专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20100017866A1 SECURE USER INTERACTION USING VIRTUALIZATION 有权
标题翻译：使用虚拟化进行安全的用户交互
公开(公告)号：US20100017866A1
公开(公告)日：2010-01-21
申请号：US12175503
申请日：2008-07-18
申请人： Bernhard Jansen , Matthias Schunter , Axel Tanner , Diego M. Zamboni
发明人： Bernhard Jansen , Matthias Schunter , Axel Tanner , Diego M. Zamboni
IPC分类号： H04L9/32
CPC分类号： H04L9/3234
摘要： A first virtualization layer is inserted between (i) an operating system of a computer system, and (ii) at least first and second hardware devices of the computer system. Data is communicated between the first hardware device and the second hardware device, via the first virtualization layer, without exposing the data to the operating system.
摘要翻译：在（i）计算机系统的操作系统和（ii）计算机系统的至少第一和第二硬件设备之间插入第一虚拟化层。经由第一虚拟化层在第一硬件设备和第二硬件设备之间传送数据，而不将数据暴露给操作系统。

2. 发明授权

US07555777B2 Preventing attacks in a data processing system 失效
标题翻译：防止数据处理系统中的攻击
公开(公告)号：US07555777B2
公开(公告)日：2009-06-30
申请号：US10756744
申请日：2004-01-13
申请人： Morton D. Swimmer , Andreas Wespi , Diego M. Zamboni
发明人： Morton D. Swimmer , Andreas Wespi , Diego M. Zamboni
IPC分类号： G06F11/30
CPC分类号： H04L63/1408 , G06F21/552 , G06F21/563
摘要： A method and apparatus for facilitating reduction in successful attacks on a monitored data processing system, such as a host computer. An intrusion detection system comprises a host or application based sensor for detecting code based intrusions with a relatively low false-positive rate. Malicious code strings related to a detected intrusion are identified, extracted and forwarded to a pattern filter located in the monitored data processing system to prevent further intrusions using said malicious code strings. The malicious code strings may be forwarded to a response server for assembling sets of similar malicious code strings for which signatures are generated to permit identification of all malicious code strings contained in a set. The generated signatures are then distributed to monitored and/or monitoring systems of a protected network to prevent further intrusions using the malicious code strings and variations thereof.
摘要翻译：一种用于有助于减少对诸如主计算机之类的监控数据处理系统的成功攻击的方法和装置。入侵检测系统包括基于主机或应用的传感器，用于以相对低的假阳性率检测基于代码的入侵。与检测到的入侵相关的恶意代码串被识别，提取并转发到位于监视数据处理系统中的模式过滤器，以防止使用所述恶意代码串进一步入侵。可以将恶意代码串转发到响应服务器，以组合用于生成签名的类似恶意代码串的集合，以允许识别包含在一组中的所有恶意代码串。生成的签名然后被分发到受保护网络的监视和/或监视系统，以防止使用恶意代码串及其变体的进一步入侵。

3. 发明授权

US07908350B2 Methods for operating virtual networks, data network system, computer program and computer program product 有权
标题翻译：操作虚拟网络，数据网络系统，计算机程序和计算机程序产品的方法
公开(公告)号：US07908350B2
公开(公告)日：2011-03-15
申请号：US12097349
申请日：2006-12-12
申请人： Yann Duponchel , James F. Riordan , Ruediger Rissmann , Diego M. Zamboni
发明人： Yann Duponchel , James F. Riordan , Ruediger Rissmann , Diego M. Zamboni
IPC分类号： G06F15/173 , G06F15/177
CPC分类号： H04L12/4641
摘要： The invention relates to a method for operating virtual networks. The method comprises providing a first virtual network comprising a first set of network ports assigned to a first virtualization tag (T1) and a second virtual network comprising a second set of network ports assigned to a second virtualization tag (T2), the first and the second virtual network having compatible address ranges and being adapted to only pass data packets within them, providing a first network node having a source address (SA) in the first virtual network and being operationally connected to a first port (P1) assigned to the first virtual network by means of the first virtualization tag (T1), monitoring the first network node in order to detect a predetermined condition, and, on detection of the predetermined condition, reassigning the first port (P1) to the second virtual network by means of assigning the second virtualization tag (T2) to the first port (P1), such that no data packet can be passed from the first network node (N1) to a second network node (N2) connected to a second port (P2) assigned to the first virtual network by means of the first virtualization tag (T1) directly and keeping of the source address (SA) for the first network node (N1) in the second virtual network (104). The invention further relates to a further method for operation virtual networks, a data network system and a computer program product adapted to perform the inventive methods.
摘要翻译：本发明涉及一种运行虚拟网络的方法。该方法包括提供包括分配给第一虚拟化标签（T1）的第一组网络端口和包括分配给第二虚拟化标签（T2）的第二组网络端口的第二虚拟网络的第一虚拟网络，所述第一和第第二虚拟网络具有兼容的地址范围并且适于仅传递其中的数据分组，提供在第一虚拟网络中具有源地址（SA）的第一网络节点并且可操作地连接到分配给第一虚拟网络的第一端口（P1）虚拟网络通过第一虚拟化标签（T1）进行监视，监视第一网络节点以便检测预定条件，并且在检测到预定条件时，通过以下方式将第一端口（P1）重新分配给第二虚拟网络：将第二虚拟化标签（T2）分配给第一端口（P1），使得没有数据分组可以从第一网络节点（N1）传递到连接的第二网络节点（N2）通过第一虚拟化标签（T1）直接分配给第一虚拟网络的第二端口（P2），并保持第二虚拟网络（104）中的第一网络节点（N1）的源地址（SA）。本发明还涉及用于操作虚拟网络的另一方法，数据网络系统和适于执行本发明方法的计算机程序产品。

