专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明公开

EP1247150A2 THWARTING MAP-LOADED MODULE MASQUERADE ATTACKS 有权
标题翻译：摧毁地图加载的模块MASQUERADE攻击
公开(公告)号：EP1247150A2
公开(公告)日：2002-10-09
申请号：EP01904858.6
申请日：2001-01-11
申请人： SYMANTEC CORPORATION
发明人： SOBEL, William, E. , GRAWROCK, David
IPC分类号： G06F1/00
CPC分类号： G06F21/565 , G06F21/552
摘要： Apparatus, computer-implemented method, and computer-readable medium for thwarting map-loaded module (8) attacks on a digital computer (1). Within the computer (1) is a registry (10) containing mappings from generic names (4) of map-loaded modules (8) to specific locations (5) of the map-loaded modules (8). Coupled to the registry (10) is a registry monitor module (20) adapted to monitor attempts to replace existing mappings (5) of map-loaded modules (8) with replacement mappings (5). Coupled to the map-loaded modules (8) is a file system monitor module (70) adapted to monitor attempts to insert new map-loaded modules (8) into the computer (1). Coupled to the registry monitor module (20) and to the file system monitor module (70) is a programmable control module (30) adapted to determine when a change in mapping constitutes a malicious code attack. Such determinations are made when one or more pre-established rules (50) are satisfied. Two categories of rules (50) can be pre-established for use by control module (30): a first set of rules (50) for which programmable control module (30) can make decisions on its own, and a second set of rules (50) for which programmable control module (30) passes control to a system administrator (40).
摘要翻译：用于阻止对数字计算机（1）上的映射加载模块（8）攻击的设备，计算机实现的方法和计算机可读介质。在计算机（1）内是注册表（10），注册表（10）包含从加载地图的模块（8）的通用名称（4）到加载地图的模块（8）的特定位置（5）的映射。耦合到注册表（10）的是注册表监视模块（20），其适于监视用替换映射（5）替换映射加载模块（8）的现有映射（5）的尝试。耦合到加载地图的模块（8）的是文件系统监视模块（70），其适于监视将新的加载地图的模块（8）插入计算机（1）的尝试。耦合到注册表监视器模块（20）和文件系统监视器模块（70）的是可编程控制模块（30），其适于确定映射中的变化何时构成恶意代码攻击。当满足一个或多个预先建立的规则（50）时，做出这样的确定。可以预先建立两类规则（50）供控制模块（30）使用：第一组规则（50），可编程控制模块（30）可以自己做出决定，第二组规则（50），可编程控制模块（30）将控制传递给系统管理员（40）。

2. 发明公开

EP1135719A1 AUTOMATIC RECOVERY OF FORGOTTEN PASSWORDS 审中-公开
标题翻译：自动修复忘记密码
公开(公告)号：EP1135719A1
公开(公告)日：2001-09-26
申请号：EP99969806.1
申请日：1999-09-21
申请人： SYMANTEC CORPORATION
发明人： GRAWROCK, David
IPC分类号： G06F1/00
CPC分类号： G06F21/31 , G06F21/40 , G06F21/6209 , G06F2221/2131
摘要： In accordance with the invention a method of securely and automatically authenticating a user is disclosed. Bona fides are entered for a user, hashed, and stored at an authenticating entity, remote from the user's computer. When a user forgets his/her password, the user enters his/her bona fides, which are again hashed on the user's system, and then securely transmitted to the authenticating entity. The authenticating entity compares the received, hashed bona fides to those previously stored at the authenticating entity. If the comparison shows that the values match or otherwise appropriately correlate, the user will be authenticated. The user will then be provided with the means to access his/her encrypted data. In other words, once authenticated the authenticating entity will automatically provide the user and/or the user's computer with an access key, in one embodiment, allowing the user to access his/her encrypted data.

