-
公开(公告)号:US20110314558A1
公开(公告)日:2011-12-22
申请号:US12816966
申请日:2010-06-16
申请人: Zhexuan Song , Jesus Molina
发明人: Zhexuan Song , Jesus Molina
IPC分类号: G06F21/00
CPC分类号: G06F21/316
摘要: A method for authenticating access to an electronic document. The method includes receiving an authentication request from a user, receiving an aggregate risk score, selecting an authentication mechanism based at least on the aggregate risk score, and applying the authentication mechanism to decide the authentication request from the user. The aggregate risk score may be based at least on a comparison of the user's past behavior with a plurality of context data associated with the user.
摘要翻译: 用于认证对电子文档的访问的方法。 所述方法包括从用户接收认证请求,接收聚合风险评分,至少基于所述总体风险评分选择认证机制,以及应用所述认证机制来确定来自所述用户的认证请求。 总体风险分数可以至少基于用户的过去行为与与用户相关联的多个上下文数据的比较。
-
公开(公告)号:US09992024B2
公开(公告)日:2018-06-05
申请号:US13358372
申请日:2012-01-25
CPC分类号: H04L9/3247 , G06F21/57 , H04L9/3265
摘要: According to an aspect of an embodiment, a method of establishing a chain of trust into a virtual machine on a hardware system is described. The method may include measuring an immutable portion of a virtual machine image configured to instantiate as the virtual machine to generate a trust anchor measurement. The method may also include storing the trust anchor measurement in a sealed memory.
-
公开(公告)号:US08874745B2
公开(公告)日:2014-10-28
申请号:US12748054
申请日:2010-03-26
申请人: Zhexuan Song , Jesus Molina , Ryusuke Masuoka
发明人: Zhexuan Song , Jesus Molina , Ryusuke Masuoka
IPC分类号: G06F15/173 , G06F9/54
CPC分类号: G06F9/54 , G06F2209/541
摘要: Methods and systems for providing services and/or computing resources are provided. A method may include receiving an application from an application provider. The method may further include receiving data from a data provider. The method may also include receiving a first request from the data provider to execute the application and apply the data as input to the application. Additionally, the method may include executing the application in response to receiving the first request. The method may also include storing output data resulting from execution of the application. The method may further include receiving a second request from the data provider to transmit the output data to the data provider. The method may additionally include communicating the output data to the data provider in response to the second request.
摘要翻译: 提供了用于提供服务和/或计算资源的方法和系统。 方法可以包括从应用提供商接收应用。 该方法还可以包括从数据提供者接收数据。 该方法还可以包括从数据提供者接收第一请求以执行应用并将该数据作为输入应用于应用。 另外,该方法可以包括响应于接收到第一请求而执行该应用。 该方法还可以包括存储由应用的执行产生的输出数据。 该方法还可以包括从数据提供者接收第二请求以将输出数据发送到数据提供者。 该方法还可以包括响应于第二请求将输出数据传送到数据提供者。
-
24.发明授权公开(公告)号:US08776057B2
公开(公告)日:2014-07-08
申请号:US13151757
申请日:2011-06-02
申请人: Zhexuan Song
发明人: Zhexuan Song
IPC分类号: G06F9/46 , G06F15/173 , G06F9/455
CPC分类号: G06F11/3003 , G06F9/45558 , G06F11/3058 , G06F11/3093 , G06F11/3476 , G06F2009/45562 , G06F2009/45591 , G06F2201/815 , G06F2201/865
摘要: In accordance with some embodiments of the present disclosure a method for providing evidence of a physical location of a virtual machine comprises launching, by an information technology (IT) resource, a virtual machine from a virtual machine image. The method further comprises generating, by the IT resource, a chain entry in a physical presence chain of the virtual machine image, the chain entry including an identifier of the IT resource indicating that the IT resource launched the virtual machine.
