公开(公告)号：US20130246703A1

公开(公告)日：2013-09-19

申请号：US13423178

申请日：2012-03-17

申请人： Zvonimir Z. Bandic ,  Cyril Guyot ,  Tomohiro Harayama ,  Robert Euginiu Mateescu ,  Shad Henry Thorstenson ,  Timothy Kohchih Tsai

发明人： Zvonimir Z. Bandic ,  Cyril Guyot ,  Tomohiro Harayama ,  Robert Euginiu Mateescu ,  Shad Henry Thorstenson ,  Timothy Kohchih Tsai

IPC分类号： G06F12/08

CPC分类号： G11B20/10527 ,  G06F12/0866 ,  G06F2212/313 ,  G11B5/012 ,  G11B20/10388 ,  G11B20/1879

摘要： A shingled magnetic recording hard disk drive that uses writeable cache tracks in the inter-band gaps between the annular data bands minimizes the effect of far track erasure (FTE) in the boundary regions of annular data bands caused by writing to the cache tracks. Based on the relative FTE effect for all the tracks in a range of tracks of the cache track being written, a count increment (CI) table or a cumulative count increment (CCI) table is maintained. For every writing to a cache track, a count for each track in an adjacent boundary region, or a cumulative count for each adjacent boundary region, is increased. When the count value for a track, or the cumulative count for a boundary region, reaches a predetermined threshold the data is read from that band and rewritten to the same band.

摘要翻译： 在环形数据带之间的带间间隙中使用可写入高速缓存轨迹的带状磁记录硬盘驱动器将通过写入高速缓存轨道引起的环形数据带的边界区域中的远轨擦除（FTE）的影响最小化。 基于正在写入的高速缓存磁道的磁道范围内的所有磁道的相对FTE效应，保持计数增量（CI）表或累积计数增量（CCI）表。 对于对高速缓存轨道的每次写入，相邻边界区域中的每个轨道的计数或每个相邻边界区域的累积计数增加。 当轨道的计数值或边界区域的累积计数达到预定阈值时，从该频带读取数据并重写到相同的频带。

公开(公告)号：US08537481B1

公开(公告)日：2013-09-17

申请号：US13423177

申请日：2012-03-17

申请人： Zvonimir Z. Bandic ,  Cyril Guyot ,  Tomohiro Harayama ,  Robert Eugeniu Mateescu ,  Shad Henry Thorstenson ,  Timothy Kohchih Tsai

发明人： Zvonimir Z. Bandic ,  Cyril Guyot ,  Tomohiro Harayama ,  Robert Eugeniu Mateescu ,  Shad Henry Thorstenson ,  Timothy Kohchih Tsai

IPC分类号： G11B27/36

CPC分类号： G11B27/36 ,  G11B5/012 ,  G11B20/1258 ,  G11B20/1816 ,  G11B2020/10898 ,  G11B2020/1298

摘要： A shingled magnetic recording (SMR) hard disk drive (HDD) essentially eliminates the effect of far track erasure (FTE) in the boundary regions of annular data bands caused by writing in the boundary regions of adjacent annular data bands. The extent of the FTE effect is determined for each track within a range of tracks of the track being written. Based on the relative FTE effect for all the tracks in the range, a count increment (CI) table or a cumulative count increment (CCI) table is maintained for all the tracks in the range. For every writing to a track in a boundary region, a count for each track in an adjacent boundary region, or a cumulative count for the adjacent boundary region, is increased. When the count reaches a predetermined threshold the data is read from that band and rewritten to the same band.

摘要翻译： 磁带录音（SMR）硬盘驱动器（HDD）基本上消除了在相邻环形数据频带的边界区域中写入引起的环形数据频带的边界区域中的远跟踪擦除（FTE）的影响。 对正在写入的轨道的轨道范围内的每个轨道确定FTE效果的程度。 基于该范围内所有轨道的相对FTE效应，对该范围内的所有轨道维持计数增量（CI）表或累积计数增量（CCI）表。 对于对边界区域中的轨迹的每次写入，相邻边界区域中的每个轨道的计数或相邻边界区域的累积计数增加。 当计数达到预定阈值时，从该频带读取数据并重写到相同的频带。

公开(公告)号：US08793431B2

公开(公告)日：2014-07-29

申请号：US13423178

申请日：2012-03-17

申请人： Zvonimir Z. Bandic ,  Cyril Guyot ,  Tomohiro Harayama ,  Robert Eugeniu Mateescu ,  Shad Henry Thorstenson ,  Timothy Kohchih Tsai

发明人： Zvonimir Z. Bandic ,  Cyril Guyot ,  Tomohiro Harayama ,  Robert Eugeniu Mateescu ,  Shad Henry Thorstenson ,  Timothy Kohchih Tsai

