-
公开(公告)号:US20050114673A1
公开(公告)日:2005-05-26
申请号:US10723119
申请日:2003-11-25
申请人: Amit Raikar , Guruprasad Ramarao
发明人: Amit Raikar , Guruprasad Ramarao
CPC分类号: H04L63/083 , G06F21/46 , H04L63/20
摘要: Methods and systems for establishing a consistent password policy. A plurality of password policies is described in a computer usable password policy data structure. The computer usable password policy data structure is accessed by a password policy enforcement agent. Optionally, the computer usable password policy data structure is validated for authenticity by the password policy enforcement agent. Optionally, the password policy enforcement agent can report back to a centralized configuration and aggregation point repository in order to provide a consistent view of policy enforcement.
摘要翻译: 建立一致的密码策略的方法和系统。 在计算机可用密码策略数据结构中描述了多个密码策略。 计算机可用密码策略数据结构由密码策略执行代理访问。 可选地,计算机可用密码策略数据结构由密码策略执行代理验证为真实性。 或者,密码策略执行代理可以报告回集中式配置和聚合点存储库,以提供一致的策略实施视图。
-
公开(公告)号:US07849320B2
公开(公告)日:2010-12-07
申请号:US10723119
申请日:2003-11-25
申请人: Amit Raikar , Guruprasad Ramarao
发明人: Amit Raikar , Guruprasad Ramarao
CPC分类号: H04L63/083 , G06F21/46 , H04L63/20
摘要: Methods and systems for establishing a consistent password policy. A plurality of password policies is described in a computer usable password policy data structure. The computer usable password policy data structure is accessed by a password policy enforcement agent. Optionally, the computer usable password policy data structure is validated for authenticity by the password policy enforcement agent. Optionally, the password policy enforcement agent can report back to a centralized configuration and aggregation point repository in order to provide a consistent view of policy enforcement.
摘要翻译: 建立一致的密码策略的方法和系统。 在计算机可用密码策略数据结构中描述了多个密码策略。 计算机可用密码策略数据结构由密码策略执行代理访问。 可选地,计算机可用密码策略数据结构由密码策略执行代理验证为真实性。 或者,密码策略执行代理可以报告回集中式配置和聚合点存储库,以提供一致的策略实施视图。
-
公开(公告)号:US07228564B2
公开(公告)日:2007-06-05
申请号:US10627374
申请日:2003-07-24
申请人: Amit Raikar , Guruprasad Ramarao
发明人: Amit Raikar , Guruprasad Ramarao
IPC分类号: G06F11/00
CPC分类号: H04L63/1408
摘要: Disclosed is a method for configuring an intrusion detection system in a network which comprises determining a location in the network for a deployed intrusion detection sensor of the intrusion detection system, deploying the intrusion detection sensor in the determined location, enabling the intrusion detection sensor to monitor communication in a portion of the network, tuning the intrusion detection sensor to an appropriate level of awareness of the content in the communication in the network, prioritizing responses generated by the intrusion detection sensor to achieve an appropriate response to a detected intrusion in the network, configuring intrusion response mechanisms in the network to achieve an appropriate response by the mechanisms; and re-tuning the intrusion detection sensor in response to a prior intrusion detection.
摘要翻译: 公开了一种在网络中配置入侵检测系统的方法,包括:确定入侵检测系统的部署入侵检测传感器在网络中的位置,将入侵检测传感器部署在确定的位置,使入侵检测传感器能够监视 在网络的一部分中进行通信,将入侵检测传感器调整到对网络中的通信中的内容的适当级别的感知,优先考虑由入侵检测传感器生成的响应以实现对网络中检测到的入侵的适当响应, 配置网络中的入侵响应机制,实现机制的适当响应; 并且响应于先前的入侵检测重新调整入侵检测传感器。
-
公开(公告)号:US20050039047A1
公开(公告)日:2005-02-17
申请号:US10627374
申请日:2003-07-24
申请人: Amit Raikar , Guruprasad Ramarao
发明人: Amit Raikar , Guruprasad Ramarao
CPC分类号: H04L63/1408
摘要: Disclosed is a method for configuring an intrusion detection system in a network which comprises determining a location in the network for a deployed intrusion detection sensor of the intrusion detection system, deploying the intrusion detection sensor in the determined location, enabling the intrusion detection sensor to monitor communication in a portion of the network, tuning the intrusion detection sensor to an appropriate level of awareness of the content in the communication in the network, prioritizing responses generated by the intrusion detection sensor to achieve an appropriate response to a detected intrusion in the network, configuring intrusion response mechanisms in the network to achieve an appropriate response by the mechanisms; and re-tuning the intrusion detection sensor in response to a prior intrusion detection.
