-
公开(公告)号:US6105973A
公开(公告)日:2000-08-22
申请号:US119245
申请日:1993-12-15
IPC: E04B1/66 , E06B20060101 , E06B3/62
CPC classification number: E06B3/62 , E06B2003/6226 , E06B2003/6232 , E06B2003/6276 , E06B2003/6285
Abstract: A composite joint sealing gasket (8) includes an elongated flexible, resilient member (10) typically of an elastomer or polymer, for example, elastomer rubber, thermoplastic elastomer or thermoplastic polymer with memory, for example, EPDM or neoprene, and has opposed elongated upper and lower longitudinal edge portions (18, 16); the upper portion (18) defines a sealing element (40, 42); a tacky sealing composition (12), for example, a mastic composition is supported on an outer surface of the lower portion (16) remote from the sealing element (40, 42). The gasket (8) may be employed in a variety of environments where a seal is required, for example, between wall and ceiling panels, or as a glazing gasket to provide a seal with a window; when employed as a gasket the sealing element provides an outer seal with a window and the mastic composition provides an inner seal between the window and sash; streaking of the mastic composition across the window pane is avoided and the resilient member facilitates installation and provides an aesthetically pleasing appearance.
Abstract translation: PCT No.PCT / CA91 / 00107 Sec。 371日期:1993年12月15日 102(e)日期1993年12月15日PCT 1991年4月2日PCT PCT。 出版物WO92 / 17675 日期1992年10月15日复合接头密封垫圈(8)包括通常为弹性体或聚合物的细长柔性弹性构件(10),例如弹性体橡胶,热塑性弹性体或具有记忆的热塑性聚合物,例如EPDM或氯丁橡胶 并且具有相对的细长上下纵向边缘部分(18,16); 上部(18)限定密封元件(40,42); 胶粘组合物的粘性密封组合物(12)支撑在远离密封元件(40,42)的下部(16)的外表面上。 衬垫(8)可以用于需要密封的各种环境中,例如在墙壁和天花板之间,或者作为玻璃衬垫以提供与窗户的密封; 当用作垫圈时,密封元件提供具有窗口的外部密封,并且所述乳胶组合物在所述窗户和窗扇之间提供内部密封; 防止乳胶组合物横过窗玻璃的条纹,并且弹性构件便于安装并提供美观的外观。
-
公开(公告)号:US09390261B2
公开(公告)日:2016-07-12
申请号:US12306188
申请日:2007-05-04
Applicant: Manuel Costa , Miguel Castro , Tim Harris
Inventor: Manuel Costa , Miguel Castro , Tim Harris
Abstract: The majority of such software attacks exploit software vulnerabilities or flaws to write data to unintended locations. For example, control-data attacks exploit buffer overflows or other vulnerabilities to overwrite a return address in the stack, a function pointer, or some other piece of control data. Non-control-data attacks exploit similar vulnerabilities to overwrite security critical data without subverting the intended control flow in the program. We describe a method for securing software against both control-data and non-control-data attacks. A static analysis is carried out to determine data flow information for a software program. Data-flow tracking instructions are formed in order to track data flow during execution or emulation of that software. Also, checking instructions are formed to check the tracked data flow against the static analysis results and thereby identify potential attacks or errors. Optional optimisations are described to reduce the resulting additional overheads.
Abstract translation: 大多数此类软件攻击利用软件漏洞或漏洞将数据写入非预期位置。 例如,控制数据攻击利用缓冲区溢出或其他漏洞来覆盖堆栈中的返回地址,函数指针或其他一些控制数据。 非控制数据攻击利用类似的漏洞来覆盖安全关键数据,而不会破坏程序中的预期控制流程。 我们描述一种用于保护软件免受控制数据和非控制数据攻击的方法。 进行静态分析以确定软件程序的数据流信息。 形成数据流跟踪指令,以便在执行或仿真该软件期间跟踪数据流。 此外,形成检查指令以根据静态分析结果检查跟踪的数据流,从而识别潜在的攻击或错误。 描述可选优化,以减少所产生的额外开销。
-
公开(公告)号:US08352797B2
公开(公告)日:2013-01-08
申请号:US12633326
申请日:2009-12-08
Applicant: Richard John Black , Paul Barham , Manuel Costa , Marcus Peinado , Jean-Philippe Martin , Periklis Akritidis , Austin Donnelly , Miguel Castro
Inventor: Richard John Black , Paul Barham , Manuel Costa , Marcus Peinado , Jean-Philippe Martin , Periklis Akritidis , Austin Donnelly , Miguel Castro
IPC: G06F11/30
CPC classification number: G06F21/53 , G06F9/468 , G06F12/1483 , G06F21/54 , G06F21/57 , G06F2221/2141 , G06F2221/2149 , H04L63/101
Abstract: Software fault isolation methods using byte-granularity memory protection are described. In an embodiment, untrusted drivers or other extensions to a software system are run in a separate domain from the host portion of the software system, but share the same address space as the host portion. Calls between domains are mediated using an interposition library and access control data is maintained for substantially each byte of relevant virtual address space. Instrumentation added to the untrusted extension at compile-time, before load-time, or at runtime and added by the interposition library enforces the isolation between domains, for example by adding access right checks before any writes or indirect calls and by redirecting function calls to call wrappers in the interposition library. The instrumentation also updates the access control data to grant and revoke access rights on a fine granularity according to the semantics of the operation being invoked.
