公开(公告)号：US07908391B1

公开(公告)日：2011-03-15

申请号：US12055021

申请日：2008-03-25

申请人： Sourabh Satish ,  William E. Sobel ,  Brian Hernacki

发明人： Sourabh Satish ,  William E. Sobel ,  Brian Hernacki

IPC分类号： G06F15/16

CPC分类号： G06F9/445

摘要： The performance of a remotely originated application is improved by determining the most popular application features, and proactively making the corresponding application content available to local computers on which the application runs. An application streaming or network file system transmits an application to a plurality of endpoints for execution. The server determines the relative popularity of the application features, and maps the features to corresponding application content. The server proactively pushes the application content corresponding to the most popular features to the endpoints. The popularity of application features is dynamically updated on a regular, ongoing basis. The proactive pushing of code pages is kept current with the updated popularity determinations.

摘要翻译： 通过确定最流行的应用程序功能，并主动使相应的应用程序内容可用于运行应用程序的本地计算机，可以提高远程发起的应用程序的性能。 应用流或网络文件系统将应用发送到多个端点以供执行。 服务器确定应用程序功能的相对受欢迎程度，并将功能映射到相应的应用程序内容。 服务器主动将与最受欢迎的功能相对应的应用内容推送到端点。 应用功能的普及可以定期，持续地进行动态更新。 主动推送代码页面保持最新的流行度确定。

公开(公告)号：US07886065B1

公开(公告)日：2011-02-08

申请号：US11391979

申请日：2006-03-28

申请人： Sourabh Satish ,  Brian Hernacki

发明人： Sourabh Satish ,  Brian Hernacki

IPC分类号： G06F15/16 ,  G06F15/173 ,  G06F9/00 ,  G06F12/14 ,  G06F11/30 ,  H04L29/06 ,  H04L12/66

CPC分类号： H04L12/66 ,  G06F21/554 ,  G06F21/575 ,  G06F2221/2141 ,  H04L63/101 ,  H04L63/1416

摘要： Providing security for a network is disclosed. Network traffic associated with a host is monitored. If an activity pattern associated with a reboot of the host is observed, access by the host to the network is restricted based at least in part on the observed activity pattern.

摘要翻译： 披露了网络的安全性。 监控与主机相关联的网络流量。 如果观察到与主机的重新启动相关联的活动模式，则至少部分地基于观察到的活动模式来限制主机对网络的访问。

公开(公告)号：US20090164899A1

公开(公告)日：2009-06-25

申请号：US11963694

申请日：2007-12-21

申请人： Brian HERNACKI ,  Sourabh Satish ,  Timothy G. Brown

发明人： Brian HERNACKI ,  Sourabh Satish ,  Timothy G. Brown

IPC分类号： G06F3/01

CPC分类号： G06F9/453

摘要： Visual images of computer components are provided to remotely guide users through the process of setting up physical connections. Component identifying information is automatically gleaned and provided from a user's computer to a remote administrator. The administrator provides visual images of the components to the user, and remotely annotates them to guide the user through the configuration process. Image annotation can include pointing to a specific section of the image (e.g., the plug into which a cable is to be inserted) and/or drawing or writing on or otherwise marking-up the image to direct the user's attention. The visual image-based guidance can be supplemented by voice communication with the user.

摘要翻译： 提供计算机组件的视觉图像，以便通过设置物理连接的过程来远程引导用户。 组件识别信息自动收集并从用户计算机提供给远程管理员。 管理员向用户提供组件的可视化图像，并远程注释它们，以引导用户完成配置过程。 图像注释可以包括指向图像的特定部分（例如，要插入电缆的插头）和/或绘图或写入或以其他方式标记图像以引导用户的注意。 基于视觉图像的指导可以通过与用户的语音通信来补充。

公开(公告)号：US07296138B1

公开(公告)日：2007-11-13

申请号：US11075515

申请日：2005-03-08

申请人： Matthew Conover ,  Sourabh Satish

发明人： Matthew Conover ,  Sourabh Satish

IPC分类号： G06F12/00 ,  G06F9/34

CPC分类号： G06F12/109

摘要： A process page table entry (PTE) associated with a process is located, and a determination is made whether the process PTE is prototype PTE. If the process PTE is a prototype PTE, the location of the actual PTE is determined. A copy-on-write functionality associated with the PTE is disabled and the location of shared page of memory associated with the PTE determined. The shared page is modified, for example with hooking code, and the copy-on-write functionality is re-enabled.

