专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

41. 发明申请

US20090007219A1 Determining a merged security policy for a computer system 有权
标题翻译：确定计算机系统的合并安全策略
公开(公告)号：US20090007219A1
公开(公告)日：2009-01-01
申请号：US11823837
申请日：2007-06-28
申请人： David Abzarian , Gerardo Diaz Cuellar , Mark Vayman , Eran Yariv
发明人： David Abzarian , Gerardo Diaz Cuellar , Mark Vayman , Eran Yariv
IPC分类号： G06F17/00
CPC分类号： H04L63/20 , G06F21/577 , H04L63/0263
摘要： Embodiments of the invention described herein are directed to a mechanism for determining whether at least one operation will be effective in view of at least one security policy. In exemplary implementations, determining whether at least one operation will be effective in view of at least one security policy may comprise determining a merged security policy for a computer system by merging security policies for the computer system from two or more sources. The security policies may be security policies set by a user and/or an administrator of the computer system, may be security policies of a computer network to which the computer system is connected, or may be security policies of one or more other computer systems that are above the computer system in a computer network hierarchy.
摘要翻译：本文描述的本发明的实施例涉及用于根据至少一个安全策略来确定至少一个操作是否有效的机制。在示例性实现中，鉴于至少一个安全策略确定至少一个操作是否有效可以包括通过从两个或更多个源合并计算机系统的安全策略来确定计算机系统的合并安全策略。安全策略可以是由用户和/或计算机系统的管理员设置的安全策略，可以是计算机系统连接到的计算机网络的安全策略，或者可以是一个或多个其他计算机系统的安全策略，在计算机网络层次结构中的计算机系统之上。

42. 发明授权

US08930655B2 Transient storage device configuration silo 有权
标题翻译：瞬态存储设备配置仓
公开(公告)号：US08930655B2
公开(公告)日：2015-01-06
申请号：US12356055
申请日：2009-01-19
申请人： David Abzarian , Harish S. Kulkarni , Todd Carpenter
发明人： David Abzarian , Harish S. Kulkarni , Todd Carpenter
IPC分类号： G06F12/14 , G06F21/78 , G06F21/31
CPC分类号： G06F3/0622 , G06F3/0637 , G06F3/0673 , G06F21/31 , G06F21/78 , G06F2221/2129
摘要： A device configuration silo is arranged to be accessed as an IEEE 1667-compatible silo which exposes interfaces to a host application to make changes to the presence of one or more other silos, as well as make changes to silo configurations on a per-silo basis for data and method sharing among silos across the ACTs on a storage device such as a transient storage device. The interfaces exposed by the device configuration silo are arranged to enable an authenticated provisioner, like administrator in a corporate network environment, to perform configuration changes to silos after the storage device is released into the field through a secure provisioning mechanism. In addition, users may make configuration changes to silos at runtime in some usage scenarios, for example to enable discrete portions of functionality on a storage device, by using a secure secondary authentication mechanism that is exposed by the device configuration silo.
摘要翻译：设备配置仓被布置为作为IEEE 1667兼容筒仓进行访问，其暴露到主机应用的接口以改变一个或多个其他仓库的存在，以及在基于每个仓的基础上对仓仓配置进行改变用于跨存储设备（如瞬态存储设备）上的ACT之间的数据和方法共享。被设备配置筒仓暴露的接口被布置成使经认证的提供者（例如企业网络环境中的管理员）能够通过安全供应机制将存储设备释放到现场之后对孤岛进行配置更改。此外，用户可以在某些使用情况下在运行时对配置进行更改，例如通过使用由设备配置筒仓公开的安全辅助认证机制来实现存储设备上的功能的分立部分。

43. 发明授权

US08806220B2 Device side host integrity validation 有权
标题翻译：设备端主机完整性验证
公开(公告)号：US08806220B2
公开(公告)日：2014-08-12
申请号：US12349516
申请日：2009-01-07
申请人： David Abzarian , Todd L. Carpenter , Harish S. Kulkarni , Salahuddin J. Khan
发明人： David Abzarian , Todd L. Carpenter , Harish S. Kulkarni , Salahuddin J. Khan
IPC分类号： G06F11/30 , G06F21/00
CPC分类号： G06F12/1416 , G06F21/57 , G06F2212/1052 , G06F2221/2101
摘要： Described is a technology by which a transient storage device or secure execution environment-based (e.g., including an embedded processor) device validates a host computer system. The device compares hashes of host system data against valid hashes maintained in protected storage of the device. The host data may be a file, data block, and/or memory contents. The device takes action when the host system data does not match the information in protected storage, such as to log information about the mismatch and/or provide an indication of validation failure, e.g., via an LED and/or display screen output. Further, the comparison may be part of a boot process validation, and the action may prevent the boot process from continuing, or replace an invalid file. Alternatively, the validation may take place at anytime.
摘要翻译：描述了一种瞬态存储设备或基于安全执行环境（例如，包括嵌入式处理器）设备验证主计算机系统的技术。该设备将主机系统数据的哈希值与在设备的受保护存储中维护的有效散列进行比较。主机数据可以是文件，数据块和/或存储器内容。当主机系统数据与受保护存储器中的信息不匹配时，该装置采取行动，例如记录关于不匹配的信息和/或提供验证失败的指示，例如经由LED和/或显示屏幕输出。此外，比较可以是引导过程验证的一部分，并且该操作可以阻止引导过程继续或替换无效文件。或者，验证可以在任何时间进行。

