专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08799375B1 Unalterable notification service 有权
标题翻译：不可改变的通知服务
公开(公告)号：US08799375B1
公开(公告)日：2014-08-05
申请号：US12894515
申请日：2010-09-30
申请人： Idan Aharoni
发明人： Idan Aharoni
IPC分类号： G06F15/16
CPC分类号： H04L51/12 , H04L63/0823 , H04L63/1483
摘要： A technique is presented of providing, in an electronic central server, transactional information to a user. The technique includes receiving a set of transaction messages from a set of transactional information sources, each transaction message including respective transaction data. The technique also includes generating a transaction history from the set of transaction messages, the transaction history including the respective transaction data of each transaction message. The technique further includes delivering an aggregate message to a set of user devices, the aggregate message including the transaction history and being presented in atomic form to the user in order to prevent an attacker from excising particular transaction data from the aggregate message.
摘要翻译：提供了一种在电子中央服务器中向用户提供交易信息的技术。该技术包括从一组事务信息源接收一组交易消息，每个交易消息包括相应的交易数据。该技术还包括从交易消息集合中生成交易历史，交易历史包括每个交易消息的相应交易数据。该技术还包括将聚合消息传递给一组用户设备，该聚合消息包括事务历史并以原子形式呈现给用户，以便防止攻击者从聚合消息中去除特定的事务数据。

2. 发明授权

US08910281B1 Identifying malware sources using phishing kit templates 有权
标题翻译：使用网络钓鱼套件模板识别恶意软件源
公开(公告)号：US08910281B1
公开(公告)日：2014-12-09
申请号：US13537251
申请日：2012-06-29
申请人： Idan Aharoni , Roy Hodgman
发明人： Idan Aharoni , Roy Hodgman
IPC分类号： H04L29/06
CPC分类号： H04L63/1416 , H04L63/1483
摘要： An improved technique involves searching for emails having a particular template generated by a phishing kit. Such a template typically includes field names corresponding to credentials that a customer inputs into a spoofed web site as part of a phishing attack. The phishing kit used in a phishing attack is typically configured to construct an email so that it arranges the credentials in a regular, tabular fashion. Accordingly, an administrator configures a receiver to search an email server for emails having a sequence of keywords in a format that matches the particular template.
摘要翻译：一种改进的技术涉及搜索具有由网络钓鱼套件生成的特定模板的电子邮件。这样的模板通常包括对应于客户作为网络钓鱼攻击的一部分输入到欺骗性网站的凭证的字段名称。用于网络钓鱼攻击的网络钓鱼套件通常配置为构建电子邮件，以便以正常的表格方式排列凭据。因此，管理员配置接收器以搜索电子邮件服务器以具有与特定模板匹配的格式的具有一系列关键字的电子邮件。

3. 发明授权

US08856928B1 Protecting electronic assets using false profiles in social networks 有权
标题翻译：在社交网络中使用虚假资料保护电子资产
公开(公告)号：US08856928B1
公开(公告)日：2014-10-07
申请号：US13535417
申请日：2012-06-28
申请人： Uri Rivner , Idan Aharoni
发明人： Uri Rivner , Idan Aharoni
IPC分类号： G06F11/00 , G06F12/14 , G06F12/16
CPC分类号： H04L67/306 , G06F21/566 , G06Q50/01 , H04L63/1491
摘要： An improved technique utilizes a honeypot-style seeding of synthetic user identifiers which, if used by spear-phishing intruders, enable easy discovery of the intruders. Along these lines, an administrator of a network constructs false employee profiles on a social network with the intent of intercepting any email to that employee. Such employee profiles correspond to no actual employee of the corporation, but are in fact synthetic entities designed to appear to be an actual employee. These profiles contain identifiers that describe the employee, such as a name, position within the corporation, telephone number, educational background, past positions, and social connections. The administrator configures a receiver at the corporate network to block from entering the secure network emails that include references to any of these identifiers.
摘要翻译：一种改进的技术利用合成用户标识符的蜜罐式种子，如果使用spear-phishing入侵者，可以轻松发现入侵者。按照这些方式，网络的管理员在社交网络上构建虚假的雇员简档，目的是拦截对该雇员的任何电子邮件。这样的员工资料对应于公司的实际雇员，但实际上是综合实体，其设计似乎是一名实际雇员。这些配置文件包含描述员工的标识符，例如公司内的姓名，职位，电话号码，教育背景，过往职位和社交关系。管理员在公司网络中配置接收器以阻止输入包括对这些标识符中的任何一个的引用的安全网络电子邮件。

4. 发明授权

US09021255B1 Techniques for multiple independent verifications for digital certificates 有权
标题翻译：用于数字证书的多个独立验证的技术
公开(公告)号：US09021255B1
公开(公告)日：2015-04-28
申请号：US13537904
申请日：2012-06-29
申请人： Idan Aharoni , Roy Hodgman , Ingo Schubert
发明人： Idan Aharoni , Roy Hodgman , Ingo Schubert
IPC分类号： H04L29/06 , G06F21/33
CPC分类号： H04L29/06 , G06F21/33 , H04L9/3268 , H04L63/0823 , H04L63/126 , H04L63/1483 , H04L63/168 , H04L67/02
摘要： A method includes (a) receiving, at a computing device, a first certificate signing request (1CSR) from a certificate authority (CA), the 1CSR including an embedded second certificate signing request (2CSR), the 2CSR having been received by the CA from an entity seeking a signed certificate from the CA that validates an identity claim made by the entity in the 2CSR, the CA having performed a preliminary verification of the 2CSR prior to embedding it in the 1CSR, (b) verifying that the 1CSR came from the CA, (c) performing a verification procedure on the embedded 2CSR independent of the preliminary verification performed by the CA, to validate the identity claim made by the entity in the 2CSR, and (d) upon successfully validating the identity claim made by the entity in the 2CSR, sending a certificate to the CA, the certificate validating the identity claim made by the entity in the 2CSR.
摘要翻译：一种方法包括（a）在计算设备处从证书颁发机构（CA）接收第一证书签名请求（1CSR），所述1CSR包括嵌入的第二证书签名请求（2CSR），所述2CSR已被CA接收来自CA的实体从CA获得签发的证书，验证该实体在2CSR中作出的身份声明，CA在将其嵌入到1CSR之前对2CSR进行了初步验证，（b）验证了1CSR来自 CA，（c）独立于CA进行的初步验证，对嵌入式2CSR执行验证程序，以验证该实体在2CSR中提出的身份声明，以及（d）成功验证由 2CSR中的实体，向CA颁发证书，证明该实体在2CSR中提出的身份证明。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式