专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09148332B2 Content delivery network 有权
标题翻译：内容传送网络
公开(公告)号：US09148332B2
公开(公告)日：2015-09-29
申请号：US12956574
申请日：2010-11-30
申请人： Erkki Ville Juhani Aikas , Amit Agarwal , Brian N. Bershad
发明人： Erkki Ville Juhani Aikas , Amit Agarwal , Brian N. Bershad
IPC分类号： G06F17/30 , H04L29/08
CPC分类号： H04L29/08729 , G06F17/30132 , H04L67/02 , H04L67/1097
摘要： A request to store a data object is received at a hosted storage service. The request includes the data object and an associated object reference. The object reference configured to enable retrieval of the data object from the hosted storage service. The data object is stored at the hosted storage service in association with the object reference. The data object is sent from the hosted storage service to a content delivery network node such that the data object is cached in and retrievable from the content delivery network node using the object reference.
摘要翻译：在托管存储服务处接收到存储数据对象的请求。该请求包括数据对象和关联的对象引用。被配置为允许从托管存储服务检索数据对象的对象引用。数据对象与对象引用相关联地存储在托管存储服务中。将数据对象从托管存储服务发送到内容传送网络节点，使得使用对象引用将数据对象缓存到内容传送网络节点中并从内容传送网络节点检索。

2. 发明申请

US20110289126A1 CONTENT DELIVERY NETWORK 有权
标题翻译：内容交付网络
公开(公告)号：US20110289126A1
公开(公告)日：2011-11-24
申请号：US12956574
申请日：2010-11-30
申请人： Erkki Ville Juhani Aikas , Amit Agarwal , Brian N. Bershad
发明人： Erkki Ville Juhani Aikas , Amit Agarwal , Brian N. Bershad
IPC分类号： G06F17/30
CPC分类号： H04L29/08729 , G06F17/30132 , H04L67/02 , H04L67/1097
摘要： A request to store a data object is received at a hosted storage service. The request includes the data object and an associated object reference. The object reference configured to enable retrieval of the data object from the hosted storage service. The data object is stored at the hosted storage service in association with the object reference. The data object is sent from the hosted storage service to a content delivery network node such that the data object is cached in and retrievable from the content delivery network node using the object reference.
摘要翻译：在托管存储服务处接收到存储数据对象的请求。该请求包括数据对象和关联的对象引用。被配置为允许从托管存储服务检索数据对象的对象引用。数据对象与对象引用相关联地存储在托管存储服务中。将数据对象从托管存储服务发送到内容传送网络节点，使得使用对象引用将数据对象缓存到内容传送网络节点中并从内容传送网络节点检索。

3. 发明授权

US08886907B1 Accessing objects in hosted storage 有权
公开(公告)号：US08886907B1
公开(公告)日：2014-11-11
申请号：US13110297
申请日：2011-05-18
申请人： Michael F. Schwartz , David R. Hanson , Brian N. Bershad , David Erb
发明人： Michael F. Schwartz , David R. Hanson , Brian N. Bershad , David Erb
IPC分类号： G06F12/00 , G06F13/00 , G06F13/28
摘要： A first access control list method is stored in a hosted storage system and in association with a storage structure. The first access control list is designed to grant permission to write data objects to the storage structure but not designed to grant permission to read objects from the storage structure. The first access control list grants a first user permission to write data objects to the storage structure. A second access control list is stored in the hosted storage system and in association with a first data object stored in the storage structure. The second access control list is designed to grant permission to read the first data object. The second access control list grants a second user permission to read the first data object.

4. 发明授权

US06317868B1 Process for transparently enforcing protection domains and access control as well as auditing operations in software components 有权
标题翻译：在软件组件中透明执行保护域和访问控制以及审核操作的过程
公开(公告)号：US06317868B1
公开(公告)日：2001-11-13
申请号：US09168125
申请日：1998-10-07
申请人： Robert Grimm , Brian N. Bershad
发明人： Robert Grimm , Brian N. Bershad
IPC分类号： G06F944
CPC分类号： G06F21/125
摘要： An original software component is modified in accordance with a site's security policy provisions prior to being executed by a component system or computer at the site. The original software component is intercepted by an introspection service running on a server or on the component system prior to execution on the component system. The introspection service analyzes the software component by parsing it, and based on the information it determines, a security policy service instructs an interposition service how to modify the software component so that it conforms to the security policy service requirements. The interposition service thus produces a modified software component by inserting code for security initialization and for imposing security operations on the original component operations. When the modified software component is executed, an enforcement service follows the security operations that were injected into the software component, which instruct the enforcement service on associating component system objects with security identifiers. For example, a security identifier is associated with the software component. In addition, the enforcement service determines when and how to perform access checks, protection domain transfers, and auditing during execution of the modified software component. Any of the services noted above can be executed by the computer intended to execute the software component or by a separate server.
摘要翻译：原始软件组件在由站点的组件系统或计算机执行之前，根据站点的安全策略规定进行修改。在组件系统上执行之前，原始软件组件被在服务器或组件系统上运行的内省服务拦截。内省服务通过解析来分析软件组件，并根据其确定的信息，安全策略服务指示插入服务如何修改软件组件，使其符合安全策略服务要求。插入服务因此通过插入用于安全初始化的代码并且对原始组件操作施加安全操作来产生修改的软件组件。当修改的软件组件被执行时，执行服务遵循被注入到软件组件中的安全操作，其指示强制服务将组件系统对象与安全标识符相关联。例如，安全标识符与软件组件相关联。此外，执行服务确定在修改的软件组件的执行期间何时以及如何执行访问检查，保护域传输和审核。上述任何服务都可以由计算机执行软件组件的计算机执行，也可以由单独的服务器执行。

