公开(公告)号：US20120216242A1

公开(公告)日：2012-08-23

申请号：US13323340

申请日：2011-12-12

申请人： Eric Ridvan Uner ,  Anthony Kobrinetz ,  Martin H. Singer ,  Joshua Scott Matthews ,  Benjamin James Leslie

发明人： Eric Ridvan Uner ,  Anthony Kobrinetz ,  Martin H. Singer ,  Joshua Scott Matthews ,  Benjamin James Leslie

IPC分类号： G06F17/00 ,  G06F11/00 ,  H04L9/00

CPC分类号： G06F21/51 ,  G06F21/50 ,  G06F21/52 ,  G06F21/566 ,  H04L9/3234

摘要： A communication system having a policy server coupled to a communications network for managing secure communication with and among end instruments (EI). The EI comprises a memory, and a processor coupled to the memory with processor-executable instructions, including instructions for an operating system kernel; and instructions for a protection core that monitors operations of the operating system kernel in accordance with a security policy for the EI. Security policies can intercept calls to an operating system kernel and for each call, determining whether the call is allowed under the security policy(ies). Policies are stored in a policy library and transmitted to an EI over a wireless communication network.

摘要翻译： 一种通信系统，具有耦合到通信网络的策略服务器，用于管理与终端设备（EI）之间的安全通信。 EI包括存储器和处理器可执行指令耦合到存储器的处理器，包括用于操作系统内核的指令; 以及根据EI的安全策略监视操作系统内核的操作的保护核心的指令。 安全策略可以拦截对操作系统内核和每个呼叫的呼叫，确定呼叫是否被允许在安全策略下。 策略存储在策略库中，并通过无线通信网络传输到EI。

公开(公告)号：US09514300B2

公开(公告)日：2016-12-06

申请号：US13323340

申请日：2011-12-12

申请人： Eric Ridvan Uner ,  Anthony Kobrinetz ,  Martin H. Singer ,  Joshua Scott Matthews ,  Benjamin James Leslie

发明人： Eric Ridvan Uner ,  Anthony Kobrinetz ,  Martin H. Singer ,  Joshua Scott Matthews ,  Benjamin James Leslie

IPC分类号： G06F21/51 ,  G06F21/50 ,  G06F21/56 ,  G06F21/52 ,  H04L9/32

CPC分类号： G06F21/51 ,  G06F21/50 ,  G06F21/52 ,  G06F21/566 ,  H04L9/3234

摘要： A communication system having a policy server coupled to a communications network for managing secure communication with and among end instruments (EI). The EI comprises a memory, and a processor coupled to the memory with processor-executable instructions, including instructions for an operating system kernel; and instructions for a protection core that monitors operations of the operating system kernel in accordance with a security policy for the EI. Security policies can intercept calls to an operating system kernel and for each call, determining whether the call is allowed under the security policy(ies). Policies are stored in a policy library and transmitted to an EI over a wireless communication network.

摘要翻译： 一种通信系统，具有耦合到通信网络的策略服务器，用于管理与终端设备（EI）之间的安全通信。 EI包括存储器和处理器可执行指令耦合到存储器的处理器，包括用于操作系统内核的指令; 以及根据EI的安全策略监视操作系统内核的操作的保护核心的指令。 安全策略可以拦截对操作系统内核和每个呼叫的呼叫，确定呼叫是否被允许在安全策略下。 策略存储在策略库中，并通过无线通信网络传输到EI。

公开(公告)号：US09298917B2

公开(公告)日：2016-03-29

申请号：US13350599

申请日：2012-01-13

申请人： Eric Ridvan Uner ,  Joshua Scott Matthews ,  Benjamin James Leslie ,  Anthony Kobrinetz ,  Martin H. Singer

发明人： Eric Ridvan Uner ,  Joshua Scott Matthews ,  Benjamin James Leslie ,  Anthony Kobrinetz ,  Martin H. Singer

IPC分类号： G06F21/56 ,  G06F21/57

CPC分类号： G06F21/56 ,  G06F21/577

摘要： A system and method for a secure supervisory control and data acquisition (SCADA) system. Secure SCADA elements (SSEs) have individual system security monitoring and enforcement of policies throughout the SCADA system. And isolation core ensures that a system security monitor monitors and takes appropriate action with respect to untrusted applications that may impact an SSE. The system security server provides policy enforcement on all of the SSEs that exist on the system. New security policies are created that are populated to individual SSEs in the system. Biomorphing algorithms allow for system uniqueness to be derived over time further enhancing security of SSEs.

