专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

71. 发明授权

US10594659B2 Method and system for secure communication with shared cloud services 有权
公开(公告)号：US10594659B2
公开(公告)日：2020-03-17
申请号：US15525486
申请日：2015-11-04
申请人： British Telecommunications Public Limited Company
发明人： Fadi El-Moussa , Ali Sajjad
IPC分类号： H04L29/06 , H04L29/08 , G06F21/60 , G06F21/53 , H04L12/46 , G06F9/455
摘要： A computer implemented method of secure communication between a virtual machine in a set of virtual machines in a virtualized computing environment and a shared software service over a network, the method comprising: establishing a network connection between the virtual machine and the software service; communicating data between the virtual machine and the software service; and establishing a tunneling virtual private network (VPN) connection for communication of encrypted network traffic between the virtual machine and the software service, access to the VPN connection being restricted so as to securely separate communication between the virtual machine and the software service from communication occurring with other virtual machines in the set, and wherein data is communicated between the virtual machine and the software service via the VPN connection.

72. 发明授权

US09778930B2 Evaluating software compliance 有权
公开(公告)号：US09778930B2
公开(公告)日：2017-10-03
申请号：US14899884
申请日：2014-06-12
申请人： BRITISH TELECOMMUNICATIONS PUBLIC LIMITED COMPANY
发明人： Theo Dimitrakos , Nektarios Georgalas , Fadi El-Moussa , Pramod Pawar , George Vafiadis
IPC分类号： G06F9/44 , G06F9/445 , G06F9/50 , G06F9/455
CPC分类号： G06F8/71 , G06F8/61 , G06F9/45533 , G06F9/5011
摘要： A software compliance assessment apparatus for determining a level of compliance of a software application in execution in a virtualized computing environment, the apparatus comprising: an identifier component operable to identify resources instantiated for execution of the application; a retriever component operable to retrieve a compliance characteristic for the application, the compliance characteristic being retrieved based on the identified resources, and the compliance characteristic having associated a compliance criterion based on a formal parameter; a selector component operable to select a software component for providing an actual parameter corresponding to the formal parameter, the actual parameter being based on data concerning at least one of the resources; an evaluator component operable to evaluate the compliance criterion using the actual parameter; and a detector component operable to detect a change to one or more of the resources, wherein the identifier component, selector component and evaluator component are operable in response to a determination by the detector component that one or more resources is changed, wherein the selector component selects the software component based on an identification of one or more data items that the software component is operable to provide.

73. 发明申请

US20150058992A1 METHOD AND SYSTEM FOR MALICIOUS CODE DETECTION 有权
标题翻译：用于恶意代码检测的方法和系统
公开(公告)号：US20150058992A1
公开(公告)日：2015-02-26
申请号：US14386932
申请日：2013-03-20
申请人： BRITISH TELECOMMUNICATIONS public limited company
发明人： Fadi El-Moussa
IPC分类号： H04L29/06
CPC分类号： H04L63/145 , H04L63/1416
摘要： Embodiments of the invention are directed towards detecting and identifying malicious code injected into other legitimate web pages. The detection is divided into two processes. The first process is to detect a malicious code string within received web page code using a set of one or more criteria. The criteria include length of the string, as well as whether the string changes between received instances, and the status of the string within the web page code, particularly whether it is encapsulated between scripting tags, or otherwise indicated as being executable. The second process is based on using a proxy that will help in extracting and scanning the decrypted code against any malicious content. In particular, the second phase acts to remove the armour and evasion features that may be built into the malicious code, so that the code may then be inspected by the existing anti-virus or other host intrusion detection system (HIDS) present on the target system. Inspection may take place by dumping the memory contents to a file and then passing the file for inspection to the existing anti-virus or other HIDS.
摘要翻译：本发明的实施例旨在检测和识别注入到其他合法网页中的恶意代码。检测分为两个过程。第一个过程是使用一组或多个标准来检测所接收的网页代码中的恶意代码字符串。标准包括字符串的长度以及字符串在接收的实例之间是否变化，以及网页代码中字符串的状态，特别是它是否被封装在脚本标签之间，或者以其他方式表示为可执行。第二个过程是基于使用一个代理来帮助提取和扫描解密的代码，以防任何恶意内容。特别地，第二阶段用于去除可能内置到恶意代码中的装甲和逃避特征，从而可以由存在于目标上的现有防病毒或其他主机入侵检测系统（HIDS）来检查代码系统。检查可能会通过将内存内容转储到文件中，然后将文件传递给现有的防病毒或其他HIDS。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式