专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2017069800A1 END USER INITIATED ACCESS SERVER AUTHENTICITY CHECK 审中-公开
标题翻译：最终用户启动访问服务器真实性检查
公开(公告)号：WO2017069800A1
公开(公告)日：2017-04-27
申请号：PCT/US2016/025402
申请日：2016-03-31
申请人： ORACLE INTERNATIONAL CORPORATION
发明人： MATHEW, Stephen , SUBRAMANYA, Ramya , KOOTTAYI, Vipin Anaparakkal
IPC分类号： G06F21/44 , H04L29/06
CPC分类号： H04L63/0846 , G06F21/445 , H04L63/0838 , H04L63/0869 , H04L63/102 , H04L63/18 , H04L2463/082
摘要： Techniques are disclosed for enabling a user to validate the authenticity of a computing system (e.g., an access management system) such as one which controls access to one or more resources. A user can determine the authenticity of an access management system before the user provides credential information to the access management system. A user can be presented at a client system with an interface to request authentication of an access management system. The access management system may provide the user at the client system with temporary access information to submit back to the access management system. The access management system may provide recent personal information to the user at the client system to verify the access management system. Upon verification of the personal information, the access management system may prompt the user for credential information to establish a session.
摘要翻译：公开了用于使用户能够验证诸如控制对一个或多个资源的访问的计算系统（例如，访问管理系统）的真实性的技术。用户可以在用户向访问管理系统提供凭证信息之前确定访问管理系统的真实性。用户可以在具有接口的客户端系统上呈现以请求访问管理系统的认证。访问管理系统可以向客户端系统的用户提供临时访问信息以提交回访问管理系统。访问管理系统可以在客户端系统处向用户提供最近的个人信息以验证访问管理系统。在验证个人信息后，访问管理系统可以提示用户输入证书信息以建立会话。

2. 发明申请

WO2017049042A1 IDENTIFYING PHISHING WEBSITES USING DOM CHARACTERISTICS 审中-公开
标题翻译：使用DOM特征识别固定网站
公开(公告)号：WO2017049042A1
公开(公告)日：2017-03-23
申请号：PCT/US2016/052069
申请日：2016-09-16
申请人： RISKIQ, INC.
发明人： HUNT, Adam , PON, David , KIERNAN, Chris , ADAMS, Ben , EDGEWORTH, Jonas , MANOUSOS, Elias
IPC分类号： H04L29/06
CPC分类号： H04L63/1483 , G06F2221/2119
摘要： Embodiments of the present disclosure are directed to identifying phishing websites by rendering and analyzing document object model (DOM) objects associated with a website for features that indicate phishing behavior. Embodiments analyze the full scope and functionality associated with a website by executing functions embedded in a DOM object before analyzing the website for phishing activity. Accordingly, embodiments render and analyze a fully executed DOM object for phishing behavior. Embodiments may then perform steps to mediate a website that is classified as performing phishing. Thus, embodiments are configured to (1) collect website information from a variety of websites and web servers connected to the internet, (2) analyze the collected data to determine whether the website information is performing phishing, and (3) mediate websites and other actors that are determined to be performing phishing based on the results of the phishing analysis.
摘要翻译：本公开的实施例旨在通过呈现和分析与网站相关联的文档对象模型（DOM）对象来指示网络钓鱼行为的特征来识别钓鱼网站。实施例通过在分析网站进行网络钓鱼活动之前执行嵌入在DOM对象中的功能来分析与网站相关的全部范围和功能。因此，实施例渲染和分析用于网络钓鱼行为的完全执行的DOM对象。然后，实施例可以执行步骤来调解被分类为执行网络钓鱼的网站。因此，实施例被配置为（1）从连接到因特网的各种网站和web服务器收集网站信息，（2）分析收集的数据以确定网站信息是否正在执行网络钓鱼，以及（3）调停网站和其他根据网络钓鱼分析的结果决定执行网络钓鱼的演员。

