专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08869259B1 Cloud based inspection of secure content avoiding man-in-the-middle attacks 有权
标题翻译：基于云的检查安全内容，避免中间人攻击
公开(公告)号：US08869259B1
公开(公告)日：2014-10-21
申请号：US13111753
申请日：2011-05-19
申请人： Sivaprasad Udupa , Narinder Paul , Jose Raphel , Kailash Kailash
发明人： Sivaprasad Udupa , Narinder Paul , Jose Raphel , Kailash Kailash
IPC分类号： H04L29/06
CPC分类号： H04L63/1483 , H04L63/0823 , H04L63/20
摘要： A cloud based system that facilitates inspection of secure content and inexpensively detects the presence of a Man-in-the-Middle attack in a client-server communication is disclosed. Through inspection of the server certificate, no Man-in-the-Middle attack between server and the system is ensured; through inspection and designation of the client certificate, absence of a Man-in-the-Middle attack between the cloud based system and the client is ensured. In this way, the cloud based system can perform its usual policy enforcement functions with respect to secure content while avoiding Man-in-the-Middle attacks.
摘要翻译：公开了一种基于云的系统，其便于检查安全内容并且廉价地检测客户端 - 服务器通信中的中间人攻击的存在。通过检查服务器证书，确保服务器与系统之间无中间人的攻击; 通过检查和指定客户端证书，确保了基于云的系统和客户端之间的中间人中的攻击。以这种方式，基于云的系统可以在安全内容方面执行其通常的策略执行功能，同时避免中间人攻击。

2. 发明授权

US09154475B1 User authentication and authorization in distributed security system 有权
标题翻译：分布式安全系统中的用户认证和授权
公开(公告)号：US09154475B1
公开(公告)日：2015-10-06
申请号：US12354900
申请日：2009-01-16
申请人： Kailash Kailash , Jeff Forristal , Narinder Paul , Sivaprasad Udupa
发明人： Kailash Kailash , Jeff Forristal , Narinder Paul , Sivaprasad Udupa
IPC分类号： G06F7/04 , H04L9/32 , G06F21/00 , H04L29/06
CPC分类号： H04L63/08 , H04L63/083 , H04L63/1408 , H04L63/168 , H04W12/06
摘要： Methods, systems, and apparatus, including computer program products, for distributed security system authorization. Client device authentication instructions are executed on a client device to determine if authentication data accessible by the client device authentication instructions are stored at the client device. If the authentication data are stored at the client device, the client device authentication instructions generate authenticated user data and store the authenticated user data at the client device. If the authentication data are not stored at the client device, the client device authentication instructions generate a login environment that allows a user of the client device to input login data. The login data are provided to a verification process that in response to verification provide the authentication data to the client device.
摘要翻译：方法，系统和设备，包括计算机程序产品，用于分布式安全系统授权。在客户端设备上执行客户端设备认证指令，以确定由客户机设备认证指令可访问的认证数据是否存储在客户端设备。如果认证数据存储在客户端设备，则客户端设备认证指令生成认证用户数据，并将认证用户数据存储在客户端设备。如果认证数据未被存储在客户端设备，则客户端设备认证指令生成允许客户端设备的用户输入登录数据的登录环境。将登录数据提供给验证过程，该验证过程响应于验证向客户端设备提供认证数据。

