专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08429734B2 Method for detecting DNS redirects or fraudulent local certificates for SSL sites in pharming/phishing schemes by remote validation and using a credential manager and recorded certificate attributes 有权
标题翻译：通过远程验证和使用凭证管理器和记录的证书属性来检测PHP /网络钓鱼方案中的SSL站点的DNS重定向或欺诈性本地证书的方法
公开(公告)号：US08429734B2
公开(公告)日：2013-04-23
申请号：US11831843
申请日：2007-07-31
申请人： Paul Agbabian , William E. Sobel , Bruce McCorkendale
发明人： Paul Agbabian , William E. Sobel , Bruce McCorkendale
IPC分类号： G06F21/00
CPC分类号： H04L63/1416 , H04L63/0823 , H04L63/166
摘要： Certificate information associated with a received certificate, such as a Secure Sockets Layer (SSL) certificate is stored in a trusted local cache and/or in one or more remote trusted sources, such as a single remote trusted source and/or a trusted peer network. When a site certificate is received on a host computer system, certificate information associated with the received site certificate is obtained and compared with the stored certificate information to determine whether or not the site certificate indicates malicious activity, such as a malicious DNS redirection or a fraudulent local certificate. When a site certificate is not found indicative of malicious activity, the site certificate is released. Alternatively, when a site certificates is found indicative of malicious activity protective action is taken. In some embodiments, a user's log-in credentials are automatically obtained from a trusted local cache and automatically submitted to a web site.
摘要翻译：与接收到的证书（例如安全套接字层（SSL））证书相关联的证书信息被存储在受信任的本地高速缓存和/或一个或多个远程可信源中，诸如单个远程可信源和/或可信对等网络。当在主机系统上接收到站点证书时，获得与接收到的站点证书相关联的证书信息，并将其与存储的证书信息进行比较，以确定站点证书是否指示恶意活动，例如恶意DNS重定向或欺诈本地证书。当找不到指示恶意活动的站点证书时，将发布站点证书。或者，当发现指示恶意行为的现场证书时，采取保护措施。在一些实施例中，从受信任的本地高速缓存自动地获得用户的登录凭证并自动提交给网站。

2. 发明申请

US20090037997A1 METHOD FOR DETECTING DNS REDIRECTS OR FRAUDULENT LOCAL CERTIFICATES FOR SSL SITES IN PHARMING/PHISHING SCHEMES BY REMOTE VALIDATION AND USING A CREDENTIAL MANAGER AND RECORDED CERTIFICATE ATTRIBUTES 有权
标题翻译：通过远程验证和使用经认证的管理人员和记录的证书属性来检测DNS重定向或欺诈性的本地证书，用于药品/打印方案中的SSL站点
公开(公告)号：US20090037997A1
公开(公告)日：2009-02-05
申请号：US11831843
申请日：2007-07-31
申请人： Paul Agbabian , William E. Sobel , Bruce McCorkendale
发明人： Paul Agbabian , William E. Sobel , Bruce McCorkendale
IPC分类号： H04L9/32
CPC分类号： H04L63/1416 , H04L63/0823 , H04L63/166
摘要： Certificate information associated with a received certificate, such as a Secure Sockets Layer (SSL) certificate is stored in a trusted local cache and/or in one or more remote trusted sources, such as a single remote trusted source and/or a trusted peer network. When a site certificate is received on a host computer system, certificate information associated with the received site certificate is obtained and compared with the stored certificate information to determine whether or not the site certificate indicates malicious activity, such as a malicious DNS redirection or a fraudulent local certificate. When a site certificate is not found indicative of malicious activity, the site certificate is released. Alternatively, when a site certificates is found indicative of malicious activity protective action is taken. In some embodiments, a user's log-in credentials are automatically obtained from a trusted local cache and automatically submitted to a web site.
摘要翻译：与接收到的证书（例如安全套接字层（SSL））证书相关联的证书信息被存储在受信任的本地高速缓存和/或一个或多个远程可信源中，诸如单个远程可信源和/或可信对等网络。当在主机系统上接收到站点证书时，获得与接收到的站点证书相关联的证书信息，并将其与存储的证书信息进行比较，以确定站点证书是否指示恶意活动，例如恶意DNS重定向或欺诈本地证书。当找不到指示恶意活动的站点证书时，将发布站点证书。或者，当发现指示恶意行为的现场证书时，采取保护措施。在一些实施例中，从受信任的本地高速缓存自动地获得用户的登录凭证并自动提交给网站。

