-
1.发明授权Identifying history of modification within large collections of unstructured data 有权识别大量非结构化数据集中的修改历史公开(公告)号:US07490116B2
公开(公告)日:2009-02-10
申请号:US10738924
申请日:2003-12-17
IPC分类号: G06F17/30
CPC分类号: G06F17/30011 , Y10S707/956 , Y10S707/99936 , Y10S707/99953 , Y10S707/99956
摘要: A technique for efficient representation of dependencies between electronically-stored documents, such as in an enterprise data processing system. A document distribution path is developed as a directional graph that is a representation of the historic dependencies between documents, which is constructed in real time as documents are created. The system preferably maintains a lossy hierarchical representation of the documents indexed in such a way that allows for fast queries for similar but not necessarily equivalent documents. A distribution path, coupled with a document similarity service, can be used to provide a number of applications, such as a security solution that is capable of finding and restricting access to documents that contain information that is similar to other existing files that are known to contain sensitive information.
摘要翻译: 用于有效表示电子存储文档(例如在企业数据处理系统中)之间的依赖性的技术。 文档分发路径被开发为方向图,其是表示文档之间的历史依赖性,其在创建文档时实时构建。 系统优选地维护以这样的方式索引的文档的有损分级表示,其允许快速查询相似但不一定等效的文档。 与文档相似性服务相结合的分发路径可以用于提供许多应用,例如能够查找和限制对包含与已知的其他现有文件相似的信息的文档的访问的安全解决方案 包含敏感信息。
-
公开(公告)号:US07100047B2
公开(公告)日:2006-08-29
申请号:US10750321
申请日:2003-12-31
CPC分类号: G06F21/606 , G06F21/6209 , G06F2221/2149 , H04L63/0428 , H04L63/0823 , H04L63/10
摘要: A technique for adaptive encryption of digital assets such as computer files. The system model monitors passage of files to uncontrollable removable storage media or through network connections and the like which may indicate possible abuse of access rights. In accordance with a preferred embodiment, an autonomous independent agent process running at a point of use, such a background process in a client operating system kernel, interrupts requests for access to resources. The agent process senses low level system events, filters, and aggregates them. A policy engine analyzes sequences of aggregate events to determine when to apply encryption.
摘要翻译: 一种数字资产如计算机文件的自适应加密技术。 系统模型监视文件到不可控制的可移动存储介质的通过,或通过可能指示可能滥用访问权限的网络连接等。 根据优选实施例,在使用点运行的自主独立代理进程,客户端操作系统内核中的这种后台进程中断对资源的访问请求。 代理进程感知低级系统事件,过滤器和聚合它们。 策略引擎分析聚合事件的顺序,以确定何时应用加密。
-
公开(公告)号:US07814021B2
公开(公告)日:2010-10-12
申请号:US10706871
申请日:2003-11-12
申请人: Nicholas Stamos , Seth N. Birnbaum , Tomas Revesz, Jr. , Donato Buccella , Keith A. MacDonald , Dwayne A. Carson , William E. Fletcher
发明人: Nicholas Stamos , Seth N. Birnbaum , Tomas Revesz, Jr. , Donato Buccella , Keith A. MacDonald , Dwayne A. Carson , William E. Fletcher
IPC分类号: G06F21/00
CPC分类号: H04L63/10 , G06F21/552 , H04L41/0613 , H04L41/147 , H04L43/0811
摘要: A technique for establishing usage control over digital assets such as computer files. The system model not only tracks authorized users' access to files, but monitors passage of such files to uncontrollable removable storage media or through network connections and the like which may indicate possible abuse of access rights. In accordance with a preferred embodiment, an autonomous independent agent process running at a point of use, such a background process in a client operating system kernel, interrupts requests for access to resources. The agent process senses low level system events, filters, and aggregates them. A policy engine analyzes sequences of aggregate events to determine when policy violations occur.