IPC分类号： G06F12/00

CPC分类号： G11B20/10527 ,  G06F12/0866 ,  G06F2212/313 ,  G11B5/012 ,  G11B20/10388 ,  G11B20/1879

摘要： A shingled magnetic recording hard disk drive that uses writeable cache tracks in the inter-band gaps between the annular data bands minimizes the effect of far track erasure (FTE) in the boundary regions of annular data bands caused by writing to the cache tracks. Based on the relative FTE effect for all the tracks in a range of tracks of the cache track being written, a count increment (CI) table or a cumulative count increment (CCI) table is maintained. For every writing to a cache track, a count for each track in an adjacent boundary region, or a cumulative count for each adjacent boundary region, is increased. When the count value for a track, or the cumulative count for a boundary region, reaches a predetermined threshold the data is read from that band and rewritten to the same band.

摘要翻译： 在环形数据带之间的带间间隙中使用可写入高速缓存轨迹的带状磁记录硬盘驱动器将通过写入高速缓存轨道引起的环形数据带的边界区域中的远轨擦除（FTE）的影响最小化。 基于正在写入的高速缓存磁道的磁道范围内的所有磁道的相对FTE效应，保持计数增量（CI）表或累积计数增量（CCI）表。 对于对高速缓存轨道的每次写入，相邻边界区域中的每个轨道的计数或每个相邻边界区域的累积计数增加。 当轨道的计数值或边界区域的累积计数达到预定阈值时，从该频带读取数据并重写到相同的频带。

公开(公告)号：US20130242426A1

公开(公告)日：2013-09-19

申请号：US13423177

申请日：2012-03-17

申请人： Zvonimir Z. Bandic ,  Cyril Guyot ,  Tomohiro Harayama ,  Robert Eugeniu Mateescu ,  Shad Henry Thorstenson ,  Timothy Kohchih Tsai

发明人： Zvonimir Z. Bandic ,  Cyril Guyot ,  Tomohiro Harayama ,  Robert Eugeniu Mateescu ,  Shad Henry Thorstenson ,  Timothy Kohchih Tsai

IPC分类号： G11B27/36

CPC分类号： G11B27/36 ,  G11B5/012 ,  G11B20/1258 ,  G11B20/1816 ,  G11B2020/10898 ,  G11B2020/1298

摘要： A shingled magnetic recording (SMR) hard disk drive (HDD) essentially eliminates the effect of far track erasure (FTE) in the boundary regions of annular data bands caused by writing in the boundary regions of adjacent annular data bands. The extent of the FTE effect is determined for each track within a range of tracks of the track being written. Based on the relative FTE effect for all the tracks in the range, a count increment (CI) table or a cumulative count increment (CCI) table is maintained for all the tracks in the range. For every writing to a track in a boundary region, a count for each track in an adjacent boundary region, or a cumulative count for the adjacent boundary region, is increased. When the count reaches a predetermined threshold the data is read from that band and rewritten to the same band.

摘要翻译： 磁带录音（SMR）硬盘驱动器（HDD）基本上消除了在相邻环形数据频带的边界区域中写入引起的环形数据频带的边界区域中的远跟踪擦除（FTE）的影响。 对正在写入的轨道的轨道范围内的每个轨道确定FTE效果的程度。 基于该范围内所有轨道的相对FTE效应，对该范围内的所有轨道维持计数增量（CI）表或累积计数增量（CCI）表。 对于对边界区域中的轨迹的每次写入，相邻边界区域中的每个轨道的计数或相邻边界区域的累积计数增加。 当计数达到预定阈值时，从该频带读取数据并重写到相同的频带。

公开(公告)号：US20120110343A1

公开(公告)日：2012-05-03

申请号：US12925807

申请日：2010-10-29

申请人： Zvonimir Z. Bandic ,  Cyril Guyot ,  Timothy Kohchih Tsai

发明人： Zvonimir Z. Bandic ,  Cyril Guyot ,  Timothy Kohchih Tsai

IPC分类号： G06F12/14

CPC分类号： G06F21/80 ,  G06F2221/2101 ,  G06F2221/2151 ,  H04L9/0894 ,  H04L9/3242 ,  H04L9/3297

摘要： Secure timestamps created by a data storage device are described. Metadata timestamp is created for each recorded unit of data (such as a sector) The HDD performs the time-stamping in a secure manner. The timestamp is made secure by performing a secure operation (i.e. one that can only be performed by the HDD) using the data and timestamp. The secure operation uses a secure key that is built-in to the storage device and is not readable outside of the device. In some embodiments the secure operation is encryption using the secure key. In other embodiments the secure operation is a hash code function (such as a Hash-based Message Authentication Code (HMAC) function) that uses the secure key to generate a hash code using at least the recorded data and the timestamp as input. The hash code is then included in the metadata that is recorded for the data unit.

