专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

31. 发明授权

US08667594B1 Securing file trust with file format conversions 有权
标题翻译：使用文件格式转换保护文件信任
公开(公告)号：US08667594B1
公开(公告)日：2014-03-04
申请号：US13419356
申请日：2012-03-13
申请人： Gaurav Banga , Rahul Kashyap , Andrew Southgate
发明人： Gaurav Banga , Rahul Kashyap , Andrew Southgate
IPC分类号： G06F21/00
CPC分类号： G06F21/568 , G06F21/56
摘要： Approaches for ensuring a digital file does not contain malicious code. A digital file in an original format may or may not contain malicious code. An intermediate copy of the digital file in an intermediate format is created from the digital file in the original format. The intermediate format preserves a visual or audio presentation of the digital file without supporting metadata or file format data structures of the original format. A sterilized copy of the digital file is created from the intermediate copy. The sterilized copy is in the original format. The sterilized copy comprises a digital signature indicating that the sterilized copy has been converted from the intermediate format to the original format. Advantageously, the sterilized copy is guaranteed to not possess any malicious code.
摘要翻译：确保数字文件的方法不包含恶意代码。原始格式的数字文件可能包含或不包含恶意代码。以原始格式从数字文件创建中间格式的数字文件的中间拷贝。中间格式保留数字文件的视觉或音频呈现，而不支持原始格式的元数据或文件格式数据结构。从中间拷贝创建数字文件的无菌拷贝。灭菌副本是原始格式。灭菌副本包括指示灭菌副本已经从中间格式转换为原始格式的数字签名。有利地，保证无菌拷贝不具有任何恶意代码。

32. 发明授权

US08332953B2 Receiving policy data from a server to address theft and unauthorized access of a client 有权
标题翻译：从服务器接收策略数据，以解决客户端的窃取和未经授权的访问
公开(公告)号：US08332953B2
公开(公告)日：2012-12-11
申请号：US12538040
申请日：2009-08-07
申请人： Jacques Lemieux , Anahit Tarkhanyan , Ravi Gupta , Gaurav Banga
发明人： Jacques Lemieux , Anahit Tarkhanyan , Ravi Gupta , Gaurav Banga
IPC分类号： G06F7/04
CPC分类号： G06F21/57 , G06F21/88
摘要： Techniques for securing a client. When a client, such as a portable computer, undergoes a change in operational state, an operating system agent sends a state message to a server. The state message describes the change in the operational state of the client. The operating system agent is one or more software modules that execute in an operating system of the client. The client receives a policy message from the server. The policy message contains policy data, which a BIOS agent stores in the BIOS of the client. The policy data identifies one or more security policies which the client should follow.
摘要翻译：确保客户端的技术。当诸如便携式计算机的客户端经历操作状态的改变时，操作系统代理向服务器发送状态消息。状态消息描述客户端操作状态的变化。操作系统代理是在客户机的操作系统中执行的一个或多个软件模块。客户端从服务器收到策略消息。策略消息包含一个BIOS代理存储在客户端的BIOS中的策略数据。策略数据标识客户端应遵循的一个或多个安全策略。

33. 发明申请

US20110296412A1 APPROACHES FOR SECURING AN INTERNET ENDPOINT USING FINE-GRAINED OPERATING SYSTEM VIRTUALIZATION 有权
标题翻译：使用精细操作系统虚拟化来保护互联网端点的方法
公开(公告)号：US20110296412A1
公开(公告)日：2011-12-01
申请号：US13115354
申请日：2011-05-25
申请人： Gaurav Banga , Ian Pratt , Kiran Bondalapati , Vikram Kapoor
发明人： Gaurav Banga , Ian Pratt , Kiran Bondalapati , Vikram Kapoor
IPC分类号： G06F9/455
CPC分类号： G06F9/5077 , G06F9/45545 , G06F9/5027 , G06F2009/45562 , G06F2009/45587 , G06F2209/5018
摘要： Approaches for executing untrusted software on a client without compromising the client using micro-virtualization to execute untrusted software in isolated contexts. A template for instantiating a virtual machine on a client is identified in response to receiving a request to execute an application. After the template is identified, without human intervention, a virtual machine is instantiated, using the template, in which the application is to be executed. The template may be selected from a plurality of templates based on the nature of the request, as each template describe characteristics of a virtual machine suitable for a different type of activity. Selected resources such as files are displayed to the virtual machines according to user and organization policies and controls. When the client determines that the application has ceased to execute, the client ceases execution of the virtual machine without human intervention.
摘要翻译：在客户端上执行不受信任的软件的方法，而不会在使用微型虚拟化的情况下使用独立的上下文来执行不受信任的软件。响应于接收到执行应用的请求，识别用于在客户机上实例化虚拟机的模板。在模板被识别之后，没有人为干预，就会使用要在其中执行应用程序的模板来实例化一个虚拟机。可以基于请求的性质从多个模板中选择模板，因为每个模板描述适合于不同类型活动的虚拟机的特征。所选资源（如文件）将根据用户和组织策略和控件显示给虚拟机。当客户端确定应用程序已停止执行时，客户端将在不进行人为干预的情况下停止执行虚拟机。

