公开(公告)号：US20110289589A1

公开(公告)日：2011-11-24

申请号：US12808130

申请日：2010-04-02

申请人： Makoto Kayashima ,  Shinichi Tsunoo ,  Hiroshi Nakagoe ,  Hiromi Isokawa ,  Norio Suzuki

发明人： Makoto Kayashima ,  Shinichi Tsunoo ,  Hiroshi Nakagoe ,  Hiromi Isokawa ,  Norio Suzuki

IPC分类号： G06F21/00

CPC分类号： G06F21/556 ,  G06F21/52 ,  G06F21/552 ,  G06F21/606 ,  G06F2221/0737 ,  G06F2221/2101 ,  G06F2221/2119 ,  H04L63/1416

摘要： The content of operations is identified and an alert is generated to an operation having a high risk of information leakage.An agent monitors, for example, operations performed with respect to a dialogue displayed on a client PC. If a file is selected by an operation performed with respect to the displayed dialogue, the agent assigns an identifier indicating a source for the file to the file. If the file is sent as an attached file, the agent identifies an output destination for the attached file as well as the source for the attached file; and if the output destination for the attached file is an external Web server and the source for the attached file is a mail server, the agent generates an alert by determining that an unauthorized operation has been executed; and then sends the generated alert to a management server.

摘要翻译： 识别操作的内容，并且对具有高信息泄漏风险的操作产生警报。 代理监视例如关于在客户端PC上显示的对话执行的操作。 如果通过对显示的对话执行的操作来选择文件，则代理将指定文件的源的标识符分配给该文件。 如果文件作为附件发送，代理将识别所附文件的输出目的地以及所附文件的源; 并且如果附加文件的输出目的地是外部Web服务器，并且所附加文件的源是邮件服务器，则代理通过确定已经执行了未经授权的操作来生成警报; 然后将生成的警报发送到管理服务器。

公开(公告)号：US07194530B2

公开(公告)日：2007-03-20

申请号：US10212709

申请日：2002-08-07

申请人： Makoto Kayashima ,  Hiromi Isokawa ,  Yasuji Ishida ,  Toru Senoo

发明人： Makoto Kayashima ,  Hiromi Isokawa ,  Yasuji Ishida ,  Toru Senoo

IPC分类号： G06F15/16

CPC分类号： H04L41/0843 ,  H04L41/00 ,  H04L41/0253 ,  H04L41/0266 ,  H04L41/22

摘要： In an integrated management system for providing a network system having a plurality of computers with a security function and managing a plurality of target products, implementation of the management system itself is facilitated by providing the management system with setting information templates prepared for respective target products, a management program for managing setting information files of target products actually used in a target network, an edit program for editing setting information files, and an install program for installing setting information files created by using the management program and the edit program in respective target devices.

摘要翻译： 在用于提供具有安全功能的多台计算机和管理多个目标产品的网络系统的集成管理系统中，通过向管理系统提供为各个目标产品准备的设置信息模板来实现管理系统本身， 用于管理目标网络中实际使用的目标产品的设置信息文件的管理程序，用于编辑设置信息文件的编辑程序，以及用于安装在各个目标设备中使用管理程序和编辑程序创建的设置信息文件的安装程序 。

公开(公告)号：US06971026B1

公开(公告)日：2005-11-29

申请号：US09628108

申请日：2000-07-27

申请人： Tatsuya Fujiyama ,  Makoto Kayashima ,  Yasuhiko Nagai ,  Mitsuhiro Tsunoda ,  Tomoaki Yamada

发明人： Tatsuya Fujiyama ,  Makoto Kayashima ,  Yasuhiko Nagai ,  Mitsuhiro Tsunoda ,  Tomoaki Yamada

IPC分类号： G06F21/20 ,  G06F11/30 ,  G06F13/00 ,  G06F15/00 ,  G06F15/16 ,  G06F17/30 ,  G06F21/00 ,  H04L9/10 ,  G06F17/60

CPC分类号： G06F21/577 ,  G06Q30/0283 ,  Y10S707/99931

摘要： A security support and evaluation system in accordance with the present invention accepts from an operator via an input unit 16, a first specification of a system to be evaluated and a second specification of each of the components constituting the system, and then retrieves data from a security countermeasure database 131 stored in an external storage unit 13 and reads out security countermeasures to be executed to each of the components of the specified system to be evaluated, and then displays on a display unit 17, the security countermeasures read out in correspondence with each of the components of the specified system to be evaluated, and then accepts from the operator via the input unit 16, information whether or not each of the security countermeasures is executed, and thereafter evaluates the state of security based on the information and displays evaluation results on the display unit 17.

