公开(公告)号：US08230222B2

公开(公告)日：2012-07-24

申请号：US11465824

申请日：2006-08-21

申请人： Massimiliano Celli ,  Luca Ferri ,  Luigi Pichetti ,  Marco Secchi ,  Marcello Velati

发明人： Massimiliano Celli ,  Luca Ferri ,  Luigi Pichetti ,  Marco Secchi ,  Marcello Velati

IPC分类号： H04L29/00

CPC分类号： H04L9/0825 ,  G06F21/125 ,  H04L9/083

摘要： A software distribution method (300) with security add-on is proposed. Particularly, any software package to be deployed to selected target endpoints is encrypted (312-315) with a symmetric key (generated dynamically). The symmetric key is in turn encrypted (318-321) with a public key of each target endpoint. A multi-segment software package (embedding the encrypted software package and the encrypted symmetric keys) is then deployed (324-336, 360) to all the target endpoints. In this way, each target endpoint can decrypt (343-348) the encrypted symmetric key with a corresponding private key; it is then possible to decrypt (363-366) the encrypted software package with the symmetric key so obtained. As a result, the endpoint is able to apply (369) the decrypted software package. Therefore, the application of the software package can be restricted to the desired target endpoints only.

摘要翻译： 提出了一种具有安全附件的软件分发方法（300）。 特别地，要部署到所选目标端点的任何软件包都使用对称密钥（动态生成）进行加密（312-315）。 对称密钥依次用每个目标端点的公钥加密（318-321）。 然后将多段软件包（嵌入加密的软件包和加密的对称密钥）部署到所有目标端点（324-336,360）。 以这种方式，每个目标端点可以使用相应的私钥来解密（343-348）加密的对称密钥; 然后可以用如此获得的对称密钥来解密（363-366）加密的软件包。 因此，端点能够应用（369）解密的软件包。 因此，软件包的应用可以仅限于期望的目标端点。

公开(公告)号：US20070047735A1

公开(公告)日：2007-03-01

申请号：US11465824

申请日：2006-08-21

申请人： Massimiliano Celli ,  Luca Ferri ,  Luigi Pichetti ,  Marco Secchi ,  Marcello Velati

发明人： Massimiliano Celli ,  Luca Ferri ,  Luigi Pichetti ,  Marco Secchi ,  Marcello Velati

IPC分类号： H04L9/30

CPC分类号： H04L9/0825 ,  G06F21/125 ,  H04L9/083

摘要： A software distribution method (300) with security add-on is proposed. Particularly, any software package to be deployed to selected target endpoints is encrypted (312-315) with a symmetric key (generated dynamically). The symmetric key is in turn encrypted (318-321) with a public key of each target endpoint. A multi-segment software package (embedding the encrypted software package and the encrypted symmetric keys) is then deployed (324-336, 360) to all the target endpoints. In this way, each target endpoint can decrypt (343-348) the encrypted symmetric key with a corresponding private key; it is then possible to decrypt (363-366) the encrypted software package with the symmetric key so obtained. As a result, the endpoint is able to apply (369) the decrypted software package. Therefore, the application of the software package can be restricted to the desired target endpoints only.

摘要翻译： 提出了一种具有安全附件的软件分发方法（300）。 特别地，要部署到所选目标端点的任何软件包都使用对称密钥（动态生成）进行加密（312 - 315）。 对称密钥依次用每个目标端点的公钥加密（318 - 321）。 然后将多段软件包（嵌入加密的软件包和加密的对称密钥）部署到所有目标端点（324 - 336,360）。 以这种方式，每个目标端点可以使用相应的私钥对加密的对称密钥进行解密（343-348）。 那么可以用如此获得的对称密钥来解密（363-366）加密的软件包。 因此，端点能够应用（369）解密的软件包。 因此，软件包的应用可以仅限于期望的目标端点。

