利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

76 条记录 (耗时 0.027 秒)

    SECURE APPARATUS AND METHOD FOR PROTECTING INTEGRITY OF SOFTWARE SYSTEM AND SYSTEM THEREOF
    11.
    发明申请
    SECURE APPARATUS AND METHOD FOR PROTECTING INTEGRITY OF SOFTWARE SYSTEM AND SYSTEM THEREOF 失效
    用于保护软件系统及其系统的完整性的安全设备和方法

    公开(公告)号:US20090327745A1

    公开(公告)日:2009-12-31

    申请号:US12163797

    申请日:2008-06-27

    申请人: Ya Bin Dang Da Ming Hao Shih-Gong Li Lin Luo Shun Xiang Yang

    发明人: Ya Bin Dang Da Ming Hao Shih-Gong Li Lin Luo Shun Xiang Yang

    IPC分类号: G06F21/00 G06F12/14

    CPC分类号: G06F21/125

    摘要: Provided is a secure apparatus for protecting the integrity of a software system and a method thereof. The apparatus comprises: a template repository for storing templates required for generating an agent template; a template generator for randomly selecting one template from said template repository and generating a new agent template according to the selected template; and a transceiver for sending said new agent module to an external apparatus communicating with said secure apparatus to update a current agent module which is running in said external apparatus, wherein said current agent module is used to verify the integrity of said software system running in said external apparatus. The secure apparatus can protect software in an insecure environment with a high software protection level to prevent the software from being tampered or bypassed.

    摘要翻译: 提供一种用于保护软件系统的完整性的安全装置及其方法。 该装置包括:用于存储生成代理模板所需的模板的模板存储库; 模板生成器,用于从所述模板存储库中随机选择一个模板,并根据所选模板生成新的代理模板; 以及收发器,用于将所述新代理模块发送到与所述安全装置通信的外部设备,以更新在所述外部设备中运行的当前代理模块,其中所述当前代理模块用于验证在所述外部设备中运行的所述软件系统的完整性 外部设备 安全设备可以在具有高软件保护级别的不安全环境中保护软件,以防止软件被篡改或绕过。

    Adaptive rule loading and session control for securing network delivered services
    13.
    发明授权
    Adaptive rule loading and session control for securing network delivered services 有权
    用于保护网络传送服务的自适应规则加载和会话控制

    公开(公告)号:US08918866B2

    公开(公告)日:2014-12-23

    申请号:US12493356

    申请日:2009-06-29

    申请人: Lin Luo Vugranam C. Sreedhar Shun X. Yang Yu Zhang

    发明人: Lin Luo Vugranam C. Sreedhar Shun X. Yang Yu Zhang

    IPC分类号: H04L29/06

    CPC分类号: H04L63/1441 H04L63/20

    摘要: Mechanisms are provided for handling client computing device requests with adaptive rule loading and session control. The mechanisms partition a set of rules, into a plurality of filter sets with each filter set having a different subset of the set of rules and being directed to identifying a different type of attack on a backend application or service. A subset of filter sets is selected to be used to validate client computing device requests received from client computing devices. The selected filter sets are applied to requests and/or responses to requests. The mechanisms dynamically modify which filter sets are included in the subset of filter sets based on an adaptive reinforcement learning operation on results of applying the selected filter sets to the requests and/or responses to requests.

    摘要翻译: 提供了用于处理具有自适应规则加载和会话控制的客户端计算设备请求的机制。 这些机制将一组规则划分成多个过滤器集合,其中每个过滤器集合具有该组规则的不同子集,并被引导以识别对后端应用或服务的不同类型的攻击。 选择过滤器集合的子集以用于验证从客户端计算设备接收的客户端计算设备请求。 所选择的过滤器集合应用于请求和/或对请求的响应。 基于对所请求的请求和/或对请求的响应的结果的自适应强化学习操作,机制动态地修改哪些过滤器集合被包括在过滤器组的子集中。

    METHOD AND SYSTEM FOR CONFIGURING A RULE FILE FOR FIREWALL OF WEB SERVER
    14.
    发明申请
    METHOD AND SYSTEM FOR CONFIGURING A RULE FILE FOR FIREWALL OF WEB SERVER 有权
    用于配置WEB服务器防火墙的规则文件的方法和系统

    公开(公告)号:US20100017868A1

    公开(公告)日:2010-01-21

    申请号:US12500674

    申请日:2009-07-10

    申请人: Da Ming Hao Lin Luo Ye Wang Yu Zhang

    发明人: Da Ming Hao Lin Luo Ye Wang Yu Zhang

    IPC分类号: G06F17/00 G06F15/18 G06F1/24

    CPC分类号: H04L67/34 H04L63/0245 H04L63/0263 H04L63/1416 H04L67/2819 H04L69/22

    摘要: A method, a system, and a computer program product embodying computer readable code for configuring a rule file for a Web application firewall. The method includes: blocking a response created by a Web application; modifying the response by adding capturing code for capturing a regular expression and an associated parameter value embedded in the response while being executed; sending the modified response to the browser; receiving a request submitted by the browser and at least one regular expression and an associated parameter value captured by the capturing code; determining a parameter name and a regular expression associated with the same parameter value, and configuring the rule file of the firewall by use of the determined parameter name and regular expression associated with one another as a filtering rule.

