-
1.发明授权公开(公告)号:US07581241B2
公开(公告)日:2009-08-25
申请号:US11182720
申请日:2005-07-15
IPC分类号: H04L9/00
CPC分类号: H04L63/0209 , G06F21/556 , G06F21/606 , H04L63/0263 , H04L63/102
摘要: A security system that allows an outbound security policy for the connection security to be automatically derived from an inbound security policy for connection security is provided. The security system for an inbound security policy has security suites that each specify one or more security algorithms. Because the security system offers an outbound security suite that matches an inbound security suite, the computing devices that have the same inbound security policy have matching inbound and outbound security suites.
摘要翻译: 提供一种安全系统,允许从连接安全性的入站安全策略自动导出连接安全性的出站安全策略。 入站安全策略的安全系统具有各自指定一个或多个安全算法的安全套件。 由于安全系统提供与入站安全套件相匹配的出站安全套件,具有相同入站安全策略的计算设备具有匹配的入站和出站安全套件。
-
公开(公告)号:US08490153B2
公开(公告)日:2013-07-16
申请号:US13292018
申请日:2011-11-08
申请人: Charles D. Bassett , Eran Yariv , Ian M. Carbaugh , Lokesh Srinivas Koppolu , Maksim Noy , Sarah A. Wahlert , Pradeep Bahl
发明人: Charles D. Bassett , Eran Yariv , Ian M. Carbaugh , Lokesh Srinivas Koppolu , Maksim Noy , Sarah A. Wahlert , Pradeep Bahl
IPC分类号: H04L29/06
CPC分类号: H04L63/0263 , H04L63/20
摘要: A method and system for creating security policies for firewall and connection policies in an integrated manner is provided. The security system provides a user interface through which a user can define a security rule that specifies both a firewall policy and a connection policy. After the security rule is specified, the security system automatically generates a firewall rule and a connection rule to implement the security rule. The security system provides the firewall rule to a firewall engine that is responsible for enforcing the firewall rules and provides the connection rule to an IPsec engine that is responsible for enforcing the connection rules.
摘要翻译: 提供了以综合方式为防火墙和连接策略创建安全策略的方法和系统。 安全系统提供用户界面,用户可以通过该界面定义指定防火墙策略和连接策略的安全规则。 指定安全规则后,安全系统自动生成防火墙规则和连接规则,实现安全规则。 安全系统向防火墙引擎提供防火墙规则,该引擎负责执行防火墙规则,并向负责执行连接规则的IPsec引擎提供连接规则。
-
公开(公告)号:US20120054825A1
公开(公告)日:2012-03-01
申请号:US13292018
申请日:2011-11-08
申请人: Charles D. Bassett , Eran Yariv , Ian M. Carbaugh , Lokesh Srinivas Koppolu , Maksim Noy , Sarah A. Wahlert , Pradeep Bahl
发明人: Charles D. Bassett , Eran Yariv , Ian M. Carbaugh , Lokesh Srinivas Koppolu , Maksim Noy , Sarah A. Wahlert , Pradeep Bahl
IPC分类号: G06F21/00
CPC分类号: H04L63/0263 , H04L63/20
摘要: A method and system for creating security policies for firewall and connection policies in an integrated manner is provided. The security system provides a user interface through which a user can define a security rule that specifies both a firewall policy and a connection policy. After the security rule is specified, the security system automatically generates a firewall rule and a connection rule to implement the security rule. The security system provides the firewall rule to a firewall engine that is responsible for enforcing the firewall rules and provides the connection rule to an IPsec engine that is responsible for enforcing the connection rules.
摘要翻译: 提供了以综合方式为防火墙和连接策略创建安全策略的方法和系统。 安全系统提供用户界面,用户可以通过该界面定义指定防火墙策略和连接策略的安全规则。 指定安全规则后,安全系统自动生成防火墙规则和连接规则,实现安全规则。 安全系统向防火墙引擎提供防火墙规则,该引擎负责执行防火墙规则,并向负责执行连接规则的IPsec引擎提供连接规则。
-
公开(公告)号:US08056124B2
公开(公告)日:2011-11-08
申请号:US11183317
申请日:2005-07-15
申请人: Charles D. Bassett , Eran Yariv , Ian M. Carbaugh , Lokesh Srinivas Koppolu , Maksim Noy , Sarah A. Wahlert , Pradeep Bahl
发明人: Charles D. Bassett , Eran Yariv , Ian M. Carbaugh , Lokesh Srinivas Koppolu , Maksim Noy , Sarah A. Wahlert , Pradeep Bahl
CPC分类号: H04L63/0263 , H04L63/20
摘要: A method and system for creating security policies for firewall and connection policies in an integrated manner is provided. The security system provides a user interface through which a user can define a security rule that specifies both a firewall policy and a connection policy. After the security rule is specified, the security system automatically generates a firewall rule and a connection rule to implement the security rule. The security system provides the firewall rule to a firewall engine that is responsible for enforcing the firewall rules and provides the connection rule to an IPsec engine that is responsible for enforcing the connection rules.
