-
公开(公告)号:US09501635B2
公开(公告)日:2016-11-22
申请号:US12146344
申请日:2008-06-25
申请人: Ramesh Chinta , Scott A. Field , Liqiang Zhu , Umit Akkus , Siddharth Bhai , Gopinathan Kannan , James J Simmons , Qi Cao , Paul Miller , Ryan Fairfax , Alexandru Hanganu
发明人: Ramesh Chinta , Scott A. Field , Liqiang Zhu , Umit Akkus , Siddharth Bhai , Gopinathan Kannan , James J Simmons , Qi Cao , Paul Miller , Ryan Fairfax , Alexandru Hanganu
CPC分类号: G06F21/46
摘要: This disclosure describes methods, systems, and application programming interfaces for creating a credential managed account. This disclosure describes creating a new password managed account, defining the password managed account, wherein the password managed account is to access a service on a managed computing device, identifying the password managed account for a lifecycle, and automatically managing the password managed account by updating and changing a password for the password managed account on a periodic basis.
摘要翻译: 本公开描述了用于创建凭证管理帐户的方法,系统和应用程序编程接口。 本公开描述了创建新的密码管理帐户,定义密码管理帐户,其中密码管理帐户将访问受管计算设备上的服务,识别生命周期中的密码管理帐户,以及通过更新来自动管理密码管理帐户 并定期更改密码管理帐户的密码。
-
公开(公告)号:US09495190B2
公开(公告)日:2016-11-15
申请号:US12546167
申请日:2009-08-24
CPC分类号: G06F9/45558 , G06F7/58 , G06F7/584 , G06F7/588 , G06F2009/45579
摘要: In the host operating system of a computing device, entropy data is collected based at least in part on each of one or more hardware components of the computing device. An entropy pool is updated based at least in part on the collected entropy data, and data from the entropy pool is provided to a guest operating system running as a virtual machine of the computing device. The guest operating system maintains a guest operating system entropy pool based on the data from the entropy pool provided by the host operating system. The guest operating system accesses the guest operating system entropy pool and uses the guest operating system entropy pool as a basis for generating values including random numbers.
摘要翻译: 在计算设备的主机操作系统中,至少部分地基于计算设备的一个或多个硬件组件中的每个收集熵数据。 至少部分地基于收集的熵数据来更新熵池,并且将来自熵池的数据提供给作为计算设备的虚拟机运行的客户操作系统。 客户操作系统基于主机操作系统提供的熵池的数据维护客户机操作系统熵池。 访客操作系统访问客户操作系统熵池,并使用客户机操作系统熵池作为生成包括随机数的值的基础。
-
公开(公告)号:US08996866B2
公开(公告)日:2015-03-31
申请号:US12645465
申请日:2009-12-22
申请人: Crispin Cowan , Matthew Z. Tamayo-Rios , Tanmoy Dutta , John Lambert , Paul J. Leach , Scott A. Field , Thomas C. Jones
发明人: Crispin Cowan , Matthew Z. Tamayo-Rios , Tanmoy Dutta , John Lambert , Paul J. Leach , Scott A. Field , Thomas C. Jones
摘要: Computer-executable instructions that are directed to the performance of consequential actions and automatically elevate to execute at a higher privilege level to do so can perform such consequential actions only after user notification. Doing so can enable monitoring processes to avoid presenting duplicative user notification upon detection of such auto-elevation. In addition, prior to presenting user notification, input from the execution environment can be ignored and access to DLLs for performing consequential actions can be avoided. A static analyzer can identify non-conforming computer-executable instructions. A wrapper can be utilized to provide compliance by otherwise unknown or non-conforming computer-executable instructions.
摘要翻译: 针对执行相应操作并自动提升以在较高权限级别执行的计算机可执行指令,只有在用户通知后才能执行此类后续操作。 这样做可以实现监控过程,以避免在检测到这种自动升高时呈现重复的用户通知。 此外,在呈现用户通知之前,可以忽略来自执行环境的输入,并且可以避免对用于执行相继动作的DLL的访问。 静态分析仪可以识别不合格的计算机可执行指令。 可以使用包装器来提供否则未知或不合格的计算机可执行指令的符合性。
-
公开(公告)号:US08615801B2
公开(公告)日:2013-12-24
申请号:US11515160
申请日:2006-08-31
摘要: Software is authorized in accordance with a reputation of the software. A trust in the author and/or publisher of the software is determined via digital signatures and/or CoAs, and a reputation of the software is utilized to determine the intent of the software. The reputation of the software can be determined via a local service, such as an enterprise IT department and/or via a reputation determination service. When software is downloaded or to be executed, the trust in the author/publisher is determined using digital signatures and/or CoAs associated with the software. If the author/publisher is determined to be trusted, a service is called to determine the reputation of the software. The software can be installed and/or executed dependent upon the reputation of the software and trustworthiness of the author/publisher.