    摘要翻译: 一种包含用于配置Web应用程序防火墙的规则文件的计算机可读代码的方法,系统和计算机程序产品。 该方法包括:阻止由Web应用程序创建的响应; 通过添加用于捕获正常表达式的捕获代码和在执行时嵌入在响应中的关联参数值来修改响应; 将修改的响应发送到浏览器; 接收由浏览器提交的请求和由捕获代码捕获的至少一个正则表达式和相关联的参数值; 确定与相同参数值相关联的参数名称和正则表达式,并且通过使用确定的参数名称和彼此相关联的正则表达式来将防火墙的规则文件配置为过滤规则。

    Method and system for providing runtime vulnerability defense for cross domain interactions
    15.
    发明授权
    Method and system for providing runtime vulnerability defense for cross domain interactions 失效
    为交叉域交互提供运行时漏洞防御的方法和系统

    公开(公告)号:US08341239B2

    公开(公告)日:2012-12-25

    申请号:US12546754

    申请日:2009-08-25

    申请人: Da Ming Hao Lin Luo Ye Wang Yu Zhang

    发明人: Da Ming Hao Lin Luo Ye Wang Yu Zhang

    IPC分类号: G06F15/16

    CPC分类号: H04L63/20 H04L67/02

    摘要: A runtime vulnerability defense method, system, and computer readable article of manufacture tangibly embodying computer readable instructions for executing the method for cross domain interactions for a Web application. The method includes: creating a first and second iFrame object by the Web application which belong to a lower domain; creating an object O by the first iFrame object; sharing the created object O by the second iFrame object; promoting the domain of the second iFrame object to an upper domain; creating in the shared object O a source accessing function for submitting to a third party server a request to access the content of the third party server; and creating in the shared object O a sanitization function for sanitizing the response received from the server.

    摘要翻译: 运行时漏洞防御方法,系统和计算机可读制品,其有形地体现了用于执行用于Web应用的跨域交互的方法的计算机可读指令。 该方法包括:由属于较低域的Web应用程序创建第一和第二iFrame对象; 通过第一个iFrame对象创建一个对象O; 通过第二个iFrame对象共享创建的对象O; 将第二个iFrame对象的域提升到上一个域; 在共享对象O中创建用于向第三方服务器提交访问第三方服务器的内容的请求的源访问功能; 以及在共享对象O中创建用于对从服务器接收的响应进行消毒的消毒功能。

    Protecting web application data
    16.
    发明授权
    Protecting web application data 失效
    保护Web应用程序数据

    公开(公告)号:US08285778B2

    公开(公告)日:2012-10-09

    申请号:US12491647

    申请日:2009-06-25

    申请人: Ya Bin Dang Da Ming Hao Peng Ji Lin Luo Yu Zhang

    发明人: Ya Bin Dang Da Ming Hao Peng Ji Lin Luo Yu Zhang

    IPC分类号: G06F15/16

    CPC分类号: H04L63/123

    摘要: A method, system and an article of manufacture tangibly embodying a computer readable program for protecting Web application data between a server and a client. A response created by the Web application for the client is backed up and modified by adding capturing code for capturing a user action, user data of the client, or combination thereof. The modified response is sent to the client and a request submitted by the client and the user action and/or user data captured by the capturing code is received. A verifying request is generated according to the received user action and/user data captured by the capturing code and the backup of the response. The request submitted by the client is verified according to the verifying request and the verified request is sent to the Web application of the server.

    摘要翻译: 一种有形地体现用于在服务器和客户端之间保护Web应用数据的计算机可读程序的方法,系统和制品。 通过添加用于捕获用户动作,客户端的用户数据或其组合的捕获代码来备份和修改由Web应用程序为客户端创建的响应。 经修改的响应被发送给客户端,并且接收由客户端提交的请求以及由捕获代码捕获的用户操作和/或用户数据。 根据由捕获代码捕获的接收到的用户动作和/用户数据以及响应的备份,生成验证请求。 客户端提交的请求将根据验证请求进行验证,并将验证的请求发送到服务器的Web应用程序。

    METHOD AND SYSTEM FOR PROVIDING RUNTIME VULNERABILITY DEFENSE FOR CROSS DOMAIN INTERACTIONS
    17.
    发明申请
    METHOD AND SYSTEM FOR PROVIDING RUNTIME VULNERABILITY DEFENSE FOR CROSS DOMAIN INTERACTIONS 失效
    用于提供跨域互动的运行性漏洞防范的方法和系统

