公开(公告)号：US20120216242A1

公开(公告)日：2012-08-23

申请号：US13323340

申请日：2011-12-12

申请人： Eric Ridvan Uner ,  Anthony Kobrinetz ,  Martin H. Singer ,  Joshua Scott Matthews ,  Benjamin James Leslie

发明人： Eric Ridvan Uner ,  Anthony Kobrinetz ,  Martin H. Singer ,  Joshua Scott Matthews ,  Benjamin James Leslie

IPC分类号： G06F17/00 ,  G06F11/00 ,  H04L9/00

CPC分类号： G06F21/51 ,  G06F21/50 ,  G06F21/52 ,  G06F21/566 ,  H04L9/3234

摘要： A communication system having a policy server coupled to a communications network for managing secure communication with and among end instruments (EI). The EI comprises a memory, and a processor coupled to the memory with processor-executable instructions, including instructions for an operating system kernel; and instructions for a protection core that monitors operations of the operating system kernel in accordance with a security policy for the EI. Security policies can intercept calls to an operating system kernel and for each call, determining whether the call is allowed under the security policy(ies). Policies are stored in a policy library and transmitted to an EI over a wireless communication network.

摘要翻译： 一种通信系统，具有耦合到通信网络的策略服务器，用于管理与终端设备（EI）之间的安全通信。 EI包括存储器和处理器可执行指令耦合到存储器的处理器，包括用于操作系统内核的指令; 以及根据EI的安全策略监视操作系统内核的操作的保护核心的指令。 安全策略可以拦截对操作系统内核和每个呼叫的呼叫，确定呼叫是否被允许在安全策略下。 策略存储在策略库中，并通过无线通信网络传输到EI。

公开(公告)号：US09514300B2

公开(公告)日：2016-12-06

申请号：US13323340

申请日：2011-12-12

申请人： Eric Ridvan Uner ,  Anthony Kobrinetz ,  Martin H. Singer ,  Joshua Scott Matthews ,  Benjamin James Leslie

发明人： Eric Ridvan Uner ,  Anthony Kobrinetz ,  Martin H. Singer ,  Joshua Scott Matthews ,  Benjamin James Leslie

IPC分类号： G06F21/51 ,  G06F21/50 ,  G06F21/56 ,  G06F21/52 ,  H04L9/32

CPC分类号： G06F21/51 ,  G06F21/50 ,  G06F21/52 ,  G06F21/566 ,  H04L9/3234

摘要： A communication system having a policy server coupled to a communications network for managing secure communication with and among end instruments (EI). The EI comprises a memory, and a processor coupled to the memory with processor-executable instructions, including instructions for an operating system kernel; and instructions for a protection core that monitors operations of the operating system kernel in accordance with a security policy for the EI. Security policies can intercept calls to an operating system kernel and for each call, determining whether the call is allowed under the security policy(ies). Policies are stored in a policy library and transmitted to an EI over a wireless communication network.

摘要翻译： 一种通信系统，具有耦合到通信网络的策略服务器，用于管理与终端设备（EI）之间的安全通信。 EI包括存储器和处理器可执行指令耦合到存储器的处理器，包括用于操作系统内核的指令; 以及根据EI的安全策略监视操作系统内核的操作的保护核心的指令。 安全策略可以拦截对操作系统内核和每个呼叫的呼叫，确定呼叫是否被允许在安全策略下。 策略存储在策略库中，并通过无线通信网络传输到EI。

公开(公告)号：US09298917B2

公开(公告)日：2016-03-29

申请号：US13350599

申请日：2012-01-13

申请人： Eric Ridvan Uner ,  Joshua Scott Matthews ,  Benjamin James Leslie ,  Anthony Kobrinetz ,  Martin H. Singer

发明人： Eric Ridvan Uner ,  Joshua Scott Matthews ,  Benjamin James Leslie ,  Anthony Kobrinetz ,  Martin H. Singer

IPC分类号： G06F21/56 ,  G06F21/57

CPC分类号： G06F21/56 ,  G06F21/577

摘要： A system and method for a secure supervisory control and data acquisition (SCADA) system. Secure SCADA elements (SSEs) have individual system security monitoring and enforcement of policies throughout the SCADA system. And isolation core ensures that a system security monitor monitors and takes appropriate action with respect to untrusted applications that may impact an SSE. The system security server provides policy enforcement on all of the SSEs that exist on the system. New security policies are created that are populated to individual SSEs in the system. Biomorphing algorithms allow for system uniqueness to be derived over time further enhancing security of SSEs.

