利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

33 条记录 (耗时 0.035 秒)

    METHOD FOR IMPROVED IMAGE-CUSTOMIZATION BY USE OF EMBEDDED METADATA
    3.
    发明申请
    METHOD FOR IMPROVED IMAGE-CUSTOMIZATION BY USE OF EMBEDDED METADATA 审中-公开
    通过使用嵌入元数据改进图像自定义的方法

    公开(公告)号:US20080256534A1

    公开(公告)日:2008-10-16

    申请号:US11734549

    申请日:2007-04-12

    申请人: David M. Chess Sean L. Dague Tamar Eilam Ronald T. Goering Ryan P. Grimm James E. Hanson Giovanni Pacifici Benny Rochwerger Hidayatullah H. Shaikh Ian N. Whalley Jian Yin

    发明人: David M. Chess Sean L. Dague Tamar Eilam Ronald T. Goering Ryan P. Grimm James E. Hanson Giovanni Pacifici Benny Rochwerger Hidayatullah H. Shaikh Ian N. Whalley Jian Yin

    IPC分类号: G06F9/455

    CPC分类号: G06F9/45558 G06F2009/45562

    摘要: The present invention relates to a method for the customization of virtual machine images. The method comprises identifying and retrieving a virtual machine image template. A customized virtual machine image is created from the virtual machine image template. The customized virtual machine image template being created by identifying at least one file-system or memory image that is associated with the virtual machine image template, identifying within the at least one file-system or memory image at least one data set, wherein the at least one data set comprises metadata. The metadata contains information detailing the required execution context customization aspects for at least one specified image subset of the virtual machine. Execution context-specific information that is required to customize the image subset of the virtual machine is retrieved. Further, the image subset of the virtual machine is modified in accordance with the retrieved execution context-specific information.

    摘要翻译: 本发明涉及一种用于定制虚拟机图像的方法。 该方法包括识别和检索虚拟机图像模板。 从虚拟机映像模板创建自定义虚拟机映像。 通过识别与虚拟机图像模板相关联的至少一个文件系统或存储器映像来创建定制的虚拟机映像模板,在至少一个文件系统或存储器映像内标​​识至少一个数据集,其中, 至少一个数据集包括元数据。 元数据包含详细说明虚拟机的至少一个指定图像子集所需的执行上下文定制方面的信息。 检索自定义虚拟机的映像子集所需的执行上下文特定信息。 此外,根据检索的执行上下文特定信息来修改虚拟机的图像子集。

    Method and apparatus for the automatic determination of potentially worm-like behavior of a program
    4.
    发明授权
    Method and apparatus for the automatic determination of potentially worm-like behavior of a program 有权
    用于自动确定程序潜在的蠕虫状行为的方法和装置

    公开(公告)号:US07996905B2

    公开(公告)日:2011-08-09

    申请号:US12062152

    申请日:2008-04-03

    申请人: William C. Arnold David M. Chess John F. Morar Alla Segal Ian N. Whalley Steve R. White

    发明人: William C. Arnold David M. Chess John F. Morar Alla Segal Ian N. Whalley Steve R. White

    IPC分类号: G06F12/14 H04L29/06 G06F11/30

    CPC分类号: G06F21/51

    摘要: A method and system for the automatic determination of the behavioral profile of a program suspected of having worm-like characteristics includes analyzing data processing system resources required by the program and, if the required resources are not indicative of the program having worm-like characteristics, running the program in a controlled non-network environment while monitoring and logging accesses to system resources to determine the behavior of the program in the non-network environment. A logged record of the observed behavior is analyzed to determine if the behavior is indicative of the program having worm-like characteristics. The non-network environment may simulate the appearance of a network to the program, without emulating the operation of the network.

    摘要翻译: 用于自动确定涉嫌具有蠕虫特征的程序的行为特征的方法和系统包括分析程序所需的数据处理系统资源,并且如果所需资源不表示具有蠕虫状特征的程序, 在受控的非网络环境中运行程序,同时监视和记录对系统资源的访问,以确定非网络环境中程序的行为。 分析观察行为的记录记录,以确定行为是否表明具有蠕虫状特征的程序。 非网络环境可以模拟网络对程序的外观,而不模拟网络的操作。

    Method for disaggregating customer data in online transactions to preserve privacy
    5.
    发明授权
    Method for disaggregating customer data in online transactions to preserve privacy 有权

    公开(公告)号:US07117182B2

    公开(公告)日:2006-10-03

    申请号:US10041391

    申请日:2002-01-08

    申请人: David M. Chess Ian N. Whalley Steve R. White

    发明人: David M. Chess Ian N. Whalley Steve R. White

    IPC分类号: G06F17/60

    CPC分类号: G06Q30/06 G06Q20/02 G06Q20/382 G06Q20/383 G06Q20/401

    摘要: A method for carrying out multi-party transactions in which at least one party or user has information which he considers private, the method comprising: a first determining step, in which it is determined which parties will take part in the transaction; a second determining step, in which it is determined, for each party taking part in the transaction, what information about the user that party requires in order to complete the corresponding part of the transaction; a selecting step, which may occur before or after the determining steps, in which one or more nonces, GUIDs, or other tokens are selected, to represent the user in the course of the transaction; a providing step, in which each party determined in the first determining step is provided with information comprising the corresponding information about the user determined in the second determining step, and one or more of the nonces, GUIDs, or other tokens selected in the selecting step; an execution step, in which the parties to the transaction complete the transaction, using the information about the user that they have been given, and the one or more nonces, GUIDs, or other tokens, to determine and communicate the details of the fulfillment while minimizing the amount of unneeded private information that is transmitted or otherwise exposed.

