System for protecting security of a provisionable network
    1.
    发明授权
    System for protecting security of a provisionable network 有权
    用于保护可配置网络安全的系统

    公开(公告)号:US08533828B2

    公开(公告)日:2013-09-10

    申请号:US10349385

    申请日:2003-01-21

    IPC分类号: H04L29/06

    摘要: Disclosed is a system for protecting security of a provisionable network, comprising: a network server, a network client communicatively coupled with the server, a pool of resources coupled with the server for employment by the client, a resource management system for managing the resources, and an intrusion detection system enabled to detect and respond to an intrusion in said network.

    摘要翻译: 公开了一种用于保护可配置网络的安全性的系统,包括:网络服务器,与服务器通信地耦合的网络客户端,与服务器耦合的资源池,供客户使用;资源管理系统,用于管理资源; 以及能够检测和响应所述网络中的入侵的入侵检测系统。

    Integrated intrusion detection system and method
    2.
    发明授权
    Integrated intrusion detection system and method 失效
    综合入侵检测系统及方法

    公开(公告)号:US07712133B2

    公开(公告)日:2010-05-04

    申请号:US10600113

    申请日:2003-06-20

    CPC分类号: G06F21/554

    摘要: A present invention integrated intrusion detection method integrates intrusion detection information. In one embodiment, intrusion detection information is gathered from a plurality of different types of intrusion detection sensors. The information is processed in a manner that provides a consolidated correlation of the information. A response is assigned to the information and the response is implemented.

    摘要翻译: 本发明综合入侵检测方法集入入侵检测信息。 在一个实施例中,从多个不同类型的入侵检测传感器收集入侵检测信息。 以提供信息的综合相关性的方式处理信息。 响应被分配给信息,并且响应被实现。

    Method of managing utilization of network intrusion detection systems in a dynamic data center
    3.
    发明授权
    Method of managing utilization of network intrusion detection systems in a dynamic data center 有权
    管理动态数据中心网络入侵检测系统利用的方法

    公开(公告)号:US08296847B2

    公开(公告)日:2012-10-23

    申请号:US10627017

    申请日:2003-07-25

    IPC分类号: G06F7/04

    摘要: A method of managing utilization of network intrusion detection systems in a dynamic data center is provided. A plurality of network intrusion detection systems are provided, each being networked so that utilization of each network intrusion detection system can be based on demand for the network intrusion detection systems in the dynamic data center. A monitoring policy and a plurality of monitoring points to be monitored on a network with any of the network intrusion detection systems are received. Further, the monitoring of the monitoring points is automatically arranged using the network intrusion detection systems and the monitoring policy.

    摘要翻译: 提供了一种在动态数据中心中管理网络入侵检测系统的利用的方法。 提供了多个网络入侵检测系统,每个网络入侵检测系统被联网,使得每个网络入侵检测系统的利用可以基于对动态数据中心中的网络入侵检测系统的需求。 接收监视策略和多个监视点,以便在任何一个网络入侵检测系统的网络上监控。 此外,使用网络入侵检测系统和监控策略自动布置监控点的监控。

    Method of managing utilization of network intrusion detection systems in a dynamic data center
    4.
    发明申请
    Method of managing utilization of network intrusion detection systems in a dynamic data center 有权
    管理动态数据中心网络入侵检测系统利用的方法

    公开(公告)号:US20050022022A1

    公开(公告)日:2005-01-27

    申请号:US10627017

    申请日:2003-07-25

    摘要: A method of managing utilization of network intrusion detection systems in a dynamic data center is provided. A plurality of network intrusion detection systems are provided, each being networked so that utilization of each network intrusion detection system can be based on demand for the network intrusion detection systems in the dynamic data center. A monitoring policy and a plurality of monitoring points to be monitored on a network with any of the network intrusion detection systems are received. Further, the monitoring of the monitoring points is automatically arranged using the network intrusion detection systems and the monitoring policy.

