利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

75 条记录 (耗时 0.026 秒)

    Recommender system
    1.
    发明授权
    Recommender system 有权

    公开(公告)号:US10438268B2

    公开(公告)日:2019-10-08

    申请号:US13369318

    申请日:2012-02-09

    申请人: Nir Nice Noam Koenigstein Ulrich Paquet

    发明人: Nir Nice Noam Koenigstein Ulrich Paquet

    IPC分类号: G06Q30/06

    摘要: Embodiments of the invention provide methods and apparatus for recommending items from a catalog of items to a user by parsing the catalog of items into a plurality of catalog clusters of related items and recommending catalog items to the user from catalog clusters to which items previously preferred by the user belong.

    Seamless location aware network connectivity
    2.
    发明授权
    Seamless location aware network connectivity 有权

    公开(公告)号:US10116580B2

    公开(公告)日:2018-10-30

    申请号:US12163046

    申请日:2008-06-27

    申请人: Ehud Mordechai Itshaki Nir Nice Eugene John Neystadt Noam Gershon Ben-Yochanan

    发明人: Ehud Mordechai Itshaki Nir Nice Eugene John Neystadt Noam Gershon Ben-Yochanan

    IPC分类号: G06F15/16 H04L12/911 H04W76/10

    摘要: Described is a technology by which a seamless automatic connection to an (e.g., corporate) network is made for a client device. Upon detecting a need for a connection to a network, such as by intercepting a communication directed towards a network destination, a list of available connection methods is automatically obtained based on the device's current location data (e.g., LAN or remote) and policy information. An available connection method from the list is selected, e.g., in order, and an attempt is made to establish a connection via that connection method. If the attempt fails, another attempt is made with a different connection method, and so on, until a connection method succeeds. Additional seamlessness from the user's perspective is provided via a credentials vault, by which stored credentials may be retrieved and used in association with the access method being attempted.

    Authentication in a network using client health enforcement framework
    3.
    发明授权
    Authentication in a network using client health enforcement framework 有权
    使用客户端健康执行框架在网络中进行身份验证

    公开(公告)号:US09443084B2

    公开(公告)日:2016-09-13

    申请号:US12338268

    申请日:2008-12-18

    申请人: Nir Nice Anat Eyal Chandrasekhar Nukala Sreenivas Addagatla Eugene Neystadt

    发明人: Nir Nice Anat Eyal Chandrasekhar Nukala Sreenivas Addagatla Eugene Neystadt

    IPC分类号: H04L29/06 G06F21/57 G06F21/31 G06F21/33

    CPC分类号: G06F21/577 G06F21/31 G06F21/33 G06F2221/2129 H04L63/08 H04L63/1441

    摘要: A network with authentication implemented using a client health enforcement framework. The framework is adapted to receive plug-ins on clients that generate health information. Corresponding plug-ins on a server validate that health information. Based on the results of validation, the server may instruct the client to remediate or may authorize an underlying access enforcement mechanism to allow access. A client plug-in that generates authentication information formatted as a statement of health may be incorporated into such a framework. Similarly, on the server, a validator to determine, based on the authentication information, whether the client should be granted network access can be incorporated into the framework. Authentication can be simply applied or modified by changing the plug-ins, while relying on the framework to interface with an enforcement mechanism. Functions of the health enforcement framework can be leveraged to provide authentication-based functionality, such as revoking authorized access after a period of user inactivity or in response to a user command.

    摘要翻译: 使用客户端健康执行框架实施认证的网络。 该框架适用于在生成健康信息的客户端上接收插件。 服务器上的相应插件验证该健康信息。 基于验证的结果,服务器可以指示客户端修复或者可以授权底层访问执行机制以允许访问。 生成格式为健康声明的认证信息的客户端插件可以并入到这样的框架中。 类似地,在服务器上,验证器根据认证信息来确定客户端是否被授予网络访问可以并入到框架中。 可以通过更改插件来简单地应用或修改身份验证,同时依靠框架与强制机制进行交互。 可以利用健康执行框架的功能来提供基于身份验证的功能,例如在用户不活动期间或响应于用户命令之后撤销授权访问。

    Protecting a virtual guest machine from attacks by an infected host
    4.
    发明授权
    Protecting a virtual guest machine from attacks by an infected host 有权
    保护虚拟客机免受受感染主机的攻击

    公开(公告)号:US08954897B2

    公开(公告)日:2015-02-10

    申请号:US12199812

    申请日:2008-08-28

    申请人: John Neystadt Noam Ben-Yochanan Nir Nice

    发明人: John Neystadt Noam Ben-Yochanan Nir Nice

    IPC分类号: G06F17/00

    CPC分类号: G06F21/575 G06F21/57 G06F2221/2105 H04L63/14 H04L63/20

    摘要: In a virtualization environment, a host machine on which a guest machine is operable is monitored to determine that it is healthy by being compliant with applicable policies (such as being up to date with the current security patches, running an anti-virus program, certified to run a guest machine, etc.) and free from malicious software or “malware” that could potentially disrupt or compromise the security of the guest machine. If the host machine is found to be non-compliant, then the guest machine is prevented from either booting up on the host machine or connecting to a network to ensure that the entire virtualization environment is compliant and that the guest machine, including its data and applications, etc., is protected against attacks that may be launched against it via malicious code that runs on the unhealthy host machine, or is isolated from the network until the non-compliancy is remediated.

