利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

19 条记录 (耗时 0.022 秒)

    REMOTE COMPUTER MANAGEMENT USING NETWORK COMMUNICATIONS PROTOCOL THAT ENABLES COMMUNICATION THROUGH A FIREWALL AND/OR GATEWAY
    2.
    发明申请
    REMOTE COMPUTER MANAGEMENT USING NETWORK COMMUNICATIONS PROTOCOL THAT ENABLES COMMUNICATION THROUGH A FIREWALL AND/OR GATEWAY 有权
    使用网络通信的远程计算机管理协议,通过一个防火墙和/或网关通信

    公开(公告)号:US20120198044A1

    公开(公告)日:2012-08-02

    申请号:US13439644

    申请日:2012-04-04

    申请人: Mark J. Sutherland Paul Y. Wong

    发明人: Mark J. Sutherland Paul Y. Wong

    IPC分类号: G06F15/173

    CPC分类号: H04L41/0213 H04L29/06 H04L41/22 H04L63/029 H04L63/168 H04L67/125 H04L69/329

    摘要: The invention facilitates remote management of a computer via a network. Remote computer management in which communication between a managed computer and a remote computer management server is initiated by the managed computer is implemented so that the communication is formatted in accordance with a network communications protocol that can be used to format communication that is allowed to pass through a firewall and/or gateway that mediates communication with the managed computer.

    摘要翻译: 本发明有助于通过网络远程管理计算机。 被管理计算机发起管理的计算机和远程计算机管理服务器之间的通信的远程计算机管理被实现,使得通信根据可被用于格式化允许通过的通信的网络通信协议进行格式化 一个调解与被管理计算机通信的防火墙和/或网关。

    REMOTE COMPUTER MANAGEMENT WHEN A PROXY SERVER IS PRESENT AT THE SITE OF A MANAGED COMPUTER
    3.
    发明申请
    REMOTE COMPUTER MANAGEMENT WHEN A PROXY SERVER IS PRESENT AT THE SITE OF A MANAGED COMPUTER 有权
    当代理服务器出现在管理的计算机的现场时,远程计算机管理

    公开(公告)号:US20100058057A1

    公开(公告)日:2010-03-04

    申请号:US12568166

    申请日:2009-09-28

    申请人: Mark J. Sutherland Paul Y. Wong

    发明人: Mark J. Sutherland Paul Y. Wong

    IPC分类号: G06F15/173 H04L9/32 H04L9/08 G06F21/00

    CPC分类号: H04L41/28 G06F8/65 H04L41/046 H04L63/029 H04L63/0428

    摘要: The invention facilitates remote management of a computer via a network. Remote computer management in which communication between a managed computer and a remote computer management server is initiated by the managed computer is implemented so that the presence of a proxy server at the site at which the managed computer is located can be detected, and communication from the managed computer to the remote computer management server is routed to a communication port assigned for communication with the proxy server, with instructions to then send the communication to the remote computer management server.

    摘要翻译: 本发明有助于通过网络远程管理计算机。 被管理计算机发起管理计算机和远程计算机管理服务器之间的通信的远程计算机管理被实现,使得可以检测在被管理计算机所在的站点处的代理服务器的存在,并且从 被管理的计算机到远程计算机管理服务器被路由到分配用于与代理服务器通信的通信端口,并且随后指令将通信发送到远程计算机管理服务器。

    Peripheral device with integrated security functionality
    4.
    发明授权
    Peripheral device with integrated security functionality 失效
    具有集成安全功能的外围设备

    公开(公告)号:US6088802A

    公开(公告)日:2000-07-11

    申请号:US869305

    申请日:1997-06-04

    申请人: William P. Bialick Mark J. Sutherland Janet L. Dolphin-Peterson Thomas K. Rowland Kirk W. Skeba Russell D. Housley

