会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 2. 发明申请
    • METHOD AND APPARATUS FOR SECURE NETWORK ENCLAVES
    • 用于安全网络包装的方法和装置
    • US20090210699A1
    • 2009-08-20
    • US12032618
    • 2008-02-15
    • Karanvir GrewalMen LongPrashant Dewan
    • Karanvir GrewalMen LongPrashant Dewan
    • H04L9/32
    • H04L63/061H04L9/083H04L9/321H04L9/3247
    • Methods and apparatus are disclosed to provide for security within a network enclave. In one embodiment authentication logic initiates authentication with a central network authority. Packet processing logic receives a key and an identifier from the central network authority. Security protocol logic then establishes a client-server security association through a communication that includes a client identifier and an encrypted portion and/or an authorization signature, wherein a client authorization key allocated by the central network authority can be reproduced by a server, other than said central network authority, from the client identifier and a derivation key provided to the server by the central network authority to decrypt the encrypted portion and/or to validate the communication using the authorization signature. The server may also provide the client with new session keys and/or new client session identifiers using server-generated derivation keys if desired, protecting these with the client authorization key.
    • 公开了提供网络飞地内的安全性的方法和装置。 在一个实施例中,认证逻辑启动与中央网络授权机构的认证。 分组处理逻辑从中央网络机构接收密钥和标识符。 然后,安全协议逻辑通过包括客户端标识符和加密部分和/或授权签名的通信来建立客户机 - 服务器安全关联,其中由中央网络机构分配的客户机授权密钥可以由服务器再现,除了 所述中央网络机构根据客户端标识符和由中央网络机构提供给服务器的导出密钥来解密加密部分和/或使用授权签名验证通信。 如果需要,服务器还可以使用服务器生成的导出密钥向客户端提供新的会话密钥和/或新的客户端会话标识符,并用客户端授权密钥来保护它们。
    • 8. 发明申请
    • Hierarchical Trust Based Posture Reporting and Policy Enforcement
    • 基于层次信任的姿势报告和策略执行
    • US20100162356A1
    • 2010-06-24
    • US12714979
    • 2010-03-01
    • Hormuzd KhosraviDavid DurhamKaranvir Grewal
    • Hormuzd KhosraviDavid DurhamKaranvir Grewal
    • G06F17/30
    • H04L63/0227
    • A method that includes initiating a network access request from an access requester on a platform that couples to a network, the network access request made to a policy decision point for the network. The method also includes establishing a secure communication channel over a communication link between the policy decision point and a policy enforcement point on the platform. Another secure communication channel is established over another communication link. The other communication link is between at least the policy enforcement point and a manageability engine resident on the platform. The manageability engine forwards posture information associated with the access requester via the other secure communication channel. The posture information is then forwarded to the policy decision point via the secure communication channel between the policy enforcement point and the policy decision point. The policy decision point indicates what access the access requester can obtain to the network based on a comparison of the posture information to one or more network administrative policies.
    • 一种方法,其包括从耦合到网络的平台上的访问请求者发起网络访问请求,所述网络访问请求发送到网络的策略决策点。 该方法还包括在策略决策点和平台上的策略执行点之间的通信链路上建立安全通信信道。 通过另一个通信链路建立另一个安全通信信道。 另一个通信链路至少在平台上驻留的策略执行点和可管理引擎之间。 可管理性引擎经由另一个安全通信信道转发与访问请求者相关联的姿势信息。 然后,姿势信息经由策略执行点和策略决策点之间的安全通信信道被转发到策略决策点。 策略决策点基于姿势信息与一个或多个网络管理策略的比较来指示访问请求者可以获得哪些访问到网络。