摘要翻译： 根据本发明的安全支持和评估系统经由输入单元16接收来自操作者的输入单元16，要评估的系统的第一指定和构成系统的每个组件的第二指定，然后从 存储在外部存储单元13中的安全对策数据库131，并读出要执行的要评估的指定系统的每个组件的安全对策，然后在显示单元17上显示与每个对应的读取的安全对策 的待评估的指定系统的组件，然后经由输入单元16从操作员接受，执行每个安全对策的信息，然后基于该信息评估安全状态并显示评估结果 在显示单元17上。

公开(公告)号：US06520409B1

公开(公告)日：2003-02-18

申请号：US09561966

申请日：2000-05-01

申请人： Masakatsu Mori ,  Nariyasu Hamada ,  Makoto Kayashima

发明人： Masakatsu Mori ,  Nariyasu Hamada ,  Makoto Kayashima

IPC分类号： G06K0500

CPC分类号： G06Q20/04 ,  G06Q20/10 ,  G06Q20/12 ,  G06Q40/00 ,  G06Q40/04

摘要： A server system has stored therein a plurality of electronic transaction procedures corresponding to elements or combinations thereof including means of payment settlement of a purchased commodity, amount of deal, contents of the purchased commodity, financial institutions for making the settlement and so on. The server system selects one of the electronic transaction procedures corresponding to elements or a combination thereof, including means of payment settlement of a commodity to be purchased when a purchase-side client system requests a seller to sell the commodity. The electronic transaction procedure is distributed to the offer-side client, the purchase-side client and the settlement-side client through a communication network. Each of the offer-side client, the purchase-side client and the settlement-side client executes electronic transaction processes according to the distributed electronic transaction procedure. Either all of the selected electronic transaction procedure is distributed from the server system to the client systems at a time or parts of the electronic transaction procedure are successively distributed to the client systems from the server system.

摘要翻译： 服务器系统在其中存储了多个对应于元件或其组合的电子交易程序，包括购买商品的支付结算手段，交易金额，购买商品的内容，进行结算的金融机构等。 服务器系统选择与元素或其组合相对应的电子交易过程之一，包括当购买方客户端系统请求卖方出售商品时要购买的商品的支付结算方式。 电子交易程序通过通信网络分发给提供方客户端，购买方客户端和结算端客户端。 提供方客户端，购买方客户端和结算端客户端根据分布式电子交易流程执行电子交易流程。 所选择的所有电子交易过程都是从服务器系统一次性地分发到客户端系统，或者电子交易过程的一部分从服务器系统连续地分发给客户端系统。

公开(公告)号：US5880446A

公开(公告)日：1999-03-09

申请号：US788446

申请日：1997-01-29

申请人： Masakatsu Mori ,  Nariyasu Hamada ,  Makoto Kayashima

发明人： Masakatsu Mori ,  Nariyasu Hamada ,  Makoto Kayashima

IPC分类号： G06F13/00 ,  B65G61/00 ,  G06Q20/00 ,  G06Q20/04 ,  G06Q20/10 ,  G06Q20/12 ,  G06Q30/06 ,  G06Q40/00 ,  G06Q40/02 ,  G06Q50/00 ,  G06K5/00

CPC分类号： G06Q20/04 ,  G06Q20/10 ,  G06Q20/12 ,  G06Q40/00 ,  G06Q40/04

摘要： A server system has stored therein a plurality of electronic transaction procedures corresponding to elements or combinations thereof including unit of payment settlement of a purchased commodity, amount of deal, contents of the purchased commodity, financial institutions for making the settlement and so on. The server system selects one of the electronic transaction procedures corresponding to elements or a combination thereof, including unit of payment settlement of a commodity to be purchased when a purchase-side client system requests a seller to sell the commodity. The electronic transaction procedure is distributed to the offer-side client, the purchase-side client and the settlement-side client through a communication network. Each of the offer-side client, the purchase-side client and the settlement-side client executes electronic transaction processes according to the distributed electronic transaction procedure. Either all of the selected electronic transaction procedure is distributed from the server system to the client systems at a time or parts of the electronic transaction procedure are successively distributed to the client systems from the server system.

