-
1.发明授权Method and apparatus for automatic and secure distribution of a symmetric key security credential in a utility computing environment 有权用于在公用计算环境中自动和安全地分发对称密钥安全凭证的方法和装置公开(公告)号:US07822982B2
公开(公告)日:2010-10-26
申请号:US11154798
申请日:2005-06-16
申请人: Amit Raikar
发明人: Amit Raikar
IPC分类号: H04L9/32
CPC分类号: H04L63/062 , H04L63/08
摘要: Embodiments of the invention provide a method and an apparatus for automatic, secure, and confidential distribution of a symmetric key security credential in a utility computing environment. In one method embodiment, the present invention establishes a symmetric key at a management server, the symmetric key automatically associated with a logical device identifier of a provisionable resource. Additionally, an isolated virtual network is established between the management server and the provisionable resource for providing the symmetric key to the provisionable resource. Then, after the symmetric key is provided to the provisionable resource the isolated virtual network between the management server and the provisionable resource is dissolved.
摘要翻译: 本发明的实施例提供了一种用于在公用计算环境中自动,安全和机密地分发对称密钥安全凭证的方法和装置。 在一个方法实施例中,本发明在管理服务器上建立对称密钥,对称密钥与可供应资源的逻辑设备标识符自动相关联。 此外,在管理服务器和可供应资源之间建立隔离的虚拟网络,用于向可供应资源提供对称密钥。 然后,在将对称密钥提供给可供应资源之后,解除管理服务器和可供应资源之间的隔离虚拟网络。
-
公开(公告)号:US20050114673A1
公开(公告)日:2005-05-26
申请号:US10723119
申请日:2003-11-25
申请人: Amit Raikar , Guruprasad Ramarao
发明人: Amit Raikar , Guruprasad Ramarao
CPC分类号: H04L63/083 , G06F21/46 , H04L63/20
摘要: Methods and systems for establishing a consistent password policy. A plurality of password policies is described in a computer usable password policy data structure. The computer usable password policy data structure is accessed by a password policy enforcement agent. Optionally, the computer usable password policy data structure is validated for authenticity by the password policy enforcement agent. Optionally, the password policy enforcement agent can report back to a centralized configuration and aggregation point repository in order to provide a consistent view of policy enforcement.
摘要翻译: 建立一致的密码策略的方法和系统。 在计算机可用密码策略数据结构中描述了多个密码策略。 计算机可用密码策略数据结构由密码策略执行代理访问。 可选地,计算机可用密码策略数据结构由密码策略执行代理验证为真实性。 或者,密码策略执行代理可以报告回集中式配置和聚合点存储库,以提供一致的策略实施视图。
-
3.发明授权Method and apparatus for detecting and responding to email based propagation of malicious software in a trusted network 有权用于检测和响应可信网络中恶意软件的基于邮件的传播的方法和装置公开(公告)号:US07636944B2
公开(公告)日:2009-12-22
申请号:US11262436
申请日:2005-10-28
申请人: Amit Raikar
发明人: Amit Raikar
CPC分类号: H04L63/1416 , H04L51/12 , H04L63/1491
摘要: Embodiments of the invention provide a method and an apparatus for detecting and responding to email based propagation of malicious software (malware) in a trusted network. One embodiment provides a detector decoy email account to serve as generic bait for malicious software for a domain within the trusted network. In addition, at least one email account for the domain within the trusted network is provided as a detector probe account. In so doing, when the detector decoy email account receives an email from the detector probe account within the trusted network a policy based infection response rule is generated.
摘要翻译: 本发明的实施例提供了一种用于检测和响应可信网络中的恶意软件(恶意软件)的基于邮件的传播的方法和装置。 一个实施例提供了一种检测器诱饵电子邮件帐户,用作可信网络内的域的恶意软件的通用诱饵。 另外,作为检测器探测器帐户,提供至少一个可信网络内的域的电子邮件帐户。 这样做时,当检测器诱饵电子邮件帐户从可信网络内的检测器探针帐户接收到电子邮件时,生成基于策略的感染响应规则。
-
4.发明申请Secure method and apparatus for enabling the provisioning of a shared service in a utility computing environment 有权用于实现在公用计算环境中提供共享服务的安全方法和装置公开(公告)号:US20070097998A1
公开(公告)日:2007-05-03
申请号:US11262434
申请日:2005-10-28
申请人: Amit Raikar
发明人: Amit Raikar
IPC分类号: H04L12/56
CPC分类号: H04L63/0272 , H04L12/467
摘要: Embodiments of the invention provide a secure method for enabling the provisioning of a shared service in a utility computing environment. One embodiment establishes an account primary virtual local area network (VLAN) for at least one account in a utility computing environment. Then, a request is received from a service provider to provide a shared service to the at least one account. An isolated VLAN is established for each shared service being provisioned in the context of the account primary VLAN and a promiscuous port is provided for the service provider. A selection option is then provided to allow the at least one server to utilize the shared service provided by the service provider. An isolated port is then configured for the at least one server on an isolated VLAN between the at least one server that chooses to utilize the shared service, and the shared service.
