专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09516451B2 Opportunistic system scanning 有权
标题翻译：机会性系统扫描
公开(公告)号：US09516451B2
公开(公告)日：2016-12-06
申请号：US13443729
申请日：2012-04-10
申请人： James Michael Hugard, IV , Sven Schrecker
发明人： James Michael Hugard, IV , Sven Schrecker
IPC分类号： H04W4/00
CPC分类号： H04W4/80 , H04W4/38
摘要： Opportunistic scans can be performed by identifying, using at least one processing device, a detection of a particular computing device on a network of a computing environment. At least one scan to be performed on the detected particular computing device can be is identified and a particular scan engine, in a plurality of scan engines, is identified that is adapted to perform the at least one scan. The at least one scan is caused to be performed on the detected particular computing device while the detected particular computing device is on the network using the particular scan engine.
摘要翻译：可以通过使用至少一个处理设备来识别计算环境的网络上的特定计算设备的检测来执行机会扫描。可以识别要在检测到的特定计算设备上执行的至少一次扫描，并且识别适合于执行至少一次扫描的多个扫描引擎中的特定扫描引擎。使检测到的特定计算设备在所检测到的特定计算设备在使用特定扫描引擎的网络上时执行至少一次扫描。

2. 发明申请

US20160014159A1 SEPARATED SECURITY MANAGEMENT 审中-公开
标题翻译：分离安全管理
公开(公告)号：US20160014159A1
公开(公告)日：2016-01-14
申请号：US14583445
申请日：2014-12-26
申请人： Sven Schrecker , Charles Speicher , John Reynolds , Aric Shipley , Arlen Baker
发明人： Sven Schrecker , Charles Speicher , John Reynolds , Aric Shipley , Arlen Baker
IPC分类号： H04L29/06
CPC分类号： H04L63/105 , H04L63/0869 , H04L63/1491 , H04L63/20
摘要： A plurality of devices in a system are identified, each device having an operational context. One of a plurality of agents are identified for each of the plurality of devices, which correspond to the device. Data is received from the plurality of agents that describes security attributes of the plurality of devices. Policy data is sent to each of the plurality of agents to cause a set of security policies to be applied to the plurality of devices through the security management instances. Each of the plurality of agents can be provided in a respective security management instance separate from the operational context.
摘要翻译：识别系统中的多个设备，每个设备具有操作上下文。针对与设备对应的多个设备中的每一个识别多个代理之一。从描述多个设备的安全属性的多个代理接收数据。将策略数据发送到多个代理中的每一个，以通过安全管理实例将一组安全策略应用于多个设备。可以将多个代理中的每一个提供在与操作上下文分开的相应的安全管理实例中。

3. 发明申请

US20140250533A1 MOBILE RISK ASSESSMENT 有权
标题翻译：移动风险评估
公开(公告)号：US20140250533A1
公开(公告)日：2014-09-04
申请号：US14199274
申请日：2014-03-06
申请人： Prasanna Ganapathi Basavapatna , Satish Kumar Gaddala , Sven Schrecker , David Moshe Goldschlag
发明人： Prasanna Ganapathi Basavapatna , Satish Kumar Gaddala , Sven Schrecker , David Moshe Goldschlag
IPC分类号： H04L29/06
CPC分类号： H04L63/1433 , G06F21/577 , H04L63/0272 , H04L63/12 , H04L63/1416 , H04W4/02 , H04W12/12
摘要： A query is received from a particular endpoint device identifying a particular wireless access point encountered by the particular endpoint device. Pre-existing risk assessment data is identified for the identified particular wireless access point and query result data is sent to the particular endpoint device characterizing pre-assessed risk associated with the particular wireless access point. In some instances, the query result data is generated based on the pre-existing risk assessment data. In some instances, pre-existing risk assessment data can be the result of an earlier risk assessment carried-out at least in part by an endpoint device interfacing with and testing the particular wireless access point.
摘要翻译：从特定端点设备接收到识别特定端点设备遇到的特定无线接入点的查询。为所识别的特定无线接入点识别预先存在的风险评估数据，并将查询结果数据发送到表征与特定无线接入点相关联的预评估风险的特定端点设备。在某些情况下，查询结果数据是基于预先存在的风险评估数据生成的。在某些情况下，预先存在的风险评估数据可能是至少部分由端点设备与特定无线接入点进行接口和测试而进行的早期风险评估的结果。

