专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20060085788A1 Grammar-based task analysis of web logs 有权
标题翻译： Web日志的语法任务分析
公开(公告)号：US20060085788A1
公开(公告)日：2006-04-20
申请号：US10952414
申请日：2004-09-29
申请人： Arnon Amir , Prasad Deshpande , Savitha Srinivasan , Vladimir Zbarsky
发明人： Arnon Amir , Prasad Deshpande , Savitha Srinivasan , Vladimir Zbarsky
IPC分类号： G06F9/46
CPC分类号： G06F8/30
摘要： A method of detecting tasks performed by users wherein a single task is a sequence of web URLs invocation. Task patterns are detected in web logs to identify tasks performed by users and analyze task trends over time, across corporate divisions and geographies. A grammar-based framework is used to model and detect tasks from web log patterns. The framework has two components: a declarative unit—to generate a task grammar, and a processing unit—to detect tasks from access logs by generating a state machine for applying the task grammar to the tokens associated with the access records. By analyzing user tasks, rather than just URLs, useful business information can be extracted.
摘要翻译：检测由用户执行的任务的方法，其中单个任务是web URL调用的序列。在Web日志中检测到任务模式，以识别用户执行的任务，并在不同的部门和地理位置分析随时间的任务趋势。基于语法的框架用于从Web日志模式建模和检测任务。该框架有两个组件：一个声明单元，用于生成一个任务语法，以及一个处理单元，用于通过生成用于将任务语法应用到与访问记录相关联的令牌的状态机来检测来自访问日志的任务。通过分析用户任务，而不仅仅是URL，可以提取有用的业务信息。

2. 发明授权

US07694311B2 Grammar-based task analysis of web logs 有权
标题翻译： Web日志的语法任务分析
公开(公告)号：US07694311B2
公开(公告)日：2010-04-06
申请号：US10952414
申请日：2004-09-29
申请人： Arnon Amir , Prasad Manikarao Deshpande , Savitha Srinivasan , Vladimir Zbarsky
发明人： Arnon Amir , Prasad Manikarao Deshpande , Savitha Srinivasan , Vladimir Zbarsky
IPC分类号： G06F3/00 , G06F9/44 , G06F9/46 , G06F13/00
CPC分类号： G06F8/30
摘要： A method of detecting tasks performed by users wherein a single task is a sequence of web URLs invocation. Task patterns are detected in web logs to identify tasks performed by users and analyze task trends over time, across corporate divisions and geographies. A grammar-based framework is used to model and detect tasks from web log patterns. The framework has two components: a declarative unit—to generate a task grammar, and a processing unit—to detect tasks from access logs by generating a state machine for applying the task grammar to the tokens associated with the access records. By analyzing user tasks, rather than just URLs, useful business information can be extracted.
摘要翻译：检测由用户执行的任务的方法，其中单个任务是web URL调用的序列。在Web日志中检测到任务模式，以识别用户执行的任务，并在不同的部门和地理位置分析随时间的任务趋势。基于语法的框架用于从Web日志模式建模和检测任务。该框架有两个组件：一个声明单元，用于生成一个任务语法，以及一个处理单元，用于通过生成用于将任务语法应用到与访问记录相关联的令牌的状态机来检测来自访问日志的任务。通过分析用户任务，而不仅仅是URL，可以提取有用的业务信息。

