公开(公告)号：WO2021247402A1

公开(公告)日：2021-12-09

申请号：PCT/US2021/034815

申请日：2021-05-28

Applicant: OPSWAT INC.

Inventor： CURRY, John ,  CHALIAVSKI, Tzvetan

IPC: G06F21/54 ,  G06F21/57 ,  G06F21/62 ,  G06F21/6218

Abstract: A method of unidirectional gateway mediated, multiplexed delivery of data messages includes receiving, at a processor in a trusted domain, a plurality of requests to send messages to at least one recipient compute device. Memory locations are assigned to data transmissions associated with the messages. The memory locations are accessible via a remote network interface card of a compute device in an untrusted domain. Data representing the messages is sent, via the processor, to the memory locations. After a predetermined delay period, values are retrieved from the memory locations and compared to a predetermined benchmark value. Whenever the retrieved value from the retrieved values matches the predetermined benchmark value, an associated representation of a successful data transmission is stored.

公开(公告)号：WO2021236253A1

公开(公告)日：2021-11-25

申请号：PCT/US2021/026740

申请日：2021-04-10

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： VERMA, Nidhi ,  RATHINASABAPATHY, Mangalam ,  NIGAM, Rahul

IPC: G06F21/57 ,  H04L29/08 ,  G06F11/36

Abstract: Traditionally, engineers (or developers) of a software provider may implement or maintain aspects of application services by executing jobs or joblets on computing resources of various scopes in a cloud computing environment. However, in some cases, executing certain types of engineer-initiated jobs may negatively impact customer experience and/or satisfaction with the application services. Automated policies for distributing engineer-initiated jobs increase validation testing, scope control, and deployment timing based on a dynamic risk analysis of each job. A multi-faceted approach to distributing engineer-initiated jobs ensures adequate regression testing (e.g., via ring validation and cool-down period) and facilitates controlled distribution (e.g., based on throttle, distribution timing, and deployment train position). An automatic override ensures critical customer outages can be resolved quickly and efficiently by bypassing at least some of the rules. Thereby, customer experience is improved and service interruptions and customer dissatisfaction are minimized when distributing engineer-initiated jobs for application services.

公开(公告)号：WO2021236159A1

公开(公告)日：2021-11-25

申请号：PCT/US2020/064602

申请日：2020-12-11

Applicant: GOOGLE LLC

Inventor： WANG, Gang ,  YUNG, Marcel, M., Moti ,  TURNER, David, Bruce

IPC: G06F21/55 ,  G06F21/57

Abstract: This disclosure relates to using trust tokens to verify the integrity of devices and applications from which data is received. In one aspects, a method includes receiving, from a client device, a request for one or more trust tokens. The request includes at least one of one or more device-level fraud detection signals obtained from the client device or data representing code of an application that initiated the request. The request also includes a respective nonce for each of the one or more trust tokens. A determination is made, based on at least one of the one or more device-level fraud signals or the data representing the code of the application, to issue the one or more trust tokens to the client device. Each trust token is generated using the nonce for the trust token. The one or more trust tokens are provided to the client device.

公开(公告)号：WO2021231423A1

公开(公告)日：2021-11-18

申请号：PCT/US2021/031775

申请日：2021-05-11

Applicant: VIGILANT OPS, INC.

Inventor： JADHAV, Manish ,  ZALEVSKY, Kenneth

IPC: G16H40/40 ,  G06F21/57 ,  G06F21/60

Abstract: Systems and methods for the management of cybersecurity risks for medical devices are disclosed. A system may streamline and automate the process of generating a cybersecurity bill of materials and evaluate it against the National Vulnerability Database or a similar source. Furthermore, the system may provide a secure platform for data to be transferred between medical device manufacturers and healthcare delivery organizations allowing for the notification of security vulnerabilities and the transferal of security updates.

公开(公告)号：WO2021231156A1

公开(公告)日：2021-11-18

申请号：PCT/US2021/030981

申请日：2021-05-05

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： SARASWAT, Rohit ,  LUCIANI, Juan Carlos, Sr. ,  PALAKURTHI, Harsha Vardhan ,  PINKSTON, Jeffrey Scott

IPC: H04L9/08 ,  G06F21/33 ,  G06F21/57 ,  H04L9/32 ,  H04L29/06

Abstract: Techniques are described herein that are capable of configuring a device to have certificate(s) by ordering asynchronous work requests. Portions of work that are to be performed to configure a device to have certificate(s) are performed based at least in part on a triggering event that indicates that the device is to be configured. Asynchronous work requests that are configured to, when executed, initiate performance of the respective portions of the work are generated. A hierarchical work tree that includes hierarchical nodes that represent the respective portions of the work is generated. The hierarchical work tree defines an order in which the portions of the work are to be performed. The asynchronous work requests are executed in the order defined by the hierarchical work tree, which initiates creation of the certificate(s) and delivery of the certificate(s) to the device.

