公开(公告)号：US10791538B1

公开(公告)日：2020-09-29

申请号：US13543052

申请日：2012-07-06

申请人： Suman Saraf ,  David P. Reese, Jr. ,  Harvinder Singh Sawhney ,  Shashi Kant Sharma

发明人： Suman Saraf ,  David P. Reese, Jr. ,  Harvinder Singh Sawhney ,  Shashi Kant Sharma

IPC分类号： H04W68/00

摘要： Embodiments of the present invention are directed to cloud-based data synchronization. Two or more devices associated with an account in a cloud can be synched. The account is configured to manage publishing and subscription relationships between these devices such that a first device is able to publish data to the account in the cloud, and a second device is able to subscribe to the data from the account. In some embodiments, the account is configured to determine whether the second device has proper dependencies for subscribing to the data, and to prevent the second device from subscribing to the data upon determining that the second device does not have proper dependencies. However, in some embodiments, proper dependencies are automatically satisfied by downloading and installing a tool configured to properly process the data (e.g., execute applications) on the second device.

公开(公告)号：US10089093B1

公开(公告)日：2018-10-02

申请号：US13479086

申请日：2012-05-23

申请人： Suman Saraf ,  Harvinder Singh Sawhney ,  Sharad Agrawal ,  Ambreesh Bangur ,  David P. Reese, Jr.

发明人： Suman Saraf ,  Harvinder Singh Sawhney ,  Sharad Agrawal ,  Ambreesh Bangur ,  David P. Reese, Jr.

IPC分类号： G06F9/44 ,  G06F9/445 ,  G06F8/61 ,  G06F8/60 ,  G06F8/65

摘要： Embodiments of the present invention are directed toward apparatuses, systems and methods of switching operating systems. The present invention includes a multi-OS runtime with virtualization technology, which allows applications developed for different operating systems to execute simultaneously, side-by-side, on the same computing device. The computing device typically includes a host operating system and at least one guest operating system. An application, which is disguised as a host operating system specific application on the host operating system, is configured to be installed and executed within the guest operating system. Host operating system based policies can be set for the application. The application can be launched from the host operating system, the guest operating system or both. The computing device allows for the ability to switch between different operating systems via a soft button, a hard button, or based on a configuration of the computing device, or a combination thereof.

公开(公告)号：US08925101B2

公开(公告)日：2014-12-30

申请号：US12844892

申请日：2010-07-28

申请人： Rishi Bhargava ,  David P. Reese, Jr.

发明人： Rishi Bhargava ,  David P. Reese, Jr.

IPC分类号： G06F11/30 ,  G06F12/14 ,  G06F17/30 ,  G06F21/60 ,  G06F21/55 ,  H04L29/06 ,  G06F21/56 ,  G06F21/54

CPC分类号： H04L63/145 ,  G06F21/53 ,  G06F21/54 ,  G06F21/554 ,  G06F21/566 ,  G06F21/604 ,  G06F21/606 ,  G06F2221/2101 ,  G06F2221/2115 ,  G06F2221/2141 ,  H04L63/10 ,  H04L63/1416

摘要： A method in one example implementation includes intercepting a network access attempt on a computing device and determining a software program file associated with the network access attempt. The method also includes evaluating a first criterion to determine whether the network access attempt is permitted and blocking the network access attempt if it is not permitted. The first criterion includes a trust status of the software program file. In specific embodiments, the trust status is defined as trusted if the software program file is included in a whitelist of trustworthy program files and untrusted if the software program file is not included in a whitelist. In more specific embodiments, the method includes blocking the network access attempt if the software program file has an untrusted status. In further embodiments, an event is logged if the software program file associated with the network access attempt has an untrusted status.

摘要翻译： 一个示例实现中的方法包括拦截计算设备上的网络访问尝试并且确定与网络访问尝试相关联的软件程序文件。 该方法还包括评估第一准则以确定是否允许网络访问尝试，如果不允许，则阻止网络访问尝试。 第一个标准包括软件程序文件的信任状态。 在具体实施例中，如果软件程序文件被包括在可信程序文件的白名单中，则信任状态被定义为可信状态，并且如果软件程序文件不包括在白名单中则不信任。 在更具体的实施例中，如果软件程序文件具有不可信状态，该方法包括阻止网络访问尝试。 在另外的实施例中，如果与网络访问尝试相关联的软件程序文件具有不可信状态，则记录事件。

公开(公告)号：US08549003B1

公开(公告)日：2013-10-01

申请号：US12880125

申请日：2010-09-12

申请人： Rishi Bhargava ,  David P. Reese, Jr.

发明人： Rishi Bhargava ,  David P. Reese, Jr.

IPC分类号： G06F17/30

CPC分类号： G06F17/30705 ,  G06F17/30017 ,  H04L41/0893

摘要： A method in one example implementation includes obtaining a plurality of host file inventories corresponding respectively to a plurality of hosts, calculating input data using the plurality of host file inventories, and then providing the input data to a clustering procedure to group the plurality of hosts into one or more clusters of hosts. The method further includes each cluster of hosts being grouped using predetermined similarity criteria. In more specific embodiments, each of the host file inventories includes a set of one or more file identifiers with each file identifier representing a different executable software file on a corresponding one of the plurality of hosts. In other more specific embodiments, calculating the input data includes transforming the host file inventories into a matrix of keyword vectors in Euclidean space. In further embodiments, calculating the input data includes transforming the host file inventories into a similarity matrix.

