Method and system for management of security rule set
    1.
    发明授权
    Method and system for management of security rule set 有权
    安全规则集管理方法与系统

    公开(公告)号:US08458766B2

    公开(公告)日:2013-06-04

    申请号:US12781352

    申请日:2010-05-17

    IPC分类号: G06F21/00

    CPC分类号: H04L63/0281 H04L63/0263

    摘要: There are provided a method of automated managing an ordered set of security rules implemented at one or more security gateways and a system thereof. The method comprises a) obtaining data characterizing a connectivity request which may become allowable only upon changes of an initial rule-set, thus giving rise to an unfitting connectivity request; b) automated searching for a rule within said ordered set of security rules, said rule best matching to be amended in order to facilitate allowance of the unfitting connectivity request, wherein best matching is defined in accordance with one or more predefined criteria; c) automated generating amendment of the best matching rule, said amendment capable to facilitate allowance of the unfitting connectivity request; and d) automated implementing the generated amendment at one or more relevant security gateways among said one or more security gateways. At least one predefined criterion may be related to extra allowed traffic resulting from the amendment and/or to requested traffic restricted after amendment because of shadowing by one or more rules above the amended rule.

    摘要翻译: 提供了一种自动管理在一个或多个安全网关及其系统上实现的安全规则的有序集合的方法。 该方法包括:a)获得表征连接请求的数据,该连接请求只有在初始规则集的改变时才可能被允许,从而导致不正确的连接请求; b)自动搜索所述有序安全规则集中的规则,所述规则最佳匹配被修改以便于允许不匹配连接请求的允许,其中根据一个或多个预定标准定义最佳匹配; c)自动生成最佳匹配规则的修改,所述修改能够方便允许不正确的连接请求; 以及d)在所述一个或多个安全网关中的一个或多个相关安全网关上自动实施所生成的修改。 至少一个预定义的标准可能与修正后产生的额外允许的交通有关,和/或由于修正规则之上的一个或多个规则的影响而在修正之后被限制的要求交通。

    METHOD AND SYSTEM FOR MANAGEMENT OF SECURITY RULE SET
    2.
    发明申请
    METHOD AND SYSTEM FOR MANAGEMENT OF SECURITY RULE SET 有权
    安全规则管理方法与系统

    公开(公告)号:US20100299741A1

    公开(公告)日:2010-11-25

    申请号:US12781352

    申请日:2010-05-17

    IPC分类号: G06F21/00

    CPC分类号: H04L63/0281 H04L63/0263

    摘要: There are provided a method of automated managing an ordered set of security rules implemented at one or more security gateways and a system thereof. The method comprises a) obtaining data characterizing a connectivity request which may become allowable only upon changes of an initial rule-set, thus giving rise to an unfitting connectivity request; b) automated searching for a rule within said ordered set of security rules, said rule best matching to be amended in order to facilitate allowance of the unfitting connectivity request, wherein best matching is defined in accordance with one or more predefined criteria; c) automated generating amendment of the best matching rule, said amendment capable to facilitate allowance of the unfitting connectivity request; and d) automated implementing the generated amendment at one or more relevant security gateways among said one or more security gateways. At least one predefined criterion may be related to extra allowed traffic resulting from the amendment and/or to requested traffic restricted after amendment because of shadowing by one or more rules above the amended rule.

    摘要翻译: 提供了一种自动管理在一个或多个安全网关及其系统上实现的安全规则的有序集合的方法。 该方法包括:a)获得表征连接请求的数据,该连接请求只有在初始规则集的改变时才可能被允许,从而导致不正确的连接请求; b)自动搜索所述有序安全规则集中的规则,所述规则最佳匹配被修改以便于允许不匹配连接请求的允许,其中根据一个或多个预定标准定义最佳匹配; c)自动生成最佳匹配规则的修改,所述修改能够方便允许不正确的连接请求; 以及d)在所述一个或多个安全网关中的一个或多个相关安全网关上自动实施所生成的修改。 至少一个预定义的标准可能与修正后产生的额外允许的交通有关,和/或由于修正规则之上的一个或多个规则的影响而在修正之后被限制的要求交通。

    Method for identifying cellular growth inhibitors
    3.
    发明申请
    Method for identifying cellular growth inhibitors 审中-公开
    鉴定细胞生长抑制剂的方法

    公开(公告)号:US20060035365A1

    公开(公告)日:2006-02-16

    申请号:US10521300

    申请日:2003-07-14

    IPC分类号: C12N1/21 C12Q1/18

    摘要: The present invention is a method which permits the selective screening for growth-inhibiting substances having a known mechanism of action; i.e., substances which inhibit or otherwise interfere with an enzyme or other gene product whose function is required for the growth or survival of the cell. The method employs cells (e.g., bacterial cells) that contain a nucleic acid fragment that encodes an RNA fragment that can interfere with the expression of a gene product (e.g., an anti-sense RNA that hybridizes to a mRNA), wherein expression of the RNA fragment pre-sensitizes the cell to substances (drugs) that act at the gene product (e.g., a protein or RNA). The cells lose the capability to express the RNA fragment. In the method, the recombinant cells are grown in a nutrient medium in the presence of a test substance under conditions in which expression of the RNA fragment occurs at a level that pre-sensitizes the cell to substances that act at the targeted gene product. The growth conditions are also controlled such that the cells lose the capability to express the RNA fragment. When the test substance is a growth inhibitor that acts on the targeted gene product, the cells lacking the RNA fragment (revertant cells) will have a growth advantage over cells containing the RNA fragment, and the growth of revertant cells will occur. The method of the invention includes monitoring the cell growth for the appearance of revertant cells, which leads to the identification of selective growth inhibitors having a specific mode of action.

    摘要翻译: 本发明是允许选择性筛选具有已知作用机制的生长抑制物质的方法; 即抑制或以其他方式干扰作为细胞生长或存活所必需的功能的酶或其它基因产物的物质。 该方法使用含有编码可能干扰基因产物(例如,与mRNA杂交的反义RNA)的表达的RNA片段的核酸片段的细胞(例如,细菌细胞),其中表达 RNA片段使细胞对作用于基因产物(例如蛋白质或RNA)的物质(药物)敏感。 细胞失去表达RNA片段的能力。 在该方法中,重组细胞在测试物质存在下在营养培养基中生长,其条件是将RNA片段的表达发生在使细胞对目标基因产物作用的物质致敏的程度。 生长条件也受到控制,使得细胞丧失表达RNA片段的能力。 当测试物质是作用于目标基因产物的生长抑制剂时,缺乏RNA片段的细胞(回复细胞)将具有优于含有RNA片段的细胞的生长优势,并且将发生回复细胞的生长。 本发明的方法包括监测细胞生长以恢复细胞的出现,这导致鉴定具有特定作用模式的选择性生长抑制剂。