Abstract translation: 描述了使用字节粒度内存保护的软件故障隔离方法。 在一个实施例中,软件系统的不受信任的驱动程序或其他扩展在与软件系统的主机部分分开的域中运行,但是与主机部分共享相同的地址空间。 域之间的调用使用插入库进行调用,并且访问控制数据基本上维持相关虚拟地址空间的每个字节。 在编译期间,在加载时间之前或在运行时添加到不可信扩展的仪器,在插入库中添加的仪器会强制实现域之间的隔离,例如在任何写入或间接调用之前添加访问权限检查,并通过将函数调用重定向到 在插页库中调用包装器。 仪器还会更新访问控制数据,根据正在调用的操作的语义,以精细粒度授予和撤销访问权限。
-
公开(公告)号:US07912948B2
公开(公告)日:2011-03-22
申请号:US12097963
申请日:2006-12-02
Applicant: Christos Gkantsidis , John Miller , Manuel Costa , Pablo Rodriguez Rodriguez , Stuart Ranson
Inventor: Christos Gkantsidis , John Miller , Manuel Costa , Pablo Rodriguez Rodriguez , Stuart Ranson
IPC: G06F15/16
CPC classification number: H04L67/104 , H04L29/06 , H04L67/108 , H04L67/22 , H04L67/24 , H04L69/329
Abstract: A wire protocol is described which implements connection management and other methods to give enhanced peer-to-peer content distribution. Connections between nodes can be placed in a “notify” state when they are idle but may soon yield useful content. This notify state is also used together with a content request/response cycle to allow a peer to evaluate content available at a neighbour. If no suitable content is available a notify state is entered. When new content is later received at the neighbour it is able to inform the requesting node to allow it to restart the content request/response cycle.
Abstract translation: 描述了一种实现连接管理和其他方法以提供增强的对等内容分发的有线协议。 节点之间的连接可以在空闲时处于“通知”状态,但可能会很快产生有用的内容。 该通知状态也与内容请求/响应周期一起使用,以允许对等体评估邻居可用的内容。 如果没有合适的内容可用,则输入通知状态。 当在邻居稍后接收到新内容时,能够通知请求节点允许其重启内容请求/响应周期。
-
Patent Agency Ranking
公开(公告)号:US07849196B2
公开(公告)日:2010-12-07
申请号:US12097946
申请日:2006-12-04
Applicant: Christos Gkantsidis , John Miller , Manuel Costa , Pablo Rodriguez Rodriguez , Stuart Ranson
Inventor: Christos Gkantsidis , John Miller , Manuel Costa , Pablo Rodriguez Rodriguez , Stuart Ranson
IPC: G06F15/173
CPC classification number: H04L67/104 , H04L67/06 , H04L67/1085
Abstract: A topology management process is implemented which involves removing or “tearing down” connections between nodes in certain situations in order to try to replace those connections with more optimal ones. Idle connections are torn down unless those are in a “notify” state; a notify state being one in which a request for content has been made to a neighbour but that neighbour has no available content as yet. Idle connections in a notify state are torn down only if they remain idle for a longer time than that required before an idle connection is torn down. To avoid problems caused by clusters of node forming and of loners being unable to join the cloud, network churn algorithms are taught. These involve requiring nodes to drop connections when specified conditions are met. Relative content distribution between connections is monitored and this information used to influence selection of those connections to drop.
