-
公开(公告)号:US08533829B2
公开(公告)日:2013-09-10
申请号:US11817194
申请日:2005-12-08
CPC分类号: H04L63/1408 , H04L43/00
摘要: A method for monitoring the managed devices comprises that the manage center preserves the integrality list in advance, which includes the system integrality values of the managed devices and the corresponding relations of the managed devices and the system integrality values of themselves, and the managed device gathers the current system integrality value of itself and saves it when it starts; the managed device sends the information including the current system integrality value to the manage center after receiving the monitor command from the manage center; the manage center determines whether the received current system integrality value of the managed device coincides with the integrality value of the managed device saved by itself according to the received information and said integrality list, and implements the alert process when they do not coincide with each other. The manage center can know whether the managed device is believable currently so that the manage center can determine whether the unknown attack to the managed device exists or not according to the present invention.
摘要翻译: 用于监视被管理设备的方法包括:管理中心预先保留完整性列表,其包括被管理设备的系统完整性值和被管理设备的对应关系以及其自身的系统完整性值,并且被管理设备收集 本身的当前系统完整性价值,并在启动时保存; 被管理设备从管理中心收到监控命令后,将包含当前系统完整性值的信息发送给管理中心; 管理中心确定被管理设备的接收到的当前系统完整性值是否与根据接收到的信息和所述完整性列表自身保存的被管理设备的完整性值一致,并且当它们彼此不一致时实现警报处理 。 管理中心可以知道被管理设备当前是否可信,以便管理中心可以根据本发明确定对被管理设备的未知攻击是否存在。
-
公开(公告)号:US20090019528A1
公开(公告)日:2009-01-15
申请号:US11817189
申请日:2005-12-08
CPC分类号: H04L63/1475 , H04L9/3247 , H04L9/3271 , H04L63/08 , H04L63/0876 , H04L2209/42
摘要: A method for realizing network access authentication, wherein a network access authentication device pre-storing a system integrity value of a device waiting to access and a correspondence between each device waiting to access and its system integrity value. When the device waiting to access needs to access the network, it acquires its current system integrity value, and sends the current system integrity value to the network access authentication device; the network access authentication device judges whether the received current system integrity value of the device waiting to access and its stored integrity value of the device waiting to access are identical or not, and in a case where the received current system integrity value of the device waiting to access and its stored integrity value of the device waiting to access are identical, it determines that the network access is authenticated. As such, the network access device could determine the real status of the device waiting to access, and ensure the device accessing to the network is really secure, thereby ensuring the security of the network.
摘要翻译: 一种用于实现网络访问认证的方法,其中预存储等待接入的设备的系统完整性值的网络接入认证设备和等待接入的每个设备与其系统完整性值之间的对应关系。 当等待接入的设备需要接入网络时,获取当前的系统完整性值,并将当前的系统完整性值发送给网络接入认证设备; 网络接入认证装置判断等待接入的设备的接收到的当前系统完整性值是否与等待接入设备的存储完整性值相同,并且在接收到的设备等待的当前系统完整性值的情况下 等待访问的设备的访问和存储的完整性值是相同的,它确定网络访问被认证。 因此,网络接入设备可以确定等待接入的设备的实际状态,确保设备对网络的访问真正安全,从而确保网络的安全。
-
公开(公告)号:US08037306B2
公开(公告)日:2011-10-11
申请号:US11817189
申请日:2005-12-08
IPC分类号: H04L9/00
CPC分类号: H04L63/1475 , H04L9/3247 , H04L9/3271 , H04L63/08 , H04L63/0876 , H04L2209/42
摘要: A method for realizing network access authentication, wherein a network access authentication device pre-storing a system integrity value of a device waiting to access and a correspondence between each device waiting to access and its system integrity value. When the device waiting to access needs to access the network, it acquires its current system integrity value, and sends the current system integrity value to the network access authentication device; the network access authentication device judges whether the received current system integrity value of the device waiting to access and its stored integrity value of the device waiting to access are identical or not, and in a case where the received current system integrity value of the device waiting to access and its stored integrity value of the device waiting to access are identical, it determines that the network access is authenticated. As such, the network access device could determine the real status of the device waiting to access, and ensure the device accessing to the network is really secure, thereby ensuring the security of the network.
摘要翻译: 一种用于实现网络访问认证的方法,其中预存储等待接入的设备的系统完整性值的网络接入认证设备和等待接入的每个设备与其系统完整性值之间的对应关系。 当等待接入的设备需要接入网络时,获取当前的系统完整性值,并将当前的系统完整性值发送给网络接入认证设备; 网络接入认证装置判断等待接入的设备的接收到的当前系统完整性值是否与等待接入设备的存储完整性值相同,并且在接收到的设备等待的当前系统完整性值的情况下 等待访问的设备的访问和存储的完整性值是相同的,它确定网络访问被认证。 因此,网络接入设备可以确定等待接入的设备的实际状态,确保设备对网络的访问真正安全,从而确保网络的安全。
-
公开(公告)号:US20080250501A1
公开(公告)日:2008-10-09
申请号:US11817194
申请日:2005-12-08
CPC分类号: H04L63/1408 , H04L43/00
摘要: A method for monitoring the managed devices comprises that the manage center preserves the integrality list in advance, which includes the system integrality values of the managed devices and the corresponding relations of the managed devices and the system integrality values of themselves, and the managed device gathers the current system integrality value of itself and saves it when it starts; the managed device sends the information including the current system integrality value to the manage center after receiving the monitor command from the manage center; the manage center determines whether the received current system integrality value of the managed device coincides with the integrality value of the managed device saved by itself according to the received information and said integrality list, and implements the alert process when they do not coincide with each other. The manage center can know whether the managed device is believable currently so that the manage center can determine whether the unknown attack to the managed device exists or not according to the present invention.
摘要翻译: 用于监视被管理设备的方法包括:管理中心预先保留完整性列表,其包括被管理设备的系统完整性值和被管理设备的对应关系以及其自身的系统完整性值,并且被管理设备收集 本身的当前系统完整性价值,并在启动时保存; 被管理设备从管理中心收到监控命令后,将包含当前系统完整性值的信息发送给管理中心; 管理中心确定被管理设备的接收到的当前系统完整性值是否与根据接收到的信息和所述完整性列表自身保存的被管理设备的完整性值一致,并且当它们彼此不一致时实现警报处理 。 管理中心可以知道被管理设备当前是否可信,以便管理中心可以根据本发明确定对被管理设备的未知攻击是否存在。
-
-
-
搜索结果
4 条记录 (耗时 0.013 秒)