3. 发明申请

WO2016048414A1 MANAGING CHANGE EVENTS FOR DEVICES IN AN ENTERPRISE SYSTEM 审中-公开
标题翻译：管理企业系统中设备的更改事件
公开(公告)号：WO2016048414A1
公开(公告)日：2016-03-31
申请号：PCT/US2015/026594
申请日：2015-04-20
申请人： ORACLE INTERNATIONAL CORPORATION
发明人： JAYANTI VENKATA, Bhagavati Kumar , MAHESHWARI, Harsh , DAS, Sidhartha
IPC分类号： G06F9/445 , H04L29/08 , H04W4/00 , H04W28/08 , H04L12/803 , H04L29/06
CPC分类号： H04L63/0823 , G06F8/60 , G06F8/61 , G06F8/65 , G06F8/71 , G06F9/4445 , G06F9/452 , G06F21/121 , G06F21/30 , G06F21/31 , G06F21/45 , H04L9/3268 , H04L41/082 , H04L41/20 , H04L41/28 , H04L41/5096 , H04L47/125 , H04L63/08 , H04L63/083 , H04L63/0876 , H04L63/10 , H04L63/101 , H04L63/102 , H04L63/104 , H04L63/105 , H04L63/20 , H04L63/205 , H04L67/02 , H04L67/10 , H04L67/12 , H04L67/26 , H04L67/306 , H04L67/36 , H04W4/08 , H04W4/50 , H04W4/60 , H04W4/70 , H04W12/06 , H04W12/08 , H04W16/06 , H04W28/08
摘要： Techniques are disclosed for communicating to remote devices information about change events related to changes in access to an enterprise system. A device access management system may facilitate communication about a change event to the remote devices. Information about a change event may be stored in a change event object based on the type of change event (e.g., a policy change, an application change, and a settings change). A change event queue may persistently store information corresponding to change events. One or more computing nodes may be scheduled to execute an action process for each change event based on the type of the change event. A computing node may communicate information (e.g., an instruction to implement adjust access) about a change event to remote devices. A change event may persist on the queue until all remote devices are notified about the change event.
摘要翻译：公开了用于与远程设备通信的关于与对企业系统的访问变化相关的改变事件的信息的技术。设备访问管理系统可以促进关于改变事件的通信到远程设备。关于改变事件的信息可以基于变化事件的类型（例如，策略改变，应用改变和设置改变）来存储在改变事件对象中。更改事件队列可以持久存储对应于更改事件的信息。可以调度一个或多个计算节点以基于改变事件的类型对每个改变事件执行动作过程。计算节点可以向远程设备传送关于改变事件的信息（例如，实现调整访问的指令）。更改事件可能会持续存在于队列中，直到所有远程设备被通知有关更改事件。

