-
公开(公告)号:US20110219230A1
公开(公告)日:2011-09-08
申请号:US13039209
申请日:2011-03-02
申请人: Jon Oberheide , Douglas Song , Adam Goodman
发明人: Jon Oberheide , Douglas Song , Adam Goodman
IPC分类号: H04L9/32
CPC分类号: H04L63/0853 , G06F21/305 , G06F21/31 , G06F21/32 , H04L9/32 , H04L9/321 , H04L63/083 , H04W12/06 , H04W12/08
摘要: A method including registering an authority device for an account on an auth platform; receiving transaction request from an initiator to the auth platform; messaging the authority device with the transaction request; receiving an authority agent response from the authority device to the auth platform; if the authority agent response confirms the transaction, communicating a confirmed transaction to the initiator; and if the authority agent response denies the transaction, communicating a denied transaction to the initiator.
摘要翻译: 一种方法,包括在验证平台上登记帐户的授权装置; 从发起者接收到认证平台的交易请求; 使用事务请求发送权限设备; 从授权设备接收授权代理响应到认证平台; 如果授权代理响应确认交易,则将确认的交易传送给发起者; 并且如果权限代理响应拒绝该事务,则将拒绝的事务传送给发起者。
-
2.发明申请SYSTEM AND METHOD FOR DELIVERING A CHALLENGE RESPONSE IN AN AUTHENTICATION PROTOCOL 有权在认证协议中提供挑战响应的系统和方法公开(公告)号:US20130212387A1
公开(公告)日:2013-08-15
申请号:US13601431
申请日:2012-08-31
申请人: Jon Oberheide , Douglas Song , Adam Goodman
发明人: Jon Oberheide , Douglas Song , Adam Goodman
IPC分类号: H04L29/06
CPC分类号: H04L63/08 , H04L9/32 , H04L63/0428 , H04L63/06 , H04L63/12 , H04L63/168
摘要: A system and method for authenticating a user that includes receiving an access-request of a network protocol at a challenge-response server; determining if an access-challenge message is required; delivering an active script component through a parameter of an access-challenge message of the network protocol when an access-challenge is required; receiving a challenge-response of a user; validating the challenge-response; and selectively sending an access-accept response for a valid challenge-response and sending an access-denied response for an invalid challenge-response.
摘要翻译: 一种用于认证用户的系统和方法,包括在询问 - 响应服务器处接收网络协议的接入请求; 确定是否需要访问挑战消息; 当需要访问挑战时,通过网络协议的访问挑战消息的参数递送活动脚本组件; 接收用户的质询 - 响应; 验证挑战响应; 以及选择性地发送用于有效质询 - 响应的访问接受响应,并发送无效质询 - 响应的访问拒绝响应。
-
公开(公告)号:US20120198535A1
公开(公告)日:2012-08-02
申请号:US13310532
申请日:2011-12-02
申请人: Jon Oberheide , Douglas Song , Adam Goodman
发明人: Jon Oberheide , Douglas Song , Adam Goodman
CPC分类号: H04L63/0853 , G06F21/335 , H04L63/0272 , H04L63/0807
摘要: Various systems and methods of embedded authentication are described herein. One method of the preferred embodiment can include receiving at an authentication server a transaction token from a host website, the host website including an embeddable interface and prompting a user challenge by the authentication server at the embeddable interface. The method of the preferred embodiment can also include creating a signed authentication token in response to a successful user challenge, and transmitting the signed authentication token from the authentication server to the embeddable interface.
摘要翻译: 这里描述了嵌入式认证的各种系统和方法。 优选实施例的一种方法可以包括在认证服务器处接收来自主机网站的交易令牌,所述主机网站包括可嵌入接口,并且在所述可嵌入接口处提示所述认证服务器的用户质询。 优选实施例的方法还可以包括响应于成功的用户质询而创建签名的认证令牌,以及将签名的认证令牌从认证服务器发送到可嵌入接口。
-
4.发明申请NETWORK SERVICE FOR THE DETECTION, ANALYSIS AND QUARANTINE OF MALICIOUS AND UNWANTED FILES 有权用于检测,分析和检验非法和无障碍文件的网络服务公开(公告)号:US20090044024A1
公开(公告)日:2009-02-12
申请号:US12186014
申请日:2008-08-05
申请人: Jon Oberheide , Farnam Jahanian , Evan Cooke
发明人: Jon Oberheide , Farnam Jahanian , Evan Cooke
CPC分类号: H04L63/145 , G06F21/562 , G06F2221/2101
摘要: A system is provided for detecting, analyzing and quarantining unwanted files in a network environment. A host agent residing on a computing device in the network environment detects a new file introduced to the computing device and sends the new file to a network service for analysis. The network service is accessible to computing devices in the network environment. An architecture for the network service may include: a request dispatcher configured to receive a candidate file for inspection from a given computing device in the network environment and distribute the candidate file to one or more of a plurality of detection engines, where the detection engines operate in parallel to analyze the candidate file and output a report regarding the candidate file; and a result aggregator configured to receive reports from each of the detection engines regarding the candidate file and aggregates the reports in accordance with an aggregation algorithm.
