公开(公告)号：US11934968B1

公开(公告)日：2024-03-19

申请号：US15872645

申请日：2018-01-16

Applicant: Architecture Technology Corporation

Inventor： Matthew A. Stillerman

IPC: G06N5/04 ,  G06N20/00

CPC classification number: G06N5/041 ,  G06N20/00

Abstract: A method and system for determining predictably feasible model designs. The method includes defining a plurality of model designs, wherein the plurality of model designs include a plurality of infeasible model designs, wherein one or more of the infeasible model designs are infeasible due to limits in technology; storing information representing a plurality of technological trends; and classifying one or more of the infeasible model designs as predictably feasible model designs, wherein the predictable feasible model designs are those infeasible model designs expected to become feasible model designs if one or more of the plurality of technological trends continues as anticipated.

公开(公告)号：US11461477B1

公开(公告)日：2022-10-04

申请号：US16838595

申请日：2020-04-02

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Robert A. Joyce ,  Scott Aloisio ,  Matthew A. Stillerman

IPC: G06F21/60 ,  G06F21/52 ,  G06F21/62 ,  H04L9/12

Abstract: An example method includes initializing, by an obfuscation computing system, communications with nodes in a distributed computing platform, the nodes including one or more compute nodes and a controller node, and performing at least one of: (a) code-level obfuscation for the distributed computing platform to obfuscate interactions between an external user computing system and the nodes, wherein performing the code-level obfuscation comprises obfuscating data associated with one or more commands provided by the user computing system and sending one or more obfuscated commands to at least one of the nodes in the distributed computing platform; or (b) system-level obfuscation for the distributed computing platform, wherein performing the system-level obfuscation comprises at least one of obfuscating system management tasks that are performed to manage the nodes or obfuscating network traffic data that is exchanged between the nodes.

公开(公告)号：US11444974B1

公开(公告)日：2022-09-13

申请号：US16661513

申请日：2019-10-23

Applicant: ARCHITECTURE TECHNOLOGY CORPORATION

Inventor： Martiros Shakhzadyan ,  Judson Powers ,  Matthew A. Stillerman

IPC: H04L9/40

Abstract: Systems, methods, and products comprise an analytic server, which improves security of a unified system of distributed network infrastructure comprising a plurality of cyber-physical systems. The analytic server may instantiate a sub attack tree for each cyber-physical system within the unified system. The analytic server may determine how the interconnection of the plurality of cyber-physical systems may affect the unified system security. The analytic server may monitor systems and receive electronic notifications of alerts in real-time from devices in the plurality of cyber-physical systems. The analytic server may follow the logic of the attack tree model by traversing the attack tree from bottom up and determine how the alerts from the cyber-physical systems may affect the distributed network infrastructure as a whole. The analytic server may generate reports comprising a list of the prioritized attacks and recommendation actions to mitigate the attacks.

公开(公告)号：US20140108414A1

公开(公告)日：2014-04-17

申请号：US13651235

申请日：2012-10-12

Applicant: ARCHITECTURE TECHNOLOGY CORPORATION

Inventor： Matthew A. Stillerman ,  Robert A. Joyce

IPC: G06F17/30

CPC classification number: G06F17/30 ,  G06F17/30312 ,  G06F17/3048

Abstract: In general, techniques are described for an RDF (Resource Description Framework) database system which can scale to huge size for realistic data sets of practical interest. In some examples, a database system includes a Resource Description Framework (RDF) database that stores a plurality of data chunks to one or more storage drives, wherein each of the plurality of data chunks includes a plurality of triples of the RDF database. The database system also includes a working memory, a query interface that receives a query for the RDF database, a SPARQL engine that identifies a subset of the data chunks relevant to the query, and an index interface that includes one or more bulk loaders that load the subset of the data chunks to the working memory. The SPARQL engine executes the query only against triples included within the loaded subset of the data chunks to obtain a query result.

Abstract translation: 一般来说，描述了RDF（资源描述框架）数据库系统的技术，该数据库系统可以扩展到具有实际意义的实际数据集的巨大尺寸。 在一些示例中，数据库系统包括资源描述框架（RDF）数据库，其将多个数据块存储到一个或多个存储驱动器，其中多个数据块中的每一个包括RDF数据库的多个三元组。 数据库系统还包括工作存储器，接收RDF数据库的查询的查询接口，标识与该查询相关的数据块的子集的SPARQL引擎，以及包括一个或多个加载器的批量加载器的索引接口 数据块的子集到工作记忆。 SPARQL引擎只针对包含在加载的数据块子集中的三元组执行查询，以获得查询结果。

公开(公告)号：US11349894B1

公开(公告)日：2022-05-31

申请号：US16952981

申请日：2020-11-19

Applicant: Architecture Technology Corporation

Inventor： Tyler J. Mitchell ,  Scott Aloisio ,  Matthew A. Stillerman ,  Valentino Felipe ,  Judson Powers

IPC: H04L65/60 ,  H04N19/182 ,  H04N19/186 ,  G06N20/00 ,  H04L65/65

Abstract: In general, this disclosure describes media stream transmission techniques for a computing device. The computing device captures a first media item and identifies a primary portion of the first media item and a secondary portion of the first media item different than the primary portion. The computing device applies a first compression algorithm to the primary portion of the first media item to generate a compressed primary portion. The computing device applies a second compression algorithm to the secondary portion of the first media item to generate a compressed secondary portion, where a data compression ratio of the second compression algorithm is greater than a data compression ratio of the first compression algorithm. The computing device transmits, to a central computing device, the compressed primary portion of the first media item and the compressed secondary portion of the first media item.