摘要翻译: 软件根据软件的声誉授权。 通过数字签名和/或CoA来确定软件的作者和/或发行者的信任,并且利用软件的声誉来确定软件的意图。 软件的声誉可以通过本地服务(如企业IT部门)和/或通过信誉确定服务来确定。 当软件被下载或要执行时,使用与该软件相关联的数字签名和/或CoAs确定作者/发行者的信任。 如果作者/发行者被确定为受信任,则调用服务来确定软件的声誉。 该软件可以根据软件的声誉和作者/出版商的可靠性进行安装和/或执行。
-
公开(公告)号:US07900257B2
公开(公告)日:2011-03-01
申请号:US12475883
申请日:2009-06-01
申请人: Bhalchandra S. Pandit , Praerit Garg , Richard B. Ward , Paul J. Leach , Scott A. Field , Robert P. Reichel , John E. Brezak
发明人: Bhalchandra S. Pandit , Praerit Garg , Richard B. Ward , Paul J. Leach , Scott A. Field , Robert P. Reichel , John E. Brezak
CPC分类号: G06F21/31 , G06F2221/2101
摘要: Improved intrusion detection and/or tracking methods and systems are provided for use across various computing devices and networks. Certain methods, for example, form a substantially unique audit identifier during each authentication/logon process. One method includes identifying one or more substantially unique parameters that are associated with the authentication/logon process and encrypting them to form at least one audit identifier that can then be generated and logged by each device involved in the authentication/logon process. The resulting audit log file can then be audited along with similar audit log files from other devices to track a user across multiple platforms.
摘要翻译: 提供了改进的入侵检测和/或跟踪方法和系统,用于跨越各种计算设备和网络。 例如,某些方法在每个认证/登录过程期间形成基本唯一的审计标识符。 一种方法包括识别与认证/登录过程相关联的一个或多个基本上唯一的参数并将其加密以形成至少一个审核标识符,然后可以由认证/登录过程中涉及的每个设备生成和记录。 然后可以将生成的审核日志文件与来自其他设备的类似审核日志文件一起审核,以跨多个平台跟踪用户。
-
公开(公告)号:US20110047545A1
公开(公告)日:2011-02-24
申请号:US12546167
申请日:2009-08-24
IPC分类号: G06F9/455
CPC分类号: G06F9/45558 , G06F7/58 , G06F7/584 , G06F7/588 , G06F2009/45579
摘要: In the host operating system of a computing device, entropy data is collected based at least in part on each of one or more hardware components of the computing device. An entropy pool is updated based at least in part on the collected entropy data, and data from the entropy pool is provided to a guest operating system running as a virtual machine of the computing device. The guest operating system maintains a guest operating system entropy pool based on the data from the entropy pool provided by the host operating system. The guest operating system accesses the guest operating system entropy pool and uses the guest operating system entropy pool as a basis for generating values including random numbers.
摘要翻译: 在计算设备的主机操作系统中,至少部分地基于计算设备的一个或多个硬件组件中的每个收集熵数据。 至少部分地基于收集的熵数据来更新熵池,并且将来自熵池的数据提供给作为计算设备的虚拟机运行的客户操作系统。 客户操作系统基于主机操作系统提供的熵池的数据维护客户机操作系统熵池。 访客操作系统访问客户操作系统熵池,并使用客户机操作系统熵池作为生成包括随机数的值的基础。
-
公开(公告)号:US07890946B2
公开(公告)日:2011-02-15
申请号:US10880709
申请日:2004-06-30
申请人: Anthony Blumfield , Gilad Golan , Jason Garms , Saud Alshibani , Scott A. Field
发明人: Anthony Blumfield , Gilad Golan , Jason Garms , Saud Alshibani , Scott A. Field
IPC分类号: G06F9/44
CPC分类号: G06F8/65
摘要: A facility for augmenting software in a target computer system is described. The facility receives and augmentation specification in the target computer system. The augmentations specification specifies: (a) a function to be augmented, (b) a parameter of the function to be tested, (c) a test to apply to the specified parameter, and (d) and modification to perform to the behavior of the function if the specified test is not satisfied by the specified parameter. When the specified function is invoked on the target computer system, if the specified tested is not satisfied by the specified parameter, the facility performs the specified modification to the behavior of the specified function.