3. 发明授权

US08104083B1 Virtual machine file system content protection system and method 有权
标题翻译：虚拟机文件系统内容保护系统及方法
公开(公告)号：US08104083B1
公开(公告)日：2012-01-24
申请号：US12059622
申请日：2008-03-31
申请人： William E. Sobel , Bruce McCorkendale , Paul Agbabian
发明人： William E. Sobel , Bruce McCorkendale , Paul Agbabian
IPC分类号： G06F7/04 , G06F12/14 , G06F12/00 , G06F13/00
CPC分类号： G06F21/53 , G06F9/4401 , G06F9/45558 , G06F21/56 , G06F2009/45579
摘要： A method includes creating a first virtual machine comprising a remote file system. The method further includes causing all input/output from a second virtual machine to be redirected to the remote file system, the first virtual machine and the second virtual machine being on a single physical computer. The file system is securely protected from any malicious code executing on the second virtual machine by the hardware enforced partitioning between the first virtual machine and the second virtual machine.
摘要翻译：一种方法包括创建包括远程文件系统的第一虚拟机。该方法还包括使得来自第二虚拟机的所有输入/输出被重定向到远程文件系统，第一虚拟机和第二虚拟机位于单个物理计算机上。通过在第一虚拟机和第二虚拟机之间的硬件强制分区，文件系统被安全地保护免受在第二虚拟机上执行的任何恶意代码。

4. 发明授权

US09450960B1 Virtual machine file system restriction system and method 有权
标题翻译：虚拟机文件系统限制系统及方法
公开(公告)号：US09450960B1
公开(公告)日：2016-09-20
申请号：US12265157
申请日：2008-11-05
申请人： Bruce McCorkendale , William E. Sobel
发明人： Bruce McCorkendale , William E. Sobel
IPC分类号： H04L29/06
CPC分类号： H04L63/10 , G06F21/53 , G06F21/568 , G06F21/6218 , H04L63/102 , H04L63/1416
摘要： A method includes creating a virtual machine including a remote file system, a file system service, and a security application. Access to the remote file system is restricted with the security application upon an unknown malicious code outbreak. The more that is known about the threat, the more precise are the restrictions placed upon the file system thus reducing the impact on users of the file system to an absolute minimum.
摘要翻译：一种方法包括创建包括远程文件系统，文件系统服务和安全应用程序的虚拟机。在未知的恶意代码爆发时，访问远程文件系统受到安全应用程序的限制。对威胁的了解越多，对文件系统的限制越准确，从而将对文件系统的用户的影响降到绝对最小。

5. 发明授权

US08706745B1 Systems and methods for determining a file set 有权
标题翻译：用于确定文件集的系统和方法
公开(公告)号：US08706745B1
公开(公告)日：2014-04-22
申请号：US12130839
申请日：2008-05-30
申请人： Shaun Cooley , William E. Sobel , Bruce McCorkendale
发明人： Shaun Cooley , William E. Sobel , Bruce McCorkendale
IPC分类号： G06F7/00 , G06F17/30
CPC分类号： G06F21/564
摘要： A computer-implemented method for determining a file set may include identifying a file set and identifying a key file for the file set. The method may also include transmitting a key-file identifier to a second computing system. A first computing system may receive first and second file identifiers from a second computing system. The first computing system may determine whether the file set comprises a file identified by the first file identifier, and whether the file set comprises a file identified by the second file identifier. The method also includes transmitting a result of the determination to the second computing system. A method for determining a file set on a second computing device is also disclosed. Corresponding systems and computer-readable media are also disclosed.
摘要翻译：用于确定文件集的计算机实现的方法可以包括识别文件集并且识别文件集的密钥文件。该方法还可以包括将密钥文件标识符发送到第二计算系统。第一计算系统可以从第二计算系统接收第一和第二文件标识符。第一计算系统可以确定文件集是否包括由第一文件标识符标识的文件，以及文件集是否包括由第二文件标识符标识的文件。该方法还包括将确定的结果发送给第二计算系统。还公开了一种用于确定在第二计算设备上的文件集的方法。还公开了相应的系统和计算机可读介质。

