会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明授权
    • Systems and methods for data loss prevention on mobile computing systems
    • 移动计算系统数据丢失预防的系统和方法
    • US08429745B1
    • 2013-04-23
    • US13243198
    • 2011-09-23
    • Jim CasaburiKent GriffinSusanta NandaSanjay SawhneyMatthew Conover
    • Jim CasaburiKent GriffinSusanta NandaSanjay SawhneyMatthew Conover
    • G06F21/00
    • G06F21/554G06F21/6254G06F2221/2101G06F2221/2143
    • A computer-implemented method for data loss prevention on mobile computing systems may include (1) identifying a mobile computing system configured to execute only one application at a time as a foreground application, (2) determining that the mobile computing system has begun executing a sensitive application as the foreground application, (3) identifying a first enumeration of screenshots stored on the mobile computing system when the mobile computing system began executing the sensitive application as the foreground application, (4) identifying a second enumeration of screenshots stored on the mobile computing system, (5) determining that at least one new screenshot was taken on the mobile computing system while the sensitive application was the foreground application by detecting a difference between the first enumeration and the second enumeration, and (6) performing a security action upon detecting the difference. Various other methods, systems, and computer-readable media are also disclosed.
    • 用于移动计算系统的用于数据丢失预防的计算机实现的方法可以包括(1)识别被配置为一次只执行一个应用的移动计算系统作为前台应用,(2)确定移动计算系统已经开始执行 敏感应用程序作为前台应用程序,(3)当移动计算系统开始执行敏感应用程序作为前台应用程序时,识别存储在移动计算系统上的屏幕截图的第一枚举;(4)识别存储在移动计算系统上的屏幕截图的第二枚举 计算系统,(5)通过检测第一次枚举和第二次枚举之间的差异,确定在移动计算系统上至少采用一个新的截图,而敏感应用程序是前台应用程序,以及(6)执行安全措施 检测差异。 还公开了各种其它方法,系统和计算机可读介质。
    • 2. 发明授权
    • Systems and methods for protecting against unauthorized access of encrypted data during power-management modes
    • 在电源管理模式下防止未经授权访问加密数据的系统和方法
    • US08555083B1
    • 2013-10-08
    • US12842023
    • 2010-07-22
    • Susanta NandaKent Griffin
    • Susanta NandaKent Griffin
    • G06F12/14G06F1/00G06F1/26
    • H04L9/0822G06F1/3234G06F21/6209G06F2221/2143H04L9/0869
    • A method may include detecting initiation of a power-management mode that suspends the functionality of at least one component of a computing device while maintaining the functionality of the device's memory. The method may also include, before the device enters the power-management mode, (1) identifying, within the device's memory, an encryption key that is required to access encrypted data stored in the device's storage device, and (2) removing the encryption key from the device's memory in order to protect against unauthorized access of the encrypted data during implementation of the power-management mode. The method may also include, upon detecting discontinuation of the power-management mode, (1) obtaining user credentials from a user of the device in order to authenticate the user and, upon successfully authenticating the user, (2) using the user credentials to regenerate the encryption key in order to enable access to the encrypted data stored in the storage device.
    • 一种方法可以包括检测停止计算设备的至少一个组件的功能的功率管理模式的启动,同时保持设备的存储器的功能。 该方法还可以在设备进入电源管理模式之前,(1)在设备的存储器内识别访问存储在设备的存储设备中的加密数据所需的加密密钥,以及(2)去除加密 密钥从设备的存储器中,以防止在执行电源管理模式期间加密数据的未经授权的访问。 该方法还可以包括在检测到电力管理模式的中止时,(1)从设备的用户获得用户凭证以便认证用户,并且在成功认证用户时,(2)使用用户凭证 重新生成加密密钥以便访问存储在存储设备中的加密数据。
    • 4. 发明授权
    • Systems and methods for classifying unknown files/spam based on a user actions, a file's prevalence within a user community, and a predetermined prevalence threshold
    • 至少部分地基于用户在被告知文件的可信赖性是未知的行为之后对用户社区中的普及率进行分类的文件的分类的系统和方法
    • US08572007B1
    • 2013-10-29
    • US12916267
    • 2010-10-29
    • Pratyusa ManadhataKent GriffinZulfikar Ramzan
    • Pratyusa ManadhataKent GriffinZulfikar Ramzan
    • G06F11/00
    • G06F21/56G06F21/567G06F2221/2115
    • A computer-implemented, server-side method for classifying unknown files based on user actions may include (1) identifying at least one file whose trustworthiness is unknown, (2) identifying a report received from at least one client device that identifies at least one action taken by a user within a user community when informed by security software on the client device that the trustworthiness of the file is unknown, (3) determining that the action taken by the user indicates that the user believes the file is trustworthy, (4) classifying the file as trustworthy based at least in part on the action taken by the user, and then (5) providing the file's classification to at least one computing device in order to enable the computing device to evaluate the trustworthiness of the file. Corresponding systems, encoded computer-readable media, and client-side methods are also disclosed.
    • 用于基于用户动作对未知文件进行分类的计算机实现的服务器端方法可以包括(1)识别至少一个可信赖度未知的文件,(2)识别从至少一个客户端设备接收的报告,其识别至少一个 (3)确定用户所采取的动作表示用户认为该文件是可信赖的,(4)通过用户社区中的用户在客户端设备上的安全软件通知文件的可信赖性未知时, )至少部分地基于所述用户采取的行动将所述文件分类为可信赖,然后(5)将所述文件的分类提供给至少一个计算设备,以使所述计算设备能够评估所述文件的可信赖性。 还公开了相应的系统,编码的计算机可读介质和客户端方法。
    • 10. 发明授权
    • Providing installer package information to a user
    • 向用户提供安装程序包信息
    • US08677346B1
    • 2014-03-18
    • US13246794
    • 2011-09-27
    • Kent GriffinSourabh SatishVijay SeshadriAbubakar WawdaJing Zhou
    • Kent GriffinSourabh SatishVijay SeshadriAbubakar WawdaJing Zhou
    • G06F9/445
    • G06F8/61
    • Installer package information is presented to a user in response to an attempted installation of an application on an endpoint. The attempted installation is detected and the installer package is identified to an information server. The installer package may be identified using a hash key or other unique identifier. In response, the information server provides to the endpoint information associated with the identified installer package based on information received from a plurality of other endpoints. The endpoint may also provide installation and application information related to the installer package to the information server. In one embodiment, when the information server obtains more than the threshold amount of information for an installer package, the information server may analyze the information and provide the analysis to requesting endpoints. The analysis may include the risk or performance impact of the installer package, or the category or functionality of the application.
    • 响应于在端点上尝试安装应用程序,将安装程序包信息呈现给用户。 检测到尝试的安装,并将安装程序包标识到信息服务器。 可以使用散列密钥或其他唯一标识符来识别安装程序包。 作为响应,信息服务器基于从多个其他端点接收的信息向端点提供与所识别的安装程序包相关联的信息。 端点还可以将与安装程序包相关的安装和应用信息提供给信息服务器。 在一个实施例中,当信息服务器获得超过用于安装程序包的阈值信息量时,信息服务器可以分析信息并向请求端点提供分析。 分析可能包括安装程序包的风险或性能影响,或应用程序的类别或功能。