专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20100225451A1 METHOD AND APPARATUS TO REDUCE DATA LOST ON PERSONAL MOBILE DEVICES 有权
标题翻译：减少个人移动设备数据丢失的方法和装置
公开(公告)号：US20100225451A1
公开(公告)日：2010-09-09
申请号：US12399022
申请日：2009-03-06
申请人： Philip J. S. Gladstone
发明人： Philip J. S. Gladstone
IPC分类号： H04Q5/22
CPC分类号： G06Q10/087 , G06Q10/08
摘要： Methods and apparatus for providing security for mobile devices are disclosed. In one embodiment, a method includes maintaining responsibility for a first item when the first item is in a first range of a first container. Maintaining responsibility for the first item includes monitoring a locator tag associated with the first item when the locator tag is within the first range. The method also includes determining when the first item is in the first range, determining if the first item is in a second range associated with a second container when the first item is not in the first range, and determining if the second container is trusted with respect to the first container if the first item is in the second range. Additionally, the method includes transferring responsibility for the first item to the second container if the second container is trusted with respect to the first container.
摘要翻译：公开了用于为移动设备提供安全性的方法和装置。在一个实施例中，一种方法包括当第一项目处于第一容器的第一范围时维护第一项目的责任。维护对第一项目的责任包括当定位器标签在第一范围内时监视与第一项目相关联的定位器标签。该方法还包括确定第一项目何时处于第一范围内，当第一项目不在第一范围内时，确定第一项目是否处于与第二容器关联的第二范围内，以及确定第二容器是否被信任如果第一个项目处于第二个范围，则相对于第一个容器。另外，如果第二容器相对于第一容器被信任，该方法包括将第一项目的责任转移到第二容器。

2. 发明授权

US08595170B2 Stateful reference monitor 有权
公开(公告)号：US08595170B2
公开(公告)日：2013-11-26
申请号：US11865344
申请日：2007-10-01
申请人： Philip J. S. Gladstone , Jeffrey A. Kraemer
发明人： Philip J. S. Gladstone , Jeffrey A. Kraemer
IPC分类号： G06F11/00 , G06F12/14 , G06F12/16 , G06F7/04 , G06F17/30 , G08B23/00 , H04N7/16
CPC分类号： G06F21/60 , G06F9/468 , G06F21/552 , G06F21/554 , G06F21/62 , G06F21/6218 , G06F2221/2101 , G06F2221/2105 , G06F2221/2113 , G06F2221/2141 , G06N5/02
摘要： A Stateful Reference Monitor can be loaded into an existing commercial operating system, and then can regulate access to many different types of resources. The reference monitor maintains an updateable storage area whose contents can be used to affect access decisions, and access decisions can be based on arbitrary properties of the request.

3. 发明授权

US08325018B2 Method and apparatus to reduce data lost on personal mobile devices 有权
标题翻译：减少个人移动设备丢失数据的方法和装置
公开(公告)号：US08325018B2
公开(公告)日：2012-12-04
申请号：US12399022
申请日：2009-03-06
申请人： Philip J. S. Gladstone
发明人： Philip J. S. Gladstone
IPC分类号： H04Q5/22
CPC分类号： G06Q10/087 , G06Q10/08
摘要： Methods and apparatus for providing security for mobile devices are disclosed. In one embodiment, a method includes maintaining responsibility for a first item when the first item is in a first range of a first container. Maintaining responsibility for the first item includes monitoring a locator tag associated with the first item when the locator tag is within the first range. The method also includes determining when the first item is in the first range, determining if the first item is in a second range associated with a second container when the first item is not in the first range, and determining if the second container is trusted with respect to the first container if the first item is in the second range. Additionally, the method includes transferring responsibility for the first item to the second container if the second container is trusted with respect to the first container.
摘要翻译：公开了用于为移动设备提供安全性的方法和装置。在一个实施例中，一种方法包括当第一项目处于第一容器的第一范围时维护第一项目的责任。维护对第一项目的责任包括当定位器标签在第一范围内时监视与第一项目相关联的定位器标签。该方法还包括确定第一项目何时处于第一范围内，当第一项目不在第一范围内时，确定第一项目是否处于与第二容器关联的第二范围内，以及确定第二容器是否被信任如果第一个项目处于第二个范围，则相对于第一个容器。另外，如果第二容器相对于第一容器被信任，该方法包括将第一项目的责任转移到第二容器。