    Method and Apparatus for Determination of the Non-Replicative Behavior of a Malicious Program
    6.
    发明申请
    Method and Apparatus for Determination of the Non-Replicative Behavior of a Malicious Program 有权
    用于确定恶意程序的非复制行为的方法和装置

    公开(公告)号:US20080256633A1

    公开(公告)日:2008-10-16

    申请号:US12141165

    申请日:2008-06-18

    申请人: William C. ARNOLD David M. Chess John F. Morar Alla Segal Ian N. Whalley Steve R. White

    发明人: William C. ARNOLD David M. Chess John F. Morar Alla Segal Ian N. Whalley Steve R. White

    IPC分类号: G06F12/14

    CPC分类号: G06F21/566

    摘要: Disclosed is a method, a computer system and a computer readable media product that contains a set of computer executable software instructions for directing the computer system to execute a process for determining a non-replicative behavior of a program that is suspected of containing an undesirable software entity. The process causes execution of the program in at least one known environment and automatically examines the at least one known environment to detect if a change has occurred in the environment as a result of the execution of the program. If a change is detected, the process automatically analyzes the detected change (i.e., the process performs a side effects analysis) to determine if the change resulted from execution of the program or from execution of the undesirable software entity. The process then uses the result of the analysis at least for undoing a detected change that results from execution of the undesirable software entity. The result of the analysis can also be used for informing a user of an anti-virus system of the non-replicative changes made to the environment.

    摘要翻译: 公开了一种方法,计算机系统和计算机可读介质产品,其包含一组计算机可执行软件指令,用于指导计算机系统执行用于确定怀疑含有不期望的软件的程序的非复制行为的过程 实体。 该过程导致在至少一个已知环境中执行该程序,并且自动检查该至少一个已知环境以检测由于该程序的执行而在该环境中是否发生了改变。 如果检测到改变,则该过程自动分析检测到的变化(即,过程执行副作用分析),以确定改变是由执行程序还是由不期望的软件实体的执行引起。 该过程然后使用分析结果至少用于撤销由不期望的软件实体的执行导致的检测到的改变。 分析的结果也可以用于向用户通知反病毒系统对环境的非复制变化。

    Method and Apparatus for the Automatic Determination of Potentially Worm-Like Behavior of a Program
    7.
    发明申请
    Method and Apparatus for the Automatic Determination of Potentially Worm-Like Behavior of a Program 有权
    用于自动确定程序的潜在蠕虫样行为的方法和装置

    公开(公告)号:US20080189787A1

    公开(公告)日:2008-08-07

    申请号:US12062152

    申请日:2008-04-03

    申请人: William C. Arnold David M. Chess John F. Morar Alla Segal Ian N. Whalley Steve R. White

    发明人: William C. Arnold David M. Chess John F. Morar Alla Segal Ian N. Whalley Steve R. White

    IPC分类号: G06F21/00

    CPC分类号: G06F21/51

    摘要: A method and system for the automatic determination of the behavioral profile of a program suspected of having worm-like characteristics includes analyzing data processing system resources required by the program and, if the required resources are not indicative of the program having worm-like characteristics, running the program in a controlled non-network environment while monitoring and logging accesses to system resources to determine the behavior of the program in the non-network environment. A logged record of the observed behavior is analyzed to determine if the behavior is indicative of the program having worm-like characteristics. The non-network environment may simulate the appearance of a network to the program, without emulating the operation of the network.

    摘要翻译: 用于自动确定涉嫌具有蠕虫特征的程序的行为特征的方法和系统包括分析程序所需的数据处理系统资源,并且如果所需资源不表示具有蠕虫状特征的程序, 在受控的非网络环境中运行程序,同时监视和记录对系统资源的访问,以确定非网络环境中程序的行为。 分析观察行为的记录记录,以确定行为是否表明具有蠕虫状特征的程序。 非网络环境可以模拟网络对程序的外观,而不模拟网络的操作。

    Method and apparatus for determination of the non-replicative behavior of a malicious program
    8.
    发明授权
    Method and apparatus for determination of the non-replicative behavior of a malicious program 有权

    公开(公告)号:US07103913B2

    公开(公告)日:2006-09-05

    申请号:US10141896

    申请日:2002-05-08

    申请人: William C. Arnold David M. Chess John F. Morar Alla Segal Ian N. Whalley Steve R. White

