专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08826421B2 Method and apparatus for security validation of user input 有权
标题翻译：用户输入安全验证的方法和装置
公开(公告)号：US08826421B2
公开(公告)日：2014-09-02
申请号：US13512642
申请日：2010-11-05
申请人： Lin Luo , Fan Jing Meng , Shun Xiang Yang , Yu Zhang
发明人： Lin Luo , Fan Jing Meng , Shun Xiang Yang , Yu Zhang
IPC分类号： G06F21/00 , G06F21/55
CPC分类号： G06F21/00 , G06F21/554 , H04L63/0263 , H04L63/1408
摘要： According to embodiments of the present invention, a computing device provides a security rules subset of a server-side protection element to a pre-validation component deployed at a client side. The computing device validates the user input based on the security rules. The computing device determines, in response to detecting a user input violation and that a violated security rule has/or has not been provided to the pre-validation component, the user as a first or second class of users. The computing device performs different security protection actions to the first and second class of users. The computing device asynchronously performs a dynamic update to the security rule subset provided to the pre-validation component. The security rule subset is screened from the security rules of the server-side protection means. A policy for screening the security rule subset is selected.
摘要翻译：根据本发明的实施例，计算设备向部署在客户端的预验证组件提供服务器侧保护元件的安全规则子集。计算设备根据安全规则验证用户输入。计算设备响应于检测到用户输入违规而确定已经/尚未向预验证组件提供违反的安全规则，该用户作为第一或第二类用户。计算设备对第一类用户和第二类用户执行不同的安全保护动作。计算设备异步地对提供给预验证组件的安全规则子集进行动态更新。从服务器端保护装置的安全规则中筛选出安全规则子集。选择筛选安全规则子集的策略。

2. 发明授权

US08386784B2 Apparatus and method for securely submitting and processing a request 有权
标题翻译：用于安全地提交和处理请求的装置和方法
公开(公告)号：US08386784B2
公开(公告)日：2013-02-26
申请号：US12473559
申请日：2009-05-28
申请人： Bo Gao , Lin Luo , Shun Xiang Yang , Yu Zhang
发明人： Bo Gao , Lin Luo , Shun Xiang Yang , Yu Zhang
IPC分类号： H04L9/32
CPC分类号： H04L63/068 , H04L63/1441
摘要： An apparatus and a method for securely submitting a request and an apparatus and a method for securely processing a request. The apparatus for securely submitting a request includes a request pre-submitting component and a request confirmation component. The request pre-submitting component sends a request with a unique identifier to a server and sends an alarm message containing the unique identifier and a request description to the request confirmation component. The request confirmation component contains a key inaccessible to other components in a client. It pops up a request confirmation window, on which the request description is displayed, in response to the alarm message and generates a request confirmation message associated with the request by using the key and the unique identifier.
摘要翻译：用于安全地提交请求的装置和方法，以及用于安全地处理请求的装置和方法。用于安全地提交请求的装置包括请求提交组件和请求确认组件。请求预提交组件向服务器发送具有唯一标识符的请求，并向请求确认组件发送包含唯一标识符和请求描述的警报消息。请求确认组件包含客户机中其他组件无法访问的密钥。它响应于该报警消息弹出显示请求描述的请求确认窗口，并通过使用密钥和唯一标识符生成与该请求相关联的请求确认消息。

3. 发明申请

US20120078590A1 METHOD AND SYSTEM FOR CREATING MODEL DATA 审中-公开
标题翻译：用于创建模型数据的方法和系统
公开(公告)号：US20120078590A1
公开(公告)日：2012-03-29
申请号：US13238158
申请日：2011-09-21
申请人： Chen Hao , Qi Cheng Li , Jian Wang , Yi Min Wang , Shun Xiang Yang , Zi Yu Zhu
发明人： Chen Hao , Qi Cheng Li , Jian Wang , Yi Min Wang , Shun Xiang Yang , Zi Yu Zhu
IPC分类号： G06F17/50
CPC分类号： G06T19/20 , G06T17/20 , G06T2219/2021
摘要： The invention provides a method and system for creating model data. The method comprises: obtaining initial model data that is based on thickness model; adjusting thickness of the part of vertices of the initial model data in response to user inputting thickness values of part of vertices; adjusting position of the part of vertices of the initial model data in response to user inputting position values of part of vertices; and obtaining model data that is based on thickness model according to the initial model data and the adjusted part of vertices. By employing the method or system of the invention, it will facilitate user to edit model data and it will also save storage space.
摘要翻译：本发明提供了一种用于创建模型数据的方法和系统。该方法包括：获得基于厚度模型的初始模型数据; 响应于用户输入部分顶点的厚度值，调整初始模型数据的顶点部分的厚度; 响应于用户输入部分顶点的位置值，调整初始模型数据的顶点部分的位置; 并根据初始模型数据和顶点的调整部分获得基于厚度模型的模型数据。通过采用本发明的方法或系统，便于用户编辑模型数据，同时也节省了存储空间。