摘要翻译: 公开了一种在网络中配置入侵检测系统的方法,包括:确定入侵检测系统的部署入侵检测传感器在网络中的位置,将入侵检测传感器部署在确定的位置,使入侵检测传感器能够监视 在网络的一部分中进行通信,将入侵检测传感器调整到对网络中的通信中的内容的适当级别的感知,优先考虑由入侵检测传感器生成的响应以实现对网络中检测到的入侵的适当响应, 配置网络中的入侵响应机制,实现机制的适当响应; 并且响应于先前的入侵检测重新调整入侵检测传感器。
-
公开(公告)号:US20050027835A1
公开(公告)日:2005-02-03
申请号:US10632446
申请日:2003-07-31
申请人: Amit Raikar , Guruprasad Ramarao
发明人: Amit Raikar , Guruprasad Ramarao
IPC分类号: H04L12/24 , H04L29/06 , G06F15/177
CPC分类号: H04L41/0843 , H04L41/0213 , H04L63/20
摘要: Methods and Systems for configuring secure templates for an application and network management system to provide network security. A template for an application and network management system is configured with first information for determining whether at least one message received by the template should or should not be processed by the template. The template is configured with second information for processing data associated with at least one received message. The template is configured with third information for preventing the communication of at least one received message to other templates for the application and network management system.
摘要翻译: 为应用程序和网络管理系统配置安全模板以提供网络安全性的方法和系统。 用于应用和网络管理系统的模板配置有用于确定模板接收到的至少一个消息是否应该被模板处理的第一信息。 模板配置有用于处理与至少一个接收到的消息相关联的数据的第二信息。 该模板配置有用于防止至少一个接收的消息与用于应用和网络管理系统的其他模板的通信的第三信息。
-
公开(公告)号:US08065368B2
公开(公告)日:2011-11-22
申请号:US10632446
申请日:2003-07-31
申请人: Amit Raikar , Guruprasad Ramarao
发明人: Amit Raikar , Guruprasad Ramarao
IPC分类号: G06F15/16
CPC分类号: H04L41/0843 , H04L41/0213 , H04L63/20
摘要: Methods and Systems for configuring secure templates for an application and network management system to provide network security. A template for an application and network management system is configured with first information for determining whether at least one message received by the template should or should not be processed by the template. The template is configured with second information for processing data associated with at least one received message. The template is configured with third information for preventing the communication of at least one received message to other templates for the application and network management system.
摘要翻译: 为应用程序和网络管理系统配置安全模板以提供网络安全性的方法和系统。 用于应用和网络管理系统的模板配置有用于确定模板接收到的至少一个消息是否应该被模板处理的第一信息。 模板配置有用于处理与至少一个接收到的消息相关联的数据的第二信息。 该模板配置有用于防止至少一个接收的消息与用于应用和网络管理系统的其他模板的通信的第三信息。
-
7.发明授权RPC port mapper integrity checker to improve security of a provisionable network 有权RPC端口映射器完整性检查器,以提高可配置网络的安全性公开(公告)号:US07890999B2
公开(公告)日:2011-02-15
申请号:US10637172
申请日:2003-08-07
申请人: Guruprasad Ramarao , Amit Raikar
发明人: Guruprasad Ramarao , Amit Raikar
IPC分类号: G08B23/00
CPC分类号: H04L63/123
摘要: A method for verifying port integrity in a network, comprising: accessing port binding information in a port authorization file in the network, querying a port mapper in the network for a mapped port assignment, comparing the port assignment to the port binding, and initiating a response based on the results of the comparing.