    发明人: William C. Arnold David M. Chess John F. Morar Alla Segal Ian N. Whalley Steve R. White

    IPC分类号: G06F11/00

    CPC分类号: G06F21/566

    摘要: Disclosed is a method, a computer system and a computer readable media product that contains a set of computer executable software instructions for directing the computer system to execute a process for determining a non-replicative behavior of a program that is suspected of containing an undesirable software entity. The process causes execution of the program in at least one known environment and automatically examines the at least one known environment to detect if a change has occurred in the environment as a result of the execution of the program. If a change is detected, the process automatically analyzes the detected change (i.e., the process performs a side effects analysis) to determine if the change resulted from execution of the program or from execution of the undesirable software entity. The process then uses the result of the analysis at least for undoing a detected change that results from execution of the undesirable software entity. The result of the analysis can also be used for informing a user of an anti-virus system of the non-replicative changes made to the environment.

    Physical key security management method and apparatus for information systems
    9.
    发明授权
    Physical key security management method and apparatus for information systems 有权
    信息系统的物理密钥安全管理方法和装置

    公开(公告)号:US07069585B1

    公开(公告)日:2006-06-27

    申请号:US09641156

    申请日:2000-08-17

    申请人: David M. Chess Ian N. Whalley Steve R. White John F. Morar

    发明人: David M. Chess Ian N. Whalley Steve R. White John F. Morar

    IPC分类号: G07F7/08

    CPC分类号: H04L63/0853 G06F21/31 G06F21/34 G06F21/445 G06F2221/2113 G06F2221/2129 G06F2221/2153 H04L63/10

    摘要: An apparatus and a method for enabling the secure installation and use of an information system having a plurality of nodes, where the plurality of nodes include at least one information appliance (100) and at least one security console (200). The apparatus includes at least one data-carrying object, referred to as a “key” (301), that contains security-related data, and further includes at least one key receptacle (103, 203) that forms a portion of at least one of the nodes. The key is inserted into the receptacle for reading-out the security-related data for indicating to the information system a desired security configuration. The key is not intended to primarily establish the identity of a particular user or principal, but is instead intended to provide and be instrumental in defining, using a tangible medium, a security configuration that bestows a certain level of authorization or access to a particular user or principal.

    摘要翻译: 一种用于实现具有多个节点的信息系统的安全安装和使用的装置和方法,其中所述多个节点包括至少一个信息装置(100)和至少一个安全控制台(200)。 该装置包括至少一个数据携带对象,被称为“密钥”(301),其包含与安全性有关的数据,并且还包括至少一个密钥容器(103,203),其形成至少一个 的节点。 将密钥插入插座中,以读出与安全相关的数据,以向信息系统指示所需的安全配置。 密钥不是主要建立特定用户或主体的身份,而是旨在提供并有助于使用有形介质来定义给予特定用户的一定级别的授权或访问的安全配置 或校长。

    Method and apparatus for replicating and analyzing worm programs
    10.
    发明授权
    Method and apparatus for replicating and analyzing worm programs 有权
    用于复制和分析蠕虫程序的方法和装置

    公开(公告)号:US06981279B1

    公开(公告)日:2005-12-27

    申请号:US09640453

    申请日:2000-08-17

    申请人: William C. Arnold David M. Chess John F. Morar Alla Segal Morton G. Swimmer Ian N. Whalley Steve R. White

    发明人: William C. Arnold David M. Chess John F. Morar Alla Segal Morton G. Swimmer Ian N. Whalley Steve R. White

    IPC分类号: G06F7/04 G06F9/44 G06F9/455 G06F11/00 G06F21/00

    CPC分类号: G06F21/566

    摘要: A system and a method are disclosed for dynamically analyzing software, some of whose potentially-important behaviors (such as worm-like behavior) may only be displayed when the software is executed in an environment where it has, or appears to have, access to a production network and/or to the global Internet. The software can be executed in a real or an emulated network environment that includes a monitoring component and an emulation component. The monitoring component serves to capture and/or record the behaviors displayed by the software and/or other components of the system, and the emulation component gives the software being analyzed the impression that it is executing with access to a production network and/or to the global Internet. The software being analyzed is effectively confined to the analysis network environment, and cannot in fact read information from, or alter any information on, any production network or the global Internet.

    摘要翻译: 公开了一种用于动态分析软件的系统和方法,其中一些可能重要的行为(例如蠕虫状行为)可能仅在软件在具有或似乎具有 生产网络和/或全球互联网。 该软件可以在包含监视组件和仿真组件的真实或仿真网络环境中执行。 监视组件用于捕获和/或记录由软件和/或系统的其他组件显示的行为,并且仿真组件给予被分析的软件正在通过访问生产网络执行的印象和/或 全球互联网。 正在分析的软件有效地限于分析网络环境,实际上不能从任何生产网络或全球互联网上读取信息或更改任何信息。