-
公开(公告)号:US10581865B1
公开(公告)日:2020-03-03
申请号:US16280701
申请日:2019-02-20
申请人: Xage Security, Inc.
摘要: A computer-implemented method comprises posting, by a broker computing device, identity awareness data for a plurality of client computing devices to a distributed data repository (DDP); receiving, by a networking hardware device, the identity awareness data from the DDP; using, by the networking hardware device, the identity awareness data from the DDP to authenticate a client computing device requesting access to at least one Internet of Things (IoT) computing device; in response to authenticating the client computing device, creating, by the networking hardware device, a session for the client computing device to communicate with the at least one IoT computing device, wherein creating a session comprises: opening a port on the networking hardware device, wherein communication between the client computing device and the at least one IoT computing device is through the port; posting information relating to the session as authentication session information to the DDP.
-
2.发明授权公开(公告)号:US10084600B1
公开(公告)日:2018-09-25
申请号:US15954365
申请日:2018-04-16
申请人: Xage Security, Inc.
CPC分类号: H04L9/3093 , H04L9/0637 , H04L9/085 , H04L9/0861 , H04L9/14 , H04L9/321 , H04L9/3236 , H04L2209/38
摘要: In an embodiment, a computer-implemented data security method comprises: at a first computing device, receiving security service data from a first digital data repository; using the first computing device, generating hidden security service data by generating a plurality of shares of the security service data; using the first computing device, encrypting each share of the plurality of shares using a separate public key from among a plurality of public keys corresponding to each of a plurality of second computing devices, to generate a plurality of encrypted shares; electronically storing the plurality of encrypted shares as data in a second digital data repository; using a subset of the plurality of second computing devices, in response to receiving an authentication request from a third computing device to access one or more fourth computing devices, decrypting a subset of the plurality of encrypted shares using a subset of separate private keys corresponding to each of the subset of the plurality of second computing devices to generate a plurality of decrypted shares; forming and storing a readable copy of the hidden security service data using the plurality of decrypted shares; using the readable copy of the hidden security service data, performing authentication services for the third computing device to grant or deny access to the one or more fourth computing devices.
-
公开(公告)号:US10965713B2
公开(公告)日:2021-03-30
申请号:US16391125
申请日:2019-04-22
申请人: Xage Security, Inc.
摘要: In an embodiment, a computer-implemented method comprising: posting, by a broker computing device, device control data to a distributed datastore including distributed ledger and blockchain, wherein the device control data is collected at a plurality of directory services in a federation; receiving, at a computing hardware device, the device control data from the distributed datastore; using, by the computing hardware device, the device control data received from the distributed datastore, remotely managing user accounts and access control and security policies on at least one networked device.
-
公开(公告)号:US20200259849A1
公开(公告)日:2020-08-13
申请号:US16837074
申请日:2020-04-01
申请人: Xage Security, Inc.
摘要: A computer-implemented method provides an improvement in security breach detection and comprises calculating, using a gateway computing device, a current digital fingerprint of a computing device based on current security service data of the computing device; conducting, using the gateway computing device, a real-time health check of the computing device based on an initial digital fingerprint stored in a distributed data repository, wherein the initial digital fingerprint is based on an initial security service data of the computing device; and in response to the real-time health check of the computing device, determining, using the gateway computing device, whether to restore the computing device with configurations consistent with the initial digital fingerprint stored in the distributed data repository.
-
公开(公告)号:US11201872B2
公开(公告)日:2021-12-14
申请号:US16806883
申请日:2020-03-02
申请人: Xage Security, Inc.
摘要: A computer-implemented method comprises accessing, by a networking hardware device, identity awareness data for a plurality of client computing devices and device security policies of a plurality of IoT computing devices from at least one distributed data repository; authenticating, by the networking hardware device, a client computing device requesting access to at least one Internet of Things (IoT) computing device, based on the accessed identity awareness data; establishing, at the networking hardware device, firewall rules based on the accessed device security policies; creating, by the networking hardware device, a session for the authenticated client computing device to communicate with the at least one IoT computing device, wherein creating a session comprises posting information relating to the session as authentication session information to the at least one distributed data repository.
