专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

71. 发明申请

US20110246633A1 PROXY DETECTION BY SERVICE PROCESSOR 有权
标题翻译：服务处理器的代理检测
公开(公告)号：US20110246633A1
公开(公告)日：2011-10-06
申请号：US12753427
申请日：2010-04-02
申请人： Hormuzd Khosravi , Dominic Fulginiti , Avigdor Eldar , Michael Navon
发明人： Hormuzd Khosravi , Dominic Fulginiti , Avigdor Eldar , Michael Navon
IPC分类号： G06F15/173
CPC分类号： H04L67/2819 , H04L67/28 , H04L69/14
摘要： Embodiments provide methods, apparatus, and systems that enable an embedded processor to detect and configure one or more network access settings. The network access settings may enable the embedded processor to communicate over a network, via out-of-band messages, with a management server or service. Other embodiments may be disclosed or claimed.
摘要翻译：实施例提供使得嵌入式处理器能够检测和配置一个或多个网络访问设置的方法，装置和系统。网络访问设置可以使嵌入式处理器能够通过带外消息通过网络与管理服务器或服务进行通信。可以公开或要求保护其他实施例。

72. 发明授权

US07921453B2 Authenticated distributed detection and inference 有权
标题翻译：认证分布式检测和推理
公开(公告)号：US07921453B2
公开(公告)日：2011-04-05
申请号：US11615748
申请日：2006-12-22
申请人： John Mark Agosta , Hormuzd Khosravi
发明人： John Mark Agosta , Hormuzd Khosravi
IPC分类号： G06F15/16 , H04L29/06 , G08B23/00
CPC分类号： H04L63/08 , H04L63/145
摘要： Embodiments of the present invention provide apparatuses, methods, and systems for authenticated distributed detection and inference. In various embodiments, an apparatus comprises an interface configured to communicatively couple a node hosting the apparatus to a network, and a distributed detection and inference (DDI) agent coupled to the interface and configured to receive, via the interface, DDI collaboration parameters from an authentication node is disclosed. Other embodiments may be described and claimed.
摘要翻译：本发明的实施例提供用于认证的分布式检测和推理的装置，方法和系统。在各种实施例中，一种装置包括被配置为将主机装置的节点通信地耦合到网络的接口，以及耦合到该接口的分布式检测和推理（DDI）代理，并且经配置以经由该接口从该接口接收DDI协作参数认证节点被公开。可以描述和要求保护其他实施例。

73. 发明申请

US20090070467A1 Enabling access to remote entities in access controlled networks 有权
标题翻译：启用访问受控网络中的远程实体
公开(公告)号：US20090070467A1
公开(公告)日：2009-03-12
申请号：US11899991
申请日：2007-09-07
申请人： Hormuzd Khosravi , Venkat R. Gokulrangan , Tal Shustak , Avigdor Eldar
发明人： Hormuzd Khosravi , Venkat R. Gokulrangan , Tal Shustak , Avigdor Eldar
IPC分类号： G06F15/173
CPC分类号： H04L63/10 , G06F21/305 , H04L63/162
摘要： In network access control networks, it may be difficult to provide certain remote accesses such as remote boot or remote storage access. An available network connection established through chipset firmware (e.g. active management technology (AMT)) may be utilized to establish a connection and to enable the remote access. Then as soon the completion of the activity is detected, such as remote booting, then the connection may be immediately terminated to prevent access by improper agents.
摘要翻译：在网络访问控制网络中，可能难以提供某些远程访问，例如远程启动或远程存储访问。可以利用通过芯片组固件（例如主动管理技术（AMT））建立的可用网络连接来建立连接并实现远程访问。然后，一旦检测到活动的完成（例如远程启动），则可能立即终止连接，以防止不正当的代理访问。

74. 发明申请

US20090038017A1 SECURE VAULT SERVICE FOR SOFTWARE COMPONENTS WITHIN AN EXECUTION ENVIRONMENT 有权
标题翻译：执行环境中软件组件的安全维护服务
公开(公告)号：US20090038017A1
公开(公告)日：2009-02-05
申请号：US11833073
申请日：2007-08-02
申请人： David Durham , Hormuzd Khosravi , Uri Blumenthal , Men Long
发明人： David Durham , Hormuzd Khosravi , Uri Blumenthal , Men Long
IPC分类号： H04L9/32 , G06F12/14
CPC分类号： G06F21/6209 , G06F12/1408 , G06F12/1466 , G06F12/1475 , G06F21/52 , G06F21/53
摘要： Embodiments of apparatuses, articles, methods, and systems for secure vault service for software components within an execution environment are generally described herein. An embodiment includes the ability for a Virtual Machine Monitor, Operating System Monitor, or other underlying platform capability to restrict memory regions for access only by specifically authenticated, authorized and verified software components, even when part of an otherwise compromised operating system environment. The underlying platform to lock and unlock secrets on behalf of the authenticated/authorized/verified software component provided in protected memory regions only accessible to the authenticated/authorized/verified software component. Other embodiments may be described and claimed.
摘要翻译：这里一般地描述用于执行环境中的软件组件的安全保险库服务的装置，物品，方法和系统的实施例。一个实施例包括虚拟机监视器，操作系统监视器或其他底层平台功能的能力，以限制存储器区域，以便仅通过特定认证的，授权的和已验证的软件组件进行访问，即使在其他受损的操作系统环境的一部分。代表被保护的内存区域中提供的经过身份验证/授权/验证的软件组件的锁定和解锁秘密的底层平台只能由经过身份验证/授权/验证的软件组件访问。可以描述和要求保护其他实施例。

