中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

754 records (took 0.051 seconds)

    CROSS-ORIGIN COMMUNICATION IN RESTRICTED COMPUTER ENVIRONMENTS
    72.
    发明申请
    CROSS-ORIGIN COMMUNICATION IN RESTRICTED COMPUTER ENVIRONMENTS 审中-公开

    公开(公告)号:WO2018231304A1

    公开(公告)日:2018-12-20

    申请号:PCT/US2018/022451

    申请日:2018-03-14

    Applicant: GOOGLE LLC

    Inventor: FRISBIE, Matthew Steven

    IPC: G06F21/53 G06F21/62 H04L29/08

    Abstract: This specification discloses techniques for communicating data between a first execution context on a computing system and a second execution context on the computing system. The first execution context can execute content from a first origin, the second execution context can execute content from a second origin that is different from the first origin, and the first execution context and the second execution context can each be restricted from accessing data of the other as a result of a same-origin policy implemented by the computing system. The method can include establishing a bi-directional communication channel between the first execution context and the second execution context.

    通信装置、及び制御方法
    74.
    发明申请
    通信装置、及び制御方法 审中-公开

    公开(公告)号:WO2018225492A1

    公开(公告)日:2018-12-13

    申请号:PCT/JP2018/019579

    申请日:2018-05-22

    Applicant: ソニーセミコンダクタソリューションズ株式会社

    Inventor: 飯島 利幸

    IPC: G06F21/62 G06F21/53 G06F21/85 H04M1/67

    CPC classification number: G06F21/53 G06F21/62 G06F21/85 H04M1/67

    Abstract: 本技術は、データの改ざんを抑制することができるようにする通信装置、及び制御方法に関する。 通信装置が、アプリケーションの処理を行うアプリケーション処理部と、データの通信を行う通信部と、通信部との間で、通信の対象となる通信データのやりとりを行うデータ処理部とを有し、アプリケーション処理部によって、通信データの参照が不可とされるようにする。本技術は、例えば、モバイル通信網を介した通信を行う通信装置に適用することができる。

    DENIAL OF SERVICE MITIGATION
    75.
    发明申请
    DENIAL OF SERVICE MITIGATION 审中-公开

    公开(公告)号:WO2018224242A1

    公开(公告)日:2018-12-13

    申请号:PCT/EP2018/062272

    申请日:2018-05-11

    Applicant: BRITISH TELECOMMUNICATIONS PUBLIC LIMITED COMPANY

    Inventor: BEDDUS, Simon CRISTINA, Claudia EL-MOUSSA, Fadi

    IPC: H04L29/06 G06F21/53 G06F9/445 G06F9/455 G06F9/50 G06F21/55

    Abstract: A web server operating in a container (90) has resource and network limits applied to add an extra layer of security. If a monitor (6) detects that the container's resource usage is approaching these limits, indicative of a DDoS attack, (step 210) or identifies traffic sources (38, 39) exhibiting suspicious behaviour, a restrictor function (72) caps the resources allowed by the original Webserver container (90) to protect servers running in other containers from overwhelming any shared resources (1, 2, 3). A duplicator function (73) starts up replica containers (91, 92, 99) with the same resource limits and a load balancing function (75) then directs incoming traffic (31, 32,,38, 39) to these overflow containers (91, 92).Traffic from suspicious sources is directed to specially-configured attack-assessment containers (99) where a 'dummy' web server operates. The behaviour of these sources is analysed by a behaviour monitoring function (77).

    CRYPTLET IDENTITY
    76.
    发明申请
    CRYPTLET IDENTITY 审中-公开

    公开(公告)号:WO2018208422A1

    公开(公告)日:2018-11-15

    申请号:PCT/US2018/027201

    申请日:2018-04-12

    Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

    Inventor: GRAY, John Marley

    IPC: H04L9/08 H04L9/32 G06F21/51 G06F21/53

    Abstract: In one example, the cryptlet binary and a cryptlet key pair are provided to an enclave. A cryptlet key pair for the first cryptlet includes a cryptlet private key and a cryptlet public key. A cryptlet binding associated with a first cryptlet includes at least one binding. Each binding includes a mapping between the first cryptlet and at least one of a smart contract or another cryptlet. A binding identification is associated with the cryptlet binding. An output is received from the first cryptlet, such that the output is at least one of encrypted or signed by the cryptlet private key, and such that the output is signed by an enclave private key. A cryptlet identity is generated for the first cryptlet, such that the cryptlet identification includes: the hash of the cryptlet binary, the cryptlet public key, and the binding identification.