4. 发明申请

US20140208413A1 SYSTEM AND METHOD FOR AN ENDPOINT HARDWARE ASSISTED NETWORK FIREWALL IN A SECURITY ENVIRONMENT 有权
标题翻译：用于安全环境中的端点硬件辅助网络防火墙的系统和方法
公开(公告)号：US20140208413A1
公开(公告)日：2014-07-24
申请号：US13748578
申请日：2013-01-23
申请人： Steve Grobman , Raj Samani , Ofir Arkin , Sven Schrecker
发明人： Steve Grobman , Raj Samani , Ofir Arkin , Sven Schrecker
IPC分类号： H04L29/06
CPC分类号： H04L9/3247 , G06F9/45558 , G06F21/552 , G06F21/577 , G06F2009/45595 , H04L9/14 , H04L9/30 , H04L45/74 , H04L63/0227 , H04L63/0823 , H04L63/123
摘要： A method is provided in one example embodiment and includes receiving a traffic flow at a tamper resistant environment from an application, where the tamper resistant environment is separated from a host operating system. The method also includes applying a security token to the traffic flow and sending the traffic flow to a server. In specific embodiments, a security module may add information about the application to traffic flow. A trapping module may monitor for a memory condition and identify the memory condition. The trapping module may also, responsive to identifying the memory condition, initiate a virtual environment for the application, and check the integrity of the traffic flow.
摘要翻译：在一个示例实施例中提供了一种方法，并且包括在防篡改环境与主机操作系统分离的情况下从防篡改环境接收流量。该方法还包括将安全令牌应用于业务流并将业务流发送到服务器。在具体实施例中，安全模块可以将关于应用的信息添加到业务流。捕获模块可以监视存储器状况并识别存储器条件。捕获模块还可以响应于识别存储器状况，为应用启动虚拟环境，并且检查业务流的完整性。

5. 发明申请

US20140181893A1 HARDWARE-BASED DEVICE AUTHENTICATION 有权
标题翻译：基于硬件的设备认证
公开(公告)号：US20140181893A1
公开(公告)日：2014-06-26
申请号：US13726148
申请日：2012-12-23
申请人： Vincent Edward Von Bokern , Purushottam Goel , Sven Schrecker , Ned McArthur Smith
发明人： Vincent Edward Von Bokern , Purushottam Goel , Sven Schrecker , Ned McArthur Smith
IPC分类号： H04L29/06
CPC分类号： H04L63/0838 , G06F21/305 , G06F21/44 , H04L9/0877 , H04L9/3226 , H04L9/3234 , H04L63/0876 , H04L63/102 , H04L63/20 , H04L67/141
摘要： An opportunity for a computing device to participate in a secure session with a particular domain is identified. A secured microcontroller of the computing device is used to identify a secured, persistent seed corresponding to the particular domain and stored in secured memory of the computing device. A secure identifier is derived based on the seed and sent for use by the particular domain in authenticating the computing device to the particular domain for the secure session. The particular domain can further apply security policies to transactions involving the computing device and particular domain based at least in part on the secure identifier.
摘要翻译：识别计算设备参与与特定域的安全会话的机会。计算设备的安全微控制器用于识别对应于特定域并且存储在计算设备的安全存储器中的安全的持久种子。基于种子导出安全标识符，并将其发送供特定域使用，以将计算设备认证到用于安全会话的特定域。所述特定域可以至少部分地基于所述安全标识符来进一步对涉及所述计算设备和特定域的事务应用安全策略。

