公开(公告)号：US20180322259A1

公开(公告)日：2018-11-08

申请号：US15585194

申请日：2017-05-03

Applicant: Cisco Technology, Inc.

Inventor： Hillel SOLOW ,  Yossi Tsuria ,  Avraham Poupko ,  Shabtai Atlow

IPC: G06F21/10 ,  H04L9/08

Abstract: In one embodiment, an instruction is received at a blockchain server from a first digital rights management (DRM) client, the instruction including an instruction to transfer a DRM license to an encrypted content item to a second DRM client. A block to be recorded in a blockchain, is created, the block including a content item ID of said encrypted content item, one of a device ID of a device including the second DRM client or a user ID of a user of the second DRM client, DRM license information for said DRM license, and a DRM decryption key for decrypting said encrypted content item. The block is recorded in the blockchain. A confirmation message is sent to the second DRM client confirming that the block was written to the blockchain. Related systems, methods, and apparatuses are also described.

公开(公告)号：US20160277364A1

公开(公告)日：2016-09-22

申请号：US15168053

申请日：2016-05-29

Applicant: Cisco Technology, Inc.

Inventor： Hillel SOLOW

IPC: H04L29/06 ,  H04L12/18

CPC classification number: H04L63/0428 ,  H04L9/14 ,  H04L12/18 ,  H04L63/061 ,  H04N21/2351 ,  H04N21/4181 ,  H04N21/42615 ,  H04N21/434 ,  H04N21/4405 ,  H04N21/4623 ,  H04N21/64315

Abstract: A Headend system including a packer to pack media content into a plurality of packets including a first packet and a second packet, a packet scheduler to schedule when the packets will be broadcast/multicast to a plurality of end-user devices, and calculate a plurality of timing values including a first timing value which provides an indication of how long the second packet will arrive at the end-user devices after the arrival of the first packet at the end-user devices, and an encryption engine to: encrypt the media content of the packets and the timing values, wherein the media content of the first packet and the first timing value are encrypted by different encryption algorithms, or the same encryption algorithm with different cryptographic keys.

Abstract translation: 一种头端系统，包括封隔器，用于将媒体内容分组成包括第一分组和第二分组的多个分组，分组调度器，调度分组将如何广播/组播到多个最终用户设备，并且计算多个 包括第一定时值，其提供在第一分组到达终端用户设备之后第二分组将在最终用户设备上到达多长时间的指示;以及加密引擎，用于：加密媒体内容 的分组和定时值，其中第一分组的媒体内容和第一定时值由不同的加密算法或具有不同加密密钥的相同加密算法加密。

公开(公告)号：US20170339190A1

公开(公告)日：2017-11-23

申请号：US15161313

申请日：2016-05-23

Applicant: Cisco Technology, Inc.

Inventor： Steve EPSTEIN ,  Hillel SOLOW ,  Ezra DARSHAN

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L63/0263 ,  H04L63/1416 ,  H04L63/1433

Abstract: In one embodiment, a system includes a hardware processor and a memory to store data used by the hardware processor, wherein the hardware processor is operative to calculate, for each one device of a plurality of devices, a device-specific packet inspection plan based on (a) a security vulnerability score for the one device; and (b) a damage score for the one device, wherein for each one device of the plurality of devices, the device-specific packet inspection plan includes at least one of the following (a) a percentage of a plurality of packets, destined for the one device, to be inspected for compliance with at least one intrusion detection/protection system rule and (b) instructions on which intrusion detection/protection system rules to use to inspect a multiplicity of the plurality of packets destined for the one device. Related apparatus and methods are also described.

公开(公告)号：US20180114020A1

公开(公告)日：2018-04-26

申请号：US15334311

申请日：2016-10-26

Applicant: Cisco Technology, Inc.