摘要翻译： 一种用于安全监控和数据采集（SCADA）系统的系统和方法。 安全的SCADA元素（SSEs）在整个SCADA系统中都有单独的系统安全监控和策略执行。 并且隔离核心可确保系统安全监视器对可能影响SSE的不受信任的应用程序进行监控并采取适当的措施。 系统安全服务器为系统上存在的所有SSE提供策略强制。 创建新的安全策略，将其填充到系统中的各个SSE。 生物识别算法允许随着时间推移系统唯一性进一步增强SSEs的安全性。

公开(公告)号：US20130081103A1

公开(公告)日：2013-03-28

申请号：US13350599

申请日：2012-01-13

申请人： Eric Ridvan Uner ,  Joshua Scott Matthews ,  Benjamin James Leslie ,  Anthony Kobrinetz ,  Martin H. Singer

发明人： Eric Ridvan Uner ,  Joshua Scott Matthews ,  Benjamin James Leslie ,  Anthony Kobrinetz ,  Martin H. Singer

IPC分类号： G06F21/00

CPC分类号： G06F21/56 ,  G06F21/577

摘要： A system and method for a secure supervisory control and data acquisition (SCADA) system. Secure SCADA elements (SSEs) have individual system security monitoring and enforcement of policies throughout the SCADA system. And isolation core ensures that a system security monitor monitors and takes appropriate action with respect to untrusted applications that may impact an SSE. The system security server provides policy enforcement on all of the SSEs that exist on the system. New security policies are created that are populated to individual SSEs in the system. Biomorphing algorithms allow for system uniqueness to be derived over time further enhancing security of SSEs

摘要翻译： 一种用于安全监控和数据采集（SCADA）系统的系统和方法。 安全的SCADA元素（SSEs）在整个SCADA系统中都有单独的系统安全监控和策略执行。 并且隔离核心可确保系统安全监视器对可能影响SSE的不受信任的应用程序进行监控并采取适当的措施。 系统安全服务器为系统上存在的所有SSE提供策略强制。 创建新的安全策略，将其填充到系统中的各个SSE。 生物识别算法允许随着时间推移系统唯一性进一步增强SSEs的安全性

公开(公告)号：US20120216281A1

公开(公告)日：2012-08-23

申请号：US13315531

申请日：2011-12-09

申请人： Eric Ridvan Uner ,  Benjamin James Leslie ,  Joshua Scott Matthews ,  Changhua Chen ,  Thomas Smigelski ,  Anthony Kobrinetz

发明人： Eric Ridvan Uner ,  Benjamin James Leslie ,  Joshua Scott Matthews ,  Changhua Chen ,  Thomas Smigelski ,  Anthony Kobrinetz

IPC分类号： G06F21/24

CPC分类号： G06F21/51 ,  G06F21/50 ,  G06F21/52 ,  G06F21/566 ,  H04L9/3234

摘要： A method and apparatus for resisting malicious code in a computing device. A software component corresponding to an operating system kernel is analyzed prior to executing the software component to detect the presence of one or more specific instructions such as malicious code, a change in mode permissions or instructions to modify or turn off security monitoring software, and taking a graduated action in response to the detection of one or more specific instructions. The graduated action taken is specified by a security policy (or policies) stored on the computing device. The analyzing may include off-line scanning of a particular code or portion of code for certain instructions, op codes, or patterns, and includes scanning in real-time as the kernel or kernel module is loading while the code being scanned is not yet executing (i.e., it is not yet “on-line”). Analysis of other code proceeds according to policies.

摘要翻译： 一种用于在计算设备中抵抗恶意代码的方法和装置。 在执行软件组件之前分析对应于操作系统内核的软件组件以检测一个或多个特定指令的存在，例如恶意代码，模式许可的改变或修改或关闭安全监控软件的指令，以及采取 响应于检测到一个或多个特定指令的分级动作。 所采取的分级动作由存储在计算设备上的安全策略（或策略）指定。 分析可以包括用于某些指令，操作代码或模式的特定代码或代码部分的离线扫描，并且包括当正在扫描的代码尚未执行时内核或内核模块正在加载时实时扫描 （即，它还没有“在线”）。 根据政策对其他代码进行分析。