摘要翻译: 根据本公开的一些实施例,用于提供虚拟机的物理位置的证据的方法包括通过信息技术(IT)资源从虚拟机映像发起虚拟机。 所述方法还包括由所述IT资源生成所述虚拟机映像的物理存在链中的链条目,所述链条目包括指示所述IT资源启动所述虚拟机的所述IT资源的标识符。
-
公开(公告)号:US08539551B2
公开(公告)日:2013-09-17
申请号:US12326676
申请日:2008-12-02
申请人: Ryusuke Masuoka , Zhexuan Song
发明人: Ryusuke Masuoka , Zhexuan Song
CPC分类号: H04L63/105 , H04L63/0823 , H04L63/083
摘要: The embodiments provide generating a dedicated virtual machine image (DVMI) including functionality for a target service provider and launching the DVMI in the host device as a dedicated virtual machine (DVM). A measurement of the DVMI and/or the launched DVM, as a Trusted Dedicated Virtual Machine (TDVM), is transmitted to the target service provider server. The target service provider determines a trust level for the TDVM, based upon the measurement and provides a level of service by the target service provider server to the TDVM, according to the trust level of the TDVM.
摘要翻译: 这些实施例提供了生成专用虚拟机映像(DVMI),其包括用于目标服务提供商的功能,并且在主机设备中启动作为专用虚拟机(DVM)的DVMI。 作为可信专用虚拟机(TDVM)的DVMI和/或启动的DVM的测量被发送到目标服务提供商服务器。 目标服务提供商根据测量结果确定TDVM的信任级别,并根据TDVM的信任级别将目标服务提供商服务器的服务级别提供给TDVM。
-
26.发明申请公开(公告)号:US20120265357A1
公开(公告)日:2012-10-18
申请号:US13085803
申请日:2011-04-13
申请人: Zhexuan Song , Indradeep GHOSH
发明人: Zhexuan Song , Indradeep GHOSH
IPC分类号: G06F1/26
CPC分类号: G06Q10/06 , G01D4/002 , Y02B70/3266 , Y02B90/241 , Y02P90/82 , Y04S20/242 , Y04S20/32
摘要: In one embodiment, one or more electronic devices access energy-consumption data at each of a plurality of electricity-consuming devices, the energy-consumption data at each of the electricity-consuming devices indicating for each of a plurality of past pre-determined time periods an aggregate energy usage by the electricity-consuming device over the past pre-determined time period, an energy-measurement unit at the electricity-consuming device having measured and recorded the aggregate energy usage by the electricity-consuming device for each of the past pre-determined time periods for later access, each of the energy-measurement units having a substantially unique identifier (ID), each of the electricity-consuming devices having its own one of the energy-measurement units; and based on the energy-consumption data, determine one or more energy-consumption patterns across the electricity-consuming devices over at least the past pre-determined time periods.
摘要翻译: 在一个实施例中,一个或多个电子设备在多个耗电设备中的每一个处访问能耗数据,每个耗电设备的能量消耗数据针对多个过去的预定时间 在耗电装置的能量测量单元测量和记录耗电设备的每一个过去的总能量使用量的时间段期间耗电装置在过去预定时间段内的总能量消耗 用于稍后进入的预定时间段,每个能量测量单元具有基本唯一的标识符(ID),每个耗电设备具有其自己的一个能量测量单元; 并且基于能量消耗数据,至少在过去的预定时间段内确定穿过耗电装置的一个或多个能量消耗模式。
-
公开(公告)号:US20110314549A1
公开(公告)日:2011-12-22
申请号:US12816998
申请日:2010-06-16
申请人: Zhexuan Song , Ryusuke Masuoka
发明人: Zhexuan Song , Ryusuke Masuoka
CPC分类号: G06F21/31 , G06F21/554 , G06F2221/2137
摘要: A method for authenticating access to an electronic document. The method includes identifying a context event associated with a user seeking access to the electronic document, receiving from the user a plurality of context data, and analyzing the plurality of context data to generate a one or more derived context data. The method may also include receiving from an authentication module a context request, and in response to the context request, generating a context report, wherein the context report includes at least the one or more derived context data, and is configured to enable the authentication module to authenticate the user's access to the electronic document using a first authentication mechanism. The method may also include communicating the context report to the authentication module, monitoring the user to identify an occurrence of the context event, and upon identifying the occurrence of the context event, generating a context event flag, the context event flag configured to inform the authentication module to reauthenticate the user's access to the electronic document.