摘要翻译: 描述了用于在目标计算机系统中增加软件的设施。 该设施在目标计算机系统中接收和扩充规范。 扩充规范规定:(a)要增强的功能,(b)要测试的功能的参数,(c)应用于指定参数的测试,(d)和修改以执行对 如果指定的测试不满足指定的参数的功能。 当在目标计算机系统上调用指定的函数时,如果指定的测试不符合指定的参数,则设备对指定的函数的行为执行指定的修改。
-
公开(公告)号:US07818341B2
公开(公告)日:2010-10-19
申请号:US11688002
申请日:2007-03-19
IPC分类号: G06F17/69
CPC分类号: G06F17/3089 , G06F17/30643 , G06F17/30867
摘要: Methods for using scenario solution-related information to generate customized user experiences are provided. Upon receiving a user query, a plurality of results is returned, each result being representative of a scenario solution which may be utilized to address a particular issue relevant to the received query. At the time of authoring, each scenario solution is organized based upon one or more keywords and/or one or more categories (i.e., namespaces). Data associated with a namespace/keyword corresponding to a returned search result may be mined to determine information beyond basic scenario solution search results that may be of interest to the user. As the namespace(s)/keyword(s) in association with which to organize a particular executable scenario solution is determined by the author of the scenario solution, other information associated with the same namespace/keyword (and/or a namespace/keyword having a relationship thereto) is likely to be more relevant than information organized based upon keywords alone.
摘要翻译: 提供了使用场景解决方案相关信息来生成定制用户体验的方法。 在接收到用户查询时,返回多个结果,每个结果代表可用于解决与接收到的查询相关的特定问题的方案解决方案。 在创作时,基于一个或多个关键字和/或一个或多个类别(即命名空间)来组织每个情景解决方案。 与返回的搜索结果相对应的命名空间/关键字相关联的数据可以被挖掘以确定超出用户可能感兴趣的基本场景解决方案搜索结果之外的信息。 由于与组织特定可执行场景解决方案相关联的命名空间/关键字由场景解决方案的作者确定,与相同命名空间/关键字(和/或命名空间/关键字具有 与其关系)可能比仅基于关键词组织的信息更为相关。
-
公开(公告)号:US07571199B1
公开(公告)日:2009-08-04
申请号:US09714781
申请日:2000-11-15
申请人: Scott A. Field , Jeffrey F. Spelman
发明人: Scott A. Field , Jeffrey F. Spelman
IPC分类号: G06F7/58
CPC分类号: G06F7/588 , G06F7/58 , H04L9/0869
摘要: A system collects entropy data and stores the entropy data in a nonvolatile memory. The entropy data stored in the nonvolatile memory is updated with newly collected entropy data. The entropy data stored in the nonvolatile memory is used to generate a string of random bits. The entropy data is collected from multiple sources within a computer system and may include data related to a processor in the computer system and an operating system executing on the computer system. The entropy data is maintained in a protected portion of an operating system kernel. A hashing algorithm is applied to the entropy data to generate random seed data.
摘要翻译: 系统收集熵数据并将熵数据存储在非易失性存储器中。 利用新收集的熵数据来更新存储在非易失性存储器中的熵数据。 存储在非易失性存储器中的熵数据用于生成一串随机比特。 熵数据从计算机系统内的多个源收集,并且可以包括与计算机系统中的处理器相关的数据和在计算机系统上执行的操作系统。 熵数据保存在操作系统内核的受保护部分。 将哈希算法应用于熵数据以生成随机种子数据。
-
公开(公告)号:US07490352B2
公开(公告)日:2009-02-10
申请号:US11100770
申请日:2005-04-07
摘要: Systems and methods for validating integrity of an executable file are described. In one aspect, the systems and methods determine that an executable file is being introduced into a path of execution. The executable file is then automatically evaluated in view of multiple malware checks to detect if the executable file represents a type of malware. The multiple malware checks are integrated into an operating system trust verification process along the path of execution.
摘要翻译: 描述用于验证可执行文件的完整性的系统和方法。 在一个方面,系统和方法确定可执行文件正被引入到执行的路径中。 然后,根据多个恶意软件检查自动评估可执行文件,以检测可执行文件是否代表一种恶意软件。 多个恶意软件检查被集成到沿着执行路径的操作系统信任验证过程中。
-
-
-
-
-
-
-
-
-
搜索结果
57 条记录 (耗时 0.043 秒)