摘要翻译： 定位与过程相关联的过程页表项（PTE），并确定过程PTE是否是原型PTE。 如果过程PTE是原型PTE，则确定实际PTE的位置。 禁用与PTE相关联的写时复制功能，并确定与PTE相关联的共享内存页的位置。 修改共享页面，例如使用挂钩代码，并重新启用写时复制功能。

公开(公告)号：US09373080B1

公开(公告)日：2016-06-21

申请号：US13626738

申请日：2012-09-25

申请人： Sourabh Satish

发明人： Sourabh Satish

IPC分类号： G06N5/02

CPC分类号： G06N5/022 ,  G06Q10/04 ,  G06Q10/103

摘要： A plurality of user made decisions concerning unknown data objects are received from a plurality of users. Each specific user made decision concerns a specific unknown data object made by a specific user, wherein the specific decision could not be made automatically with a sufficient level of confidence without user input. Accuracy of the received user made decisions is automatically determined, as empirical data determinative of the accuracy of the decisions becomes available over time. User weights are automatically dynamically calculated, based on the determined accuracy of decisions made by associated users. Multiple user made decisions received from multiple users concerning a specific unknown data object are aggregated, taking into account the user weights. A definitive decision concerning the specific unknown data object is automatically made without prompting any user for confirmation, based on the aggregating of the user made decisions concerning the specific unknown data object.

摘要翻译： 从多个用户接收关于未知数据对象的多个用户作出的决定。 每个特定用户作出决定涉及由特定用户做出的特定未知数据对象，其中在没有用户输入的情况下，不能以足够的置信水平自动进行特定决定。 自动确定接收到的用户作出的决定的准确性，因为确定决策的准确性的经验数据随时间变得可用。 基于所确定的关联用户决策的准确性，自动动态地计算用户权重。 考虑到用户权重，会聚合从多个用户收到的关于特定未知数据对象的多个用户决定。 根据关于特定未知数据对象的用户决定的聚合，自动进行关于特定未知数据对象的确定性决定，而不用提示任何用户进行确认。

公开(公告)号：US08935154B1

公开(公告)日：2015-01-13

申请号：US13446081

申请日：2012-04-13

申请人： Sourabh Satish ,  Michael Hart

发明人： Sourabh Satish ,  Michael Hart

IPC分类号： G06F17/27

CPC分类号： G06F17/27

摘要： A computer-implemented method for determining authorship of an unclassified notification message is described. An unclassified notification message with one or more target sentences is received. A message model based on one or more classified notification messages stored in a data storage device is retrieved. One or more linguistic analysis procedures are performed on the one or more target sentences. Results of the one or more linguistic analysis procedures are compared with one or more characteristics of the message model. The unclassified notification message is classified based on the results of the comparison.

摘要翻译： 描述了一种用于确定未分类通知消息的作者身份的计算机实现的方法。 收到具有一个或多个目标句子的未分类通知消息。 检索基于存储在数据存储设备中的一个或多个分类通知消息的消息模型。 对一个或多个目标句子执行一个或多个语言分析程序。 将一个或多个语言分析程序的结果与消息模型的一个或多个特征进行比较。 未分类的通知消息根据比较结果进行分类。

公开(公告)号：US08918873B1

公开(公告)日：2014-12-23

申请号：US12550198

申请日：2009-08-28

申请人： Sourabh Satish ,  Shane Pereira ,  Wilson Meng ,  Yoshihiro Yasuda

发明人： Sourabh Satish ,  Shane Pereira ,  Wilson Meng ,  Yoshihiro Yasuda

IPC分类号： G06F12/14

CPC分类号： G06F21/57 ,  G06F2221/2145

摘要： The instant disclosure describes various exemplary systems and methods for exonerating an untrusted software component based solely on a trusted software component's non-optional or “hard” dependency on the untrusted software component. In one example, a method for exonerating untrusted software components in this manner may include: 1) identifying a dependent software component, 2) determining that the dependent software component is a non-optional dependent component of at least one trusted software component, and then 3) classifying the dependent software component as a trusted software component. As detailed herein, such a method may enable security software to quickly and efficiently exonerate untrusted components by association without having to scan or perform other intrusive and/or resource-intensive security operations on such untrusted software components.

