专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08065725B2 Systems and methods for enhanced network security 有权
标题翻译：增强网络安全性的系统和方法
公开(公告)号：US08065725B2
公开(公告)日：2011-11-22
申请号：US10543600
申请日：2003-05-30
申请人： Yuliang Zheng , Lawrence Chin Shiun Teo
发明人： Yuliang Zheng , Lawrence Chin Shiun Teo
IPC分类号： G06F12/14
CPC分类号： H04L63/1408 , H04L63/0823 , H04L63/105 , H04L63/123 , H04L63/1416 , H04L63/1491 , H04L2463/141
摘要： Systems and methods for an information system security infrastructure are described. One embodiment of the present invention comprises global Internet-scale defense infrastructure, referred to as the Intrusion Detection Force (IDF). The IDF comprises a virtual infrastructure implemented on top of an existing network, such as the Internet. The IDF enables secure information sharing and intelligent data analysis and response. The node (e.g. 102 of FIG. 1) is the most primitive entity in the IDF architecture, and may be a switch, router, server, or workstation. The IDF may be implemented in small networks of computers or may be utilized by millions of hosts throughout the Internet, spanning different organizations, countries, and continents.
摘要翻译：描述了信息系统安全基础设施的系统和方法。本发明的一个实施例包括被称为入侵检测力（IDF）的全球因特网规模防御基础设施。 IDF包括在现有网络（例如因特网）之上实现的虚拟基础设施。 IDF实现安全的信息共享和智能数据分析和响应。节点（例如，图1的102）是IDF架构中最原始的实体，并且可以是交换机，路由器，服务器或工作站。 IDF可以在小型计算机网络中实现，或者可以由跨越不同组织，国家和大陆的互联网上的数百万个主机使用。

2. 发明授权

US07725710B2 Authentication system for networked computer applications 有权
标题翻译：联网计算机应用的认证系统
公开(公告)号：US07725710B2
公开(公告)日：2010-05-25
申请号：US11400683
申请日：2006-04-07
申请人： Edward R. Kelly , Christopher Wayne Howser , Jonathan Francis Savage , Yuliang Zheng
发明人： Edward R. Kelly , Christopher Wayne Howser , Jonathan Francis Savage , Yuliang Zheng
IPC分类号： H04L29/06 , H04L9/32
CPC分类号： H04L63/0807 , H04L63/0209 , H04L63/0428 , H04L63/0815 , H04L63/126
摘要： A system such as in a networked computer system comprising a user, an application server, a gatekeeper server and an authentication server. Communication within the system is managed by the gatekeeper server, wherein the user communicates with the authentication server and the application server through the gatekeeper server. Once the user has been initially authenticated by the authentication server, the user may request application services from a plurality of application servers within the networked computer system without having to be re-authenticated.
摘要翻译：诸如在包括用户，应用服务器，网守服务器和认证服务器的联网计算机系统中的系统。系统内的通信由网守服务器管理，其中用户通过网守服务器与认证服务器和应用服务器进行通信。一旦用户已被认证服务器初始认证，用户可以从联网的计算机系统内的多个应用服务器请求应用服务，而不必重新认证。

3. 发明申请

US20060206615A1 Systems and methods for dynamic and risk-aware network security 审中-公开
标题翻译：动态和风险感知网络安全的系统和方法
公开(公告)号：US20060206615A1
公开(公告)日：2006-09-14
申请号：US10553306
申请日：2003-05-30
申请人： Yuliang Zheng , Lawrence Teo , Gail-Joon Ahn
发明人： Yuliang Zheng , Lawrence Teo , Gail-Joon Ahn
IPC分类号： G06F15/16
CPC分类号： H04L63/0227 , H04L63/102 , H04L63/1408 , H04L63/145
摘要： Systems and methods for dynamic and risk-aware network security are described. In one embodiment, a system dynamically assesses whether a connection over a communications medium (102) is anomalous (suspicious, malicious, deviating from normal behavior, fits a certain profile or pattern, or has the potential to be any one of these) and generates an appropriate response depending on whether the connection is deemed to be normal or anomalous for a specified period of time. The types of responses include, but are not limited to, blocking the source of the connection from connecting to its intended destination, altering the destination of the connection, auditing the connection, or any combination of these.
摘要翻译：描述了动态和风险感知网络安全的系统和方法。在一个实施例中，系统动态地评估通信介质（102）上的连接是否是异常的（可疑的，恶意的，偏离正常的行为，适合于特定的配置文件或模式，或者具有这些的任何一个），并产生取决于连接是否被认为是正常的或在指定的时间段内是异常的适当的响应。响应的类型包括但不限于阻止连接源连接到其预定目的地，更改连接的目的地，审核连接或其连接的任何组合。