摘要翻译： 服务器系统在其中存储了多个对应于元件或其组合的电子交易程序，包括购买商品的支付结算单元，交易金额，购买商品的内容，用于进行结算的金融机构等。 服务器系统选择与元素或其组合相对应的电子交易程序之一，包括当购买方客户端系统请求卖方出售商品时要购买的商品的支付结算单位。 电子交易程序通过通信网络分发给提供方客户端，购买方客户端和结算端客户端。 提供方客户端，购买方客户端和结算端客户端根据分布式电子交易流程执行电子交易流程。 所选择的所有电子交易过程都是从服务器系统一次性地分发到客户端系统，或者电子交易过程的一部分从服务器系统连续地分发给客户端系统。

公开(公告)号：US08850592B2

公开(公告)日：2014-09-30

申请号：US12808130

申请日：2010-04-02

申请人： Makoto Kayashima ,  Shinichi Tsunoo ,  Hiroshi Nakagoe ,  Hiromi Isokawa ,  Norio Suzuki

发明人： Makoto Kayashima ,  Shinichi Tsunoo ,  Hiroshi Nakagoe ,  Hiromi Isokawa ,  Norio Suzuki

IPC分类号： G06F21/00 ,  G06F21/60 ,  G06F21/55 ,  G06F21/52 ,  H04L29/06

CPC分类号： G06F21/556 ,  G06F21/52 ,  G06F21/552 ,  G06F21/606 ,  G06F2221/0737 ,  G06F2221/2101 ,  G06F2221/2119 ,  H04L63/1416

摘要： The content of operations is identified and an alert is generated to an operation having a high risk of information leakage.An agent monitors, for example, operations performed with respect to a dialogue displayed on a client PC. If a file is selected by an operation performed with respect to the displayed dialogue, the agent assigns an identifier indicating a source for the file to the file. If the file is sent as an attached file, the agent identifies an output destination for the attached file as well as the source for the attached file; and if the output destination for the attached file is an external Web server and the source for the attached file is a mail server, the agent generates an alert by determining that an unauthorized operation has been executed; and then sends the generated alert to a management server.

摘要翻译： 识别操作的内容，并且对具有高信息泄漏风险的操作产生警报。 代理监视例如关于在客户端PC上显示的对话执行的操作。 如果通过对显示的对话执行的操作来选择文件，则代理将指定文件的源的标识符分配给该文件。 如果文件作为附件发送，代理将识别所附文件的输出目的地以及所附文件的源; 并且如果附加文件的输出目的地是外部Web服务器，并且所附加文件的源是邮件服务器，则代理通过确定已经执行了未经授权的操作来生成警报; 然后将生成的警报发送到管理服务器。

公开(公告)号：US20130275974A1

公开(公告)日：2013-10-17

申请号：US13879659

申请日：2011-10-11

申请人： Le Thanh Man Cao ,  Makoto Kayashima

发明人： Le Thanh Man Cao ,  Makoto Kayashima

IPC分类号： G06F9/50

CPC分类号： G06F9/50 ,  G06F9/505 ,  G06F9/5077

摘要： A virtual computer (VM) is allocated in such a manner that the excess or deficiency of a hardware resource of a physical computer does not occur preferably. A VM allocation apparatus that is configured to allocate a plurality of virtual computers (VM) to a plurality of physical computers is constructed. The VM allocation apparatus stores the VM load information that is information that indicates a resource load value of a VM for each of a plurality of time sections for every VM. The VM allocation apparatus selects at least two VMs in which a difference of resource load values is largest for every time section based on the VM load information and allocates the at least two VMs that have been selected to the same physical computer.

摘要翻译： 分配虚拟计算机（VM），使得物理计算机的硬件资源的过剩或不足不会优选地出现。 构造为将多个虚拟计算机（VM）分配给多个物理计算机的VM分配装置。 VM分配装置存储作为VM的资源负荷值的信息的VM负载信息，该VM信息是针对每个VM的多个时间段中的每一个的资源负荷值。 VM分配装置基于VM负载信息，选择至少两个资源负载值的差异最大的VM，并将已经选择的至少两个VM分配给同一物理计算机。

公开(公告)号：US07143151B1

公开(公告)日：2006-11-28

申请号：US09314629

申请日：1999-05-19

申请人： Makoto Kayashima ,  Tatsuya Fujiyama ,  Masato Terada ,  Yoshinori Watanabe ,  Takaaki Ogino

发明人： Makoto Kayashima ,  Tatsuya Fujiyama ,  Masato Terada ,  Yoshinori Watanabe ,  Takaaki Ogino

IPC分类号： G06F15/173

CPC分类号： H04L41/0869 ,  H04L41/0806 ,  H04L41/082 ,  H04L41/0853 ,  H04L63/0263

摘要： A network management system which includes a plurality of network devices operating in a coordinated manner and a management server managing the network devices. The management server includes apparatus for defining policy information and for generating setup information using policy information to generate setup information for each network device. The system generates setup information for each network device, distributes setup information to each network device, installs setup information to each network device, enables settings, collects setup information for each network device, and organizes and checks for consistency in the collected information.