-
公开(公告)号:US20200267138A1
公开(公告)日:2020-08-20
申请号:US16280926
申请日:2019-02-20
申请人: Xage Security, Inc.
IPC分类号: H04L29/06 , H04L12/927 , H04L29/08
摘要: In an embodiment, a computer-implemented method comprises receiving, by at least one broker computing devices, identity awareness data from a plurality of directory services in a federation; posting, by the at least one broker computing device, the identity awareness data to a distributed data repository; establishing, at a networking hardware device having a first type, firewall rules using the identity awareness data from the distributed data repository; controlling, by the networking hardware device having the first type, network traffic based on the identity awareness data.
-
7.发明授权公开(公告)号:US10581605B2
公开(公告)日:2020-03-03
申请号:US16133323
申请日:2018-09-17
申请人: Xage Security, Inc.
摘要: In an embodiment, a computer-implemented data security method comprises: using a first computing device, generating a plurality of encrypted shares from a plurality of shares of hidden security service data by using a separate public key from a plurality of public keys that correspond to a plurality of second computing devices; using a requesting second computing device, accessing and decrypting a first encrypted share of the plurality of encrypted shares using a first private key corresponding to the requesting second computing device to generate a first portion of the hidden security service data; using an available second computing device, decrypting a second encrypted share of the plurality of encrypted shares using a second private key corresponding to the available second computing device to generate a decrypted share; using the available second computing device, re-encrypting the decrypted share using a public key corresponding to the requesting second computing device to generate a re-encrypted share and sending the re-encrypted share to the requesting second computing device; and using the requesting second computing device, decrypting the re-encrypted share using the first private key to generate a second portion of the hidden security service data; using the first portion and second portion of the hidden security service data, forming and using a readable copy of the hidden security service data to perform authentications.
-
公开(公告)号:US10951605B2
公开(公告)日:2021-03-16
申请号:US16280926
申请日:2019-02-20
申请人: Xage Security, Inc.
IPC分类号: H04L29/06 , H04L29/08 , H04L12/927
摘要: In an embodiment, a computer-implemented method comprises receiving, by at least one broker computing devices, identity awareness data from a plurality of directory services in a federation; posting, by the at least one broker computing device, the identity awareness data to a distributed data repository; establishing, at a networking hardware device having a first type, firewall rules using the identity awareness data from the distributed data repository; controlling, by the networking hardware device having the first type, network traffic based on the identity awareness data.
-
公开(公告)号:US10270770B1
公开(公告)日:2019-04-23
申请号:US16110567
申请日:2018-08-23
申请人: XAGE SECURITY, INC.
摘要: Secure enrollment of devices into computer networks is improved by a method that comprises receiving a first set of security data for computing devices from a vendor computing device and a second set of security data from a partner computing device and storing the first and second set of security data in a data repository; issuing a first authentication challenge to the computing devices, wherein the challenge is based on the first set and the second set of device security data; receiving a first authentication response from the computing devices and cross-referencing the first authentication response with the first set and the second set of device security data; receiving a second authentication challenge from the computing devices, wherein the second authentication challenge is based on the first set of security data; and issuing a second authentication response to the computing devices and determining whether to enroll the computing devices.
-
10.发明申请公开(公告)号:US20200267161A1
公开(公告)日:2020-08-20
申请号:US16806883
申请日:2020-03-02
申请人: Xage Security, Inc.
摘要: A computer-implemented method comprises accessing, by a networking hardware device, identity awareness data for a plurality of client computing devices and device security policies of a plurality of IoT computing devices from at least one distributed data repository; authenticating, by the networking hardware device, a client computing device requesting access to at least one Internet of Things (IoT) computing device, based on the accessed identity awareness data; establishing, at the networking hardware device, firewall rules based on the accessed device security policies; creating, by the networking hardware device, a session for the authenticated client computing device to communicate with the at least one IoT computing device, wherein creating a session comprises posting information relating to the session as authentication session information to the at least one distributed data repository.
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.013 秒)