公开(公告)号：WO2021229696A1

公开(公告)日：2021-11-18

申请号：PCT/JP2020/019025

申请日：2020-05-12

Applicant: 日本電気株式会社

Inventor： 高橋　佑典

IPC: G06F21/55 ,  G06F21/57

Abstract: 攻撃再現支援装置１０は、標的型攻撃を再現する攻撃再現装置２０に標的型攻撃を再現させるための複数の攻撃情報と、攻撃再現装置２０に攻撃情報それぞれを送信する順序を表す順序情報とを設定する、設定部１１と、攻撃再現装置２０から攻撃情報を送信するための要求を受信した場合、要求に応答するために、順序情報に基づいて攻撃情報を攻撃再現装置２０へ送信する、応答部１２と、を有する。

公开(公告)号：WO2021228230A1

公开(公告)日：2021-11-18

申请号：PCT/CN2021/093851

申请日：2021-05-14

Applicant: 支付宝（杭州）信息技术有限公司

Inventor： 韩喆 ,  张鸿

IPC: G06F21/57 ,  G06F21/60 ,  G06F21/62

Abstract: 公开了一种基于安全执行环境的数据验证方法及装置。可以预先在安全执行环境中写入中间服务方的解密密钥。当用户请求可信计算设备证明其拥有明文数据的所有权时，可信计算设备会从区块链中获取用户指定的第一加密数据，第一加密数据是中间服务方使用自己的加密密钥对所述明文数据进行加密后提交给区块链的。可信计算设备可以通过安全执行环境执行：使用所述中间服务方的解密密钥对所述第一加密数据进行解密，得到第一解密数据。可信计算设备如果确定明文数据和第一解密数据一致，就可以证明所述用户拥有所述明文数据的所有权。通过本方案，可以在加强对中间服务方的密钥隐私保护的前提下，证明用户拥有明文数据的所有权。

公开(公告)号：WO2021226961A1

公开(公告)日：2021-11-18

申请号：PCT/CN2020/090351

申请日：2020-05-14

Applicant: 深圳市欢太科技有限公司 ,  OPPO广东移动通信有限公司

Inventor： 陈文波 ,  刘波

IPC: G06F21/57

Abstract: 一种应用程序安全检测方法、应用程序安全检测装置、计算机可读存储介质与电子设备，涉及计算机技术技术领域。该应用程序安全检测方法包括：解析待检测应用程序的代码，生成所述待检测应用程序的控制流图（S210）；在所述控制流图中查找所述待检测应用程序中的网页视图对象（S220）；从所述网页视图对象中提取经过重新编写的类信息（S230）；检测所述经过重新编写的类信息中关于安全套接层协议SSL错误的设置信息，以确定是否存在SSL风险（S240）。该方法可以对应用程序进行有效的安全检测，以使开发人员根据检测结果对应用程序进行优化或更新，从而提高应用程序的安全性。

公开(公告)号：WO2021216930A1

公开(公告)日：2021-10-28

申请号：PCT/US2021/028720

申请日：2021-04-22

Applicant: SPECTER OPS, INC.

Inventor： ROBBINS, Andrew ,  VAZARKAR, Rohan ,  SCHROEDER, Ryan William

IPC: G06F21/55 ,  G06F21/62 ,  G06F21/57

Abstract: A system and method for analyzing directory service environment attack paths for an enterprise may continuously collect data about the attack paths and provide alerts. The system and method may also analyze the nested object relationships within Directory Services alongside objects at risk for Credential Theft to calculate all possible attack paths within the environment.

公开(公告)号：WO2021203026A1

公开(公告)日：2021-10-07

申请号：PCT/US2021/025617

申请日：2021-04-02

Applicant: PRESCIENT DEVICES, INC.

Inventor： WANG, Andrew

IPC: G06F21/54 ,  G06F21/57 ,  G06F21/577 ,  H04L63/0876 ,  H04L63/102 ,  H04L63/1416 ,  H04L63/1441 ,  H04L63/20

Abstract: A computer-implemented method of monitoring security of a set of computing devices in a distributed system, the distributed system having a plurality of computing devices, in communication with one another over a network, by a security software running in a computer node. The method includes comparing an app signature of the application running in a selected one of the set of computing devices to a reference app signatures generated from a respective functional replica of the application.