    摘要翻译: 在虚拟化环境中,通过遵守适用的策略(例如最新的当前安全补丁,运行防病毒程序,认证的)来监视客户机可操作的主机,以确定它是健康的 运行访客机器等),并且没有恶意软件或“恶意软件”可能会破坏或危及客机的安全性。 如果发现主机不符合要求,则可以防止客机机器在主机上启动或连接到网络,以确保整个虚拟化环境是兼容的,并且客机包括其数据和 应用程序等,可以防止可能通过恶意代码在不健康的主机上运行的攻击,或与网络隔离,直到不合规被修复。

    Hardware interface for enabling direct access and security assessment sharing
    6.
    发明授权
    Hardware interface for enabling direct access and security assessment sharing 有权
    用于实现直接访问和安全评估共享的硬件接口

    公开(公告)号:US08739289B2

    公开(公告)日:2014-05-27

    申请号:US12144863

    申请日:2008-06-24

    申请人: Nir Nice Lee F. Walker

    发明人: Nir Nice Lee F. Walker

    IPC分类号: H04L9/00 H04L29/06

    CPC分类号: H04L63/0485

    摘要: Native IPv6 capabilities are provided to an IPv4 network node, device, or endpoint using a hardware interface that supports network communication under a Direct Access model. The Direct Access model supports IPv6 communication with IPsec and enforces Network Access Protection (“NAP”) health requirement policies for endpoints that are network clients. A Direct Access-ready server is enabled using a hardware interface that implements IPv4 to IPv6 translation and optionally IPsec termination capability. A Direct Access-ready client is enabled using a hardware interface that implements IPv4 to IPv6 translation, IPsec termination capability, and which optionally provides NAP (Network Access Protection) capabilities for Direct Access-ready clients that are configured as mobile information appliances. The hardware interface may be implemented as a network interface card (“NIC”) or as a chipset.

    摘要翻译: 本地IPv6功能使用支持直接访问模式下的网络通信的硬件接口提供给IPv4网络节点,设备或端点。 直接访问模式支持与IPsec的IPv6通信,并对作为网络客户端的端点实施网络访问保护(“NAP”)健康要求策略。 使用实现IPv4到IPv6转换和可选的IPsec终止功能的硬件接口启用直接访问就绪服务器。 使用实现IPv4到IPv6转换,IPsec终止功能的硬件接口启用直接访问就绪客户端,并且可选地为配置为移动信息设备的直接访问就绪客户端提供NAP(网络访问保护)功能。 硬件接口可以实现为网络接口卡(“NIC”)或芯片组。

    Using server type to obtain network address
    8.
    发明授权
    Using server type to obtain network address 有权
    使用服务器类型获取网络地址

    公开(公告)号:US08156249B2

    公开(公告)日:2012-04-10

    申请号:US12389409

    申请日:2009-02-20

    申请人: Nir Nice Philip Derbeko Anat Bar-Anan Anat Eyal

    发明人: Nir Nice Philip Derbeko Anat Bar-Anan Anat Eyal

    IPC分类号: G06F15/16

    CPC分类号: H04L29/12066 H04L29/12358 H04L61/1511 H04L61/251 H04L61/6086 H04L69/16 H04L69/167

    摘要: In aspects, a gateway that sits between a single network protocol client and a server receives a request from the client for a network address of the server. The gateway issues multiple name resolution requests and waits for a first response. Depending on various factors, the gateway determines whether or not to wait for additional responses before responding to the client. If needed, the gateway may obtain an address of a translating device to assist the client in communicating with the server.

    摘要翻译: 在方面,位于单个网络协议客户端和服务器之间的网关从客户端接收服务器的网络地址的请求。 网关发出多个名称解析请求并等待第一个响应。 根据各种因素,网关将在响应客户端之前确定是否等待其他响应。 如果需要,网关可以获得翻译设备的地址,以帮助客户端与服务器通信。

    ACCESS CONTROL USING IDENTIFIERS IN LINKS
    10.
    发明申请
    ACCESS CONTROL USING IDENTIFIERS IN LINKS 有权
    使用链接中的标识符进行访问控制

    公开(公告)号:US20100228989A1

    公开(公告)日:2010-09-09

    申请号:US12396500

    申请日:2009-03-03

    申请人: John Neystadt Nir Nice

    发明人: John Neystadt Nir Nice

    IPC分类号: H04L9/32

    CPC分类号: G06F21/10 G06F21/6209 G06F2221/2101 G06F2221/2137 G06F2221/2151 G06Q20/341 G07F7/1008 H04L9/3213 H04L9/3271 H04L9/3297 H04L63/0428 H04L63/083 H04L2209/603

    摘要: Methods, systems, and computer-readable media are disclosed for access control. A particular method receives a resource access identifier associated with a shared computing resource and embeds the resource access identifier into a link to the shared resource. The link to the shared resource is inserted into an information element. An access control scheme is associated with the information element to generate a protected information element, and the protected information element is sent to a destination computing device.

    摘要翻译: 公开了用于访问控制的方法,系统和计算机可读介质。 特定方法接收与共享计算资源相关联的资源访问标识符,并将资源访问标识符嵌入到共享资源的链接中。 到共享资源的链接被插入到信息元素中。 访问控制方案与信息元素相关联以生成受保护的信息元素,并且将受保护的信息元素发送到目的地计算设备。