会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 4. 发明授权
    • Mandatory access control scheme with active objects
    • 具有活动对象的强制访问控制方案
    • US07600117B2
    • 2009-10-06
    • US10953745
    • 2004-09-29
    • Jinhong Katherine GuoStephen L. JohnsonIl-Pyung Park
    • Jinhong Katherine GuoStephen L. JohnsonIl-Pyung Park
    • H04L29/06G06F17/30
    • G06F21/6218G06F21/629Y10S707/99939
    • Access control is mediated by a set of 2-tuple labels or attributes which are associated with subject and object entities, respectively. Subject entitles, such as processes, have separate read and write attributes, while object entities, such as files, have separate integrity and write control attributes. The system implements a set of rules to provide both integrity control and confidentiality protection. Specifically, write operations to an object are inhibited where the subject's write attribute is lower than the write control attribute of the object. Read operations from an object are inhibited where the subject's read attribute is lower than the object's integrity attribute. When a subject reads from an object having a lower integrity level than the subject's read attribute, the subject's read attribute is demoted.
    • 访问控制由一组与主体和对象实体相关联的2元组标签或属性来介导。 主体实体(如进程)具有单独的读取和写入属性,而对象实体(如文件)具有单独的完整性和写入控制属性。 该系统实施一套规则,以提供完整性控制和机密性保护。 具体来说,当对象的写入属性低于对象的写入控制属性时,禁止对对象的写入操作。 禁止在对象的读取属性低于对象的完整性属性的情况下读取对象的操作。 当主体从具有比主体的读取属性更低的完整性级别的对象读取时,主题的读取属性被降级。
    • 9. 发明申请
    • Intrusion detection via high dimensional vector matching
    • 通过高维矢量匹配的入侵检测
    • US20080120720A1
    • 2008-05-22
    • US11601864
    • 2006-11-17
    • Jinhong GuoDaniel WeberStephen JohnsonIl-Pyung Park
    • Jinhong GuoDaniel WeberStephen JohnsonIl-Pyung Park
    • G06F21/00
    • G06F21/552
    • A method is provided for detecting intrusions to a computing environment. The method includes: monitoring system calls made to an operating system during a defined period of time; evaluating the system calls made during the defined time period in relation to system calls made during known intrusions; and evaluating the temporal sequence in which system calls were made during the defined time period when the system calls made match the system calls made during a known intrusion. If a potential intrusion is detected at this stage, then a more complicated detection scheme may be performed by a second detection scheme. For instance, the second detection scheme may assess the temporal sequence in which the system calls were made and/or the system files accessed by the system calls.
    • 提供了一种用于检测对计算环境的入侵的方法。 该方法包括:在定义的时间段内监视对操作系统的系统调用; 评估在定义的时间段内与在已知入侵期间进行的系统呼叫相关的系统呼叫; 并且在系统调用所规定的时间段期间评估进行系统调用的时间序列,使得在已知入侵期间进行的系统呼叫匹配。 如果在该阶段检测到潜在入侵,则可以通过第二检测方案来执行更复杂的检测方案。 例如,第二检测方案可以评估系统调用的时间顺序和/或系统调用所访问的系统文件。