34. 发明申请

US20100174820A1 Network connection manager 有权
标题翻译：网络连接管理器
公开(公告)号：US20100174820A1
公开(公告)日：2010-07-08
申请号：US12322670
申请日：2009-02-04
申请人： Gaurav Banga , Giridhar Pemmasani , Vishwanathan Rajendran
发明人： Gaurav Banga , Giridhar Pemmasani , Vishwanathan Rajendran
IPC分类号： G06F15/16
CPC分类号： G06F13/385 , H04L43/0811 , H04L67/18 , H04L67/303 , H04W4/02
摘要： Methods, systems, apparatuses and program products are disclosed for managing connections to telecommunications networks, especially networks that deploy Internet Protocols and the like.Provision is made for colligating a connectivity ruleset, interconverting status data to form a dataset of candidate communication links, and supplicating a network connection. Also for forming physical location profiles and selecting a network on that basis and upon a basis of a present physical location of the respective computer.
摘要翻译：公开了用于管理与电信网络的连接的方法，系统，装置和程序产品，特别是部署因特网协议的网络等。规定了对连接规则集进行调整，将状态数据相互转换以形成候选通信链路的数据集，并提出网络连接。还用于在此基础上并且基于相应计算机的当前物理位置来形成物理位置简档和选择网络。

35. 发明授权

US07647461B2 Method and apparatus for allocating resources among virtual filers on a filer 有权
标题翻译：在文件管理器上的虚拟文件管理器之间分配资源的方法和装置
公开(公告)号：US07647461B2
公开(公告)日：2010-01-12
申请号：US10408399
申请日：2003-04-07
申请人： Mark Muhlestein , Gaurav Banga
发明人： Mark Muhlestein , Gaurav Banga
IPC分类号： G06F12/16
CPC分类号： H04L63/10 , H04L63/0807 , H04L63/104 , H04L67/10 , H04L69/329
摘要： An architecture provides the ability to create and maintain multiple instances of virtual servers, such as virtual filers (vfilers), within a server, such as a filer. A vfiler is a logical partitioning of network and storage resources of the filer platform to establish an instance of a multi-protocol server. Each vfiler is allocated a subset of dedicated units of storage resources, such as volumes or logical sub-volumes (qtrees), and one or more network address resources. Each vfiler is also allowed shared access to a file system resource of a storage operating system. To ensure controlled access to the allocated and shared resources, each vfiler is further assigned its own security domain for each access protocol. A vfiler boundary check is performed by the file system to verify that a current vfiler is allowed to access certain storage resources for a requested file stored on the filer platform.
摘要翻译：架构提供了在服务器（如文件管理器）中创建和维护虚拟服务器（如虚拟文件管理器（vfilers））的多个实例的功能。 vfiler是文件管理平台的网络和存储资源的逻辑分区，以建立多协议服务器的实例。每个vfiler都分配了一组存储资源的专用单元，例如卷或逻辑子卷（qtree）以及一个或多个网络地址资源。每个vfiler还允许共享访问存储操作系统的文件系统资源。为了确保对已分配和共享资源的受控访问，每个vfiler还为每个访问协议分配了自己的安全域。文件系统执行vfiler边界检查，以验证当前的vfiler是否允许访问存储在文件管理平台上的请求文件的某些存储资源。