4. 发明申请

US20100281311A1 METHOD AND SYSTEM FOR RECONSTRUCTING ERROR RESPONSE MESSAGES UNDER WEB APPLICATION ENVIRONMENT 有权
标题翻译：在WEB应用环境下重新构建错误响应消息的方法和系统
公开(公告)号：US20100281311A1
公开(公告)日：2010-11-04
申请号：US12769845
申请日：2010-04-29
申请人： Bo Gao , Chang Jie Guo , Lin Luo , Shun Xiang Yang , Yu Zhang
发明人： Bo Gao , Chang Jie Guo , Lin Luo , Shun Xiang Yang , Yu Zhang
IPC分类号： G06F11/14 , G06F15/16
CPC分类号： H04L63/168 , H04L63/1441
摘要： A computer-implemented method and system for reconstructing a response message to an improper accessing request in a web application environment. The method includes: obtaining the URL of a web application to be accessed by the improper accessing request and the error parameter information of the improper accessing request; obtaining a response template based on the obtained URL of the web application to be accessed; and merging the obtained error parameter information of the improper accessing request with the obtained response template to generate a reconstructed response message for the improper accessing request. The system includes: a message obtaining device; a response message template obtaining device; and a response message merging device.
摘要翻译：一种计算机实现的方法和系统，用于在Web应用环境中重建响应消息到不正确的访问请求。该方法包括：获取由不正当访问请求访问的Web应用的URL和不正当访问请求的错误参数信息; 基于所获取的要访问的web应用的URL获取响应模板; 将获得的不正当访问请求的错误参数信息与所获得的响应模板合并，生成用于不正当访问请求的重构响应消息。该系统包括：消息获取装置; 响应消息模板获取装置; 和响应消息合并设备。

5. 发明授权

US08407481B2 Secure apparatus and method for protecting integrity of software system and system thereof 失效
标题翻译：用于保护软件系统完整性的安全装置和方法及其系统
公开(公告)号：US08407481B2
公开(公告)日：2013-03-26
申请号：US12163797
申请日：2008-06-27
申请人： Ya Bin Dang , Da Ming Hao , Shih-Gong Li , Lin Luo , Shun Xiang Yang
发明人： Ya Bin Dang , Da Ming Hao , Shih-Gong Li , Lin Luo , Shun Xiang Yang
IPC分类号： G06F11/30 , G06F12/14 , G06F7/04 , G06F17/30 , G06F21/00 , H04N7/16
CPC分类号： G06F21/125
摘要： Provided is a secure apparatus for protecting the integrity of a software system and a method thereof. The apparatus comprises: a template repository for storing templates required for generating an agent module; a template generator for randomly selecting one template from said template repository and generating a new agent module according to the selected template; and a transceiver for sending said new agent module to an external apparatus communicating with said secure apparatus to update a current agent module which is running in said external apparatus, wherein said current agent module is used to verify the integrity of said software system running in said external apparatus. The secure apparatus can protect software in an insecure environment with a high software protection level to prevent the software from being tampered or bypassed.
摘要翻译：提供一种用于保护软件系统的完整性的安全装置及其方法。该装置包括：用于存储生成代理模块所需的模板的模板存储库; 模板生成器，用于从所述模板存储库中随机选择一个模板，并根据所选模板生成新的代理模块; 以及收发器，用于将所述新代理模块发送到与所述安全装置通信的外部设备，以更新在所述外部设备中运行的当前代理模块，其中所述当前代理模块用于验证在所述外部设备中运行的所述软件系统的完整性外部设备安全设备可以在具有高软件保护级别的不安全环境中保护软件，以防止软件被篡改或绕过。

