专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07464270B2 Application identification and license enforcement 有权
标题翻译：申请识别和执照执照
公开(公告)号：US07464270B2
公开(公告)日：2008-12-09
申请号：US10625312
申请日：2003-07-23
申请人： Vishnu A. Patankar , Robert Reichel , John J. Lambert , Kedarnath A. Dubhashi , Jim E. Thatcher
发明人： Vishnu A. Patankar , Robert Reichel , John J. Lambert , Kedarnath A. Dubhashi , Jim E. Thatcher
IPC分类号： G06F11/30 , G06F12/14 , H04L9/32
CPC分类号： G06F21/57
摘要： The restriction of particular resources includes providing a digital signature for unauthorized resources based on a structure-related parameter of the resource. Thus, attempts at circumventing recognition of such resource will likely result in altering the overall functionality of the resource. Further, such digital signatures are encoded in a critical file required for loading of a resource, thus ensuring that the identity of the resource is considered before execution thereof. Enforcement of the resource restriction includes generating a verification signature for a resource that requests loading. The verification signature is compared to the signature coded into the critical file, and a positive match results in the resource being blocked from loading.
摘要翻译：特定资源的限制包括基于资源的结构相关参数为未授权资源提供数字签名。因此，绕过这种资源的识别的尝试可能导致改变资源的整体功能。此外，这样的数字签名被编码在加载资源所需的关键文件中，从而确保在执行资源之前考虑资源的身份。资源限制的执行包括为请求加载的资源生成验证签名。将验证签名与编码到关键文件中的签名进行比较，并且肯定匹配导致资源被阻止加载。

2. 发明申请

US20110252476A1 EARLY DETECTION OF POTENTIAL MALWARE 有权
标题翻译：早期检测潜在恶意软件
公开(公告)号：US20110252476A1
公开(公告)日：2011-10-13
申请号：US12757018
申请日：2010-04-08
申请人： Shawn D. Loveland , John J. Lambert , Darren E. Canavor , Ryan C. Colvin
发明人： Shawn D. Loveland , John J. Lambert , Darren E. Canavor , Ryan C. Colvin
IPC分类号： G06F21/00 , G06F17/30 , G06F11/30
CPC分类号： G06F21/552
摘要： Evidence of attempted malware attacks may be used to identify the location and nature of future attacks. A failed attack may cause a program to crash. Crash data may be sent to an analyzer for analysis. The analysis may reveal information such as the identity of the program that is being exploited, the specific way in which the program is being exploited, and the identity or location of the source of the attack. This information may be used to identify potential sources of attack and to identify the same type of attack from other sources. When the source and/or nature of an attempted attack is known, remedial action may be taken. Filters may warn users who are attempting to visit sites from which attacks have been attempted, and the makers of programs that are being exploited can be notified so that those program makers can release updates.
摘要翻译：可能使用恶意软件攻击的证据来识别未来攻击的位置和性质。失败的攻击可能导致程序崩溃。碰撞数据可能会发送到分析仪进行分析。分析可能会显示诸如被利用的程序的身份，程序被利用的具体方式以及攻击源的身份或位置等信息。该信息可用于识别潜在的攻击源，并识别来自其他来源的相同类型的攻击。当企图袭击的来源和/或性质已知时，可采取补救措施。过滤器可能会提示尝试访问已尝试攻击的站点的用户，并且可以通知正在被利用的程序的制造商，以便这些程序制造商可以发布更新。