摘要翻译: 一种用于建立诸如计算机文件等数字资产的使用控制的技术。 系统模型不仅跟踪授权用户对文件的访问,而且监视这些文件通过不可控制的可移动存储介质,或通过可能指示可能滥用访问权限的网络连接等。 根据优选实施例,在使用点运行的自主独立代理进程,客户端操作系统内核中的这种后台进程中断对资源的访问请求。 代理进程感知低级系统事件,过滤器和聚合它们。 策略引擎分析聚合事件的顺序,以确定何时发生策略违规。
-
公开(公告)号:US07472272B2
公开(公告)日:2008-12-30
申请号:US10716336
申请日:2003-11-18
申请人: Nicholas Stamos , Seth N. Birnbaum , Tomas Revesz, Jr. , Donato Buccella , Keith A. MacDonald , Dwayne A. Carson , William E. Fletcher
发明人: Nicholas Stamos , Seth N. Birnbaum , Tomas Revesz, Jr. , Donato Buccella , Keith A. MacDonald , Dwayne A. Carson , William E. Fletcher
IPC分类号: H04L9/00
CPC分类号: H04L67/06 , G06F21/552
摘要: A technique for establishing a perimeter of accountability for usage of digital assets such as data files. The accountability model not only tracks authorized users' access to files, but monitors passage of such files to uncontrollable removable storage media or through network connections and the like which may indicate possible abuse of access. In accordance with a preferred embodiment, an autonomous independent agent process running at a point of use, such as in the background of a client operating system kernel, interrupts requests for access to resources. The agent process senses low level system events, filters, aggregates them, and makes reports to a journaling server. The journaling server analyzes sequences of low level events to detect when aggregate events of interest occur, such as “FileEdit”, network file transfers and the like. Reports can be generated to provide an understanding of how digital assets have been accessed, used or communicated by individuals in an enterprise.
摘要翻译: 建立数据资产使用问责制周期的技术,如数据文件。 问责模式不仅跟踪授权用户对文件的访问,而且监视这些文件通过不可控制的可移动存储介质,或通过可能表示可能的访问滥用的网络连接等。 根据优选实施例,在诸如在客户端操作系统内核的后台中运行的使用点运行的自主独立代理进程中断对资源的访问请求。 代理进程感知低级系统事件,过滤器,聚合它们,并将报告发送到日记服务器。 日志服务器分析低级事件的序列以检测感兴趣的聚合事件何时发生,例如“FileEdit”,网络文件传输等。 可以生成报告,以了解数字资产如何被企业中的个人访问,使用或传达。
-
公开(公告)号:US07409547B2
公开(公告)日:2008-08-05
申请号:US11510891
申请日:2006-08-28
CPC分类号: G06F21/606 , G06F21/6209 , G06F2221/2149 , H04L63/0428 , H04L63/0823 , H04L63/10
摘要: A technique for adaptive encryption of digital assets such as computer files. The system model monitors passage of files to uncontrollable removable storage media or through network connections and the like which may indicate possible abuse of access rights. In accordance with a preferred embodiment, an autonomous independent agent process running at a point of use, such a background process in a client operating system kernel, interrupts requests for access to resources. The agent process senses low level system events, filters, and aggregates them. A policy engine analyzes sequences of aggregate events to determine when to apply encryption.
摘要翻译: 一种数字资产如计算机文件的自适应加密技术。 系统模型监视文件到不可控制的可移动存储介质的通过,或通过可能指示可能滥用访问权限的网络连接等。 根据优选实施例,在使用点运行的自主独立代理进程,客户端操作系统内核中的这种后台进程中断对资源的访问请求。 代理进程感知低级系统事件,过滤器和聚合它们。 策略引擎分析聚合事件的顺序,以确定何时应用加密。
-
公开(公告)号:US20080184358A1
公开(公告)日:2008-07-31
申请号:US12011475
申请日:2008-01-25
IPC分类号: H04L9/00
CPC分类号: H04L63/04
摘要: A trusted transaction architecture that provides security from a client side input device to a merchant server by installing a secure custom browser process on the client side computer via an ActiveX control or the equivalent. This Secure Browser Process (SBP) may then be inspected to ensure that no external codes exist in its application space, that no subsequently loaded Dynamic Link Library (DLL), or equivalent, has been tampered with or modified, that no Application Programming Interface (API) has been overwritten or redirected, and that no input device driver has been hooked by a digital signature. The SBP then creates a secure channel to the input device(s) that are used to enter data into the browser application, and creates a secure channel to the merchant's destination server to ensure that data cannot be intercepted, even on the client side computer.