4. 发明申请

US20090315916A1 ON-THE-FLY CREATION OF VIRTUAL PLACES IN VIRTUAL WORLDS 审中-公开
标题翻译：虚拟世界中的虚拟场所的飞行创作
公开(公告)号：US20090315916A1
公开(公告)日：2009-12-24
申请号：US12145081
申请日：2008-06-24
申请人： Dirk Husemann , Samuel Muller , Michael Elton Nidd , Matthias Schunter , Diego M. Zamboni
发明人： Dirk Husemann , Samuel Muller , Michael Elton Nidd , Matthias Schunter , Diego M. Zamboni
IPC分类号： G06Q30/00 , G06F3/048
CPC分类号： G06Q30/06
摘要： A specification of a set of objects associated with at least one virtual world is obtained. The objects are laid out in a three-dimensional virtual representation. An on-the-fly virtual place is created in the virtual world, based on the layout. The virtual place depicts the set of objects in the three-dimensional virtual representation and enables navigation and interaction therewith
摘要翻译：获得与至少一个虚拟世界相关联的一组对象的规范。这些对象被布置在三维虚拟表示中。基于布局，在虚拟世界中创建一个即时虚拟场所。虚拟场景描绘了三维虚拟表示中的对象集，并使其能够进行导航和交互

5. 发明授权

US09250942B2 Hardware emulation using on-the-fly virtualization 有权
标题翻译：硬件仿真使用即时虚拟化
公开(公告)号：US09250942B2
公开(公告)日：2016-02-02
申请号：US12022184
申请日：2008-01-30
申请人： Martim Carbone , Bernhard Jansen , HariGovind V. Ramasamy , Matthias Schunter , Axel Tanner , Diego M. Zamboni
发明人： Martim Carbone , Bernhard Jansen , HariGovind V. Ramasamy , Matthias Schunter , Axel Tanner , Diego M. Zamboni
IPC分类号： G06F9/455 , G06F11/07
CPC分类号： G06F9/45537 , G06F11/0712 , G06F11/0793
摘要： At least one anomaly associated with at least one actual hardware element in a computer system having a plurality of hardware elements is addressed. The anomaly is detected, and, responsive to the detection, a virtualization layer is inserted between (i) an operating system of the computer system, and (ii) the plurality of hardware elements. Hardware emulation and/or selective hardware activation/deactivation are performed on the at least one actual hardware element by the virtualization layer. The insertion of the virtualization layer is accomplished in an on-the-fly manner.
摘要翻译：与具有多个硬件元件的计算机系统中的至少一个实际硬件元件相关联的至少一个异常被寻址。检测到异常，并且响应于检测，在（i）计算机系统的操作系统和（ii）多个硬件元件之间插入虚拟化层。通过虚拟化层在至少一个实际硬件元件上执行硬件仿真和/或选择性硬件激活/去激活。虚拟化层的插入是以飞行方式实现的。