3. 发明授权

US07499550B2 System and method for protecting a title key in a secure distribution system for recordable media content 失效
标题翻译：用于保护用于可记录媒体内容的安全分发系统中的标题密钥的系统和方法
公开(公告)号：US07499550B2
公开(公告)日：2009-03-03
申请号：US10775596
申请日：2004-02-09
申请人： Deirdre Michelle Joy Athaide , Kevin Thomas Driver , Lara M. Lewis , Jeffrey Bruce Lotspiech , Florian Pestoni , Savitha Srinivasan , Vladimir Zbarsky
发明人： Deirdre Michelle Joy Athaide , Kevin Thomas Driver , Lara M. Lewis , Jeffrey Bruce Lotspiech , Florian Pestoni , Savitha Srinivasan , Vladimir Zbarsky
IPC分类号： H04L9/00 , H04L9/32 , G06F7/04 , H04K1/00
CPC分类号： G11B20/00086 , G06F21/10 , G11B20/00347 , G11B20/00362 , G11B20/00514 , G11B20/00528 , G11B20/00855
摘要： A title key protection system includes a title key with recordable media content; storage in a repository is not required. The title key is decrypted when needed by a clearinghouse, and then re-encrypted. The title key confers rights from the content owners to the user to play and copy the content for personal use. A user downloads encrypted content from a content repository. The user's media recording device extracts an encrypted title key from the content and obtains a media key block and media ID from the physical media on which the content will be recorded. The encrypted title key, media key block, and media ID are transmitted to a clearinghouse. The clearinghouse decrypts the title key and derives a media unique key from the media key block and media ID. The clearinghouse re-encrypts the title key with the media unique key and returns this re-encrypted title key to the media recording device for recording with the content on the physical media.
摘要翻译：标题密钥保护系统包括具有可记录媒体内容的标题密钥; 存储库中的存储不是必需的。标题密钥在清算所需要时解密，然后重新加密。标题密钥赋予内容所有者对用户播放和复制用于个人使用的内容的权利。用户从内容存储库下载加密的内容。用户的媒体记录设备从内容中提取加密的标题密钥，并从内容将被记录在物理介质上获取媒体密钥块和媒体ID。加密的标题密钥，媒体密钥块和媒体ID被发送到结算所。清算所解密标题密钥，并从媒体密钥块和媒体ID导出媒体唯一密钥。票据交换所使用媒体唯一键重新加密标题密钥，并将该重新加密的标题密钥返回到媒体记录设备，以便用物理介质上的内容进行记录。

4. 发明申请

US20050177740A1 System and method for protecting a title key in a secure distribution system for recordable media content 失效
标题翻译：用于保护用于可记录媒体内容的安全分发系统中的标题密钥的系统和方法
公开(公告)号：US20050177740A1
公开(公告)日：2005-08-11
申请号：US10775596
申请日：2004-02-09
申请人： Deirdre Athaide , Kevin Driver , Lara Lewis , Jeffrey Lotspiech , Florian Pestoni , Savitha Srinivasan , Vladimir Zbarsky
发明人： Deirdre Athaide , Kevin Driver , Lara Lewis , Jeffrey Lotspiech , Florian Pestoni , Savitha Srinivasan , Vladimir Zbarsky
IPC分类号： G06F12/14 , G06F21/00 , G11B20/00 , G11B20/10 , H04L9/32
CPC分类号： G11B20/00086 , G06F21/10 , G11B20/00347 , G11B20/00362 , G11B20/00514 , G11B20/00528 , G11B20/00855
摘要： A title key protection system includes a title key with recordable media content; storage in a repository is not required. The title key is decrypted when needed by a clearinghouse, and then re-encrypted. The title key confers rights from the content owners to the user to play and copy the content for personal use. A user downloads encrypted content from a content repository. The user's media recording device extracts an encrypted title key from the content and obtains a media key block and media ID from the physical media on which the content will be recorded. The encrypted title key, media key block, and media ID are transmitted to a clearinghouse. The clearinghouse decrypts the title key and derives a media unique key from the media key block and media ID. The clearinghouse re-encrypts the title key with the media unique key and returns this re-encrypted title key to the media recording device for recording with the content on the physical media.
摘要翻译：标题密钥保护系统包括具有可记录媒体内容的标题密钥; 存储库中的存储不是必需的。标题密钥在清算所需要时解密，然后重新加密。标题密钥赋予内容所有者对用户播放和复制用于个人使用的内容的权利。用户从内容存储库下载加密的内容。用户的媒体记录设备从内容中提取加密的标题密钥，并从内容将被记录在物理介质上获取媒体密钥块和媒体ID。加密的标题密钥，媒体密钥块和媒体ID被发送到结算所。清算所解密标题密钥，并从媒体密钥块和媒体ID导出媒体唯一密钥。票据交换所使用媒体唯一键重新加密标题密钥，并将该重新加密的标题密钥返回到媒体记录设备，以便用物理介质上的内容进行记录。

