专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08776239B2 In-development vulnerability response management 失效
标题翻译：开发中的漏洞响应管理
公开(公告)号：US08776239B2
公开(公告)日：2014-07-08
申请号：US12787933
申请日：2010-05-26
申请人： Frederik De Keukelaere , Lin Luo , Peter K. Malkin , Masayoshi Teraguchi , Naohiko Uramoto , Shun X. Yang , Sachiko Yoshihama , Yu Zhang
发明人： Frederik De Keukelaere , Lin Luo , Peter K. Malkin , Masayoshi Teraguchi , Naohiko Uramoto , Shun X. Yang , Sachiko Yoshihama , Yu Zhang
IPC分类号： G06F11/00
CPC分类号： G06F11/00
摘要： In-development vulnerability response management, in one aspect, may detect a code instance that matches a vulnerability pattern; generate one or more hints associated with the code instance in response to the detecting; retrieve an action response to the code instance that matches a vulnerability pattern; and associate the retrieved action response with the code instance.
摘要翻译：在一方面，开发中的漏洞响应管理可以检测与漏洞模式匹配的代码实例; 响应于所述检测而生成与所述代码实例相关联的一个或多个提示; 检索与漏洞模式匹配的代码实例的操作响应; 并将检索到的动作响应与代码实例相关联。

2. 发明申请

US20110191855A1 IN-DEVELOPMENT VULNERABILITY RESPONSE MANAGEMENT 失效
标题翻译：发展中的脆弱性反应管理
公开(公告)号：US20110191855A1
公开(公告)日：2011-08-04
申请号：US12787933
申请日：2010-05-26
申请人： Frederik De Keukelaere , Lin Luo , Peter K. Malkin , Masayoshi Teraguchi , Naohiko Uramoto , Shun X. Yang , Sachiko Yoshihama , Yu Zhang
发明人： Frederik De Keukelaere , Lin Luo , Peter K. Malkin , Masayoshi Teraguchi , Naohiko Uramoto , Shun X. Yang , Sachiko Yoshihama , Yu Zhang
IPC分类号： G06F11/00
CPC分类号： G06F11/00
摘要： In-development vulnerability response management, in one aspect, may detect a code instance that matches a vulnerability pattern; generate one or more hints associated with the code instance in response to the detecting; retrieve an action response to the code instance that matches a vulnerability pattern; and associate the retrieved action response with the code instance.
摘要翻译：在一方面，开发中的漏洞响应管理可以检测与漏洞模式匹配的代码实例; 响应于所述检测而生成与所述代码实例相关联的一个或多个提示; 检索与漏洞模式匹配的代码实例的操作响应; 并将检索到的动作响应与代码实例相关联。

3. 发明授权

US08918866B2 Adaptive rule loading and session control for securing network delivered services 有权
标题翻译：用于保护网络传送服务的自适应规则加载和会话控制
公开(公告)号：US08918866B2
公开(公告)日：2014-12-23
申请号：US12493356
申请日：2009-06-29
申请人： Lin Luo , Vugranam C. Sreedhar , Shun X. Yang , Yu Zhang
发明人： Lin Luo , Vugranam C. Sreedhar , Shun X. Yang , Yu Zhang
IPC分类号： H04L29/06
CPC分类号： H04L63/1441 , H04L63/20
摘要： Mechanisms are provided for handling client computing device requests with adaptive rule loading and session control. The mechanisms partition a set of rules, into a plurality of filter sets with each filter set having a different subset of the set of rules and being directed to identifying a different type of attack on a backend application or service. A subset of filter sets is selected to be used to validate client computing device requests received from client computing devices. The selected filter sets are applied to requests and/or responses to requests. The mechanisms dynamically modify which filter sets are included in the subset of filter sets based on an adaptive reinforcement learning operation on results of applying the selected filter sets to the requests and/or responses to requests.
摘要翻译：提供了用于处理具有自适应规则加载和会话控制的客户端计算设备请求的机制。这些机制将一组规则划分成多个过滤器集合，其中每个过滤器集合具有该组规则的不同子集，并被引导以识别对后端应用或服务的不同类型的攻击。选择过滤器集合的子集以用于验证从客户端计算设备接收的客户端计算设备请求。所选择的过滤器集合应用于请求和/或对请求的响应。基于对所请求的请求和/或对请求的响应的结果的自适应强化学习操作，机制动态地修改哪些过滤器集合被包括在过滤器组的子集中。