摘要翻译： 一个示例实现中的方法包括获得分别对应于多个主机的多个主机文件库存，使用多个主机文件库存计算输入数据，然后将输入数据提供给聚类程序以将多个主机分组成 一个或多个主机群集。 该方法还包括使用预定的相似性标准分组的每个主机群。 在更具体的实施例中，每个主机文件库存包括一组一个或多个文件标识符，其中每个文件标识符表示多个主机中对应的一个上的不同的可执行软件文件。 在其他更具体的实施例中，计算输入数据包括将主文件库存变换为欧几里得空间中的关键词向量矩阵。 在另外的实施例中，计算输入数据包括将主机文件库存变换为相似性矩阵。

公开(公告)号：US09424154B2

公开(公告)日：2016-08-23

申请号：US12291232

申请日：2008-11-07

申请人： Rishi Bhargava ,  David P. Reese, Jr.

发明人： Rishi Bhargava ,  David P. Reese, Jr.

IPC分类号： G06F7/04 ,  G06F11/30 ,  G06F9/455

CPC分类号： G06F11/3006 ,  G06F9/45558 ,  G06F11/3051 ,  G06F2009/45591

摘要： A system for and method of system state analysis of a computational system. The method is comprised of capturing selective state information of a computational system configured to operated with one or more guest machines running on a virtual machine layer and configured to output state information. The state information is then analyzed to for compliance checking. The system for system state analysis is comprised of a storage system, computation hardware configured to run the guest machines and the virtual machine layer, guest machines, a virtual machine layer configured to output guest machine state information, a system state snapshot server configured to control the virtual machine layer for the capture of state information.

公开(公告)号：US09075993B2

公开(公告)日：2015-07-07

申请号：US13012138

申请日：2011-01-24

申请人： Rishi Bhargava ,  David P. Reese, Jr.

发明人： Rishi Bhargava ,  David P. Reese, Jr.

IPC分类号： G06F21/56 ,  G06F17/30 ,  H04L29/06

CPC分类号： G06F17/30598 ,  G06F17/30 ,  G06F17/30091 ,  G06F17/30144 ,  G06F17/30876 ,  G06F21/56 ,  H04L63/1433 ,  H04L63/145 ,  H04L67/1097

摘要： A method in one embodiment includes determining a frequency range corresponding to a subset of a plurality of program files on a plurality of hosts in a network environment. The method also includes generating a first set of counts including a first count that represents an aggregate amount of program files in a first grouping of one or more program files of the subset, where each of the one or more program files of the first grouping includes a first value of a primary attribute. In specific embodiments, each program file is unknown. In further embodiments, the primary attribute is one of a plurality of file attributes provided in file metadata. Other specific embodiments include either blocking or allowing execution of each of the program files of the first grouping. More specific embodiments include determining a unique identifier corresponding to at least one program file of the first grouping.

摘要翻译： 一个实施例中的方法包括确定与网络环境中的多个主机上的多个节目文件的子集相对应的频率范围。 该方法还包括生成第一组计数，其包括第一计数，第一计数表示在该子集的一个或多个程序文件的第一分组中的程序文​​件的总量，其中第一组的一个或多个程序文件中的每一个包括 主属性的第一个值。 在具体实施例中，每个程序文件是未知的。 在另外的实施例中，主属性是文件元数据中提供的多个文件属性之一。 其他具体实施例包括阻止或允许执行第一组的每个节目文件。 更具体的实施例包括确定对应于第一分组的至少一个节目文件的唯一标识符。

公开(公告)号：US08938800B2

公开(公告)日：2015-01-20

申请号：US12844964

申请日：2010-07-28

申请人： Rishi Bhargava ,  David P. Reese, Jr.

发明人： Rishi Bhargava ,  David P. Reese, Jr.

IPC分类号： G06F21/00 ,  H04L29/06

CPC分类号： H04L63/20 ,  H04L63/02 ,  H04L63/10 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/164 ,  H04L2463/144

摘要： A method in one example implementation includes receiving information related to a network access attempt on a first computing device with the information identifying a software program file associated with the network access attempt. The method also includes evaluating a first criterion to determine whether network traffic associated with the software program file is permitted and then creating a restriction rule to block the network traffic if the network traffic is not permitted. The first criterion includes a trust status of the software program file. In specific embodiments, the method includes pushing the restriction rule to a network protection device that intercepts the network traffic associated with the software program file and applies the restriction rule to the network traffic. In more specific embodiments, the method includes searching a whitelist identifying trustworthy software program files to determine the trust status of the software program file.

摘要翻译： 一个示例实现中的方法包括：接收与第一计算设备上的网络访问尝试相关的信息，其中所述信息标识与网络访问尝试相关联的软件程序文件。 该方法还包括评估第一准则以确定是否允许与软件程序文件相关联的网络流量，然后创建限制规则以在不允许网络流量的情况下阻止网络流量。 第一个标准包括软件程序文件的信任状态。 在具体实施例中，该方法包括将限制规则推送到网络保护设备，该网络保护设备拦截与该软件程序文件相关联的网络流量，并将限制规则应用于网络业务。 在更具体的实施例中，该方法包括搜索白名单来识别可信软件程序文件以确定软件程序文件的信任状态。