专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

51. 发明申请

US20060130141A1 System and method of efficiently identifying and removing active malware from a computer 有权
标题翻译：从计算机有效识别和删除活动恶意软件的系统和方法
公开(公告)号：US20060130141A1
公开(公告)日：2006-06-15
申请号：US11012892
申请日：2004-12-15
申请人： Michael Kramer , Matthew Braverman , Marc Seinfeld , Jason Garms , Adrian Marinescu , George Chicioreanu , Scott Field
发明人： Michael Kramer , Matthew Braverman , Marc Seinfeld , Jason Garms , Adrian Marinescu , George Chicioreanu , Scott Field
IPC分类号： G06F12/14
CPC分类号： H04L63/1408 , G06F21/562
摘要： The present invention provides a system, method, and computer-readable medium for identifying and removing active malware from a computer. Aspects of the present invention are included in a cleaner tool that may be obtained automatically with an update service or may be downloaded manually from a Web site or similar distribution system. The cleaner tool includes a specialized scanning engine that searches a computer for active malware. Since the scanning engine only searches for active malware, the amount of data downloaded and resource requirements of the cleaner tool are less than traditional antivirus software. The scanning engine searches specific locations on a computer, such as data mapped in memory, configuration files, and file metadata for data characteristic of malware. If malware is detected, the cleaner tool removes the malware from the computer.
摘要翻译：本发明提供一种用于从计算机识别和去除活动恶意软件的系统，方法和计算机可读介质。本发明的方面包括在可以使用更新服务自动获得的清洁工具中，或者可以从网站或类似的分发系统手动下载。更清洁的工具包括专门的扫描引擎，可在计算机上搜索主动恶意软件。由于扫描引擎仅搜索活动的恶意软件，所以下载的数据量和清洁工具的资源需求比传统的防病毒软件要少。扫描引擎在计算机上搜索特定位置，例如映射到内存中的数据，配置文件和文件元数据，以便恶意软件的特征。如果检测到恶意软件，则清洁工具会从计算机中删除恶意软件。

52. 发明申请

US20060095971A1 Efficient white listing of user-modifiable files 有权
标题翻译：用户可修改文件的高效白名单
公开(公告)号：US20060095971A1
公开(公告)日：2006-05-04
申请号：US10977484
申请日：2004-10-29
申请人： Mihai Costea , Scott Field , Damodharan Ulagaratchagan
发明人： Mihai Costea , Scott Field , Damodharan Ulagaratchagan
IPC分类号： H04N7/16
CPC分类号： G06F21/56 , G06F21/562
摘要： A system and method for efficiently determining that a received file is not malware is presented. In operation, when a file is received at a computing device, an evaluation is made as to whether the file includes user-modifiable, or superficial, data areas, i.e., areas of the file that by their nature do not typically carry or embed malware. If the file includes superficial data areas, those superficial data areas are filtered out and a file signature is generated based on the remaining portions of the received file. The file can then be compared to a list of know malware to determine if the file is malware. Alternatively, the file can be compared to a list of known, trusted files to determine whether the file is trustworthy.
摘要翻译：呈现有效地确定所接收的文件不是恶意软件的系统和方法。在操作中，当在计算设备处接收到文件时，评估文件是否包括用户可修改或表面的数据区域，即文件的区域，其性质通常不携带或嵌入恶意软件。如果文件包括表面数据区域，那些表面数据区域被过滤掉，并且基于接收到的文件的剩余部分生成文件签名。然后，该文件可以与已知恶意软件的列表进行比较，以确定该文件是否是恶意软件。或者，可以将文件与已知的可信文件的列表进行比较，以确定文件是否可信。

