专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20060010241A1 MIME handling security enforcement 有权
公开(公告)号：US20060010241A1
公开(公告)日：2006-01-12
申请号：US10873576
申请日：2004-06-22
申请人： Venkatraman Kudallur , Shankar Ganesh , Roberto Franco , Vishu Gupta , John Bedworth
发明人： Venkatraman Kudallur , Shankar Ganesh , Roberto Franco , Vishu Gupta , John Bedworth
IPC分类号： G06F15/16
CPC分类号： G06F21/60 , G06F21/56 , G06F21/562 , G06F21/566
摘要： A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.

2. 发明申请

US20050246761A1 System and method for local machine zone lockdown with relation to a network browser 有权
标题翻译：与网络浏览器相关的本地机器区域锁定的系统和方法
公开(公告)号：US20050246761A1
公开(公告)日：2005-11-03
申请号：US10836182
申请日：2004-04-30
申请人： David Ross , Roberto Franco , John Bedworth , Shankar Ganesh , Venkatraman Kudallur , Anantha Ganjam , Kurt Schmucker
发明人： David Ross , Roberto Franco , John Bedworth , Shankar Ganesh , Venkatraman Kudallur , Anantha Ganjam , Kurt Schmucker
IPC分类号： H04L9/00 , H04L29/06
CPC分类号： H04L63/20 , G06F21/53 , G06F21/6218 , H04L63/105 , H04L63/168
摘要： A method and system for locking down a local machine zone associated with a network browser is provided. Placing the local machine zone in a lockdown mode provides stricter security settings that are applied to active content attempting to publish within a local page open in the network browser. The stricter setting are provided in a new set of registry keys that correspond to the lockdown mode of the local machine zone. The original security settings remain unchanged so that other systems and applications functionality that depends on the original security settings remains unaffected for the local machine zone. A user may also selectively allow active content to render despite the local machine zone being locked down.
摘要翻译：提供了一种用于锁定与网络浏览器相关联的本地计算机区域的方法和系统。将本地计算机区域置于锁定模式下，将提供更严格的安全设置，适用于尝试在网络浏览器中打开的本地页面中发布的活动内容。更严格的设置在与本地机器区域的锁定模式相对应的一组新的注册表项中提供。原始的安全设置保持不变，这样依赖于原始安全设置的其他系统和应用程序功能对本地计算机区域不会受到影响。即使本地机器区被锁定，用户也可以选择性地允许活动内容呈现。

3. 发明申请

US20070006148A1 Ascertaining domain contexts 有权
标题翻译：确定域上下文
公开(公告)号：US20070006148A1
公开(公告)日：2007-01-04
申请号：US11150869
申请日：2005-06-10
申请人： Govind Varshney , Marc Silbey , Shankar Ganesh , Robert Impollonia , Venkatraman Kudallur
发明人： Govind Varshney , Marc Silbey , Shankar Ganesh , Robert Impollonia , Venkatraman Kudallur
IPC分类号： G06F9/44
CPC分类号： H04L63/1408 , G06F17/30887 , G06F17/30902
摘要： Various embodiments pertain to ascertaining domain contexts. In one embodiment, an application receives content that may contain a script (i.e. code). In this case, the domain context is ascertained and the script is executed in the context of the domain associated with the received content, rather than requiring the application or some other component to navigate to a location, such as a web location, to attempt to ascertain the domain context of the script. In another embodiment, third party objects or code are required to provide their domain context to an application in order for the application to make a security-based decision.
摘要翻译：各种实施例涉及确定域上下文。在一个实施例中，应用程序接收可能包含脚本（即代码）的内容。在这种情况下，确定域上下文并且在与所接收的内容相关联的域的上下文中执行脚本，而不是要求应用程序或某个其他组件导航到诸如web位置的位置，以尝试确定脚本的域上下文。在另一个实施例中，需要第三方对象或代码将其域上下文提供给应用，以便应用进行基于安全的决策。

4. 发明授权

US08646078B2 MIME handling security enforcement 有权
标题翻译： MIME处理安全执行
公开(公告)号：US08646078B2
公开(公告)日：2014-02-04
申请号：US12685528
申请日：2010-01-11
申请人： Venkatraman V Kudallur , Shankar Ganesh , Roberto A Franco , Vishu Gupta , John G Bedworth
发明人： Venkatraman V Kudallur , Shankar Ganesh , Roberto A Franco , Vishu Gupta , John G Bedworth
IPC分类号： G06F12/14 , G08B23/00
CPC分类号： G06F21/60 , G06F21/56 , G06F21/562 , G06F21/566
摘要： A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.
摘要翻译：模型限制不受信任的数据/对象在未经许可的情况下在用户计算机上运行。数据由报告与DATA关联的MIME类型的协议层接收，并缓存数据和相关缓存文件名（CFN）。安排MIME嗅探器根据缓存的数据，CFN和报告的MIME类型来识别嗅探的MIME类型。调和逻辑评估嗅探的MIME类型和CFN以确定对帐的MIME类型，并更新CFN。类ID嗅探器评估更新的CFN，缓存数据和已对帐的MIME类型，以确定适当的类ID。安全逻辑评估更新的CFN，报告的类ID和其他相关系统参数以构建安全性矩阵。来自安全矩阵的参数用于在不可信数据/对象可能在机器上创建安全漏洞之前拦截数据/对象。