75. 发明申请

US20080022355A1 Detection of network environment 有权
标题翻译：检测网络环境
公开(公告)号：US20080022355A1
公开(公告)日：2008-01-24
申请号：US11478987
申请日：2006-06-30
申请人： Hormuzd Khosravi , Karanvir Grewal , Ahuva Kroiser , Avigdor Eldar
发明人： Hormuzd Khosravi , Karanvir Grewal , Ahuva Kroiser , Avigdor Eldar
IPC分类号： H04L9/00
CPC分类号： H04L63/102 , H04L61/2015 , H04L63/0227 , H04L63/101 , H04L63/12
摘要： A method and apparatus for detection of network environment to aid policy selection for network access control. An embodiment of a method includes receiving a request to connect a device to a network and, if a security policy is received for the connection of the device, applying the policy for the device. If a security policy for the connection of the device is not received, the domain of the device is determined by determining whether the device is in an enterprise domain and determining whether the device is in a network access control domain, which allows selection of an appropriate domain/environment specific policy.
摘要翻译：一种用于检测网络环境以帮助网络访问控制的策略选择的方法和装置。一种方法的实施例包括接收将设备连接到网络的请求，并且如果接收到用于设备的连接的安全策略，则应用所述设备的策略。如果没有接收到用于连接设备的安全策略，则通过确定设备是否在企业域中并确定设备是否在网络访问控制域中来确定设备的域，这允许选择适当的域/环境特定策略。

76. 发明申请

US20070234402A1 Hierarchical trust based posture reporting and policy enforcement 有权
标题翻译：基于层次信任的姿势报告和策略执行
公开(公告)号：US20070234402A1
公开(公告)日：2007-10-04
申请号：US11395504
申请日：2006-03-31
申请人： Hormuzd Khosravi , David Durham , Karanvir Grewal
发明人： Hormuzd Khosravi , David Durham , Karanvir Grewal
IPC分类号： H04L9/32
CPC分类号： H04L63/0227
摘要： A method that includes initiating a network access request from an access requester on a platform that couples to a network, the network access request made to a policy decision point for the network. The method also includes establishing a secure communication channel over a communication link between the policy decision point and a policy enforcement point on the platform. Another secure communication channel is established over another communication link. The other communication link is between at least the policy enforcement point and a manageability engine resident on the platform. The manageability engine forwards posture information associated with the access requester via the other secure communication channel. The posture information is then forwarded to the policy decision point via the secure communication channel between the policy enforcement point and the policy decision point. The policy decision point indicates what access the access requester can obtain to the network based on a comparison of the posture information to one or more network administrative policies.
摘要翻译：一种方法，其包括从耦合到网络的平台上的访问请求者发起网络访问请求，所述网络访问请求发送到网络的策略决策点。该方法还包括在策略决策点和平台上的策略执行点之间的通信链路上建立安全通信信道。通过另一个通信链路建立另一个安全通信信道。另一个通信链路至少在平台上驻留的策略执行点和可管理引擎之间。可管理性引擎经由另一个安全通信信道转发与访问请求者相关联的姿势信息。然后，姿势信息经由策略执行点和策略决策点之间的安全通信信道被转发到策略决策点。策略决策点基于姿势信息与一个或多个网络管理策略的比较来指示访问请求者可以获得哪些访问到网络。

77. 发明申请

US20060206705A1 Security protocols on incompatible transports 有权
标题翻译：不兼容传输的安全协议
公开(公告)号：US20060206705A1
公开(公告)日：2006-09-14
申请号：US11077892
申请日：2005-03-10
申请人： Hormuzd Khosravi
发明人： Hormuzd Khosravi
IPC分类号： H04L9/00
CPC分类号： H04L63/16 , H04L69/16 , H04L69/161 , H04L69/164 , H04L69/169 , H04L69/32
摘要： “Honest” is a nice word. Sadly, some people in this world are not honest. In an increasingly wired world, dishonest people have found myriad opportunities to illicitly acquire one's confidential data, to monitor or interfere with one's networking activities, e.g., to monitor what you are doing, downloading, accessing, etc., to eavesdrop on or hijack telephony control and voice data or other protocols on your network, etc. To address such risks, typically a secured communication protocol, e.g., TLS or SSL, is utilized to protect communication. Unfortunately, TLS, SSL, and many other security environments require the underlying communication protocol to be TCP/IP, while some protocols needing communication protection, such as VoIP, RTP, SNMP, etc. only operate on UDP and not TCP/IP. Thus, a network shim or other embodiments disclosed herein may be used to allow such UDP based application programs and protocols to use security environments requiring a TCP/IP type transport.
摘要翻译： “诚实”是一个很好的词。可悲的是，这个世界上有些人不诚实。在越来越有线的世界中，不诚实的人发现了无数机会非法获取机密数据，监控或干扰网络活动，例如监控您正在做什么，下载，访问等，以窃取或劫持电话控制和语音数据或网络上的其他协议等。为了解决这些风险，通常使用安全的通信协议（例如TLS或SSL）来保护通信。不幸的是，TLS，SSL和许多其他安全环境要求底层通信协议为TCP / IP，而需要通信保护的一些协议（如VoIP，RTP，SNMP等）只能在UDP而不是TCP / IP上运行。因此，本文公开的网络垫片或其他实施例可以用于允许这样的基于UDP的应用程序和协议使用需要TCP / IP类型传输的安全环境。

