-
1.发明申请公开(公告)号:US20110258208A1
公开(公告)日:2011-10-20
申请号:US13121191
申请日:2010-01-13
Applicant: Idan Plotnik , Itay Podhajcer , Ohad Plotnik
Inventor: Idan Plotnik , Itay Podhajcer , Ohad Plotnik
IPC: G06F17/30
CPC classification number: G06F7/00 , G06F17/30 , H04L63/0263 , H04L63/1416 , H04L2463/144
Abstract: A system and method for protecting a networked organizational data storage facility, which is accessible by a network environment, by mapping the network environment, profiling the network environment and filtering the network traffic based on said profiling of the network environment.
Abstract translation: 一种用于通过映射网络环境,对网络环境进行分析和基于所述网络环境的分析过滤网络流量来保护由网络环境可访问的网络组织数据存储设备的系统和方法。
-
2.发明申请System, Method and Process for Detecting Advanced and Targeted Attacks with the Recoupling of Kerberos Authentication and Authorization 有权用Kerberos认证和授权重新检测高级和目标攻击的系统,方法和过程公开(公告)号:US20160065565A1
公开(公告)日:2016-03-03
申请号:US14474198
申请日:2014-09-01
Applicant: Idan PLOTNIK , Tal Arieh Be'ery , Michael Dolinsky , Ohad Plotnik , Gregory Messerman , Sivan Krigsman
Inventor: Idan PLOTNIK , Tal Arieh Be'ery , Michael Dolinsky , Ohad Plotnik , Gregory Messerman , Sivan Krigsman
IPC: H04L29/06
CPC classification number: H04L63/0807 , G06F21/335 , H04L63/14 , H04L63/1416
Abstract: A method, system and computer program for recoupling Kerberos Authentication and Authorization requests, the method including the steps of (a) extracting authorization information, including a copy of a Ticket Granting Ticket (TGT), from an authorization request; (b) retrieving authentication information including the TOT, the authentication information having been previously extracted from an authentication transaction and stored; (c) cross-referencing the extracted authorization information with the retrieved authentication information, such that a discrepancy between the cross-referenced information invokes a security event alert.
Abstract translation: 一种用于重新配置Kerberos认证和授权请求的方法,系统和计算机程序,所述方法包括以下步骤:(a)从授权请求中提取包括机票授权票据(TGT)的副本的授权信息; (b)检索包括TOT的认证信息,所述验证信息先前已从认证交易中提取并被存储; (c)使用所检索的认证信息交叉引用所提取的授权信息,使得所述交叉引用信息之间的差异调用安全事件警报。
-
3.发明授权公开(公告)号:US08548998B2
公开(公告)日:2013-10-01
申请号:US13121191
申请日:2010-01-13
Applicant: Idan Plotnik , Itay Podhajcer , Ohad Plotnik
Inventor: Idan Plotnik , Itay Podhajcer , Ohad Plotnik
CPC classification number: G06F7/00 , G06F17/30 , H04L63/0263 , H04L63/1416 , H04L2463/144
Abstract: A system and method for protecting a networked organizational data storage facility, which is accessible by a network environment, by mapping the network environment, profiling the network environment and filtering the network traffic based on said profiling of the network environment.
Abstract translation: 一种用于通过映射网络环境,对网络环境进行分析和基于所述网络环境的分析过滤网络流量来保护由网络环境可访问的网络组织数据存储设备的系统和方法。
-
4.发明申请System, Method and Process for Mitigating Advanced and Targeted Attacks with Authentication Error Injection 审中-公开用于减轻认证错误注入的高级和目标攻击的系统,方法和过程公开(公告)号:US20160014077A1
公开(公告)日:2016-01-14
申请号:US14327596
申请日:2014-07-10
Applicant: Idan PLOTNIK , Tal Arieh BE'ERY , Michael DOLINSKY , Ohad PLOTNIK
Inventor: Idan PLOTNIK , Tal Arieh BE'ERY , Michael DOLINSKY , Ohad PLOTNIK
IPC: H04L29/06
CPC classification number: H04L63/0209 , G06F21/554 , H04L9/3213 , H04L63/0807 , H04L63/10 , H04L63/1416 , H04L63/1441
Abstract: A method system and computer program product for protecting Directory Services (DS) by monitoring traffic to the DS; deciding to block a client access request in the monitored traffic originating from a network client; synthesizing an error message based at least in part on the client access request; and sending the synthesized error message to the network client, causing the network client to abort access request process such as an authentication process or an authorization process.
Abstract translation: 一种通过监控DS流量来保护目录服务(DS)的方法系统和计算机程序产品; 决定在源自网络客户端的被监视流量中阻止客户端访问请求; 至少部分地基于所述客户端访问请求来合成错误消息; 并向网络客户端发送合成的错误消息,导致网络客户端中止访问请求过程,例如认证过程或授权过程。
-
-
-
Search Results
4
records
(took 0.01 seconds)