公开(公告)号：US20100192224A1

公开(公告)日：2010-07-29

申请号：US12359457

申请日：2009-01-26

申请人： Luca Ferri ,  Luigi Pichetti ,  Marco Secchi ,  Antonio Secomandi

发明人： Luca Ferri ,  Luigi Pichetti ,  Marco Secchi ,  Antonio Secomandi

IPC分类号： G06F3/048 ,  G06F21/00

CPC分类号： G06F21/53

摘要： Browsing the World Wide Web may expose a user's system to malicious attacks that can lead to data loss and/or system failure. Sometimes a user desires to access information on a web page that may contain malicious content. For example, a college student researching computer hacking may need information provided on a hacking website even though the site is potentially dangerous. Although techniques are employed to install potentially harmful executable files into a sandbox (e.g., virtual machine), these techniques do not address navigation of harmful sites. Functionality can be implemented to instantiate a web browser within a controlled virtual environment (“sandbox”) that simulates the host system while restricting the virtual environment to designated space(s) and/or resources of the host system to prevent harmful effects. Instantiating the web browser in the sandbox allows web navigation of risky web sites without deleterious effects on the host system.

摘要翻译： 浏览万维网可能会将用户的系统暴露于可能导致数据丢失和/或系统故障的恶意攻击。 有时用户希望访问可能包含恶意内容的网页上的信息。 例如，一名研究计算机黑客的大学生可能需要在黑客网站上提供的信息，即使该网站有潜在危险。 尽管采用了将潜在有害可执行文件安装到沙箱（例如，虚拟机）中的技术，但是这些技术并不涉及有害场所的导航。 可以实现功能性来实例化模拟主机系统的受控虚拟环境（“沙箱”）内的Web浏览器，同时将虚拟环境限制到主机系统的指定空间和/或资源以防止有害影响。 将沙箱中的Web浏览器实例化可以让网页浏览有风险的网站，而不会对主机系统产生有害影响。

公开(公告)号：US08788808B2

公开(公告)日：2014-07-22

申请号：US13477854

申请日：2012-05-22

申请人： Luca Ferri ,  Luigi Pichetti

发明人： Luca Ferri ,  Luigi Pichetti

IPC分类号： H04L9/00

CPC分类号： G06F21/51 ,  G06F21/64 ,  G06F2221/2115

摘要： A method and a corresponding system for authenticating software products are proposed. A digital certificate and a corresponding private key required to sign each product are stored on a server computer. Whenever a user needs to sign a product, he/she logs on a client computer and transmits a corresponding request to the server computer. The server computer verifies whether the request has been received from an authorized subject; for example, an address of the client computer and an identifier of the user are compared with a predefined list. If the result of the verification is positive, the product is signed and returned to the client computer. For this purpose, a script called on the server computer includes either an instruction passing the access password to a signing tool as a parameter or an instruction causing the signing tool to import the access password from a registry of the server computer.

摘要翻译： 提出了一种用于认证软件产品的方法和相应的系统。 签署每个产品所需的数字证书和相应的私钥存储在服务器计算机上。 每当用户需要签署产品时，他/她登录客户端计算机并将相应的请求发送到服务器计算机。 服务器计算机验证是否已经从授权主体接收到请求; 例如，将客户端计算机的地址和用户的标识符与预定义的列表进行比较。 如果验证结果为正，则将产品签名并返回给客户端计算机。 为此，在服务器计算机上调用的脚本包括将访问密码传递给签名工具的指令作为参数，或者使得签名工具从服务器计算机的注册表导入访问密码的指令。

公开(公告)号：US08219801B2

公开(公告)日：2012-07-10

申请号：US10718064

申请日：2003-11-20

申请人： Luca Ferri ,  Luigi Pichetti

发明人： Luca Ferri ,  Luigi Pichetti

IPC分类号： H04L9/00

CPC分类号： G06F21/51 ,  G06F21/64 ,  G06F2221/2115

摘要： A method and a corresponding system for authenticating software products are proposed. A digital certificate (260) and a corresponding private key (265) required to sign each product are stored on a server computer. Whenever a user needs to sign a product, he/she logs on a client computer and transmits a corresponding request to the server computer. The server computer verifies whether the request has been received from an authorized subject; for example, an address of the client computer and an identifier of the user are compared with a predefined list (245). If the result of the verification is positive, the product is signed and returned to the client computer. For this purpose, a script (250) called on the server computer includes either an instruction passing the access password to a signing tool (255) as a parameter or an instruction causing the signing tool (255) to import the access password from a registry of the server computer.

