利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

43 条记录 (耗时 0.018 秒)

    Detection of network environment for network access control
    1.
    发明授权
    Detection of network environment for network access control 有权
    网络访问控制网络环境检测

    公开(公告)号:US07814531B2

    公开(公告)日:2010-10-12

    申请号:US11478987

    申请日:2006-06-30

    申请人: Hormuzd Khosravi Karanvir Grewal Ahuva Kroiser Avigdor Eldar

    发明人: Hormuzd Khosravi Karanvir Grewal Ahuva Kroiser Avigdor Eldar

    IPC分类号: H04L9/00 H04L12/22

    CPC分类号: H04L63/102 H04L61/2015 H04L63/0227 H04L63/101 H04L63/12

    摘要: A method and apparatus for detection of network environment to aid policy selection for network access control. An embodiment of a method includes receiving a request to connect a device to a network and, if a security policy is received for the connection of the device, applying the policy for the device. If a security policy for the connection of the device is not received, the domain of the device is determined by determining whether the device is in an enterprise domain and determining whether the device is in a network access control domain, which allows selection of an appropriate domain/environment specific policy.

    摘要翻译: 一种检测网络环境以帮助网络访问控制的策略选择的方法和装置。 一种方法的实施例包括接收将设备连接到网络的请求,并且如果接收到用于设备的连接的安全策略,则应用所述设备的策略。 如果没有接收到用于连接设备的安全策略,则通过确定设备是否在企业域中并确定设备是否在网络访问控制域中来确定设备的域,这允许选择适当的 域/环境特定策略。

    Detection of network environment
    2.
    发明申请
    Detection of network environment 有权
    检测网络环境

    公开(公告)号:US20080022355A1

    公开(公告)日:2008-01-24

    申请号:US11478987

    申请日:2006-06-30

    申请人: Hormuzd Khosravi Karanvir Grewal Ahuva Kroiser Avigdor Eldar

    发明人: Hormuzd Khosravi Karanvir Grewal Ahuva Kroiser Avigdor Eldar

    IPC分类号: H04L9/00

    CPC分类号: H04L63/102 H04L61/2015 H04L63/0227 H04L63/101 H04L63/12

    摘要: A method and apparatus for detection of network environment to aid policy selection for network access control. An embodiment of a method includes receiving a request to connect a device to a network and, if a security policy is received for the connection of the device, applying the policy for the device. If a security policy for the connection of the device is not received, the domain of the device is determined by determining whether the device is in an enterprise domain and determining whether the device is in a network access control domain, which allows selection of an appropriate domain/environment specific policy.

    摘要翻译: 一种用于检测网络环境以帮助网络访问控制的策略选择的方法和装置。 一种方法的实施例包括接收将设备连接到网络的请求,并且如果接收到用于设备的连接的安全策略,则应用所述设备的策略。 如果没有接收到用于连接设备的安全策略,则通过确定设备是否在企业域中并确定设备是否在网络访问控制域中来确定设备的域,这允许选择适当的 域/环境特定策略。

    Hierarchical trust based posture reporting and policy enforcement
    4.
    发明授权
    Hierarchical trust based posture reporting and policy enforcement 有权
    基于层次信任的姿势报告和策略执行

    公开(公告)号:US08555348B2

    公开(公告)日:2013-10-08

    申请号:US12714979

    申请日:2010-03-01

    申请人: Hormuzd Khosravi David Durham Karanvir Grewal

    发明人: Hormuzd Khosravi David Durham Karanvir Grewal

    IPC分类号: G06F17/30

    CPC分类号: H04L63/0227

    摘要: A method that includes initiating a network access request from an access requester on a platform that couples to a network, the network access request made to a policy decision point for the network. The method also includes establishing a secure communication channel over a communication link between the policy decision point and a policy enforcement point on the platform. Another secure communication channel is established over another communication link. The other communication link is between at least the policy enforcement point and a manageability engine resident on the platform. The manageability engine forwards posture information associated with the access requester via the other secure communication channel. The posture information is then forwarded to the policy decision point via the secure communication channel between the policy enforcement point and the policy decision point. The policy decision point indicates what access the access requester can obtain to the network based on a comparison of the posture information to one or more network administrative policies.

    摘要翻译: 一种方法,其包括从耦合到网络的平台上的访问请求者发起网络访问请求,所述网络访问请求发送到网络的策略决策点。 该方法还包括在策略决策点和平台上的策略执行点之间的通信链路上建立安全通信信道。 通过另一个通信链路建立另一个安全通信信道。 另一个通信链路至少在平台上驻留的策略执行点和可管理引擎之间。 可管理性引擎经由另一个安全通信信道转发与访问请求者相关联的姿势信息。 然后,姿势信息经由策略执行点和策略决策点之间的安全通信信道被转发到策略决策点。 策略决策点基于姿势信息与一个或多个网络管理策略的比较来指示访问请求者可以获得哪些访问到网络。

    Method and apparatus for multiple inclusion offsets for security protocols
    5.
    发明申请
    Method and apparatus for multiple inclusion offsets for security protocols 审中-公开
    用于安全协议的多重包含偏移的方法和装置

    公开(公告)号:US20080022388A1

    公开(公告)日:2008-01-24

    申请号:US11478986

    申请日:2006-06-30

    申请人: Karanvir Grewal David Durham Hormuzd Khosravi Men Long Prashant Dewan

    发明人: Karanvir Grewal David Durham Hormuzd Khosravi Men Long Prashant Dewan

    IPC分类号: G06F15/16

    CPC分类号: H04L63/105

    摘要: A method and apparatus to define multiple zones in a data packet for inclusion in processing by security operations of a security protocol. In one embodiment, each defined zone has an associated list of security operations to which the zone is subjected. In another embodiment, the list of security operations for a zone includes parameters to be passed when performing the security operations on the zone.