4. 发明申请

US20100333167A1 Adaptive Rule Loading and Session Control for Securing Network Delivered Services 有权
标题翻译：自适应规则加载和会话控制保护网络交付服务
公开(公告)号：US20100333167A1
公开(公告)日：2010-12-30
申请号：US12493356
申请日：2009-06-29
申请人： Lin Luo , Vugranam C. Sreedhar , Shun X. Yang , Yu Zhang
发明人： Lin Luo , Vugranam C. Sreedhar , Shun X. Yang , Yu Zhang
IPC分类号： H04L29/06 , G06F15/18
CPC分类号： H04L63/1441 , H04L63/20
摘要： Mechanisms are provided for handling client computing device requests with adaptive rule loading and session control. The mechanisms partition a set of rules, into a plurality of filter sets with each filter set having a different subset of the set of rules and being directed to identifying a different type of attack on a backend application or service. A subset of filter sets is selected to be used to validate client computing device requests received from client computing devices. The selected filter sets are applied to requests and/or responses to requests. The mechanisms dynamically modify which filter sets are included in the subset of filter sets based on an adaptive reinforcement learning operation on results of applying the selected filter sets to the requests and/or responses to requests.
摘要翻译：提供了用于处理具有自适应规则加载和会话控制的客户端计算设备请求的机制。这些机制将一组规则划分成多个过滤器集合，其中每个过滤器集合具有该组规则的不同子集，并被引导以识别对后端应用或服务的不同类型的攻击。选择过滤器集合的子集以用于验证从客户端计算设备接收的客户端计算设备请求。所选择的过滤器集合应用于请求和/或对请求的响应。基于对所请求的请求和/或对请求的响应的结果的自适应强化学习操作，机制动态地修改哪些过滤器集合被包括在过滤器组的子集中。

5. 发明授权

US08543869B2 Method and system for reconstructing error response messages under web application environment 有权
标题翻译：在Web应用环境下重建错误响应消息的方法和系统
公开(公告)号：US08543869B2
公开(公告)日：2013-09-24
申请号：US12769845
申请日：2010-04-29
申请人： Bo Gao , Chang Jie Guo , Lin Luo , Shun Xiang Yang , Yu Zhang
发明人： Bo Gao , Chang Jie Guo , Lin Luo , Shun Xiang Yang , Yu Zhang
IPC分类号： G06F11/00
CPC分类号： H04L63/168 , H04L63/1441
摘要： A computer-implemented method and system for reconstructing a response message to an improper accessing request in a web application environment. The method includes: obtaining the URL of a web application to be accessed by the improper accessing request and the error parameter information of the improper accessing request; obtaining a response template based on the obtained URL of the web application to be accessed; and merging the obtained error parameter information of the improper accessing request with the obtained response template to generate a reconstructed response message for the improper accessing request. The system includes: a message obtaining device; a response message template obtaining device; and a response message merging device.
摘要翻译：一种计算机实现的方法和系统，用于在Web应用环境中重建响应消息到不正确的访问请求。该方法包括：获取由不正当访问请求访问的Web应用的URL和不正当访问请求的错误参数信息; 基于所获取的要访问的web应用的URL获取响应模板; 将获得的不正当访问请求的错误参数信息与所获得的响应模板合并，生成用于不正当访问请求的重构响应消息。该系统包括：消息获取装置; 响应消息模板获取装置; 和响应消息合并设备。