摘要翻译: 提供了一种用于在网络环境中检测,分析和隔离不需要的文件的系统。 驻留在网络环境中的计算设备上的主机代理检测引入到计算设备的新文件,并将该新文件发送到网络服务以进行分析。 网络服务可以在网络环境中访问计算设备。 用于网络服务的架构可以包括:请求分配器,被配置为从网络环境中的给定计算设备接收候选文件以进行检查,并将候选文件分发到多个检测引擎中的一个或多个,其中检测引擎操作 并行分析候选文件并输出有关候选文件的报告; 以及结果聚合器,被配置为从每个检测引擎接收关于候选文件的报告,并根据聚合算法聚合报告。
-
公开(公告)号:US09282085B2
公开(公告)日:2016-03-08
申请号:US13332027
申请日:2011-12-20
申请人: Jon Oberheide , Douglas Song , Adam Goodman
发明人: Jon Oberheide , Douglas Song , Adam Goodman
IPC分类号: H04L29/06
CPC分类号: H04L63/062 , H04L63/061 , H04L63/08 , H04L63/126
摘要: A method according to preferred embodiment can include receiving a request at a server from a private key module associated with a first user device; directing a request for a first portion of the private key from the server to a second user device; and in response to a successful user challenge creating a first portion of a digital signature and a second portion of a digital signature at the server. The method of the preferred embodiment can further include combining the first portion of the digital signature and the second portion of the digital signature; and delivering the digital signature to the first user device. The method of the preferred embodiment can function to secure the digital signature process by splitting or dividing the user's private key into two or more portions, each of which require independent authorization from the user in order to create the digital signature.
摘要翻译: 根据优选实施例的方法可以包括:从与第一用户设备相关联的私钥模块在服务器处接收请求; 将所述私钥的第一部分的请求从所述服务器引导到第二用户设备; 并且响应于在服务器处创建数字签名的第一部分和数字签名的第二部分的成功的用户挑战。 优选实施例的方法还可以包括组合数字签名的第一部分和数字签名的第二部分; 以及将数字签名传递给第一用户设备。 优选实施例的方法可以通过将用户的私有密钥分割或分割成两个或更多个部分来保护数字签名过程,每个部分需要来自用户的独立授权以便创建数字签名。
-
6.发明授权Network service for the detection, analysis and quarantine of malicious and unwanted files 有权用于检测,分析和检测恶意和不需要的文件的网络服务公开(公告)号:US08621610B2
公开(公告)日:2013-12-31
申请号:US12186014
申请日:2008-08-05
申请人: Jon Oberheide , Evan Cooke , Farnam Jahanian
发明人: Jon Oberheide , Evan Cooke , Farnam Jahanian
IPC分类号: G06F21/00
CPC分类号: H04L63/145 , G06F21/562 , G06F2221/2101
摘要: A system is provided for detecting, analyzing and quarantining unwanted files in a network environment. A host agent residing on a computing device in the network environment detects a new file introduced to the computing device and sends the new file to a network service for analysis. The network service is accessible to computing devices in the network environment. An architecture for the network service may include: a request dispatcher configured to receive a candidate file for inspection from a given computing device in the network environment and distribute the candidate file to one or more of a plurality of detection engines, where the detection engines operate in parallel to analyze the candidate file and output a report regarding the candidate file; and a result aggregator configured to receive reports from each of the detection engines regarding the candidate file and aggregates the reports in accordance with an aggregation algorithm.
摘要翻译: 提供了一种用于在网络环境中检测,分析和隔离不需要的文件的系统。 驻留在网络环境中的计算设备上的主机代理检测引入到计算设备的新文件,并将该新文件发送到网络服务以进行分析。 网络服务可以在网络环境中访问计算设备。 用于网络服务的架构可以包括:请求分配器,被配置为从网络环境中的给定计算设备接收候选文件以进行检查,并将候选文件分发到多个检测引擎中的一个或多个,其中检测引擎操作 并行分析候选文件并输出有关候选文件的报告; 以及结果聚合器,被配置为从每个检测引擎接收关于候选文件的报告,并根据聚合算法聚合报告。
-
公开(公告)号:US09544143B2
公开(公告)日:2017-01-10
申请号:US13039209
申请日:2011-03-02
申请人: Jon Oberheide , Douglas Song , Adam Goodman
发明人: Jon Oberheide , Douglas Song , Adam Goodman
CPC分类号: H04L63/0853 , G06F21/305 , G06F21/31 , G06F21/32 , H04L9/32 , H04L9/321 , H04L63/083 , H04W12/06 , H04W12/08
摘要: A method including registering an authority device for an account on an auth platform; receiving transaction request from an initiator to the auth platform; messaging the authority device with the transaction request; receiving an authority agent response from the authority device to the auth platform; if the authority agent response confirms the transaction, communicating a confirmed transaction to the initiator; and if the authority agent response denies the transaction, communicating a denied transaction to the initiator.