6. 发明授权

US08578006B2 Enabling selective policy driven propagation of configuration elements between and among a host and a plurality of guests 有权
标题翻译：启用主机和多个客户端之间的配置元素的选择性策略驱动的传播
公开(公告)号：US08578006B2
公开(公告)日：2013-11-05
申请号：US13074850
申请日：2011-03-29
申请人： William E. Sobel , Bruce McCorkendale
发明人： William E. Sobel , Bruce McCorkendale
IPC分类号： G06F15/173
CPC分类号： G06F9/44505
摘要： Configuration elements are selectively propagated between a host and multiple guests, based on a policy. Configuration elements of the host and guests are monitored. Changes made to monitored configuration elements are detected. It is determined whether to propagate changed configuration elements between operating system environments based on the policy. It can be determined to propagate changed configuration element(s) from a source to one or more destinations in response to factors such as the identity and/or classification of the source, or the type, attribute(s), content and/or identity of the changed configuration element(s). The creation of new guests is detected. In response, at least one configuration element from at least one source is automatically propagated to a newly created guest.
摘要翻译：基于策略，配置元素在主机和多个客户端之间选择性地传播。监控主机和客户端的配置元素。检测到对受监视的配置元素进行的更改。根据策略确定是否在操作系统环境之间传播已更改的配置元素。响应于诸如源的身份和/或分类或类型，属性，内容和/或身份的因素，可以确定将更改的配置元素从源传播到一个或多个目的地的更改的配置元素。检测到新客人的创建。作为响应，来自至少一个源的至少一个配置元素被自动传播到新创建的访客。

7. 发明授权

US08434073B1 Systems and methods for preventing exploitation of byte sequences that violate compiler-generated alignment 有权
标题翻译：防止使用违反编译器生成的对齐方式的字节序列的系统和方法
公开(公告)号：US08434073B1
公开(公告)日：2013-04-30
申请号：US12263739
申请日：2008-11-03
申请人： Sourabh Satish , Bruce McCorkendale , William E. Sobel
发明人： Sourabh Satish , Bruce McCorkendale , William E. Sobel
IPC分类号： G06F9/44 , G06F9/45 , G06F9/445 , G06F12/00 , G06F12/14
CPC分类号： G06F21/54
摘要： An exemplary method for preventing exploitation of byte sequences that violate compiler-generated instruction alignment may comprise: 1) identifying instantiation of a process, 2) identifying an address space associated with the process, 3) identifying, within the address space associated with the process, at least one control-transfer instruction, 4) determining that at least one byte preceding the control-transfer instruction is capable of resulting in an out-of-alignment instruction, and then 5) preventing the control-transfer instruction from being executed. In one example, the system may prevent the control-transfer instruction from being executed by inserting a hook in place of the intended instruction that executes the intended instruction and then returns control flow back to the instantiated process. Corresponding systems and computer-readable media are also disclosed.
摘要翻译：用于防止违反编译器生成的指令对准的字节序列的示例性方法可以包括：1）识别过程的实例化，2）识别与该过程相关联的地址空间，3）在与该过程相关联的地址空间内识别，至少一个控制传输指令，4）确定控制传输指令之前的至少一个字节能够导致不对齐指令，然后5）防止执行控制传输指令。在一个示例中，系统可以通过插入钩来代替执行预期指令的预期指令来防止控制传输指令被执行，然后将控制流程返回到实例化的进程。还公开了相应的系统和计算机可读介质。

