-
公开(公告)号:US09154475B1
公开(公告)日:2015-10-06
申请号:US12354900
申请日:2009-01-16
CPC分类号: H04L63/08 , H04L63/083 , H04L63/1408 , H04L63/168 , H04W12/06
摘要: Methods, systems, and apparatus, including computer program products, for distributed security system authorization. Client device authentication instructions are executed on a client device to determine if authentication data accessible by the client device authentication instructions are stored at the client device. If the authentication data are stored at the client device, the client device authentication instructions generate authenticated user data and store the authenticated user data at the client device. If the authentication data are not stored at the client device, the client device authentication instructions generate a login environment that allows a user of the client device to input login data. The login data are provided to a verification process that in response to verification provide the authentication data to the client device.
摘要翻译: 方法,系统和设备,包括计算机程序产品,用于分布式安全系统授权。 在客户端设备上执行客户端设备认证指令,以确定由客户机设备认证指令可访问的认证数据是否存储在客户端设备。 如果认证数据存储在客户端设备,则客户端设备认证指令生成认证用户数据,并将认证用户数据存储在客户端设备。 如果认证数据未被存储在客户端设备,则客户端设备认证指令生成允许客户端设备的用户输入登录数据的登录环境。 将登录数据提供给验证过程,该验证过程响应于验证向客户端设备提供认证数据。
-
公开(公告)号:US08887249B1
公开(公告)日:2014-11-11
申请号:US12128481
申请日:2008-05-28
IPC分类号: H04L29/06
CPC分类号: H04L63/1458 , H04L63/083 , H04L63/1408
摘要: Guard tables including absence information are used in a security system to protect a network service from a denial of service attack. A login key corresponding to a login request is hashed and the output of the hash is a bit position in a guard table. The bit value at the bit position in the guard table can be checked to determine if login information corresponding to the key is present. Further processing of the login request can be based on the indicated presence or absence of the information.
摘要翻译: 包括缺席信息的保护表在安全系统中用于保护网络服务免受拒绝服务攻击。 与登录请求相对应的登录密钥被散列,并且散列的输出是保护表中的位置。 可以检查保护表中的位位置处的位值,以确定是否存在与该键对应的登录信息。 登录请求的进一步处理可以基于指示的信息的存在或不存在。
-
公开(公告)号:US08806593B1
公开(公告)日:2014-08-12
申请号:US13111711
申请日:2011-05-19
CPC分类号: H04L63/10 , H04L63/0892 , H04L63/20
摘要: Guest accounts arise in a variety of ways. Hotels, Coffee Shops, internet cafes, internet kiosks, etc provide internet access to its guests, aka customers. Cloud based security services can serve as a platform for supporting efficient and safe guest account management. Guest accounts are managed by the cloud service and are associated and disassociated with individuals as needed by the guest account provider. The cloud service can also provide a guest account provider with greater control over guest account usage and accountability.
摘要翻译: 客户帐户以各种方式出现。 酒店,咖啡店,网吧,上网亭等都可以为客人提供上网服务。 基于云的安全服务可以作为支持高效安全的客户帐户管理的平台。 访客帐户由云服务管理,并根据访客帐户提供商的需要与个人关联和取消关联。 云服务还可以为客户账户提供者更好地控制客户账户使用和问责制。
-
公开(公告)号:US08656154B1
公开(公告)日:2014-02-18
申请号:US13151369
申请日:2011-06-02
申请人: Kailash Kailash , Amarnath Mullick
发明人: Kailash Kailash , Amarnath Mullick
IPC分类号: H04L29/06
CPC分类号: H04L9/088 , H04L9/0891 , H04L63/0807
摘要: A cloud based service use may be logged into the service through multiple client devices simultaneously. Methods, systems, and computer program products base upon cryptographic challenge response are provide to efficiently and securely simultaneously effect a logout from the cloud based service at one or many logged-in client devices associated with the user. When a valid logout request is received by the cloud based service, a current key associated with the user is invalidated, and in some instances, replaced with a new key. Upon subsequent attempt to use the cloud based service by the user, one or more tokens residing on any previously logged-in client device associated the user will not allow cloud based service usage until the user validly logs into the cloud-based service and receives one or more new tokens based upon the new key at each client device.