公开(公告)号：US20080263256A1

公开(公告)日：2008-10-23

申请号：US11737806

申请日：2007-04-20

申请人： Kevin S. Gudeth ,  Eric Ridvan Uner

发明人： Kevin S. Gudeth ,  Eric Ridvan Uner

IPC分类号： G06F12/00

CPC分类号： G06F12/1475 ,  G06F12/145

摘要： A logic device. The logic device includes a control module, a memory management unit, a memory module, and at least one first register. The memory management unit controls flow of software code between the control module and the memory module; the control module programs at least one of the first registers during start-up procedures of the logic device to specify at least one data memory section in the memory module. The memory management unit communicates with the first registers to identify the at least one data memory section, and the memory management unit excludes executable code from storage in the at least one data memory section. After completion of the start-up procedures, the first registers are write protected, thereby preventing subsequent programming of the first registers, and the memory management unit cannot be disabled without shutting down the logic device.

摘要翻译： 逻辑器件 逻辑设备包括控制模块，存储器管理单元，存储器模块和至少一个第一寄存器。 存储器管理单元控制控制模块和存储器模块之间的软件代码流程; 所述控制模块在所述逻辑设备的启动过程期间对所述第一寄存器中的至少一个进行编程以指定所述存储器模块中的至少一个数据存储器部分。 存储器管理单元与第一寄存器通信以识别至少一个数据存储器部分，并且存储器管理单元从至少一个数据存储器部分中的存储中排除可执行代码。 在启动程序完成之后，第一个寄存器被写保护，从而防止后续的第一个寄存器的编程，并且不关闭逻辑器件而无法禁止存储器管理单元。

公开(公告)号：US20080244275A1

公开(公告)日：2008-10-02

申请号：US11694149

申请日：2007-03-30

申请人： Eric Ridvan Uner

发明人： Eric Ridvan Uner

IPC分类号： H04L9/00

CPC分类号： G06F21/57

摘要： A method and structure of instruction transformation. Applying the principals of biodiversity to instruction transformation applicable to devices and embedded systems and networks containing many devices not only protects individual devices from attack from unauthorized code, but additionally retards propagation of such unauthorized code to other devices in the system or network in communication with a potentially infected device.

摘要翻译： 指令转换的方法和结构。 将生物多样性的原则应用于适用于包含许多设备的设备和嵌入式系统和网络的指令转换，不仅可以保护各个设备免受未经授权的代码的攻击，而且还会阻止将这种未经授权的代码传播到与系统或网络通信的其他设备 潜在感染的设备。

公开(公告)号：US20080282346A1

公开(公告)日：2008-11-13

申请号：US11746703

申请日：2007-05-10

申请人： Kevin S. Gudeth ,  Eric Ridvan Uner

发明人： Kevin S. Gudeth ,  Eric Ridvan Uner

IPC分类号： G06F11/00

CPC分类号： G06F21/563

摘要： A data type management unit. The data type management unit is configured to include a rules module which includes at least one identification standard paired with an associated code type, an interface module configured to receive a code signal, and an analysis module coupled to the interface module and to the rules module. Each identification standard includes a comparison rule paired with an associated rejection criteria; the comparison rule of each identification standard includes at least one code pattern representative of the associated code type; and the rejection criteria of each identification standard includes at least one rejection rule. The analysis module is configured to compare the received code signal to each code pattern in each identification standard and to recognize if one or more of the comparison results violates one or more of the rejection rules.

摘要翻译： 数据类型管理单元。 数据类型管理单元被配置为包括规则模块，其包括与相关联的代码类型配对的至少一个识别标准，被配置为接收代码信号的接口模块以及耦合到接口模块和规则模块的分析模块 。 每个识别标准包括与相关拒绝标准配对的比较规则; 每个识别标准的比较规则包括代表相关代码类型的至少一个代码模式; 并且每个识别标准的拒绝标准包括至少一个拒绝规则。 分析模块被配置为将接收到的代码信号与每个识别标准中的每个代码模式进行比较，并且识别一个或多个比较结果是否违反一个或多个拒绝规则。

公开(公告)号：US20080244753A1

公开(公告)日：2008-10-02

申请号：US11694036

申请日：2007-03-30

申请人： Eric Ridvan Uner

发明人： Eric Ridvan Uner

IPC分类号： G06F7/04

CPC分类号： G06F21/50 ,  G06F21/125 ,  G06F21/71

摘要： A method and structure of instruction transformation. Applying the principals of biodiversity to instruction transformation applicable to devices and embedded systems and networks containing many devices not only protects individual devices from attack from unauthorized code, but additionally retards propagation of such unauthorized code to other devices in the system or network in communication with a potentially infected device.