3. 发明授权

US07290138B2 Credentials and digitally signed objects 有权
标题翻译：证书和数字签名对象
公开(公告)号：US07290138B2
公开(公告)日：2007-10-30
申请号：US10368972
申请日：2003-02-19
申请人： Trevor W. Freeman , John J. Lambert
发明人： Trevor W. Freeman , John J. Lambert
IPC分类号： H04L29/00
CPC分类号： H04L9/3247 , H04L2209/80
摘要： Object management is facilitated by signing objects with credentials and through noting and/or using an association between the signed objects and the signing credentials. In an exemplary method implementation, actions include: signing an object with a credential to produce a signed object and noting an association between an object identifier that represents the signed object and the credential. In another exemplary method implementation, actions include: receiving a revocation request for a signed object; accessing a database at an entry for the signed object to retrieve an associated credential, the associated credential having been used to sign an object to produce the signed object; and causing the associated credential to be revoked. In an exemplary electronically-accessible media implementation, a data structure thereof includes: at least one entry that associates a credential with an object identifier, the object identifier representing a signed object that was signed by the credential.
摘要翻译：通过使用凭据签名对象并通过注释和/或使用签名对象与签名凭据之间的关联来促进对象管理。在示例性方法实现中，动作包括：用凭证签名对象以产生签名对象并注意表示签名对象的对象标识符与证书之间的关联。在另一示例性方法实现中，动作包括：接收对签名对象的撤销请求; 在签名对象的条目处访问数据库以检索相关联的证书，所述相关联的证书已被用于对对象进行签名以产生签名对象; 并导致关联的凭证被撤销。在示例性电子可访问媒体实现中，其数据结构包括：将证书与对象标识符相关联的至少一个条目，所述对象标识符表示由凭证签名的签名对象。

4. 发明授权

US07350204B2 Policies for secure software execution 有权
标题翻译：安全软件执行策略
公开(公告)号：US07350204B2
公开(公告)日：2008-03-25
申请号：US09877710
申请日：2001-06-08
申请人： John J. Lambert , Praerit Garg , Jeffrey A. Lawson
发明人： John J. Lambert , Praerit Garg , Jeffrey A. Lawson
IPC分类号： G06F9/45
CPC分类号： G06F21/51 , G06F21/53 , G06F2221/2141 , G06F2221/2145 , G06F2221/2149 , H04L63/12 , H04L2463/101
摘要： A system and method that automatically, transparently and securely controls software execution by identifying and classifying software, and locating a rule and associated security level for executing executable software. The security level may disallow the software's execution, restrict the execution to some extent, or allow unrestricted execution. To restrict software, a restricted access token may be computed that reduces software's access to resources, and/or removes privileges, relative to a user's normal access token. The rules that control execution for a given machine or user may be maintained in a restriction policy, e.g., locally maintained and/or in a group policy object distributable over a network. Software may be identified/classified by a hash of its content, by a digital signature, by its file system or network path, and/or by its URL zone. For software having multiple classifications, a precedence mechanism is provided to establish the applicable rule/security level.
摘要翻译：一种通过识别和分类软件来自动，透明和安全地控制软件执行以及查找用于执行可执行软件的规则和相关安全级别的系统和方法。安全级别可能不允许软件执行，在某种程度上限制执行，或允许无限制执行。为了限制软件，可以计算相对于用户的正常访问令牌减少软件对资源的访问和/或移除权限的受限访问令牌。控制给定机器或用户的执行的规则可以被维护在限制策略中，例如本地维护和/或可以通过网络分发的组策略对象中。软件可以通过其内容的散列，数字签名，其文件系统或网络路径和/或其URL区域来识别/分类。对于具有多个分类的软件，提供优先机制来建立适用的规则/安全级别。