    发明人: William P. Bialick Mark J. Sutherland Janet L. Dolphin-Peterson Thomas K. Rowland Kirk W. Skeba Russell D. Housley

    IPC分类号: G06F21/00 G06K14/67

    CPC分类号: G06F21/34

    摘要: The invention enables a peripheral device to communicate with a host computing device to enable one or more security operations to be performed by the peripheral device on data stored within the host computing device, data provided from the host computing device to the peripheral device (which can then be, for example, stored in the peripheral device or transmitted to yet another device), or data retrieved by the host computing device from the peripheral device (e.g., data that has been stored in the peripheral device, transmitted to the peripheral device from another device or input to the peripheral device by a person). In particular, the peripheral device can be adapted to enable, in a single integral peripheral device, performance of one or more security operations on data, and a defined interaction with a host computing device that has not previously been integrated with security operations in a single integral device. The defined interactions can provide a variety of types of functionality (e.g., data storage, data communication, data input and output, user identification). The peripheral device can also be implemented so that the security operations are performed in-line, i.e., the security operations are performed between the communication of data to or from the host computing device and the performance of the defined interaction. Moreover, the peripheral device can be implemented so that the security functionality of the peripheral device is transparent to the host computing device.

    摘要翻译: 本发明使得外围设备能够与主机计算设备进行通信,以使得外围设备能够对存储在主机计算设备内的数据执行一个或多个安全操作,从主机计算设备提供给外围设备的数据(其可以 然后例如存储在外围设备中或被发送到另一个设备)或由主机计算设备从外围设备检索的数据(例如,已经存储在外围设备中的数据,从外部设备发送到外围设备 另一设备或人员对外围设备的输入)。 特别地,外围设备可以适于在单个集成的外围设备中实现对数据的一个或多个安全操作的性能,以及与先前尚未与单个的安全操作集成的主计算设备的定义的交互 整体装置。 定义的交互可以提供各种类型的功能(例如,数据存储,数据通信,数据输入和输出,用户识别)。 外围设备也可以被实现为使得安全操作是在线执行的,即,在与主机计算设备的数据通信或来自主计算设备的数据的通信与定义的交互的执行之间执行安全操作。 此外,可以实现外围设备,使得外围设备的安全功能对于主机计算设备是透明的。

    REMOTE COMPUTER MANAGEMENT WHEN A PROXY SERVER IS PRESENT AT THE SITE OF A MANAGED COMPUTER
    6.
    发明申请
    REMOTE COMPUTER MANAGEMENT WHEN A PROXY SERVER IS PRESENT AT THE SITE OF A MANAGED COMPUTER 有权
    当代理服务器出现在管理的计算机的现场时,远程计算机管理

    公开(公告)号:US20130031368A1

    公开(公告)日:2013-01-31

    申请号:US13621339

    申请日:2012-09-17

    申请人: Mark J. Sutherland Paul Y. Wong

    发明人: Mark J. Sutherland Paul Y. Wong

    IPC分类号: G06F15/173 H04L9/28

    CPC分类号: H04L41/28 G06F8/65 H04L41/046 H04L63/029 H04L63/0428

    摘要: The invention facilitates remote management of a computer via a network. Remote computer management in which communication between a managed computer and a remote computer management server is initiated by the managed computer is implemented so that the presence of a proxy server at the site at which the managed computer is located can be detected, and communication from the managed computer to the remote computer management server is routed to a communication port assigned for communication with the proxy server, with instructions to then send the communication to the remote computer management server.

