ROLLBACK PROTECTION FOR LOGIN SECURITY POLICY
    2.
    发明申请
    ROLLBACK PROTECTION FOR LOGIN SECURITY POLICY 有权
    滚动保护登录安全策略

    公开(公告)号:US20130346757A1

    公开(公告)日:2013-12-26

    申请号:US13531481

    申请日:2012-06-22

    IPC分类号: G06F21/00

    CPC分类号: G06F21/6245 G06F21/554

    摘要: In one embodiment, an encryption system may protect user login metadata from hammering attacks. A data storage 140 may store an integrity protected data set 602 for an operating system in a storage location. A processor 120 may register a counter reading from a remote counter 202 in a secure location 204 separate from the storage location. The processor 120 may determine a lockout state of the integrity protected data set 602 based on the counter reading.

    摘要翻译: 在一个实施例中,加密系统可以保护用户登录元数据免受锤击攻击。 数据存储器140可以将存储位置中的操作系统的完整性保护数据集602存储。 处理器120可以从与存储位置分开的安全位置204中的远程计数器202注册计数器读取。 处理器120可以基于计数器读数来确定完整性保护数据集602的锁定状态。

    System and method for providing secure network access
    5.
    发明申请
    System and method for providing secure network access 有权
    提供安全网络访问的系统和方法

    公开(公告)号:US20050149757A1

    公开(公告)日:2005-07-07

    申请号:US10999555

    申请日:2004-11-30

    IPC分类号: H04L9/00 H04L12/28 H04L29/06

    摘要: Secure network access is provided by connecting a secure network provisioning device to a security authority, acquiring one or more network profiles, configuring one or more network interfaces of the secure network provisioning device with data corresponding to attributes of the acquired network profiles, switching the secure network provisioning device from an acquisition mode to a gateway mode, and connecting the secure network provisioning device to a client device. The secure network provisioning device includes a first set of network communication interfaces requiring configuration blocks to enable access to associated networks, a second set of network communication interfaces free from a requirement for configuration prior to network access, a communication interface gateway module configured to gate network traffic between network communication interfaces and a network profile acquisition module configured to acquire network profiles containing data required to configure the communication interfaces of the first set.

    摘要翻译: 通过将安全网络配置设备连接到安全机构来提供安全网络访问,获取一个或多个网络配置文件,使用与获取的网络配置文件的属性对应的数据配置安全网络配置设备的一个或多个网络接口,切换安全 网络供应设备从采集模式到网关模式,以及将安全网络供应设备连接到客户端设备。 安全网络配置设备包括第一组网络通信接口,需要配置块以允许对相关网络的访问;第二组网络通信接口,不需要网络接入之前的配置;通信接口网关模块,被配置为门网络 网络通信接口和网络配置文件获取模块之间的流量被配置为获取包含配置第一组通信接口所需的数据的网络配置文件。

    Extensible architecture for untrusted medium device configuration via trusted medium
    9.
    发明申请
    Extensible architecture for untrusted medium device configuration via trusted medium 审中-公开
    可扩展架构,用于通过可信介质进行不受信任的介质设备配置

    公开(公告)号:US20060153384A1

    公开(公告)日:2006-07-13

    申请号:US11026193

    申请日:2004-12-30

    IPC分类号: H04K1/00

    摘要: An extensible architecture for untrusted medium (e.g., wireless) device configuration via trusted medium. The architecture can be employed to associate a device that utilizes an untrusted medium (e.g., wireless connection). Association is effected using a trusted medium, for example, a wired connection. The architecture can facilitate configuration of the device to communicate (e.g., securely) via an untrusted medium (e.g., wireless connection). Configuration of the device can be based, at least in part, upon information exchanged via a trusted medium (e.g., wired connection). The device can send an association request to a driver and receives an association response from the driver. If the association is successful, the association response can include, for example, configuration information (e.g., encryption key) to enable the device to communicate (e.g., securely) via the untrusted medium. If the association is unsuccessful, the association response can include, for example, error information.

    摘要翻译: 用于通过可信介质的不可信介质(例如,无线)设备配置的可扩展架构。 该架构可以用于将利用不可信介质(例如,无线连接)的设备关联。 使用可信介质(例如有线连接)实现关联。 该架构可以促进设备的配置以经由不可信介质(例如,无线连接)进行通信(例如,安全地)。 至少部分地,所述设备的配置可以基于通过可信介质交换的信息(例如,有线连接)。 设备可以向驾驶员发送关联请求,并从驾驶员接收关联响应。 如果关联成功,关联响应可以包括例如配置信息(例如,加密密钥),以使得设备能够经由不可信介质进行通信(例如,安全地)。 如果关联不成功,关联响应可以包括例如错误信息。