4. 发明申请

WO2016048415A1 UNIFIED PROVISIONING OF APPLICATIONS ON DEVICES IN AN ENTERPRISE SYSTEM 审中-公开
标题翻译：统一规定企业系统中设备的应用
公开(公告)号：WO2016048415A1
公开(公告)日：2016-03-31
申请号：PCT/US2015/026596
申请日：2015-04-20
申请人： ORACLE INTERNATIONAL CORPORATION
发明人： MAHESHWARI, Harsh , MOHAMAD ABDUL, Mohamad Raja Gani , DAS, Sidhartha , PAKKATH, Rajesh , KATTI, Sreedhar
IPC分类号： G06F9/445 , H04L29/06 , H04W12/08 , H04L12/24 , H04W4/00 , H04W4/08
CPC分类号： H04L63/0823 , G06F8/60 , G06F8/61 , G06F8/65 , G06F8/71 , G06F9/4445 , G06F9/452 , G06F21/121 , G06F21/30 , G06F21/31 , G06F21/45 , H04L9/3268 , H04L41/082 , H04L41/20 , H04L41/28 , H04L41/5096 , H04L47/125 , H04L63/08 , H04L63/083 , H04L63/0876 , H04L63/10 , H04L63/101 , H04L63/102 , H04L63/104 , H04L63/105 , H04L63/20 , H04L63/205 , H04L67/02 , H04L67/10 , H04L67/12 , H04L67/26 , H04L67/306 , H04L67/36 , H04W4/08 , H04W4/50 , H04W4/60 , H04W4/70 , H04W12/06 , H04W12/08 , H04W16/06 , H04W28/08
摘要： The present disclosure relates generally to managing access to an enterprise system using remote devices. Techniques are disclosed for provisioning applications on remote devices to access resources in an enterprise system. Specifically, applications may be automatically configured with access information (e.g., account information) and connection information to access a resource in an enterprise system using a remote device. Configuring an application may include determining an account for accessing a resource using the application. An account may be provisioned if one has not been established. Upon configuring an application, the device access management system may provide a configured application to the remote device(s) for which the application is configured. Once the configured application is received, the application may be automatically installed on the remote device, after which the application may be executed to access a resource.
摘要翻译：本公开一般涉及使用远程设备来管理对企业系统的访问。公开了用于在远程设备上配置应用以访问企业系统中的资源的技术。具体地说，应用程序可以自动配置有访问信息（例如，帐户信息）和连接信息，以使用远程设备访问企业系统中的资源。配置应用可以包括使用应用来确定访问资源的帐户。如果尚未建立帐户，则可以提供帐户。在配置应用程序时，设备访问管理系统可将已配置的应用程序提供给配置应用程序的远程设备。一旦接收到配置的应用程序，应用程序可能会自动安装在远程设备上，之后应用程序可能被执行以访问资源。

5. 发明申请

WO2017147525A1 TECHNIQUES FOR DISCOVERING AND MANAGING SECURITY OF APPLICATIONS 审中-公开
标题翻译：发现和管理应用程序安全的技术
公开(公告)号：WO2017147525A1
公开(公告)日：2017-08-31
申请号：PCT/US2017/019508
申请日：2017-02-24
申请人： ORACLE INTERNATIONAL CORRATION
发明人： KIRTI, Ganesh , BISWAS, Kamalendu , PERERA, Sumedha, Nalin , SIMU, Adina, Florina
IPC分类号： H04L29/06
CPC分类号： H04L63/1441 , H04L63/1408 , H04L63/1416 , H04L63/20
摘要： Techniques for discovery and management of applications in a computing environment of an organization are disclosed. A security management system discovers use of applications within a computing environment to manage access to applications for minimizing security threats and risks in a computing environment of the organization. The security management system can obtain network data about network traffic to identify unique applications. The security management system can perform analysis and correlation, including use of one or more data sources, to determine information about an application. The system can compute a measure of security for an application ("an application risk score") and a user ("a user risk score"). The score may be analyzed to determine a threat of security posed by the application based on use of the application. The security system can perform one or more instructions to configure access permitted by an application, whether access is denied or restricted.
摘要翻译：公开了用于在组织的计算环境中发现和管理应用程序的技术。安全管理系统发现在计算环境中使用应用程序来管理对应用程序的访问，以最小化组织计算环境中的安全威胁和风险。安全管理系统可以获得关于网络流量的网络数据以识别独特的应用。安全管理系统可以执行分析和关联，包括使用一个或多个数据源来确定关于应用程序的信息。系统可以计算应用程序的安全性度量（“应用程序风险评分”）和用户（“用户风险评分”）。可以对得分进行分析以确定应用程序基于使用该应用程序所构成的安全威胁。安全系统可以执行一条或多条指令来配置应用程序允许的访问，无论访问是被拒绝还是受限制。