3. 发明授权

US08607066B1 Content inspection using partial content signatures 有权
标题翻译：内容检查使用部分内容签名
公开(公告)号：US08607066B1
公开(公告)日：2013-12-10
申请号：US12185539
申请日：2008-08-04
申请人： Kailash Kailash , Robert L. Voit , Jose Raphel
发明人： Kailash Kailash , Robert L. Voit , Jose Raphel
IPC分类号： G06F11/30 , G06F12/14
CPC分类号： G06F21/564 , G06F21/554 , G06F21/56 , H04L63/1441
摘要： Systems, methods and apparatus for a content item inspection. A plurality of portions of a content item are received in a buffer, the buffer divided into a plurality of segments. A partial signature of the content item is computed using the received portions of the content item in a most recently received segment and a partial signature computed for a preceding segment. The computed partial signature is compared against a plurality of partial signatures associated with trustworthy content items. If a matching partial signature associated with a trustworthy content item is found for the computed partial signature, the most recently received segment is allowed to be transmitted to a device that requested the content item.
摘要翻译：用于内容项目检查的系统，方法和装置。内容项目的多个部分被接收在缓冲器中，缓冲器被分成多个段。使用最近接收到的段中的内容项的接收部分和针对前一段计算的部分签名来计算内容项的部分签名。将所计算的部分签名与与可信赖内容项相关联的多个部分签名进行比较。如果针对所计算的部分签名找到与可信任内容项目相关联的匹配部分签名，则允许最近接收到的片段被发送到请求内容项目的设备。

4. 发明授权

US08458786B1 Automated dynamic tunnel management 有权
标题翻译：自动化动态隧道管理
公开(公告)号：US08458786B1
公开(公告)日：2013-06-04
申请号：US12856425
申请日：2010-08-13
申请人： Kailash Kailash , Jose Raphel , Srikanth Devarajan
发明人： Kailash Kailash , Jose Raphel , Srikanth Devarajan
IPC分类号： G06F17/30 , H04L29/06 , H04L12/28
CPC分类号： H04L63/0272
摘要： Systems, methods and apparatus for tunneling in a cloud based security system. In an aspect, tunnel session data describing authentication and unauthenticated sessions, and location data describing tunnel identifiers for tunnels, locations, and security policies specific to the locations are accessed. Tunnel packets are received, and for each tunnel packet it is determined, from the tunnel identifier associated with the packet, whether a session entry in the session data exists for the tunnel identified by the tunnel identifier. In response to determining that a session entry does not exist in the session data, then a session entry is created for the tunnel identifier, an authentication process to determine a location to be associated with the session entry is performed, and an entry in the location data for the location is associated with the session entry.
摘要翻译：用于基于云的安全系统中隧道的系统，方法和装置。在一方面，访问描述认证和未认证会话的隧道会话数据以及描述隧道，位置和特定于该位置的安全策略的隧道标识符的位置数据。接收隧道分组，并且对于每个隧道分组，根据与分组相关联的隧道标识，确定是否存在由隧道标识符标识的隧道的会话数据中的会话条目。响应于确定在会话数据中不存在会话条目，则为隧道标识符创建会话条目，执行用于确定与会话条目相关联的位置的认证过程，以及位置中的条目该位置的数据与会话条目相关联。

5. 发明授权

US08010526B1 Instance counting and ranking 有权
标题翻译：实例计数和排名
公开(公告)号：US08010526B1
公开(公告)日：2011-08-30
申请号：US12182428
申请日：2008-07-30
申请人： Kailash Kailash , Jose Raphel
发明人： Kailash Kailash , Jose Raphel
IPC分类号： G06F7/00
CPC分类号： G06F7/22
摘要： In one general aspect, entity instances are monitored during a first interval, each entity instance being one of several types of entity instances. A first ranked list of entity instances is determined from the entity instances monitored during the first interval. The types of entity instances are ranked in the first list according to the number of times each type of entity instance occurred during the first interval and the first ranked list has a first cardinality of types of entity instances. Entity instances are monitored during a second interval. A second ranked list of entity instances is determined. The second ranked list has the first cardinality of types of entity instances. The first ranked list and the second ranked list are merged into a third ranked list of entities instances. The third ranked list has a second cardinality that is less than or equal to the first cardinality.
摘要翻译：在一个一般方面，在第一间隔期间监视实体实例，每个实体实例是几种类型的实体实例之一。实体实例的排名列表是从第一个间隔期间监控的实体实例确定的。实体实例的类型根据在第一间隔期间发生的每种类型的实体实例的次数排列在第一列表中，并且第一排名列表具有实体实例的类型的第一基数。在第二个时间间隔内监视实体实例。确定实体实例的第二排名列表。第二个排名的列表具有实体实例类型的第一个基数。排名第一的排名和排名第二的排名列表被合并到实体实例的排名第三的列表中。排名第三的名单的第二个基数小于或等于第一个基数。