6. 发明申请

US20120311549A1 NON-INTRUSIVELY ADAPTING EXISTING PORTFOLIO OPTIMIZER FOR VALUATED DEPENDENCIES 有权
标题翻译：非侵入式适应现有组合优化者评估依据
公开(公告)号：US20120311549A1
公开(公告)日：2012-12-06
申请号：US13153030
申请日：2011-06-03
申请人： Ying Liu , Fan Jing Meng , Dharmashankar Subramanian , Clay E. Williams , Shun Xiang Yang , Xin Zhou
发明人： Ying Liu , Fan Jing Meng , Dharmashankar Subramanian , Clay E. Williams , Shun Xiang Yang , Xin Zhou
IPC分类号： G06F9/45
CPC分类号： G06Q40/06
摘要： Adapting an existing portfolio optimizer to support one or more valuated dependencies without modifying the existing portfolio optimizer, may include translating one or more original elements and associated dependencies in a portfolio to be optimized based on said one or more valuated dependencies; invoking the existing portfolio optimizer with the translated one or more original elements and associated dependencies; and translating optimization results, if said optimization results contain translated one or more original elements, into a solution characterized in terms of said one or more original elements.
摘要翻译：适应现有投资组合优化器来支持一个或多个估值依赖关系而不修改现有投资组合优化器，可以包括基于所述一个或多个估值依赖来翻译投资组合中的一个或多个原始元素和相关联的依赖关系进行优化; 使用已翻译的一个或多个原始元素和相关依赖关系调用现有的投资组合优化器; 以及如果所述优化结果包含翻译的一个或多个原始元素，则将优化结果转换成根据所述一个或多个原始元素表征的解决方案。

7. 发明申请

US20090327745A1 SECURE APPARATUS AND METHOD FOR PROTECTING INTEGRITY OF SOFTWARE SYSTEM AND SYSTEM THEREOF 失效
标题翻译：用于保护软件系统及其系统的完整性的安全设备和方法
公开(公告)号：US20090327745A1
公开(公告)日：2009-12-31
申请号：US12163797
申请日：2008-06-27
申请人： Ya Bin Dang , Da Ming Hao , Shih-Gong Li , Lin Luo , Shun Xiang Yang
发明人： Ya Bin Dang , Da Ming Hao , Shih-Gong Li , Lin Luo , Shun Xiang Yang
IPC分类号： G06F21/00 , G06F12/14
CPC分类号： G06F21/125
摘要： Provided is a secure apparatus for protecting the integrity of a software system and a method thereof. The apparatus comprises: a template repository for storing templates required for generating an agent template; a template generator for randomly selecting one template from said template repository and generating a new agent template according to the selected template; and a transceiver for sending said new agent module to an external apparatus communicating with said secure apparatus to update a current agent module which is running in said external apparatus, wherein said current agent module is used to verify the integrity of said software system running in said external apparatus. The secure apparatus can protect software in an insecure environment with a high software protection level to prevent the software from being tampered or bypassed.
摘要翻译：提供一种用于保护软件系统的完整性的安全装置及其方法。该装置包括：用于存储生成代理模板所需的模板的模板存储库; 模板生成器，用于从所述模板存储库中随机选择一个模板，并根据所选模板生成新的代理模板; 以及收发器，用于将所述新代理模块发送到与所述安全装置通信的外部设备，以更新在所述外部设备中运行的当前代理模块，其中所述当前代理模块用于验证在所述外部设备中运行的所述软件系统的完整性外部设备安全设备可以在具有高软件保护级别的不安全环境中保护软件，以防止软件被篡改或绕过。

8. 发明授权

US08832673B2 Non-intrusively adapting existing portfolio optimizer for valuated dependencies 有权
标题翻译：非侵入性地适应现有的投资组合优化器，用于评估依赖关系
公开(公告)号：US08832673B2
公开(公告)日：2014-09-09
申请号：US13153030
申请日：2011-06-03
申请人： Ying Liu , Fan Jing Meng , Dharmashankar Subramanian , Clay E. Williams , Shun Xiang Yang , Xin Zhou
发明人： Ying Liu , Fan Jing Meng , Dharmashankar Subramanian , Clay E. Williams , Shun Xiang Yang , Xin Zhou
IPC分类号： G06F9/45 , G06Q40/06
CPC分类号： G06Q40/06
摘要： Adapting an existing portfolio optimizer to support one or more valuated dependencies without modifying the existing portfolio optimizer, may include translating one or more original elements and associated dependencies in a portfolio to be optimized based on said one or more valuated dependencies; invoking the existing portfolio optimizer with the translated one or more original elements and associated dependencies; and translating optimization results, if said optimization results contain translated one or more original elements, into a solution characterized in terms of said one or more original elements.
摘要翻译：适应现有投资组合优化器来支持一个或多个估值依赖关系而不修改现有投资组合优化器，可以包括基于所述一个或多个估值依赖来翻译投资组合中的一个或多个原始元素和相关联的依赖关系进行优化; 使用已翻译的一个或多个原始元素和相关依赖关系调用现有的投资组合优化器; 以及如果所述优化结果包含翻译的一个或多个原始元素，则将优化结果转换成根据所述一个或多个原始元素表征的解决方案。

