公开(公告)号：US20120054368A1

公开(公告)日：2012-03-01

申请号：US12869506

申请日：2010-08-26

申请人： Jeremy Ray Brown ,  Jason Allen Sabin ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Lloyd Leon Burch ,  Stephen R Carter

发明人： Jeremy Ray Brown ,  Jason Allen Sabin ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Lloyd Leon Burch ,  Stephen R Carter

IPC分类号： G06F21/00 ,  G06F15/173

CPC分类号： H04L63/20 ,  G06F9/50 ,  G06F21/606 ,  H04L12/18 ,  H04L12/4641 ,  H04L41/0816 ,  H04L45/14 ,  H04L45/24 ,  H04L45/302

摘要： Techniques for identity and policy based routing are presented. A resource is initiated on a device with a resource identity and role assignments along with policies are obtained for the resource. A customized network is created for the resource using a device address for the device, the resource identity, the role assignments, and the policies.

摘要翻译： 介绍了基于身份和策略的路由技术。 资源在具有资源标识的设备上启动，并且为资源获取角色分配以及策略。 使用设备的设备地址，资源标识，角色分配和策略为资源创建自定义网络。

公开(公告)号：US08468268B2

公开(公告)日：2013-06-18

申请号：US12869506

申请日：2010-08-26

申请人： Jeremy Ray Brown ,  Jason Allen Sabin ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Lloyd Leon Burch ,  Stephen R Carter

发明人： Jeremy Ray Brown ,  Jason Allen Sabin ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Lloyd Leon Burch ,  Stephen R Carter

IPC分类号： G06F15/173

CPC分类号： H04L63/20 ,  G06F9/50 ,  G06F21/606 ,  H04L12/18 ,  H04L12/4641 ,  H04L41/0816 ,  H04L45/14 ,  H04L45/24 ,  H04L45/302

摘要： Techniques for identity and policy based routing are presented. A resource is initiated on a device with a resource identity and role assignments along with policies are obtained for the resource. A customized network is created for the resource using a device address for the device, the resource identity, the role assignments, and the policies.

公开(公告)号：US08639926B2

公开(公告)日：2014-01-28

申请号：US12915816

申请日：2010-10-29

申请人： Jeremy Ray Brown ,  Jason Allen Sabin ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Lloyd Leon Burch

发明人： Jeremy Ray Brown ,  Jason Allen Sabin ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Lloyd Leon Burch

IPC分类号： H04L29/06

CPC分类号： G06F21/31 ,  G06F2221/2103 ,  H04L9/3234 ,  H04L2209/80 ,  H04W12/06

摘要： A user authenticates a mobile device (MD) to a network-based service (NBS) for initial authentication. Policy is pushed from the NBS to the MD and the MD automatically obtains details about devices and attributes that are near or accessible to the MD in accordance with the policy. The details are pushed as a packet from the MD to the NBS and multifactor authentication is performed based on the details and the policy. If the multifactor authentication is successful, access privileges are set for the MD for accessing the NBS and perhaps for accessing local resources of the MD.

摘要翻译： 用户将基于网络的服务（NBS）的移动设备（MD）认证用于初始认证。 策略从NBS推送到MD，MD根据策略自动获取MD附近或可访问的设备和属性的详细信息。 详细信息作为数据包从MD推送到NBS，并根据详细信息和策略执行多因素身份验证。 如果多因素身份验证成功，则为MD访问NBS并可能访问MD的本地资源设置访问权限。

公开(公告)号：US20120271936A1

公开(公告)日：2012-10-25

申请号：US13090949

申请日：2011-04-20

申请人： Lloyd Leon Burch ,  Jeremy Ray Brown ,  Jason Allen Sabin ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Michael Fairbanks ,  Michael John Jorgensen ,  Thomas Larry Biggs

发明人： Lloyd Leon Burch ,  Jeremy Ray Brown ,  Jason Allen Sabin ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Michael Fairbanks ,  Michael John Jorgensen ,  Thomas Larry Biggs

IPC分类号： G06F15/173

CPC分类号： H04L43/04 ,  H04L63/1408

摘要： Techniques for auditing and controlling network services are provided. A proxy is interposed between a principal and a network service. Interactions between the principal and the service pass through the proxy. The proxy selectively raises events and evaluates policy based on the interactions for purposes of auditing and controlling the network service.