摘要翻译: 本发明的实施例提供了一种用于在公用计算环境中实现共享服务的供应的安全方法。 一个实施例为公用计算环境中的至少一个帐户建立帐户主虚拟局域网(VLAN)。 然后,从服务提供商接收到向至少一个帐户提供共享服务的请求。 为在帐户主VLAN的上下文中提供的每个共享服务建立隔离VLAN,并为服务提供商提供混杂端口。 然后提供选择选项以允许至少一个服务器利用由服务提供商提供的共享服务。 然后,为选择使用共享服务的至少一个服务器和共享服务之间的隔离VLAN上的至少一个服务器配置隔离端口。
-
5.发明申请Port mapperintegrity checker to improve security of a provisionable network 有权端口映射器整合检查器,以提高可配置网络的安全性公开(公告)号:US20050033986A1
公开(公告)日:2005-02-10
申请号:US10637172
申请日:2003-08-07
申请人: Guruprassad Ramarao , Amit Raikar
发明人: Guruprassad Ramarao , Amit Raikar
CPC分类号: H04L63/123
摘要: A method for verifying port integrity in a network, comprising: accessing port binding information in a port authorization file in the network, querying a port mapper in the network for a mapped port assignment, comparing the port assignment to the port binding, and initiating a response based on the results of the comparing.
摘要翻译: 一种用于验证网络中的端口完整性的方法,包括:访问网络中的端口授权文件中的端口绑定信息,在网络中查询映射端口分配的端口映射器,将端口分配与端口绑定进行比较,以及启动端口绑定 基于比较结果的反应。
-
6.发明授权Method of managing utilization of network intrusion detection systems in a dynamic data center 有权管理动态数据中心网络入侵检测系统利用的方法公开(公告)号:US08296847B2
公开(公告)日:2012-10-23
申请号:US10627017
申请日:2003-07-25
申请人: John Mendonca , Amit Raikar
发明人: John Mendonca , Amit Raikar
IPC分类号: G06F7/04
CPC分类号: H04L63/20 , G06F21/55 , H04L63/1416
摘要: A method of managing utilization of network intrusion detection systems in a dynamic data center is provided. A plurality of network intrusion detection systems are provided, each being networked so that utilization of each network intrusion detection system can be based on demand for the network intrusion detection systems in the dynamic data center. A monitoring policy and a plurality of monitoring points to be monitored on a network with any of the network intrusion detection systems are received. Further, the monitoring of the monitoring points is automatically arranged using the network intrusion detection systems and the monitoring policy.
摘要翻译: 提供了一种在动态数据中心中管理网络入侵检测系统的利用的方法。 提供了多个网络入侵检测系统,每个网络入侵检测系统被联网,使得每个网络入侵检测系统的利用可以基于对动态数据中心中的网络入侵检测系统的需求。 接收监视策略和多个监视点,以便在任何一个网络入侵检测系统的网络上监控。 此外,使用网络入侵检测系统和监控策略自动布置监控点的监控。
-
公开(公告)号:US07849320B2
公开(公告)日:2010-12-07
申请号:US10723119
申请日:2003-11-25
申请人: Amit Raikar , Guruprasad Ramarao
发明人: Amit Raikar , Guruprasad Ramarao
CPC分类号: H04L63/083 , G06F21/46 , H04L63/20
摘要: Methods and systems for establishing a consistent password policy. A plurality of password policies is described in a computer usable password policy data structure. The computer usable password policy data structure is accessed by a password policy enforcement agent. Optionally, the computer usable password policy data structure is validated for authenticity by the password policy enforcement agent. Optionally, the password policy enforcement agent can report back to a centralized configuration and aggregation point repository in order to provide a consistent view of policy enforcement.
