会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 3. 发明授权
    • Enterprise security assessment sharing
    • 企业安全评估共享
    • US08959568B2
    • 2015-02-17
    • US11724061
    • 2007-03-14
    • Efim HudisYair HelmanJoseph MalkaUri Barash
    • Efim HudisYair HelmanJoseph MalkaUri Barash
    • G06F11/00
    • H04L63/20G06F21/552G06F21/577H04L41/0803H04L41/0893H04L63/1425
    • An enterprise-wide sharing arrangement uses a semantic abstraction, called a security assessment, to share security-related information between different security products, called endpoints. A security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information that is collected about an object of interest. Its tentative nature is reflected in two of its components: a fidelity field used to express the level of confidence in the assessment, and a time-to-live field for an estimated time period for which the assessment is valid. Endpoints may publish security assessments onto a security assessment channel, as well as subscribe to a subset of security assessments published by other endpoints. A specialized endpoint is coupled to the channel that performs as a centralized audit point by subscribing to all security assessments, logging the security assessments, and also logging the local actions taken by endpoints in response to security threats.
    • 企业级共享安排使用称为安全评估的语义抽象来共享称为端点的不同安全产品之间的安全相关信息。 安全评估被定义为由更广泛的语境意义的端点对关于感兴趣的对象收集的信息的暂时分配。 其暂定性质体现在其两个组成部分:用于表达对评估的信心程度的忠实领域,以及评估有效的估计时间段的实时生存领域。 端点可以将安全评估发布到安全评估通道上,并订阅其他端点发布的安全评估子集。 通过订阅所有安全性评估,记录安全性评估以及记录端点响应安全威胁所采取的本地操作,专用端点与作为集中审核点执行的通道相连。
    • 4. 发明授权
    • Endpoint enabled for enterprise security assessment sharing
    • 端点启用企业安全评估共享
    • US08955105B2
    • 2015-02-10
    • US11724060
    • 2007-03-14
    • Efim HudisYair HelmanJoseph MalkaUri Barash
    • Efim HudisYair HelmanJoseph MalkaUri Barash
    • G06F11/00
    • H04L63/20H04L63/02
    • An enterprise-wide sharing arrangement uses a semantic abstraction, called a security assessment, to share security-related information between security products, called endpoints. A security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information that is collected about an object of interest. Endpoints utilize an architecture that comprises a common assessment sharing agent and a common assessment generating agent. The common assessment sharing agent is arranged for subscribing to security assessments, publishing security assessments onto a channel, maintaining an awareness of configuration changes on the channel (e.g., when a new endpoint is added or removed), and implementing security features like authorization, authentication and encryption. A common assessment generating engine handles endpoint behavior associated with a security assessment including assessment generation, cancellation, tracking, and rolling-back actions based on assessments that have expired. The common assessment generating engine generates and transmits messages that indicate which local actions are taken.
    • 企业范围的共享安排使用称为安全评估的语义抽象来在名为端点的安全产品之间共享安全相关信息。 安全评估被定义为由更广泛的语境意义的端点对关于感兴趣的对象收集的信息的暂时分配。 端点使用包含通用评估共享代理和公共评估生成代理的架构。 共同评估共享代理被安排用于订阅安全性评估,向安全评估发布安全评估,保持对通道上配置更改的意识(例如,添加或删除新端点时),并实施安全功能,如授权,验证 和加密。 常见的评估生成引擎处理与安全评估相关联的端点行为,包括基于已过期的评估的评估生成,取消,跟踪和回滚操作。 公共评估产生引擎生成并发送指示采取哪些本地动作的消息。
    • 5. 发明申请
    • Endpoint enabled for enterprise security assessment sharing
    • 端点启用企业安全评估共享
    • US20080229414A1
    • 2008-09-18
    • US11724060
    • 2007-03-14
    • Efim HudisYair HelmanJoseph MalkaUri Barash
    • Efim HudisYair HelmanJoseph MalkaUri Barash
    • G06F15/00
    • H04L63/20H04L63/02
    • An enterprise-wide sharing arrangement uses a semantic abstraction, called a security assessment, to share security-related information between security products, called endpoints. A security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information that is collected about an object of interest. Endpoints utilize an architecture that comprises a common assessment sharing agent and a common assessment generating agent. The common assessment sharing agent is arranged for subscribing to security assessments, publishing security assessments onto a channel, maintaining an awareness of configuration changes on the channel (e.g., when a new endpoint is added or removed), and implementing security features like authorization, authentication and encryption. A common assessment generating engine handles endpoint behavior associated with a security assessment including assessment generation, cancellation, tracking, and rolling-back actions based on assessments that have expired. The common assessment generating engine generates and transmits messages that indicate which local actions are taken.