6. 发明授权

US08516564B2 Secure user interaction using virtualization 有权
标题翻译：使用虚拟化保护用户交互
公开(公告)号：US08516564B2
公开(公告)日：2013-08-20
申请号：US12175503
申请日：2008-07-18
申请人： Bernhard Jansen , Matthias Schunter , Axel Tanner , Diego M. Zamboni
发明人： Bernhard Jansen , Matthias Schunter , Axel Tanner , Diego M. Zamboni
IPC分类号： G06F7/04
CPC分类号： H04L9/3234
摘要： A first virtualization layer is inserted between (i) an operating system of a computer system, and (ii) at least first and second hardware devices of the computer system. Data is communicated between the first hardware device and the second hardware device, via the first virtualization layer, without exposing the data to the operating system.
摘要翻译：在（i）计算机系统的操作系统和（ii）计算机系统的至少第一和第二硬件设备之间插入第一虚拟化层。经由第一虚拟化层在第一硬件设备和第二硬件设备之间传送数据，而不将数据暴露给操作系统。

7. 发明授权

US08055751B2 IP network management based on automatically acquired network entity status information 失效
标题翻译： IP网络管理基于自动获取的网络实体状态信息
公开(公告)号：US08055751B2
公开(公告)日：2011-11-08
申请号：US12274717
申请日：2008-11-20
申请人： James F. Riordan , Ruediger Rissmann , Diego M. Zamboni
发明人： James F. Riordan , Ruediger Rissmann , Diego M. Zamboni
IPC分类号： G06F15/173
CPC分类号： H04L61/2015 , H04L29/12066 , H04L29/12301 , H04L43/00 , H04L61/1511 , H04L61/2076 , H04L63/20
摘要： Methods and apparatus are provided for managing an IP network interconnecting a plurality of network hosts (2). Status information, indicative of status of a host, is automatically acquired from each host (2). The status information, such as MAC address, security and/or operational information, acquired from a host (2) is automatically recorded in at least one DNS record, associated with the IP address of that host (2), of a DNS server (4). The host status information in the DNS records can then be accessed for network management operations. The automatic acquisition and recording of the status information may be performed by a DHCP server (3) of the network on allocation of dynamic IP addresses to hosts (2).
摘要翻译：提供了用于管理互连多个网络主机（2）的IP网络的方法和装置。从主机（2）自动获取表示主机状态的状态信息。从主机（2）获取的状态信息（例如MAC地址，安全性和/或操作信息）被自动记录在与DNS服务器的主机（2）的IP地址相关联的至少一个DNS记录中 4）。然后可以访问DNS记录中的主机状态信息以进行网络管理操作。在向主机（2）分配动态IP地址时，由网络的DHCP服务器（3）执行状态信息的自动采集和记录。

8. 发明申请

US20090144419A1 IP NETWORK MANAGEMENT 失效
标题翻译： IP网络管理
公开(公告)号：US20090144419A1
公开(公告)日：2009-06-04
申请号：US12274717
申请日：2008-11-20
申请人： James F. Riordan , Ruediger Rissmann , Diego M. Zamboni
发明人： James F. Riordan , Ruediger Rissmann , Diego M. Zamboni
IPC分类号： G06F15/173
CPC分类号： H04L61/2015 , H04L29/12066 , H04L29/12301 , H04L43/00 , H04L61/1511 , H04L61/2076 , H04L63/20
摘要： Methods and apparatus are provided for managing an IP network interconnecting a plurality of network hosts (2). Status information, indicative of status of a host, is automatically acquired from each host (2). The status information, such as MAC address, security and/or operational information, acquired from a host (2) is automatically recorded in at least one DNS record, associated with the IP address of that host (2), of a DNS server (4). The host status information in the DNS records can then be accessed for network management operations. The automatic acquisition and recording of the status information may be performed by a DHCP server (3) of the network on allocation of dynamic IP addresses to hosts (2).
摘要翻译：提供了用于管理互连多个网络主机（2）的IP网络的方法和装置。从主机（2）自动获取表示主机状态的状态信息。从主机（2）获取的状态信息（例如MAC地址，安全性和/或操作信息）被自动记录在与DNS服务器的主机（2）的IP地址相关联的至少一个DNS记录中 4）。然后可以访问DNS记录中的主机状态信息以进行网络管理操作。在向主机（2）分配动态IP地址时，由网络的DHCP服务器（3）执行状态信息的自动采集和记录。