摘要翻译： 一种用于安全监控和数据采集（SCADA）系统的系统和方法。 安全的SCADA元素（SSEs）在整个SCADA系统中都有单独的系统安全监控和策略执行。 并且隔离核心可确保系统安全监视器对可能影响SSE的不受信任的应用程序进行监控并采取适当的措施。 系统安全服务器为系统上存在的所有SSE提供策略强制。 创建新的安全策略，将其填充到系统中的各个SSE。 生物识别算法允许随着时间推移系统唯一性进一步增强SSEs的安全性。

公开(公告)号：US20130081103A1

公开(公告)日：2013-03-28

申请号：US13350599

申请日：2012-01-13

申请人： Eric Ridvan Uner ,  Joshua Scott Matthews ,  Benjamin James Leslie ,  Anthony Kobrinetz ,  Martin H. Singer

发明人： Eric Ridvan Uner ,  Joshua Scott Matthews ,  Benjamin James Leslie ,  Anthony Kobrinetz ,  Martin H. Singer

IPC分类号： G06F21/00

CPC分类号： G06F21/56 ,  G06F21/577

摘要： A system and method for a secure supervisory control and data acquisition (SCADA) system. Secure SCADA elements (SSEs) have individual system security monitoring and enforcement of policies throughout the SCADA system. And isolation core ensures that a system security monitor monitors and takes appropriate action with respect to untrusted applications that may impact an SSE. The system security server provides policy enforcement on all of the SSEs that exist on the system. New security policies are created that are populated to individual SSEs in the system. Biomorphing algorithms allow for system uniqueness to be derived over time further enhancing security of SSEs

摘要翻译： 一种用于安全监控和数据采集（SCADA）系统的系统和方法。 安全的SCADA元素（SSEs）在整个SCADA系统中都有单独的系统安全监控和策略执行。 并且隔离核心可确保系统安全监视器对可能影响SSE的不受信任的应用程序进行监控并采取适当的措施。 系统安全服务器为系统上存在的所有SSE提供策略强制。 创建新的安全策略，将其填充到系统中的各个SSE。 生物识别算法允许随着时间推移系统唯一性进一步增强SSEs的安全性

公开(公告)号：US20120216281A1

公开(公告)日：2012-08-23

申请号：US13315531

申请日：2011-12-09

申请人： Eric Ridvan Uner ,  Benjamin James Leslie ,  Joshua Scott Matthews ,  Changhua Chen ,  Thomas Smigelski ,  Anthony Kobrinetz

发明人： Eric Ridvan Uner ,  Benjamin James Leslie ,  Joshua Scott Matthews ,  Changhua Chen ,  Thomas Smigelski ,  Anthony Kobrinetz

IPC分类号： G06F21/24

CPC分类号： G06F21/51 ,  G06F21/50 ,  G06F21/52 ,  G06F21/566 ,  H04L9/3234

摘要： A method and apparatus for resisting malicious code in a computing device. A software component corresponding to an operating system kernel is analyzed prior to executing the software component to detect the presence of one or more specific instructions such as malicious code, a change in mode permissions or instructions to modify or turn off security monitoring software, and taking a graduated action in response to the detection of one or more specific instructions. The graduated action taken is specified by a security policy (or policies) stored on the computing device. The analyzing may include off-line scanning of a particular code or portion of code for certain instructions, op codes, or patterns, and includes scanning in real-time as the kernel or kernel module is loading while the code being scanned is not yet executing (i.e., it is not yet “on-line”). Analysis of other code proceeds according to policies.

摘要翻译： 一种用于在计算设备中抵抗恶意代码的方法和装置。 在执行软件组件之前分析对应于操作系统内核的软件组件以检测一个或多个特定指令的存在，例如恶意代码，模式许可的改变或修改或关闭安全监控软件的指令，以及采取 响应于检测到一个或多个特定指令的分级动作。 所采取的分级动作由存储在计算设备上的安全策略（或策略）指定。 分析可以包括用于某些指令，操作代码或模式的特定代码或代码部分的离线扫描，并且包括当正在扫描的代码尚未执行时内核或内核模块正在加载时实时扫描 （即，它还没有“在线”）。 根据政策对其他代码进行分析。

