-
1.发明申请Systems and Methods for Controlling the Number of Connections Established with a Server 有权用于控制与服务器建立的连接数量的系统和方法公开(公告)号:US20070088826A1
公开(公告)日:2007-04-19
申请号:US11554933
申请日:2006-10-31
申请人: Jose Raphel , Kailash Kailash , Michel Susai
发明人: Jose Raphel , Kailash Kailash , Michel Susai
IPC分类号: G06F15/173
CPC分类号: H04L67/2819 , H04L47/10 , H04L47/263 , H04L67/28 , H04L69/24
摘要: A method for maximizing server throughput while avoiding overload of a server is presented. The method involves intercepting, via an interface unit, a client request for information from the server. Next, the interface unit determines the current server performance, where the server performance is based on the number of connections opened to the server, the response time of the server and the rate at which the response time is changing. Finally, the interface unit forwards the client request to the server if the current server performance is close to an optimal performance, whereby avoiding overload of the server.
摘要翻译: 提出了一种最大化服务器吞吐量同时避免服务器过载的方法。 该方法涉及通过接口单元截取来自服务器的客户端信息请求。 接下来,接口单元确定当前服务器性能,其中服务器性能基于对服务器打开的连接数,服务器的响应时间和响应时间改变的速率。 最后,如果当前服务器性能接近最佳性能,接口单元将客户端请求转发到服务器,从而避免服务器过载。
-
2.发明授权公开(公告)号:US08869259B1
公开(公告)日:2014-10-21
申请号:US13111753
申请日:2011-05-19
申请人: Sivaprasad Udupa , Narinder Paul , Jose Raphel , Kailash Kailash
发明人: Sivaprasad Udupa , Narinder Paul , Jose Raphel , Kailash Kailash
IPC分类号: H04L29/06
CPC分类号: H04L63/1483 , H04L63/0823 , H04L63/20
摘要: A cloud based system that facilitates inspection of secure content and inexpensively detects the presence of a Man-in-the-Middle attack in a client-server communication is disclosed. Through inspection of the server certificate, no Man-in-the-Middle attack between server and the system is ensured; through inspection and designation of the client certificate, absence of a Man-in-the-Middle attack between the cloud based system and the client is ensured. In this way, the cloud based system can perform its usual policy enforcement functions with respect to secure content while avoiding Man-in-the-Middle attacks.
摘要翻译: 公开了一种基于云的系统,其便于检查安全内容并且廉价地检测客户端 - 服务器通信中的中间人攻击的存在。 通过检查服务器证书,确保服务器与系统之间无中间人的攻击; 通过检查和指定客户端证书,确保了基于云的系统和客户端之间的中间人中的攻击。 以这种方式,基于云的系统可以在安全内容方面执行其通常的策略执行功能,同时避免中间人攻击。
-
公开(公告)号:US08607066B1
公开(公告)日:2013-12-10
申请号:US12185539
申请日:2008-08-04
申请人: Kailash Kailash , Robert L. Voit , Jose Raphel
发明人: Kailash Kailash , Robert L. Voit , Jose Raphel
CPC分类号: G06F21/564 , G06F21/554 , G06F21/56 , H04L63/1441
摘要: Systems, methods and apparatus for a content item inspection. A plurality of portions of a content item are received in a buffer, the buffer divided into a plurality of segments. A partial signature of the content item is computed using the received portions of the content item in a most recently received segment and a partial signature computed for a preceding segment. The computed partial signature is compared against a plurality of partial signatures associated with trustworthy content items. If a matching partial signature associated with a trustworthy content item is found for the computed partial signature, the most recently received segment is allowed to be transmitted to a device that requested the content item.
摘要翻译: 用于内容项目检查的系统,方法和装置。 内容项目的多个部分被接收在缓冲器中,缓冲器被分成多个段。 使用最近接收到的段中的内容项的接收部分和针对前一段计算的部分签名来计算内容项的部分签名。 将所计算的部分签名与与可信赖内容项相关联的多个部分签名进行比较。 如果针对所计算的部分签名找到与可信任内容项目相关联的匹配部分签名,则允许最近接收到的片段被发送到请求内容项目的设备。
-
公开(公告)号:US08458786B1
公开(公告)日:2013-06-04
申请号:US12856425
申请日:2010-08-13
申请人: Kailash Kailash , Jose Raphel , Srikanth Devarajan
发明人: Kailash Kailash , Jose Raphel , Srikanth Devarajan
CPC分类号: H04L63/0272
摘要: Systems, methods and apparatus for tunneling in a cloud based security system. In an aspect, tunnel session data describing authentication and unauthenticated sessions, and location data describing tunnel identifiers for tunnels, locations, and security policies specific to the locations are accessed. Tunnel packets are received, and for each tunnel packet it is determined, from the tunnel identifier associated with the packet, whether a session entry in the session data exists for the tunnel identified by the tunnel identifier. In response to determining that a session entry does not exist in the session data, then a session entry is created for the tunnel identifier, an authentication process to determine a location to be associated with the session entry is performed, and an entry in the location data for the location is associated with the session entry.
