公开(公告)号：US20070162973A1

公开(公告)日：2007-07-12

申请号：US11551606

申请日：2006-10-20

Applicant: Bruce Schneier ,  Andrew Gross ,  Jonathan Callas

Inventor： Bruce Schneier ,  Andrew Gross ,  Jonathan Callas

IPC: G06F12/14

CPC classification number: G06F21/552 ,  H04L63/1416 ,  H04L63/20

Abstract: A probe attached to a customer's network collects status data and other audit information from monitored components of the network, looking for footprints or evidence of unauthorized intrusions or attacks. The probe filters and analyzes the collected data to identify potentially security-related events happening on the network. Identified events are transmitted to a human analyst for problem resolution. The analyst has access to a variety of databases (including security intelligence databases containing information about known vulnerabilities of particular network products and characteristics of various hacker tools, and problem resolution databases containing information relevant to possible approaches or solutions) to aid in problem resolution. The analyst may follow a predetermined escalation procedure in the event he or she is unable to resolve the problem without assistance from others. Various customer personnel can be alerted in a variety of ways depending on the nature of the problem and the status of its resolution. Feedback from problem resolution efforts can be used to update the knowledge base available to analysts for future attacks and to update the filtering and analysis capabilities of the probe and other systems.

Abstract translation: 连接到客户网络的探头从网络的受监视组件收集状态数据和其他审核信息，寻找未经授权的入侵或攻击的脚印或证据。 探测器过滤和分析收集的数据，以识别网络上发生的潜在安全相关事件。 识别的事件被传送给人类分析人员以解决问题。 分析人员可以访问各种数据库（包括安全情报数据库，其中包含有关特定网络产品的已知漏洞和各种黑客工具的特征的信息，以及包含与可能的方法或解决方案相关的信息的问题解决数据库），以帮助解决问题。 如果分析人员无法在没有他人协助的情况下解决问题，分析师可能会遵循预定的升级程序。 可以根据问题的性质和其解决状况，以各种方式提醒各种客户人员。 解决问题的反馈可用于更新分析人员可用于未来攻击的知识库，并更新探测器和其他系统的过滤和分析功能。

公开(公告)号：US20070199071A1

公开(公告)日：2007-08-23

申请号：US11232419

申请日：2005-09-20

Applicant: Jonathan Callas

Inventor： Jonathan Callas

IPC: H04N7/16

CPC classification number: H04L9/3073 ,  H04L9/006

Abstract: A method of generating an identity-based encryption key includes specifying a master key; receiving an identity-based string; executing a function that processes the master key and the identity-based string to produce a seed; and using the seed to produce an identity-based encryption key.

Abstract translation: 一种生成基于身份的加密密钥的方法包括：指定主密钥; 接收基于身份的字符串; 执行处理主密钥和基于身份的字符串以产生种子的功能; 并使用种子生成基于身份的加密密钥。

公开(公告)号：US20060031670A1

公开(公告)日：2006-02-09

申请号：US11176590

申请日：2005-07-06

Applicant: William Price ,  David Allen ,  Jonathan Callas

Inventor： William Price ,  David Allen ,  Jonathan Callas

IPC: H04L9/00

CPC classification number: H04L63/08 ,  H04L29/06 ,  H04L51/00 ,  H04L63/0428 ,  H04L63/0442

Abstract: The invention includes a computer readable medium storing executable instructions to enroll a user with a secure email support facility. The computer readable medium includes executable instructions to send an enrollment message, supply a registration response, and confirm the registration response. An authentication email is also sent. A client identifies the authentication email. Authentication information within the authentication email is decrypted. The authentication information is used to authenticate the client and subsequently obtain access to a secure email support facility.

Abstract translation: 本发明包括一种存储用于向用户注册安全电子邮件支持设施的可执行指令的计算机可读介质。 计算机可读介质包括发送注册消息，提供注册响应以及确认注册响应的可执行指令。 还发送验证电子邮件。 客户端识别身份验证电子邮件。 验证电子邮件中的认证信息被解密。 认证信息用于认证客户端，随后获得对安全电子邮件支持设施的访问。

公开(公告)号：US20060015736A1

公开(公告)日：2006-01-19

申请号：US11178235

申请日：2005-07-07

Applicant: Jonathan Callas ,  Phillip Dunkelberger

Inventor： Jonathan Callas ,  Phillip Dunkelberger

IPC: H04L9/00

CPC classification number: H04L9/3247 ,  H04L2209/60 ,  H04L2209/68

Abstract: A computer readable medium includes executable instructions to insert partial authentication content into a message. The modified message is then delivered through an electronic network to a recipient. Upon receipt, the partial authentication content is processed without processing the entire message. This results in an authentication response indicative of the authenticity of the message. In some instances the message is partially authenticated and therefore delivered. In other instances, the message is not partially authenticated and various processing options are invoked, such as quarantining the message, modifying the message with a warning, modifying the message to remove content, and/or sending a message to a spoofed machine advising the spoofed machine of a spoofed message. The authentication operations of the invention may also be used in connection with the implicit content of the message.

Abstract translation: 计算机可读介质包括将部分认证内容插入到消息中的可执行指令。 修改的消息然后通过电子网络传递给接收者。 收到后，处理部分认证内容，而不处理整个消息。 这导致认证响应表示消息的真实性。 在某些情况下，消息是部分认证的，因此传递。 在其他情况下，消息未被部分认证，并且调用各种处理选项，例如隔离消息，修改消息以及警告，修改消息以删除内容，和/或向欺骗机器发送消息来通知欺骗 机器的欺骗消息。 本发明的认证操作也可以与消息的隐含内容结合使用。

公开(公告)号：US20060015726A1

公开(公告)日：2006-01-19

申请号：US10895259

申请日：2004-07-19

Applicant: Jonathan Callas

Inventor： Jonathan Callas

IPC: H04L9/00

CPC classification number: H04L9/3247 ,  H04L2209/60 ,  H04L2209/68

Abstract: A computer readable medium includes executable instructions to insert partial authentication content into a message. The modified message is then delivered through an electronic network to a recipient. Upon receipt, the partial authentication content is processed without processing the entire message. This results in an authentication response indicative of the authenticity of the message. In some instances the message is partially authenticated and therefore delivered. In other instances, the message is not partially authenticated and various processing options are invoked, such as quarantining the message, modifying the message with a warning, modifying the message to remove content, and/or sending a message to a spoofed machine advising the spoofed machine of a spoofed message. The authentication operations of the invention may also be used in connection with the implicit content of the message.