Abstract translation: 实现了拓扑管理过程,其涉及在某些情况下删除或“拆除”节点之间的连接,以便尝试用更优选的连接替换这些连接。 空闲连接被拆除,除非它们处于“通知”状态; 通知状态是向邻居做出对内容的请求的通知状态,但是该邻居还没有可用的内容。 通知状态下的空闲连接只有在空闲连接断开之前保持空闲时间较长的时间才会被拆除。 为了避免由于节点形成的簇和不能加入云的孤岛造成的问题,教授了网络流失算法。 这些涉及要求节点在满足指定条件时删除连接。 监视连接之间的相对内容分配,并将此信息用于影响这些连接的选择。
-
公开(公告)号:US20080320300A1
公开(公告)日:2008-12-25
申请号:US12097926
申请日:2006-12-04
Applicant: Christos Gkantsidis , John Miller , Stuart Ranson , Aamer Hydrie , Tan See-Mong , Pablo Rodriguez Rodriguez , Manuel Costa
Inventor: Christos Gkantsidis , John Miller , Stuart Ranson , Aamer Hydrie , Tan See-Mong , Pablo Rodriguez Rodriguez , Manuel Costa
CPC classification number: G06F21/10 , G06F2221/0788
Abstract: The invention relates to content distribution over a network and provides methods of controlling the distribution, of receiving the content and of publishing content. The method of controlling distribution of content over a network includes receiving a content description and location information for a source of the content from a publisher, where the content description comprises authorisation details associated with the publisher. The validity of the authorisation details is checked and if found to be valid, the content description is provided to a node in the network
Abstract translation: 本发明涉及网络上的内容分发,并且提供了控制分发,接收内容和发布内容的方法。 通过网络控制内容分发的方法包括从发布者接收内容来源的内容描述和位置信息,其中内容描述包括与发布者相关联的授权细节。 检查授权细节的有效性,如果发现有效,则将内容描述提供给网络中的节点
-
公开(公告)号:US07290002B2
公开(公告)日:2007-10-30
申请号:US10786674
申请日:2004-02-25
Applicant: Marc Shapiro , James William O'Brien , Caroline Elizabeth Matheson , Pablo R. Rodriguez , Manuel Costa
Inventor: Marc Shapiro , James William O'Brien , Caroline Elizabeth Matheson , Pablo R. Rodriguez , Manuel Costa
CPC classification number: G06F17/30067 , Y10S707/99942 , Y10S707/99953
Abstract: A system-wide selective action management facility is provided. Such a facility can support selective action management for multiple applications executing on one or more computer systems (including the operating system and its components, such as a file system). A system-wide action management facility can log actions performed on the computer system(s) and record relationships between such actions (e.g., between actions of different sources, including different documents, different applications and even different computer systems). When a user discovers a mistake, the tool allows the user to select one or more past actions (i.e., the “mistake”) for removal or replacement with one or more correction actions. The tool can also re-execute dependent actions to restore the relevant state of the system at the time of the designation, absent the “mistake”. As such, actions throughout the system can be selectively undone, fixed and/or redone in an exemplary system-wide selective action management tool.
Abstract translation: 提供了一个全系统的选择性行动管理设施。 这样的设施可以支持在一个或多个计算机系统(包括操作系统及其组件,例如文件系统)上执行的多个应用的选择性动作管理。 系统范围的行动管理设施可以记录在计算机系统上执行的动作,并记录这些动作之间的关系(例如,不同来源的动作,包括不同的文档,不同的应用程序甚至不同的计算机系统)。 当用户发现错误时,该工具允许用户通过一个或多个修正动作来选择一个或多个过去动作(即,“错误”)来移除或替换。 该工具还可以重新执行相关操作,以在指定时恢复系统的相关状态,而不存在“错误”。 因此,可以在示例性全系统选择性动作管理工具中选择性地撤销,固定和/或重做整个系统中的动作。
-
公开(公告)号:US20060031933A1
公开(公告)日:2006-02-09
申请号:US11095287
申请日:2005-03-30
Applicant: Manuel Costa , Miguel Castro , Antony Rowstron , Jon Crowcroft
Inventor: Manuel Costa , Miguel Castro , Antony Rowstron , Jon Crowcroft
CPC classification number: G06F21/57 , G06F21/552
Abstract: A containment system may include a protection system which may protect the computing device from future attacks. For example, a patch may be automatically generated which resolves a detected vulnerability in a program. IN another example, a filter may be automatically generated which filters actions and/or messages which take advantage of a detected vulnerability in a program.
-
公开(公告)号:US20060021054A1
公开(公告)日:2006-01-26
申请号:US11096054
申请日:2005-03-30
Applicant: Manuel Costa , Miguel Castro , Antony Rowstron , Jon Crowcroft
Inventor: Manuel Costa , Miguel Castro , Antony Rowstron , Jon Crowcroft
IPC: G06F11/00
CPC classification number: G06F21/566 , H04L63/1416
Abstract: One aspect of the invention is a vulnerability detection mechanism that can detect a large class of attacks through dynamic dataflow analysis. Another aspect of the invention includes self-certifying alerts as the basis for safely sharing knowledge about worms. Another aspect of the invention is a resilient and self-organizing protocol to propagate alerts to all non-infected nodes in a timely fashion, even when under active attack during a worm outbreak. Another aspect of the invention is a system architecture that enables a large number of mutually untrusting computers to collaborate in the task of stopping a previously unknown worm, even when the worm is spreading rapidly and exploiting unknown vulnerabilities in popular software packages.
-
-
-
-
-
-
-
-
Search Results
29
records
(took 0.022 seconds)