摘要翻译: 建立一致的密码策略的方法和系统。 在计算机可用密码策略数据结构中描述了多个密码策略。 计算机可用密码策略数据结构由密码策略执行代理访问。 可选地,计算机可用密码策略数据结构由密码策略执行代理验证为真实性。 或者,密码策略执行代理可以报告回集中式配置和聚合点存储库,以提供一致的策略实施视图。
-
8.发明申请Method and apparatus for detecting and responding to email based propagation of malicious software in a trusted network 有权用于检测和响应可信网络中恶意软件的基于邮件的传播的方法和装置公开(公告)号:US20070101430A1
公开(公告)日:2007-05-03
申请号:US11262436
申请日:2005-10-28
申请人: Amit Raikar
发明人: Amit Raikar
CPC分类号: H04L63/1416 , H04L51/12 , H04L63/1491
摘要: Embodiments of the invention provide a method and an apparatus for detecting and responding to email based propagation of malicious software (malware) in a trusted network. One embodiment provides a detector decoy email account to serve as generic bait for malicious software for a domain within the trusted network. In addition, at least one email account for the domain within the trusted network is provided as a detector probe account. In so doing, when the detector decoy email account receives an email from the detector probe account within the trusted network a policy based infection response rule is generated.
摘要翻译: 本发明的实施例提供了一种用于检测和响应可信网络中的恶意软件(恶意软件)的基于邮件的传播的方法和装置。 一个实施例提供了一种检测器诱饵电子邮件帐户,用作可信网络内的域的恶意软件的通用诱饵。 另外,作为检测器探测器帐户,提供至少一个可信网络内的域的电子邮件帐户。 这样做时,当检测器诱饵电子邮件帐户从可信网络内的检测器探针帐户接收到电子邮件时,生成基于策略的感染响应规则。
-
9.发明申请Method and apparatus for automatic and secure distribution of an asymmetric key security credential in a utility computing environment 有权用于在公用计算环境中自动和安全地分发非对称密钥安全凭证的方法和装置公开(公告)号:US20070098178A1
公开(公告)日:2007-05-03
申请号:US11262131
申请日:2005-10-28
申请人: Amit Raikar
发明人: Amit Raikar
IPC分类号: H04L9/00
CPC分类号: H04L9/083 , H04L9/0891 , H04L9/32 , H04L63/0272 , H04L63/062
摘要: Embodiments of the invention provide a method and an apparatus for automatic, secure, and confidential distribution of an asymmetric key security credential in a utility computing environment. In one method embodiment, the present invention provides an asymmetric key at a management server, the asymmetric key automatically associated with a logical device identifier of a provisionable resource. Additionally, an isolated virtual network is established between the management server and the provisionable resource for providing the asymmetric key to the provisionable resource. Then, after the asymmetric key is provided to the provisionable resource the isolated virtual network between the management server and the provisionable resource is dissolved.
摘要翻译: 本发明的实施例提供了一种用于在公用计算环境中自动,安全和保密地分发非对称密钥安全凭证的方法和装置。 在一个方法实施例中,本发明在管理服务器提供非对称密钥,该非对称密钥与可供应资源的逻辑设备标识符自动相关联。 此外,在管理服务器和可供应资源之间建立隔离的虚拟网络,用于向可供应资源提供非对称密钥。 然后,在向可供应资源提供非对称密钥之后,管理服务器和可配置资源之间的隔离虚拟网络被解散。
-
10.发明申请Method and an apparatus for securely communicating between a management server and a managed node associated with a dynamic provisioning system 审中-公开用于在管理服务器和与动态供应系统相关联的被管理节点之间进行安全通信的方法和装置公开(公告)号:US20060248082A1
公开(公告)日:2006-11-02
申请号:US11119089
申请日:2005-04-29
申请人: Amit Raikar , John Diamant , Todd Spencer
发明人: Amit Raikar , John Diamant , Todd Spencer
CPC分类号: H04L67/125 , H04L9/32 , H04L63/06 , H04L63/08 , H04L2463/061
摘要: Embodiments of the present invention pertain to a method and an apparatus are described. In one embodiment, an initial authentication credential is associated with a management server and a node managed by the management server where the managed node can be provisioned by a dynamic provisioning system. An active authentication credential is generated. The initial authentication credential is used to create a secure communications channel between the management server and the managed node. The secure communications enables the communication of the active authentication credential between the management server and the managed node.
摘要翻译: 本发明的实施例涉及一种方法和装置。 在一个实施例中,初始认证凭证与管理服务器和由管理服务器管理的节点相关联,其中管理节点可由动态供应系统来供应。 生成一个活动的认证证书。 初始认证凭证用于在管理服务器和受管节点之间创建安全通信通道。 安全通信使得能够在管理服务器和被管理节点之间进行主动认证凭证的通信。
-
-
-
-
-
-
-
-
-
搜索结果
22 条记录 (耗时 0.016 秒)