    고립된 사용자컴퓨팅부를 갖는 컴퓨터
    77.
    发明申请
    고립된 사용자컴퓨팅부를 갖는 컴퓨터 审中-公开

    公开(公告)号:WO2018208032A1

    公开(公告)日:2018-11-15

    申请号:PCT/KR2018/004689

    申请日:2018-04-23

    Applicant: 김덕우

    Inventor: 김덕우

    IPC: G06F21/53 G06F21/70 G06F21/55

    Abstract: 악성코드에 의한 시스템 장악 시도에 대응하고, 시스템의 훼손을 최소화하기 위한 고립된 사용자컴퓨팅부를 갖는 컴퓨터에 관한 발명. 본 발명에서 제안되는 한 특징에 따른 컴퓨터는, 연결된 I/O장치들 및 보조기억장치유닛을 관리하는 보안관리컴퓨팅부와, 상기 I/O장치들로부터 고립되고 I/O장치들과는, 상기 보안관리컴퓨팅부와 상기 사용자컴퓨팅부 사이의 통신을 담당하는 상호통신유닛을 통하여 통신하고, 별도의 CPU와 메모리를 가지고 상기 보안관리컴퓨팅부에 연결되는 사용자컴퓨팅부를 포함한다. 상기 보안관리컴퓨팅부는 I/O장치들의 관리 및 시스템 감시와 복구 그리고 사용자컴퓨팅부의 감시 및 통제를 수행하고, 상기 사용자컴퓨팅부는 상기 보안관리컴퓨팅부로부터 고립되어 사용자프로그램과 사용자OS를 실행한다.

    情報処理装置及び情報処理方法、並びにコンピュータ・プログラム
    78.
    发明申请
    情報処理装置及び情報処理方法、並びにコンピュータ・プログラム 审中-公开

    公开(公告)号:WO2018190015A1

    公开(公告)日:2018-10-18

    申请号:PCT/JP2018/007518

    申请日:2018-02-28

    Applicant: ソニー株式会社

    Inventor: 多田 健太 田森 正紘 山口 隆盛

    IPC: G06F9/455 G06F9/54 G06F21/53

    Abstract: アプリケーション又はアプリケーションに含まれるプログラムを処理する情報処理装置及び情報処理方法、並びにコンピュータ・プログラムを提供する。 情報処理装置は、第1のノードが動作する第1のコンテナとは分離された第2のコンテナを起動して、前記第2のコンテナで第2のノードを起動する起動部と、前記第1のコンテナにおいて前記第1のノードと所定の通信モデルに基づくデータ通信を行なうとともに、前記第2のコンテナにおいて前記第2のノードと前記所定の通信モデルに基づくデータ通信を行なうプロキシ・ノードを起動させるプロキシ管理部を具備する。

    MONITORING OF MEMORY PAGE TRANSITIONS BETWEEN A HYPERVISOR AND A VIRTUAL MACHINE
    79.
    发明申请
    MONITORING OF MEMORY PAGE TRANSITIONS BETWEEN A HYPERVISOR AND A VIRTUAL MACHINE 审中-公开

    公开(公告)号:WO2018182772A1

    公开(公告)日:2018-10-04

    申请号:PCT/US2017/048471

    申请日:2017-08-24

    Applicant: ADVANCED MICRO DEVICES, INC.

    Inventor: KAPLAN, David POWELL, Jeremy W. RELPH, Richard

    IPC: G06F21/60 G06F21/62 G06F21/53 G06F9/455

    Abstract: A security module [130] in a memory access path of a processor [102] of a processing system [100] protects secure information by verifying the contents of memory pages as they transition between one or more virtual machines (VMs) [150. 151] executing at the processor and a hypervisor [152] that provides an interface between the VMs and the processing system's hardware. The security module of the processor is employed to monitor memory pages as they transition between one or more VMs and a hypervisor so that memory pages that have been altered by a hypervisor or other VM cannot be returned to the VM from which they were transitioned.

    DETECTING MALICIOUS BEHAVIOR WITHIN LOCAL NETWORKS
    80.
    发明申请
    DETECTING MALICIOUS BEHAVIOR WITHIN LOCAL NETWORKS 审中-公开

    公开(公告)号:WO2018160904A1

    公开(公告)日:2018-09-07

    申请号:PCT/US2018/020549

    申请日:2018-03-01

    Applicant: CUJO LLC KUPERMAN, Leon FRAYMAN, Yuri VON GRAVROCK, Einaras TAKACS, Gabor

    Inventor: KUPERMAN, Leon FRAYMAN, Yuri VON GRAVROCK, Einaras TAKACS, Gabor

    IPC: G06F21/53

    Abstract: A behavior analysis engine and a network traffic hub can identify malicious behavior within a local network containing the network traffic hub. The behavior analysis engine can execute executable files that are downloaded by networked devices in the local network in a sandbox environment and determine if the executable files are malicious. The behavior analysis engine can also identify malicious network addresses based on features of the network addresses. The behavior analysis engine may identify entities connected to a received entity and determine whether the entity is malicious based on whether the connected entities are malicious, and further may generate condensed versions of machine-learned models to be executed locally on network traffic hubs in local networks.

Patent Agency Ranking