公开(公告)号：US5485163A

公开(公告)日：1996-01-16

申请号：US220342

申请日：1994-03-30

申请人： Martin H. Singer ,  Daniel Tell ,  Anthony Kobrinetz

发明人： Martin H. Singer ,  Daniel Tell ,  Anthony Kobrinetz

IPC分类号： G01S3/02 ,  G01S5/00 ,  G01S5/02 ,  G01S5/14 ,  G01S13/74 ,  G01S13/87 ,  G01S19/06 ,  G08B21/02 ,  H04W64/00

CPC分类号： G08B21/0202 ,  G01S13/878 ,  G01S5/0054 ,  G01S5/02 ,  G01S2205/006 ,  G01S2205/008 ,  G01S5/14 ,  H04W64/00

摘要： A system and method for locating a portable locator device in a communications network. The portable locator unit (PLU) (4) is activated either by an external signal (62) generated in response to remote activation source, such as a subscriber (6, 8) or PLU detector (106, 108), or by an internal activation signal triggered e.g. by the wearer. Once activated, the PLU (4) transmits a location signal (66). This location signal (66) is received by one or more network service nodes (20, 22, 24) which forward the information along with identifying service node information to a network location processor (26, 28). After having determined the location of the PLU (4) from the received information, the network location processor (26, 28) forwards this information to a designated source, such as the requesting subscriber or other authorized user (6, 8).

摘要翻译： 一种用于在通信网络中定位便携式定位装置的系统和方法。 便携式定位器单元（PLU）（4）由响应于远程激活源（例如订户（6,8）或PLU检测器（106,108））产生的外部信号（62）或内部 激活信号触发例如 穿着者。 一旦被激活，PLU（4）发送位置信号（66）。 该位置信号（66）由一个或多个网络服务节点（20,22,24）接收，该网络服务节点将信息与识别服务节点信息一起转发到网络位置处理器（26,28）。 在从接收到的信息确定了PLU（4）的位置之后，网络位置处理器（26,28）将该信息转发到诸如请求用户或其他授权用户（6,8）的指定的源。

公开(公告)号：US20080159239A1

公开(公告)日：2008-07-03

申请号：US11617270

申请日：2006-12-28

申请人： Paul Odlyzko ,  Anthony Kobrinetz ,  Gary D. Schulz

发明人： Paul Odlyzko ,  Anthony Kobrinetz ,  Gary D. Schulz

IPC分类号： H04B7/212

CPC分类号： H04W72/1215 ,  H04W24/00 ,  H04W88/06

摘要： A method and apparatus for multiplexing a plurality of communication signals where the communication signals may operate using different protocols is provided. A communication node (102) that is a part of a communications system or network (100) is provided. The access point includes a transceiver (202, 204) for transmitting and receiving a first signal and a second signal wherein the first signal (410) is using a first protocol and the second signal (412) using a second protocol. The access point also includes a scheduler (208) for scheduling a transmit time for the first signal and for the second signal within a first frame (402, 404) and a receiving time for the first signal and for the second signal within a second frame (406, 408). A multiplexer (210) is also provided where the multiplexer combines the first signal and second signal in the first and second frames according to the scheduled transmit time and receive time.

摘要翻译： 提供一种用于多路复用通信信号可以使用不同协议操作的多个通信信号的方法和装置。 提供作为通信系统或网络（100）的一部分的通信节点（102）。 接入点包括用于发送和接收第一信号的收发器（202,204）和第二信号，其中第一信号（410）使用第一协议，第二信号（412）使用第二协议。 接入点还包括调度器（208），用于调度第一信号的发送时间和第一帧（402,404）内的第二信号以及第二帧内的第一信号和第二信号的接收时间 （406,408）。 还提供多路复用器（210），其中复用器根据调度的发送时间和接收时间在第一和第二帧中组合第一信号和第二信号。

公开(公告)号：US06842621B2

公开(公告)日：2005-01-11

申请号：US10037956

申请日：2001-12-21

申请人： Nicholas Labun ,  Shao Weipan ,  Anthony Kobrinetz ,  Angel Fernando Favila ,  Peisong Huang ,  Charles Malek

发明人： Nicholas Labun ,  Shao Weipan ,  Anthony Kobrinetz ,  Angel Fernando Favila ,  Peisong Huang ,  Charles Malek

IPC分类号： H04M3/42 ,  H04L12/28 ,  H04L12/54 ,  H04L29/06 ,  H04L29/08 ,  H04M11/08 ,  H04W12/06 ,  H04W28/06 ,  H04W40/02 ,  H04W64/00 ,  H04W84/04 ,  H04Q7/20

CPC分类号： H04W28/06 ,  H04L12/5692 ,  H04L29/06 ,  H04L63/08 ,  H04L67/02 ,  H04L67/025 ,  H04L67/04 ,  H04L67/10 ,  H04L67/14 ,  H04L67/2814 ,  H04L67/2823 ,  H04W12/06 ,  H04W40/02 ,  H04W64/00 ,  H04W84/042

摘要： This invention provides a system and method for splitting control and media content signals of a cellular network connection of a mobile station. A mobile station engages in a WAP browsing session with a cellular network connection over an air interface. As a user moves into coverage area of an access point, another browsing session is established between the mobile station and a non-cellular network connection. More specifically, the user's WAP browsing session with a cellular network connection is upgraded to a Web browsing session with a non-cellular network connection. The present invention permits a user to control a Web browser on a remote device by providing user input to the mobile station. In particular, a media content portion of the cellular network connection is split and rerouted to the remote device, and a control portion of the cellular network connection is split and rerouted either via the non-cellular network connection or via the cellular network connection.

