专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

71. 发明申请

US20070168311A1 Method for controlling risk in a computer security artificial neural network expert system 失效
标题翻译：在计算机安全人工神经网络专家系统中控制风险的方法
公开(公告)号：US20070168311A1
公开(公告)日：2007-07-19
申请号：US11334671
申请日：2006-01-18
申请人： Denise Genty , Shawn Mullen , Bhargavi Reddy , Jacqueline Wilson
发明人： Denise Genty , Shawn Mullen , Bhargavi Reddy , Jacqueline Wilson
IPC分类号： G06N3/02 , G06N5/04
CPC分类号： G06N5/04 , G06N3/02
摘要： A computer implemented method, data processing system, and computer program product for monitoring system events and providing real-time response to security threats. System data is collected by monitors in the computing system. The expert system of the present invention compares the data against information in a knowledge base to identify a security threat to a system resource in a form of a system event and an action for mitigating effects of the system event. A determination is made as to whether a threat risk value of the system event is greater than an action risk value of the action for mitigating the system event. If the threat risk value is greater, a determination is made as to whether a trust value set by a user is greater than the action risk value. If the trust value is greater, the expert system executes the action against the security threat.
摘要翻译：计算机实现的方法，数据处理系统和计算机程序产品，用于监控系统事件并提供对安全威胁的实时响应。系统数据由计算系统中的监视器收集。本发明的专家系统将数据与知识库中的信息进行比较，以系统事件的形式识别对系统资源的安全威胁以及减轻系统事件影响的动作。确定系统事件的威胁风险值是否大于用于减轻系统事件的动作的动作风险值。如果威胁风险值较大，则确定用户设置的信任值是否大于动作风险值。如果信任值较大，专家系统将针对安全威胁执行操作。

72. 发明申请

US20050257053A1 System and method for automatically hiding sensitive information obtainable from a process table 有权
标题翻译：自动隐藏从进程表获取的敏感信息的系统和方法
公开(公告)号：US20050257053A1
公开(公告)日：2005-11-17
申请号：US10840558
申请日：2004-05-06
申请人： Denise Genty , Shawn Mullen , James Tesauro
发明人： Denise Genty , Shawn Mullen , James Tesauro
IPC分类号： G06F21/00 , G06K1/00
CPC分类号： G06F21/31 , G06F21/6245
摘要： The present invention provides a system and method for automatically hiding sensitive information, obtainable from a process table, from other processes that should not access the sensitive information. The system and method include a sensitive command attribute table that is used by a system administrator to designate the commands and command attributes that will typically be associated with sensitive information. The sensitive command attribute table is used when a command is entered that requests information from the process table to be displayed or output. In response, a search of the process table entries is made to determine if a command and/or its attribute in the process table matches an entry in the sensitive command attribute table. If so, the command, its attributes, and/or its attribute values are blanked from the output of the process table information.
摘要翻译：本发明提供了一种系统和方法，用于从不能访问敏感信息的其他进程自动隐藏从进程表获得的敏感信息。系统和方法包括一个敏感的命令属性表，由系统管理员用于指定通常与敏感信息相关联的命令和命令属性。当输入请求来自进程表的信息以显示或输出的命令时，使用敏感命令属性表。作为响应，进行对进程表条目的搜索以确定进程表中的命令和/或其属性是否与敏感命令属性表中的条目匹配。如果是，则从进程表信息的输出中删除命令，其属性和/或其属性值。

73. 发明申请

US20050240765A1 Method and apparatus for authorizing access to grid resources 审中-公开
标题翻译：授权访问电网资源的方法和装置
公开(公告)号：US20050240765A1
公开(公告)日：2005-10-27
申请号：US10829831
申请日：2004-04-22
申请人： Denise Genty , Shawn Mullen , Ernest Segura , James Tesauro
发明人： Denise Genty , Shawn Mullen , Ernest Segura , James Tesauro
IPC分类号： H04L9/00 , H04L9/32 , H04L29/06
CPC分类号： H04L63/0823 , H04L9/3263
摘要： A method, apparatus, and computer instructions for authorizing a user to access resources on a data processing system. A request to access resources on the data processing system is received. This request includes a certificate for use in authenticating the user making the request. An authentication process is performed using the certificate. If the user is authenticated, a determination is made as to whether an authorizing agent is specified in the certificate. A mapping for the user is requested from the authorizing agent, if the authorizing agent is specified in the certificate. The user is mapped to a local user on the data processing system using the mapping, in response to receiving the mapping for the user, wherein the user accesses resources on the data processing system as the local user. If an authorizing agent is not specified, the user is denied access to the resources.
摘要翻译：一种用于授权用户访问数据处理系统上的资源的方法，装置和计算机指令。接收到在数据处理系统上访问资源的请求。该请求包括用于认证发出请求的用户的证书。使用证书执行认证过程。如果用户被认证，则确定在证书中是否指定了授权代理。如果在证书中指定了授权代理，则从授权代理请求用户的映射。响应于接收到用户的映射，使用该映射将用户映射到数据处理系统上的本地用户，其中用户以数据处理系统的身份访问本地用户的资源。如果未指定授权代理，则拒绝用户访问资源。