5. 发明授权

US08422674B2 Application-specific secret generation 有权
标题翻译：特定于应用程序的秘密生成
公开(公告)号：US08422674B2
公开(公告)日：2013-04-16
申请号：US11754667
申请日：2007-05-29
申请人： Masana Murase , Wilfred E. Plouffe, Jr. , Kanna Shimizu , Vladimir Zbarsky
发明人： Masana Murase , Wilfred E. Plouffe, Jr. , Kanna Shimizu , Vladimir Zbarsky
IPC分类号： H04L9/00 , H04L29/06 , H04L9/28 , G06F9/24 , G06F12/14 , G06F7/04 , G08B29/00 , H04K1/00
CPC分类号： G06F21/52
摘要： A method, computer program product, and data processing system for protecting sensitive program code and data (including persistently stored data) from unauthorized access. Dedicated hardware decrypts an encrypted kernel into memory for execution. When an application is to be executed, the kernel computes one or more secrets by cryptographically combining information contained in the application with secret information contained in the kernel itself. The kernel then deletes its secret information and passes the computed secrets to the application. To store data persistently in memory, the application uses one of the computed secrets to encrypt the data prior to storage. If the kernel starts another instance of the same application, the kernel (which will have been re-decrypted to restore the kernel's secrets) will compute the same one or more secrets, thus allowing the second application instance to access the data encrypted by the first application instance.
摘要翻译：一种用于保护敏感程序代码和数据（包括永久存储的数据）的未经授权的访问的方法，计算机程序产品和数据处理系统。专用硬件将加密的内核解密为内存以供执行。当应用程序被执行时，内核通过将应用程序中包含的信息加密地组合在内核中包含的秘密信息来计算一个或多个秘密。内核然后删除其秘密信息，并将计算的秘密传递给应用程序。为了将数据永久存储在内存中，应用程序使用计算的秘密之一在存储之前对数据进行加密。如果内核启动同一应用程序的另一个实例，内核（将被重新解密以恢复内核的秘密）将计算相同的一个或多个秘密，从而允许第二个应用程序实例访问由第一个应用程序实例。

6. 发明授权

US08332636B2 Secure policy differentiation by secure kernel design 失效
标题翻译：通过安全内核设计来确保策略的差异化
公开(公告)号：US08332636B2
公开(公告)日：2012-12-11
申请号：US11866001
申请日：2007-10-02
申请人： Masana Murase , Masaharu Sakamoto , Kanna Shimizu , Vladimir Zbarsky
发明人： Masana Murase , Masaharu Sakamoto , Kanna Shimizu , Vladimir Zbarsky
IPC分类号： H04L29/06
CPC分类号： G06F21/575
摘要： A method, computer program product, and data processing system are disclosed for ensuring that applications executed in the data processing system originate only from trusted sources are disclosed. In a preferred embodiment, a secure operating kernel maintains a “key ring” containing keys corresponding to trusted software vendors. The secure kernel uses vendor keys to verify that a given application was signed by an approved vendor. To make it possible for users to execute software from independent software developers, an administrative user may disable the above-described vendor key-checking as an option.
摘要翻译：公开了一种方法，计算机程序产品和数据处理系统，用于确保在数据处理系统中执行的应用仅来自可信源。在优选实施例中，安全操作内核维护包含与可信软件供应商相对应的密钥的密钥环。安全内核使用供应商密钥来验证给定的应用程序是否由经过批准的供应商签名。为了使用户可以从独立软件开发人员执行软件，管理用户可以选择禁用上述供应商密钥检查。