6. 发明授权

US08341239B2 Method and system for providing runtime vulnerability defense for cross domain interactions 失效
标题翻译：为交叉域交互提供运行时漏洞防御的方法和系统
公开(公告)号：US08341239B2
公开(公告)日：2012-12-25
申请号：US12546754
申请日：2009-08-25
申请人： Da Ming Hao , Lin Luo , Ye Wang , Yu Zhang
发明人： Da Ming Hao , Lin Luo , Ye Wang , Yu Zhang
IPC分类号： G06F15/16
CPC分类号： H04L63/20 , H04L67/02
摘要： A runtime vulnerability defense method, system, and computer readable article of manufacture tangibly embodying computer readable instructions for executing the method for cross domain interactions for a Web application. The method includes: creating a first and second iFrame object by the Web application which belong to a lower domain; creating an object O by the first iFrame object; sharing the created object O by the second iFrame object; promoting the domain of the second iFrame object to an upper domain; creating in the shared object O a source accessing function for submitting to a third party server a request to access the content of the third party server; and creating in the shared object O a sanitization function for sanitizing the response received from the server.
摘要翻译：运行时漏洞防御方法，系统和计算机可读制品，其有形地体现了用于执行用于Web应用的跨域交互的方法的计算机可读指令。该方法包括：由属于较低域的Web应用程序创建第一和第二iFrame对象; 通过第一个iFrame对象创建一个对象O; 通过第二个iFrame对象共享创建的对象O; 将第二个iFrame对象的域提升到上一个域; 在共享对象O中创建用于向第三方服务器提交访问第三方服务器的内容的请求的源访问功能; 以及在共享对象O中创建用于对从服务器接收的响应进行消毒的消毒功能。

7. 发明授权

US08285778B2 Protecting web application data 失效
标题翻译：保护Web应用程序数据
公开(公告)号：US08285778B2
公开(公告)日：2012-10-09
申请号：US12491647
申请日：2009-06-25
申请人： Ya Bin Dang , Da Ming Hao , Peng Ji , Lin Luo , Yu Zhang
发明人： Ya Bin Dang , Da Ming Hao , Peng Ji , Lin Luo , Yu Zhang
IPC分类号： G06F15/16
CPC分类号： H04L63/123
摘要： A method, system and an article of manufacture tangibly embodying a computer readable program for protecting Web application data between a server and a client. A response created by the Web application for the client is backed up and modified by adding capturing code for capturing a user action, user data of the client, or combination thereof. The modified response is sent to the client and a request submitted by the client and the user action and/or user data captured by the capturing code is received. A verifying request is generated according to the received user action and/user data captured by the capturing code and the backup of the response. The request submitted by the client is verified according to the verifying request and the verified request is sent to the Web application of the server.
摘要翻译：一种有形地体现用于在服务器和客户端之间保护Web应用数据的计算机可读程序的方法，系统和制品。通过添加用于捕获用户动作，客户端的用户数据或其组合的捕获代码来备份和修改由Web应用程序为客户端创建的响应。经修改的响应被发送给客户端，并且接收由客户端提交的请求以及由捕获代码捕获的用户操作和/或用户数据。根据由捕获代码捕获的接收到的用户动作和/用户数据以及响应的备份，生成验证请求。客户端提交的请求将根据验证请求进行验证，并将验证的请求发送到服务器的Web应用程序。

8. 发明申请

US20100049792A1 METHOD AND SYSTEM FOR PROVIDING RUNTIME VULNERABILITY DEFENSE FOR CROSS DOMAIN INTERACTIONS 失效
标题翻译：用于提供跨域互动的运行性漏洞防范的方法和系统
公开(公告)号：US20100049792A1
公开(公告)日：2010-02-25
申请号：US12546754
申请日：2009-08-25
申请人： Da Ming Hao , Lin Luo , Ye Wang , Yu Zhang
发明人： Da Ming Hao , Lin Luo , Ye Wang , Yu Zhang
IPC分类号： G06F9/44 , G06F15/16 , G06F21/00
CPC分类号： H04L63/20 , H04L67/02
摘要： A runtime vulnerability defense method, system, and computer readable article of manufacture tangibly embodying computer readable instructions for executing the method for cross domain interactions for a Web application. The method includes: creating a first and second iFrame object by the Web application which belong to a lower domain; creating an object ◯ by the first iFrame object; sharing the created object ◯ by the second iFrame object; promoting the domain of the second iFrame object to an upper domain; creating in the shared object ◯ a source accessing function for submitting to a third party server a request to access the content of the third party server; and creating in the shared object ◯ a sanitization function for sanitizing the response received from the server.
摘要翻译：运行时漏洞防御方法，系统和计算机可读制品，其有形地体现了用于执行用于Web应用的跨域交互的方法的计算机可读指令。该方法包括：由属于较低域的Web应用程序创建第一和第二iFrame对象; 由第一个iFrame对象创建一个对象◯; 由第二个iFrame对象共享创建的对象◯; 将第二个iFrame对象的域提升到上一个域; 在共享对象中创建◯来源访问功能，用于向第三方服务器提交访问第三方服务器的内容的请求; 并在共享对象中创建◯用于对从服务器接收的响应进行消毒的消毒功能。

