公开(公告)号：US20070174106A1

公开(公告)日：2007-07-26

申请号：US11340446

申请日：2006-01-26

申请人： Chris Aniszczyk ,  David Greene ,  Devin Lindsey ,  Pierre Padovani ,  Borna Safabakhsh

发明人： Chris Aniszczyk ,  David Greene ,  Devin Lindsey ,  Pierre Padovani ,  Borna Safabakhsh

IPC分类号： G07G1/00 ,  G06F17/30

CPC分类号： G06Q30/00

摘要： A computer implemented method, apparatus, and computer program product for effectively reducing a complicated problem space to enable faster implementation of system management software, and in particular, policy management for security software. The policy management tool of the present invention receives input from a user to configure a policy model, wherein the policy model is configured according to a set of policy requirements. The policy management tool presents a graphical view of a policy model according to the input from the user, wherein the graphical view allows the user to visualize internals of the policy model as a whole. The policy management tool performs validations on the policy model against requirements of the set of policy requirements. A simulation of the policy model may then be performed to determine the validity of the policy model and generate real test results feedback at a time the policy model is configured.

摘要翻译： 一种计算机实现的方法，装置和计算机程序产品，用于有效地减少复杂的问题空间，以更快地实现系统管理软件，特别是安全软件的策略管理。 本发明的策略管理工具接收来自用户的输入以配置策略模型，其中根据一组策略要求配置策略模型。 策略管理工具根据来自用户的输入呈现策略模型的图形视图，其中图形视图允许用户将策略模型的内部整体可视化。 策略管理工具根据策略要求集合对策略模型执行验证。 然后可以执行策略模型的模拟，以确定策略模型的有效性，并在配置策略模型时生成实际的测试结果反馈。

公开(公告)号：US20070083932A1

公开(公告)日：2007-04-12

申请号：US11245302

申请日：2005-10-06

申请人： Chris Aniszczyk ,  David Greene ,  Borna Safabakhsh

发明人： Chris Aniszczyk ,  David Greene ,  Borna Safabakhsh

IPC分类号： G06F11/00

CPC分类号： A63F13/75 ,  A63F13/10 ,  A63F2300/5586 ,  H04L63/102

摘要： A system and method for utilizing a gaming environment for evaluating security policies is presented. An administrator uses a mapping system to map policy tags corresponding to a policy manager with game tags corresponding to a game manager. In addition, the mapping system configures a participant's game based upon gaming attributes and history data, such as assigning incentives to particular roles or locations, using customized terrains, and configuring screen resolution. Once the mapping system maps policy tags to game tags and configures the game, the mapping system invokes the game and allows the game participant to play the game. While the game participant plays the game, the mapping system identifies policy events, such as a security breach, and rewards the game participant accordingly.

摘要翻译： 提出了一种利用游戏环境评估安全策略的系统和方法。 管理员使用映射系统将与策略管理器相对应的策略标签与游戏管理器对应的游戏标签进行映射。 另外，映射系统基于游戏属性和历史数据配置参与者的游戏，例如使用定制地形分配激励到特定角色或位置，以及配置屏幕分辨率。 一旦映射系统将策略标签映射到游戏标签并配置游戏，则映射系统调用游戏并允许游戏参与者玩游戏。 当游戏参与者玩游戏时，映射系统识别诸如安全漏洞的策略事件，并相应地奖励游戏参与者。

公开(公告)号：US07774289B2

公开(公告)日：2010-08-10

申请号：US11619317

申请日：2007-01-03

申请人： Chris Aniszczyk ,  Borna Safabakhsh ,  Pierre F. Padovani

发明人： Chris Aniszczyk ,  Borna Safabakhsh ,  Pierre F. Padovani

IPC分类号： G06F17/00

CPC分类号： G06F8/61 ,  G06F8/65 ,  G06F9/44505

摘要： First and second applications having disparate concrete configuration models are integrated into a unified abstract model wherein configuration elements and associated element values are used to control configurable functions of the first and second application programs, respectively, and wherein the second configuration element has a similar configuration function as the first configuration element; using a first equivalence definition reflecting a functional relationship between the first application configuration element and an abstract model configuration element having the similar configuration function, wherein the abstract model configuration is application-independent and platform-independent; using a second equivalence definition reflecting a functional relationship between the second application program configuration element and the abstract model configuration element; and producing and associating a second configuration element value with the second application configuration element wherein the second application program is automatically configured according to the second concrete application configuration model.

