-
公开(公告)号:US20090007264A1
公开(公告)日:2009-01-01
申请号:US11768596
申请日:2007-06-26
IPC分类号: G06F11/00
CPC分类号: G06F21/577
摘要: A security system is provided for use with computer systems. In various embodiments, the security system can analyze the state of security of one or more computer systems to determine whether the computer systems comply with expressed security policies and to remediate the computer systems so that they conform with the expressed security policies. In various embodiments, the security system can receive compliance documents, determine whether one or more computer systems comply with portions of security policies specified in the compliance documents, and take actions specified in the compliance documents to cause the computer systems to comply with the specified security policies. The security system may provide a common, unified programming interface that applications or tools can employ to verify or enforce security policies.
摘要翻译: 提供了一种用于计算机系统的安全系统。 在各种实施例中,安全系统可以分析一个或多个计算机系统的安全状态,以确定计算机系统是否符合所表达的安全策略并修复计算机系统,使得它们符合所表达的安全策略。 在各种实施例中,安全系统可以接收合规文件,确定一个或多个计算机系统是否符合合规文件中指定的安全策略的一部分,并采取合规文件中指定的措施,使计算机系统符合指定的安全性 政策。 安全系统可以提供一个通用的,统一的编程接口,应用程序或工具可以用来验证或执行安全策略。
-
公开(公告)号:US08661534B2
公开(公告)日:2014-02-25
申请号:US11768596
申请日:2007-06-26
IPC分类号: H04L29/06
CPC分类号: G06F21/577
摘要: A security system is provided for use with computer systems. In various embodiments, the security system can analyze the state of security of one or more computer systems to determine whether the computer systems comply with expressed security policies and to remediate the computer systems so that they conform with the expressed security policies. In various embodiments, the security system can receive compliance documents, determine whether one or more computer systems comply with portions of security policies specified in the compliance documents, and take actions specified in the compliance documents to cause the computer systems to comply with the specified security policies. The security system may provide a common, unified programming interface that applications or tools can employ to verify or enforce security policies.
摘要翻译: 提供了一种用于计算机系统的安全系统。 在各种实施例中,安全系统可以分析一个或多个计算机系统的安全状态,以确定计算机系统是否符合所表达的安全策略并修复计算机系统,使得它们符合所表达的安全策略。 在各种实施例中,安全系统可以接收合规文件,确定一个或多个计算机系统是否符合合规文件中指定的安全策略的一部分,并采取合规文件中指定的措施,使计算机系统符合指定的安全性 政策。 安全系统可以提供一个通用的,统一的编程接口,应用程序或工具可以用来验证或执行安全策略。
-
公开(公告)号:US08462955B2
公开(公告)日:2013-06-11
申请号:US12793455
申请日:2010-06-03
申请人: Octavian T. Ureche , Nils Dussart , Michael A. Halcrow , Charles G. Jeffries , Nathan T. Lewis , Cristian M. Ilac , Innokentiy Basmov , Magnus Bo Gustaf Nyström , Niels T. Ferguson
发明人: Octavian T. Ureche , Nils Dussart , Michael A. Halcrow , Charles G. Jeffries , Nathan T. Lewis , Cristian M. Ilac , Innokentiy Basmov , Magnus Bo Gustaf Nyström , Niels T. Ferguson
CPC分类号: H04L9/0894 , H04L9/0822 , H04L63/061 , H04L2463/062
摘要: An online key stored by a remote service is generated or otherwise obtained, and a storage media (as it applies to the storage of data on a physical or virtual storage media) master key for encrypting and decrypting a physical or virtual storage media or encrypting and decrypting one or more storage media encryption keys that are used to encrypt a physical or virtual storage media is encrypted based at least in part on the online key. A key protector for the storage media is stored, the key protector including the encrypted master key. The key protector can be subsequently accessed, and the online key obtained from the remote service. The master key is decrypted based on the online key, allowing the one or more storage media encryption keys that are used to decrypt the storage media to be decrypted.