摘要翻译: 用于基于云的安全系统中隧道的系统,方法和装置。 在一方面,访问描述认证和未认证会话的隧道会话数据以及描述隧道,位置和特定于该位置的安全策略的隧道标识符的位置数据。 接收隧道分组,并且对于每个隧道分组,根据与分组相关联的隧道标识,确定是否存在由隧道标识符标识的隧道的会话数据中的会话条目。 响应于确定在会话数据中不存在会话条目,则为隧道标识符创建会话条目,执行用于确定与会话条目相关联的位置的认证过程,以及位置中的条目 该位置的数据与会话条目相关联。
-
公开(公告)号:US08010526B1
公开(公告)日:2011-08-30
申请号:US12182428
申请日:2008-07-30
申请人: Kailash Kailash , Jose Raphel
发明人: Kailash Kailash , Jose Raphel
IPC分类号: G06F7/00
CPC分类号: G06F7/22
摘要: In one general aspect, entity instances are monitored during a first interval, each entity instance being one of several types of entity instances. A first ranked list of entity instances is determined from the entity instances monitored during the first interval. The types of entity instances are ranked in the first list according to the number of times each type of entity instance occurred during the first interval and the first ranked list has a first cardinality of types of entity instances. Entity instances are monitored during a second interval. A second ranked list of entity instances is determined. The second ranked list has the first cardinality of types of entity instances. The first ranked list and the second ranked list are merged into a third ranked list of entities instances. The third ranked list has a second cardinality that is less than or equal to the first cardinality.
摘要翻译: 在一个一般方面,在第一间隔期间监视实体实例,每个实体实例是几种类型的实体实例之一。 实体实例的排名列表是从第一个间隔期间监控的实体实例确定的。 实体实例的类型根据在第一间隔期间发生的每种类型的实体实例的次数排列在第一列表中,并且第一排名列表具有实体实例的类型的第一基数。 在第二个时间间隔内监视实体实例。 确定实体实例的第二排名列表。 第二个排名的列表具有实体实例类型的第一个基数。 排名第一的排名和排名第二的排名列表被合并到实体实例的排名第三的列表中。 排名第三的名单的第二个基数小于或等于第一个基数。
-
公开(公告)号:US08806201B2
公开(公告)日:2014-08-12
申请号:US12179377
申请日:2008-07-24
CPC分类号: H04L9/3234 , H04L9/3297 , H04L61/1523 , H04L63/0442 , H04L63/068 , H04L63/0807 , H04L63/102 , H04L67/02 , H04L2209/60 , H04L2463/121
摘要: Systems, methods and apparatus for a distributed security that provides authentication and authorization management. The system can include an epoch processor that is used to validate authentication and authorization data that is valid only for an epoch. The epoch processor can maintain a public key that can be used to decrypt the authentication and authorization data during the epoch that the key is valid. The epoch processor can receive a new public key during each epoch. The epoch processor can also determine if the authentication or authorization data was fraudulently generated based on the contents of the data, and verifying whether the data is valid for the epoch in which it was decrypted.
摘要翻译: 用于提供认证和授权管理的分布式安全性的系统,方法和设备。 该系统可以包括用于验证仅对于时代有效的认证和授权数据的历元处理器。 纪元处理器可以维护公钥,该密钥可用于在密钥有效的时期期间解密认证和授权数据。 时代处理器可以在每个时期接收新的公钥。 时标处理器还可以基于数据的内容来确定认证或授权数据是否被欺诈地生成,并且验证数据是否对于其被解密的时期有效。
-
公开(公告)号:US08656462B2
公开(公告)日:2014-02-18
申请号:US12179403
申请日:2008-07-24
IPC分类号: G06F7/04
CPC分类号: H04L63/08 , H04L63/166 , H04L63/20
摘要: Systems, methods and apparatus for a distributed security that provides authentication and authorization management. The system can include a state manager that is used to identify and maintain the source associated with a client browser that submits requests to the state manager. The state manager can allow requests that are authorized and request authorization for requests that are not. The state manager can maintain the states associated with each domain to reduce the number of transaction needed to authenticate and/or authorize subsequent requests to the same domain or to different domains.
