-
11.发明申请Method and apparatus for detecting and responding to email based propagation of malicious software in a trusted network 有权用于检测和响应可信网络中恶意软件的基于邮件的传播的方法和装置公开(公告)号:US20070101430A1
公开(公告)日:2007-05-03
申请号:US11262436
申请日:2005-10-28
申请人: Amit Raikar
发明人: Amit Raikar
CPC分类号: H04L63/1416 , H04L51/12 , H04L63/1491
摘要: Embodiments of the invention provide a method and an apparatus for detecting and responding to email based propagation of malicious software (malware) in a trusted network. One embodiment provides a detector decoy email account to serve as generic bait for malicious software for a domain within the trusted network. In addition, at least one email account for the domain within the trusted network is provided as a detector probe account. In so doing, when the detector decoy email account receives an email from the detector probe account within the trusted network a policy based infection response rule is generated.
摘要翻译: 本发明的实施例提供了一种用于检测和响应可信网络中的恶意软件(恶意软件)的基于邮件的传播的方法和装置。 一个实施例提供了一种检测器诱饵电子邮件帐户,用作可信网络内的域的恶意软件的通用诱饵。 另外,作为检测器探测器帐户,提供至少一个可信网络内的域的电子邮件帐户。 这样做时,当检测器诱饵电子邮件帐户从可信网络内的检测器探针帐户接收到电子邮件时,生成基于策略的感染响应规则。
-
12.发明申请Method and apparatus for automatic and secure distribution of an asymmetric key security credential in a utility computing environment 有权用于在公用计算环境中自动和安全地分发非对称密钥安全凭证的方法和装置公开(公告)号:US20070098178A1
公开(公告)日:2007-05-03
申请号:US11262131
申请日:2005-10-28
申请人: Amit Raikar
发明人: Amit Raikar
IPC分类号: H04L9/00
CPC分类号: H04L9/083 , H04L9/0891 , H04L9/32 , H04L63/0272 , H04L63/062
摘要: Embodiments of the invention provide a method and an apparatus for automatic, secure, and confidential distribution of an asymmetric key security credential in a utility computing environment. In one method embodiment, the present invention provides an asymmetric key at a management server, the asymmetric key automatically associated with a logical device identifier of a provisionable resource. Additionally, an isolated virtual network is established between the management server and the provisionable resource for providing the asymmetric key to the provisionable resource. Then, after the asymmetric key is provided to the provisionable resource the isolated virtual network between the management server and the provisionable resource is dissolved.
摘要翻译: 本发明的实施例提供了一种用于在公用计算环境中自动,安全和保密地分发非对称密钥安全凭证的方法和装置。 在一个方法实施例中,本发明在管理服务器提供非对称密钥,该非对称密钥与可供应资源的逻辑设备标识符自动相关联。 此外,在管理服务器和可供应资源之间建立隔离的虚拟网络,用于向可供应资源提供非对称密钥。 然后,在向可供应资源提供非对称密钥之后,管理服务器和可配置资源之间的隔离虚拟网络被解散。
-
13.发明申请Method and an apparatus for securely communicating between a management server and a managed node associated with a dynamic provisioning system 审中-公开用于在管理服务器和与动态供应系统相关联的被管理节点之间进行安全通信的方法和装置公开(公告)号:US20060248082A1
公开(公告)日:2006-11-02
申请号:US11119089
申请日:2005-04-29
申请人: Amit Raikar , John Diamant , Todd Spencer
发明人: Amit Raikar , John Diamant , Todd Spencer
CPC分类号: H04L67/125 , H04L9/32 , H04L63/06 , H04L63/08 , H04L2463/061
摘要: Embodiments of the present invention pertain to a method and an apparatus are described. In one embodiment, an initial authentication credential is associated with a management server and a node managed by the management server where the managed node can be provisioned by a dynamic provisioning system. An active authentication credential is generated. The initial authentication credential is used to create a secure communications channel between the management server and the managed node. The secure communications enables the communication of the active authentication credential between the management server and the managed node.