摘要翻译： 一种网络管理系统，其包括以协调方式操作的多个网络装置和管理所述网络装置的管理服务器。 管理服务器包括用于定义策略信息和使用策略信息生成设置信息以产生每个网络设备的设置信息的设备。 系统生成每个网络设备的设置信息，将设置信息分配到每个网络设备，将设置信息安装到每个网络设备，启用设置，收集每个网络设备的设置信息，并组织并检查收集的信息的一致性。

公开(公告)号：US06336141B1

公开(公告)日：2002-01-01

申请号：US09393618

申请日：1999-09-10

申请人： Tatsuya Fujiyama ,  Makoto Kayashima ,  Masato Terada ,  Osamu Katsumata

发明人： Tatsuya Fujiyama ,  Makoto Kayashima ,  Masato Terada ,  Osamu Katsumata

IPC分类号： G06F1130

CPC分类号： H04L41/00

摘要： In a network system in which each of multiple networks, each containing computers and relay computers, is connected to another network via multiple relay computers which belong to the network concerned, and the communication between two computers belonging to different networks is performed on a communication path via multiple relay computers, there is provided a management computer for collectively managing logs which are dispersively and separately recorded in the multiple respective relay computers.

摘要翻译： 在其中包含计算机和中继计算机的多个网络中的每个网络通过属于相关网络的多个中继计算机连接到另一网络的网络系统中，并且属于不同网络的两台计算机之间的通信在通信路径 通过多个中继计算机，提供了一种管理计算机，用于共同管理分散地并分别记录在多个相应的中继计算机中的日志。

公开(公告)号：US06195366B1

公开(公告)日：2001-02-27

申请号：US09065416

申请日：1998-04-24

申请人： Makoto Kayashima ,  Masato Terada ,  Tatsuya Fujiyama ,  Eri Katoh

发明人： Makoto Kayashima ,  Masato Terada ,  Tatsuya Fujiyama ,  Eri Katoh

IPC分类号： H04J324

CPC分类号： H04L61/2007 ,  H04L29/12216 ,  H04L29/12924 ,  H04L61/6063 ,  H04L63/0281 ,  H04L69/164 ,  H04L69/165 ,  H04L69/329

摘要： A method of conducting a connectionless communication in a network communication system including a client, a server, and a plurality of proxy servers which are disposed on a transmission path between the client and server. The communication is accomplished by use of specification of a communication address thereof and a port number dynamically assigned by the computer. (a) The server transmits own communication address and own port number to the client. (b) The client transmits own communication address and own port number as well as the communication address and port number of the server to a first adjacent proxy server computer. (c) The N-th (N≧1) proxy server transmits own communication address and own server side port number as well as the communication address and the port number of the server to an (N+1)-st proxy server. (d) step (e) is repeatedly executed by incrementally increasing N until the (N+1)-th proxy server becomes a terminal proxy server. (e) The terminal proxy server transmits its own communication address and its server and client side port numbers to the N-th proxy server. (f) The N-th proxy server sends own communication address and own client side port number and the communication address and the server side port number of the terminal proxy server to the (N−1)-th proxy server when N≧2 or the client when N=1. (g) step (f) is repeatedly executed by incrementally increasing N until N becomes one. (h) The client transmits a communication address and a server side port number of the proxy server to the server. (i) The connectionless communication is commenced after all computers acquire a communication address and an associated port number of each of the computers adjacent thereto.

摘要翻译： 一种在包括客户机，服务器和多个代理服务器的网络通信系统中进行无连接通信的方法，所述客户机，服务器和多个代理服务器设置在客户机和服务器之间的传输路径上。 通过使用其通信地址的规范和由计算机动态分配的端口号来实现通信。 （a）服务器向客户端发送自己的通信地址和自己的端口号。 （b）客户端将自己的通信地址和自己的端口号以及服务器的通信地址和端口号发送到第一个相邻的代理服务器计算机。 （c）第N（N> = 1）代理服务器将自己的通信地址和自己的服务器端口号以及服务器的通信地址和端口号发送到第（N + 1）代理服务器。 （d）通过递增地增加N来重复执行步骤（e），直到第（N + 1）代理服务器成为终端代理服务器。 （e）终端代理服务器将自己的通信地址及其服务器和客户端端口号发送到第N代理服务器。 （f）当N> = 2时，第N代理服务器向第（N-1）代理服务器发送自己的通信地址和自己的客户端端口号以及终端代理服务器的通信地址和服务器端口号 或N = 1时的客户端。 （g）通过递增地增加N直到N变为1来重复执行步骤（f）。 （h）客户端向服务器发送代理服务器的通信地址和服务器端口号。 （i）在所有计算机获取与其相邻的每个计算机的通信地址和相关联的端口号之后，开始无连接通信。