6. 发明授权

US09003186B2 HTTP authentication and authorization management 有权
标题翻译： HTTP认证和授权管理
公开(公告)号：US09003186B2
公开(公告)日：2015-04-07
申请号：US12179441
申请日：2008-07-24
申请人： Kailash Kailash , Shashidhara Mysore Nanjundaswamy , Amarnath Mullick , Jose Raphel
发明人： Kailash Kailash , Shashidhara Mysore Nanjundaswamy , Amarnath Mullick , Jose Raphel
IPC分类号： H04L9/32 , H04L29/06
CPC分类号： H04L63/08 , H04L9/3234 , H04L9/3297 , H04L63/0442 , H04L2209/60
摘要： Systems, methods and apparatus for a distributed security that provides authentication and authorization management. The system can include an epoch manager that is used to generate authentication and authorization data that remain valid only for an epoch. The epoch manager can generate an epoch key pair that can be used to encrypt and decrypt the authentication and authorization data during the epoch that the key is valid. The epoch manager can also associate the contents of the data with the epoch in which it was created, so that at decrypting the epoch that the data was generated in can be identified.
摘要翻译：用于提供认证和授权管理的分布式安全性的系统，方法和设备。该系统可以包括一个历元管理器，用于生成仅在一个时期保持有效的认证和授权数据。历元管理器可以生成一个时期密钥对，可以用于在密钥有效的时期期间加密和解密认证和授权数据。纪元管理器还可以将数据的内容与其创建的时期相关联，以便在解密生成数据的时代可以被识别。

7. 发明授权

US08495737B2 Systems and methods for detecting email spam and variants thereof 有权
标题翻译：用于检测电子邮件垃圾邮件的系统和方法及其变体
公开(公告)号：US08495737B2
公开(公告)日：2013-07-23
申请号：US13038144
申请日：2011-03-01
申请人： Amit Sinha , Robert Louis Voit , Kailash Kailash , Jose Raphel
发明人： Amit Sinha , Robert Louis Voit , Kailash Kailash , Jose Raphel
IPC分类号： G06F11/00 , G06F12/14 , G06F12/16 , G08B23/00
CPC分类号： H04L63/1441 , H04L51/12 , H04L63/0227
摘要： The present disclosure provides systems and methods for detecting email spam and variants thereof. The systems and methods are configured to detect spam messages and variations thereof for different senders and with slight differences within the message body. In an exemplary embodiment, an incoming message body (m) is converted to a sequence of successive word lengths (Sm): m->Sm, a comparison is performed between the sequence, Sm, and a plurality of stored sequences (Sk) of known spam messages, and the incoming message is flagged as spam based on the comparison. Further, the plurality of stored sequences, Sk, may be continually updated based on user feedback and other spam detection techniques. The systems and methods of the present invention may be implemented through a computer, such as a mail server, through a cloud-based security system, through a user's computer via a software agent, and the like.
摘要翻译：本公开提供了用于检测电子邮件垃圾邮件及其变体的系统和方法。系统和方法被配置为检测针对不同发送者的垃圾邮件及其变体，并且在消息体内具有微小的差异。在一个示例性实施例中，输入消息体（m）被转换为连续字长（Sm）的序列：m→Sm，在序列Sm与多个存储的序列（Sk）之间进行比较已知垃圾邮件，并且根据比较将传入的邮件标记为垃圾邮件。此外，可以基于用户反馈和其他垃圾邮件检测技术来连续地更新多个存储的序列Sk。本发明的系统和方法可以通过诸如邮件服务器的计算机，通过基于云的安全系统，经由用户的计算机经由软件代理等来实现。