摘要翻译: 基于云的服务使用可能会同时通过多个客户端设备登录到该服务中。 提供了基于加密挑战响应的方法,系统和计算机程序产品,以有效和安全地同时实现与用户相关联的一个或多个登录客户端设备的基于云的服务的注销。 当基于云的服务接收到有效的注销请求时,与用户相关联的当前密钥无效,并且在某些情况下被替换为新密钥。 在用户随后尝试使用基于云的服务时,驻留在与用户相关联的任何先前登录的客户端设备上的一个或多个令牌将不允许基于云的服务使用,直到用户有效地登录到基于云的服务并接收一个 或更多新的令牌,基于每个客户端设备的新密钥。
-
公开(公告)号:US07924884B2
公开(公告)日:2011-04-12
申请号:US11312816
申请日:2005-12-20
IPC分类号: H04J3/00
CPC分类号: H04L43/024
摘要: The present invention is directed towards “skip” and “differential” recording techniques for recording values of network parameter to a log in a lossless manner while reducing storage resources used to record such values. The counter monitor of the present invention monitors and records values of counters at time intervals to generate a counter log provided via temporary or permanent storage. The counter monitor compares a reading of the value of the counter to a previously obtained value of the counter. If the value of the counter has not changed, the counter monitor records only the timestamp to the counter log, thereby “skipping” the recording of the unchanged value. If there is any change in the value of the counter, then the change in value of the counter, i.e., a “differential” value, along with the timestamp is stored in the counters log. To further reduce storage resource usage, the counter monitor also stores changes to the timestamps as differential changes in time values.
摘要翻译: 本发明涉及用于以无损耗方式将网络参数的值记录到日志的“跳过”和“差分”记录技术,同时减少用于记录这些值的存储资源。 本发明的计数器监视器以时间间隔监视和记录计数器的值,以产生经由临时或永久存储提供的计数器日志。 计数器监视器将计数器的值的读数与先前获得的计数器的值进行比较。 如果计数器的值没有改变,则计数器监视器将时间戳记录到计数器日志中,从而“跳过”不变值的记录。 如果计数器的值有任何变化,则计数器值的变化,即“差分”值以及时间戳存储在计数器日志中。 为了进一步减少存储资源的使用,计数器监视器还将时间戳的变化存储为时间值的差异变化。
-
公开(公告)号:US20100024014A1
公开(公告)日:2010-01-28
申请号:US12179492
申请日:2008-07-24
IPC分类号: H04L9/32
CPC分类号: H04L63/20 , H04L9/3213 , H04L63/08 , H04L63/0815 , H04L63/083 , H04L63/10 , H04L63/102 , H04L63/1433
摘要: Systems, methods and apparatus for a distributed security that provides authentication and authorization management. The system can include a source processor that is used to identify the source associated with a request for authentication or authorization. The source processor can maintain the initial source associated with the request through the use of an association token. The associate token can be transmitted with each subsequent request that includes authentication or authorization data. The source processor can use the associate token to verify that the source associated with the initial request is the same as the source associated with subsequent authentication and authorization requests.
摘要翻译: 用于提供认证和授权管理的分布式安全性的系统,方法和设备。 该系统可以包括用于标识与认证或授权请求相关联的源的源处理器。 源处理器可以通过使用关联令牌来维护与请求相关联的初始源。 每个后续请求可以发送关联令牌,其中包括认证或授权数据。 源处理器可以使用关联令牌来验证与初始请求相关联的源与与后续认证和授权请求相关联的源相同。
-
公开(公告)号:US20100023762A1
公开(公告)日:2010-01-28
申请号:US12179377
申请日:2008-07-24
IPC分类号: H04L9/06
CPC分类号: H04L9/3234 , H04L9/3297 , H04L61/1523 , H04L63/0442 , H04L63/068 , H04L63/0807 , H04L63/102 , H04L67/02 , H04L2209/60 , H04L2463/121
摘要: Systems, methods and apparatus for a distributed security that provides authentication and authorization management. The system can include an epoch processor that is used to validate authentication and authorization data that is valid only for an epoch. The epoch processor can maintain a public key that can be used to decrypt the authentication and authorization data during the epoch that the key is valid. The epoch processor can receive a new public key during each epoch. The epoch processor can also determine if the authentication or authorization data was fraudulently generated based on the contents of the data, and verifying whether the data is valid for the epoch in which it was decrypted.
