公开(公告)号：US08490201B2

公开(公告)日：2013-07-16

申请号：US12748186

申请日：2010-03-26

申请人： Tarek Bahaa El-Din Mahmoud Kamel ,  Yordan I. Rouskov ,  David J. Steeves ,  Rammohan Nagasubramani ,  Pui-Yin Winfred Wong ,  WeiQiang Michael Guo ,  Vikas Rajvanshy ,  Orville C. McDonald ,  Sean Christian Wohlgemuth ,  Vikrant Minhas

发明人： Tarek Bahaa El-Din Mahmoud Kamel ,  Yordan I. Rouskov ,  David J. Steeves ,  Rammohan Nagasubramani ,  Pui-Yin Winfred Wong ,  WeiQiang Michael Guo ,  Vikas Rajvanshy ,  Orville C. McDonald ,  Sean Christian Wohlgemuth ,  Vikrant Minhas

IPC分类号： G06F7/04

CPC分类号： G06F21/34 ,  G06F21/45 ,  G06F2221/2129 ,  G06F2221/2131 ,  H04L63/20

摘要： One or more strong proofs are maintained as associated with an account of a user. In response to a request to change a security setting of the account, an attempt is made to confirm the request by using one of the one or more strong proofs to notify the user. The change is permitted if the request is confirmed via one or more of the strong proofs, and otherwise the change to the security setting of the account is kept unchanged.

摘要翻译： 与用户的帐户相关联地维护一个或多个强证明。 响应于更改帐户的安全设置的请求，尝试通过使用一个或多个强证明中的一个来通知用户来确认该请求。 如果通过一个或多个强有力证明来确认请求，则允许进行更改，否则对帐户的安全设置的更改保持不变。

公开(公告)号：US20110214173A1

公开(公告)日：2011-09-01

申请号：US12748186

申请日：2010-03-26

申请人： Tarek Bahaa El-Din Mahmoud Kamel ,  Yordan I. Rouskov ,  David J. Steeves ,  Rammohan Nagasubramani ,  Pui-Yin Winfred Wong ,  WeiQiang Michael Guo ,  Vikas Rajvanshy ,  Orville C. McDonald ,  Sean Christian Wohlgemuth

发明人： Tarek Bahaa El-Din Mahmoud Kamel ,  Yordan I. Rouskov ,  David J. Steeves ,  Rammohan Nagasubramani ,  Pui-Yin Winfred Wong ,  WeiQiang Michael Guo ,  Vikas Rajvanshy ,  Orville C. McDonald ,  Sean Christian Wohlgemuth

IPC分类号： G06F15/16 ,  G06F17/30

CPC分类号： G06F21/34 ,  G06F21/45 ,  G06F2221/2129 ,  G06F2221/2131 ,  H04L63/20

摘要： One or more strong proofs are maintained as associated with an account of a user. In response to a request to change a security setting of the account, an attempt is made to confirm the request by using one of the one or more strong proofs to notify the user. The change is permitted if the request is confirmed via one or more of the strong proofs, and otherwise the change to the security setting of the account is kept unchanged.

摘要翻译： 与用户的帐户相关联地维护一个或多个强证明。 响应于更改帐户的安全设置的请求，尝试通过使用一个或多个强证明中的一个来通知用户来确认该请求。 如果通过一个或多个强有力证明来确认请求，则允许进行更改，否则对帐户的安全设置的更改保持不变。

公开(公告)号：US08667581B2

公开(公告)日：2014-03-04

申请号：US11422937

申请日：2006-06-08

申请人： David J. Steeves ,  Gregory D. Hartrell

发明人： David J. Steeves ,  Gregory D. Hartrell

IPC分类号： G06F11/00

CPC分类号： H04L63/1441 ,  G06F21/56 ,  G06F21/566 ,  G06F2221/2123 ,  H04L63/1408 ,  H04L63/1491

摘要： A method and system for detecting and stopping malware propagation using false resource entries is provided. A detection system uses trap door entries that are intentionally inserted into resource location stores to detect resource misuse. A “trap door” is a false resource that can be monitored by the detection system. The detection system monitors trapdoor entries that have been intentionally inserted into resource location stores, and looks for signs of use. The detection system can then determine whether a detected use of a trap door entry is a misuse of the trap door entry, and upon declaring a misuse of the trap door entry, the detection system can appropriately respond to the misuse.