9. 发明申请

US20090037583A1 DETECTION AND CONTROL OF PEER-TO-PEER COMMUNICATION 失效
标题翻译：对等通信的检测与控制
公开(公告)号：US20090037583A1
公开(公告)日：2009-02-05
申请号：US12280350
申请日：2007-02-27
申请人： Dominique Alessandri , Daniela Bourges-Waldegg , James F. Riordan , Diego M. Zamboni
发明人： Dominique Alessandri , Daniela Bourges-Waldegg , James F. Riordan , Diego M. Zamboni
IPC分类号： G06F15/173 , G06F15/16
CPC分类号： H04L61/2514 , H04L29/12367 , H04L29/12509 , H04L61/2567 , H04L63/0209 , H04L63/0227 , H04L69/164
摘要： A method and apparatus are provided for detecting peer-to-peer communication on a data communication network, between an internal client machine within an internal address space and an external client machine. The method includes routing all messages addressed to internal client machines to an analysis device. The analysis device identifies messages pertaining to peer-to-peer communication and identifies the internal client machine to which the messages of a specified nature were addressed. The analysis device terminates the connection with the external client machine if the establishing of the peer-to-peer communication is in violation of a pre-determined internal network rule.
摘要翻译：提供了一种方法和装置，用于检测数据通信网络上的内部地址空间内部客户端机器与外部客户机器之间的对等通信。该方法包括将寻址到内部客户机的所有消息路由到分析设备。分析设备识别与对等通信有关的消息，并标识特定性质的消息被寻址到的内部客户机。如果对等通信的建立违反了预先确定的内部网络规则，则分析设备终止与外部客户机的连接。

10. 发明申请

US20090006603A1 Methods for Operating Virtual Networks, Data Network System, Computer Program and Computer Program Product 有权
标题翻译：操作虚拟网络，数据网络系统，计算机程序和计算机程序产品的方法
公开(公告)号：US20090006603A1
公开(公告)日：2009-01-01
申请号：US12097349
申请日：2006-12-12
申请人： Yann Duponchel , James F. Riordan , Ruediger Rissmann , Diego M. Zamboni
发明人： Yann Duponchel , James F. Riordan , Ruediger Rissmann , Diego M. Zamboni
IPC分类号： G06F15/173
CPC分类号： H04L12/4641
摘要： The invention relates to a method for operating virtual networks. The method comprises providing a first virtual network (103) comprising a first set (101) of network ports assigned to a first virtualization tag (T1) and a second virtual network (104) comprising a second set (105) of network ports assigned to a second virtualization tag (T2), the first and the second virtual network (103, 104) having compatible address ranges and being adapted to only pass data packets within them, providing a first network node (N1) having a source address (SA) in the first virtual network (103) and being operationally connected to a first port (P1) assigned to the first virtual network (103) by means of the first virtualization tag (T1), monitoring the first network node (N1) in order to detect a predetermined condition, and, on detection of the predetermined condition, reassigning the first port (P1) to the second virtual network (104) by means of assigning the second virtualization tag (T2) to the first port (P1), such that no data packet can be passed from the first network node (N1) to a second network node (N2) connected to a second port (P2) assigned to the first virtual network (103) by means of the first virtualization tag (T1) directly and keeping of the source address (SA) for the first network node (N1) in the second virtual network (104). The invention further relates to a further method for operation virtual networks, a data network system, a computer program and a computer program product adapted to perform the inventive methods.
摘要翻译：本发明涉及一种运行虚拟网络的方法。该方法包括提供包括分配给第一虚拟化标签（T1）的第一组（101）网络端口和第二虚拟网络（104）的第一虚拟网络（103），所述第二虚拟网络（104）包括分配给第二虚拟化标签（T2），所述第一和第二虚拟网络（103,104）具有兼容的地址范围，并且仅适于在其中传递数据分组，提供具有源地址（SA）的第一网络节点（N1）在第一虚拟网络（103）中并且通过第一虚拟化标签（T1）可操作地连接到分配给第一虚拟网络（103）的第一端口（P1），监视第一网络节点（N1），以便检测预定条件，并且在检测到预定条件时，通过将第二虚拟化标签（T2）分配给第一端口（P1）将第一端口（P1）重新分配给第二虚拟网络（104），使得没有数据包可以从f传递第一网络节点（N1）通过第一虚拟化标签（T1）直接连接到分配给第一虚拟网络（103）的第二端口（P2）的第二网络节点（N2），并保持源地址）用于第二虚拟网络（104）中的第一网络节点（N1）。本发明还涉及用于操作虚拟网络的另一方法，数据网络系统，计算机程序和适于执行本发明方法的计算机程序产品。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式