6. 发明申请

WO2017120175A1 TECHNIQUES FOR INFRASTRUCTURE ANALYSIS OF INTERNET-BASED ACTIVITY 审中-公开
标题翻译：基于互联网活动的基础设施分析技术
公开(公告)号：WO2017120175A1
公开(公告)日：2017-07-13
申请号：PCT/US2017/012107
申请日：2017-01-04
申请人： RISKIQ, INC.
发明人： DIXON, Brandon , GINTY, Stephen
IPC分类号： H04L29/12 , H04L12/26 , H04L29/06
CPC分类号： H04L43/0876 , G06F21/552 , G06F21/56 , H04L43/045 , H04L61/1511 , H04L61/2007 , H04L63/1416
摘要： Some embodiments are directed to techniques for infrastructure analysis of Internet-based activity. Techniques are disclosed to enable analysts to spend more time focusing on analyzing and identifying threats to in a network infrastructure, and little time on data collection and data processing. Specifically, techniques are described for identifying network data relevant to Internet activity and providing an interactive interface (e.g., a "heat map" interface) for viewing and interactive analysis of the network data. The network data may be identified for assessing Internet activity with respect to one or more attributes, such as an Internet domain name or an Internet protocol (IP) address.
摘要翻译：一些实施例针对用于基于互联网的活动的基础设施分析的技术。披露的技术使分析师能够花更多的时间专注于分析和识别网络基础设施中的威胁，而在数据收集和数据处理方面的时间很少。具体而言，描述了用于识别与因特网活动相关的网络数据并提供用于查看和交互式分析网络数据的交互式接口（例如，“热图”接口）的技术。网络数据可以被标识用于评估关于诸如因特网域名或因特网协议（IP）地址之类的一个或多个属性的因特网活动。

7. 发明申请

WO2017070412A1 PASSWORD-LESS AUTHENTICATION FOR ACCESS MANAGEMENT 审中-公开
标题翻译：用于访问管理的无密码身份验证
公开(公告)号：WO2017070412A1
公开(公告)日：2017-04-27
申请号：PCT/US2016/058016
申请日：2016-10-21
申请人： ORACLE INTERNATIONAL CORPORATION
发明人： SHASTRI, Venugopal Padmanabhan , CHITTURI, Sreenivasa R. , MOTUKURU, Vamsi , BHATKHANDE, Mandar , JOSHI, Sunil Kumar
IPC分类号： G06F21/32 , G06F21/36 , H04L9/32 , H04L29/06
CPC分类号： H04L9/3231 , G06F21/32 , G06F21/36 , H04L9/00 , H04L9/006 , H04L9/14 , H04L9/30 , H04L9/3234 , H04L63/0853 , H04L63/0861 , H04L2463/082
摘要： An access management system is disclosed that can provide access to resources by password-less authentication. The access management system can provide multiple layers of security for authentication taking into account risk factors (e.g., device, location, etc.) to ensure authentication without compromising access. Contextual details of a user based on a mobile device can be used for authentication based on possession of a device. Password-less authentication of a user may be enabled by registration of devices and/or a location (e.g., a geo-graphic location) as trusted. Security data embedded with encrypted data can be sent to a first device for password-less authentication of a user at the device. A second device registered with the user can obtain the security data from the first device. The second device can decrypts the data and send the decrypted data to the access management system for verification to enable password-less authentication at the first device.
摘要翻译：公开了一种访问管理系统，其可以通过无密码认证来提供对资源的访问。访问管理系统可以考虑风险因素（例如，设备，位置等）提供用于认证的多层安全性以确保认证而不损害访问。基于移动设备的用户的上下文细节可以用于基于拥有设备的认证。可以通过将设备和/或位置（例如，地理图形位置）注册为可信的来启用用户的无密码认证。嵌入了加密数据的安全数据可以发送到第一个设备，以便在设备上对用户进行无密码验证。向用户注册的第二设备可以从第一设备获得安全数据。第二设备可以解密数据并将解密的数据发送到访问管理系统进行验证以在第一设备处启用无密码验证。