    摘要翻译: 本发明有助于通过网络远程管理计算机。 被管理计算机发起管理计算机和远程计算机管理服务器之间的通信的远程计算机管理被实现,使得可以检测在被管理计算机所在的站点处的代理服务器的存在,并且从 被管理的计算机到远程计算机管理服务器被路由到分配用于与代理服务器通信的通信端口,并且随后指令将通信发送到远程计算机管理服务器。

    Protected volume on a data storage device with dual operating systems and configurable access and encryption controls
    8.
    发明授权
    Protected volume on a data storage device with dual operating systems and configurable access and encryption controls 有权
    具有双操作系统和可配置访问和加密控制的数据存储设备上的受保护卷

    公开(公告)号:US07757100B2

    公开(公告)日:2010-07-13

    申请号:US12126759

    申请日:2008-05-23

    申请人: Gregg D. Weissman Hon Tran Gregory W. Dalcher Jay H. Hoffmeier James E. Zmuda Mark J. Sutherland Michael T. Guttman

    发明人: Gregg D. Weissman Hon Tran Gregory W. Dalcher Jay H. Hoffmeier James E. Zmuda Mark J. Sutherland Michael T. Guttman

    IPC分类号: G06F11/30 G06F12/14 G06F9/00 G06F15/177 H04L9/32 H04L9/00 G06F12/00 G06F13/00 G06F13/28 G06F15/167

    CPC分类号: G06F21/575 G06F21/74 G06F21/78

    摘要: A method provides a protected region of a data storage device associated with a computational device, where data in the protected region is primarily protected by preventing access without proper access authorization. The method comprises the steps of providing, in an unprotected region of the data storage device, a first operating system and associated operating system data; monitoring operating system data accessed by the computational device until a predetermined functionality becomes available; storing, in the protected region, the monitored operating system data; providing, in the protected region, a second operating system; transferring control of the computational device from the first operating system to the second operating system; storing data in the protected region; and preventing access to the stored data in the protected region without access authorization. In a further embodiment of the method, the second operating system optionally provides a second level of security by preventing decryption of data stored in the protected region without decryption authorization.

    摘要翻译: 一种方法提供与计算设备相关联的数据存储设备的保护区域,其中受保护区域中的数据主要通过在没有适当访问授权的情况下阻止访问来保护。 该方法包括以下步骤:在数据存储设备的未受保护区域中提供第一操作系统和相关联的操作系统数据; 监视由计算设备访问的操作系统数据,直到预定功能变得可用; 在受保护的区域中存储所监视的操作系统数据; 在受保护区域中提供第二操作系统; 将所述计算设备的控制从所述第一操作系统传送到所述第二操作系统; 将数据存储在受保护区域中; 并且在没有访问权限的情况下阻止对受保护区域中存储的数据的访问。 在该方法的另一实施例中,第二操作系统可选地通过防止在没有解密授权的情况下解密存储在受保护区域中的数据来提供第二级别的安全性。

    Providing a protected volume on a data storage device
    9.
    发明授权
    Providing a protected volume on a data storage device 有权
    在数据存储设备上提供受保护的卷

    公开(公告)号:US07380140B1

    公开(公告)日:2008-05-27

    申请号:US11085777

    申请日:2005-03-21

    申请人: Gregg D. Weissman Hon Tran Gregory W. Dalcher Jay H. Hoffmeier James E. Zmuda Mark J. Sutherland Michael T. Guttman

    发明人: Gregg D. Weissman Hon Tran Gregory W. Dalcher Jay H. Hoffmeier James E. Zmuda Mark J. Sutherland Michael T. Guttman

    IPC分类号: G06F11/30 G06F12/14 G06F9/00 G06F15/177 H04L9/32 H04L9/00 G06F12/00 G06F13/00 G06F13/28 G06F15/167

    CPC分类号: G06F21/575 G06F21/74 G06F21/78

    摘要: The invention establishes a protected volume on a data storage device associated with a computational device by allowing an operating system of the computational device to boot up to a point (the volume conversion crossover point) at which predetermined functionality of the operating system becomes available, then establishing the protected volume. A copy of the operating system data (cleartext operating system data) that is accessed during boot up prior to the volume conversion crossover point (which can be known by monitoring and recording access to operating system data during boot-up) is stored in an unprotected region of the data storage device. A copy of the cleartext operating system data is also stored in the protected volume. After the protected volume is established, the computational device is reset, causing the operating system to boot up again. During each boot-up of the operating system after the protected volume has been established, the cleartext operating system data is used until the volume conversion crossover point, at which time operation of the computational device converts to a secure mode (if authorized) in which data stored on the data storage device can be accessed from the protected volume (including the copy of the cleartext operating system data that is stored in the protected volume).