6. 发明申请

US20130340084A1 ASSET RISK ANALYSIS 有权
标题翻译：资产风险分析
公开(公告)号：US20130340084A1
公开(公告)日：2013-12-19
申请号：US13949129
申请日：2013-07-23
申请人： Sven Schrecker , Stephen Ritter , Ryan Nakawatase
发明人： Sven Schrecker , Stephen Ritter , Ryan Nakawatase
IPC分类号： G06F21/57 , H04L29/06
CPC分类号： G06F21/577 , G06F2221/034 , H04L63/00 , H04L63/1433
摘要： Methods, systems, and apparatus, including computer programs encoded on computer storage media, for asset risk analysis. One method includes receiving threat definition data for threats, vulnerability detection data for assets, and countermeasure detection data for assets. The method further includes determining a respective risk metric for each of the assets for each of the threats. This includes analyzing the vulnerability detection data for an asset to determine whether the asset is vulnerable to a threat, determining from the threat definition data and the countermeasure detection data whether the asset is protected by one of the countermeasures identified for the threat, and determining the risk metric for the asset for the threat according to whether the asset is vulnerable to the threat and whether the asset is protected by one of the countermeasures identified for the threat.
摘要翻译：方法，系统和装置，包括在计算机存储介质上编码的计算机程序，用于资产风险分析。一种方法包括接收威胁的威胁定义数据，资产的漏洞检测数据和资产的对策检测数据。该方法还包括为每个威胁确定每个资产的相应风险度量。这包括分析资产的漏洞检测数据以确定资产是否容易受到威胁，从威胁定义数据和对策检测数据确定资产是否受到针对威胁识别的对策之一的保护，并且确定根据资产是否容易受到威胁以及该资产是否受到针对威胁识别的对策之一的保护，威胁资产的风险度量标准。

7. 发明申请

US20130268758A1 WIRELESS STORAGE DEVICE 有权
标题翻译：无线存储设备
公开(公告)号：US20130268758A1
公开(公告)日：2013-10-10
申请号：US13442633
申请日：2012-04-09
申请人： Sven Schrecker
发明人： Sven Schrecker
IPC分类号： H04L9/32 , G06F21/00 , G06F15/16
CPC分类号： G06F21/00 , G06F21/35 , H04L9/3247 , H04L9/3263 , H04L63/0823 , H04L63/083 , H04L2209/80 , H04W12/06 , H04W12/08
摘要： A first computing device is detected as substantially collocated with a wireless storage device, using a short-range wireless communication network. A connection is established between the first computing device and the wireless storage device over the short-range wireless network. Data stored in memory of the wireless storage device is sent from the wireless storage device to the first computing device over the short-range wireless network for a presentation of the data using a user interface of the first computing device. The wireless storage device lacks user interfaces for the presentation of the data. In some instances, authentication of either or both of the first computing device or wireless storage device can be accomplished through communication between the first computing device and wireless storage device over the short-range wireless communication network.
摘要翻译：使用短距离无线通信网络，第一计算设备被检测为与无线存储设备基本并置。通过短距离无线网络在第一计算设备和无线存储设备之间建立连接。存储在无线存储设备的存储器中的数据通过短距离无线网络从无线存储设备发送到第一计算设备，以使用第一计算设备的用户界面显示数据。无线存储设备缺少用于呈现数据的用户界面。在一些情况下，可以通过在短距离无线通信网络上的第一计算设备和无线存储设备之间的通信来实现第一计算设备或无线存储设备中的一个或两者的认证。