摘要翻译: 一种可信任的事务体系结构,其通过经由ActiveX控件或等价物在客户端计算机上安装安全的定制浏览器进程,从客户端输入设备向商家服务器提供安全性。 然后可以检查此安全浏览器进程(SBP),以确保其应用程序空间中不存在外部代码,否则后续加载的动态链接库(DLL)或等效文件已被篡改或修改为没有应用程序编程接口( API)已被覆盖或重定向,并且没有输入设备驱动程序被数字签名挂接。 SBP然后为输入设备创建一个用于将数据输入浏览器应用程序的安全通道,并创建一个到商家目的地服务器的安全通道,以确保即使在客户端计算机上也不会拦截数据。
-
公开(公告)号:US07934091B2
公开(公告)日:2011-04-26
申请号:US12316125
申请日:2008-12-09
申请人: Nicholas Stamos , Seth N. Birnbaum , Tomas Revesz, Jr. , Donato Buccella , Keith A. MacDonald , Dwayne A. Carson , William E. Fletcher
发明人: Nicholas Stamos , Seth N. Birnbaum , Tomas Revesz, Jr. , Donato Buccella , Keith A. MacDonald , Dwayne A. Carson , William E. Fletcher
IPC分类号: H04L9/00
CPC分类号: H04L67/06 , G06F21/552
摘要: A technique for establishing a perimeter of accountability for usage of digital assets such as data files. The accountability model not only tracks authorized users' access to files, but monitors passage of such files to uncontrollable removable storage media or through network connections and the like which may indicate possible abuse of access. In accordance with a preferred embodiment, an autonomous independent agent process running at a point of use, such as in the background of a client operating system kernel, interrupts requests for access to resources. The agent process senses low level system events, filters, aggregates them, and makes reports to a journaling server. The journaling server analyzes sequences of low level events to detect when aggregate events of interest occur, such as “FileEdit”, network file transfers and the like. Reports can be generated to provide an understanding of how digital assets have been accessed, used or communicated by individuals in an enterprise.
摘要翻译: 建立数据资产使用问责制周期的技术,如数据文件。 问责模式不仅跟踪授权用户对文件的访问,而且监视这些文件通过不可控制的可移动存储介质,或通过可能表示可能的访问滥用的网络连接等。 根据优选实施例,在诸如在客户端操作系统内核的后台中运行的使用点运行的自主独立代理进程中断对资源的访问请求。 代理进程感知低级系统事件,过滤器,聚合它们,并将报告发送到日记服务器。 日志服务器分析低级事件的序列以检测感兴趣的聚合事件何时发生,例如“FileEdit”,网络文件传输等。 可以生成报告,以了解数字资产如何被企业中的个人访问,使用或传达。
-
公开(公告)号:US20090198765A1
公开(公告)日:2009-08-06
申请号:US12316125
申请日:2008-12-09
申请人: Nicholas Stamos , Seth N. Birnbaum , Tomas Revesz, JR. , Donato Buccella , Keith A. MacDonald , Dwayne A. Carson , William E. Fletcher
发明人: Nicholas Stamos , Seth N. Birnbaum , Tomas Revesz, JR. , Donato Buccella , Keith A. MacDonald , Dwayne A. Carson , William E. Fletcher
CPC分类号: H04L67/06 , G06F21/552
摘要: A technique for establishing a perimeter of accountability for usage of digital assets such as data files. The accountability model not only tracks authorized users' access to files, but monitors passage of such files to uncontrollable removable storage media or through network connections and the like which may indicate possible abuse of access. In accordance with a preferred embodiment, an autonomous independent agent process running at a point of use, such as in the background of a client operating system kernel, interrupts requests for access to resources. The agent process senses low level system events, filters, aggregates them, and makes reports to a journaling server. The journaling server analyzes sequences of low level events to detect when aggregate events of interest occur, such as “FileEdit”, network file transfers and the like. Reports can be generated to provide an understanding of how digital assets have been accessed, used or communicated by individuals in an enterprise.