摘要翻译: 本发明的实施例涉及一种方法和装置。 在一个实施例中,初始认证凭证与管理服务器和由管理服务器管理的节点相关联,其中管理节点可由动态供应系统来供应。 生成一个活动的认证证书。 初始认证凭证用于在管理服务器和受管节点之间创建安全通信通道。 安全通信使得能够在管理服务器和被管理节点之间进行主动认证凭证的通信。
-
14.发明授权Secure method and apparatus for enabling the provisioning of a shared service in a utility computing environment 有权用于实现在公用计算环境中提供共享服务的安全方法和装置公开(公告)号:US08908708B2
公开(公告)日:2014-12-09
申请号:US11262434
申请日:2005-10-28
申请人: Amit Raikar
发明人: Amit Raikar
CPC分类号: H04L63/0272 , H04L12/467
摘要: Embodiments of the invention provide a secure method for enabling the provisioning of a shared service in a utility computing environment. One embodiment establishes an account primary virtual local area network (VLAN) for at least one account in a utility computing environment. Then, a request is received from a service provider to provide a shared service to the at least one account. An isolated VLAN is established for each shared service being provisioned in the context of the account primary VLAN and a promiscuous port is provided for the service provider. A selection option is then provided to allow the at least one server to utilize the shared service provided by the service provider. An isolated port is then configured for the at least one server on an isolated VLAN between the at least one server that chooses to utilize the shared service, and the shared service.
摘要翻译: 本发明的实施例提供了一种用于在公用计算环境中实现共享服务的供应的安全方法。 一个实施例为公用计算环境中的至少一个帐户建立帐户主虚拟局域网(VLAN)。 然后,从服务提供商接收到向至少一个帐户提供共享服务的请求。 为在帐户主VLAN的上下文中提供的每个共享服务建立隔离VLAN,并为服务提供商提供混杂端口。 然后提供选择选项以允许至少一个服务器利用由服务提供商提供的共享服务。 然后,为选择使用共享服务的至少一个服务器和共享服务之间的隔离VLAN上的至少一个服务器配置隔离端口。
-
公开(公告)号:US08065368B2
公开(公告)日:2011-11-22
申请号:US10632446
申请日:2003-07-31
申请人: Amit Raikar , Guruprasad Ramarao
发明人: Amit Raikar , Guruprasad Ramarao
IPC分类号: G06F15/16
CPC分类号: H04L41/0843 , H04L41/0213 , H04L63/20
摘要: Methods and Systems for configuring secure templates for an application and network management system to provide network security. A template for an application and network management system is configured with first information for determining whether at least one message received by the template should or should not be processed by the template. The template is configured with second information for processing data associated with at least one received message. The template is configured with third information for preventing the communication of at least one received message to other templates for the application and network management system.
摘要翻译: 为应用程序和网络管理系统配置安全模板以提供网络安全性的方法和系统。 用于应用和网络管理系统的模板配置有用于确定模板接收到的至少一个消息是否应该被模板处理的第一信息。 模板配置有用于处理与至少一个接收到的消息相关联的数据的第二信息。 该模板配置有用于防止至少一个接收的消息与用于应用和网络管理系统的其他模板的通信的第三信息。
-
16.发明授权RPC port mapper integrity checker to improve security of a provisionable network 有权RPC端口映射器完整性检查器,以提高可配置网络的安全性公开(公告)号:US07890999B2
公开(公告)日:2011-02-15
申请号:US10637172
申请日:2003-08-07
申请人: Guruprasad Ramarao , Amit Raikar
发明人: Guruprasad Ramarao , Amit Raikar
IPC分类号: G08B23/00
CPC分类号: H04L63/123
摘要: A method for verifying port integrity in a network, comprising: accessing port binding information in a port authorization file in the network, querying a port mapper in the network for a mapped port assignment, comparing the port assignment to the port binding, and initiating a response based on the results of the comparing.
摘要翻译: 一种用于验证网络中的端口完整性的方法,包括:访问网络中的端口授权文件中的端口绑定信息,在网络中查询映射端口分配的端口映射器,将端口分配与端口绑定进行比较,以及启动端口绑定 基于比较结果的反应。
-
17.发明申请Method and apparatus for automatic and secure distribution of a symmetric key security credential in a utility computing environment 有权用于在公用计算环境中自动和安全地分发对称密钥安全凭证的方法和装置公开(公告)号:US20060285693A1
公开(公告)日:2006-12-21
申请号:US11154798
申请日:2005-06-16
申请人: Amit Raikar
发明人: Amit Raikar
IPC分类号: H04L9/00
CPC分类号: H04L63/062 , H04L63/08
摘要: Embodiments of the invention provide a method and an apparatus for automatic, secure, and confidential distribution of a symmetric key security credential in a utility computing environment. In one method embodiment, the present invention establishes a symmetric key at a management server, the symmetric key automatically associated with a logical device identifier of a provisionable resource. Additionally, an isolated virtual network is established between the management server and the provisionable resource for providing the symmetric key to the provisionable resource. Then, after the symmetric key is provided to the provisionable resource the isolated virtual network between the management server and the provisionable resource is dissolved.