    摘要翻译: 一种在数据分组中定义多个区域以包括在安全协议的安全操作的处理中的方法和装置。 在一个实施例中,每个定义的区域具有该区域经受的安全操作的关联列表。 在另一个实施例中,区域的安全操作的列表包括在区域上执行安全操作时要传递的参数。

    Hierarchical Trust Based Posture Reporting and Policy Enforcement
    6.
    发明申请
    Hierarchical Trust Based Posture Reporting and Policy Enforcement 有权
    基于层次信任的姿势报告和策略执行

    公开(公告)号:US20100162356A1

    公开(公告)日:2010-06-24

    申请号:US12714979

    申请日:2010-03-01

    申请人: Hormuzd Khosravi David Durham Karanvir Grewal

    发明人: Hormuzd Khosravi David Durham Karanvir Grewal

    IPC分类号: G06F17/30

    CPC分类号: H04L63/0227

    摘要: A method that includes initiating a network access request from an access requester on a platform that couples to a network, the network access request made to a policy decision point for the network. The method also includes establishing a secure communication channel over a communication link between the policy decision point and a policy enforcement point on the platform. Another secure communication channel is established over another communication link. The other communication link is between at least the policy enforcement point and a manageability engine resident on the platform. The manageability engine forwards posture information associated with the access requester via the other secure communication channel. The posture information is then forwarded to the policy decision point via the secure communication channel between the policy enforcement point and the policy decision point. The policy decision point indicates what access the access requester can obtain to the network based on a comparison of the posture information to one or more network administrative policies.

    摘要翻译: 一种方法,其包括从耦合到网络的平台上的访问请求者发起网络访问请求,所述网络访问请求发送到网络的策略决策点。 该方法还包括在策略决策点和平台上的策略执行点之间的通信链路上建立安全通信信道。 通过另一个通信链路建立另一个安全通信信道。 另一个通信链路至少在平台上驻留的策略执行点和可管理引擎之间。 可管理性引擎经由另一个安全通信信道转发与访问请求者相关联的姿势信息。 然后,姿势信息经由策略执行点和策略决策点之间的安全通信信道被转发到策略决策点。 策略决策点基于姿势信息与一个或多个网络管理策略的比较来指示访问请求者可以获得哪些访问到网络。

    Platform posture and policy information exchange method and apparatus
    8.
    发明授权
    Platform posture and policy information exchange method and apparatus 有权
    平台姿势和政策信息交换方法和装置

    公开(公告)号:US08205238B2

    公开(公告)日:2012-06-19

    申请号:US11393486

    申请日:2006-03-30

    申请人: Uri Blumenthal Hormuzd Khosravi Karanvir Grewal

    发明人: Uri Blumenthal Hormuzd Khosravi Karanvir Grewal

    IPC分类号: H04L29/06

    CPC分类号: H04L63/0227 H04L63/101

    摘要: Transport agnostic, secure communication protocol for transmitting host platform posture information to the Network Access Control Server or PDP (Policy Decision Point) and for receiving policy information to be enforced on the trusted host platform and respective applications for data processing and communication are described herein.

    摘要翻译: 这里描述了用于将主机平台姿势信息发送到网络访问控制服务器或PDP(策略决策点)并且用于接收在可信主机平台上执行的策略信息和用于数据处理和通信的相应应用的传输不可知的安全通信协议。

    Hierarchical trust based posture reporting and policy enforcement
    9.
    发明授权
    Hierarchical trust based posture reporting and policy enforcement 有权
    基于层次信任的姿势报告和策略执行

    公开(公告)号:US07703126B2

    公开(公告)日:2010-04-20

    申请号:US11395504

    申请日:2006-03-31

    申请人: Hormuzd Khosravi David Durham Karanvir Grewal

    发明人: Hormuzd Khosravi David Durham Karanvir Grewal

    IPC分类号: G06F17/30

    CPC分类号: H04L63/0227

    摘要: A method that includes initiating a network access request from an access requester on a platform that couples to a network, the network access request made to a policy decision point for the network. The method also includes establishing a secure communication channel over a communication link between the policy decision point and a policy enforcement point on the platform. Another secure communication channel is established over another communication link. The other communication link is between at least the policy enforcement point and a manageability engine resident on the platform. The manageability engine forwards posture information associated with the access requester via the other secure communication channel. The posture information is then forwarded to the policy decision point via the secure communication channel between the policy enforcement point and the policy decision point. The policy decision point indicates what access the access requester can obtain to the network based on a comparison of the posture information to one or more network administrative policies.

    摘要翻译: 一种方法,其包括从耦合到网络的平台上的访问请求者发起网络访问请求,所述网络访问请求发送到网络的策略决策点。 该方法还包括在策略决策点和平台上的策略执行点之间的通信链路上建立安全通信信道。 通过另一个通信链路建立另一个安全通信信道。 另一个通信链路至少在平台上驻留的策略执行点和可管理引擎之间。 可管理性引擎经由另一个安全通信信道转发与访问请求者相关联的姿势信息。 然后,姿势信息经由策略执行点和策略决策点之间的安全通信信道被转发到策略决策点。 策略决策点基于姿势信息与一个或多个网络管理策略的比较来指示访问请求者可以获得哪些访问到网络。