公开(公告)号：US07784063B2

公开(公告)日：2010-08-24

申请号：US10867048

申请日：2004-06-14

申请人： John Worley ,  Daniel J. Magenheimer ,  Chris D. Hyser ,  Robert D. Gardner ,  Thomas W. Christian ,  Bret McKee ,  Christopher Worley ,  William S. Worley, Jr.

发明人： John Worley ,  Daniel J. Magenheimer ,  Chris D. Hyser ,  Robert D. Gardner ,  Thomas W. Christian ,  Bret McKee ,  Christopher Worley ,  William S. Worley, Jr.

IPC分类号： G06F9/44 ,  H04L29/06

CPC分类号： G06F21/52 ,  G06F11/3636 ,  G06F21/554 ,  G06F2221/2101

摘要： In various embodiments of the present invention, execution-state transitions occur in a first portion of a system, and a cumulative execution state for each process is maintained by a second portion of the system so that, when a second-portion routine is called, the second-portion routine can determine whether or not the current execution state is suitable for execution of the second-portion routine. In various embodiments, a callpoint log, allocated and maintained for each process, stores the cumulative execution state for the process. In one embodiment, the first portion is an operating system, and the second portion is a secure kernel, with the cumulative execution state used by the secure kernel to prevent unauthorized access by erroneously or maliciously invoked operating-system routines to secure kernel routines. In another embodiment, the cumulative execution state is used as a debugging tool by the second-portion routines to catch errors in the implementation of the first-portion routines.

摘要翻译： 在本发明的各种实施例中，执行状态转换发生在系统的第一部分中，并且由系统的第二部分维护每个进程的累积执行状态，使得当调用第二部分例程时， 第二部分例程可以确定当前执行状态是否适合执行第二部分例程。 在各种实施例中，为每个进程分配和维护的调用点日志存储该进程的累积执行状态。 在一个实施例中，第一部分是操作系统，并且第二部分是安全内核，其中安全内核使用累积执行状态来防止通过错误或恶意调用的操作系统例程来非法访问以保护内核例程。 在另一个实施例中，累积执行状态被第二部分例程用作调试工具，以捕获第一部分例程的实现中的错误。

公开(公告)号：US20050166208A1

公开(公告)日：2005-07-28

申请号：US10867048

申请日：2004-06-14

申请人： John Worley ,  Daniel Magenheimer ,  Chris Hyser ,  Robert Gardner ,  Thomas Christian ,  Bret McKee ,  Christopher Worley ,  William Worley

发明人： John Worley ,  Daniel Magenheimer ,  Chris Hyser ,  Robert Gardner ,  Thomas Christian ,  Bret McKee ,  Christopher Worley ,  William Worley

IPC分类号： G06F9/00 ,  G06F21/00

CPC分类号： G06F21/52 ,  G06F11/3636 ,  G06F21/554 ,  G06F2221/2101

摘要： In various embodiments of the present invention, execution-state transitions occur in a first portion of a system, and a cumulative execution state for each process is maintained by a second portion of the system so that, when a second-portion routine is called, the second-portion routine can determine whether or not the current execution state is suitable for execution of the second-portion routine. In various embodiments, a callpoint log, allocated and maintained for each process, stores the cumulative execution state for the process. In one embodiment, the first portion is an operating system, and the second portion is a secure kernel, with the cumulative execution state used by the secure kernel to prevent unauthorized access by erroneously or maliciously invoked operating-system routines to secure kernel routines. In another embodiment, the cumulative execution state is used as a debugging tool by the second-portion routines to catch errors in the implementation of the first-portion routines.

摘要翻译： 在本发明的各种实施例中，执行状态转换发生在系统的第一部分中，并且由系统的第二部分维护每个进程的累积执行状态，使得当调用第二部分例程时， 第二部分例程可以确定当前执行状态是否适合执行第二部分例程。 在各种实施例中，为每个进程分配和维护的调用点日志存储该进程的累积执行状态。 在一个实施例中，第一部分是操作系统，并且第二部分是安全内核，其中安全内核使用累积执行状态来防止通过错误或恶意调用的操作系统例程来非法访问以保护内核例程。 在另一个实施例中，累积执行状态被第二部分例程用作调试工具，以捕获第一部分例程的实现中的错误。