摘要翻译： 提出了一种用于认证软件产品的方法和相应的系统。 数字证书（260）和对每个产品签名所需的对应私钥（265）存储在服务器计算机上。 每当用户需要签署产品时，他/她登录客户端计算机并将相应的请求发送到服务器计算机。 服务器计算机验证是否已经从授权主体接收到请求; 例如，将客户端计算机的地址和用户的标识符与预定义列表（245）进行比较。 如果验证结果为正，则将产品签名并返回给客户端计算机。 为此，在服务器计算机上调用的脚本（250）包括将访问密码传递给签名工具（255）的指令作为参数或导致签名工具（255）从注册表导入访问密码的指令 的服务器计算机。

公开(公告)号：US20120278612A1

公开(公告)日：2012-11-01

申请号：US13477854

申请日：2012-05-22

申请人： Luca Ferri ,  Luigi Pichetti

发明人： Luca Ferri ,  Luigi Pichetti

IPC分类号： G06F21/20

CPC分类号： G06F21/51 ,  G06F21/64 ,  G06F2221/2115

摘要： A method and a corresponding system for authenticating software products are proposed. A digital certificate and a corresponding private key required to sign each product are stored on a server computer. Whenever a user needs to sign a product, he/she logs on a client computer and transmits a corresponding request to the server computer. The server computer verifies whether the request has been received from an authorized subject; for example, an address of the client computer and an identifier of the user are compared with a predefined list. If the result of the verification is positive, the product is signed and returned to the client computer. For this purpose, a script called on the server computer includes either an instruction passing the access password to a signing tool as a parameter or an instruction causing the signing tool to import the access password from a registry of the server computer.

摘要翻译： 提出了一种用于认证软件产品的方法和相应的系统。 签署每个产品所需的数字证书和相应的私钥存储在服务器计算机上。 每当用户需要签署产品时，他/她登录客户端计算机并将相应的请求发送到服务器计算机。 服务器计算机验证是否已经从授权主体接收到请求; 例如，将客户端计算机的地址和用户的标识符与预定义的列表进行比较。 如果验证结果为正，则将产品签名并返回给客户端计算机。 为此，在服务器计算机上调用的脚本包括将访问密码传递给签名工具的指令作为参数，或者使得签名工具从服务器计算机的注册表导入访问密码的指令。

公开(公告)号：US07120901B2

公开(公告)日：2006-10-10

申请号：US10235599

申请日：2002-09-05

申请人： Luca Ferri ,  Luigi Pichetti ,  Rosario Gangemi

发明人： Luca Ferri ,  Luigi Pichetti ,  Rosario Gangemi

IPC分类号： G06F9/44 ,  G06F11/00

CPC分类号： G06F11/3636

摘要： A method and system for tracing the failing or successful execution of nested functions coded with return codes in a thread during its execution. The method comprises an ENTRY and EXIT trace macro to mark the beginning and the end of execution of the function, a TRACE macro to record messages and program variable values, and a QUIT macro marking the failing execution of the corresponding function. Using a Graphical User Interface, an interactive trace analyzer reads the trace file and displays the tree structure of the nested functions and marks, by using different colors, the success or failure of each of them. The trace analyzer utilities help the user to quickly identify the error in the source code corresponding to a function with a failing execution.

摘要翻译： 用于跟踪在执行期间线程中返回代码编码的嵌套函数的失败或成功执行的方法和系统。 该方法包括一个ENTRY和EXIT跟踪宏，用于标记函数的执行的开始和结束，用于记录消息和程序变量值的TRACE宏，以及标记相应功能的失败执行的QUIT宏。 使用图形用户界面，交互式跟踪分析器通过使用不同的颜色，读取跟踪文件并显示嵌套函数和标记的树结构，每个的成功或失败。 跟踪分析器实用程序帮助用户快速识别与执行失败的函数对应的源代码中的错误。

公开(公告)号：US08442961B2

公开(公告)日：2013-05-14

申请号：US12480871

申请日：2009-06-09

申请人： Luca Ferri ,  Luigi Massa

发明人： Luca Ferri ,  Luigi Massa

IPC分类号： G06F17/30

CPC分类号： G06F17/30884

摘要： A solution is proposed for facilitating accessing resources of a data processing system with distributed architecture by a data processing entity of the system (with each resource that is accessible via a corresponding address). A set of bookmarks are provided for corresponding resources. Each bookmark is associated with a stored address of the corresponding resource—for accessing the corresponding resource in response to a selection of the bookmark. In the solution according to an embodiment of the invention, a signature identifying the corresponding resource is associated with each bookmark. Each bookmark is updated by verifying accessibility of the resource at the stored address matches the signature. The resource matching the signature is then located via a search engine in response to the non-accessibility of the resource. It is then possible to replace the stored address with a new address of the located resource.