摘要翻译： 具有不同的具体配置模型的第一和第二应用被集成到统一抽象模型中，其中配置元素和相关元素值分别用于控制第一和第二应用程序的可配置功能，并且其中第二配置元件具有类似的配置功能 作为第一配置元素; 使用反映第一应用配置元件和具有相似配置功能的抽象模型配置元件之间的功能关系的第一等价定义，其中所述抽象模型配置是独立于应用且与平台无关的; 使用反映第二应用程序配置元素和抽象模型配置元素之间的功能关系的第二等价定义; 并且将第二配置元素值与第二应用配置元素相关联，其中根据第二具体应用配置模型自动配置第二应用程序。

公开(公告)号：US20080162107A1

公开(公告)日：2008-07-03

申请号：US11619317

申请日：2007-01-03

申请人： Chris Aniszczyk ,  Borna Safabakhsh ,  Pierre F. Padovani

发明人： Chris Aniszczyk ,  Borna Safabakhsh ,  Pierre F. Padovani

IPC分类号： G06F9/44

CPC分类号： G06F8/61 ,  G06F8/65 ,  G06F9/44505

摘要： A computer implemented method, apparatus, and computer program product for integrating first and second applications having disparate concrete configuration models into a unified abstract model comprising through mapping corresponding configuration objects with similar functions in each application, defining an equivalence between at least one particular object within the first application and at least one particular object within the second application, optionally receiving user input at a time of configuration regarding user permissions as they relate to the mapped configuration objects, and configuring each application using the received user input, automatically translating the user input, through mapping rules and equivalence definitions, so that each application is automatically configured to the unified abstract configuration model.

摘要翻译： 一种计算机实现的方法，装置和计算机程序产品，用于将具有不同的具体配置模型的第一和第二应用集成到统一的抽象模型中，包括通过在每个应用中映射具有类似功能的相应配置对象，定义在每个应用中的至少一个特定对象之间的等价 所述第一应用程序和所述第二应用程序内的至少一个特定对象，可选地在配置时接收与用于所映射的配置对象的用户许可有关的用户输入，以及使用所接收的用户输入来配置每个应用程序，自动翻译所述用户输入 ，通过映射规则和等价定义，使每个应用程序自动配置为统一的抽象配置模型。

公开(公告)号：US09348624B2

公开(公告)日：2016-05-24

申请号：US12507970

申请日：2009-07-23

申请人： Chris Aniszczyk ,  Jennifer E. King ,  Christina K. Lauridsen ,  Robert R. Peterson ,  Borna Safabakhsh ,  Rhys D. Ulerich

发明人： Chris Aniszczyk ,  Jennifer E. King ,  Christina K. Lauridsen ,  Robert R. Peterson ,  Borna Safabakhsh ,  Rhys D. Ulerich

IPC分类号： G06F9/455 ,  G06F9/445 ,  G06F11/36

CPC分类号： G06F9/45504 ,  G06F9/445 ,  G06F11/3644

摘要： A mechanism for monitoring file accesses by a process running in a Virtual Machine. File access information associated with a monitored process selected in a first view in a debugging interface is obtained from a file activity log and displayed as selectable file access events in a second view of the debugging interface, wherein each file access event represents a read or write operation performed on a file at a particular point in time by the monitored process. An initial content of a file associated with the selected file access event and revisions made to the file by the monitored process within a defined period of time is retrieved from the file activity log upon detecting user selection of a file access event in the second view. The revisions are applied to the initial content of the file and displayed in a third view in the debugging interface.