44. 发明授权

US08776208B2 Incorporating network connection security levels into firewall rules 有权
标题翻译：将网络连接安全级别纳入防火墙规则
公开(公告)号：US08776208B2
公开(公告)日：2014-07-08
申请号：US13427436
申请日：2012-03-22
申请人： Eran Yariv , Gerardo Diaz-Cuellar , David Abzarian
发明人： Eran Yariv , Gerardo Diaz-Cuellar , David Abzarian
IPC分类号： H04L29/06
CPC分类号： H04L63/0227 , H04L63/126
摘要： Embodiments of the present invention are directed to establishing and/or implementing firewall rules that may employ parameters based on connection security levels for a connection between devices. A firewall may thus provide greater granularity of security and integrate more closely with other security methods to provide better overall security with fewer conflicts.
摘要翻译：本发明的实施例涉及建立和/或实施防火墙规则，其可以基于用于设备之间的连接的连接安全级别来采用参数。因此，防火墙可以提供更大的安全性粒度，并与其他安全方法更紧密地集成，以更少的冲突提供更好的整体安全性。

45. 发明授权

US08712598B2 Adaptive flow for thermal cooling of devices 有权
标题翻译：设备热冷自适应流
公开(公告)号：US08712598B2
公开(公告)日：2014-04-29
申请号：US13006797
申请日：2011-01-14
申请人： Rajesh Manohar Dighde , Bernie Schultz , David Abzarian
发明人： Rajesh Manohar Dighde , Bernie Schultz , David Abzarian
IPC分类号： G05D23/00 , H05K7/20 , G06F1/20 , H01L23/473
CPC分类号： G06F1/206 , H01L23/473 , H01L2924/0002 , H04M1/72563 , H01L2924/00
摘要： A method for cooling an electronic device having first and second flow paths for transmitting a coolant. The method includes assessing a merit of impelling the coolant along the first flow path relative to impelling the coolant along the second flow path. When the relative merit is above a threshold, coolant is impelled along the first flow path. When the relative merit is below the threshold, coolant is impelled along the second flow path.
摘要翻译：一种用于冷却具有用于传输冷却剂的第一和第二流动路径的电子设备的方法。该方法包括评估沿着第一流动路径推动冷却剂相对于沿着第二流动路径推动冷却剂的优点。当相对优点高于阈值时，沿着第一流动路径推动冷却剂。当相对优点低于阈值时，沿着第二流动路径推动冷却剂。

46. 发明授权

US08676714B2 Hardware specific product license validation 有权
标题翻译：硬件具体产品许可证验证
公开(公告)号：US08676714B2
公开(公告)日：2014-03-18
申请号：US12482946
申请日：2009-06-11
申请人： David Abzarian , Todd L Carpenter
发明人： David Abzarian , Todd L Carpenter
IPC分类号： G06F21/00
CPC分类号： G06F21/10
摘要： Server-side validation of hardware specific software product licenses is described herein.
摘要翻译：本文描述了硬件特定软件产品许可证的服务器端验证。