摘要翻译: 本发明的实施例提供了一种用于在公用计算环境中自动,安全和机密地分发对称密钥安全凭证的方法和装置。 在一个方法实施例中,本发明在管理服务器上建立对称密钥,对称密钥与可供应资源的逻辑设备标识符自动相关联。 此外,在管理服务器和可供应资源之间建立隔离的虚拟网络,用于向可供应资源提供对称密钥。 然后,在将对称密钥提供给可供应资源之后,解除管理服务器和可供应资源之间的隔离虚拟网络。
-
18.发明授权Method and apparatus for automatic and secure distribution of an asymmetric key security credential in a utility computing environment 有权用于在公用计算环境中自动和安全地分发非对称密钥安全凭证的方法和装置公开(公告)号:US08577044B2
公开(公告)日:2013-11-05
申请号:US11262131
申请日:2005-10-28
申请人: Amit Raikar
发明人: Amit Raikar
IPC分类号: H04L9/08
CPC分类号: H04L9/083 , H04L9/0891 , H04L9/32 , H04L63/0272 , H04L63/062
摘要: Embodiments of the invention provide a method and an apparatus for automatic, secure, and confidential distribution of an asymmetric key security credential in a utility computing environment. In one method embodiment, the present invention provides an asymmetric key at a management server, the asymmetric key automatically associated with a logical device identifier of a provisionable resource. Additionally, an isolated virtual network is established between the management server and the provisionable resource for providing the asymmetric key to the provisionable resource. Then, after the asymmetric key is provided to the provisionable resource the isolated virtual network between the management server and the provisionable resource is dissolved.
摘要翻译: 本发明的实施例提供了一种用于在公用计算环境中自动,安全和保密地分发非对称密钥安全凭证的方法和装置。 在一个方法实施例中,本发明在管理服务器提供非对称密钥,该非对称密钥与可供应资源的逻辑设备标识符自动相关联。 此外,在管理服务器和可供应资源之间建立隔离的虚拟网络,用于向可供应资源提供非对称密钥。 然后,在向可供应资源提供非对称密钥之后,管理服务器和可配置资源之间的隔离虚拟网络被解散。
-
公开(公告)号:US07228564B2
公开(公告)日:2007-06-05
申请号:US10627374
申请日:2003-07-24
申请人: Amit Raikar , Guruprasad Ramarao
发明人: Amit Raikar , Guruprasad Ramarao
IPC分类号: G06F11/00
CPC分类号: H04L63/1408
摘要: Disclosed is a method for configuring an intrusion detection system in a network which comprises determining a location in the network for a deployed intrusion detection sensor of the intrusion detection system, deploying the intrusion detection sensor in the determined location, enabling the intrusion detection sensor to monitor communication in a portion of the network, tuning the intrusion detection sensor to an appropriate level of awareness of the content in the communication in the network, prioritizing responses generated by the intrusion detection sensor to achieve an appropriate response to a detected intrusion in the network, configuring intrusion response mechanisms in the network to achieve an appropriate response by the mechanisms; and re-tuning the intrusion detection sensor in response to a prior intrusion detection.
摘要翻译: 公开了一种在网络中配置入侵检测系统的方法,包括:确定入侵检测系统的部署入侵检测传感器在网络中的位置,将入侵检测传感器部署在确定的位置,使入侵检测传感器能够监视 在网络的一部分中进行通信,将入侵检测传感器调整到对网络中的通信中的内容的适当级别的感知,优先考虑由入侵检测传感器生成的响应以实现对网络中检测到的入侵的适当响应, 配置网络中的入侵响应机制,实现机制的适当响应; 并且响应于先前的入侵检测重新调整入侵检测传感器。
-
20.发明申请Dynamic source authentication and encryption cryptographic scheme for a group-based secure communication environment 审中-公开用于基于组的安全通信环境的动态源认证和加密加密方案公开(公告)号:US20050111668A1
公开(公告)日:2005-05-26
申请号:US10722822
申请日:2003-11-25
申请人: Amit Raikar
发明人: Amit Raikar
CPC分类号: H04L9/16 , H04L9/0833 , H04L9/0891
摘要: Embodiments of the present invention include a method for establishing secure group-based communication comprising: distributing a first set of keys to a plurality of hosts for encrypting communication and for source authentication of group-based communication between the plurality of hosts. The method further includes distributing a second set of keys to the plurality of hosts for dynamically modifying the first set of keys as also any other keys used (encryption keys or seed variables) when required (viz. for periodic re-keying or for adjusting to a change in group membership).
摘要翻译: 本发明的实施例包括一种用于建立安全的基于群组的通信的方法,包括:将第一组密钥分发到多个主机,用于加密通信,以及用于多个主机之间的基于群组的通信的源认证。 所述方法还包括将第二组密钥分发到所述多个主机,用于在需要时(也就是周期性重新键入或用于调整到 组成员变更)。
-
-
-
-
-
-
-
-
-
搜索结果
22 条记录 (耗时 0.03 秒)