摘要翻译： 描述由数据存储设备创建的安全时间戳。 为每个记录的数据单元（例如扇区）创建元数据时间戳。HDD以安全的方式执行时间戳。 通过使用数据和时间戳执行安全操作（即只能由HDD执行的）来使时间戳变得安全。 安全操作使用存储设备内置的安全密钥，并且不能在设备外部读取。 在一些实施例中，安全操作是使用安全密钥的加密。 在其他实施例中，安全操作是使用安全密钥使用至少所记录的数据和时间戳作为输入来生成散列码的散列码功能（例如基于哈希的消息认证码（HMAC）功能））。 然后将哈希码包括在为数据单元记录的元数据中。

公开(公告)号：US07814547B2

公开(公告)日：2010-10-12

申请号：US12200069

申请日：2008-08-28

申请人： Sachin Garg ,  Navjot Singh ,  Timothy Kohchih Tsai ,  Yu-Sung Wu ,  Saurabh Bagchi

发明人： Sachin Garg ,  Navjot Singh ,  Timothy Kohchih Tsai ,  Yu-Sung Wu ,  Saurabh Bagchi

IPC分类号： H04L9/00

CPC分类号： H04L63/1433

摘要： A method for detecting intrusions that employ messages of two or more protocols is disclosed. Such intrusions might occur in Voice over Internet Protocol (VoIP) systems, as well as in systems in which two or more protocols support some service other than VoIP. In the illustrative embodiment of the present invention, a stateful intrusion-detection system is capable of employing rules that have cross-protocol pre-conditions. The illustrative embodiment can use such rules to recognize a variety of VoIP-based intrusion attempts, such as call hijacking, BYE attacks, etc. In addition, the illustrative embodiment is capable of using such rules to recognize other kinds of intrusion attempts in which two or more protocols support a service other than VoIP. The illustrative embodiment also comprises a stateful firewall that is capable of employing rules with cross-protocol pre-conditions.

摘要翻译： 公开了一种用于检测采用两种或多种协议的消息的入侵的方法。 这种入侵可能发生在语音互联网协议（VoIP）系统中，以及在两个或多个协议支持VoIP之外的一些服务的系统中。 在本发明的说明性实施例中，状态入侵检测系统能够采用具有交叉协议前提条件的规则。 说明性实施例可以使用这样的规则来识别各种基于VoIP的入侵尝试，例如呼叫劫持，BYE攻击等。此外，说明性实施例能够使用这样的规则来识别其他种类的入侵尝试，其中两个 或更多的协议支持VoIP以外的服务。 说明性实施例还包括能够使用具有交叉协议前提条件的规则的有状态防火墙。

公开(公告)号：US20080313737A1

公开(公告)日：2008-12-18

申请号：US12200069

申请日：2008-08-28

申请人： Sachin Garg ,  Navjot Singh ,  Timothy Kohchih Tsai ,  Yu-Sung Wu ,  Saurabh Bagchi

发明人： Sachin Garg ,  Navjot Singh ,  Timothy Kohchih Tsai ,  Yu-Sung Wu ,  Saurabh Bagchi

IPC分类号： G06F21/00

CPC分类号： H04L63/1433

摘要： A method for detecting intrusions that employ messages of two or more protocols is disclosed. Such intrusions might occur in Voice over Internet Protocol (VoIP) systems, as well as in systems in which two or more protocols support some service other than VoIP. In the illustrative embodiment of the present invention, a stateful intrusion-detection system is capable of employing rules that have cross-protocol pre-conditions. The illustrative embodiment can use such rules to recognize a variety of VoIP-based intrusion attempts, such as call hijacking, BYE attacks, etc. In addition, the illustrative embodiment is capable of using such rules to recognize other kinds of intrusion attempts in which two or more protocols support a service other than VoIP. The illustrative embodiment also comprises a stateful firewall that is capable of employing rules with cross-protocol pre-conditions.