摘要翻译: 一种方法,包括在验证平台上登记帐户的授权装置; 从发起者接收到认证平台的交易请求; 使用事务请求发送权限设备; 从授权设备接收授权代理响应到认证平台; 如果授权代理响应确认交易,则将确认的交易传送给发起者; 并且如果权限代理响应拒绝该事务,则将拒绝的事务传送给发起者。
-
公开(公告)号:US09467463B2
公开(公告)日:2016-10-11
申请号:US13601409
申请日:2012-08-31
申请人: Jon Oberheide , Dug Song , Adam Goodman
发明人: Jon Oberheide , Dug Song , Adam Goodman
CPC分类号: H04L63/1433 , H04W12/12
摘要: A system and method for assessing vulnerability of a mobile device including at a remote analysis cloud service, receiving at least one vulnerability assessment request that includes an object identifier for an operative object of a mobile computing device, wherein the vulnerability assessment request originates from the mobile computing device; identifying a vulnerability assessment associated with the identifier of the operative object; and communicating the identified vulnerability assessment to the mobile computing device.
摘要翻译: 一种用于评估移动设备的脆弱性的系统和方法,包括在远程分析云服务处,接收包括移动计算设备的操作对象的对象标识符的至少一个漏洞评估请求,其中所述漏洞评估请求源自所述移动 计算设备; 识别与所述手术对象的标识符相关联的脆弱性评估; 以及将所识别的脆弱性评估传达给所述移动计算设备。
-
9.发明授权System and method for delivering a challenge response in an authentication protocol 有权用于在认证协议中递送挑战响应的系统和方法公开(公告)号:US08892885B2
公开(公告)日:2014-11-18
申请号:US13601431
申请日:2012-08-31
申请人: Jon Oberheide , Douglas Song , Adam Goodman
发明人: Jon Oberheide , Douglas Song , Adam Goodman
CPC分类号: H04L63/08 , H04L9/32 , H04L63/0428 , H04L63/06 , H04L63/12 , H04L63/168
摘要: A system and method for authenticating a user that includes receiving an access-request of a network protocol at a challenge-response server; determining if an access-challenge message is required; delivering an active script component through a parameter of an access-challenge message of the network protocol when an access-challenge is required; receiving a challenge-response of a user; validating the challenge-response; and selectively sending an access-accept response for a valid challenge-response and sending an access-denied response for an invalid challenge-response.
摘要翻译: 一种用于认证用户的系统和方法,包括在询问 - 响应服务器处接收网络协议的接入请求; 确定是否需要访问挑战消息; 当需要访问挑战时,通过网络协议的访问挑战消息的参数递送活动脚本组件; 接收用户的质询 - 响应; 验证挑战响应; 以及选择性地发送用于有效质询 - 响应的访问接受响应,并发送无效质询 - 响应的访问拒绝响应。
-
公开(公告)号:US08510820B2
公开(公告)日:2013-08-13
申请号:US13310532
申请日:2011-12-02
申请人: Jon Oberheide , Douglas Song , Adam Goodman
发明人: Jon Oberheide , Douglas Song , Adam Goodman
CPC分类号: H04L63/0853 , G06F21/335 , H04L63/0272 , H04L63/0807
摘要: Various systems and methods of embedded authentication are described herein. One method of the preferred embodiment can include receiving at an authentication server a transaction token from a host website, the host website including an embeddable interface and prompting a user challenge by the authentication server at the embeddable interface. The method of the preferred embodiment can also include creating a signed authentication token in response to a successful user challenge, and transmitting the signed authentication token from the authentication server to the embeddable interface.
摘要翻译: 这里描述了嵌入式认证的各种系统和方法。 优选实施例的一种方法可以包括在认证服务器处接收来自主机网站的交易令牌,所述主机网站包括可嵌入接口,并且在所述可嵌入接口处提示所述认证服务器的用户质询。 优选实施例的方法还可以包括响应于成功的用户质询而创建签名的认证令牌,以及将签名的认证令牌从认证服务器发送到可嵌入接口。
-
-
-
-
-
-
-
-
-
搜索结果
12 条记录 (耗时 0.013 秒)