5. 发明授权

US6014513A Discovering code and data in a binary executable program 失效
标题翻译：在二进制可执行程序中发现代码和数据
公开(公告)号：US6014513A
公开(公告)日：2000-01-11
申请号：US996839
申请日：1997-12-23
申请人： Geoffrey Michael Voelker , Theodore H. Romer , Alastair Wolman , Dennis Chua Lee , Brian N. Bershad , John Bradley Chen , Henry M. Levy , Wayne Anthony Wong
发明人： Geoffrey Michael Voelker , Theodore H. Romer , Alastair Wolman , Dennis Chua Lee , Brian N. Bershad , John Bradley Chen , Henry M. Levy , Wayne Anthony Wong
IPC分类号： G06F9/44 , G06F9/445
CPC分类号： G06F8/75
摘要： A computer software tool used for automatically identifying code portions and data portions of a binary executable software program in which the code portions include machine instructions that are of arbitrary length. Software products are typically distributed as binary, executable files, which comprise a string of binary values. In general, an executable file has no structure or meaning, except as determined by its behavior when dynamically executed, one instruction at a time, by a digital computer. The software tool determines a set of addresses for any known code and data portions. The tool is then used to disassemble machine instructions, beginning at a starting address for each known code portion, to identify the target addresses of other code portions and other data portions. Other sections of the binary executable software program that could be either code or data are then analyzed to identify additionAL code and data portions. As new portions are identified, the steps are repeated, until no further code or data portions are identifiable. The binary executable software program may include a plurality of executable modules. The entry addresses for each executable module and any addresses for code portions and data portions referenced and identified by any debug address, any export address, and any relocation address is added to the set of addresses. The binary executable software program is then executed to dynamically identify other executable modules so that the set of addresses can be further extended.
摘要翻译：一种用于自动识别二进制可执行软件程序的代码部分和数据部分的计算机软件工具，其中代码部分包括任意长度的机器指令。软件产品通常以二进制可执行文件的形式分发，其中包含一串二进制值。通常，一个可执行文件没有结构或意义，除非是由数字计算机一次动态执行，一次一个指令确定的。软件工具为任何已知的代码和数据部分确定一组地址。然后，该工具用于从每个已知代码部分的起始地址开始分解机器指令，以识别其他代码部分和其他数据部分的目标地址。然后分析可以是代码或数据的二进制可执行软件程序的其他部分，以识别附加代码和数据部分。当识别出新的部分时，重复这些步骤，直到没有进一步的代码或数据部分被识别为止。二进制可执行软件程序可以包括多个可执行模块。每个可执行模块的入口地址和由任何调试地址，任何导出地址和任何重定位地址引用和标识的代码部分和数据部分的任何地址被添加到地址集合。然后执行二进制可执行软件程序以动态地识别其他可执行模块，使得该组地址可以进一步扩展。

6. 发明授权

US08601263B1 Storing encrypted objects 有权
公开(公告)号：US08601263B1
公开(公告)日：2013-12-03
申请号：US13110361
申请日：2011-05-18
申请人： Umesh Shankar , Andrei Kulik , Bodo Moller , Sarvar Patel , Brian N. Bershad , David Erb
发明人： Umesh Shankar , Andrei Kulik , Bodo Moller , Sarvar Patel , Brian N. Bershad , David Erb
IPC分类号： H04L29/06
CPC分类号： H04L9/321 , H04L9/0819 , H04L63/0428 , H04L63/101 , H04L63/104 , H04L67/1097 , H04L2463/062
摘要： An encrypted resource is stored in association with an access control list. A request to retrieve the resource is received. The wrapped key and the authentication credentials are sent, from the application server system, to a key server system. An unencrypted version of the resource encryption key is received from the key server system if the key server system determines that the authentication credentials correspond to a user in the group of users identified by the group identifier. The stored encrypted resource is decrypted using the received unencrypted version of the resource encryption key to generate an unencrypted version of the resource. The unencrypted version of the resource is sent, from the application server system, to the client application.