    摘要翻译: 本发明通过允许计算设备的操作系统引导到操作系统的预定功能变得可用的点(音量转换交叉点)来建立与计算设备相关联的数据存储设备上的受保护卷,然后 建立受保护的卷。 在卷转换交叉点之前启动期间访问的操作系统数据(明文操作系统数据)的副本(通过在启动期间监视和记录对操作系统数据的访问可以知道)存储在未受保护的 数据存储设备的区域。 明文操作系统数据的副本也存储在受保护的卷中。 保护卷建立后,计算设备复位,使操作系统再次启动。 在保护卷建立后的操作系统启动期间,使用明文操作系统数据直到音量转换交叉点,此时计算设备的操作转换为安全模式(如果授权),其中 可以从受保护的卷(包括存储在受保护卷中的明文操作系统数据的副本)访问存储在数据存储设备上的数据。

    Modular security device
    10.
    发明授权
    Modular security device 失效
    模块化安全设备

    公开(公告)号:US6003135A

    公开(公告)日:1999-12-14

    申请号:US869120

    申请日:1997-06-04

    申请人: William P. Bialick Mark J. Sutherland Janet L. Dolphin-Peterson Thomas K. Rowland Kirk W. Skeba Russell D. Housley

    发明人: William P. Bialick Mark J. Sutherland Janet L. Dolphin-Peterson Thomas K. Rowland Kirk W. Skeba Russell D. Housley

    IPC分类号: G06F1/00 G06F21/00 G06F12/14

    CPC分类号: G06F21/445 G06F21/34

    摘要: The invention enables a modular, typically portable, device to communicate with a host computing device to enable one or more security operations to be performed by the modular device on data stored within the host computing device, data provided from the host computing device to the modular device (which can then be, for example, stored in the modular device or transmitted to yet another device), or data retrieved by the host computing device from the modular device (e.g., data that has been stored in the modular device, transmitted to the modular device from another device or input to the modular device by a person). In particular, the modular device can include a security module that is adapted to enable performance of one or more security operations on data, and a target module that is adapted to enable a defined interaction with a host computing device. The target module can be embodied by any of a variety of modules having different types of functionality (e.g., data storage, data communication, data input and output, user identification). The modular device can also be implemented so that the security operations are performed in-line, i.e., the security operations are performed between the interface of the host computing device to the modular device and the external communications interface of the target module. Moreover, the modular device can be implemented so that the security functionality of the modular device is transparent to the host computing device.

    摘要翻译: 本发明使得模块化的,通常是便携式的设备能够与主机计算设备进行通信,以使模块化设备能够对主机计算设备中存储的数据执行一个或多个安全操作,从主机计算设备提供的数据到模块化 设备(其然后可以例如存储在模块化设备中或被发送到另一设备)或由主机计算设备从模块化设备检索的数据(例如,已经存储在模块化设备中的数据被传输到 来自另一设备的模块化设备或人员对模块化设备的输入)。 特别地,模块化设备可以包括适于实现对数据的一个或多个安全操作的性能的安全模块以及适于实现与主计算设备的定义的交互的目标模块。 目标模块可以由具有不同类型功能(例如,数据存储,数据通信,数据输入和输出,用户识别)的各种模块中的任何模块来实现。 也可以实现模块化设备,使得安全操作在线执行,即,在主机计算设备到模块化设备的接口和目标模块的外部通信接口之间执行安全操作。 此外,可以实现模块化设备,使得模块化设备的安全功能对于主机计算设备是透明的。