5. 发明申请

US20100107251A1 MIME Handling Security Enforcement 有权
标题翻译： MIME处理安全执行
公开(公告)号：US20100107251A1
公开(公告)日：2010-04-29
申请号：US12685528
申请日：2010-01-11
申请人： Venkatraman V. Kudallur , Shankar Ganesh , Roberto A. Franco , Vishu Gupta , John G. Bedworth
发明人： Venkatraman V. Kudallur , Shankar Ganesh , Roberto A. Franco , Vishu Gupta , John G. Bedworth
IPC分类号： G06F21/00 , G06F15/16
CPC分类号： G06F21/60 , G06F21/56 , G06F21/562 , G06F21/566
摘要： A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.
摘要翻译：模型限制不受信任的数据/对象在未经许可的情况下在用户计算机上运行。数据由报告与DATA关联的MIME类型的协议层接收，并缓存数据和相关缓存文件名（CFN）。安排MIME嗅探器根据缓存的数据，CFN和报告的MIME类型来识别嗅探的MIME类型。调和逻辑评估嗅探的MIME类型和CFN以确定对帐的MIME类型，并更新CFN。类ID嗅探器评估更新的CFN，缓存数据和已对帐的MIME类型，以确定适当的类ID。安全逻辑评估更新的CFN，报告的类ID和其他相关系统参数以构建安全性矩阵。来自安全矩阵的参数用于在不可信数据/对象可能在机器上创建安全漏洞之前拦截数据/对象。

6. 发明授权

US07660999B2 MIME handling security enforcement 有权
标题翻译： MIME处理安全执行
公开(公告)号：US07660999B2
公开(公告)日：2010-02-09
申请号：US10873576
申请日：2004-06-22
申请人： Venkatraman V. Kudallur , Shankar Ganesh , Roberto A. Franco , Vishu Gupta , John G. Bedworth
发明人： Venkatraman V. Kudallur , Shankar Ganesh , Roberto A. Franco , Vishu Gupta , John G. Bedworth
IPC分类号： G06F12/14 , G06F12/16 , G06F15/16
CPC分类号： G06F21/60 , G06F21/56 , G06F21/562 , G06F21/566
摘要： A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.
摘要翻译：模型限制不受信任的数据/对象在未经许可的情况下在用户计算机上运行。数据由报告与DATA关联的MIME类型的协议层接收，并缓存数据和相关缓存文件名（CFN）。安排MIME嗅探器根据缓存的数据，CFN和报告的MIME类型来识别嗅探的MIME类型。调和逻辑评估嗅探的MIME类型和CFN以确定对帐的MIME类型，并更新CFN。类ID嗅探器评估更新的CFN，缓存数据和已对帐的MIME类型，以确定适当的类ID。安全逻辑评估更新的CFN，报告的类ID和其他相关系统参数以构建安全性矩阵。来自安全矩阵的参数用于在不可信数据/对象可能在机器上创建安全漏洞之前拦截数据/对象。

7. 发明申请

US20050246772A1 System and method for zone transition mitigation with relation to a network browser 有权
标题翻译：与网络浏览器相关的区域过渡缓解系统和方法
公开(公告)号：US20050246772A1
公开(公告)日：2005-11-03
申请号：US10835909
申请日：2004-04-30
申请人： Shankar Ganesh , Roberto Franco , Kurt Schmucker
发明人： Shankar Ganesh , Roberto Franco , Kurt Schmucker
IPC分类号： G06F21/00 , H04L9/00 , H04L29/06
CPC分类号： H04L63/168 , G06F21/53 , G06F21/6218 , H04L63/105
摘要： A method and system for determining whether to allow a network browser action when a transition occurs between security zones as a result of the action is provided. Gaining access to a local machine zone may be a goal for unauthorized entities attempting to improperly access a user's content. The present invention therefore may be initiated to block transitions from the security zones with stricter security restrictions to zones with less security restrictions. In addition, a selected alternative may be commenced depending on the relative weight of the security zones involved the zone transition. Depending on the relative weight of security zones, the transition between zones may be allowed, prevented, or the user may be prompted to decide whether to allow or prevent the action that results in the zone transition.
摘要翻译：提供了一种用于在作为结果的安全区之间发生转换时确定是否允许网络浏览器动作的方法和系统。访问本地计算机区域可能是未经授权的实体尝试不正确访问用户内容的目标。因此，本发明可以被启动以阻止具有更严格的安全限制的安全区域到具有较少安全限制的区域的转换。此外，可以根据涉及区域转换的安全区域的相对权重来开始选择的替代方案。根据安全区域的相对权重，可以允许，防止区域之间的过渡，或者可能会提示用户决定是否允许或阻止导致区域转换的动作。