摘要翻译: 一种用于验证网络中的端口完整性的方法,包括:访问网络中的端口授权文件中的端口绑定信息,在网络中查询映射端口分配的端口映射器,将端口分配与端口绑定进行比较,以及启动端口绑定 基于比较结果的反应。
-
8.发明授权Method and apparatus for automatic and secure distribution of a symmetric key security credential in a utility computing environment 有权用于在公用计算环境中自动和安全地分发对称密钥安全凭证的方法和装置公开(公告)号:US07822982B2
公开(公告)日:2010-10-26
申请号:US11154798
申请日:2005-06-16
申请人: Amit Raikar
发明人: Amit Raikar
IPC分类号: H04L9/32
CPC分类号: H04L63/062 , H04L63/08
摘要: Embodiments of the invention provide a method and an apparatus for automatic, secure, and confidential distribution of a symmetric key security credential in a utility computing environment. In one method embodiment, the present invention establishes a symmetric key at a management server, the symmetric key automatically associated with a logical device identifier of a provisionable resource. Additionally, an isolated virtual network is established between the management server and the provisionable resource for providing the symmetric key to the provisionable resource. Then, after the symmetric key is provided to the provisionable resource the isolated virtual network between the management server and the provisionable resource is dissolved.
摘要翻译: 本发明的实施例提供了一种用于在公用计算环境中自动,安全和机密地分发对称密钥安全凭证的方法和装置。 在一个方法实施例中,本发明在管理服务器上建立对称密钥,对称密钥与可供应资源的逻辑设备标识符自动相关联。 此外,在管理服务器和可供应资源之间建立隔离的虚拟网络,用于向可供应资源提供对称密钥。 然后,在将对称密钥提供给可供应资源之后,解除管理服务器和可供应资源之间的隔离虚拟网络。
-
9.发明授权Method and apparatus for detecting and responding to email based propagation of malicious software in a trusted network 有权用于检测和响应可信网络中恶意软件的基于邮件的传播的方法和装置公开(公告)号:US07636944B2
公开(公告)日:2009-12-22
申请号:US11262436
申请日:2005-10-28
申请人: Amit Raikar
发明人: Amit Raikar
CPC分类号: H04L63/1416 , H04L51/12 , H04L63/1491
摘要: Embodiments of the invention provide a method and an apparatus for detecting and responding to email based propagation of malicious software (malware) in a trusted network. One embodiment provides a detector decoy email account to serve as generic bait for malicious software for a domain within the trusted network. In addition, at least one email account for the domain within the trusted network is provided as a detector probe account. In so doing, when the detector decoy email account receives an email from the detector probe account within the trusted network a policy based infection response rule is generated.
摘要翻译: 本发明的实施例提供了一种用于检测和响应可信网络中的恶意软件(恶意软件)的基于邮件的传播的方法和装置。 一个实施例提供了一种检测器诱饵电子邮件帐户,用作可信网络内的域的恶意软件的通用诱饵。 另外,作为检测器探测器帐户,提供至少一个可信网络内的域的电子邮件帐户。 这样做时,当检测器诱饵电子邮件帐户从可信网络内的检测器探针帐户接收到电子邮件时,生成基于策略的感染响应规则。
-
10.发明申请Secure method and apparatus for enabling the provisioning of a shared service in a utility computing environment 有权用于实现在公用计算环境中提供共享服务的安全方法和装置公开(公告)号:US20070097998A1
公开(公告)日:2007-05-03
申请号:US11262434
申请日:2005-10-28
申请人: Amit Raikar
发明人: Amit Raikar
IPC分类号: H04L12/56
CPC分类号: H04L63/0272 , H04L12/467
摘要: Embodiments of the invention provide a secure method for enabling the provisioning of a shared service in a utility computing environment. One embodiment establishes an account primary virtual local area network (VLAN) for at least one account in a utility computing environment. Then, a request is received from a service provider to provide a shared service to the at least one account. An isolated VLAN is established for each shared service being provisioned in the context of the account primary VLAN and a promiscuous port is provided for the service provider. A selection option is then provided to allow the at least one server to utilize the shared service provided by the service provider. An isolated port is then configured for the at least one server on an isolated VLAN between the at least one server that chooses to utilize the shared service, and the shared service.
摘要翻译: 本发明的实施例提供了一种用于在公用计算环境中实现共享服务的供应的安全方法。 一个实施例为公用计算环境中的至少一个帐户建立帐户主虚拟局域网(VLAN)。 然后,从服务提供商接收到向至少一个帐户提供共享服务的请求。 为在帐户主VLAN的上下文中提供的每个共享服务建立隔离VLAN,并为服务提供商提供混杂端口。 然后提供选择选项以允许至少一个服务器利用由服务提供商提供的共享服务。 然后,为选择使用共享服务的至少一个服务器和共享服务之间的隔离VLAN上的至少一个服务器配置隔离端口。
-
-
-
-
-
-
-
-
-
搜索结果
22 条记录 (耗时 0.017 秒)