4. 发明申请

US20050152542A1 Public key encryption for groups 有权
标题翻译：组的公钥加密
公开(公告)号：US20050152542A1
公开(公告)日：2005-07-14
申请号：US11022491
申请日：2004-12-22
申请人： Yuliang Zheng , Luis Suarez
发明人： Yuliang Zheng , Luis Suarez
IPC分类号： G06F11/30 , G06F12/14 , H04K1/00 , H04L9/00
CPC分类号： H04L9/0833 , H04L9/302 , H04L9/3213 , H04L2209/56
摘要： A system is comprised of a user and a group, wherein the group is comprised of a group leader and a group of M members where M is equal to or greater than one. The group leader generates a group public key and a group leader “master” private key. The group leader creates a personalized watermarked or decryption key, also referred to as an individual private key, for each group member. The individual private key uniquely identifies each group member. The group leader distributes the individual private keys to each of the group members. Each group member receives from a user a message encrypted using the group public key. Each of the group members uses its individual private key to decrypt the encrypted message sent by the user to the group.
摘要翻译：系统由用户和组组成，其中组由组长和M成员组合组成，其中M等于或大于1。小组组长生成组公钥和组长“主”私钥。组长为每个组成员创建一个个性化的加密或解密密钥，也称为单独的私钥。单个私钥唯一标识每个组成员。组长将各个私钥分配给每个组成员。每个组成员从用户接收使用组公钥加密的消息。每个组成员使用其各自的私钥来解密用户发送给该组的加密消息。

5. 发明授权

US07860243B2 Public key encryption for groups 有权
标题翻译：组的公钥加密
公开(公告)号：US07860243B2
公开(公告)日：2010-12-28
申请号：US11022491
申请日：2004-12-22
申请人： Yuliang Zheng , Luis Antonio Suarez
发明人： Yuliang Zheng , Luis Antonio Suarez
IPC分类号： H04K1/00
CPC分类号： H04L9/0833 , H04L9/302 , H04L9/3213 , H04L2209/56
摘要： A system is comprised of a user and a group, wherein the group is comprised of a group leader and a group of M members where M is equal to or greater than one. The group leader generates a group public key and a group leader “master” private key. The group leader creates a personalized watermarked or decryption key, also referred to as an individual private key, for each group member. The individual private key uniquely identifies each group member. The group leader distributes the individual private keys to each of the group members. Each group member receives from a user a message encrypted using the group public key. Each of the group members uses its individual private key to decrypt the encrypted message sent by the user to the group.
摘要翻译：系统由用户和组组成，其中组由组长和M成员组合组成，其中M等于或大于1。小组组长生成组公钥和组长“主”私钥。组长为每个组成员创建一个个性化的加密或解密密钥，也称为单独的私钥。单个私钥唯一标识每个组成员。组长将各个私钥分配给每个组成员。每个组成员从用户接收使用组公钥加密的消息。每个组成员使用其各自的私钥来解密用户发送给该组的加密消息。

6. 发明申请

US20100017859A1 Authentication system for networked computer applications 审中-公开
公开(公告)号：US20100017859A1
公开(公告)日：2010-01-21
申请号：US12584861
申请日：2009-09-14
申请人： Edward R. Kelly , Christopher Wayne Howser , Jonathan Francis Savage , Yuliang Zheng
发明人： Edward R. Kelly , Christopher Wayne Howser , Jonathan Francis Savage , Yuliang Zheng
IPC分类号： G06F7/04 , G06F9/32 , G06F21/00
CPC分类号： H04L63/0807 , H04L63/0209 , H04L63/0428 , H04L63/0815 , H04L63/126
摘要： A system such as in a networked computer system comprising a user, an application server, a gatekeeper server and an authentication server. Communication within the system is managed by the gatekeeper server, wherein the user communicates with the authentication server and the application server through the gatekeeper server. Once the user has been initially authenticated by the authentication server, the user may request application services from a plurality of application servers within the networked computer system without having to be re-authenticated.

7. 发明授权

US07546327B2 Platform independent randomness accumulator for network applications 有权
标题翻译：用于网络应用的平台无关随机累加器
公开(公告)号：US07546327B2
公开(公告)日：2009-06-09
申请号：US11018806
申请日：2004-12-21
申请人： Yuliang Zheng
发明人： Yuliang Zheng
IPC分类号： G06F1/02
CPC分类号： H04L9/0662 , H04L9/0643
摘要： A random number generator includes one or more pseudorandom data sources that generate pseudorandom data, a randomness accumulation facility that receives pseudorandom data from the one or more pseudorandom data sources, a storage facility that stores a random value generated by the randomness accumulation facility, and an application programming interface (“API”), operating independently from the operation of the randomness accumulation facility, that retrieves, upon request by a software application, the random value currently stored in the storage facility and provides a random number to the software application. The pseudorandom data is hashed with a previously-stored random value and a first counter value and may be encrypted before storing in the storage facility. Likewise, the API hashes the current random value with a second counter value before outputting the random number thus generated, decrypting the current value first if necessary.
摘要翻译：随机数生成器包括一个或多个伪随机数据源，其产生伪随机数据;随机累积设施，其从一个或多个伪随机数据源接收伪随机数据;存储设备，其存储由随机累积设备生成的随机值;以及应用程序编程接口（“API”），独立于随机性累积设施的操作操作，该应用程序接口（“API”）根据软件应用程序的请求检索当前存储在存储设施中的随机值，并向软件应用程序提供随机数。伪随机数据用先前存储的随机值和第一计数器值进行散列，并且可以在存储在存储设施中之前进行加密。类似地，API在输出如此生成的随机数之前，用第二计数器值擦除当前随机值，如果需要，首先解密当前值。

