-
公开(公告)号:US07617322B2
公开(公告)日:2009-11-10
申请号:US11540435
申请日:2006-09-29
申请人: Khaja E. Ahmed , Daniel R. Simon
发明人: Khaja E. Ahmed , Daniel R. Simon
IPC分类号: G06F15/173
CPC分类号: H04L67/104 , H04L63/126 , H04L67/1068 , H04L67/1091 , H04L67/28 , H04L67/2842
摘要: A system, apparatus, method, and computer-readable medium are provided for secure P2P caching. In one method, a requesting peer obtains a hash of requested data from a server. The requesting peer then transmits a request for the data to other peers. The request proves that the requesting peer has the hash. If a caching peer has the data, it generates a reply to the request that proves that it has the requested data. If the requesting peer receives a reply from a caching peer, the requesting peer establishes a connection to the caching peer and retrieves the data from the caching peer. If the requesting peer does not receive a reply to the request from any other peer, the requesting peer establishes a connection to the server and retrieves the data from the server. The requesting peer stores the data for use in responding to requests from other peers.
摘要翻译: 提供了用于安全P2P缓存的系统,装置,方法和计算机可读介质。 在一种方法中,请求对等体从服务器获取所请求数据的散列。 请求对等体然后向其他对等体发送数据请求。 该请求证明请求对等体具有散列。 如果缓存对等体具有数据,则它生成对请求的答复,证明其具有所请求的数据。 如果请求对等体从缓存对等体接收到回复,则请求对等体建立与缓存对等体的连接并从缓存对等体检索数据。 如果请求对等体没有收到来自任何其他对等体的请求的回复,则请求对等体建立与服务器的连接并从服务器检索数据。 请求对等体存储用于响应来自其他对等体的请求的数据。
-
52.发明申请METHOD AND SYSTEM FOR DETECTING A COMMUNICATION PROBLEM IN A COMPUTER NETWORK 有权用于检测计算机网络中的通信问题的方法和系统公开(公告)号:US20080320152A1
公开(公告)日:2008-12-25
申请号:US12193277
申请日:2008-08-18
IPC分类号: G06F15/16
CPC分类号: H04L63/12
摘要: A computer in a network runs a verification procedure in which it sends data packets to another computer in the network. Some or all of the data packets contain, either individually or collectively, a secret piece of information, such as a secret code. The computer then makes a determination regarding the network links between it and the other computer. If, for example, the other computer is able to respond by providing the secret piece of information back, then the computer sending the data packets concludes that the devices along the network links en route to the other computer are properly forwarding data packets.
摘要翻译: 网络中的计算机运行验证过程,其中将数据包发送到网络中的另一台计算机。 一些或全部数据包单独地或共同地包含诸如密码的秘密信息。 然后,计算机确定其与另一台计算机之间的网络链路。 例如,如果另一计算机能够通过提供秘密的信息来响应,则发送数据分组的计算机的结论是,沿着网络链路的设备路由到另一台计算机正在正确转发数据分组。
-
53.发明申请公开(公告)号:US20080141377A1
公开(公告)日:2008-06-12
申请号:US11608126
申请日:2006-12-07
IPC分类号: G06F21/00
CPC分类号: H04L63/1433 , G06F21/577 , G06F2221/2101
摘要: A strategy is described for assessing and mitigating vulnerabilities within a data processing environment. The strategy collects access data that reflects actual log-in behavior exhibited by users in the environment. The strategy also collects rights data that reflects the rights possessed by one or more administrators within the environment. Based on the access data and rights data, the strategy identifies how a user or other entity that gains access to one part of the environment can potentially compromise additional parts of the environment. The strategy can recommend and implement steps aimed at reducing any identified vulnerabilities.
摘要翻译: 描述了一种用于评估和减轻数据处理环境中的漏洞的策略。 该策略收集反映用户在环境中展示的实际登录行为的访问数据。 该策略还收集反映环境中一个或多个管理员拥有的权利的权限数据。 根据访问数据和权限数据,该策略将识别获得对环境一部分访问权限的用户或其他实体如何潜在地危及环境的其他部分。 该策略可以推荐并实施旨在减少任何已识别的漏洞的步骤。
-
公开(公告)号:US07370196B2
公开(公告)日:2008-05-06
申请号:US10963301
申请日:2004-10-12
申请人: Daniel R. Simon
发明人: Daniel R. Simon
CPC分类号: H04L9/3268 , H04L9/3257 , H04L63/0823 , H04L63/126 , H04L2209/42 , H04L2209/60
摘要: In a cryptographic system, a certificate is used to provide information regarding a client device. The certificate is blindly signed by a certifying authority to preserve the anonymity of the client device. However, information is encoded into the signature so that a content server can readily verify security attributes of the client device and make decisions regarding the delivery of electronic content to the client device based on those security attributes.
摘要翻译: 在加密系统中,证书用于提供有关客户端设备的信息。 该证书由认证机构盲目签署,以保护客户端设备的匿名性。 然而,信息被编码到签名中,使得内容服务器可以容易地验证客户端设备的安全属性,并且基于这些安全属性来做出关于向客户端设备传递电子内容的决定。
-
公开(公告)号:US07305553B2
公开(公告)日:2007-12-04
申请号:US11206578
申请日:2005-08-18
申请人: Paul England , Marcus Peinado , Daniel R. Simon , Josh D. Benaloh
发明人: Paul England , Marcus Peinado , Daniel R. Simon , Josh D. Benaloh
IPC分类号: H04L29/00
摘要: Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.