摘要翻译: 提供了以综合方式为防火墙和连接策略创建安全策略的方法和系统。 安全系统提供用户界面,用户可以通过该界面定义指定防火墙策略和连接策略的安全规则。 指定安全规则后,安全系统自动生成防火墙规则和连接规则,实现安全规则。 安全系统向防火墙引擎提供防火墙规则,该引擎负责执行防火墙规则,并向负责执行连接规则的IPsec引擎提供连接规则。
-
5.发明申请公开(公告)号:US20100319063A1
公开(公告)日:2010-12-16
申请号:US12483239
申请日:2009-06-12
CPC分类号: H04L63/08 , G06F21/33 , G06F21/50 , H04L63/105 , H04L65/1006 , H04L65/1073
摘要: Architecture that facilitates the conveyance of a trust level when the caller makes a call, the trust level in dependence on the state of the caller system. The callee (call recipient) receives notification of the trust level and can use this information in the communication such as to request verification from the caller and/or initiate other modes of communication. A caller can authenticate the caller identity in different ways to a communication server. Based on that, the server can assign an appropriate server-verified trust level to the caller. Further, an unsecured phone controller can indicate a lower client-side defined trust level. The server verified and client-side trust levels are then sent to the callee, where the callee determines whether to allow caller access to one or more secured features based on the feature values and the trust level imposed by the callee to access those features.
摘要翻译: 当调用者进行呼叫时,有助于传递信任级别的体系结构,信任级别取决于呼叫者系统的状态。 被叫方(呼叫接收方)接收到信任级别的通知,并且可以在通信中使用该信息,以便从呼叫者请求验证和/或启动其他通信模式。 呼叫者可以以不同的方式向通信服务器认证呼叫者身份。 基于此,服务器可以为呼叫者分配适当的服务器验证的信任级别。 此外,不安全的电话控制器可以指示较低的客户端定义的信任级别。 服务器验证和客户端信任级别然后被发送到被叫方,被叫方根据特征值和被叫方强制访问这些特征的信任级别确定是否允许主叫方访问一个或多个安全特征。
-
6.发明申请公开(公告)号:US20100310062A1
公开(公告)日:2010-12-09
申请号:US12480495
申请日:2009-06-08
申请人: Srivatsa Srinivasan , Ankit Tandon , Sundar Anantharaman , Vijay Manian , Lokesh Srinivas Koppolu , Vadim Eydelman , Aatif Awan
发明人: Srivatsa Srinivasan , Ankit Tandon , Sundar Anantharaman , Vijay Manian , Lokesh Srinivas Koppolu , Vadim Eydelman , Aatif Awan
IPC分类号: H04M3/42
CPC分类号: H04M3/42153 , H04M3/42102
摘要: Service invocation information including call routing, reasons for redirections, and similar information are provided to party requesting a communication session and recipients of an enhanced communication system along the call routing path as the request is routed. Some of the information is filtered based on system and/or user defined rules, user permission levels, and comparable aspects.
摘要翻译: 服务调用信息包括呼叫路由,重定向原因和类似信息被提供给请求通信会话的一方和沿请求路由时沿着呼叫路由路径的增强型通信系统的接收者。 一些信息是基于系统和/或用户定义的规则,用户权限级别和可比较的方面进行过滤的。
-
公开(公告)号:US20130013953A1
公开(公告)日:2013-01-10
申请号:US13177578
申请日:2011-07-07
申请人: Christopher Eck , Lars Reuther , Rajesh Dave , Lokesh Srinivas Koppolu , Steven Ekren , David Dion , Sergey Meshcheryakov , Jonathan Fischer , Angshuman Bezbaruah
发明人: Christopher Eck , Lars Reuther , Rajesh Dave , Lokesh Srinivas Koppolu , Steven Ekren , David Dion , Sergey Meshcheryakov , Jonathan Fischer , Angshuman Bezbaruah
CPC分类号: G06F11/3409 , G06F9/45545 , G06F9/45558 , G06F11/0712 , G06F11/0766 , G06F11/0793 , G06F11/3466 , G06F11/3476 , G06F2009/45591 , G06F2201/815
摘要: A health monitoring technique monitors the health and performance of applications executing in a guest partition in a virtualized environment. In an embodiment, a guest integration component interacts with an application through an application programming interface in order for the virtualization platform to monitor the health and performance of the application. In another embodiment, the guest integration component may include a monitoring agent that accesses an event log and/or a performance monitor log to access the health and performance of the application. The health and performance of the application may then be analyzed by the virtualization platform to determine an appropriate remedial action.