Inventor： Benyamin HIRSCHBERG ,  Moshe KRAVCHIK ,  Arie HAENEL ,  Hillel SOLOW

IPC: G06F21/56

CPC classification number: G06F21/566 ,  G06F2221/034 ,  G06F2221/2107

Abstract: In one embodiment, a system includes a central processing unit (CPU) to identify a ransomware process which encrypted a plurality of files yielding a plurality of encrypted files, in response to identifying the ransomware process, dump a memory space and a state of the CPU yielding a memory dump, and search the memory dump for a plurality of candidate encryption keys, and a decryption engine to attempt to decrypt at least one encrypted file of the plurality of encrypted files with different candidate encryption keys of the plurality of candidate encryption keys until the at least one encrypted file is successfully decrypted with one candidate encryption key of the different candidate encryption keys, and decrypt the plurality of encrypted files using the one candidate encryption key. Related apparatus and methods are also described.

公开(公告)号：US20180091540A1

公开(公告)日：2018-03-29

申请号：US15276808

申请日：2016-09-27

Applicant: Cisco Technology, Inc.

Inventor： Hillel SOLOW ,  Ezra DARSHAN ,  Harel CAIN ,  Steve EPSTEIN ,  Arnold ZUCKER

IPC: H04L29/06

CPC classification number: H04L63/1433 ,  H04L63/0227 ,  H04L63/1425 ,  H04L63/1441

Abstract: In one embodiment, a method for assessing security posture for entities in a computing, network is implemented On a computing device and includes: receiving behavior data from one or more of the entities, where the behavior data is associated with at least activity on the computing network by the one or more entities, calculating a risk score for at least one of the entities by comparing the behavior data with a classification model, where the classification model represents at least a baseline for normative network behavior by the entities in a computing network, assessing a security posture for the at least one the entities based on the risk score, and allocating network security resources to the at least one of the entities at least in accordance with the security posture.

公开(公告)号：US20170374082A1

公开(公告)日：2017-12-28

申请号：US15189023

申请日：2016-06-22

Applicant: Cisco Technology, Inc.

Inventor： Hillel SOLOW ,  Steve EPSTEIN ,  Ezra DARSHAN ,  Arnold ZUCKER ,  Shali MOR ,  Asaf COHEN

IPC: H04L29/06

Abstract: In one embodiment, a method includes for each one time period of a plurality of time periods performing a weighted random selection of a first set of intrusion detection/protection system rules from a plurality of rules, each rule of the plurality of rules having an associated probability of selection, preparing a packet inspection plan including the first set of intrusion detection/protection system rules, and sending the packet inspection plan to a network distribution device to inspect packets according to the packet inspection plan. Related apparatus and methods are also described.

公开(公告)号：US20160359619A1

公开(公告)日：2016-12-08

申请号：US15238742

申请日：2016-08-17

Applicant: Cisco Technology, Inc.

Inventor： Hillel SOLOW ,  Harel CAIN ,  Eliphaz HIBSHOOSH

IPC: H04L9/08 ,  H04L29/06

CPC classification number: H04L9/085 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/0876

Abstract: A method for distributing encrypted information includes; encrypting an item of information with a content key, distributing the item of encrypted information over a wide-area communication network to client devices, generating a plurality of key-shares from the content key, where the generating includes requiring a predetermined number of no less than two of the key-shares to reconstruct the content key, distributing respective key-shares to the client devices, where the distributing includes distributing less than the predetermined number of key-shares to the client devices, receiving a report over the wide-area communication network from a first client device indicating that while a second client device was disconnected from the wide-area communication network, the second client device requested and received at least one of the key-shares from the first client device, and determining that the second client device accessed the item of information and recording a delivery of the item of information.

Abstract translation: 一种分发加密信息的方法包括： 用内容密钥加密信息项，通过广域通信网络将加密信息项分发给客户端设备，从内容密钥生成多个密钥共享，其中生成包括需要预定数量不少于 重新构建内容密钥的两个密钥份额，将各自的密钥份额分配给客户端设备，其中分发包括向客户端设备分发少于预定数量的密钥份额，在广域上接收报告 来自第一客户端设备的通信网络，指示当第二客户端设备与广域通信网络断开连接时，第二客户端设备从第一客户端设备请求并接收至少一个密钥共享，并且确定第二客户端设备 客户端设备访问信息项并记录信息项的传送。