摘要翻译： 本发明提供了一种用于分离移动台的蜂窝网络连接的控制和媒体内容信号的系统和方法。 移动台通过空中接口参与具有蜂窝网络连接的WAP浏览会话。 当用户进入接入点的覆盖区域时，在移动台和非蜂窝网络连接之间建立另一浏览会话。 更具体地，具有蜂窝网络连接的用户的WAP浏览会话被升级到具有非蜂窝网络连接的网络浏览会话。 本发明允许用户通过向移动台提供用户输入来控制远程设备上的Web浏览器。 特别地，将蜂窝网络连接的媒体内容部分分离并重新路由到远程设备，并且蜂窝网络连接的控制部分经由非蜂窝网络连接或经由蜂窝网络连接被拆分和重新路由。

公开(公告)号：US09635680B2

公开(公告)日：2017-04-25

申请号：US11617270

申请日：2006-12-28

申请人： Paul Odlyzko ,  Anthony Kobrinetz ,  Gary D. Schulz

发明人： Paul Odlyzko ,  Anthony Kobrinetz ,  Gary D. Schulz

IPC分类号： H04W72/12 ,  H04W24/00 ,  H04W88/06

CPC分类号： H04W72/1215 ,  H04W24/00 ,  H04W88/06

摘要： A method and apparatus for multiplexing a plurality of communication signals where the communication signals may operate using different protocols is provided. A communication node (102) that is a part of a communications system or network (100) is provided. The access point includes a transceiver (202, 204) for transmitting and receiving a first signal and a second signal wherein the first signal (410) is using a first protocol and the second signal (412) using a second protocol. The access point also includes a scheduler (208) for scheduling a transmit time for the first signal and for the second signal within a first frame (402, 404) and a receiving time for the first signal and for the second signal within a second frame (406, 408). A multiplexer (210) is also provided where the multiplexer combines the first signal and second signal in the first and second frames according to the scheduled transmit time and receive time.

公开(公告)号：US06862277B2

公开(公告)日：2005-03-01

申请号：US10281842

申请日：2002-10-28

申请人： Shaowei Pan ,  Fei Wu ,  Nicholas Labun ,  Anthony Kobrinetz ,  Angel Fernando Favila

发明人： Shaowei Pan ,  Fei Wu ,  Nicholas Labun ,  Anthony Kobrinetz ,  Angel Fernando Favila

IPC分类号： H04L29/06 ,  H04L12/28

CPC分类号： H04L65/1069 ,  H04L65/1006 ,  H04L65/4015 ,  H04L65/80 ,  H04L69/14

摘要： A method and apparatus for multi-media communication includes transmitting a first session invite request (300) having a plurality of first call transaction identifiers (302), wherein each of the first call transaction identifiers (302) has a first call transaction value (303). Thereupon, the method and apparatus engages in a first communication session using the first session invite request (300). Concurrently, a second session invite request (400), having a plurality of second call transaction identifiers (402) having a second call transaction value (403), is also transmitted. A determination is made if the second session invite request (400) is duplicative by comparing the first and second call transaction values (303, 403) of the first and second call transaction identifiers (302, 402). A second communication session is engaged if the second session invite request (400) is not duplicative such that the first communication session and the second communication session create a multi-media session.

摘要翻译： 一种用于多媒体通信的方法和装置，包括发送具有多个第一呼叫交易标识符（302）的第一会话邀请请求（300），其中第一呼叫交易标识符（302）中的每一个具有第一呼叫交易值（303 ）。 因此，该方法和装置使用第一会话邀请请求（300）参与第一通信会话。 同时，还发送具有具有第二呼叫交易值（403）的多个第二呼叫交易标识符（402）的第二会话邀请请求（400）。 通过比较第一和第二呼叫交易标识符（302,402）的第一和第二呼叫交易值（303,403），确定第二会话邀请请求（400）是否是重复的。 如果第二会话邀请请求（400）不是重复的，使得第一通信会话和第二通信会话创建多媒体会话，则进行第二通信会话。