摘要翻译： 公开了一种用于检测采用两种或多种协议的消息的入侵的方法。 这种入侵可能发生在语音互联网协议（VoIP）系统中，以及在两个或多个协议支持VoIP之外的一些服务的系统中。 在本发明的说明性实施例中，状态入侵检测系统能够采用具有交叉协议前提条件的规则。 说明性实施例可以使用这样的规则来识别各种基于VoIP的入侵尝试，例如呼叫劫持，BYE攻击等。此外，说明性实施例能够使用这样的规则来识别其他种类的入侵尝试，其中两个 或更多的协议支持VoIP以外的服务。 说明性实施例还包括能够使用具有交叉协议前提条件的规则的有状态防火墙。

公开(公告)号：US07372856B2

公开(公告)日：2008-05-13

申请号：US10854702

申请日：2004-05-27

申请人： Sachin Garg ,  Navjot Singh ,  Timothy Kohchih Tsai

发明人： Sachin Garg ,  Navjot Singh ,  Timothy Kohchih Tsai

IPC分类号： H04L12/28 ,  H04L12/56

CPC分类号： H04L63/12 ,  H04L9/0662 ,  H04L9/3236 ,  H04L9/3297 ,  H04L29/06027 ,  H04L65/607 ,  H04L65/608 ,  H04L2209/38

摘要： A method for Real-time Transport Protocol (RTP) packet authentication on a packet data network. In particular, the invention relates to a method for preventing toll fraud, privacy compromise, voice quality degradation, or denial of service (DoS) on Voice over IP networks. The Real-time Transport Protocol (RTP) is susceptible to several security attacks, including thirdparty snooping of private conversations, injection of forged content, and introduction or modification of packets to degrade voice quality. The Secure Real-time Transport Protocol (SRTP) provides confidentiality, message authentication, and replay protection for RTP traffic. However, SRTP incurs an additional overhead to verify the HMAC-SHA1 message authentication code for each packet. SRTP+ significantly decrease the verification overhead compared to SRTP and thereby increases the number of faked packets required to mount a successful denial of service attack. SRTP+ provides packet authentication but not integrity. SRTP+ is compatible with SRTP.

摘要翻译： 一种用于分组数据网络上的实时传输协议（RTP）分组认证的方法。 具体地说，本发明涉及一种用于防止IP语音上网的长途欺诈，隐私泄露，语音质量下降或拒绝服务（DoS）的方法。 实时传输协议（RTP）易受多种安全攻击，包括私有对话的第三方窥探，伪造内容的注入，以及引入或修改数据包以降低语音质量。 安全实时传输协议（SRTP）为RTP流量提供机密性，消息认证和重放保护。 然而，SRTP需要额外的开销来验证每个数据包的HMAC-SHA1消息认证码。 与SRTP相比，SRTP +显着降低了验证开销，从而增加了成功拒绝服务攻击所需的假包数量。 SRTP +提供数据包身份验证，但不提供完整性。 SRTP +与SRTP兼容。

公开(公告)号：US20090024990A1

公开(公告)日：2009-01-22

申请号：US12241595

申请日：2008-09-30

申请人： Navjot Singh ,  Timothy Kohchih Tsai

发明人： Navjot Singh ,  Timothy Kohchih Tsai

IPC分类号： G06F9/445 ,  G06F7/06 ,  G06F17/30

CPC分类号： G06F21/577 ,  G06F21/554

摘要： A method and apparatus for automatically determining whether a security vulnerability alert is relevant to a device (e.g., personal computer, server, personal digital assistant [PDA], etc.), and automatically retrieving the associated software patches for relevant alerts, are disclosed. The illustrative embodiment intelligently determines whether the software application specified by a security vulnerability alert is resident on the device, whether the version of the software application on the device matches that of the security vulnerability alert, and whether the device's hardware platform and operating system match those of the security vulnerability alert.

公开(公告)号：US20090024989A1

公开(公告)日：2009-01-22

申请号：US12241567

申请日：2008-09-30

申请人： Navjot Singh ,  Timothy Kohchih Tsai

发明人： Navjot Singh ,  Timothy Kohchih Tsai

IPC分类号： G06F9/44 ,  G06F9/445

CPC分类号： G06F21/577 ,  G06F21/554

摘要： A method and apparatus for automatically determining whether a security vulnerability alert is relevant to a device (e.g., personal computer, server, personal digital assistant [PDA], etc.), and automatically retrieving the associated software patches for relevant alerts, are disclosed. The illustrative embodiment intelligently determines whether the software application specified by a security vulnerability alert is resident on the device, whether the version of the software application on the device matches that of the security vulnerability alert, and whether the device's hardware platform and operating system match those of the security vulnerability alert.

摘要翻译： 公开了一种用于自动确定安全漏洞警报是否与设备（例如，个人计算机，服务器，个人数字助理[PDA]等）相关的方法和装置，以及自动检索相关警报的相关软件补丁。 说明性实施例智能地确定由安全漏洞警报指定的软件应用程序是否驻留在设备上，设备上的软件应用程序的版本是否与安全漏洞警报的版本相匹配，以及设备的硬件平台和操作系统是否匹配 的安全漏洞警报。