    • 企业范围的共享安排使用称为安全评估的语义抽象来在名为端点的安全产品之间共享安全相关信息。 安全评估被定义为由更广泛的语境意义的端点对关于感兴趣的对象收集的信息的暂时分配。 端点使用包含通用评估共享代理和公共评估生成代理的架构。 共同评估共享代理被安排用于订阅安全性评估,向安全评估发布安全评估,保持对通道上配置更改的意识(例如,添加或删除新端点时),并实施安全功能,如授权,验证 和加密。 常见的评估生成引擎处理与安全评估相关联的端点行为,包括基于已过期的评估的评估生成,取消,跟踪和回滚操作。 公共评估产生引擎生成并发送指示采取哪些本地动作的消息。
    • 6. 发明授权
    • Adaptive data collection for root-cause analysis and intrusion detection
    • 根本原因分析和入侵检测的自适应数据收集
    • US08413247B2
    • 2013-04-02
    • US11717978
    • 2007-03-14
    • Efim HudisYair HelmanJoseph MalkaUri Barash
    • Efim HudisYair HelmanJoseph MalkaUri Barash
    • G06F21/00
    • H04L63/1433G06F21/552
    • Endpoints in an enterprise security environment are configured to adaptively switch from their normal data collection mode to a long-term, detailed data collection mode where advanced analyses are applied to the collected detailed data. Such adaptive data collection and analysis is triggered upon the receipt of a security assessment of a particular type, where a security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information (i.e., data in some context) that is collected about an object of interest. A specialized endpoint is coupled to the security assessment channel and performs as a centralized audit point by subscribing to all security assessments, logging the security assessments, and also logging the local actions taken by endpoints in response to detected security incidents in the environment. The specialized endpoint is arranged to perform various analyses and processes on historical security assessments.
    • 企业安全环境中的端点被配置为自适应地从其正常的数据收集模式切换到长期的,详细的数据收集模式,其中对所收集的详细数据应用高级分析。 这种自适应数据收集和分析是在接收到特定类型的安全评估时触发的,其中安全性评估被定义为由更广泛的语境意义的端点对收集到的信息(即某些上下文中的数据)的暂时分配 关于感兴趣的对象。 专用端点耦合到安全评估通道,并通过订阅所有安全评估,记录安全性评估以及记录端点响应于环境中检测到的安全事件而采取的本地操作,作为集中审核点执行。 安排专门的终端,对历史安全评估进行各种分析和处理。
    • 7. 发明申请
    • Enterprise security assessment sharing
    • 企业安全评估共享
    • US20080229422A1
    • 2008-09-18
    • US11724061
    • 2007-03-14
    • Efim HudisYair HelmanJoseph MalkaUri Barash
    • Efim HudisYair HelmanJoseph MalkaUri Barash
    • G06F11/00
    • H04L63/20G06F21/552G06F21/577H04L41/0803H04L41/0893H04L63/1425
    • An enterprise-wide sharing arrangement uses a semantic abstraction, called a security assessment, to share security-related information between different security products, called endpoints. A security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information that is collected about an object of interest. Its tentative nature is reflected in two of its components: a fidelity field used to express the level of confidence in the assessment, and a time-to-live field for an estimated time period for which the assessment is valid. Endpoints may publish security assessments onto a security assessment channel, as well as subscribe to a subset of security assessments published by other endpoints. A specialized endpoint is coupled to the channel that performs as a centralized audit point by subscribing to all security assessments, logging the security assessments, and also logging the local actions taken by endpoints in response to security threats.