公开(公告)号：US08341727B2

公开(公告)日：2012-12-25

申请号：US12075600

申请日：2008-03-10

申请人： William S. Worley, Jr. ,  James Garnett ,  Christopher Worley ,  Matthew H. Gerlach

发明人： William S. Worley, Jr. ,  James Garnett ,  Christopher Worley ,  Matthew H. Gerlach

IPC分类号： G06F15/173

CPC分类号： H04L63/1458 ,  H04L63/02

摘要： Embodiments of the present invention include a variety of different integrated, multi-tiered methods and systems for preventing various types of attacks on computer systems, including denial-of-service attacks and SYN-flood attacks. Components of these integrated methods and systems include probabilistic packet droppers, packet-rate throttles, resource controls, automated firewalls, and efficient connection-state-information storage in memory resources and connection-state-information distribution in order to prevent draining of sufficient communications-related resources within a computer system to seriously degrade or disable electronics communications components within the computer system.

摘要翻译： 本发明的实施例包括用于防止对计算机系统的各种攻击的各种不同的集成的多层方法和系统，包括拒绝服务攻击和SYN洪泛攻击。 这些集成方法和系统的组件包括概率分组丢弃器，分组速率节流，资源控制，自动防火墙以及存储器资源中的有效连接状态信息存储和连接状态信息分发，以防止排出足够的通信 - 计算机系统内的相关资源，以严重降低或禁用计算机系统内的电子通信组件。

公开(公告)号：US20080256623A1

公开(公告)日：2008-10-16

申请号：US12075600

申请日：2008-03-10

申请人： William S. Worley ,  James Garnett ,  Christopher Worley ,  Matthew H. Gerlach

发明人： William S. Worley ,  James Garnett ,  Christopher Worley ,  Matthew H. Gerlach

IPC分类号： H04L9/00

CPC分类号： H04L63/1458 ,  H04L63/02

摘要： Embodiments of the present invention include a variety of different integrated, multi-tiered methods and systems for preventing various types of attacks on computer systems, including denial-of-service attacks and SYN-flood attacks. Components of these integrated methods and systems include probabilistic packet droppers, packet-rate throttles, resource controls, automated firewalls, and efficient connection-state-information storage in memory resources and connection-state-information distribution in order to prevent draining of sufficient communications-related resources within a computer system to seriously degrade or disable electronics communications components within the computer system.

摘要翻译： 本发明的实施例包括用于防止对计算机系统的各种攻击的各种不同的集成的多层方法和系统，包括拒绝服务攻击和SYN洪泛攻击。 这些集成方法和系统的组件包括概率分组丢弃器，分组速率节流，资源控制，自动防火墙以及存储器资源中的有效连接状态信息存储和连接状态信息分发，以防止排出足够的通信 - 计算机系统内的相关资源，以严重降低或禁用计算机系统内的电子通信组件。

公开(公告)号：US20120094625A1

公开(公告)日：2012-04-19

申请号：US12600025

申请日：2008-05-12

申请人： Christopher Worley ,  Kathryn Maureen Devoy

发明人： Christopher Worley ,  Kathryn Maureen Devoy

IPC分类号： H04B1/18 ,  H04B1/16

CPC分类号： H04W12/12 ,  H04W88/02

摘要： A method for detecting unauthorised radio communications devices, the method including the steps of filtering received radio frequency signals into desired signals having a frequency band characteristic of an unauthorised radio communications device and undesired signals having a different frequency band characteristic of an authorised radio communications device, comparing respective levels of the desired and undesired signals with respective predetermined threshold levels, and generating detection signals indicative of the presence of the unauthorised radio communications device only if the desired signals exceed their predetermined threshold level and the undesired signals do not exceed their predetermined threshold level, thereby passively discriminating between the authorised and unauthorised radio communications devices, and interference therebetween.

摘要翻译： 一种用于检测未经授权的无线电通信设备的方法，所述方法包括以下步骤：将接收到的射频信号滤波成具有未授权无线电通信设备的频带特性的期望信号和具有授权无线电通信设备的不同频带特性的不期望信号， 将期望信号和不期望信号的各个电平与相应的预定阈值电平进行比较，并且仅在所需信号超过其预定阈值电平并且不期望信号不超过其预定阈值电平时才产生指示未知无线电通信装置的存在的检测信号 ，从而被动地区分授权的和未授权的无线电通信设备以及它们之间的干扰。