-
公开(公告)号:US07587675B2
公开(公告)日:2009-09-08
申请号:US11364470
申请日:2006-02-28
申请人: Aaron Cunningham , Marieke I. Watson , Patrice L. Miner , Alexandru Gavrilescu , Haiyong Wang , Dennis Morgan
发明人: Aaron Cunningham , Marieke I. Watson , Patrice L. Miner , Alexandru Gavrilescu , Haiyong Wang , Dennis Morgan
IPC分类号: G06F3/00
摘要: The claimed method and system provides a graphical user interface that illustrates network topology information, including connection paths between devices on the local network and an external network such as the Internet. The claimed method and system may use a three column format for presenting the topology that is more intuitive for a user. Also, the claimed method and system may aggregate context and connection information from multiple different protocols to provide the topology display. Further, the claimed method and system may use a device registry to enable customized and extensible representations of the network devices.
摘要翻译: 所要求保护的方法和系统提供图形用户界面,其示出了网络拓扑信息,包括本地网络上的设备与诸如因特网的外部网络之间的连接路径。 所要求保护的方法和系统可以使用三列格式来呈现对用户更直观的拓扑。 此外,所要求保护的方法和系统可以聚合来自多个不同协议的上下文和连接信息以提供拓扑显示。 此外,所要求保护的方法和系统可以使用设备注册表来实现网络设备的定制和可扩展表示。
-
公开(公告)号:US20100064225A1
公开(公告)日:2010-03-11
申请号:US12548598
申请日:2009-08-27
申请人: Aaron Cunningham , Marieke I. Watson , Patrice L. Miner , Alexandru Gavrilescu , Haiyong Wang , Dennis Morgan
发明人: Aaron Cunningham , Marieke I. Watson , Patrice L. Miner , Alexandru Gavrilescu , Haiyong Wang , Dennis Morgan
IPC分类号: G06F3/01
摘要: The claimed method and system provides a graphical user interface that illustrates network topology information, including connection paths between devices on the local network and an external network such as the Internet. The claimed method and system may use a three column format for presenting the topology that is more intuitive for a user. Also, the claimed method and system may aggregate context and connection information from multiple different protocols to provide the topology display. Further, the claimed method and system may use a device registry to enable customized and extensible representations of the network devices.
摘要翻译: 所要求保护的方法和系统提供图形用户界面,其示出了网络拓扑信息,包括本地网络上的设备与诸如因特网的外部网络之间的连接路径。 所要求保护的方法和系统可以使用三列格式来呈现对用户更直观的拓扑。 此外,所要求保护的方法和系统可以聚合来自多个不同协议的上下文和连接信息以提供拓扑显示。 此外,所要求保护的方法和系统可以使用设备注册表来实现网络设备的定制和可扩展表示。
-
公开(公告)号:US07818673B2
公开(公告)日:2010-10-19
申请号:US12548598
申请日:2009-08-27
申请人: Aaron Cunningham , Marieke I. Watson , Patrice L. Miner , Alexandru Gavrilescu , Haiyong Wang , Dennis Morgan
发明人: Aaron Cunningham , Marieke I. Watson , Patrice L. Miner , Alexandru Gavrilescu , Haiyong Wang , Dennis Morgan
IPC分类号: G06F3/00
摘要: The claimed method and system provides a graphical user interface that illustrates network topology information, including connection paths between devices on the local network and an external network such as the Internet. The claimed method and system may use a three column format for presenting the topology that is more intuitive for a user. Also, the claimed method and system may aggregate context and connection information from multiple different protocols to provide the topology display. Further, the claimed method and system may use a device registry to enable customized and extensible representations of the network devices.
摘要翻译: 所要求保护的方法和系统提供图形用户界面,其示出了网络拓扑信息,包括本地网络上的设备与诸如因特网的外部网络之间的连接路径。 所要求保护的方法和系统可以使用三列格式来呈现对用户更直观的拓扑。 此外,所要求保护的方法和系统可以聚合来自多个不同协议的上下文和连接信息以提供拓扑显示。 此外,所要求保护的方法和系统可以使用设备注册表来实现网络设备的定制和可扩展表示。
-
公开(公告)号:US20070204231A1
公开(公告)日:2007-08-30
申请号:US11364470
申请日:2006-02-28
申请人: Aaron Cunningham , Marieke Watson , Patrice Miner , Alexandru Gavrilescu , Haiyong Wang , Dennis Morgan
发明人: Aaron Cunningham , Marieke Watson , Patrice Miner , Alexandru Gavrilescu , Haiyong Wang , Dennis Morgan
IPC分类号: G06F15/177 , G06F15/173
摘要: The claimed method and system provides a graphical user interface that illustrates network topology information, including connection paths between devices on the local network and an external network such as the Internet. The claimed method and system may use a three column format for presenting the topology that is more intuitive for a user. Also, the claimed method and system may aggregate context and connection information from multiple different protocols to provide the topology display. Further, the claimed method and system may use a device registry to enable customized and extensible representations of the network devices.