-
56.发明授权Manifest-based trusted agent management in a trusted operating system environment 有权在受信任的操作系统环境中进行基于清单的可信代理管理公开(公告)号:US07257707B2
公开(公告)日:2007-08-14
申请号:US11206579
申请日:2005-08-18
申请人: Paul England , Marcus Peinado , Daniel R. Simon , Josh D. Benaloh
发明人: Paul England , Marcus Peinado , Daniel R. Simon , Josh D. Benaloh
IPC分类号: H04L29/00
摘要: Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.
摘要翻译: 在受信任的操作系统环境中的基于清单的可信代理管理包括接收接收到的执行进程的请求,并为进程设置虚拟内存空间。 此外,访问对应于进程的清单,并且可以基于二进制文件中包括在清单中的指示符限制在虚拟存储器空间中执行多个二进制文件中的哪一个。
-
公开(公告)号:US07200599B2
公开(公告)日:2007-04-03
申请号:US09887524
申请日:2001-06-21
IPC分类号: G06F17/30
CPC分类号: G06F21/316 , Y10S707/922 , Y10S707/99933 , Y10S707/99936 , Y10S707/99943
摘要: An implementation of a technology, described herein, for facilitating the automated generation of input-validation software filters. The implementation of the invention provides an easy graphical user interface (GUI). With this GUI, a user (such as a system administrator) is able to quickly enter a set of parameters defining what valid inputs constitute—in particular, when such inputs come from a computing component. Consequently, the user does not have to manually generate filtering instructions on how to filter input from a computing component. This abstract itself is not intended to limit the scope of this patent. The scope of the present invention is pointed out in the appending claims.
摘要翻译: 本文所述的技术的实现,用于促进输入验证软件过滤器的自动生成。 本发明的实现提供了一种简单的图形用户界面(GUI)。 使用该GUI,用户(例如系统管理员)能够快速输入一组定义什么有效输入构成的参数 - 特别是当这样的输入来自计算组件时。 因此,用户不必手动生成关于如何过滤来自计算组件的输入的过滤指令。 本摘要本身并不旨在限制本专利的范围。 在所附权利要求中指出了本发明的范围。
-
公开(公告)号:US06871276B1
公开(公告)日:2005-03-22
申请号:US09543056
申请日:2000-04-05
申请人: Daniel R. Simon
发明人: Daniel R. Simon
CPC分类号: H04L9/3268 , H04L9/3257 , H04L63/0823 , H04L63/126 , H04L2209/42 , H04L2209/60
摘要: In a cryptographic system, a certificate is used to provide information regarding a client device. The certificate is blindly signed by a certifying authority to preserve the anonymity of the client device. However, information is encoded into the signature so that a content server can readily verify security attributes of the client device and make decisions regarding the delivery of electronic content to the client device based on those security attributes.
-
59.发明授权System and method for secure purchase and delivery of video content programs 失效用于安全购买和传送视频内容节目的系统和方法
公开(公告)号:US6055314A
公开(公告)日:2000-04-25
申请号:US620603
申请日:1996-03-22
申请人: Terence R. Spies , Daniel R. Simon
发明人: Terence R. Spies , Daniel R. Simon
CPC分类号: G07F7/1008 , G06Q20/123 , G06Q20/341 , G06Q20/40975 , G07F17/0014 , H04N21/4184 , H04N21/4185 , H04N21/47202 , H04N21/63345 , H04N7/163 , H04N7/165 , H04N7/1675 , H04N21/4753
摘要: A system and method for secure purchase and delivery of video content programs over various distribution media, including distribution networks and digital video disks, includes an integrated circuit card (e.g., a smart card, PCMCIA card) which is configured to store decryption capabilities for related video programs. The decryption capabilities are initially kept in a secure store at a video merchant. When a purchaser orders a particular video program, the decryption capabilities for that program are downloaded to the IC card, either at the merchant premises or over a distribution network. The video content program is distributed in encrypted format via the distribution media to the purchaser. The IC card uses the decryption capabilities to at least partly decrypt the video content program without exposing the decryption capabilities.
摘要翻译: 一种用于通过各种分发媒体(包括分配网络和数字视频盘)安全地购买和传送视频内容节目的系统和方法包括集成电路卡(例如,智能卡,PCMCIA卡),其被配置为存储相关的解密能力 视频节目。 解密功能最初保存在视频商家的安全存储中。 当购买者订购特定的视频节目时,将该节目的解密能力下载到IC卡,无论是在商家处所还是通过分发网络。 视频内容节目通过分发媒体以加密格式分发给购买者。 IC卡使用解密能力至少部分地解密视频内容节目而不暴露解密能力。
-
公开(公告)号:US09742560B2
公开(公告)日:2017-08-22
申请号:US12483095
申请日:2009-06-11
CPC分类号: H04L9/0836 , H04L9/0866 , H04L9/0869 , H04L9/3226 , H04L63/0272 , H04L63/0428 , H04L63/064 , H04L63/164
摘要: A hierarchical key generation and distribution mechanism for a computer system in which devices are organized into secure enclaves. The mechanism enables network access to be tailored to approximate minimum needed privileges for each device. At the lowest level of the hierarchy, keys are used to form security associations between devices. Keys at each level of the hierarchy are generated from keys at a higher level of the hierarchy and key derivation information. Key derivation information is readily ascertainable, either from identifiers for devices or from within messages, supporting hardware offload of cryptographic functions. Because keys may be generated based on the enclaves in which the hosts participating in a security association are located, the system includes a mechanism by which devices can discover the enclave in which they are located.
-
-
-
-
-
-
-
-
-
搜索结果
79 条记录 (耗时 0.049 秒)