摘要翻译: 健康监控技术监视在虚拟化环境中在客户机分区中执行的应用程序的运行状况和性能。 在一个实施例中,客户集成组件通过应用程序编程接口与应用程序交互,以便虚拟化平台监视应用程序的运行状况和性能。 在另一个实施例中,访客集成组件可以包括访问事件日志和/或性能监视器日志以访问应用程序的运行状况和性能的监视代理。 然后可以由虚拟化平台分析应用程序的运行状况和性能,以确定适当的补救措施。
-
公开(公告)号:US20110302247A1
公开(公告)日:2011-12-08
申请号:US12792033
申请日:2010-06-02
申请人: Giridhar Kalpathy Narayanan , Rajesh Ramanathan , Srivatsa K. Srinivasan , Lokesh Srinivas Koppolu
发明人: Giridhar Kalpathy Narayanan , Rajesh Ramanathan , Srivatsa K. Srinivasan , Lokesh Srinivas Koppolu
IPC分类号: G06F15/16
CPC分类号: H04L65/403 , H04L51/14 , H04L65/4007 , H04L67/30 , H04M3/42365 , H04W4/16
摘要: Modality selection in establishing multimodal conversations is performed automatically based on contextual information in enhanced communication platforms. Automata in client machines determine how a client machine chooses one or more modalities of a conversation invite based on contextual information such as computing device environment, network environment, user presence state, and comparable factors. Executed automata automatically join the user to a selected modality of a conversation or reject one.
摘要翻译: 基于增强型通信平台中的上下文信息自动执行建立多模态对话中的模态选择。 客户端机器中的自动机决定了客户机如何根据诸如计算设备环境,网络环境,用户驻留状态和可比较因素等上下文信息来选择一个或多个对话邀请的模式。 执行的自动机自动将用户加入到所选择的对话模式或拒绝一个对话。
-
9.发明授权Access control to secured application features using client trust levels 有权使用客户端信任级别对安全应用程序功能进行访问控制公开(公告)号:US09531695B2
公开(公告)日:2016-12-27
申请号:US12483239
申请日:2009-06-12
CPC分类号: H04L63/08 , G06F21/33 , G06F21/50 , H04L63/105 , H04L65/1006 , H04L65/1073
摘要: Architecture that facilitates the conveyance of a trust level when the caller makes a call, the trust level in dependence on the state of the caller system. The callee (call recipient) receives notification of the trust level and can use this information in the communication such as to request verification from the caller and/or initiate other modes of communication. A caller can authenticate the caller identity in different ways to a communication server. Based on that, the server can assign an appropriate server-verified trust level to the caller. Further, an unsecured phone controller can indicate a lower client-side defined trust level. The server verified and client-side trust levels are then sent to the callee, where the callee determines whether to allow caller access to one or more secured features based on the feature values and the trust level imposed by the callee to access those features.
摘要翻译: 当调用者进行呼叫时,有助于传递信任级别的体系结构,信任级别取决于呼叫者系统的状态。 被叫方(呼叫接收方)接收到信任级别的通知,并且可以在通信中使用该信息,以便从呼叫者请求验证和/或启动其他通信模式。 呼叫者可以以不同的方式向通信服务器认证呼叫者身份。 基于此,服务器可以为呼叫者分配适当的服务器验证的信任级别。 此外,不安全的电话控制器可以指示较低的客户端定义的信任级别。 服务器验证和客户端信任级别然后被发送到被叫方,被叫方根据特征值和被叫方强制访问这些特征的信任级别确定是否允许主叫方访问一个或多个安全特征。
-
公开(公告)号:US08201234B2
公开(公告)日:2012-06-12
申请号:US11746478
申请日:2007-05-09
IPC分类号: H04L29/06
CPC分类号: H04L63/20 , H04L63/0428 , H04L63/08
摘要: Computer-readable medium having a data structure stored thereon for defining a schema for expressing a network security policy. The data structure includes a first data field including data defining a parameter to be applied based on the network security policy. The network security policy defines at least one of the following: a firewall rule and a connection security rule. The data structure also includes a second data field having data specifying restrictions of the parameter included in the first data field. The parameter in the first data field and the restrictions in the second data field form the schema for expressing the network security policy to be processed. The network security policy manages communications between a computing device and at least one other computing device.
摘要翻译: 计算机可读介质,其上存储有用于定义表示网络安全策略的模式的数据结构。 数据结构包括第一数据字段,包括基于网络安全策略定义要应用的参数的数据。 网络安全策略定义以下至少一个:防火墙规则和连接安全规则。 数据结构还包括具有指定包含在第一数据字段中的参数的限制的数据的第二数据字段。 第一数据字段中的参数和第二数据字段中的限制形成用于表示要处理的网络安全策略的模式。 网络安全策略管理计算设备与至少一个其他计算设备之间的通信。
-
-
-
-
-
-
-
-
-
搜索结果
19 条记录 (耗时 0.019 秒)