47. 发明授权

US08584227B2 Firewall with policy hints 有权
标题翻译：具有策略提示的防火墙
公开(公告)号：US08584227B2
公开(公告)日：2013-11-12
申请号：US11801211
申请日：2007-05-09
申请人： David Abzarian , Gerardo Diaz Cuellar , Satheesh S. Dabbiru
发明人： David Abzarian , Gerardo Diaz Cuellar , Satheesh S. Dabbiru
IPC分类号： H04L29/06
CPC分类号： H04L63/20
摘要： A firewall helps a user make a decision regarding network access for an application executing on a computing device by providing “hints” to the user about an appropriate network access policy. If at least one previously set firewall policy for the application exists in a context different from a current context, the user may be presented with information based on a previously set firewall policy. The information may be prioritized based on a source of the previously set firewall policy and other factors, to provide the user with a hint that facilitates making the decision appropriate in the current context. A programming interface to the firewall allows third party applications to specify a format in which hints are provided to the user.
摘要翻译：防火墙通过向用户提供关于适当的网络访问策略的“提示”，帮助用户做出关于在计算设备上执行的应用的网络访问的决定。如果在与当前上下文不同的上下文中存在用于应用的至少一个先前设置的防火墙策略，则可以基于先前设置的防火墙策略来呈现用户的信息。可以基于先前设置的防火墙策略的来源和其他因素对信息进行优先级，以向用户提供有助于使决策在当前上下文中适当的提示。防火墙的编程接口允许第三方应用程序指定向用户提供提示的格式。

48. 发明授权

US08443433B2 Determining a merged security policy for a computer system 有权
公开(公告)号：US08443433B2
公开(公告)日：2013-05-14
申请号：US11823837
申请日：2007-06-28
申请人： David Abzarian , Gerardo Diaz Cuellar , Mark Vayman , Eran Yariv
发明人： David Abzarian , Gerardo Diaz Cuellar , Mark Vayman , Eran Yariv
IPC分类号： H04L29/06
CPC分类号： H04L63/20 , G06F21/577 , H04L63/0263
摘要： Embodiments of the invention described herein are directed to a mechanism for determining whether at least one operation will be effective in view of at least one security policy. In exemplary implementations, determining whether at least one operation will be effective in view of at least one security policy may comprise determining a merged security policy for a computer system by merging security policies for the computer system from two or more sources. The security policies may be security policies set by a user and/or an administrator of the computer system, may be security policies of a computer network to which the computer system is connected, or may be security policies of one or more other computer systems that are above the computer system in a computer network hierarchy.

49. 发明授权

US08370919B2 Host firewall integration with edge traversal technology 有权
公开(公告)号：US08370919B2
公开(公告)日：2013-02-05
申请号：US11821839
申请日：2007-06-26
申请人： David Abzarian , Michael R. Surkan , Salahuddin C. J. Khan , Amit A. Sehgal , Eran Yariv , Emanuel Paleologu , Gerardo Diaz Cuellar
发明人： David Abzarian , Michael R. Surkan , Salahuddin C. J. Khan , Amit A. Sehgal , Eran Yariv , Emanuel Paleologu , Gerardo Diaz Cuellar
IPC分类号： H04L29/06
CPC分类号： H04L63/029
摘要： A host firewall can determine and consider whether unsolicited traffic is inbound from beyond the edge of the network and allow or block such traffic based at least in part upon this characteristic. In one implementation, an edge traversal parameter can be set on a host firewall rule, which typically includes other parameters such as port, protocol, etc. If the unsolicited traffic received via an edge traversal interface matches a host firewall rule that has the edge traversal criterion, then the firewall does not block the traffic. On the other hand, if the unsolicited traffic received via an edge traversal interface fails to satisfy the edge traversal criterion on any firewall rule, then the firewall blocks the traffic.

50. 发明授权

US08209501B2 Capturing and loading operating system states 有权
标题翻译：捕获和加载操作系统状态
公开(公告)号：US08209501B2
公开(公告)日：2012-06-26
申请号：US12435737
申请日：2009-05-05
申请人： David Abzarian , Todd L. Carpenter , Harish S. Kulkarni
发明人： David Abzarian , Todd L. Carpenter , Harish S. Kulkarni
IPC分类号： G06F13/00
CPC分类号： G06F17/3007 , G06F9/4418
摘要： Operating system states capture and loading technique embodiments are presented that involve the capture and loading of baseline system states. This is accomplished, in one embodiment, by storing the states of a computer's operating system memory that it is desired to restore at a future time. No changes are permitted to the persisted storage associated with the computer. Instead, changes that would have been made to the persisted storage during an ensuing computing session, had they not been prevented, are stored in a separate computing session file. Whenever it is desired to return the operating system to its baseline condition, the stored baseline system memory states are loaded into the operating system memory, in lieu of the operating system memory's current states.
摘要翻译：提出了涉及捕获和加载基线系统状态的操作系统状态捕获和加载技术实施例。这在一个实施例中通过存储希望在将来的时间恢复的计算机的操作系统存储器的状态来实现。与计算机相关联的持久存储器不允许更改。相反，如果没有阻止在随后的计算会话期间对持久存储进行的更改将被存储在单独的计算会话文件中。无论何时需要将操作系统恢复到其基准状态，存储的基线系统存储器状态将被加载到操作系统存储器中，以代替操作系统存储器的当前状态。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式