    • 企业级共享安排使用称为安全评估的语义抽象来共享称为端点的不同安全产品之间的安全相关信息。 安全评估被定义为由更广泛的语境意义的端点对关于感兴趣的对象收集的信息的暂时分配。 其暂定性质体现在其两个组成部分:用于表达对评估的信心程度的忠实领域,以及评估有效的估计时间段的实时生存领域。 端点可以将安全评估发布到安全评估通道上,并订阅其他端点发布的安全评估子集。 通过订阅所有安全性评估,记录安全性评估以及记录端点响应安全威胁所采取的本地操作,专用端点与作为集中审核点执行的通道相连。
    • 8. 发明申请
    • Adaptive data collection for root-cause analysis and intrusion detection
    • 根本原因分析和入侵检测的自适应数据收集
    • US20080229421A1
    • 2008-09-18
    • US11717978
    • 2007-03-14
    • Efim HudisYair HelmanJoseph MalkaUri Barash
    • Efim HudisYair HelmanJoseph MalkaUri Barash
    • G06F11/00
    • H04L63/1433G06F21/552
    • Endpoints in an enterprise security environment are configured to adaptively switch from their normal data collection mode to a long-term, detailed data collection mode where advanced analyses are applied to the collected detailed data. Such adaptive data collection and analysis is triggered upon the receipt of a security assessment of a particular type, where a security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information (i.e., data in some context) that is collected about an object of interest. A specialized endpoint is coupled to the security assessment channel and performs as a centralized audit point by subscribing to all security assessments, logging the security assessments, and also logging the local actions taken by endpoints in response to detected security incidents in the environment. The specialized endpoint is arranged to perform various analyses and processes on historical security assessments.
    • 企业安全环境中的端点被配置为自适应地从其正常的数据收集模式切换到长期的,详细的数据收集模式,其中对所收集的详细数据应用高级分析。 这种自适应数据收集和分析是在接收到特定类型的安全评估时触发的,其中安全性评估被定义为由更广泛的语境意义的端点对收集到的信息(即某些上下文中的数据)的暂时分配 关于感兴趣的对象。 专用端点耦合到安全评估通道,并通过订阅所有安全评估,记录安全性评估以及记录端点响应于环境中检测到的安全事件而采取的本地操作,作为集中审核点执行。 安排专门的终端,对历史安全评估进行各种分析和处理。
    • 9. 发明授权
    • Incremental filtering in a persistent query system
    • 持续查询系统中的增量过滤
    • US06505190B1
    • 2003-01-07
    • US09606431
    • 2000-06-28
    • Dov HarelYair HelmanUri Barash
    • Dov HarelYair HelmanUri Barash
    • G06F1730
    • G06F17/30699G06F17/30693Y10S707/99932
    • A system and method track changes to a document and analyze the changes to the document against a set of predefined queries without re-analyzing the entire document. Hence, after a document has been processed in the system (i.e., had its terms matched against the set of predefined queries), only a small subset of the document needs to be reprocessed and analyzed after changes (i.e., edits) are made. The analysis of the small subset is accomplished by maintaining an incremental-results data set for each document. The incremental-results data set is much smaller than the actual document, only comprising a set of unique words found in a document. After a document is changed, only the words deleted or added to the changed portion are used to update the incremental-results data set.
    • 系统和方法跟踪文档的更改,并根据一组预定义查询分析文档的更改,而无需重新分析整个文档。 因此,在系统中处理了文档(即,其术语与预定义查询集合匹配)之后,在进行改变(即,编辑)之后,仅需要对文档的一小部分进行再处理和分析。 通过维护每个文档的增量结果数据集来实现小子集的分析。 增量结果数据集远小于实际文档,只包含文档中找到的一组唯一字。 更改文档后,仅使用删除或添加到更改的部分的单词来更新增量结果数据集。