公开(公告)号：US10812562B1

公开(公告)日：2020-10-20

申请号：US16015116

申请日：2018-06-21

Applicant: Architecture Technology Corporation

Inventor： Tyler J. Mitchell ,  Judson Powers ,  Scott Aloisio ,  Matthew A. Stillerman ,  Valentino Felipe

IPC: H04L29/06 ,  H04L12/927 ,  G06T7/194 ,  G16H40/67

Abstract: In general, this disclosure describes media stream transmission techniques for a computing device. The computing device may capture an image of a local background environment. The computing device may record a first media stream that includes at least a portion of the image of the background environment and at least one movement of at least one object through the background environment. The computing device may remove the image of the background environment from the first media stream to create a second media stream that includes the movement of the object without the image of the background environment. The computing device may determine a bandwidth of a network over which the second media stream will be transmitted and perform further alterations to the second media stream if the current bandwidth is less than a bandwidth threshold level in order to reduce the bandwidth needed to transmit the second media stream.

公开(公告)号：US12120146B1

公开(公告)日：2024-10-15

申请号：US17816884

申请日：2022-08-02

Applicant: Architecture Technology Corporation

Inventor： Martiros Shakhzadyan ,  Judson Powers ,  Matthew A. Stillerman

IPC: H04L9/40

CPC classification number: H04L63/1466 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1433

Abstract: Systems, methods, and products may comprise an analytic server, which improves security of a unified system of distributed network infrastructure comprising a plurality of cyber-physical systems. The analytic server may instantiate a sub attack tree for each cyber-physical system within the unified system. The analytic server may determine how the interconnection of the plurality of cyber-physical systems may affect the unified system security. The analytic server may monitor systems and receive electronic notifications of alerts in real-time from devices in the plurality of cyber-physical systems. The analytic server may follow the logic of the attack tree model by traversing the attack tree from bottom up and determine how the alerts from the cyber-physical systems may affect the distributed network infrastructure as a whole. The analytic server may generate reports comprising a list of the prioritized attacks and recommendation actions to mitigate the attacks.

公开(公告)号：US11245743B1

公开(公告)日：2022-02-08

申请号：US17032454

申请日：2020-09-25

Applicant: Architecture Technology Corporation

Inventor： Tyler J. Mitchell ,  Judson Powers ,  Scott Aloisio ,  Matthew A. Stillerman ,  Valentino Felipe

IPC: G06F15/16 ,  H04L29/06 ,  G06T7/194 ,  H04L12/927 ,  G16H40/67

Abstract: In general, this disclosure describes media stream transmission techniques for a computing device. The computing device may capture an image of a local background environment. The computing device may record a first media stream that includes at least a portion of the image of the background environment and at least one movement of at least one object through the background environment. The computing device may remove the image of the background environment from the first media stream to create a second media stream that includes the movement of the object without the image of the background environment. The computing device may determine a bandwidth of a network over which the second media stream will be transmitted and perform further alterations to the second media stream if the current bandwidth is less than a bandwidth threshold level in order to reduce the bandwidth needed to transmit the second media stream.

公开(公告)号：US11122079B1

公开(公告)日：2021-09-14

申请号：US16377971

申请日：2019-04-08

Applicant: Architecture Technology Corporation

Inventor： Scott Aloisio ,  Robert A. Joyce ,  Paul Nicotera ,  Matthew A. Stillerman

IPC: G06F11/00 ,  H04L29/06 ,  G06F21/14 ,  G06F21/62 ,  G06F12/14

Abstract: An example technique includes initializing, by an obfuscation computing system, communications with nodes in a distributed computing platform. The nodes include compute nodes that provide resources in the distributed computing platform and a controller node that performs resource management of the resources. The obfuscation computing system serves as an intermediary between the controller node and the compute nodes. The technique further includes outputting an interactive user interface (UI) providing a selection between a first privilege level and a second privilege level, and performing one of: based on the selection being for the first privilege level, a first obfuscation mechanism for the distributed computing platform to obfuscate digital traffic between a user computing system and the nodes, or based on the selection being for the second privilege level, a second obfuscation mechanism for the distributed computing platform to obfuscate digital traffic between the user computing system and the nodes.

公开(公告)号：US09191391B1

公开(公告)日：2015-11-17

申请号：US14577741

申请日：2014-12-19

Applicant: Architecture Technology Corporation

Inventor： Matthew A. Stillerman

IPC: G06F7/04 ,  H04L29/06 ,  G06F21/62

CPC classification number: H04L63/20 ,  G06F21/606 ,  G06F21/6218 ,  H04L63/10

Abstract: Techniques are described for controlling transfer of information in a secure manner across multiple network security domains. As described herein, cross-domain sharing may be facilitated by use of a common model that is shared by participants from the different network security domains. An example system is described in which a plurality of network domains comprises a respective set of client computing devices. A cross-domain object model specification specifies object classes for cross-domain objects accessible to the client computing devices. For each of the object classes, the cross-domain object model specification defines a plurality of data fields and specifies which of the data fields of the respective object class can be exposed to each of the respective network domains. A protected object repository positioned within each of the network domains stores an authorized portion of each of the cross-domain objects in accordance with the cross-domain object model specification.

Abstract translation: 描述了用于以多个网络安全域中的安全方式控制信息传输的技术。 如本文所述，可以通过使用来自不同网络安全域的参与者共享的公共模型来促进跨域共享。 描述了示例系统，其中多个网络域包括相应的一组客户端计算设备。 跨域对象模型规范为客户端计算设备可访问的跨域对象指定对象类。 对于每个对象类，跨域对象模型规范定义多个数据字段，并且指定相应对象类的哪些数据字段可以暴露给相应网络域中的每一个。 位于每个网络域内​​的受保护对象存储库根据跨域对象模型规范存储每个跨域对象的授权部分。