8. 发明申请

US20070094491A1 Systems and methods for dynamically learning network environments to achieve adaptive security 审中-公开
标题翻译：动态学习网络环境以实现自适应安全的系统和方法
公开(公告)号：US20070094491A1
公开(公告)日：2007-04-26
申请号：US11498587
申请日：2006-08-03
申请人： Lawrence Teo , Yuliang Zheng
发明人： Lawrence Teo , Yuliang Zheng
IPC分类号： H04L9/00
CPC分类号： H04L63/1408 , G06F21/552 , G06F21/577 , G06F2221/034 , H04L63/1441
摘要： Systems and methods for dynamically learning network environments to achieve adaptive security are described. One described method for setting an adaptive threshold for a node includes: monitoring a data stream associated with the node to identify a characteristic of the node; monitoring an environmental factor capable of affecting the node; and determining the adaptive threshold based on at least one of the characteristic or the environmental factor. Another described method for dynamically assessing a risk associated with network traffic includes: identifying a communication directed at the node; determining a risk level associated with the communication; and comparing the risk level to the adaptive threshold.
摘要翻译：描述了动态学习网络环境以实现自适应安全性的系统和方法。一种用于设置节点的自适应阈值的方法包括：监视与节点相关联的数据流以识别节点的特性; 监测能影响节点的环境因素; 以及基于特征或环境因素中的至少一个来确定自适应阈值。用于动态评估与网络流量相关联的风险的另一种描述的方法包括：识别针对该节点的通信; 确定与沟通相关的风险水平; 并将风险等级与自适应阈值进行比较。

9. 发明申请

US20060179312A1 Authentication system for networked computer applications 有权
公开(公告)号：US20060179312A1
公开(公告)日：2006-08-10
申请号：US11400683
申请日：2006-04-07
申请人： Edward Kelly , Christopher Howser , Jonathan Savage , Yuliang Zheng
发明人： Edward Kelly , Christopher Howser , Jonathan Savage , Yuliang Zheng
IPC分类号： H04L9/00
CPC分类号： H04L63/0807 , H04L63/0209 , H04L63/0428 , H04L63/0815 , H04L63/126
摘要： A system such as in a networked computer system comprising a user, an application server, a gatekeeper server and an authentication server. Communication within the system is managed by the gatekeeper server, wherein the user communicates with the authentication server and the application server through the gatekeeper server. Once the user has been initially authenticated by the authentication server, the user may request application services from a plurality of application servers within the networked computer system without having to be re-authenticated.

10. 发明申请

US20060069912A1 Systems and methods for enhanced network security 有权
标题翻译：增强网络安全性的系统和方法
公开(公告)号：US20060069912A1
公开(公告)日：2006-03-30
申请号：US10543600
申请日：2003-05-30
申请人： Yuliang Zheng , Lawrence Teo
发明人： Yuliang Zheng , Lawrence Teo
IPC分类号： H04L9/00
CPC分类号： H04L63/1408 , H04L63/0823 , H04L63/105 , H04L63/123 , H04L63/1416 , H04L63/1491 , H04L2463/141
摘要： Systems and methods for an information system security infrastructure are described. One embodiment of the present invention comprises global Internet-scale defense infrastructure, referred to as the Intrusion Detection Force (IDF). The IDF comprises a virtual infrastructure implemented on top of an existing network, such as the Internet. The IDF enables secure information sharing and intelligent data analysis and response. The node (e.g. 102 of FIG. 1) is the most primitive entity in the IDF architecture, and may be a switch, router, server, or workstation. The IDF may be implemented in small networks of computers or may be utilized by millions of hosts throughout the Internet, spanning different organizations, countries, and continents.
摘要翻译：描述了信息系统安全基础设施的系统和方法。本发明的一个实施例包括被称为入侵检测力（IDF）的全球因特网规模防御基础设施。 IDF包括在现有网络（例如因特网）之上实现的虚拟基础设施。 IDF实现安全的信息共享和智能数据分析和响应。节点（例如，图1的102）是IDF架构中最原始的实体，并且可以是交换机，路由器，服务器或工作站。 IDF可以在小型计算机网络中实现，或者可以由跨越不同组织，国家和大陆的互联网上的数百万个主机使用。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式