摘要翻译： 用于监视虚拟机中运行的进程的文件访问的机制。 在调试接口中的第一视图中选择的与被监视进程相关联的文件访问信息从文件活动日志获得，并在调试接口的第二视图中显示为可选文件访问事件，其中每个文件访问事件表示读或写 通过监视的过程在特定时间点对文件执行的操作。 在检测到第二视图中的文件访问事件的用户选择时，从所述文件活动日志中检索与所选择的文件访问事件相关联的文件的初始内容和由所监视的进程在所定义的时间段内对文件进行的修改。 修订版应用于文件的初始内容，并在调试界面的第三个视图中显示。

公开(公告)号：US20110023019A1

公开(公告)日：2011-01-27

申请号：US12507970

申请日：2009-07-23

申请人： Chris Aniszczyk ,  Jennifer E. King ,  Christina K. Lauridsen ,  Robert R. Peterson ,  Borna Safabakhsh ,  Rhys D. Ulerich

发明人： Chris Aniszczyk ,  Jennifer E. King ,  Christina K. Lauridsen ,  Robert R. Peterson ,  Borna Safabakhsh ,  Rhys D. Ulerich

IPC分类号： G06F9/44

CPC分类号： G06F9/45504 ,  G06F9/445 ,  G06F11/3644

摘要： A mechanism for monitoring file accesses by a process running in a Virtual Machine. File access information associated with a monitored process selected in a first view in a debugging interface is obtained from a file activity log and displayed as selectable file access events in a second view of the debugging interface, wherein each file access event represents a read or write operation performed on a file at a particular point in time by the monitoring process. An initial content of a file associated with the selected file access event and revisions made to the file by the monitored process within a defined period of time is retrieved from the file activity log upon detecting user selection of a file access event in the second view. The revisions are applied to the initial content of the file and displayed in a third view in the debugging interface.

摘要翻译： 用于监视虚拟机中运行的进程的文件访问的机制。 在调试接口中的第一视图中选择的与被监视进程相关联的文件访问信息从文件活动日志获得，并在调试接口的第二视图中显示为可选文件访问事件，其中每个文件访问事件表示读或写 通过监视处理在特定时间点对文件执行的操作。 在检测到第二视图中的文件访问事件的用户选择时，从所述文件活动日志中检索与所选择的文件访问事件相关联的文件的初始内容和由所监视的进程在所定义的时间段内对文件进行的修改。 修订版应用于文件的初始内容，并在调试界面的第三个视图中显示。

公开(公告)号：US20080161083A1

公开(公告)日：2008-07-03

申请号：US12049313

申请日：2008-03-15

申请人： Chris Aniszczyk ,  David Perry Greene ,  Borna Safabakhsh

发明人： Chris Aniszczyk ,  David Perry Greene ,  Borna Safabakhsh

IPC分类号： A63F9/24

CPC分类号： A63F13/75 ,  A63F13/10 ,  A63F2300/5586 ,  H04L63/102

摘要： An approach for utilizing a gaming environment for evaluating security policies is presented. An administrator uses a mapping system to map policy tags corresponding to a policy manager with game tags corresponding to a game manager. In addition, the mapping system configures a participant's game based upon gaming attributes and history data, such as assigning incentives to particular roles or locations, using customized terrains, and configuring screen resolution. Once the mapping system maps policy tags to game tags and configures the game, the mapping system invokes the game and allows the game participant to play the game. While the game participant plays the game, the mapping system identifies policy events, such as a security breach, and rewards the game participant accordingly.

摘要翻译： 介绍了一种利用游戏环境评估安全策略的方法。 管理员使用映射系统将与策略管理器相对应的策略标签与游戏管理器对应的游戏标签进行映射。 另外，映射系统基于游戏属性和历史数据配置参与者的游戏，例如使用定制地形分配激励到特定角色或位置，以及配置屏幕分辨率。 一旦映射系统将策略标签映射到游戏标签并配置游戏，则映射系统调用游戏并允许游戏参与者玩游戏。 当游戏参与者玩游戏时，映射系统识别诸如安全漏洞的策略事件，并相应地奖励游戏参与者。