8. 发明授权

US08281363B1 Methods and systems for enforcing network access control in a virtual environment 有权
标题翻译：在虚拟环境中执行网络访问控制的方法和系统
公开(公告)号：US08281363B1
公开(公告)日：2012-10-02
申请号：US12059725
申请日：2008-03-31
申请人： Brian Hernacki , Bruce McCorkendale , William E. Sobel
发明人： Brian Hernacki , Bruce McCorkendale , William E. Sobel
IPC分类号： H04L29/06
CPC分类号： H04L29/08846 , G06F2009/45595 , H04L61/2038
摘要： A computer-implemented method may include receiving a request to access a network. The request may be sent from a virtual machine. The method may also include proxying the request to a network-access-control module, receiving a response from the network-access-control module, and transmitting the response to the virtual machine. Proxying the request to the network-access-control module may include assigning the virtual machine a virtual identifier. Proxying the request may also include creating a temporary interface. The temporary interface may be programmed to receive the response from the network-access-control module and transmit the response to the virtual machine. Various other methods, systems, and computer-readable media are also disclosed herein.
摘要翻译：计算机实现的方法可以包括接收访问网络的请求。请求可以从虚拟机发送。该方法还可以包括向网络访问控制模块代理请求，从网络访问控制模块接收响应，以及将响应发送到虚拟机。向网络访问控制模块代理请求可以包括为虚拟机分配虚拟标识符。代理请求还可以包括创建临时接口。临时接口可以被编程为从网络访问控制模块接收响应并将响应发送到虚拟机。本文还公开了各种其它方法，系统和计算机可读介质。

9. 发明授权

US08171256B1 Systems and methods for preventing subversion of address space layout randomization (ASLR) 有权
标题翻译：防止地址空间布局随机化（ASLR）颠覆的系统和方法
公开(公告)号：US08171256B1
公开(公告)日：2012-05-01
申请号：US12340968
申请日：2008-12-22
申请人： Sourabh Satish , William E. Sobel , Bruce McCorkendale
发明人： Sourabh Satish , William E. Sobel , Bruce McCorkendale
IPC分类号： G06F12/00 , G06F11/00 , G06F12/14 , G06F12/16
CPC分类号： G06F21/52
摘要： A method for preventing subversion of address space layout randomization (ASLR) in a computing device is described. An unverified module attempting to load into an address space of memory of the computing device is intercepted. Attributes associated with the unverified module are analyzed. A determination is made, based on the analyzed attributes, whether a probability exists that the unverified module will be loaded into a number of address spaces that exceeds a threshold. The unverified module is prevented from loading into the address space if the probability exists that the unverified module will be loaded into a number of address spaces that exceeds the threshold.
摘要翻译：描述了一种用于防止计算设备中的地址空间布局随机化（ASLR）的颠覆的方法。试图加载到计算设备的存储器的地址空间中的未验证的模块被截取。分析与未验证模块相关联的属性。基于分析的属性确定是否存在将未验证的模块加载到超过阈值的多个地址空间的概率。如果未验证的模块将被加载到超过阈值的多个地址空间的概率存在，则未经验证的模块被阻止加载到地址空间中。

10. 发明授权

US08001049B2 Data submission for anti-fraud context evaluation 有权
标题翻译：数据提交反欺诈情境评估
公开(公告)号：US08001049B2
公开(公告)日：2011-08-16
申请号：US11860686
申请日：2007-09-25
申请人： William E. Sobel , Bruce McCorkendale
发明人： William E. Sobel , Bruce McCorkendale
IPC分类号： G06Q40/00
CPC分类号： G06Q20/403 , G06Q20/04 , G06Q20/40 , G06Q40/12
摘要： Contextual data is gathered about a user's known location and/or about a user's expected location and generates contextual indicators based on at least a portion of the gathered contextual data. The contextual indicators are provided to one or more relying parties, such as an anti-fraud system to allow the anti-fraud system to more effectively determine the validity of transactions associated with the user, such as credit card transactions associated with the user's credit card.
摘要翻译：收集关于用户的已知位置和/或关于用户的预期位置的上下文数据，并且基于所收集的上下文数据的至少一部分来生成上下文指示符。上下文指标被提供给一个或多个依赖方，例如反欺诈系统，以允许反欺诈系统更有效地确定与用户相关联的交易的有效性，诸如与用户的信用卡相关联的信用卡交易。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式