5. 发明申请

US20090320136A1 IDENTIFYING EXPLOITATION OF VULNERABILITIES USING ERROR REPORT 有权
标题翻译：使用错误报告识别漏洞利用
公开(公告)号：US20090320136A1
公开(公告)日：2009-12-24
申请号：US12144694
申请日：2008-06-24
申请人： John J. Lambert , Matthew W. Thomlinson , Alexander R. G. Lucas , James P. Kelly , David S. Carter , Matthew I. Diver , Emma L. Crowe
发明人： John J. Lambert , Matthew W. Thomlinson , Alexander R. G. Lucas , James P. Kelly , David S. Carter , Matthew I. Diver , Emma L. Crowe
IPC分类号： G06F21/00
CPC分类号： H04L63/1433 , G06F21/552 , G06F21/554 , G06F21/56 , G06F21/566 , G06F21/577 , G06F2221/2101 , G06F2221/2123
摘要： A tool and method examine error report information from a computer to determine not only whether a virus or other malware may be present on the computer but also may determine what vulnerability a particular exploit was attempting to use to subvert security mechanism to install the virus. A system monitor may collect both error reports and information about the error report, such as geographic location, hardware configuration, and software/operating system version information to build a profile of the spread of an attack and to be able to issue notifications related to increased data collection for errors, including crashes related to suspected services under attack.
摘要翻译：一种工具和方法从计算机检查错误报告信息，不仅可以确定计算机上是否存在病毒或其他恶意软件，还可以确定特定漏洞利用何种漏洞破坏安全机制来安装病毒。系统监视器可以收集错误报告和关于错误报告的信息，例如地理位置，硬件配置和软件/操作系统版本信息，以构建攻击传播的简档，并且能够发布与增加的相关的通知数据收集错误，包括与受到攻击的可疑服务有关的崩溃。

6. 发明授权

US07240194B2 Systems and methods for distributing trusted certification authorities 有权
标题翻译：用于分发受信任的认证机构的系统和方法
公开(公告)号：US07240194B2
公开(公告)日：2007-07-03
申请号：US10104978
申请日：2002-03-22
申请人： Philip J. Hallin , John J. Lambert , Klaus U. Schutz , Sunil Pai
发明人： Philip J. Hallin , John J. Lambert , Klaus U. Schutz , Sunil Pai
IPC分类号： H04L9/00
CPC分类号： H04L63/0823 , G06F21/33 , H04L63/062
摘要： Systems and methods are described for distributing and updating trusted certification authorities to computer systems and users. When a digital certificate is encountered during a secured electronic transaction, the root authority of the certificate is determined. It is then determined whether the root authority is a trusted authority by attempting to locate the root authority in a trusted root list. If the root authority is not included in the trusted root list, a remote site is accessed and an updated version of the trusted root list is downloaded. The new trusted root list is checked for the presence of the encountered certificate and, if found, the transaction is allowed to proceed. In one implementation, the entire trusted root list is not downloaded. Instead, if an appropriate digital certificate is located, then the certificate is downloaded and added to the trusted root list of the computer system. The transaction may then proceed.
摘要翻译：描述了系统和方法，用于将受信任的认证机构分发和更新到计算机系统和用户。在安全的电子交易中遇到数字证书时，确定证书的根本权限。然后通过尝试将根权限定位在受信任的根列表中来确定根权限是否为可信管理机构。如果根本权限不包括在受信任的根列表中，则会访问远程站点，并下载受信任根目录的更新版本。检查新的受信任的根列表是否存在遇到的证书，如果发现，则允许事务继续。在一个实现中，整个受信任的根目录不被下载。相反，如果找到适当的数字证书，则下载证书并将其添加到计算机系统的受信任的根目录中。然后可以继续交易。

7. 发明授权

US08745703B2 Identifying exploitation of vulnerabilities using error report 有权
标题翻译：使用错误报告识别利用漏洞
公开(公告)号：US08745703B2
公开(公告)日：2014-06-03
申请号：US12144694
申请日：2008-06-24
申请人： John J. Lambert , Matthew W. Thomlinson , Alexander R. G. Lucas , James P. Kelly , David S. Carter , Matthew I. Diver , Emma L. Crowe
发明人： John J. Lambert , Matthew W. Thomlinson , Alexander R. G. Lucas , James P. Kelly , David S. Carter , Matthew I. Diver , Emma L. Crowe
IPC分类号： G06F21/00
CPC分类号： H04L63/1433 , G06F21/552 , G06F21/554 , G06F21/56 , G06F21/566 , G06F21/577 , G06F2221/2101 , G06F2221/2123
摘要： A tool and method examine error report information from a computer to determine not only whether a virus or other malware may be present on the computer but also may determine what vulnerability a particular exploit was attempting to use to subvert security mechanism to install the virus. A system monitor may collect both error reports and information about the error report, such as geographic location, hardware configuration, and software/operating system version information to build a profile of the spread of an attack and to be able to issue notifications related to increased data collection for errors, including crashes related to suspected services under attack.
摘要翻译：一种工具和方法从计算机检查错误报告信息，不仅可以确定计算机上是否存在病毒或其他恶意软件，还可以确定特定漏洞利用何种漏洞破坏安全机制来安装病毒。系统监视器可以收集错误报告和关于错误报告的信息，例如地理位置，硬件配置和软件/操作系统版本信息，以构建攻击传播的简档，并且能够发布与增加的相关的通知数据收集错误，包括与受到攻击的可疑服务有关的崩溃。