    公开(公告)号:US20100049792A1

    公开(公告)日:2010-02-25

    申请号:US12546754

    申请日:2009-08-25

    申请人: Da Ming Hao Lin Luo Ye Wang Yu Zhang

    发明人: Da Ming Hao Lin Luo Ye Wang Yu Zhang

    IPC分类号: G06F9/44 G06F15/16 G06F21/00

    CPC分类号: H04L63/20 H04L67/02

    摘要: A runtime vulnerability defense method, system, and computer readable article of manufacture tangibly embodying computer readable instructions for executing the method for cross domain interactions for a Web application. The method includes: creating a first and second iFrame object by the Web application which belong to a lower domain; creating an object ◯ by the first iFrame object; sharing the created object ◯ by the second iFrame object; promoting the domain of the second iFrame object to an upper domain; creating in the shared object ◯ a source accessing function for submitting to a third party server a request to access the content of the third party server; and creating in the shared object ◯ a sanitization function for sanitizing the response received from the server.

    摘要翻译: 运行时漏洞防御方法,系统和计算机可读制品,其有形地体现了用于执行用于Web应用的跨域交互的方法的计算机可读指令。 该方法包括:由属于较低域的Web应用程序创建第一和第二iFrame对象; 由第一个iFrame对象创建一个对象◯; 由第二个iFrame对象共享创建的对象◯; 将第二个iFrame对象的域提升到上一个域; 在共享对象中创建◯来源访问功能,用于向第三方服务器提交访问第三方服务器的内容的请求; 并在共享对象中创建◯用于对从服务器接收的响应进行消毒的消毒功能。

    PROTECTING WEB APPLICATION DATA
    18.
    发明申请
    PROTECTING WEB APPLICATION DATA 失效
    保护WEB应用数据

    公开(公告)号:US20090327411A1

    公开(公告)日:2009-12-31

    申请号:US12491647

    申请日:2009-06-25

    申请人: Ya Bin Dang Da Ming Hao Peng Ji Lin Luo Yu Zhang

    发明人: Ya Bin Dang Da Ming Hao Peng Ji Lin Luo Yu Zhang

    IPC分类号: G06F15/16 G06F12/00 G06F17/30

    CPC分类号: H04L63/123

    摘要: A method, system and an article of manufacture tangibly embodying a computer readable program for protecting Web application data between a server and a client. A response created by the Web application for the client is backed up and modified by adding capturing code for capturing a user action, user data of the client, or combination thereof. The modified response is sent to the client and a request submitted by the client and the user action and/or user data captured by the capturing code is received. A verifying request is generated according to the received user action and/user data captured by the capturing code and the backup of the response. The request submitted by the client is verified according to the verifying request and the verified request is sent to the Web application of the server.

    摘要翻译: 一种有形地体现用于在服务器和客户端之间保护Web应用数据的计算机可读程序的方法,系统和制品。 通过添加用于捕获用户动作,客户端的用户数据或其组合的捕获代码来备份和修改由Web应用程序为客户端创建的响应。 经修改的响应被发送给客户端,并且接收由客户端提交的请求以及由捕获代码捕获的用户操作和/或用户数据。 根据由捕获代码捕获的接收到的用户动作和/用户数据以及响应的备份,生成验证请求。 客户端提交的请求将根据验证请求进行验证,并将验证的请求发送到服务器的Web应用程序。

    Method and system for configuring a rule file for firewall of web server
    19.
    发明授权
    Method and system for configuring a rule file for firewall of web server 有权
    配置Web服务器防火墙规则文件的方法和系统

    公开(公告)号:US08671446B2

    公开(公告)日:2014-03-11

    申请号:US12500674

    申请日:2009-07-10

    申请人: Da Ming Hao Lin Luo Ye Wang Yu Zhang

    发明人: Da Ming Hao Lin Luo Ye Wang Yu Zhang

    IPC分类号: H04L29/06 G06F15/16

    CPC分类号: H04L67/34 H04L63/0245 H04L63/0263 H04L63/1416 H04L67/2819 H04L69/22

    摘要: A method, a system, and a computer program product embodying computer readable code for configuring a rule file for a Web application firewall. The method includes: blocking a response created by a Web application; modifying the response by adding capturing code for capturing a regular expression and an associated parameter value embedded in the response while being executed; sending the modified response to the browser; receiving a request submitted by the browser and at least one regular expression and an associated parameter value captured by the capturing code; determining a parameter name and a regular expression associated with the same parameter value, and configuring the rule file of the firewall by use of the determined parameter name and regular expression associated with one another as a filtering rule.

    摘要翻译: 一种包含用于配置Web应用程序防火墙的规则文件的计算机可读代码的方法,系统和计算机程序产品。 该方法包括:阻止由Web应用程序创建的响应; 通过添加用于捕获正常表达式的捕获代码和在执行时嵌入在响应中的关联参数值来修改响应; 将修改的响应发送到浏览器; 接收由浏览器提交的请求和由捕获代码捕获的至少一个正则表达式和相关联的参数值; 确定与相同参数值相关联的参数名称和正则表达式,并且通过使用确定的参数名称和彼此相关联的正则表达式来将防火墙的规则文件配置为过滤规则。