    摘要翻译: 提供了一种在动态数据中心中管理网络入侵检测系统的利用的方法。 提供了多个网络入侵检测系统,每个网络入侵检测系统被联网,使得每个网络入侵检测系统的利用可以基于对动态数据中心中的网络入侵检测系统的需求。 接收监视策略和多个监视点,以便在任何一个网络入侵检测系统的网络上监控。 此外,使用网络入侵检测系统和监控策略自动布置监控点的监控。

    Method and apparatus for automatic and secure distribution of a symmetric key security credential in a utility computing environment
    5.
    发明授权
    Method and apparatus for automatic and secure distribution of a symmetric key security credential in a utility computing environment 有权
    用于在公用计算环境中自动和安全地分发对称密钥安全凭证的方法和装置

    公开(公告)号:US07822982B2

    公开(公告)日:2010-10-26

    申请号:US11154798

    申请日:2005-06-16

    申请人: Amit Raikar

    发明人: Amit Raikar

    IPC分类号: H04L9/32

    CPC分类号: H04L63/062 H04L63/08

    摘要: Embodiments of the invention provide a method and an apparatus for automatic, secure, and confidential distribution of a symmetric key security credential in a utility computing environment. In one method embodiment, the present invention establishes a symmetric key at a management server, the symmetric key automatically associated with a logical device identifier of a provisionable resource. Additionally, an isolated virtual network is established between the management server and the provisionable resource for providing the symmetric key to the provisionable resource. Then, after the symmetric key is provided to the provisionable resource the isolated virtual network between the management server and the provisionable resource is dissolved.

    摘要翻译: 本发明的实施例提供了一种用于在公用计算环境中自动,安全和机密地分发对称密钥安全凭证的方法和装置。 在一个方法实施例中,本发明在管理服务器上建立对称密钥,对称密钥与可供应资源的逻辑设备标识符自动相关联。 此外,在管理服务器和可供应资源之间建立隔离的虚拟网络,用于向可供应资源提供对称密钥。 然后,在将对称密钥提供给可供应资源之后,解除管理服务器和可供应资源之间的隔离虚拟网络。

    Method and system for establishing a consistent password policy
    6.
    发明申请
    Method and system for establishing a consistent password policy 有权
    建立一致的密码策略的方法和系统

    公开(公告)号:US20050114673A1

    公开(公告)日:2005-05-26

    申请号:US10723119

    申请日:2003-11-25

    IPC分类号: G06F21/00 H04L29/06 H04K1/00

    摘要: Methods and systems for establishing a consistent password policy. A plurality of password policies is described in a computer usable password policy data structure. The computer usable password policy data structure is accessed by a password policy enforcement agent. Optionally, the computer usable password policy data structure is validated for authenticity by the password policy enforcement agent. Optionally, the password policy enforcement agent can report back to a centralized configuration and aggregation point repository in order to provide a consistent view of policy enforcement.

    摘要翻译: 建立一致的密码策略的方法和系统。 在计算机可用密码策略数据结构中描述了多个密码策略。 计算机可用密码策略数据结构由密码策略执行代理访问。 可选地,计算机可用密码策略数据结构由密码策略执行代理验证为真实性。 或者,密码策略执行代理可以报告回集中式配置和聚合点存储库,以提供一致的策略实施视图。

    Method and apparatus for detecting and responding to email based propagation of malicious software in a trusted network
    7.
    发明授权
    Method and apparatus for detecting and responding to email based propagation of malicious software in a trusted network 有权
    用于检测和响应可信网络中恶意软件的基于邮件的传播的方法和装置

    公开(公告)号:US07636944B2

    公开(公告)日:2009-12-22

    申请号:US11262436

    申请日:2005-10-28

    申请人: Amit Raikar

    发明人: Amit Raikar

    IPC分类号: G06F11/00 H04L9/00

    摘要: Embodiments of the invention provide a method and an apparatus for detecting and responding to email based propagation of malicious software (malware) in a trusted network. One embodiment provides a detector decoy email account to serve as generic bait for malicious software for a domain within the trusted network. In addition, at least one email account for the domain within the trusted network is provided as a detector probe account. In so doing, when the detector decoy email account receives an email from the detector probe account within the trusted network a policy based infection response rule is generated.