摘要翻译: 生成或以其他方式获得由远程服务存储的在线密钥,以及存储介质(适用于存储物理或虚拟存储介质上的数据)主密钥,用于加密和解密物理或虚拟存储介质或加密和 至少部分地基于在线密钥来加密用于加密物理或虚拟存储介质的一个或多个存储介质加密密钥的解密。 存储存储介质的密钥保护器,密钥保护器包括加密的主密钥。 随后可以访问密钥保护器,并从远程服务获取在线密钥。 主密钥基于在线密钥解密,允许用于解密存储介质的一个或多个存储介质加密密钥被解密。
-
公开(公告)号:US08745386B2
公开(公告)日:2014-06-03
申请号:US12819883
申请日:2010-06-21
申请人: Octavian T. Ureche , Nils Dussart , Charles G. Jeffries , Cristian M. Ilac , Vijay G. Bharadwaj , Innokentiy Basmov , Stefan Thom , Son VoBa
发明人: Octavian T. Ureche , Nils Dussart , Charles G. Jeffries , Cristian M. Ilac , Vijay G. Bharadwaj , Innokentiy Basmov , Stefan Thom , Son VoBa
IPC分类号: H04L29/06
CPC分类号: H04L63/08 , G06F21/31 , G06F21/57 , G06F21/6218 , G06F2221/2103 , G06F2221/2131 , H04L9/3228 , H04L9/3234 , H04L63/067
摘要: Single-use authentication methods for accessing encrypted data stored on a protected volume of a computer are described, wherein access to the encrypted data involves decrypting a key protector stored on the computer that holds a volume-specific cryptographic key needed to decrypt the protected volume. Such single-use authentication methods rely on the provision of a key protector that can only be used once and/or that requires a new access credential for each use. In certain embodiments, a challenge-response process is also used as part of the authentication method to tie the issuance of a key protector and/or access credential to particular pieces of information that can uniquely identify a user.
摘要翻译: 描述用于访问存储在计算机的受保护卷上的加密数据的一次验证方法,其中对加密数据的访问涉及解密存储在计算机上的密钥保护器,其保存解密受保护卷所需的特定于卷的加密密钥。 这种一次性认证方法依赖于提供只能使用一次的密钥保护器和/或需要每次使用的新的访问凭证。 在某些实施例中,质询 - 响应过程也被用作认证方法的一部分,以将密钥保护器的发行和/或访问凭证与可以唯一地标识用户的特定信息片段相关联。
-
公开(公告)号:US20110302398A1
公开(公告)日:2011-12-08
申请号:US12793455
申请日:2010-06-03
申请人: Octavian T. Ureche , Nils Dussart , Michael A. Halcrow , Charles G. Jeffries , Nathan T. Lewis , Cristian M. Ilac , Innokentiy Basmov , Bo Gustaf Magnus Nystr+e,uml o+ee m , Niels T. Ferguson
发明人: Octavian T. Ureche , Nils Dussart , Michael A. Halcrow , Charles G. Jeffries , Nathan T. Lewis , Cristian M. Ilac , Innokentiy Basmov , Bo Gustaf Magnus Nystr+e,uml o+ee m , Niels T. Ferguson
CPC分类号: H04L9/0894 , H04L9/0822 , H04L63/061 , H04L2463/062
摘要: An online key stored by a remote service is generated or otherwise obtained, and a storage media (as it applies to the storage of data on a physical or virtual storage media) master key for encrypting and decrypting a physical or virtual storage media or encrypting and decrypting one or more storage media encryption keys that are used to encrypt a physical or virtual storage media is encrypted based at least in part on the online key. A key protector for the storage media is stored, the key protector including the encrypted master key. The key protector can be subsequently accessed, and the online key obtained from the remote service. The master key is decrypted based on the online key, allowing the one or more storage media encryption keys that are used to decrypt the storage media to be decrypted.