8. 发明授权

US08365259B2 Security message processing 有权
标题翻译：安全消息处理
公开(公告)号：US08365259B2
公开(公告)日：2013-01-29
申请号：US12128391
申请日：2008-05-28
申请人： Jay Chaudhry , Jose Raphel , Kailash Kailash , Sivprasad Udupa
发明人： Jay Chaudhry , Jose Raphel , Kailash Kailash , Sivprasad Udupa
IPC分类号： G06F9/00
CPC分类号： H04L63/1408 , H04L63/1441
摘要： Systems, methods and apparatus for handling security messages in a distributed security system. Requests, replies, and/or updates have varying time constraints. Processing node managers and authority node managers determine the best transmission times and/or the ignoring of such data to maximize information value.
摘要翻译：用于在分布式安全系统中处理安全消息的系统，方法和装置。请求，回复和/或更新具有不同的时间限制。处理节点管理器和权限节点管理器确定最佳传输时间和/或忽略这些数据以最大化信息值。

9. 发明申请

US20120227104A1 SYSTEMS AND METHODS FOR DETECTING EMAIL SPAM AND VARIANTS THEREOF 有权
标题翻译：用于检测电子邮件和其变体的系统和方法
公开(公告)号：US20120227104A1
公开(公告)日：2012-09-06
申请号：US13038144
申请日：2011-03-01
申请人： Amit Sinha , Robert Louis Voit , Kailash Kailash , Jose Raphel
发明人： Amit Sinha , Robert Louis Voit , Kailash Kailash , Jose Raphel
IPC分类号： G06F21/00 , G06F15/16
CPC分类号： H04L63/1441 , H04L51/12 , H04L63/0227
摘要： The present disclosure provides systems and methods for detecting email spam and variants thereof. The systems and methods are configured to detect spam messages and variations thereof for different senders and with slight differences within the message body. In an exemplary embodiment, an incoming message body (m) is converted to a sequence of successive word lengths (Sm): m->Sm, a comparison is performed between the sequence, Sm, and a plurality of stored sequences (Sk) of known spam messages, and the incoming message is flagged as spam based on the comparison. Further, the plurality of stored sequences, Sk, may be continually updated based on user feedback and other spam detection techniques. The systems and methods of the present invention may be implemented through a computer, such as a mail server, through a cloud-based security system, through a user's computer via a software agent, and the like.
摘要翻译：本公开提供了用于检测电子邮件垃圾邮件及其变体的系统和方法。系统和方法被配置为检测针对不同发送者的垃圾邮件及其变体，并且在消息体内具有微小的差异。在一个示例性实施例中，输入消息体（m）被转换为连续字长（Sm）的序列：m→Sm，在序列Sm与多个存储的序列（Sk）之间进行比较已知垃圾邮件，并且根据比较将传入的邮件标记为垃圾邮件。此外，可以基于用户反馈和其他垃圾邮件检测技术来连续地更新多个存储的序列Sk。本发明的系统和方法可以通过诸如邮件服务器的计算机，通过基于云的安全系统，经由用户的计算机经由软件代理等来实现。

10. 发明授权

US08259571B1 Handling overlapping IP addresses in multi-tenant architecture 有权
标题翻译：在多租户架构中处理重叠的IP地址
公开(公告)号：US08259571B1
公开(公告)日：2012-09-04
申请号：US12732858
申请日：2010-03-26
申请人： Jose Raphel , Kailash Kailash , Srikanth Devarajan
发明人： Jose Raphel , Kailash Kailash , Srikanth Devarajan
IPC分类号： G01R31/08
CPC分类号： H04L61/2535 , H04L61/2592
摘要： Systems, methods and apparatus for tunneling in a cloud based security system. A multi-tenant cloud-based security system that can distinguish between client computing devices with overlapping private IP addresses is disclosed. Client devices communicate through a processing node to which a tunnel is established. The processing node is able to detect the client devices and apply security policies to the device.
摘要翻译：用于基于云的安全系统中隧道的系统，方法和装置。公开了一种可以区分具有重叠专用IP地址的客户端计算设备的多租户基于云的安全系统。客户端设备通过建立隧道的处理节点进行通信。处理节点能够检测客户端设备并对设备应用安全策略。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式