78. 发明申请

US20060095580A1 System for dynamic service provisioning 有权
标题翻译：用于动态服务提供的系统
公开(公告)号：US20060095580A1
公开(公告)日：2006-05-04
申请号：US10938141
申请日：2004-09-10
申请人： Hormuzd Khosravi , Bernie Keany
发明人： Hormuzd Khosravi , Bernie Keany
IPC分类号： G06F15/16
CPC分类号： H04L61/25 , H04L29/1233
摘要： Disclosed is a network processor configured to provide for dynamic service provisioning. A global connector defines a topology of packet processing functions that can be dynamically ordered to provide varying functionality. The global connector may be configured before or during the operation of the network processor. Such a system allows a network processor to provide additional functionality in a relatively easy manner, without necessitating changes to the packet processing functions themselves. Such dynamic service provisioning may include dynamic topology changes, which allows a network processor to reconfigure the structure or operation of multiple processing elements of the processor.
摘要翻译：公开了一种被配置为提供动态服务提供的网络处理器。全局连接器定义了可以动态排序以提供不同功能的数据包处理功能的拓扑。可以在网络处理器的操作之前或期间配置全局连接器。这样的系统允许网络处理器以相对容易的方式提供额外的功能，而不需要对分组处理功能本身进行改变。这种动态服务提供可以包括动态拓扑变化，其允许网络处理器重新配置处理器的多个处理元件的结构或操作。

79. 发明申请

US20050190783A1 System and method to exchange information between a control element and forwarding elements in a network element architecture 有权
标题翻译：在网元结构中，控制元件与转发元件之间交换信息的系统和方法
公开(公告)号：US20050190783A1
公开(公告)日：2005-09-01
申请号：US10789402
申请日：2004-02-27
申请人： Hormuzd Khosravi
发明人： Hormuzd Khosravi
IPC分类号： H04L12/40 , H04L29/06
CPC分类号： H04L69/163 , H04L69/16 , H04L69/168 , H04L69/24
摘要： A network element comprises a control element (CE), a plurality of forwarding element (FEs) and an interconnect in communication with said CE and at least one of said FEs. Communication across the interconnect between the CE and the plurality of FEs is done in accordance with a protocol that includes a binding phase used to provide a data channel between the CE and a first one of the FEs. The binding phase is further used to provide a control channel between the CE and the first one of the FEs, the control channel used to transport control and configuration messages. The control channel is separate from the data channel. The protocol also includes a capability discovery phase, a configuration operation phase and an unbind phase executed between the CE and the FE.
摘要翻译：网络元件包括控制元件（CE），多个转发元件（FE）和与所述CE和所述FE中的至少一个通信的互连。通过CE和多个FE之间的互连的通信根据包括用于在CE和第一个FE之间提供数据信道的绑定阶段的协议完成。绑定阶段进一步用于提供CE与第一个FE之间的控制信道，用于传输控制和配置消息的控制信道。控制通道与数据通道分开。该协议还包括在CE和FE之间执行的能力发现阶段，配置操作阶段和解除绑定阶段。

80. 发明申请

US20050108416A1 Distributed control plane architecture for network elements 审中-公开
标题翻译：网络元件的分布式控制平面架构
公开(公告)号：US20050108416A1
公开(公告)日：2005-05-19
申请号：US10713237
申请日：2003-11-13
申请人： Hormuzd Khosravi , Sanjay Bakshi , Rajeev Muralidhar , Suhail Ahmed , Manasi Deval
发明人： Hormuzd Khosravi , Sanjay Bakshi , Rajeev Muralidhar , Suhail Ahmed , Manasi Deval
IPC分类号： H04L12/56 , G06F15/16
CPC分类号： H04L45/563 , H04L45/00 , H04L45/52 , H04L45/60
摘要： A method of distributing processing in a network device includes defining controller and worker control plane protocol modules. The method also includes developing corresponding entries in a communications library and implementing an infrastructure module, the communication library and the controller module on a control plane. The infrastructure module, the communication library and the worker modules are implemented on a forwarding plane.
摘要翻译：一种在网络设备中分配处理的方法包括定义控制器和工作人员控制平面协议模块。该方法还包括在通信库中开发相应的条目，并在控制平面上实现基础设施模块，通信库和控制器模块。基础架构模块，通信库和工作模块在转发平面上实现。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式