    摘要翻译: 本发明的实施例提供了一种用于检测和响应可信网络中的恶意软件(恶意软件)的基于邮件的传播的方法和装置。 一个实施例提供了一种检测器诱饵电子邮件帐户,用作可信网络内的域的恶意软件的通用诱饵。 另外,作为检测器探测器帐户,提供至少一个可信网络内的域的电子邮件帐户。 这样做时,当检测器诱饵电子邮件帐户从可信网络内的检测器探针帐户接收到电子邮件时,生成基于策略的感染响应规则。

    Secure method and apparatus for enabling the provisioning of a shared service in a utility computing environment
    8.
    发明申请
    Secure method and apparatus for enabling the provisioning of a shared service in a utility computing environment 有权
    用于实现在公用计算环境中提供共享服务的安全方法和装置

    公开(公告)号:US20070097998A1

    公开(公告)日:2007-05-03

    申请号:US11262434

    申请日:2005-10-28

    申请人: Amit Raikar

    发明人: Amit Raikar

    IPC分类号: H04L12/56

    CPC分类号: H04L63/0272 H04L12/467

    摘要: Embodiments of the invention provide a secure method for enabling the provisioning of a shared service in a utility computing environment. One embodiment establishes an account primary virtual local area network (VLAN) for at least one account in a utility computing environment. Then, a request is received from a service provider to provide a shared service to the at least one account. An isolated VLAN is established for each shared service being provisioned in the context of the account primary VLAN and a promiscuous port is provided for the service provider. A selection option is then provided to allow the at least one server to utilize the shared service provided by the service provider. An isolated port is then configured for the at least one server on an isolated VLAN between the at least one server that chooses to utilize the shared service, and the shared service.

    摘要翻译: 本发明的实施例提供了一种用于在公用计算环境中实现共享服务的供应的安全方法。 一个实施例为公用计算环境中的至少一个帐户建立帐户主虚拟局域网(VLAN)。 然后,从服务提供商接收到向至少一个帐户提供共享服务的请求。 为在帐户主VLAN的上下文中提供的每个共享服务建立隔离VLAN,并为服务提供商提供混杂端口。 然后提供选择选项以允许至少一个服务器利用由服务提供商提供的共享服务。 然后,为选择使用共享服务的至少一个服务器和共享服务之间的隔离VLAN上的至少一个服务器配置隔离端口。

    Port mapperintegrity checker to improve security of a provisionable network
    9.
    发明申请
    Port mapperintegrity checker to improve security of a provisionable network 有权
    端口映射器整合检查器,以提高可配置网络的安全性

    公开(公告)号:US20050033986A1

    公开(公告)日:2005-02-10

    申请号:US10637172

    申请日:2003-08-07

    IPC分类号: H04L9/00 H04L29/06

    CPC分类号: H04L63/123

    摘要: A method for verifying port integrity in a network, comprising: accessing port binding information in a port authorization file in the network, querying a port mapper in the network for a mapped port assignment, comparing the port assignment to the port binding, and initiating a response based on the results of the comparing.

    摘要翻译: 一种用于验证网络中的端口完整性的方法,包括:访问网络中的端口授权文件中的端口绑定信息,在网络中查询映射端口分配的端口映射器,将端口分配与端口绑定进行比较,以及启动端口绑定 基于比较结果的反应。

    Method and system for establishing a consistent password policy
    10.
    发明授权
    Method and system for establishing a consistent password policy 有权
    建立一致的密码策略的方法和系统

    公开(公告)号:US07849320B2

    公开(公告)日:2010-12-07

    申请号:US10723119

    申请日:2003-11-25

    IPC分类号: G06F21/00 H04L29/06

    摘要: Methods and systems for establishing a consistent password policy. A plurality of password policies is described in a computer usable password policy data structure. The computer usable password policy data structure is accessed by a password policy enforcement agent. Optionally, the computer usable password policy data structure is validated for authenticity by the password policy enforcement agent. Optionally, the password policy enforcement agent can report back to a centralized configuration and aggregation point repository in order to provide a consistent view of policy enforcement.

    摘要翻译: 建立一致的密码策略的方法和系统。 在计算机可用密码策略数据结构中描述了多个密码策略。 计算机可用密码策略数据结构由密码策略执行代理访问。 可选地,计算机可用密码策略数据结构由密码策略执行代理验证为真实性。 或者,密码策略执行代理可以报告回集中式配置和聚合点存储库,以提供一致的策略实施视图。