摘要翻译: 所要求保护的方法和系统提供图形用户界面,其示出了网络拓扑信息,包括本地网络上的设备与诸如因特网的外部网络之间的连接路径。 所要求保护的方法和系统可以使用三列格式来呈现对用户更直观的拓扑。 此外,所要求保护的方法和系统可以聚合来自多个不同协议的上下文和连接信息以提供拓扑显示。 此外,所要求保护的方法和系统可以使用设备注册表来实现网络设备的定制和可扩展表示。
-
公开(公告)号:US20070201384A1
公开(公告)日:2007-08-30
申请号:US11364624
申请日:2006-02-28
IPC分类号: H04L12/28
CPC分类号: H04L41/22 , H04L41/0856 , H04L41/12
摘要: A graphical user interface integrates into a single view multiple network devices discovered over a plurality of network protocols. The graphical user interface provides an intuitive user interface to indicate to a user the existence of all potential resources as defined by a network profile, the characteristics and properties of the resources via the representation of the device, and an interaction process specific to each discovered device that is customizable and extensible.
摘要翻译: 图形用户界面将多个网络协议中发现的多个网络设备集成到单个视图中。 图形用户界面提供直观的用户界面,以向用户指示由网络简档定义的所有潜在资源的存在,经由设备的表示的资源的特征和属性以及每个发现的设备特有的交互过程 这是可定制和可扩展的。
-
公开(公告)号:US20050005165A1
公开(公告)日:2005-01-06
申请号:US10603648
申请日:2003-06-25
CPC分类号: H04L63/0227 , H04L63/0218 , H04L63/029
摘要: A method for a firewall-aware application to communicate its expectations to a firewall without requiring the firewall to change its policy or compromise network security. An application API is provided for applications to inform a firewall or firewalls of the application's needs, and a firewall API is provided that informs the firewall or firewalls of the application's needs. An interception module watches for connect and listen attempts by applications and services to the network stack on the local computer. The interception module traps these attempts and determines what user is making the attempt, what application or service is making the attempt, and conducts a firewall policy look-up to determine whether the user and/or application or service are allowed to connect to the network. If so, the interception module may instruct the host and/or edge firewall to configure itself for the connection being requested.
摘要翻译: 防火墙感知应用程序将其期望传达到防火墙的方法,而不需要防火墙更改其策略或损害网络安全性。 为应用程序提供应用程序API以通知防火墙或防火墙应用程序的需求,并提供防火墙API,通知防火墙或防火墙应用程序的需求。 拦截模块监视应用程序和服务对本地计算机上的网络堆栈的连接和监听尝试。 拦截模块捕获这些尝试,并确定用户正在进行的尝试,什么应用程序或服务正在进行尝试,并进行防火墙策略查找,以确定是否允许用户和/或应用程序或服务连接到网络 。 如果是这样,则拦截模块可以指示主机和/或边缘防火墙为正在请求的连接配置自身。
-
公开(公告)号:US07559082B2
公开(公告)日:2009-07-07
申请号:US10603648
申请日:2003-06-25
IPC分类号: H04L29/06
CPC分类号: H04L63/0227 , H04L63/0218 , H04L63/029
摘要: A method for a firewall-aware application to communicate its expectations to a firewall without requiring the firewall to change its policy or compromise network security. An application API is provided for applications to inform a firewall or firewalls of the application's needs, and a firewall API is provided that informs the firewall or firewalls of the application's needs. An interception module watches for connect and listen attempts by applications and services to the network stack on the local computer. The interception module traps these attempts and determines what user is making the attempt, what application or service is making the attempt, and conducts a firewall policy look-up to determine whether the user and/or application or service are allowed to connect to the network. If so, the interception module may instruct the host and/or edge firewall to configure itself for the connection being requested.