公开(公告)号：US07720819B2

公开(公告)日：2010-05-18

申请号：US11734359

申请日：2007-04-12

申请人： Christopher Victor Lazzaro ,  Thomas Edward O'Brien ,  Borna Safabakhsh

发明人： Christopher Victor Lazzaro ,  Thomas Edward O'Brien ,  Borna Safabakhsh

IPC分类号： G06F7/00 ,  G06F17/00

CPC分类号： G06F11/1451 ,  G06F11/1456 ,  G06F11/1461

摘要： A method and apparatus for protecting file data is provided that combines or merges revision based backup with backup based on time intervals. One embodiment is directed to a method for protecting data contained in a file of a computer system, wherein the computer system is useable to create multiple successive file versions. The method comprises the steps of specifying a maximum number of file versions that can be stored collectively at first and second storage locations, and apportioning the maximum number into a first number of file versions and a second number of file versions. The method further comprises storing the most recent of the multiple file versions, up to a number equal to the first number, at the first storage location. A number of file versions respectively created before the stored most recent versions, up to a number equal to the second number, are stored at the second storage location, over a pre-specified time period and in accordance with a pre-specified strategy.

摘要翻译： 提供一种用于保护文件数据的方法和装置，其基于时间间隔将基于修订版本的备份与备份合并或合并。 一个实施例涉及用于保护包含在计算机系统的文件中的数据的方法，其中计算机系统可用于创建多个连续的文件版本。 该方法包括以下步骤：指定可以在第一和第二存储位置处集体存储的文件版本的最大数量，以及将最大数量分配成第一数量的文件版本和第二数量的文件版本。 该方法还包括在第一存储位置存储多达多个文件版本的数量等于第一个数字的数据。 在存储的最新版本之前分别创建的多达数量等于第二个数字的文件版本被存储在第二存储位置，超过预定时间段并且根据预先指定的策略。

公开(公告)号：US07912817B2

公开(公告)日：2011-03-22

申请号：US12013705

申请日：2008-01-14

申请人： Oriana Jeannette Love ,  Borna Safabakhsh

发明人： Oriana Jeannette Love ,  Borna Safabakhsh

IPC分类号： G06F7/00

CPC分类号： G06F17/30286

摘要： Data is decayed over time by a type of data item by identifying constituent units of each data item; creating a shelf-life criterion for the constituent units by assigning dimensions to each data item and to each constituent unit; for each of the data items of the data item type, establishing relationship factors for each data item to other data items, between constituent units within data items, and between data items; periodically calculating or updating a decomposability index for each constituent unit as a function of the priority dimensions and the data life dimensions by moving the index towards a threshold for constituent units which are reproducible; and subsequently, decaying the data by deleting from storage constituent units which have decomposability indices exceeding a configured threshold, thereby reducing the amount of storage occupied by a remaining plurality of data items.

摘要翻译： 通过识别每个数据项的构成单位，数据通过一种数据项随时间衰减; 通过为每个数据项和每个构成单元分配维度来为构成单元创建保质期标准; 对于数据项类型的每个数据项，为每个数据项建立与其他数据项，数据项内的组成单元之间以及数据项之间的关系因子; 通过将索引移动到可再现的构成单元的阈值，定期地计算或更新作为优先级维度和数据寿命维度的函数的每个构成单元的可分解性指数; 并且随后通过从具有超过配置阈值的分解性指数的存储组成单元中删除数据，从而减少剩余多个数据项占用的存储量。

公开(公告)号：US20100332455A1

公开(公告)日：2010-12-30

申请号：US12880381

申请日：2010-09-13

申请人： Oriana Jeannette Love ,  Borna Safabakhsh

发明人： Oriana Jeannette Love ,  Borna Safabakhsh

IPC分类号： G06F7/00

CPC分类号： G06F17/30286

摘要： Systems and methods for decomposing and decaying data over time by decomposing a type of data item into constituent units of the data item, establishing relationship factors between data items to other data items and between constituent units, creating a shelf-life criterion for the constituent units priority dimensions, calculating or updating a decomposability index for each constituent unit as a function of the priority dimensions while also applying a relationship factor and optionally incrementing for another dimension, and then decaying over time the data items by deleting all constituent units which have decomposability indices exceeding a configured threshold.

摘要翻译： 通过将数据项的类型分解成数据项的组成单元来分解和衰减数据的系统和方法，建立数据项与其他数据项之间以及组成单元之间的关系因素，为构成单元创建保质期标准 优先级维度，作为优先级维度的函数计算或更新每个构成单元的可分解性索引，同时还应用关系因子并且可选地递增另一个维度，然后随着时间的推移衰减数据项，通过删除具有可分解性指数的所有构成单元 超过配置的阈值。