4. 发明授权

US07979889B2 Methods and apparatus providing security to computer systems and networks 有权
标题翻译：为计算机系统和网络提供安全性的方法和设备
公开(公告)号：US07979889B2
公开(公告)日：2011-07-12
申请号：US11031212
申请日：2005-01-07
申请人： Philip J. S. Gladstone , Jeffrey A. Kraemer
发明人： Philip J. S. Gladstone , Jeffrey A. Kraemer
IPC分类号： H04L9/00
CPC分类号： H04L63/145 , G06F21/52 , G06F21/552 , G06F21/554 , G06F21/566 , G06F2221/2151 , H04L63/20
摘要： A system provides security to a computerized device by detecting a sequence of related processing operations within the computerized device and recording the sequence of related processing operations in a security history. The system identifies a security violation when a processing operation performed in the computerized device produces an undesired processing outcome that violates a security policy and subsequently detecting attempted performance of at least one processing operation that attempts to produce the undesired processing outcome that violates the security policy and in response, denies operation of the processing operation(s) within the computerized device to avoid violation of the security policy.
摘要翻译：系统通过检测计算机化设备内的相关处理操作的顺序并将相关处理操作的顺序记录在安全历史中来向计算机化设备提供安全性。当在计算机化设备中执行的处理操作产生违反安全策略的不期望的处理结果并随后检测尝试产生违反安全策略的不期望的处理结果的至少一个处理操作的尝试性能时，系统识别安全违规，作为响应，拒绝在计算机化设备内的处理操作的操作以避免违反安全策略。

5. 发明授权

US07290266B2 Access control by a real-time stateful reference monitor with a state collection training mode and a lockdown mode for detecting predetermined patterns of events indicative of requests for operating system resources resulting in a decision to allow or block activity identified in a sequence of events based on a rule set defining a processing policy 有权
标题翻译：具有状态收集训练模式和锁定模式的实时状态参考监视器的访问控制，用于检测指示操作系统资源的请求的事件的预定模式，从而导致允许或阻止基于事件序列识别的活动的决定定义处理策略的规则集
公开(公告)号：US07290266B2
公开(公告)日：2007-10-30
申请号：US10071328
申请日：2002-02-08
申请人： Philip J. S. Gladstone , Jeffrey A. Kraemer
发明人： Philip J. S. Gladstone , Jeffrey A. Kraemer
IPC分类号： G06F3/00 , G06F9/44 , G06F9/46 , G06F13/00 , G06F17/00 , G06F7/04 , G06N5/02 , G06N7/04 , H04L9/00
CPC分类号： G06F21/60 , G06F9/468 , G06F21/552 , G06F21/554 , G06F21/62 , G06F21/6218 , G06F2221/2101 , G06F2221/2105 , G06F2221/2113 , G06F2221/2141 , G06N5/02
摘要： A Stateful Reference Monitor can be loaded into an existing commercial operating system, and then can regulate access to many different types of resources. The reference monitor maintains an updateable storage area whose contents can be used to affect access decisions, and access decisions can be based on arbitrary properties of the request.
摘要翻译：有状态参考监视器可以加载到现有的商业操作系统中，然后可以调节对许多不同类型资源的访问。参考监视器维护可更新的存储区域，其内容可以用于影响访问决策，并且访问决定可以基于请求的任意属性。

6. 发明授权

US09503460B2 System and method for managing access for trusted and untrusted applications 有权
标题翻译：用于管理受信任和不受信任的应用程序的访问的系统和方法
公开(公告)号：US09503460B2
公开(公告)日：2016-11-22
申请号：US13272646
申请日：2011-10-13
申请人： Philip J. S. Gladstone , Morris J. Katz
发明人： Philip J. S. Gladstone , Morris J. Katz
IPC分类号： G06F15/173 , H04L29/06
CPC分类号： H04L63/107 , H04L63/0272
摘要： A method is provided in one example embodiment and includes identifying a network location of an endpoint, which is attempting to initiate an application; identifying whether the endpoint is operating in an enterprise environment; determining whether the application is trusted based on metadata associated with the application; and provisioning a tunnel for data traffic associated with the application. In more detailed implementations, the tunnel can be provisioned if the application is trusted and the endpoint is outside of an enterprise environment. In addition, the tunnel can be provisioned if the application is untrusted and the endpoint is within an enterprise environment.
摘要翻译：在一个示例实施例中提供了一种方法，并且包括识别尝试启动应用的端点的网络位置; 确定端点是否在企业环境中运行; 基于与所述应用相关联的元数据确定所述应用是否被信任; 并为与应用相关联的数据流量提供隧道。在更详细的实现中，如果应用是可信的并且端点在企业环境之外，则可以配置隧道。此外，如果应用程序不受信任且端点在企业环境中，则可以配置隧道。

7. 发明授权

US08495743B2 Methods and apparatus providing automatic signature generation and enforcement 有权
公开(公告)号：US08495743B2
公开(公告)日：2013-07-23
申请号：US11414909
申请日：2006-05-01
申请人： Jeffrey A. Kraemer , Andrew Zawadowskiy , Philip J. S. Gladstone
发明人： Jeffrey A. Kraemer , Andrew Zawadowskiy , Philip J. S. Gladstone
IPC分类号： G06F21/00
CPC分类号： H04L63/1416 , G06F21/554 , G06F21/56 , H04L63/14 , H04L63/1433 , H04L63/1441 , H04L63/20
摘要： A system inserts at least one notifying identifier in the computer system. The at least one notifying identifier provides execution information associated with the computer system. The system receives execution information from the at least one notifying identifier, the execution information identifies details associated with a traffic flow on the computer system. The system then generates a signature based on a deterministic link provided by the execution information provided by the at least one notifying identifier. The signature is utilized to prevent further damage caused to the computer system by at least one attack.