摘要翻译： 提供了一种使用虚假资源条目来检测和停止恶意软件传播的方法和系统。 检测系统使用有意插入到资源位置存储中的陷阱门条来检测资源滥用。 “陷阱门”是可以由检测系统监控的虚假资源。 检测系统监视有意插入到资源位置存储中的陷门条目，并查找使用符号。 检测系统然后可以确定检测到的陷阱门入口的使用是否是陷阱门进入的滥用，并且在声明陷阱门进入被误用时，检测系统可以适当地应对误用。

公开(公告)号：US20100299518A1

公开(公告)日：2010-11-25

申请号：US12468948

申请日：2009-05-20

申请人： Rajesh Viswanathan ,  David J. Steeves

发明人： Rajesh Viswanathan ,  David J. Steeves

IPC分类号： H04L29/06 ,  H04L9/00

CPC分类号： H04L63/0435 ,  H04L9/083 ,  H04L63/0281 ,  H04L63/0485 ,  H04L63/0853 ,  H04L2209/76

摘要： As provided herein, when using an untrusted network connection, a secure online environment can be created for a remote machine by connecting to a trusted computer with a trusted network connection. A proxy server is installed on a first computing device and shared encryption keys are generated for the first device and a portable storage device. A connection is initiated between a second computing device (e.g., remote device), connected to an untrusted network, and the first computing device, comprising initiating a proxy server protocol from the portable storage device (e.g., attached to the second device), using the second computing device. A secure connection between the first and second devices is created using the encryption keys.

摘要翻译： 如本文所提供的，当使用不可信网络连接时，可以通过连接到具有可信网络连接的可信计算机来为远程机器创建安全在线环境。 代理服务器安装在第一计算设备上，并为第一设备和便携式存储设备生成共享加密密钥。 在连接到不可信网络的第二计算设备（例如，远程设备）和第一计算设备之间启动连接，包括从便携式存储设备（例如，附接到第二设备）发起代理服务器协议，使用 第二计算设备。 使用加密密钥创建第一和第二设备之间的安全连接。

公开(公告)号：US20100192230A1

公开(公告)日：2010-07-29

申请号：US12359215

申请日：2009-01-23

申请人： David J. Steeves ,  Kim Cameron ,  Todd L. Carpenter ,  David Foster ,  Quentin S. Miller ,  Gregory D. Hartrell

发明人： David J. Steeves ,  Kim Cameron ,  Todd L. Carpenter ,  David Foster ,  Quentin S. Miller ,  Gregory D. Hartrell

IPC分类号： H04L9/00

CPC分类号： G06Q20/027 ,  G06F21/74 ,  G06Q20/40 ,  H04L63/08 ,  H04L2463/102

摘要： Technology is described for protecting transactions. The technology may include a switching component that a user can employ to switch an associated mobile device into a secure mode so that a user can confirm the transaction. After initiating a transaction request, the user can confirm the transaction request by activating the switching component, which can cause the mobile device to switch into a secure mode. In the secure mode, the mobile device may prevent the mobile device from conducting various normal activities, such as executing applications, receiving input, providing output, and so forth. The switching component may disable other processing temporarily. Upon receiving the confirmation from the user, the switching component may send a confirmation communication to complete the transaction.

摘要翻译： 技术描述为保护交易。 该技术可以包括用户可以使用的切换组件来将相关联的移动设备切换到安全模式，使得用户可以确认交易。 在启动交易请求之后，用户可以通过激活交换组件来确认交易请求，这可以使移动设备切换到安全模式。 在安全模式下，移动设备可以防止移动设备进行各种正常的活动，例如执行应用，接收输入，提供输出等等。 切换组件可能暂时禁用其他处理。 在接收到来自用户的确认之后，交换组件可以发送确认通信来完成交易。

公开(公告)号：US20080189548A1

公开(公告)日：2008-08-07

申请号：US11670857

申请日：2007-02-02

申请人： David J. Steeves ,  Gregory D. Hartrell ,  Ryan M. Burkhardt ,  Jason L. Cohen

发明人： David J. Steeves ,  Gregory D. Hartrell ,  Ryan M. Burkhardt ,  Jason L. Cohen

IPC分类号： H04L9/32 ,  G06F17/00 ,  G06F21/00

CPC分类号： H04L63/1466 ,  G06F21/602 ,  H04L9/083 ,  H04L9/0841 ,  H04L63/061 ,  H04L63/18 ,  H04L2209/80

摘要： Key exchanges between peer-to-peer devices can be vulnerable to man in the middle attacks. Verification of the key exchanges can be made on a channel, network and/or device different from the channel, network and/or device used for the key exchange to determine whether the key exchange was secure. Verification of the key exchange can also be made through an established and trusted device and/or entity. If the key exchange was secure, the parties to a communication utilizing the key(s) exchanged can be notified, if desired. If the key exchange was not secure, the parties can be notified and the communication can be selectively disconnected.