摘要翻译： 提出了一种解决方案，用于通过系统的数据处理实体（具有可经由相应地址访问的每个资源）来促进利用分布式架构访问数据处理系统的资源。 为相应的资源提供了一组书签。 每个书签与相应资源的存储地址相关联 - 用于响应于书签的选择来访问对应的资源。 在根据本发明的实施例的解决方案中，识别相应资源的签名与每个书签相关联。 通过验证存储的地址上的资源的可访问性来匹配签名来更新每个书签。 然后，通过搜索引擎来匹配该签名的资源，以响应资源的不可访问性。 然后可以用存储的资源的新地址替换存储的地址。

公开(公告)号：US07047499B2

公开(公告)日：2006-05-16

申请号：US10142617

申请日：2002-05-09

申请人： Luca Ferri

发明人： Luca Ferri

IPC分类号： G06F3/00

CPC分类号： G06F3/0483

摘要： A method and system for controlling a tabbed pane (305) in a graphical user interface of a data processing system. The tabbed pane consists of several overlying panels (230) resembling a stack of pieces of paper lying on top of one another, with only the topmost panel that is visible to a user; a selection tab (235) is attached to each panel. When the number of the tabs is high, they are organised into two or more alignments. In the tabbed pane of the invention, the alignments are arranged along different edges of the visible panel. Therefore, the tabs are distributed along the border of the visible panel, so that each time a tab is selected by the user the corresponding panel is popped up and made visible without affecting the position of the other tabs.

摘要翻译： 一种用于控制数据处理系统的图形用户界面中的标签窗格（305）的方法和系统。 标签窗格由几个覆盖的面板（230）组成，其类似于位于彼此顶部的纸张堆叠，只有用户可以看到的最上面的面板; 选择标签（235）附接到每个面板。 当选项卡的数量很高时，它们被组织成两个或更多个对齐。 在本发明的标签式窗格中，对准沿着可见面板的不同边缘布置。 因此，标签沿着可见面板的边界分布，使得每次由用户选择标签时，相应的面板弹出并使其可见而不影响其他标签的位置。

公开(公告)号：US20090307221A1

公开(公告)日：2009-12-10

申请号：US12480871

申请日：2009-06-09

申请人： Luca Ferri ,  Luigi Massa

发明人： Luca Ferri ,  Luigi Massa

IPC分类号： G06F17/30

CPC分类号： G06F17/30884

摘要： A solution is proposed for facilitating accessing resources of a data processing system with distributed architecture by a data processing entity of the system (with each resource that is accessible via a corresponding address). A set of bookmarks are provided for corresponding resources. Each bookmark is associated with a stored address of the corresponding resource—for accessing the corresponding resource in response to a selection of the bookmark. In the solution according to an embodiment of the invention, a signature identifying the corresponding resource is associated with each bookmark. Each bookmark is updated by verifying accessibility of the resource at the stored address matches the signature. The resource matching the signature is then located via a search engine in response to the non-accessibility of the resource. It is then possible to replace the stored address with a new address of the located resource.

摘要翻译： 提出了一种解决方案，用于通过系统的数据处理实体（具有可经由相应地址访问的每个资源）来促进利用分布式架构访问数据处理系统的资源。 为相应的资源提供了一组书签。 每个书签与相应资源的存储地址相关联 - 用于响应于书签的选择来访问对应的资源。 在根据本发明的实施例的解决方案中，识别相应资源的签名与每个书签相关联。 通过验证存储的地址上的资源的可访问性来匹配签名来更新每个书签。 然后，通过搜索引擎来匹配该签名的资源，以响应资源的不可访问性。 然后可以用存储的资源的新地址替换存储的地址。