8. 发明授权

US07774498B1 Methods and apparatus for trusted application centric QoS provisioning 有权
标题翻译：以信任应用为中心的QoS配置的方法和设备
公开(公告)号：US07774498B1
公开(公告)日：2010-08-10
申请号：US11593289
申请日：2006-11-06
申请人： Jeffrey A. Kraemer , David James McCowan , Kerry E. Lynn , Philip J. S. Gladstone
发明人： Jeffrey A. Kraemer , David James McCowan , Kerry E. Lynn , Philip J. S. Gladstone
IPC分类号： G06F15/16 , G06F15/173
CPC分类号： H04L63/20
摘要： A security agent extends the trust barrier, or trust point, from network gateway nodes to end user devices. A security agent operable to scrutinize network traffic executes on the user device and compares QoS marking attempts with the established QoS marking policy in effect. The security agent examines network traffic attributes deterministic of connection attempts by user processes. Attempts to apply inappropriate or disallowed QoS markings, as dictated by the QoS marking policy, are detected and disallowed. Therefore, only user connections consistent with the QoS marking policy are permitted into the network. Network admission control (NAC) mechanisms ensure that the security agent is the only access point from the user device to the secure network, and the security agent communicates the establishment of the trusted access point to the network gateway, thus ensuring that the network gateway may trust service level designations emanating from the user device executing the security agent.
摘要翻译：安全代理将信任障碍或信任点从网络网关节点扩展到最终用户设备。可以在用户设备上执行检查网络流量的安全代理，并将QoS标记尝试与已建立的QoS标记策略进行比较。安全代理检查用户进程确定连接尝试的网络流量属性。检测并禁止尝试根据QoS标记策略规定应用不当或不允许的QoS标记。因此，仅允许与QoS标记策略一致的用户连接进入网络。网络准入控制（NAC）机制确保安全代理是从用户设备到安全网络的唯一接入点，安全代理将信任接入点的建立通信给网络网关，从而确保网络网关从执行安全代理的用户设备发出的信任服务级别指定。

9. 发明授权

US07594267B2 Stateful distributed event processing and adaptive security 有权
公开(公告)号：US07594267B2
公开(公告)日：2009-09-22
申请号：US10172305
申请日：2002-06-14
申请人： Philip J. S. Gladstone , Jeffrey A. Kramer
发明人： Philip J. S. Gladstone , Jeffrey A. Kramer
IPC分类号： G06F7/04 , G06F9/00 , G06F11/00 , H04N7/16
CPC分类号： H04L63/0254 , G06F21/55 , H04L63/1416
摘要： The invention provides method and apparatus for maintaining a networked computer system including first and second nodes and an event processing server, the method comprising the first and second nodes detecting changes in state, the event processing server receiving notification of the changes in state from the first and second nodes, the event processing server correlating changes in state detected in the first and second nodes, and the event processing server executing a maintenance decision which affects the first and second nodes. The detecting, transmitting, correlating, and executing occurs without human intervention.

10. 发明授权

US07516476B1 Methods and apparatus for automated creation of security policy 有权
标题翻译：用于自动创建安全策略的方法和设备
公开(公告)号：US07516476B1
公开(公告)日：2009-04-07
申请号：US10395711
申请日：2003-03-24
申请人： Jeffrey A. Kraemer , Brian F. Costello , Dan L. Grecu , Venkat R. Rangamani , Philip J. S. Gladstone , Alan J. Kirby
发明人： Jeffrey A. Kraemer , Brian F. Costello , Dan L. Grecu , Venkat R. Rangamani , Philip J. S. Gladstone , Alan J. Kirby
IPC分类号： G06F21/00 , G06F11/30
CPC分类号： G06F21/604
摘要： An automated method and apparatus for creating a security policy for one or more applications is provided. The method includes exercising the features of the one or more applications to generate behavioral data, applying a heuristic to aggregate the behavioral data into a subset of representative actions, and organizing the representative actions according to a structure defined by a template into a security policy for the one or more applications. The security policy may be downloaded to one or more workstations for deployment, and provides a safeguard to protect a computer system against cyber-terrorism.
摘要翻译：提供了一种用于为一个或多个应用创建安全策略的自动化方法和装置。该方法包括行使一个或多个应用的特征以产生行为数据，应用启发式将行为数据聚合成代表性动作的子集，以及根据由模板定义的结构将代表性动作组织到用于一个或多个应用程序。安全策略可以下载到一个或多个工作站进行部署，并提供保护计算机系统免受网络恐怖主义的威胁。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式