53. 发明申请

US20050262341A1 Methods and systems for protecting information in paging operating systems 有权
标题翻译：在寻呼操作系统中保护信息的方法和系统
公开(公告)号：US20050262341A1
公开(公告)日：2005-11-24
申请号：US11190375
申请日：2005-07-26
申请人： Scott Field
发明人： Scott Field
IPC分类号： G06F12/12 , G06F12/14 , G06F21/00
CPC分类号： G06F12/14 , G06F12/126 , G06F21/6218 , G06F21/78
摘要： The inventive methods and systems provide an approach to protecting unencrypted sensitive information from being paged out to secondary storage, such as a hard disk, during paging operations. In the described embodiment, a key is provided and is maintained in the main memory of a virtual memory system. Measures are taken to protect the key such as page-locking the key in the main memory to ensure that it never gets paged out to the secondary storage. The described key is a desirably large key that is randomly generated by the operating system. When sensitive information is to be placed in the main memory, it is encrypted with the page-locked key. The encrypted sensitive information can then be paged out to secondary storage without concern about its security. When the encrypted sensitive information is needed by a process or application, it is retrieved from secondary storage and decrypted using the page-locked key. For further protection, the sensitive information can be decrypted into a page-locked page of main memory. More than one key can be used to encrypt and/or decrypt the sensitive information.
摘要翻译：本发明的方法和系统提供了一种在寻呼操作期间保护未加密的敏感信息被分页到辅助存储（例如硬盘）的方法。在所描述的实施例中，提供了一个密钥并将其维护在虚拟存储器系统的主存储器中。采取措施来保护密钥，如锁定主内存中的密钥，以确保它不会被分页到辅助存储。所描述的密钥是由操作系统随机生成的期望的大密钥。当敏感信息被放置在主存储器中时，它使用页锁密钥进行加密。然后可以将加密的敏感信息分页到二级存储，而不用担心其安全性。当进程或应用程序需要加密的敏感信息时，将从辅助存储器中检索并使用页面锁定密钥进行解密。为了进一步保护，敏感信息可以被解密为主存储器的页面锁定页面。可以使用多个密钥来加密和/或解密敏感信息。

54. 发明授权

US06532542B1 Protected storage of core data secrets 失效
标题翻译：保护存储的核心数据秘密
公开(公告)号：US06532542B1
公开(公告)日：2003-03-11
申请号：US08978215
申请日：1997-11-25
申请人： Matthew W. Thomlinson , Scott Field
发明人： Matthew W. Thomlinson , Scott Field
IPC分类号： G06F1130
CPC分类号： H04L63/0428 , G06F21/6245 , G06F2211/007 , G06F2211/008 , G06F2221/2149 , H04L63/06 , H04L63/08 , H04L63/12
摘要： The invention provides central storage for core data secrets, referred to as data items. The architecture includes a storage server, a plurality of installable storage providers, and one or more authentication providers. Programming interfaces are exposed so that application programs can utilize the services provided by the invention without having to actually implement the features. When storing a data item using the protected storage services, an application program can specify rules that determine when to allow access to the data item. Access can be limited to specified application programs, to certain classes of application programs, or to application program having certain properties. Such properties for a particular application might include, for example, the publisher of the application and/or the name of the application. These properties might also include properties specified by an authentication certificate associated with the application program.
摘要翻译：本发明为核心数据秘密提供了称为数据项的中央存储。该架构包括存储服务器，多个可安装的存储提供商以及一个或多个认证提供者。编程接口被公开，使得应用程序可以利用本发明提供的服务，而不必实际实现特征。当使用受保护的存储服务存储数据项时，应用程序可以指定确定何时允许访问数据项的规则。访问可以限于指定的应用程序，某些类的应用程序或具有某些属性的应用程序。特定应用程序的这些属性可能包括例如应用程序的发行者和/或应用程序的名称。这些属性也可能包括与应用程序相关联的认证证书指定的属性。

55. 发明授权

US06389535B1 Cryptographic protection of core data secrets 有权
标题翻译：核心数据秘密的加密保护
公开(公告)号：US06389535B1
公开(公告)日：2002-05-14
申请号：US09172718
申请日：1998-10-13
申请人： Matthew W. Thomlinson , Scott Field , Allan Cooper
发明人： Matthew W. Thomlinson , Scott Field , Allan Cooper
IPC分类号： G06F124
CPC分类号： H04L63/0428 , G06F21/6209 , G06F21/6218 , G06F2211/007 , G06F2211/008 , G06F2221/2149 , H04L63/12
摘要： Described herein is a system for protecting data from unauthorized access. The system uses a central service provider with exposed complementary interfaces: a data protect function that accepts clear data and returns an encrypted representation of the data, and a data unprotect function that accepts encrypted data and returns corresponding clear or unencrypted data. In addition, a user-readable description is optionally packaged with the encrypted data. Different encryption providers can be registered to perform actual encryption and decryption. A default encryption provider performs encryption and decryption based on a user logon secret such as a password. The default encryption provider also accepts additional entropy from calling application programs. The default encryption provider utilizes a multi-level key encryption scheme to minimize the amount of encryption that has to be re-done when the user changes a password. In addition, data recovery information is escrowed so that keys can be recovered when a user's password is changed.
摘要翻译：这里描述了一种用于保护数据免受未经授权访问的系统。该系统使用具有暴露的互补接口的中央服务提供商：数据保护功能，接受清晰的数据并返回数据的加密表示，以及接收加密数据并返回相应的清除或未加密数据的数据非保护功能。此外，用户可读描述可选地与加密数据一起打包。可以注册不同的加密提供者来执行实际的加密和解密。默认加密提供商根据用户登录密码（如密码）执行加密和解密。默认的加密提供者也接受来自调用应用程序的额外的熵。默认加密提供商利用多级密钥加密方案来最小化用户更改密码时必须重新完成的加密数量。此外，数据恢复信息被保留，以便在更改用户密码时可以恢复密钥。