摘要翻译： 提供了审计和控制网络服务的技术。 一个代理插入一个主体和一个网络服务之间。 主体和服务之间的交互通过代理。 代理选择性地引发事件并基于交互来评估策略，以便审计和控制网络服务。

公开(公告)号：US20120084844A1

公开(公告)日：2012-04-05

申请号：US12895047

申请日：2010-09-30

申请人： Jeremy Ray Brown ,  Jason Allen Sabin ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Lloyd Leon Burch ,  Douglas Garry Earl

发明人： Jeremy Ray Brown ,  Jason Allen Sabin ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Lloyd Leon Burch ,  Douglas Garry Earl

IPC分类号： G06F21/00

CPC分类号： G06F21/34 ,  G06F2221/2131

摘要： Techniques for federated credential reset are presented. A principal requests a credential reset with a first service. The first service provides a link to a third party service previously selected by the principal. The principal separately authenticates to the third party service and cause the third party service to send a federated token to the first service. When the federated token is received by the first service, the first service permits the principal to reset an original credential to a new credential for purposes of accessing the first service.

摘要翻译： 介绍了联合凭证复位技术。 委托人要求使用第一个服务重置凭据。 第一个服务提供一个链接到以前由主体选择的第三方服务。 主体分别对第三方服务进行身份验证，并使第三方服务向第一个服务发送联合令牌。 当联合令牌由第一服务接收时，为了访问第一服务，第一服务允许主体将原始证书重置为新证书。

公开(公告)号：US20120311344A1

公开(公告)日：2012-12-06

申请号：US13149097

申请日：2011-05-31

申请人： Jason Allen Sabin ,  Michael John Jorgensen ,  Lloyd Leon Burch ,  Jeremy Ray Brown ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Michael Fairbanks ,  Matthew Holt

发明人： Jason Allen Sabin ,  Michael John Jorgensen ,  Lloyd Leon Burch ,  Jeremy Ray Brown ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Michael Fairbanks ,  Matthew Holt

IPC分类号： G06F9/455 ,  G06F12/14

CPC分类号： G06F21/602 ,  G06F9/45533 ,  G06F9/45558 ,  G06F2009/45587

摘要： Techniques for security auditing of cloud resources are provided. A virtual machine (VM) is captured and isolated when a session indicates that a session with the VM has terminated. Security checks are executed against the VM in the isolated environment. Results from the security checks are then reported.

摘要翻译： 提供云资源安全审计技术。 当会话指示与VM的会话已终止时，将捕获并隔离虚拟机（VM）。 在隔离环境中对VM执行安全检查。 然后报告安全检查的结果。

公开(公告)号：US20110313982A1

公开(公告)日：2011-12-22

申请号：US13220366

申请日：2011-08-29

申请人： Nathaniel Brent Kranendonk ,  Jason Allen Sabin ,  Lloyd Leon Burch ,  Jeremy Ray Brown ,  Kal A. Larsen ,  Michael John Jorgensen

发明人： Nathaniel Brent Kranendonk ,  Jason Allen Sabin ,  Lloyd Leon Burch ,  Jeremy Ray Brown ,  Kal A. Larsen ,  Michael John Jorgensen

IPC分类号： G06F7/00

CPC分类号： G06F9/45533 ,  G06F9/455 ,  G06F17/30067 ,  G06F17/3012 ,  G06F17/30129 ,  G06F17/30174 ,  G06F17/30179 ,  G06F2009/45562 ,  G06F2009/45583

摘要： File mapping and converting for dynamic disk personalization for multiple platforms are provided. A volatile file operation is detected in a first platform. The file supported by the first platform. A determination is made that the file is sharable with a second platform. The volatile operation is performed on the file in the first platform and the modified file is converted to a second file supported by the second platform. The modified file and second file are stored in a personalized disk for a user. The personalized disk is used to modify base images for VMs of the user when the user accesses the first platform or second platform. The modified file is available within the first platform and the second file is available within the second platform.