74. 发明申请

US20060161739A1 Write protection of subroutine return addresses 失效
标题翻译：写子保护子程序返回地址
公开(公告)号：US20060161739A1
公开(公告)日：2006-07-20
申请号：US11014111
申请日：2004-12-16
申请人： Denise Genty , Shawn Mullen , James Tesauro
发明人： Denise Genty , Shawn Mullen , James Tesauro
IPC分类号： G06F12/14
CPC分类号： G06F12/1466
摘要： Exemplary methods, systems, and products are described that operate generally by moving subroutine return address protection to the processor itself, in effect proving atomic locks for subroutine return addresses stored in a stack, subject to application control. More particularly, exemplary methods, systems, and products are described that write protect subroutine return addresses by calling a subroutine, including storing in a stack memory address a subroutine return address and locking, by a computer processor, the stack memory address against write access. Calling a subroutine may include receiving in the computer processor an instruction to lock the stack memory address. Locking the stack memory address may be carried out by storing the stack memory address in a protected memory lockword. A protected memory lockword may be implemented as a portion of a protected content addressable memory.
摘要翻译：描述了通常通过将子程序返回地址保护移动到处理器本身的示例性方法，系统和产品，实际上证明了存储在堆栈中的子程序返回地址的原子锁，在应用程序控制下。更具体地，描述了示例性方法，系统和产品，其通过调用子程序来写入保护子程序返回地址，包括在堆栈存储器地址中存储地址子程序返回地址并由计算机处理器锁定堆栈存储器地址以防写入访问。调用子程序可以包括在计算机处理器中接收锁定堆栈存储器地址的指令。锁定堆栈存储器地址可以通过将堆栈存储器地址存储在受保护的存储器锁定字中来执行。受保护的存储器锁字可以被实现为受保护内容可寻址存储器的一部分。

75. 发明申请

US20060036951A1 Method of switching internet personas based on URL 审中-公开
标题翻译：基于URL切换互联网角色的方法
公开(公告)号：US20060036951A1
公开(公告)日：2006-02-16
申请号：US10916972
申请日：2004-08-12
申请人： Neal Marion , Shawn Mullen , George Ramsay , James Tesauro
发明人： Neal Marion , Shawn Mullen , George Ramsay , James Tesauro
IPC分类号： G06F3/00
CPC分类号： H04L63/102 , G06F21/31 , G06F2221/2105 , G06F2221/2115 , H04L63/083
摘要： A method of communicating with a remote site on a network by establishing different user personas respectively associated with different remote sites on the network, each user persona containing one or more attributes used in accessing the remote sites, and then accessing a specific one of the remote sites using the attributes in a specific one of the user personas that is associated with the specific remote site. The specific remote site can be associated with the specific user persona by a universal resource locator (URL), e.g., for web sites on the Internet, and the accessing is automatically performed in response to matching of the URL of the specific remote site to the URL associated with the specific user persona. A default persona can be used for any remote site having no specifically associated user persona. The attributes in the user personas can provide various functions such as indicating whether Java programming is enabled for the specific remote site or whether “cookies” are enabled for the specific remote site. The attributes can also define a username for the specific remote site. A user persona can be established when a bookmark is created for the specific remote site.
摘要翻译：一种通过建立与网络上的不同远程站点分别相关联的不同用户角色来与网络上的远程站点通信的方法，每个用户角色包含用于访问远程站点的一个或多个属性，然后访问远程站点中的特定一个使用与特定远程站点相关联的特定用户角色中的属性的站点。特定远程站点可以通过通用资源定位器（URL）与特定用户角色相关联，例如对于因特网上的网站，并且响应于特定远程站点的URL与与特定用户角色相关联的URL。默认角色可以用于没有特定关联的用户角色的任何远程站点。用户角色中的属性可以提供各种功能，例如指示是否为特定的远程站点启用Java编程，还是为特定的远程站点启用“cookies”。属性还可以定义特定远程站点的用户名。当为特定的远程站点创建书签时，可以建立用户角色。

76. 发明申请

US20050021956A1 Method and system for a single-sign-on operation providing grid access and network access 失效
标题翻译：提供网格访问和网络访问的单点登录操作的方法和系统
公开(公告)号：US20050021956A1
公开(公告)日：2005-01-27
申请号：US10610980
申请日：2003-07-01
申请人： Denise Genty , Shawn Mullen
发明人： Denise Genty , Shawn Mullen
IPC分类号： G06F21/00 , H04L29/06 , H04L9/00
CPC分类号： H04L63/0281 , G06F21/41 , H04L63/0815 , H04L63/0823 , H04L63/12
摘要： A user device initiates a network access authentication operation via a network access device with a network access authentication server, e.g., a Remote Authentication Dial-In User Service (RADIUS) server, which also generates an X.509 proxy certificate and includes the proxy certificate with the information, such as a set of network access parameters, that is returned to the user device in response to a successful completion of the network access authentication operation. The user device extracts and stores the proxy certificate. The network access parameters are used by the user device to communicate via the network access device on a network, which supports a grid. When the user device accesses a resource in the grid, the proxy certificate is already available, thereby obviating the need to generate a new proxy certificate and allowing a user of the user device to experience an integrated single-sign-on for network access and grid access.
摘要翻译：用户设备通过具有网络接入认证服务器（例如远程认证拨入用户服务（RADIUS））的网络接入设备发起网络接入认证操作，远程认证拨入用户服务（RADIUS）服务器也生成X.509代理证书，并且包括代理证书具有响应于成功完成网络访问认证操作而返回给用户设备的信息，诸如一组网络访问参数。用户设备提取并存储代理证书。用户设备使用网络接入参数，通过支持网格的网络上的网络接入设备进行通信。当用户设备访问网格中的资源时，代理证书已经可用，从而不需要生成新的代理证书，并允许用户设备的用户体验用于网络访问和网格的集成单点登录访问。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式