摘要翻译: 用于提供认证和授权管理的分布式安全性的系统,方法和设备。 该系统可以包括用于验证仅对于时代有效的认证和授权数据的时期处理器。 纪元处理器可以维护公钥,该密钥可用于在密钥有效的时期期间解密认证和授权数据。 时代处理器可以在每个时期接收新的公钥。 时标处理器还可以基于数据的内容来确定认证或授权数据是否被欺诈地生成,并且验证数据是否对于其被解密的时期有效。
-
公开(公告)号:US20100020967A1
公开(公告)日:2010-01-28
申请号:US12179441
申请日:2008-07-24
CPC分类号: H04L63/08 , H04L9/3234 , H04L9/3297 , H04L63/0442 , H04L2209/60
摘要: Systems, methods and apparatus for a distributed security that provides authentication and authorization management. The system can include an epoch manager that is used to generate authentication and authorization data that remain valid only for an epoch. The epoch manager can generate an epoch key pair that can be used to encrypt and decrypt the authentication and authorization data during the epoch that the key is valid. The epoch manager can also associate the contents of the data with the epoch in which it was created, so that at decrypting the epoch that the data was generated in can be identified.
摘要翻译: 用于提供认证和授权管理的分布式安全性的系统,方法和设备。 该系统可以包括一个历元管理器,用于生成仅在一个时期保持有效的认证和授权数据。 历元管理器可以生成一个时期密钥对,可以用于在密钥有效的时期期间加密和解密认证和授权数据。 纪元管理器还可以将数据的内容与其创建的时期相关联,以便在解密生成数据的时代可以被识别。
-
公开(公告)号:US20090300730A1
公开(公告)日:2009-12-03
申请号:US12128391
申请日:2008-05-28
申请人: Jay Chaudhry , Jose Raphel , Kailash Kailash , Sivprasad Udupa
发明人: Jay Chaudhry , Jose Raphel , Kailash Kailash , Sivprasad Udupa
CPC分类号: H04L63/1408 , H04L63/1441
摘要: Systems, methods and apparatus for handling security messages in a distributed security system. Requests, replies, and/or updates have varying time constraints. Processing node managers and authority node managers determine the best transmission times and/or the ignoring of such data to maximize information value.
摘要翻译: 用于在分布式安全系统中处理安全消息的系统,方法和装置。 请求,回复和/或更新具有不同的时间限制。 处理节点管理器和权限节点管理器确定最佳传输时间和/或忽略这些数据以最大化信息值。
-
公开(公告)号:US20090300045A1
公开(公告)日:2009-12-03
申请号:US12128371
申请日:2008-05-28
CPC分类号: G06F21/552 , G06F21/577 , G06F21/6218 , H04L63/0218 , H04L63/10 , H04L63/1408 , H04L63/1441
摘要: Systems, methods and apparatus for a distributed security that provides security processing external to a network edge. The system can include many distributed processing nodes and one or more authority nodes that provide security policy data, threat data, and other security data to the processing nodes. The processing nodes detect and stop the distribution of malware, spyware and other undesirable content before such content reaches the destination network and computing systems.
摘要翻译: 用于分布式安全性的系统,方法和设备,为网络边缘提供安全处理。 该系统可以包括向处理节点提供安全策略数据,威胁数据和其他安全数据的许多分布式处理节点和一个或多个权限节点。 处理节点在此类内容到达目标网络和计算系统之前检测并停止恶意软件,间谍软件和其他不需要的内容的分发。
-
-
-
-
-
-
-
-
-
搜索结果
75 条记录 (耗时 0.053 秒)