3. 发明授权

EP1247150B1 THWARTING MAP-LOADED MODULE MASQUERADE ATTACKS 有权
标题翻译：预防MAP活化MODULMASKERADEANGRIFFE的
公开(公告)号：EP1247150B1
公开(公告)日：2004-03-31
申请号：EP01904858.6
申请日：2001-01-11
申请人： SYMANTEC CORPORATION
发明人： SOBEL, William, E. , GRAWROCK, David
IPC分类号： G06F1/00
CPC分类号： G06F21/565 , G06F21/552
摘要： Apparatus, computer-implemented method, and computer-readable medium for thwarting map-loaded module (8) attacks on a digital computer (1). Within the computer (1) is a registry (10) containing mappings from generic names (4) of map-loaded modules (8) to specific locations (5) of the map-loaded modules (8). Coupled to the registry (10) is a registry monitor module (20) adapted to monitor attempts to replace existing mappings (5) of map-loaded modules (8) with replacement mappings (5). Coupled to the map-loaded modules (8) is a file system monitor module (70) adapted to monitor attempts to insert new map-loaded modules (8) into the computer (1). Coupled to the registry monitor module (20) and to the file system monitor module (70) is a programmable control module (30) adapted to determine when a change in mapping constitutes a malicious code attack. Such determinations are made when one or more pre-established rules (50) are satisfied. Two categories of rules (50) can be pre-established for use by control module (30): a first set of rules (50) for which programmable control module (30) can make decisions on its own, and a second set of rules (50) for which programmable control module (30) passes control to a system administrator (40).

4. 发明公开

EP1008249A1 SYSTEM FOR DECRYPTION AND RE-ENCRYPTION OF FILES 失效
标题翻译：设备解码和重新加密FILES
公开(公告)号：EP1008249A1
公开(公告)日：2000-06-14
申请号：EP97905587.8
申请日：1997-01-15
申请人： SYMANTEC CORPORATION
发明人： McDONNAL, William, D. , LOHSTROH, Shawn , GRAWROCK, David
IPC分类号： H04L9/00
CPC分类号： G06F21/6218 , G06F12/1408 , G06F21/602 , G06F2211/007 , G06F2211/008 , G06F2221/2141
摘要： A machine system (100) for automatic decryption of confidential file data on a per-use basis and automatic later elimination of the decrypted data by scorching and/or re-encrypting is disclosed. The following features are provided for secure and automatic recryption: (1) use of file-exclusion lists; (2) use of application-program exclusion lists; (3) decrypting as needed in response to intercepted file-OPEN requests; (4) encrypting as needed in response to intercepted file-CLOSE requests; (5) delaying post-CLOSE encryption.

5. 发明公开

EP1066554A1 SYSTEM FOR INTERCEPTING FILE ACCESSES AND FOR AUTOMATIC DECRYPTION AND RE-ENCRYPTION OF FILE DATA ON A PER-USE BASIS 有权
标题翻译：收集系统文件访问和和解码自动重新加密文件数据使用的基础
公开(公告)号：EP1066554A1
公开(公告)日：2001-01-10
申请号：EP99914891.9
申请日：1999-03-08
申请人： SYMANTEC CORPORATION
发明人： GRAWROCK, David
IPC分类号： G06F1/00
CPC分类号： G06F21/602 , G06F2209/542 , Y10S707/99939
摘要： A machine system includes bubble protection for protecting the information of certain classes of files from unauthorized access by way of unauthorized classes of programs at unauthorized periods of time. The machine system additionally may have OTF mechanism for automatic decryption of confidential file data on a peruse basis and automatic later elimination of the decrypted data by scorching and/or re-encrypting is dislosed. The system can operate within a multi-threaded environment. The machine system additionally may have a digital signature mechanism for protecting file data from unauthorized tampering. The machine system additionally may have a volume-encryption mechanism for protecting plaintext versions of file data from exposure in events of power outages.