摘要翻译： 提供了多平台的动态磁盘个性化文件映射和转换。 在第一平台中检测到易失性文件操作。 第一个平台支持的文件。 确定该文件可与第二平台共享。 对第一平台中的文件执行易失性操作，并且将修改的文件转换为由第二平台支持的第二文件。 修改后的文件和第二个文件存储在用户的个性化磁盘中。 当用户访问第一平台或第二平台时，个性化磁盘用于修改用户的虚拟机的基本映像。 修改后的文件在第一平台内可用，第二个文件在第二个平台内可用。

公开(公告)号：US08949832B2

公开(公告)日：2015-02-03

申请号：US13220034

申请日：2011-08-29

申请人： Jeremy Ray Brown ,  Jason Allen Sabin ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Lloyd Leon Burch ,  Matthew Holt ,  Michael John Jorgensen ,  Michael Fairbanks ,  Chad Buttars

发明人： Jeremy Ray Brown ,  Jason Allen Sabin ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Lloyd Leon Burch ,  Matthew Holt ,  Michael John Jorgensen ,  Michael Fairbanks ,  Chad Buttars

IPC分类号： G06F9/46 ,  G06F11/30 ,  G06F11/34

CPC分类号： H04L43/04 ,  G06F11/3006 ,  G06F11/301 ,  G06F11/302 ,  G06F11/3055 ,  G06F11/3093 ,  G06F11/3409 ,  H04L51/08

摘要： Techniques for toxic workload mapping are provided. A state of a target workload is recorded along with a configuration and state of an environment that is processing the workload. Micro valuations are taken, via statistical sampling, for metrics associated with the workload and for different combinations of resources within the environment. The sampling taken at micro second intervals. The valuations are aggregated to form an index representing a toxic mapping for the workload within the environment. The toxic mapping is mined, in view of policy, to provide conditions and scenarios that may be deemed problematic within the workload and/or environment.

摘要翻译： 提供了有毒工作负载映射技术。 记录目标工作负载的状态以及处理工作负载的环境的配置和状态。 通过统计抽样，对与工作量和环境中资源的不同组合相关的度量进行微观评估。 以微秒间隔进行采样。 估值被聚合形成一个索引，代表环境中工作负载的有毒映射。 鉴于政策，开采了毒性地图，以提供在工作负载和/或环境中可能被认为有问题的条件和场景。

公开(公告)号：US08583788B2

公开(公告)日：2013-11-12

申请号：US13090949

申请日：2011-04-20

申请人： Lloyd Leon Burch ,  Jeremy Ray Brown ,  Jason Allen Sabin ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Michael Fairbanks ,  Michael John Jorgensen ,  Thomas Larry Biggs

发明人： Lloyd Leon Burch ,  Jeremy Ray Brown ,  Jason Allen Sabin ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Michael Fairbanks ,  Michael John Jorgensen ,  Thomas Larry Biggs

IPC分类号： G06F15/173

CPC分类号： H04L43/04 ,  H04L63/1408

摘要： Techniques for auditing and controlling network services are provided. A proxy is interposed between a principal and a network service. Interactions between the principal and the service pass through the proxy. The proxy selectively raises events and evaluates policy based on the interactions for purposes of auditing and controlling the network service.

公开(公告)号：US09619262B2

公开(公告)日：2017-04-11

申请号：US13149097

申请日：2011-05-31

申请人： Jason Allen Sabin ,  Michael John Jorgensen ,  Lloyd Leon Burch ,  Jeremy Ray Brown ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Michael Fairbanks ,  Matthew Holt

发明人： Jason Allen Sabin ,  Michael John Jorgensen ,  Lloyd Leon Burch ,  Jeremy Ray Brown ,  Nathaniel Brent Kranendonk ,  Kal A. Larsen ,  Michael Fairbanks ,  Matthew Holt

IPC分类号： G06F9/455 ,  G06F21/62 ,  H04L9/14 ,  H04L9/00

CPC分类号： G06F21/602 ,  G06F9/45533 ,  G06F9/45558 ,  G06F2009/45587

摘要： Techniques for security auditing of cloud resources are provided. A virtual machine (VM) is captured and isolated when a session indicates that a session with the VM has terminated. Security checks are executed against the VM in the isolated environment. Results from the security checks are then reported.