7. 发明授权

US06865735B1 Process for rewriting executable content on a network server or desktop machine in order to enforce site specific properties 失效
标题翻译：在网络服务器或台式机上重写可执行内容的过程，以便强制执行站点特定的属性
公开(公告)号：US06865735B1
公开(公告)日：2005-03-08
申请号：US09168178
申请日：1998-10-07
申请人： Emin Gun Sirer , Brian N. Bershad
发明人： Emin Gun Sirer , Brian N. Bershad
IPC分类号： G06F9/45
CPC分类号： G06F8/52 , G06F21/51 , G06F21/52
摘要： A program or program snippet is rewritten to conform to site-specific properties prior to being executed by a target host. The program or program snippet directed to a target host from a known or unknown source is either intercepted by a server before reaching the target host or can be redirected from the target host to the server to effect its rewriting. The program is parsed in its external representation, converting it to an internal representation that is inspected and analyzed with reference to a site-specific properties database. A summary of the program's properties is then compared to the site-specific properties database by a binary rewriting engine, which produces a rewritten program in an internal representation. If appropriate, the program or program snippet is rewritten to convert it to a format suitable for execution on the target host. Furthermore, certifications may be added to the rewritten program to mark that the rewritten program obeys site-specific constraints. The rewriting service thus produces a program in an appropriate target representation that conforms to site-specific properties. These properties may relate to security, auditing, optimization, monitoring, threading, and/or management of the rewritten program.
摘要翻译：在目标主机执行之前，程序或程序代码段被重写为符合特定于站点的属性。在到达目标主机之前由服务器拦截或者可以将目标主机从目标主机重定向到服务器以实现其重写，从已知或未知来源导向目标主机的程序或程序代码段。该程序以其外部表示方式进行解析，将其转换为内部表示，并通过参考特定于站点的属性数据库进行检查和分析。然后通过二进制重写引擎将程序属性的摘要与特定于站点的属性数据库进行比较，该引擎在内部表示中生成重写的程序。如果适当，程序或程序代码段被重写，以将其转换为适合在目标主机上执行的格式。此外，可以将重新编写的程序添加到重写程序中以标记重写的程序符合特定于站点的约束。因此，重写服务产生符合站点特定属性的适当目标表示中的程序。这些属性可能涉及重写程序的安全性，审计，优化，监控，线程化和/或管理。

8. 发明授权

US06327700B1 Method and system for identifying instrumentation targets in computer programs related to logical transactions 失效
标题翻译：用于识别与逻辑交易相关的计算机程序中的仪表目标的方法和系统
公开(公告)号：US06327700B1
公开(公告)日：2001-12-04
申请号：US09327697
申请日：1999-06-08
申请人： J. Bradley Chen , Brian N. Bershad
发明人： J. Bradley Chen , Brian N. Bershad
IPC分类号： G06F945
CPC分类号： G06F11/3414 , G06F2201/87 , G06F2201/88
摘要： A method and system for identifying sets of instructions within a computer program, execution of which serve as an indicator for processing of a transaction by the computer program and that together comprise a witness set. The witness set may be employed to monitor execution of the computer program and detect processing of the transaction. Witness sets are constructed by iteratively filtering an initial set of instructions based on profile data collected during execution of the computer program.
摘要翻译：一种用于识别计算机程序中的指令集的方法和系统，其执行作为用于由计算机程序处理事务的指标，并且共同构成证人集合。可以使用证人集来监视计算机程序的执行并检测事务的处理。通过基于在执行计算机程序期间收集的简档数据迭代地过滤初始指令集来构建证人集合。

9. 发明授权

US5953534A Environment manipulation for executing modified executable and dynamically-loaded library files 失效
标题翻译：用于执行修改的可执行和动态加载的库文件的环境操作
公开(公告)号：US5953534A
公开(公告)日：1999-09-14
申请号：US996838
申请日：1997-12-23
申请人： Theodore H. Romer , Alastair Wolman , Dennis Chua Lee , Geoffrey Michael Voelker , Brian N. Bershad , John Bradley Chen , Henry M. Levy , Wayne Anthony Wong
发明人： Theodore H. Romer , Alastair Wolman , Dennis Chua Lee , Geoffrey Michael Voelker , Brian N. Bershad , John Bradley Chen , Henry M. Levy , Wayne Anthony Wong
IPC分类号： G06F11/34 , G06F9/445
CPC分类号： G06F11/3466
摘要： A method and procedure for modifying modules comprising a binary executable software program in such a way that, despite the transformations performed and the creation of new versions of the modules, the transformed program appears (to that program, including all of its components) as if it is running in the identical environment as the original program. The environment includes environment variables, the name of the program, the names of all of the dynamically loaded library (DLL) files that the program references, the directory in which the program resides, and the current directory at the time the program started execution. When the program has been transformed, e.g., for the purposes of monitoring or measurement, the environment also includes the effective addresses of data and instruction references made by the program. By employing the present invention, a modified software program will have the same behavior as the original unmodified program from which it is derived, even though it and many of its environment characteristics have been changed.
摘要翻译：一种用于修改包括二进制可执行软件程序的模块的方法和过程，使得尽管执行了转换和创建了新版本的模块，但出现了转换的程序（该程序包括其所有组件），如同它与原始程序在相同的环境中运行。环境包括环境变量，程序名称，程序引用的所有动态加载库（DLL）文件的名称，程序所在的目录以及程序开始执行时的当前目录。当程序已经变换时，例如为了监视或测量的目的，环境还包括由程序作出的数据和指令引用的有效地址。通过采用本发明，修改的软件程序将具有与从其导出的原始未修改程序相同的行为，尽管它和许多其环境特性已被改变。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式