摘要翻译: 生成或以其他方式获得由远程服务存储的在线密钥,以及存储介质(适用于存储物理或虚拟存储介质上的数据)主密钥,用于加密和解密物理或虚拟存储介质或加密和 至少部分地基于在线密钥来加密用于加密物理或虚拟存储介质的一个或多个存储介质加密密钥的解密。 存储存储介质的密钥保护器,密钥保护器包括加密的主密钥。 随后可以访问密钥保护器,并从远程服务获取在线密钥。 主密钥基于在线密钥解密,允许用于解密存储介质的一个或多个存储介质加密密钥被解密。
-
公开(公告)号:US20110314279A1
公开(公告)日:2011-12-22
申请号:US12819883
申请日:2010-06-21
申请人: Octavian T. Ureche , Nils Dussart , Charles G. Jeffries , Cristian M. Ilac , Vijay G. Bharadwaj , Innokentiy Basmov , Stefan Thom , Son VoBa
发明人: Octavian T. Ureche , Nils Dussart , Charles G. Jeffries , Cristian M. Ilac , Vijay G. Bharadwaj , Innokentiy Basmov , Stefan Thom , Son VoBa
CPC分类号: H04L63/08 , G06F21/31 , G06F21/57 , G06F21/6218 , G06F2221/2103 , G06F2221/2131 , H04L9/3228 , H04L9/3234 , H04L63/067
摘要: Single-use authentication methods for accessing encrypted data stored on a protected volume of a computer are described, wherein access to the encrypted data involves decrypting a key protector stored on the computer that holds a volume-specific cryptographic key needed to decrypt the protected volume. Such single-use authentication methods rely on the provision of a key protector that can only be used once and/or that requires a new access credential for each use. In certain embodiments, a challenge-response process is also used as part of the authentication method to tie the issuance of a key protector and/or access credential to particular pieces of information that can uniquely identify a user.
摘要翻译: 描述用于访问存储在计算机的受保护卷上的加密数据的一次验证方法,其中对加密数据的访问涉及解密存储在计算机上的密钥保护器,其保存解密受保护卷所需的特定于卷的加密密钥。 这种一次性认证方法依赖于提供只能使用一次的密钥保护器和/或需要每次使用的新的访问凭证。 在某些实施例中,质询 - 响应过程也被用作认证方法的一部分,以将密钥保护器的发行和/或访问凭证与可以唯一地标识用户的特定信息片段相关联。
-
7.发明申请公开(公告)号:US20110131659A1
公开(公告)日:2011-06-02
申请号:US13024253
申请日:2011-02-09
IPC分类号: G08B23/00
CPC分类号: G06F11/328
摘要: A security health reporting system provides an application program interface (API) for use by independent software vendors (ISVs) to extend the security health reporting capabilities of the security health reporting system. An ISV security solution can register with the security health reporting system, create a schema that describes a new security class, and use the API to publish an instance of the schema for the new security class with the security health reporting system. When an instance of a schema for a new security class is published, the security health reporting system creates the new security class, and recognizes the definition for the security class within the security health reporting system. Registered ISV security solutions can then use the published schema to report their health statuses for the new security class.