36. 发明申请

US20070038887A1 Remote disaster recovery and data migration using virtual appliance migration 有权
标题翻译：使用虚拟设备迁移的远程灾难恢复和数据迁移
公开(公告)号：US20070038887A1
公开(公告)日：2007-02-15
申请号：US11581712
申请日：2006-10-16
申请人： Wesley Witte , Mark Muhlestein , Gaurav Banga
发明人： Wesley Witte , Mark Muhlestein , Gaurav Banga
IPC分类号： G06F11/00
CPC分类号： G06F11/1435 , G06F11/1451 , G06F11/203 , G06F11/2097 , G06F2201/84
摘要： A technique efficiently creates and serves a backup data set on a backup filer located at a remote site from a primary filer by essentially moving an entire operating environment of a primary data set to the backup filer. The primary filer is organized into one or more virtual filers (vfilers), one of which (the primary vfiler) is configured to serve data, such as the primary data set, for a client. In the event that the primary filer or primary vfiler becomes unavailable, the technique may be implemented as a disaster recovery or data migration sequence to enable efficient instantiation of a backup vfiler to serve the backup data set for the client.
摘要翻译：通过将主数据集的整个操作环境基本上移动到备份文件管理器，技术有效地通过主文件管理器在位于远程站点的备份文件管理器上创建并提供备份数据集。主文件管理器被组织成一个或多个虚拟文件管理器（vfilers），其中一个（主vfiler）被配置为为客户端提供诸如主数据集的数据。如果主文件管理器或主vfiler不可用，则该技术可以实现为灾难恢复或数据迁移序列，以实现备份vfiler的有效实例化，以便为客户端提供备份数据集。

37. 发明授权

US06938086B1 Auto-detection of duplex mismatch on an ethernet 有权
标题翻译：在以太网上自动检测双工不匹配
公开(公告)号：US06938086B1
公开(公告)日：2005-08-30
申请号：US09578218
申请日：2000-05-23
申请人： Gaurav Banga
发明人： Gaurav Banga
IPC分类号： H04L5/14 , H04L5/16 , H04L12/413 , H04L27/26 , H04L29/06
CPC分类号： H04L5/1438 , H04L5/16 , H04L69/18
摘要： A method and system for auto-detection of communication mismatch, such as in a networking environment. A device using a communication protocol uses a technique for protocol augmentation to determine sufficient information about whether there is a protocol parameter mismatch, and to determine how to adjust its protocol parameters so that the parameter mismatch is obviated. In a preferred embodiment, the protocol includes an Ethernet protocol, and the mismatch includes information about whether devices at ends of a communication link are using half-duplex or full-duplex settings. A first device using the Ethernet generates messages that force a set of second devices using the same Ethernet to generate responsive messages to send to the first device; the first device determines, by examining features of the responsive messages from the second devices, what protocol settings the second devices are using.
摘要翻译：用于自动检测通信不匹配的方法和系统，例如在网络环境中。使用通信协议的设备使用用于协议增强的技术来确定关于是否存在协议参数不匹配的足够信息，并且确定如何调整其协议参数以避免参数不匹配。在优选实施例中，协议包括以太网协议，并且不匹配包括关于通信链路末端的设备是否使用半双工或全双工设置的信息。使用以太网的第一个设备生成消息，强制使用相同的以太网的第二设备的一组来生成响应消息以发送到第一设备; 第一设备通过检查来自第二设备的响应消息的特征来确定第二设备使用什么协议设置。

38. 发明授权

US06894976B1 Prevention and detection of IP identification wraparound errors 有权
标题翻译：预防和检测IP识别环绕错误
公开(公告)号：US06894976B1
公开(公告)日：2005-05-17
申请号：US09595599
申请日：2000-06-15
申请人： Gaurav Banga , Henk J. Bots , Mark Smith
发明人： Gaurav Banga , Henk J. Bots , Mark Smith
IPC分类号： H04L12/26 , H04L29/06
CPC分类号： H04L69/16 , H04L69/166
摘要： A method of generating IP identification numbers for IP datagrams. A plurality of IP identification number generators are maintained. A plurality of receiving stations are associated with the plurality of IP identification number generators such that each receiving station has an IP identification number generator associated therewith. An IP identification number is generated for a datagram sent to a receiving station based on an output of the associated IP identification number generator. Also, a method of reducing a likelihood of misassembly of received data fragments from fragmented IP datagrams. The data fragments have an IP identification number. All received data fragments of the datagram are discarded upon detection of receipt of an overlapping data fragment having the IP identification number. Timeouts for reassembling datagrams are reduced. First, timeouts for reassembling the datagrams are reduced to less than a standard timeout. Second, timeouts are reduced upon detection of a gap in the received data fragments. Third, timeouts are reduced upon detection of a datagram having the same protocol identification number and source address, but having a different IP identification number. Furthermore, a method of detecting a likelihood of misassembly of data fragments from fragmented IP datagrams. Communication errors between a sending station and a receiving station are detected. A rate is determined at which an IP identification number generator associated with the receiving station wraps around. NFS re-transmissions are determined. Based on one or more of these, a likelihood of misassembly at the receiving station is determined to be high.
摘要翻译：一种生成IP数据报IP标识号的方法。维护多个IP识别码发生器。多个接收站与多个IP识别码发生器相关联，使得每个接收站具有与之相关联的IP识别码发生器。基于相关联的IP标识号生成器的输出，为发送到接收站的数据报生成IP标识号。而且，一种减少从分段的IP数据报中收到的数据片段的错误组合的可能性的方法。数据片段具有IP标识号。在检测到具有IP识别号码的重叠数据片段的接收时，数据报的所有接收到的数据片段被丢弃。重新组装数据报的超时减少了。首先，重新组装数据报的超时被减少到小于标准超时。第二，在检测到接收到的数据片段中的间隙时，超时被减少。第三，在检测到具有相同协议标识号和源地址但具有不同IP标识号的数据报时，超时减少。此外，还提供了检测来自分段IP数据报的数据片段的错误组合的可能性的方法。检测发送站和接收站之间的通信错误。确定与接收站相关联的IP识别码发生器的速率卷绕在一起的速率。确定NFS重传。基于这些中的一个或多个，在接收站处的错误组装的可能性被确定为高。