8. 发明申请

WO2017049045A1 USING HASH SIGNATURES OF DOM OBJECTS TO IDENTIFY WEBSITE SIMILARITY 审中-公开
标题翻译：使用DOM对象的HASH签名来识别网站的相似性
公开(公告)号：WO2017049045A1
公开(公告)日：2017-03-23
申请号：PCT/US2016/052072
申请日：2016-09-16
申请人： RISKIQ, INC.
发明人： HUNT, Adam , PON, David , KIERNAN, Chris , ADAMS, Ben , EDGEWORTH, Jonas , MANOUSOS, Elias , LINN, Joseph
IPC分类号： G06F17/30 , H04L29/06
CPC分类号： H04L63/0876 , G06F17/30864 , G06F17/3089 , G06F21/128 , G06F2221/2119 , H04L9/3247 , H04L63/10 , H04L63/123 , H04L63/1416 , H04L63/1425 , H04L63/1483 , H04L2463/103
摘要： Embodiments are directed to using a hash signature of a rendered DOM object of a website to find similar content and behavior on other websites. Embodiments break a DOM into a large number of data portions (i.e., "shingles"), apply a hashing algorithm to the shingles, select a predetermined number of hashes from the hashed shingles according to a selection criteria to create a hash signature, and compare the hash signature to that of a reference page to determine similarity of website DOM object content. Embodiments can be used to identify phishing websites, defaced websites, spam websites, significant changes in the content of a webpage, copyright infringement, and any other suitable purposes related to the similarity between website DOM object content.
摘要翻译：实施例涉及使用网站的呈现的DOM对象的散列签名来在其他网站上找到类似的内容和行为。实施例将DOM分解成大量的数据部分（即，“带状”），对散列板应用散列算法，根据选择标准从散列带状混叠中选择预定数量的散列，以创建散列签名，并比较哈希签名到参考页面，以确定网站DOM对象内容的相似性。实施例可以用于识别网络钓鱼网站，被污染的网站，垃圾网站，网页内容的重大变化，侵犯版权以及与网站DOM对象内容之间的相似性有关的任何其他合适的目的。

9. 发明申请

WO2016191639A1 AUTOMATIC ANOMALY DETECTION AND RESOLUTION SYSTEM 审中-公开
标题翻译：自动异常检测和分辨率系统
公开(公告)号：WO2016191639A1
公开(公告)日：2016-12-01
申请号：PCT/US2016/034536
申请日：2016-05-27
申请人： ORACLE INTERNATIONAL CORPORATION
发明人： AHAD, Rafiul
IPC分类号： G06F11/34 , G06F11/30 , G06F11/07
CPC分类号： G06F11/0793 , G06F11/0709 , G06F11/0751 , G06F11/079 , G06F11/301 , G06F11/3048 , G06F11/3072 , G06F11/3409 , G06F11/3495 , H04L41/5003 , H04L41/5038 , H04L67/02
摘要： An anomaly detection and resolution system (ADRS) is disclosed for detecting and resolving anomalies in computing environments. The ADRS may be implemented using an anomaly classification system defining different types of anomalies (e.g., a defined anomaly and an undefined anomaly). A defined anomaly may be based on bounds (fixed or seasonal) on any metric to be monitored. An anomaly detection and resolution component (ADRC) may be implemented in each component defining a service in a computing system. An ADRC may be configured to detect and attempt to resolve an anomaly locally. If the anomaly event for an anomaly can be resolved in the component, the ADRC may communicate the anomaly event to an ADRC of a parent component, if one exists. Each ADRC in a component may be configured to locally handle specific types of anomalies to reduce communication time and resource usage for resolving anomalies.
摘要翻译：公开了一种异常检测和解决系统（ADRS），用于检测和解决计算环境中的异常。可以使用定义不同类型的异常（例如，定义的异常和未定义的异常）的异常分类系统来实现ADRS。定义的异常可以基于要监视的任何度量的边界（固定或季节性）。可以在定义计算系统中的服务的每个组件中实现异常检测和解决部件（ADRC）。 ADRC可能被配置为检测并尝试在本地解决异常。如果异常异常事件可以在组件中解决，则ADRC可以将异常事件传达给父组件的ADRC（如果存在）。组件中的每个ADRC可以被配置为本地处理特定类型的异常，以减少通信时间和资源使用以解决异常。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式