摘要翻译： 本公开描述了仅基于可信软件组件对不可信软件组件的非可选或“硬”依赖性来排除不可信软件组件的各种示例性系统和方法。 在一个示例中，以这种方式排除不信任软件组件的方法可以包括：1）识别从属软件组件，2）确定依赖软件组件是至少一个可信软件组件的非可选依赖组件，然后 3）将依赖软件组件分类为可信软件组件。 如这里所详细描述的，这种方法可以使得安全软件能够通过关联来快速有效地排除不信任的组件，而不必扫描或执行对这种不受信任的软件组件的其他侵入和/或资源密集型安全操作。

公开(公告)号：US08887273B1

公开(公告)日：2014-11-11

申请号：US12884870

申请日：2010-09-17

申请人： Sourabh Satish ,  Brian Hernacki

发明人： Sourabh Satish ,  Brian Hernacki

IPC分类号： G06F11/00

CPC分类号： G06Q20/12 ,  G06Q20/02 ,  G06Q20/382 ,  G06Q20/3821 ,  G06Q20/4016

摘要： Determining reputation information is disclosed. A honey token is included in an online identity data. The honey token is to monitor for misuse of all or part of the online identity data. Optionally, information associated with at least one use of the honey token is aggregated with other reputation information.

摘要翻译： 公开了确定信誉信息。 蜂蜜令牌包含在线身份数据中。 蜂蜜令牌是监控滥用全部或部分在线身份数据。 可选地，与蜂蜜令牌的至少一个使用相关联的信息与其他信誉信息进行聚合。

公开(公告)号：US08788836B1

公开(公告)日：2014-07-22

申请号：US11644579

申请日：2006-12-22

申请人： Brian Hernacki ,  Sourabh Satish ,  Timothy G. Brown

发明人： Brian Hernacki ,  Sourabh Satish ,  Timothy G. Brown

IPC分类号： G06F21/00

CPC分类号： G06F21/6245 ,  G06F21/31 ,  G06F2221/2115 ,  H04L63/0807 ,  H04L63/126

摘要： A method and apparatus for providing claim validation without storing user information within the IDM system. During enrollment, the IDM system creates a hash representative of the identification information provided by a user. The user information is discarded, i.e., not stored within the IDM system. Only a hash representing that information is stored within the system. Upon a user providing information to a service provider, the service provider requests that the user's information be authenticated by a third party IDS system. The service provider will request such authentication from the IDM system identified by the user. The IDM system generates, from the user's information that was provided to the service provider, a signed token that is sent to the user for use by the user to access the service provider's services. In this manner, the IDM system does not store identification information of the user. Yet, the IDM system provides identification validation services to any service provider requesting such services to ensure that a user is authentic.

摘要翻译： 一种用于提供权利要求验证而不在IDM系统内存储用户信息的方法和装置。 在注册期间，IDM系统创建由用户提供的识别信息的哈希表示。 用户信息被丢弃，即不存储在IDM系统内。 只有表示该信息的哈希存储在系统中。 当用户向服务提供商提供信息时，服务提供商请求用户的信息由第三方IDS系统认证。 服务提供商将从用户识别的IDM系统请求此类认证。 IDM系统从提供给服务提供商的用户的信息中生成发送给用户以供用户访问服务提供商的服务的签名令牌。 以这种方式，IDM系统不存储用户的识别信息。 然而，IDM系统向请求这样的服务的任何服务提供商提供识别验证服务，以确保用户是真实的。

公开(公告)号：US08763076B1

公开(公告)日：2014-06-24

申请号：US13488419

申请日：2012-06-04

申请人： Sourabh Satish ,  Brian Hernacki

发明人： Sourabh Satish ,  Brian Hernacki

IPC分类号： H04L29/06

CPC分类号： H04L63/20 ,  G06F21/00 ,  G06F21/604

摘要： Techniques are disclosed for implementing dynamic endpoint management. In accordance with one embodiment, whenever an endpoint joins a managed network for the first time, or rejoins that network, a local security module submits a list of applications (e.g., all or incremental) to a security server. The server validates the list and sends back a rule set (e.g., allow/block rules and/or required application security settings) for those applications. If the server has no information for a given application, it may further subscribe to content from a content provider or service. When the server is queried regarding an unknown application, the server sends a query to the service provider to obtain a trust rating for that unknown application. The trust rating can then be used to generate a rule set for the unknown application. Functionality can be shifted from server to client, and vice-versa if so desired.

摘要翻译： 公开了实现动态端点管理的技术。 根据一个实施例，每当端点首次加入受管网络或重新加入该网络时，本地安全模块将应用列表（例如全部或增量）提交给安全服务器。 服务器验证列表，并发送这些应用程序的规则集（例如，允许/阻止规则和/或必需的应用程序安全设置）。 如果服务器没有给定应用程序的信息，它可以进一步订阅来自内容提供商或服务的内容。 当服务器查询未知应用程序时，服务器向服务提供商发送查询以获得该未知应用程序的信任等级。 然后可以使用信任评级来为未知应用程序生成规则集。 如果需要，功能可以从服务器转移到客户端，反之亦然。