摘要翻译: 安全健康报告系统提供应用程序接口(API),供独立软件供应商(ISV)使用,以扩展安全性健康报告系统的安全性状况报告功能。 ISV安全解决方案可以向安全运行状况报告系统注册,创建描述新安全类的模式,并使用API通过安全性状况报告系统发布新安全类的模式实例。 当发布新的安全类的模式的实例时,安全性运行状况报告系统将创建新的安全类,并识别安全性状况报告系统中安全类的定义。 然后,注册的ISV安全解决方案可以使用已发布的模式来报告其新安全级别的运行状况。
-
8.发明申请公开(公告)号:US20080115218A1
公开(公告)日:2008-05-15
申请号:US11558688
申请日:2006-11-10
IPC分类号: G06F11/32
CPC分类号: G06F11/328
摘要: A security health reporting system provides an application program interface (API) for use by independent software vendors (ISVs) to extend the security health reporting capabilities of the security health reporting system. An ISV security solution can register with the security health reporting system, create a schema that describes a new security class, and use the API to publish an instance of the schema for the new security class with the security health reporting system. When an instance of a schema for a new security class is published, the security health reporting system creates the new security class, and recognizes the definition for the security class within the security health reporting system. Registered ISV security solutions can then use the published schema to report their health statuses for the new security class.
摘要翻译: 安全健康报告系统提供应用程序接口(API),供独立软件供应商(ISV)使用,以扩展安全性健康报告系统的安全性状况报告功能。 ISV安全解决方案可以向安全运行状况报告系统注册,创建描述新安全类的模式,并使用API通过安全性状况报告系统发布新安全类的模式实例。 当发布新的安全类的模式的实例时,安全性运行状况报告系统将创建新的安全类,并识别安全性状况报告系统中安全类的定义。 然后,注册的ISV安全解决方案可以使用已发布的模式来报告其新安全级别的运行状况。
-
9.发明授权公开(公告)号:US08161560B2
公开(公告)日:2012-04-17
申请号:US13024253
申请日:2011-02-09
CPC分类号: G06F11/328
摘要: A security health reporting system provides an application program interface (API) for use by independent software vendors (ISVs) to extend the security health reporting capabilities of the security health reporting system. An ISV security solution can register with the security health reporting system, create a schema that describes a new security class, and use the API to publish an instance of the schema for the new security class with the security health reporting system. When an instance of a schema for a new security class is published, the security health reporting system creates the new security class, and recognizes the definition for the security class within the security health reporting system. Registered ISV security solutions can then use the published schema to report their health statuses for the new security class.
摘要翻译: 安全健康报告系统提供应用程序接口(API),供独立软件供应商(ISV)使用,以扩展安全性健康报告系统的安全性状况报告功能。 ISV安全解决方案可以向安全运行状况报告系统注册,创建描述新安全类的模式,并使用API通过安全性状况报告系统发布新安全类的模式实例。 当发布新的安全类的模式的实例时,安全性运行状况报告系统将创建新的安全类,并识别安全性状况报告系统中安全类的定义。 然后,注册的ISV安全解决方案可以使用已发布的模式来报告其新安全级别的运行状况。
-
10.发明授权公开(公告)号:US07908659B2
公开(公告)日:2011-03-15
申请号:US11558688
申请日:2006-11-10
CPC分类号: G06F11/328
摘要: A security health reporting system provides an application program interface (API) for use by independent software vendors (ISVs) to extend the security health reporting capabilities of the security health reporting system. An ISV security solution can register with the security health reporting system, create a schema that describes a new security class, and use the API to publish an instance of the schema for the new security class with the security health reporting system. When an instance of a schema for a new security class is published, the security health reporting system creates the new security class, and recognizes the definition for the security class within the security health reporting system. Registered ISV security solutions can then use the published schema to report their health statuses for the new security class.
摘要翻译: 安全健康报告系统提供应用程序接口(API),供独立软件供应商(ISV)使用,以扩展安全性健康报告系统的安全性状况报告功能。 ISV安全解决方案可以向安全运行状况报告系统注册,创建描述新安全类的模式,并使用API通过安全性状况报告系统发布新安全类的模式实例。 当发布新的安全类的模式的实例时,安全性运行状况报告系统将创建新的安全类,并识别安全性状况报告系统中安全类的定义。 然后,注册的ISV安全解决方案可以使用已发布的模式来报告其新安全级别的运行状况。
-
-
-
-
-
-
-
-
-
搜索结果
14 条记录 (耗时 0.03 秒)