6. 发明公开

EP0894377A1 A METHOD FOR PROVIDING A SECURE NON-REUSABLE ONE-TIME PASSWORD 失效
标题翻译：一种用于生产安全，不能重用，且唯一的密码
公开(公告)号：EP0894377A1
公开(公告)日：1999-02-03
申请号：EP97920309.0
申请日：1997-04-10
申请人： SYMANTEC CORPORATION
发明人： LOHSTROH, Shawn, R. , GRAWROCK, David
IPC分类号： G06F21 , G06F1
CPC分类号： G06F21/6209 , G06F21/31 , G06F2211/008 , G06F2221/2131
摘要： The present invention is directed toward providing a secure method to access data when the user has lost or forgotten the user password (261). In accordance with the invention and in a system where decryption of an access key (232) will give access to data, two encrypted versions of the access key are created (236, 270). A first version (236) is formed using a key (264) formed with the user password. A second version (270) is formed using a public key (266) from a public-private key pair. Generally, data access can be had by decrypting the first encrypted version (236) of the access key (232) with the password key (264). However, if the password (261) is forgotten, access to data can be accomplished by decrypting the second encrypted version (270) of the access key (232) with the private key (280) from the public-private key pair. One embodiment of the invention requires the private key (280) to be stored at a remote site and for decryption using the private key to take place at the remote site. In this manner the user can gain access to data without significantly compromising the data security.

7. 发明授权

EP1066554B1 SYSTEM FOR INTERCEPTING FILE ACCESSES AND FOR AUTOMATIC DECRYPTION AND RE-ENCRYPTION OF FILE DATA ON A PER-USE BASIS 有权
标题翻译：收集系统文件访问和和解码自动重新加密文件数据使用的基础
公开(公告)号：EP1066554B1
公开(公告)日：2003-10-15
申请号：EP99914891.9
申请日：1999-03-08
申请人： SYMANTEC CORPORATION
发明人： GRAWROCK, David
IPC分类号： G06F1/00
CPC分类号： G06F21/602 , G06F2209/542 , Y10S707/99939
摘要： A machine system includes bubble protection for protecting the information of certain classes of files from unauthorized access by way of unauthorized classes of programs at unauthorized periods of time. The machine system additionally may have OTF mechanism for automatic decryption of confidential file data on a peruse basis and automatic later elimination of the decrypted data by scorching and/or re-encrypting is dislosed. The system can operate within a multi-threaded environment. The machine system additionally may have a digital signature mechanism for protecting file data from unauthorized tampering. The machine system additionally may have a volume-encryption mechanism for protecting plaintext versions of file data from exposure in events of power outages.

8. 发明公开

EP0900487A1 CRYPTOGRAPHIC FILE LABELING SYSTEM FOR SUPPORTING SECURED ACCESS BY MULTIPLE USERS 失效
标题翻译：以支持FACE对多用户的访问KRYPTO图形文件标志制度
公开(公告)号：EP0900487A1
公开(公告)日：1999-03-10
申请号：EP97922323.0
申请日：1997-04-14
申请人： SYMANTEC CORPORATION
发明人： LOHSTROH, Shawn, R. , McDONNAL, William, D. , GRAWROCK, David
IPC分类号： G06F1 , G06F21 , G06F12
CPC分类号： G06F21/6209 , G06F12/1408 , G06F2211/007 , G06F2211/008 , G06F2221/2141
摘要： A system is disclosed for automatically distributing secured versions (*Sys_D_key*) of a file decryption key (Sys_D_key) to a plurality of file users by way of the file's security label. The label is defined to contain a plurality of Access-Control-Entries Records (ACER's) where each ACER includes a respective secured version (*Sys_D_key*) of the file decryption key. Each such secured version (*Sys_D_key*) is decipherable by a respective ACER private key. Each ACER may include respective other data such as: (a) ACER-unique identifying data for uniquely identifiying the ACER or an associated user; (b) decryption algorithm identifying data for identifying the decryption process to be used to decrypt the encrypted *DATA* portion of the file; and (c) special handling code for specifying special handling for the code-containing ACER. The label is preferably covered by a digital signature but includes an extension buffer that is not covered by the digital signature. Users who wish to have an ACER of their own added to the label may submit add-on requests by writing to the extension buffer.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式