8. 发明授权

US08627475B2 Early detection of potential malware 有权
标题翻译：早期发现潜在的恶意软件
公开(公告)号：US08627475B2
公开(公告)日：2014-01-07
申请号：US12757018
申请日：2010-04-08
申请人： Shawn D. Loveland , John J. Lambert , Darren E. Canavor , Ryan C. Colvin
发明人： Shawn D. Loveland , John J. Lambert , Darren E. Canavor , Ryan C. Colvin
IPC分类号： G06F11/00
CPC分类号： G06F21/552
摘要： Evidence of attempted malware attacks may be used to identify the location and nature of future attacks. A failed attack may cause a program to crash. Crash data may be sent to an analyzer for analysis. The analysis may reveal information such as the identity of the program that is being exploited, the specific way in which the program is being exploited, and the identity or location of the source of the attack. This information may be used to identify potential sources of attack and to identify the same type of attack from other sources. When the source and/or nature of an attempted attack is known, remedial action may be taken. Filters may warn users who are attempting to visit sites from which attacks have been attempted, and the makers of programs that are being exploited can be notified so that those program makers can release updates.
摘要翻译：可能使用恶意软件攻击的证据来识别未来攻击的位置和性质。失败的攻击可能导致程序崩溃。碰撞数据可能会发送到分析仪进行分析。分析可能会显示诸如被利用的程序的身份，程序被利用的具体方式以及攻击源的身份或位置等信息。该信息可用于识别潜在的攻击源，并识别来自其他来源的相同类型的攻击。当企图袭击的来源和/或性质已知时，可采取补救措施。过滤器可能会提示尝试访问已尝试攻击的站点的用户，并且可以通知正在被利用的程序的制造商，以便这些程序制造商可以发布更新。

9. 发明授权

US06769068B1 Dynamic credential refresh in a distributed system 失效
标题翻译：分布式系统中动态凭据刷新
公开(公告)号：US06769068B1
公开(公告)日：2004-07-27
申请号：US09389126
申请日：1999-09-02
申请人： Mathew James Brozowski , David E. Cox , Jonathan Scott Greenfield , John J. Lambert , Anne Renee Reidelbach , Sundari M. Revanur
发明人： Mathew James Brozowski , David E. Cox , Jonathan Scott Greenfield , John J. Lambert , Anne Renee Reidelbach , Sundari M. Revanur
IPC分类号： H04L932
CPC分类号： H04L63/08 , H04L63/108
摘要： A method, system, and computer program product code for dynamically refreshing user credentials in a distributed processing environment. The present invention provides for fast, local refresh of credentials by a server if the credentials expire during an on-going secure operation. This technique avoids the need for rolling back the operation and requiring the client to restart after acquiring fresh credentials. The ability for a systems administrator to invalidate credentials which have been compromised is maintained.
摘要翻译：用于在分布式处理环境中动态刷新用户凭据的方法，系统和计算机程序产品代码。如果证书在正在进行的安全操作期间到期，本发明提供了服务器对凭证的快速本地刷新。这种技术避免了在获取新的凭据后回滚操作并要求客户端重新启动的需要。维护系统管理员使已被破坏的凭据无效的能力。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式