摘要翻译: 用于认证对电子文档的访问的方法。 该方法包括识别与寻求对电子文档的访问的用户相关联的上下文事件,从用户接收多个上下文数据,以及分析多个上下文数据以生成一个或多个导出的上下文数据。 该方法还可以包括从认证模块接收上下文请求,并且响应于上下文请求生成上下文报告,其中上下文报告至少包括一个或多个导出的上下文数据,并且被配置为使能认证模块 以使用第一认证机制来认证用户对电子文档的访问。 所述方法还可以包括将上下文报告传送到认证模块,监视用户以识别上下文事件的发生,以及在识别上下文事件的发生时,生成上下文事件标志,所述上下文事件标志被配置为通知 认证模块来重新认证用户对电子文档的访问。
-
公开(公告)号:US08065336B2
公开(公告)日:2011-11-22
申请号:US11014904
申请日:2004-12-20
CPC分类号: G06F17/30734 , G06F17/30731
摘要: A computer-implemented method of defining a set of annotation elements to map a concept to electronic data as input data; generating a mapping rule, according to the set of annotation elements defined and a sample of the input data; mapping the concept to the input data by applying the mapping rule to the input data; and generating a semantic instance of the input data based upon the mapping of the concept to the input data. The set of annotation elements to map the concept to the input data are a selected ontology corresponding to the input data, a selected ontology concept from the selected ontology, a mapping of a word or word phrase in the sample input data to the selected ontology concept from the selected ontology, and a pattern of the mapped word or word phrase relative to a structure of the sample input data.
摘要翻译: 一种计算机实现的方法,用于定义一组注释元素以将概念映射为电子数据作为输入数据; 根据定义的注释元素集合和输入数据的样本生成映射规则; 通过将映射规则应用于输入数据,将概念映射到输入数据; 以及基于所述概念与所述输入数据的映射来生成所述输入数据的语义实例。 用于将概念映射到输入数据的注释元素集合是对应于输入数据的选定本体,来自所选本体的所选择的本体概念,将样本输入数据中的单词或单词短语映射到所选择的本体概念 来自所选择的本体,以及相对于样本输入数据的结构的映射词或词组的模式。
-
公开(公告)号:US08843650B2
公开(公告)日:2014-09-23
申请号:US13346574
申请日:2012-01-09
申请人: Zhexuan Song , Joseph Gordon
发明人: Zhexuan Song , Joseph Gordon
IPC分类号: G06F15/16
CPC分类号: H04L63/10 , G06F9/4406 , G06F21/575 , H04L63/126
摘要: A system for trusted network booting of a server. The system may include a booting server that may contain a booting image and a network server that may boot with the booting image from the booting server. The network server may include a trust anchor that measures the booting image. The system may further include a network controller that controls access to a network. The network controller may verify the measurement of the booting image before allowing the network server to access the network.
摘要翻译: 用于服务器的可信网络引导的系统。 系统可以包括可以包含引导映像的引导服务器和可以从引导服务器引导引导映像的网络服务器。 网络服务器可以包括测量引导图像的信任锚点。 该系统还可以包括控制对网络的访问的网络控制器。 网络控制器可以在允许网络服务器访问网络之前验证引导图像的测量。
-
公开(公告)号:US08505103B2
公开(公告)日:2013-08-06
申请号:US12556148
申请日:2009-09-09
申请人: Zhexuan Song , Jesus Molina , Joseph Gordon
发明人: Zhexuan Song , Jesus Molina , Joseph Gordon
IPC分类号: G11C7/00
CPC分类号: H04L63/1433 , G06F21/53 , G06F21/552 , G06F21/57 , G06F2221/2105 , G06F2221/2149 , H04L63/145
摘要: A target computing environment is secured by a hardware trust anchor that provides a trust state of the target computing environment based upon a security audit of the target computing environment. And diagnosing the target computing environment can be diagnosed by the hardware trust anchor according to the security diagnostic information.
摘要翻译: 目标计算环境由硬件信任锚保护,所述硬件信任锚基于目标计算环境的安全审核来提供目标计算环境的信任状态。 根据安全诊断信息可以通过硬件信任锚来诊断目标计算环境。
-
-
-
-
-
-
-
-
-
搜索结果
41 条记录 (耗时 0.029 秒)