摘要翻译: 防火墙感知应用程序将其期望传达到防火墙的方法,而不需要防火墙更改其策略或损害网络安全性。 为应用程序提供应用程序API以通知防火墙或防火墙应用程序的需求,并提供防火墙API,通知防火墙或防火墙应用程序的需求。 拦截模块监视应用程序和服务对本地计算机上的网络堆栈的连接和监听尝试。 拦截模块捕获这些尝试,并确定用户正在进行的尝试,什么应用程序或服务正在进行尝试,并进行防火墙策略查找,以确定是否允许用户和/或应用程序或服务连接到网络 。 如果是这样,则拦截模块可以指示主机和/或边缘防火墙为正在请求的连接配置自身。
-
8.发明授权Peer-to-peer name resolution protocol (PNRP) security infrastructure and method 有权对等名称解析协议(PNRP)安全基础设施和方法公开(公告)号:US07720962B2
公开(公告)日:2010-05-18
申请号:US11375749
申请日:2006-03-15
IPC分类号: G06F13/00
CPC分类号: H04L67/104 , H04L29/12009 , H04L29/12047 , H04L61/15 , H04L63/0823 , H04L63/126 , H04L63/1458 , Y10S707/99939
摘要: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.
摘要翻译: 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下,通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外,来自恶意节点的信息被识别,并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求,禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。
-
公开(公告)号:US07711800B2
公开(公告)日:2010-05-04
申请号:US11345189
申请日:2006-01-31
申请人: Alexandru Gavrilescu , Tin Qian
发明人: Alexandru Gavrilescu , Tin Qian
IPC分类号: G06F15/16
CPC分类号: H04L43/0811 , H04L43/12 , H04L69/16
摘要: The present invention provides a method by which the connectivity status of network connections on a PC is determined in real-time by passively reviewing packet information from the TCP/IP stack. To achieve high accuracy of the connectivity status determination, the method involves the determination of the edge of a local network. In cases where little or no network traffic is observed on the network, scalable active probing methods are designed to make accurate connectivity determination. Special considerations for network setups like networks with web proxy servers, NAT or edge firewalls are also included to improve the accuracy of the determination in those environments.
摘要翻译: 本发明提供了一种通过被动地查看来自TCP / IP栈的分组信息来实时确定PC上网络连接的连接状态的方法。 为了实现连接状态确定的高精度,该方法涉及确定本地网络的边缘。 在网络上观察到很少或没有网络流量的情况下,设计可扩展的主动探测方法来进行准确的连接确定。 还包括网络设置的特殊注意事项,如网络代理服务器,NAT或边缘防火墙,以提高这些环境中确定的准确性。
-
公开(公告)号:US20090158397A1
公开(公告)日:2009-06-18
申请号:US11957815
申请日:2007-12-17
IPC分类号: H04L9/32
CPC分类号: H04L63/08 , H04L12/1859 , H04L51/38 , H04L63/101 , H04L63/102 , H04L63/166 , H04L67/04 , H04L67/26 , H04L67/303 , H04L67/42 , H04W4/12 , H04W12/08
摘要: Systems and methods of authentication and authorization between a client, a server, and a gateway to facilitate communicating a message between a client and a server through a gateway. The client has a trusted relationship with each of the gateway and the server. A method includes registering the client with the gateway. The client also constructs the address space identifying the gateway and the client. The client communicates the address space to the server. The client receives an identity identifying the server. If the client authorizes to receive a message from the server through the gateway, the client informs the authorization to the gateway. The client puts the identity identifying the server on a list of servers which are authorized to send messages to the client. In addition, the client communicates the list of servers to the gateway.
摘要翻译: 客户端,服务器和网关之间的认证和授权的系统和方法,以便于通过网关在客户端和服务器之间传递消息。 客户端与每个网关和服务器都有可信赖的关系。 一种方法包括向客户端注册网关。 客户端还构建标识网关和客户端的地址空间。 客户端将地址空间传送到服务器。 客户端收到标识服务器的身份。 如果客户端授权通过网关从服务器接收消息,则客户端通知网关的授权。 客户端将身份识别服务器放在被授权向客户端发送消息的服务器列表中。 此外,客户端将服务器列表传送到网关。
-
-
-
-
-
-
-
-
-
搜索结果
47 条记录 (耗时 0.032 秒)
