会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明授权
    • Integrating security protection tools with computer device integrity and privacy policy
    • 将安全保护工具与计算机设备完整性和隐私政策集成
    • US08347085B2
    • 2013-01-01
    • US13341855
    • 2011-12-30
    • Thekkthalackal Varugis KurienJeffrey B HamblinNarasimha Rao NagampalliPeter T BrundrettScott Field
    • Thekkthalackal Varugis KurienJeffrey B HamblinNarasimha Rao NagampalliPeter T BrundrettScott Field
    • H04L29/06
    • G06F21/50G06F21/51G06F21/53
    • At computer device power on, the operating system of the computer device initiates a monitor. The monitor assigns a monitoring program to each program and object (collectively, “program”) running on the computer device to monitor the activities of the program. When the monitoring program is assigned to a program, the monitoring program is assigned an integrity and/or privacy label (collectively, “integrity label”) based on predetermined criteria applied to the monitored program. The monitoring program, in turn, assigns an integrity label to the program monitored by the monitoring program. The integrity label assigned to the monitored program is less than or equal to the integrity label of the monitoring program. The monitor enforces an integrity policy of the computer device based on the integrity label assigned to monitored programs and the integrity label associated with data, another program, or a remote network resource that the monitored program is seeking to access.
    • 在计算机设备上电时,计算机设备的操作系统启动监视器。 监视器为在计算机设备上运行的每个程序和对象(统称为程序)分配监视程序,以监视程序的活动。 当监视程序被分配给程序时,基于应用于监视程序的预定标准,向监视程序分配完整性和/或隐私标签(统称为完整性标签)。 监控程序又向监控程序监控的程序分配一个完整性标签。 分配给被监视程序的完整性标签小于或等于监视程序的完整性标签。 监视器基于分配给被监视程序的完整性标签和与监视程序正在寻求访问的数据,另一程序或远程网络资源相关联的完整性标签来强制执行计算机设备的完整性策略。
    • 4. 发明授权
    • Privilege restriction enforcement in a distributed system
    • 分布式系统中的特权限制执行
    • US07757281B2
    • 2010-07-13
    • US11450597
    • 2006-06-09
    • Scott A. FieldLiqiang ZhuPeter T. BrundrettPaul J. Leach
    • Scott A. FieldLiqiang ZhuPeter T. BrundrettPaul J. Leach
    • G06F7/04
    • H04L63/102
    • Remote administrative privileges in a distributed system are disabled by default. To administer a remote system, express action is taken to elevate a user status to obtain remote administrative privileges. When local and remote systems communicate, information pertaining to the status of the logged on user is included in the communications. If the user wishes to legitimately administer a remote system, the user provides an explicit request. The request is processed. If the user is configured as an administrator of the remote system and the request contains an indication that the user's administrative status has been elevated, an authorization token is generated. The authorization token is utilized by the remote system to allow the user to administer the remote system.
    • 默认情况下,分布式系统中的远程管理权限将被禁用。 要管理远程系统,请采取行动来提升用户状态以获得远程管理权限。 当本地和远程系统进行通信时,通信中包含与登录用户状态有关的信息。 如果用户希望合法地管理远程系统,则用户提供明确的请求。 请求被处理。 如果用户配置为远程系统的管理员,并且该请求包含用户的管理状态提升的指示,则会生成授权令牌。 远程系统利用授权令牌允许用户管理远程系统。
    • 6. 发明授权
    • Mandatory integrity control
    • 强制诚信控制
    • US08646044B2
    • 2014-02-04
    • US11117621
    • 2005-04-28
    • Richard B. WardJeffrey HamblinPeter T. Brundrett
    • Richard B. WardJeffrey HamblinPeter T. Brundrett
    • G06F7/04
    • G06F21/6218G06F2221/2141G06F2221/2149
    • The contemplated embodiments of the invention provide a method for implementing a mandatory integrity control (MIC) system that provides access control for each and every object and subject that need access control, but in a way that allows legacy operating systems to continue with little modification. The invention provides a novel method that selects an integrity level designator for a subject, when the subject logs onto the computer system. The selected integrity level designator is then added to an existing data structure in the computer system. The existing data structure may be a part of a security descriptor stored in a system access control list of an object. The existing data structure may be a part of a list of security permissions that constitute an access token for a process executing as a subject.
    • 本发明的预期实施例提供了一种用于实现强制完整性控制(MIC)系统的方法,该系统为需要访问控制的每个对象和对象提供访问控制,但是以允许传统操作系统继续进行很少修改的方式。 本发明提供了一种当主体登录到计算机系统时为对象选择完整性级别指示符的新颖方法。 然后,将所选择的完整性级别指示符添加到计算机系统中的现有数据结构。 现有数据结构可以是存储在对象的系统访问控制列表中的安全描述符的一部分。 现有数据结构可以是构成作为主体执行的进程的访问令牌的安全许可列表的一部分。
    • 7. 发明授权
    • Integrating security protection tools with computer device integrity and privacy policy
    • 将安全保护工具与计算机设备完整性和隐私政策集成
    • US08117441B2
    • 2012-02-14
    • US11472052
    • 2006-06-20
    • Thekkthalackal Varugis KurienJeffrey B HamblinNarasimha Rao NagampalliPeter T BrundrettScott Field
    • Thekkthalackal Varugis KurienJeffrey B HamblinNarasimha Rao NagampalliPeter T BrundrettScott Field
    • H04L29/00H04L29/06
    • G06F21/50G06F21/51G06F21/53
    • At computer device power on, the operating system of the computer device initiates a monitor. The monitor assigns a monitoring program to each program and object (collectively, “program”) running on the computer device to monitor the activities of the program. When the monitoring program is assigned to a program, the monitoring program is assigned an integrity and/or privacy label (collectively, “integrity label”) based on predetermined criteria applied to the monitored program. The monitoring program, in turn, assigns an integrity label to the program monitored by the monitoring program. The integrity label assigned to the monitored program is less than or equal to the integrity label of the monitoring program. The monitor enforces an integrity policy of the computer device based on the integrity label assigned to monitored programs and the integrity label associated with data, another program, or a remote network resource that the monitored program is seeking to access.
    • 在计算机设备上电时,计算机设备的操作系统启动监视器。 监视器为在计算机设备上运行的每个程序和对象(统称为“程序”)分配监视程序,以监视程序的活动。 当监视程序被分配给程序时,基于应用于监视程序的预定标准,向监视程序分配完整性和/或隐私标签(统称为“完整性标签”)。 监控程序又向监控程序监控的程序分配一个完整性标签。 分配给被监视程序的完整性标签小于或等于监视程序的完整性标签。 监视器基于分配给被监视程序的完整性标签和与监视程序正在寻求访问的数据,另一程序或远程网络资源相关联的完整性标签来强制执行计算机设备的完整性策略。