39. 发明授权

US06772375B1 Auto-detection of limiting factors in a TCP connection 有权
标题翻译：在TCP连接中自动检测限制因素
公开(公告)号：US06772375B1
公开(公告)日：2004-08-03
申请号：US09748070
申请日：2000-12-22
申请人： Gaurav Banga
发明人： Gaurav Banga
IPC分类号： G06F1100
CPC分类号： H04L69/16 , H04L43/0841 , H04L43/0864 , H04L43/106 , H04L69/163
摘要： This invention comprises auto-diagnosis logic that can be implemented in operating systems in an appliance-like auto-diagnosis module coupled to the TCP receiver, the TCP sender or both. TCP events are sampled and a set of statistics on these events is maintained. Receiver side TCP diagnostic techniques include detecting sender's re-transmission timeouts, evaluating the average size of packets being received, determining if a receiver is a bottleneck, and performing other evaluations of an incoming data stream. Sender side diagnostic techniques include flagging transmission timeouts, monitoring the average size of a transmitted packet, evaluating if the advertised window accounts for the delay-bandwidth product of the network connecting the receiver and the sender systems, performing bottleneck checks, and other evaluations of an outgoing data stream. The results are aggregated using system attributes. Systems with common problem areas and attributes are grouped together. The TCP auto-diagnosis logic can be performed on-line or off-line.
摘要翻译：本发明包括可以在耦合到TCP接收器，TCP发送器或两者的类似设备的自动诊断模块中的操作系统中实现的自动诊断逻辑。对TCP事件进行采样，并维护一组关于这些事件的统计信息。接收端TCP诊断技术包括检测发送者的重发超时，评估正在接收的分组的平均大小，确定接收机是否是瓶颈，以及对输入数据流进行其他评估。发送方诊断技术包括标记传输超时，监视传输分组的平均大小，评估所通告的窗口是否考虑了连接接收机和发送方系统的网络的延迟带宽乘积，执行瓶颈检查和其他评估传出数据流。使用系统属性聚合结果。具有共同问题领域和属性的系统分组在一起。 TCP自动诊断逻辑可以在线还是离线执行。

40. 发明授权

US10095662B1 Synchronizing resources of a virtualized browser 有权
公开(公告)号：US10095662B1
公开(公告)日：2018-10-09
申请号：US13526409
申请日：2012-06-18
申请人： Kiran Bondalapati , Vikram Kapoor , Prakash Buddhiraja , Gaurav Banga , Ian Pratt
发明人： Kiran Bondalapati , Vikram Kapoor , Prakash Buddhiraja , Gaurav Banga , Ian Pratt
IPC分类号： G06F17/21
摘要： Approaches for synchronizing resources of a virtualized web browser. When a virtualized web browser is instructed to display a web page, a host module executing within a host operating instructs retrieves, from each of one or more virtual machines, contents for a portion of the web page. The virtualized web browser assembles the contents and displays the web page. A web browser executing in the host operating system may, but need not, retrieve any of the content displayed thereby. Instead, the content retrieved by the web browser executing in the host operating system may be retrieved by and rendered within a virtual machine. The behavior of the virtualized web browser may be configured using policy data.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式