7. 发明授权

US08280043B2 System and method for protecting data in a secure system 有权
标题翻译：用于在安全系统中保护数据的系统和方法
公开(公告)号：US08280043B2
公开(公告)日：2012-10-02
申请号：US12133658
申请日：2008-06-05
申请人： Julian A. Cerruti , Sigfredo I Nin , Dulce B Ponceleon , Vladimir Zbarsky
发明人： Julian A. Cerruti , Sigfredo I Nin , Dulce B Ponceleon , Vladimir Zbarsky
IPC分类号： H04L9/00 , H04N7/167
CPC分类号： H04L9/0891 , G06F21/602 , H04L9/085 , H04L2209/60
摘要： A system for protecting data in a security system generates and encodes a backup key for encoding long-lived secrets. The system generates a distribution plan for distributing cryptographic splits of the encoded backup key to selected persons based on geographic and organizational diversity. The distribution plan specifies a number M of the cryptographic splits to be generated and a number N of the cryptographic splits required to recover the backup key. The system processes utilize an init file comprising system parameters and state files each comprising parameters reflecting a state of the secure system after a transaction. Any of the state files may be used for any of the system processes. The state files and the init file are encoded by the backup key, thus protecting the long-lived secrets.
摘要翻译：用于保护安全系统中的数据的系统生成并编码用于编码长寿命秘密的备份密钥。系统生成分配计划，用于根据地理和组织多样性将所编码备份密钥的加密分裂分发给选定的人员。分配计划指定要生成的密码分割数M，以及恢复备份密钥所需的密码分割数N。系统过程利用包括系统参数和状态文件的初始化文件，每个文件包括在事务之后反映安全系统的状态的参数。任何状态文件可用于任何系统进程。状态文件和init文件由备份密钥编码，从而保护长命的秘密。

8. 发明申请

US20080298581A1 Application-Specific Secret Generation 有权
标题翻译：特定应用程序的秘密生成
公开(公告)号：US20080298581A1
公开(公告)日：2008-12-04
申请号：US11754667
申请日：2007-05-29
申请人： Masana Murase , Wilfred E. Plouffe, JR. , Kanna Shimizu , Vladimir Zbarsky
发明人： Masana Murase , Wilfred E. Plouffe, JR. , Kanna Shimizu , Vladimir Zbarsky
IPC分类号： H04L9/00
CPC分类号： G06F21/52
摘要： A method, computer program product, and data processing system for protecting sensitive program code and data (including persistently stored data) from unauthorized access are disclosed. Dedicated hardware decrypts an encrypted kernel into memory for execution. When an application is to be executed, the kernel computes one or more secrets by cryptographically combining information contained in the application with secret information contained in the kernel itself. The kernel then deletes its secret information and passes the computed secrets to the application. To store data persistently in memory, the application uses one of the computed secrets to encrypt the data prior to storage. If the kernel starts another instance of the same application, the kernel (which will have been re-decrypted to restore the kernel's secrets) will compute the same one or more secrets, thus allowing the second application instance to access the data encrypted by the first application instance.
摘要翻译：公开了一种用于保护敏感程序代码和数据（包括永久存储的数据）从未经授权的访问的方法，计算机程序产品和数据处理系统。专用硬件将加密的内核解密为内存以供执行。当应用程序被执行时，内核通过将应用程序中包含的信息加密地组合在内核中包含的秘密信息来计算一个或多个秘密。内核然后删除其秘密信息，并将计算的秘密传递给应用程序。为了将数据永久存储在内存中，应用程序使用计算的秘密之一在存储之前对数据进行加密。如果内核启动同一应用程序的另一个实例，内核（将被重新解密以恢复内核的秘密）将计算相同的一个或多个秘密，从而允许第二个应用程序实例访问由第一个应用程序实例。