8. 发明申请

US20130191919A1 CALCULATING QUANTITATIVE ASSET RISK 有权
标题翻译：计算定量资产风险
公开(公告)号：US20130191919A1
公开(公告)日：2013-07-25
申请号：US13354181
申请日：2012-01-19
申请人： Prasanna Ganapathi Basavapatna , Deepakeshwaran Kolingivadi , Sven Schrecker
发明人： Prasanna Ganapathi Basavapatna , Deepakeshwaran Kolingivadi , Sven Schrecker
IPC分类号： G06F21/00
CPC分类号： H04L63/1408 , G06F21/577 , H04L63/1433 , H04L63/20
摘要： A standardized vulnerability score is identified for a particular vulnerability in a plurality of known vulnerabilities, the standardized vulnerability score indicating a relative level of risk associated with the particular vulnerability relative other vulnerabilities. A vulnerability detection score is determined that indicates an estimated probability that a particular asset possess the particular vulnerability and a vulnerability composite score is determined for the particular asset to the particular vulnerability, the vulnerability composite score derived from the standardized vulnerability score and the vulnerability detection score. A countermeasure component score is identified that indicates an estimated probability that a countermeasure will mitigate risk associated with the particular vulnerability on the particular asset. A risk metric for the particular asset and the particular vulnerability is determined from the vulnerability composite score and the countermeasure component score. In some instances, aggregate risk scores can be calculated from a plurality of calculated risk metrics.
摘要翻译：针对多个已知漏洞中的特定漏洞识别出标准化的漏洞得分，标准化漏洞得分表示与特定漏洞相关的相对其他漏洞相关风险的相对级别。确定漏洞检测分数，其指示特定资产具有特定漏洞的估计概率，并且针对特定脆弱性确定特定资产的漏洞综合得分，从标准化漏洞得分导出的漏洞综合得分和漏洞检测分数。识别对策组件得分，其指示对策将减轻与特定资产上的特定脆弱性相关联的风险的估计概率。特定资产和特定漏洞的风险度量是根据漏洞综合得分和对策成分得分确定的。在某些情况下，可以从多个计算的风险度量中计算总体风险分数。

9. 发明申请

US20130097709A1 USER BEHAVIORAL RISK ASSESSMENT 有权
公开(公告)号：US20130097709A1
公开(公告)日：2013-04-18
申请号：US13334304
申请日：2011-12-22
申请人： Prasanna Ganapathi Basavapatna , Michael Mason Moyle , Sven Schrecker
发明人： Prasanna Ganapathi Basavapatna , Michael Mason Moyle , Sven Schrecker
IPC分类号： G06F11/00
CPC分类号： H04L63/1433 , G06F21/552 , H04L63/1416 , H04L63/1425 , H04L63/1441 , H04L63/20
摘要： A predetermined particular behavioral profile is identified associated with at least one particular user of a computing system, the particular behavioral profile identifying expected behavior of the at least one user within the computing system. Activities associated with use of the computing system by the particular user are identified and it is determined whether the identified activities correlate with the particular behavioral profile. Identifying an activity that deviates from the particular behavioral profile beyond a particular threshold triggers a risk event relating to the particular user.

10. 发明申请

US20130096980A1 USER-DEFINED COUNTERMEASURES 审中-公开
标题翻译：用户定义的计数器
公开(公告)号：US20130096980A1
公开(公告)日：2013-04-18
申请号：US13334206
申请日：2011-12-22
申请人： Prasanna Ganapathi Basavapatna , Deepakeshwaran Kolingivadi , Sven Schrecker
发明人： Prasanna Ganapathi Basavapatna , Deepakeshwaran Kolingivadi , Sven Schrecker
IPC分类号： G06Q10/00
CPC分类号： G06Q10/00
摘要： A particular set of computing assets is identified on a particular computing system including a plurality of computing assets. A user definition is received of a particular countermeasure applied to the particular set of assets, the user definition of the countermeasure including identification of each asset in the particular set of assets and identification of at least one vulnerability or threat addressed by the particular countermeasure in a plurality of known vulnerabilities or threats. Based on the user definition, actual deployment of the particular countermeasure on the particular computing system is assumed in a risk assessment of at least a portion of the particular computing system.
摘要翻译：在包括多个计算资产的特定计算系统上识别特定的一组计算资产。接收到应用于特定资产集合的特定对策的用户定义，对策的用户定义包括识别特定资产集合中的每个资产，以及识别特定对策中的至少一个脆弱性或威胁多个已知的漏洞或威胁。基于用户定义，在特定计算系统的至少一部分的风险评估中假定特定计算系统上的特定对策的实际部署。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式