摘要翻译: 用于提供认证和授权管理的分布式安全性的系统,方法和设备。 该系统可以包括状态管理器,其用于识别和维护与向国家管理器提交请求的客户端浏览器相关联的源。 状态管理器可以允许被授权的请求,并请求不是请求的请求。 状态管理器可以维护与每个域相关联的状态,以减少对同一域或不同域进行认证和/或授权后续请求所需的事务数量。
-
公开(公告)号:US08549581B1
公开(公告)日:2013-10-01
申请号:US12128506
申请日:2008-05-28
申请人: Kailash Kailash , Jose Raphel
发明人: Kailash Kailash , Jose Raphel
IPC分类号: G06F7/04
CPC分类号: H04L63/1441 , G06F21/56 , G06F21/6218 , H04L63/0209
摘要: Guard tables including absence information are used in a security system to limit the processing of negative queries. A key corresponding to a request to access a network resource is hashed and the output of the hash is a bit position in a guard table. The bit value at the bit position in the guard table is checked to determine if the information to which the key corresponds is absent from a datastore. Further processing of the request can be based on the indicated presence or absence information.
摘要翻译: 包括缺席信息在内的保护表在安全系统中用于限制负查询的处理。 对应于访问网络资源的请求的密钥被散列,并且散列的输出是保护表中的位置。 检查保护表中位位置处的位值,以确定密钥对应的信息是否不在数据存储区中。 请求的进一步处理可以基于指示的存在或不存在信息。
-
公开(公告)号:US08341415B1
公开(公告)日:2012-12-25
申请号:US12185481
申请日:2008-08-04
IPC分类号: H04L9/32
CPC分类号: G06F21/554 , G06F21/60 , H04L9/3239 , H04L2209/38
摘要: Methods, systems, and apparatus, including computer program products, for generating or using augmentation queries. In one aspect, a set of phrase terms of a phrase are received in first ordinal positions, and a set of first hashes for each of the phrase terms. Concatenated hashes from the set of first hashes are generated. Hashes of content terms for received content are compared to the concatenated hashes to determine if a phrase is detected in the content.
摘要翻译: 用于生成或使用增强查询的方法,系统和装置,包括计算机程序产品。 在一个方面,短语的一组短语术语被接收在第一顺序位置,以及用于每个短语项的一组第一散列。 生成从第一个散列集合中连接的哈希值。 将收到的内容的内容词汇的哈希值与连接的哈希进行比较,以确定在内容中是否检测到短语。
-
公开(公告)号:US08205264B1
公开(公告)日:2012-06-19
申请号:US12554873
申请日:2009-09-04
申请人: Kailash Kailash , Jose Raphel , Sriram Natarajan
发明人: Kailash Kailash , Jose Raphel , Sriram Natarajan
IPC分类号: H04L29/06
CPC分类号: H04L67/02
摘要: A method for automated evaluation of a SPAM filter rates a sender-receiver pair based on traffic information related to the sender-receiver pair. A SPAM filter intercepts electronic messages transmitted between the sender-receiver pair and classifies them as either SPAM or HAM. On comparing the rating for the sender-receiver pair and the classification for an electronic message between the sender-receiver pair, the method generates a metric indicating the reliability of the spam filter. Repeating these steps for more than one electronic messages and related sender-receiver pairs, the method produces a set of metrics. One or more of the metrics from the set of metrics are used to calculate an evaluation factor for evaluating the SPAM filter.
摘要翻译: 用于SPAM滤波器的自动评估的方法基于与发送器 - 接收器对相关的交通信息来对发送器 - 接收器对进行评估。 SPAM滤波器拦截在发送器 - 接收器对之间传输的电子消息,并将它们分类为SPAM或HAM。 在比较收件人对的评级和收件人对之间的电子消息的分类时,该方法将生成指示垃圾邮件过滤器可靠性的指标。 对于多个电子消息和相关的发送者 - 接收者对重复这些步骤,该方法产生一组度量。 来自该组度量的一个或多个指标用于计算用于评估SPAM滤波器的评估因子。
-
-
-
-
-
-
-
-
-
搜索结果
27 条记录 (耗时 0.035 秒)