摘要翻译: 建立数据资产使用问责制周期的技术,如数据文件。 问责模式不仅跟踪授权用户对文件的访问,而且监视这些文件通过不可控制的可移动存储介质,或通过可能表示可能的访问滥用的网络连接等。 根据优选实施例,在诸如在客户端操作系统内核的后台中运行的使用点运行的自主独立代理进程中断对资源的访问请求。 代理进程感知低级系统事件,过滤器,聚合它们,并将报告发送到日记服务器。 日志服务器分析低级事件的序列以检测感兴趣的聚合事件何时发生,例如“FileEdit”,网络文件传输等。 可以生成报告,以了解数字资产如何被企业中的个人访问,使用或传达。
-
公开(公告)号:US07509356B2
公开(公告)日:2009-03-24
申请号:US10235304
申请日:2002-09-05
IPC分类号: G06F17/30
CPC分类号: G06F11/1451 , Y10S707/99953 , Y10S707/99955
摘要: A system for backing up desired data includes a communication link configured to transfer information between the system and a backup storage for storing backed up data, and a processor coupled to the communication link and configured to: determine associated substantive data of the desired data, compare the associated substantive data of the desired data with stored data, and transfer the associated substantive data over the communication link for storage based on the comparison of the associated substantive data with the stored data.
摘要翻译: 用于备份所需数据的系统包括被配置为在系统和用于存储备份数据的备份存储器之间传送信息的通信链路,以及耦合到通信链路并被配置为:确定所需数据的相关实质数据的比较 所需数据的相关联的实质数据与存储的数据,并且基于相关实质数据与存储的数据的比较,通过通信链路传送相关联的实质数据以进行存储。
-
公开(公告)号:US5978805A
公开(公告)日:1999-11-02
申请号:US856111
申请日:1997-05-14
申请人: Dwayne A. Carson
发明人: Dwayne A. Carson
CPC分类号: G06F17/30176 , Y10S707/99953
摘要: A method and apparatus is disclosed for synchronizing files stored in memory of two remotely located systems. The system can generate a copy of a source file at the destination location without transferring all the data of the source file. The destination location includes a reference file that can contain similar data as that contained in the source file. The synchronization is accomplished by sending keys (representing reference blocks of data from the reference file) to the source system. At the source system, a portion of each keys called a Feature is compared with portions of source file. If the Features match, a checksum corresponding to the reference block is compared with a check sum corresponding to the source block. If the checksums match, an short message identifying the key and reference block that matched is transmitted to the destination system in order that the reference block can be copied from the reference file in order to build the synchronized file.
摘要翻译: 公开了用于同步存储在两个位于远的系统的存储器中的文件的方法和装置。 该系统可以在目标位置生成源文件的副本,而不传输源文件的所有数据。 目的位置包括一个可以包含与源文件中包含的类似数据的引用文件。 通过向源系统发送键(将参考文件的参考数据块表示)发送到同步。 在源系统中,将称为功能的每个键的一部分与源文件的部分进行比较。 如果特征匹配,则将与参考块相对应的校验和与对应于源块的校验和进行比较。 如果校验和匹配,则将匹配的密钥和参考块的短消息发送到目的地系统,以便可以从参考文件复制参考块以构建同步文件。
-
-
-
-
-
-
-
-
-
搜索结果
10 条记录 (耗时 0.015 秒)
