP数据包; 和/或仅允许与系统发起的任何出局连接相关的数据包。

8. 发明授权

US08341239B2 Method and system for providing runtime vulnerability defense for cross domain interactions 失效
标题翻译：为交叉域交互提供运行时漏洞防御的方法和系统
公开(公告)号：US08341239B2
公开(公告)日：2012-12-25
申请号：US12546754
申请日：2009-08-25
申请人： Da Ming Hao , Lin Luo , Ye Wang , Yu Zhang
发明人： Da Ming Hao , Lin Luo , Ye Wang , Yu Zhang
IPC分类号： G06F15/16
CPC分类号： H04L63/20 , H04L67/02
摘要： A runtime vulnerability defense method, system, and computer readable article of manufacture tangibly embodying computer readable instructions for executing the method for cross domain interactions for a Web application. The method includes: creating a first and second iFrame object by the Web application which belong to a lower domain; creating an object O by the first iFrame object; sharing the created object O by the second iFrame object; promoting the domain of the second iFrame object to an upper domain; creating in the shared object O a source accessing function for submitting to a third party server a request to access the content of the third party server; and creating in the shared object O a sanitization function for sanitizing the response received from the server.
摘要翻译：运行时漏洞防御方法，系统和计算机可读制品，其有形地体现了用于执行用于Web应用的跨域交互的方法的计算机可读指令。该方法包括：由属于较低域的Web应用程序创建第一和第二iFrame对象; 通过第一个iFrame对象创建一个对象O; 通过第二个iFrame对象共享创建的对象O; 将第二个iFrame对象的域提升到上一个域; 在共享对象O中创建用于向第三方服务器提交访问第三方服务器的内容的请求的源访问功能; 以及在共享对象O中创建用于对从服务器接收的响应进行消毒的消毒功能。

9. 发明授权

US08285778B2 Protecting web application data 失效
标题翻译：保护Web应用程序数据
公开(公告)号：US08285778B2
公开(公告)日：2012-10-09
申请号：US12491647
申请日：2009-06-25
申请人： Ya Bin Dang , Da Ming Hao , Peng Ji , Lin Luo , Yu Zhang
发明人： Ya Bin Dang , Da Ming Hao , Peng Ji , Lin Luo , Yu Zhang
IPC分类号： G06F15/16
CPC分类号： H04L63/123
摘要： A method, system and an article of manufacture tangibly embodying a computer readable program for protecting Web application data between a server and a client. A response created by the Web application for the client is backed up and modified by adding capturing code for capturing a user action, user data of the client, or combination thereof. The modified response is sent to the client and a request submitted by the client and the user action and/or user data captured by the capturing code is received. A verifying request is generated according to the received user action and/user data captured by the capturing code and the backup of the response. The request submitted by the client is verified according to the verifying request and the verified request is sent to the Web application of the server.
摘要翻译：一种有形地体现用于在服务器和客户端之间保护Web应用数据的计算机可读程序的方法，系统和制品。通过添加用于捕获用户动作，客户端的用户数据或其组合的捕获代码来备份和修改由Web应用程序为客户端创建的响应。经修改的响应被发送给客户端，并且接收由客户端提交的请求以及由捕获代码捕获的用户操作和/或用户数据。根据由捕获代码捕获的接收到的用户动作和/用户数据以及响应的备份，生成验证请求。客户端提交的请求将根据验证请求进行验证，并将验证的请求发送到服务器的Web应用程序。

10. 发明申请

US20100049792A1 METHOD AND SYSTEM FOR PROVIDING RUNTIME VULNERABILITY DEFENSE FOR CROSS DOMAIN INTERACTIONS 失效
标题翻译：用于提供跨域互动的运行性漏洞防范的方法和系统
公开(公告)号：US20100049792A1
公开(公告)日：2010-02-25
申请号：US12546754
申请日：2009-08-25
申请人： Da Ming Hao , Lin Luo , Ye Wang , Yu Zhang
发明人： Da Ming Hao , Lin Luo , Ye Wang , Yu Zhang
IPC分类号： G06F9/44 , G06F15/16 , G06F21/00
CPC分类号： H04L63/20 , H04L67/02
摘要： A runtime vulnerability defense method, system, and computer readable article of manufacture tangibly embodying computer readable instructions for executing the method for cross domain interactions for a Web application. The method includes: creating a first and second iFrame object by the Web application which belong to a lower domain; creating an object ◯ by the first iFrame object; sharing the created object ◯ by the second iFrame object; promoting the domain of the second iFrame object to an upper domain; creating in the shared object ◯ a source accessing function for submitting to a third party server a request to access the content of the third party server; and creating in the shared object ◯ a sanitization function for sanitizing the response received from the server.
摘要翻译：运行时漏洞防御方法，系统和计算机可读制品，其有形地体现了用于执行用于Web应用的跨域交互的方法的计算机可读指令。该方法包括：由属于较低域的Web应用程序创建第一和第二iFrame对象; 由第一个iFrame对象创建一个对象◯; 由第二个iFrame对象共享创建的对象◯; 将第二个iFrame对象的域提升到上一个域; 在共享对象中创建◯来源访问功能，用于向第三方服务器提交访问第三方服务器的内容的请求; 并在共享对象中创建◯用于对从服务器接收的响应进行消毒的消毒功能。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式