9. 发明授权

US07886162B2 Cryptographic secure program overlays 有权
标题翻译：加密安全程序覆盖
公开(公告)号：US07886162B2
公开(公告)日：2011-02-08
申请号：US11754649
申请日：2007-05-29
申请人： Masana Murase , Wilfred E. Plouffe, Jr. , Kanna Shimizu , Masaharu Sakamoto , Vladimir Zbarsky
发明人： Masana Murase , Wilfred E. Plouffe, Jr. , Kanna Shimizu , Masaharu Sakamoto , Vladimir Zbarsky
IPC分类号： G06F12/14 , G06F9/24 , G06F7/04 , H04L29/06 , H04L9/28 , G08B29/00 , H04K1/00
CPC分类号： G06F12/1458 , G06F21/52 , G06F21/575 , G06F21/79 , G06F2221/2143
摘要： A method, computer program product, and data processing system for executing larger-than-physical-memory applications while protecting sensitive program code (and also data) from unauthorized access in a memory space not subject to protection fault or page fault detection are disclosed. Large applications are accommodated by providing a mechanism for secure program overlays, in which a single large application is broken into two or more smaller applications (overlays) that can be executed from the same memory space by overwriting one of the smaller applications with another of the smaller applications when the latter needs to be executed. So that the data may be shared among these smaller applications, each of the applications contains embedded cryptographic keys, which may be used to encrypt or decrypt information to be stored persistently while control is transferred from one application to the other.
摘要翻译：公开了一种用于执行大于物理存储器应用的方法，计算机程序产品和数据处理系统，同时在不受保护故障或页面故障检测的存储器空间中保护敏感程序代码（以及数据）以防未经授权的访问。通过提供用于安全程序覆盖的机制来容纳大的应用程序，其中单个大型应用程序被分解成可以从相同存储器空间执行的两个或更多个更小的应用程序（覆盖层），通过用另一个较小的应用程序，当后者需要执行。为了使数据可以在这些较小的应用程序之间共享，每个应用程序都包含嵌入式加密密钥，这些密钥可用于加密或解密持续存储的信息，同时控制从一个应用程序传输到另一个应用程序。

10. 发明申请

US20080301440A1 Updateable Secure Kernel Extensions 有权
标题翻译：可更新的安全内核扩展
公开(公告)号：US20080301440A1
公开(公告)日：2008-12-04
申请号：US11754658
申请日：2007-05-29
申请人： Wilfred E. Plouffe, JR. , Kanna Shimizu , Vladimir Zbarsky
发明人： Wilfred E. Plouffe, JR. , Kanna Shimizu , Vladimir Zbarsky
IPC分类号： H04L9/00
CPC分类号： G06F21/575 , G06F21/51 , G06F2221/2143
摘要： A method, computer program product, and data processing system for providing an updateable encrypted operating kernel are disclosed. In a preferred embodiment, secure initialization hardware decrypts a minimal secure kernel containing sensitive portions of data and/or code into a portion of the processor-accessible memory space, from which the kernel is executed. Most system software functions are not directly supported by the secure kernel but are provided by dynamically loaded kernel extensions that are encrypted with a public key so that they can only be decrypted with a private key possessed by the secure kernel. The public/private key pair is processor-specific. Before passing control to a kernel extension the secure kernel deletes a subset of its sensitive portions, retaining only those sensitive portions needed to perform the task(s) delegated to the kernel extension. Which sensitive portions are retained is determined by a cryptographic key with which the kernel extension is signed.
摘要翻译：公开了一种用于提供可更新的加密操作内核的方法，计算机程序产品和数据处理系统。在优选实施例中，安全初始化硬件将包含敏感部分的数据和/或代码的最小安全内核解密成可执行内核的处理器可访问存储器空间的一部分。大多数系统软件功能并不直接得到安全内核的支持，而是由使用公钥加密的动态加载内核扩展提供，以便只能使用安全内核拥有的私有密钥进行解密。公钥/私钥对是处理器特定的。在将控件传递给内核扩展之前，安全内核将删除其敏感部分的一个子集，只保留执行委托给内核扩展的任务所需的敏感部分。保留哪些敏感部分由内核扩展名与之签名的加密密钥确定。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式