9. 发明申请

US20090327411A1 PROTECTING WEB APPLICATION DATA 失效
标题翻译：保护WEB应用数据
公开(公告)号：US20090327411A1
公开(公告)日：2009-12-31
申请号：US12491647
申请日：2009-06-25
申请人： Ya Bin Dang , Da Ming Hao , Peng Ji , Lin Luo , Yu Zhang
发明人： Ya Bin Dang , Da Ming Hao , Peng Ji , Lin Luo , Yu Zhang
IPC分类号： G06F15/16 , G06F12/00 , G06F17/30
CPC分类号： H04L63/123
摘要： A method, system and an article of manufacture tangibly embodying a computer readable program for protecting Web application data between a server and a client. A response created by the Web application for the client is backed up and modified by adding capturing code for capturing a user action, user data of the client, or combination thereof. The modified response is sent to the client and a request submitted by the client and the user action and/or user data captured by the capturing code is received. A verifying request is generated according to the received user action and/user data captured by the capturing code and the backup of the response. The request submitted by the client is verified according to the verifying request and the verified request is sent to the Web application of the server.
摘要翻译：一种有形地体现用于在服务器和客户端之间保护Web应用数据的计算机可读程序的方法，系统和制品。通过添加用于捕获用户动作，客户端的用户数据或其组合的捕获代码来备份和修改由Web应用程序为客户端创建的响应。经修改的响应被发送给客户端，并且接收由客户端提交的请求以及由捕获代码捕获的用户操作和/或用户数据。根据由捕获代码捕获的接收到的用户动作和/用户数据以及响应的备份，生成验证请求。客户端提交的请求将根据验证请求进行验证，并将验证的请求发送到服务器的Web应用程序。

10. 发明申请

US20090300359A1 APPARATUS AND METHOD FOR SECURELY SUBMITTING AND PROCESSING A REQUEST 有权
标题翻译：用于安全提交和处理请求的装置和方法
公开(公告)号：US20090300359A1
公开(公告)日：2009-12-03
申请号：US12473559
申请日：2009-05-28
申请人： Bo Gao , Lin Luo , Shun Xiang Yang , Yu Zhang
发明人： Bo Gao , Lin Luo , Shun Xiang Yang , Yu Zhang
IPC分类号： G06F21/00 , H04L9/32
CPC分类号： H04L63/068 , H04L63/1441
摘要： An apparatus and a method for securely submitting a request and an apparatus and a method for securely processing a request. The apparatus for securely submitting a request includes a request pre-submitting component and a request confirmation component. The request pre-submitting component sends a request with a unique identifier to a server and sends an alarm message containing the unique identifier and a request description to the request confirmation component. The request confirmation component contains a key inaccessible to other components in a client. It pops up a request confirmation window, on which the request description is displayed, in response to the alarm message and generates a request confirmation message associated with the request by using the key and the unique identifier.
摘要翻译：用于安全地提交请求的装置和方法，以及用于安全地处理请求的装置和方法。用于安全地提交请求的装置包括请求提交组件和请求确认组件。请求预提交组件向服务器发送具有唯一标识符的请求，并向请求确认组件发送包含唯一标识符和请求描述的警报消息。请求确认组件包含客户机中其他组件无法访问的密钥。它响应于该报警消息弹出显示请求描述的请求确认窗口，并通过使用密钥和唯一标识符生成与该请求相关联的请求确认消息。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式