56. 发明授权

US06253324B1 Server verification of requesting clients 失效
标题翻译：请求客户端的服务器验证
公开(公告)号：US06253324B1
公开(公告)日：2001-06-26
申请号：US08996637
申请日：1997-12-23
申请人： Scott Field , Matthew W. Thomlinson , Allan Cooper
发明人： Scott Field , Matthew W. Thomlinson , Allan Cooper
IPC分类号： G06F978
CPC分类号： H04L63/0428 , G06F21/6245 , G06F2211/007 , G06F2211/008 , G06F2221/2149 , H04L63/06 , H04L63/08 , H04L63/12
摘要： Described herein is a method of verifying the integrity of client programs that request services from server programs. The invention includes a step of accepting a request for services from a client program, wherein the client program executes from an executable image in executable memory. In response to such a request, the server program identifies one or more image files on secondary storage corresponding to non-writeable sections of the executable image. The server program then compares the non-writeable sections of the executable image with the corresponding sections of the image files to determine whether the executable image has been altered in the executable memory. The server program provides the requested services only if the executable image of the client program has not been altered.
摘要翻译：这里描述了一种验证从服务器程序请求服务的客户端程序的完整性的方法。本发明包括接受来自客户端程序的服务请求的步骤，其中客户端程序从可执行存储器中的可执行映像执行。响应于这样的请求，服务器程序识别与可执行映像的不可写入部分相对应的辅助存储器上的一个或多个映像文件。服务器程序然后将可执行映像的不可写入部分与图像文件的相应部分进行比较，以确定可执行映像是否在可执行存储器中被更改。仅当客户机程序的可执行映像未被更改时，服务器程序才提供所请求的服务。

57. 发明授权

US6044155A Method and system for securely archiving core data secrets 失效
标题翻译：安全归档核心数据秘密的方法和系统
公开(公告)号：US6044155A
公开(公告)日：2000-03-28
申请号：US996634
申请日：1997-12-23
申请人： Matthew W. Thomlinson , Scott Field , Allan Cooper
发明人： Matthew W. Thomlinson , Scott Field , Allan Cooper
IPC分类号： G06F12/14 , G06F1/00 , G06F21/00 , G06F21/24 , H04L29/06 , H04K1/00 , H04K9/00
CPC分类号： H04L63/0428 , G06F21/6245 , H04L63/06 , H04L63/08 , H04L63/12 , G06F2211/007 , G06F2211/008 , G06F2221/2149
摘要： The invention provides central storage for core data secrets, referred to as data items. The data items are encrypted by a client computer using a client key that is derived from a logon secret, such as a password, supplied by a user during a network logon procedure. The client key is escrowed with the participation of a network supervisory computer such as a domain controller. The client sends the client key to the domain controller. The domain controller appends a user identification corresponding to the currently authenticated user of the client computer, and encrypts the resulting combination. The encrypted combination is sent back to and stored locally by the client. To recover the client key, the encrypted combination is sent to the domain controller, which decrypts the combination to obtain the data item. However, the data item is returned to the client computer only if the decrypted user identification corresponds to the currently authenticated user of the client computer.
摘要翻译：本发明为核心数据秘密提供了称为数据项的中央存储。数据项由客户端计算机使用从用户在网络登录过程中提供的诸如密码之类的登录秘密派生的客户端密钥进行加密。客户端密钥由网络监控计算机（例如域控制器）参与托管。客户端将客户端密钥发送到域控制器。域控制器附加与客户端计算机的当前认证的用户相对应的用户标识，并加密所得到的组合。加密组合由客户端发回并存储在本地。要恢复客户端密钥，加密的组合将发送到域控制器，该控制器解密组合以获取数据项。但是，仅当解密的用户标识对应于客户端计算机的当前已认证的用户时，才将数据项返回给客户端计算机。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式