8. 发明申请

US20050256960A1 Security restrictions on binary behaviors 有权
标题翻译：对二进制行为的安全限制
公开(公告)号：US20050256960A1
公开(公告)日：2005-11-17
申请号：US10836417
申请日：2004-04-29
申请人： Shankar Ganesh , John Bedworth
发明人： Shankar Ganesh , John Bedworth
IPC分类号： G06F15/16 , H04L29/06
CPC分类号： H04L63/105
摘要： A security model restricts binary behaviors on a machine based on identified security zones. Binary behaviors can be attached to an element of a document, web-page, or email message. The binary behavior potentially threatens security on the local machine. A security manager intercepts download requests and/or execution requests, identifies a security zone for the requested binary behavior, and restricts access based on the security zone. The binary behavior can identify a security zone according to the related URL. In one example, all binary behaviors associated with a security zone are handled identically. In another example, a list of permissible binary behaviors is associated with a security zone such that only specified binary behaviors are granted access. In still another example, a list of impermissible binary behaviors is associated with a security zone such that binary behaviors that are found in the list cannot initiate access.
摘要翻译：安全模型基于识别的安全区域限制机器上的二进制行为。二进制行为可以附加到文档，网页或电子邮件的元素。二进制行为可能威胁到本地机器上的安全性。安全管理员拦截下载请求和/或执行请求，识别所请求的二进制行为的安全区域，并限制基于安全区域的访问。二进制行为可以根据相关URL识别安全区域。在一个示例中，与安全区域相关联的所有二进制行为被相同地处理。在另一个示例中，允许的二进制行为的列表与安全区域相关联，使得仅允许指定的二进制行为被访问。在另一个示例中，不允许的二进制行为的列表与安全区域相关联，使得在列表中找到的二进制行为不能启动访问。

9. 发明申请

US20150193215A1 Common installer server 有权
标题翻译：通用安装程序服务器
公开(公告)号：US20150193215A1
公开(公告)日：2015-07-09
申请号：US11261953
申请日：2005-10-28
申请人： Sorin Jianu , Sundar Pichai , Jocelyn Lin , Ann Mei Chang , Othman Laraki , Joerg Heilig , John Fu , Shankar Ganesh , Jian Li , Jesse Savage , Carl Schedvin
发明人： Sorin Jianu , Sundar Pichai , Jocelyn Lin , Ann Mei Chang , Othman Laraki , Joerg Heilig , John Fu , Shankar Ganesh , Jian Li , Jesse Savage , Carl Schedvin
IPC分类号： G06F9/445 , H04L29/08
CPC分类号： G06F8/61 , G06F8/65 , H04L63/123 , H04L67/02 , H04L67/34
摘要： Systems and techniques to provide for software installation. In general, in one implementation, the technique includes detecting selection of one or more applications by a user; creating a manifest for the one or more applications, the manifest including a reference to the one or more applications and a reference to one or more installers, where each of the one or more applications is associated with a unique one of the one or more installers; and providing the manifest to a target system where each of the one or more applications can be installed, none of the applications or installers being provided in the manifest.
摘要翻译：提供软件安装的系统和技术。通常，在一个实现中，该技术包括检测用户对一个或多个应用的选择; 为所述一个或多个应用创建清单，所述清单包括对所述一个或多个应用的引用以及对一个或多个安装者的引用，其中所述一个或多个应用中的每一个与所述一个或多个安装者中的唯一的一个或多个安装者相关联 ; 并将清单提供给可以安装一个或多个应用程序中的每一个的目标系统，清单中没有提供任何应用程序或安装程序。

10. 发明授权

US08261258B1 Common installer client 有权
标题翻译：通用安装程序客户端
公开(公告)号：US08261258B1
公开(公告)日：2012-09-04
申请号：US11262056
申请日：2005-10-28
申请人： Sorin Jianu , Sundar Pichai , Jocelyn Lin , Ann Mei Chang , Othman Laraki , Joerg Heilig , John Fu , Shankar Ganesh , Jian Li , Jesse Savage
发明人： Sorin Jianu , Sundar Pichai , Jocelyn Lin , Ann Mei Chang , Othman Laraki , Joerg Heilig , John Fu , Shankar Ganesh , Jian Li , Jesse Savage
IPC分类号： G06F9/445 , G06F9/44
CPC分类号： G06F8/61
摘要： Systems and techniques to provide for software installation. In general, in one implementation, the technique includes receiving a manifest, the manifest including a reference to one or more applications to be installed, obtaining an installer associated with an application, and using the associated installer to install the application on a target system, the application and the associated installer not being provided in the manifest.
摘要翻译：提供软件安装的系统和技术。通常，在一个实现中，该技术包括接收清单，该清单包括对要安装的一个或多个应用程序的引用，获得与应用程序相关联的安装程序，以及使用相关联的安装程序将应用程序安装在目标系统上，应用程序和相关的安装程序不在清单中提供。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式