9. 发明授权

US08627442B2 Hierarchical rule development and binding for web application server firewall 有权
标题翻译： Web应用服务器防火墙的层次规则开发和绑定
公开(公告)号：US08627442B2
公开(公告)日：2014-01-07
申请号：US13114315
申请日：2011-05-24
申请人： Peng Ji , Lin Luo , Vugranam C. Sreedhar , Shun Xiang Yang , Yu Zhang
发明人： Peng Ji , Lin Luo , Vugranam C. Sreedhar , Shun Xiang Yang , Yu Zhang
IPC分类号： G06F9/00 , G06F15/16 , G06F17/00 , G06F11/00 , G06F12/14 , G06F12/16 , G08B23/00
CPC分类号： H04L63/0263 , H04L63/02 , H04L63/0245 , H04L63/105 , H04L63/1416 , H04L67/02
摘要： At least one of an HTTP request message and an HTTP response message is intercepted. A corresponding HTTP message model is identified. The HTTP message model includes a plurality of message model sections. Additional steps include parsing a representation of the at least one of an HTTP request message and an HTTP response message into message sections in accordance with the message model sections of the HTTP message model; and binding a plurality of security rules to the message model sections. The plurality of security rules each specify at least one action to be taken in response to a given condition. The given condition is based, at least in part, on a corresponding given one of the message sections. A further step includes processing the at least one of an HTTP request message and an HTTP response message in accordance with the plurality of security rules. Techniques for developing rules for a web application server firewall are also provided.
摘要翻译： HTTP请求消息和HTTP响应消息中的至少一个被拦截。识别出相应的HTTP消息模型。 HTTP消息模型包括多个消息模型部分。附加步骤包括根据HTTP消息模型的消息模型部分将HTTP请求消息和HTTP响应消息中的至少一个的表示解析成消息部分; 并将多个安全规则绑定到消息模型部分。多个安全规则每个指定响应于给定条件要采取的至少一个动作。给定条件至少部分地基于相应给定的一个消息部分。另一步骤包括根据多个安全规则处理HTTP请求消息和HTTP响应消息中的至少一个。还提供了开发Web应用服务器防火墙规则的技术。

10. 发明申请

US20120304249A1 METHOD AND APPARATUS FOR SECURITY VALIDATION 有权
标题翻译：用于安全验证的方法和装置
公开(公告)号：US20120304249A1
公开(公告)日：2012-11-29
申请号：US13512642
申请日：2010-11-05
申请人： Lin Luo , Fan Jing Meng , Shun Xiang Yang , Yu Zhang
发明人： Lin Luo , Fan Jing Meng , Shun Xiang Yang , Yu Zhang
IPC分类号： G06F21/00
CPC分类号： G06F21/00 , G06F21/554 , H04L63/0263 , H04L63/1408
摘要： A computer-implemented method, apparatus, and article of manufacture for security validation of a user input in a computer network application. The method includes: providing a subset of security rules of a server-side protection means to a pre-validation component deployed at a client side, so as to enable security validation of a user input on the client side by the pre-validation component; validating the user input based on at least one of the security rules; determining, in response to detecting a user input violation and that a violated security rule has not been provided to the pre-validation component, the user as a first class of users; determining, in response to detecting the user input violation and that the violated security rule has been provided to the pre-validation component, the user as a second class of users; and performing different security protection actions to the first and second class of users.
摘要翻译：用于计算机网络应用中的用户输入的安全验证的计算机实现的方法，装置和制品。该方法包括：将服务器侧保护装置的安全规则的子集提供给部署在客户机侧的预验证组件，以便通过预验证组件实现客户端侧的用户输入的安全验证; 基于所述安全规则中的至少一个验证所述用户输入; 确定响应于检测到用户输入违例并且未将所述违反的安全规则提供给所述预验证组件，所述用户作为第一类用户; 响应于检测到所述用户输入违例并且所述违反的安全规则已经被提供给所述预验证部件，所述用户作为第二类用户; 并对第一类和第二类用户执行不同的安全保护动作。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式