摘要翻译： 点对点设备之间的关键交换在中间攻击中可能容易受到人员伤害。 密钥交换的验证可以在与用于密钥交换的信道，网络和/或设备不同的信道，网络和/或设备上进行，以确定密钥交换是否安全。 密钥交换的验证也可以通过已建立和受信任的设备和/或实体进行。 如果密钥交换是安全的，则如果需要，可以通知利用所交换的密钥的通信方。 如果密钥交换不安全，可以通知各方，并且可以选择性地断开通信。

公开(公告)号：US08782425B2

公开(公告)日：2014-07-15

申请号：US13414448

申请日：2012-03-07

申请人： David J. Steeves

发明人： David J. Steeves

IPC分类号： H04L29/06 ,  G06F21/36 ,  H04W12/06

CPC分类号： G06F21/36 ,  G06F21/10 ,  G06F2221/2103 ,  G06F2221/2133 ,  H04L63/145 ,  H04L2463/101 ,  H04W12/06

摘要： A facility for performing a local human verification ceremony to obtain user verification is provided. Upon determining that user verification is needed to perform an action on a computer system, the facility presents a CAPTCHA challenge requesting verification that the user wants the action performed on the computer system. Upon receiving a response, the facility compares the received response to an expected correct response. If the received response is the correct response, the facility authorizes the action to be performed.

摘要翻译： 提供了执行当地人类验证仪式以获得用户验证的设施。 在确定需要用户验证以在计算机系统上执行动作时，该设施呈现CAPTCHA挑战，要求验证用户想要在计算机系统上执行的动作。 在接收到响应时，设施将接收到的响应与预期的正确响应进行比较。 如果接收到的响应是正确的响应，则设施授权执行该动作。

公开(公告)号：US08145914B2

公开(公告)日：2012-03-27

申请号：US11303441

申请日：2005-12-15

申请人： David J. Steeves

发明人： David J. Steeves

IPC分类号： H04L29/06

CPC分类号： G06F21/36 ,  G06F21/10 ,  G06F2221/2103 ,  G06F2221/2133 ,  H04L63/145 ,  H04L2463/101 ,  H04W12/06

摘要： A facility for performing a local human verification ceremony to obtain user verification is provided. Upon determining that user verification is needed to perform an action on a computer system, the facility presents a CAPTCHA challenge requesting verification that the user wants the action performed on the computer system. Upon receiving a response, the facility compares the received response to an expected correct response. If the received response is the correct response, the facility authorizes the action to be performed.

摘要翻译： 提供了执行当地人类验证仪式以获得用户验证的设施。 在确定需要用户验证以在计算机系统上执行动作时，该设施呈现CAPTCHA挑战，要求验证用户想要在计算机系统上执行的动作。 在接收到响应时，设施将接收到的响应与预期的正确响应进行比较。 如果接收到的响应是正确的响应，则设施授权执行该动作。

公开(公告)号：US08117659B2

公开(公告)日：2012-02-14

申请号：US11321754

申请日：2005-12-28

申请人： Gregory D. Hartrell ,  David J. Steeves ,  Efim Hudis

发明人： Gregory D. Hartrell ,  David J. Steeves ,  Efim Hudis

IPC分类号： G06F21/00

CPC分类号： G06F21/552 ,  G06F21/565 ,  G06F2221/034 ,  H04L63/1416 ,  H04L63/1425

摘要： A malware analysis system for automating cause and effect analysis of malware infections is provided. The malware analysis system monitors and records computer system activities. Upon being informed of a suspected malware infection, the malware analysis system creates a time-bounded snapshot of the monitored activities that were conducted within a time frame prior to the notification of the suspected malware infection. The malware analysis system may also create a time-bounded snapshot of the monitored activities that are conducted within a time frame subsequent to the notification of the suspected malware infection. The malware analysis system provides the created snapshot or snapshots for further analysis.

摘要翻译： 提供了恶意软件感染自动分析的恶意软件分析系统。 恶意软件分析系统监控和记录计算机系统活动。 在被通知疑似恶意软件感染后，恶意软件分析系统会在通知疑似恶意软件感染之前的一段时间内创建受监视活动的有时限的快照。 恶意软件分析系统还可能会在通知疑似恶意软件感染后的时间内为受监视的活动创建时间有限的快照。 恶意软件分析系统提供创建的快照或快照进行进一步分析。

公开(公告)号：US20100192209A1

公开(公告)日：2010-07-29

申请号：US12359220

申请日：2009-01-23

申请人： David J. Steeves ,  Kim Cameron ,  Todd L. Carpenter ,  David Foster ,  Quentin S. Miller

发明人： David J. Steeves ,  Kim Cameron ,  Todd L. Carpenter ,  David Foster ,  Quentin S. Miller

IPC分类号： H04L9/32 ,  G06F21/00

CPC分类号： H04L63/0861 ,  G06F21/316 ,  G06F21/32 ,  H04L63/0492 ,  H04L63/08 ,  H04L67/10 ,  H04L2463/082 ,  H04W12/06

摘要： Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.

摘要翻译： 技术被描述为能够在计算系统上实现被动执行安全性。 计算系统的组件可以基于用户与计算系统的交互作用的观察来被动地认证或授权用户。 该技术可以根据观察结果增加或减少认证或授权级别。 该级别可以指示应该授予用户的访问级别。 当用户或计算设备的组件启动请求时，应用或服务可以确定该级别是否足以满足该请求。 如果级别不足，则应用程序或服务可以提示用户凭据，以便用户被主动认证。 该技术可以使计算系统“信任”认证，使得两个邻近的设备可以共享认证级别。