CN103905416A - 用于向移动设备提供网络安全的系统和方法 - Google Patents
用于向移动设备提供网络安全的系统和方法 Download PDFInfo
- Publication number
- CN103905416A CN103905416A CN201310556909.0A CN201310556909A CN103905416A CN 103905416 A CN103905416 A CN 103905416A CN 201310556909 A CN201310556909 A CN 201310556909A CN 103905416 A CN103905416 A CN 103905416A
- Authority
- CN
- China
- Prior art keywords
- mobile
- security
- security system
- mobile device
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/128—Anti-malware arrangements, e.g. protection against SMS fraud or mobile malware
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
小块硬件连接到移动设备,并过滤出攻击和恶意代码。使用该块硬件,移动设备可以被更强的安全措施保护,并可能被与由其相关的公司/企业提供的相同安全等级所保护。在一个实施例中,移动安全系统包括:连接机构,用于连接到移动设备的数据端口以及用于与移动设备通信;网络连接模块,用于充当到网络的网关;安全策略,用于确定是否将打算供移动设备使用的内容转发到移动设备;以及安全引擎,用于执行安全策略。
Description
本申请是2006年12月12日提交的名称为“用于向移动设备提供网络安全的系统和方法”的中国专利申请200680052780.8的分案申请。
优先权要求
本申请要求由发明人Shlomo Touboul在2005年12月13日递交的题为“Personal Security Appliance”的第60/750,326号临时专利申请的优先权,其全部内容通过引用被结合于此。
技术领域
本发明总地涉及网络安全,更具体地提供了一种用于向移动设备提供网络安全的系统和方法。
背景技术
互联网是由政府、大学、非营利组织、公司、及个人所有的数百万单独的计算机网络的互连。尽管互联网是有价值的信息和娱乐的巨大来源,但是互联网也已经成为系统损害和系统致命应用代码(诸如,“病毒”、“间谍软件”、“广告病毒”、“蠕虫”、“特洛伊木马”、及其他恶意代码)的主要来源。
为了保护用户,程序员设计用于阻止恶意代码攻击个人和网络计算机的计算机和计算机网络安全系统。在大多数方面,网络安全系统已经是相对成功的。从企业网络内连接到互联网的计算机一般具有两条防线。第一条防线包括可以作为网络网关的一部分的网络安全系统,其包括防火墙、反病毒程序、反间谍软件、和内容过滤。第二条防线包括个人机器上的、一般没有网络安全系统安全且因此对于攻击更脆弱的个人安全软件。通过组合,第一和第二条防线一起提供相当好的安全保护。但是,当设备在没 有插入网络安全系统的情况下连接到互联网时,该设备失去了其第一条防线。所以,移动设备(例如,膝上型电脑、桌上型电脑、诸如RIM的Blackberry的PDA、手机、连接到互联网的任何无线设备等)在企业网络外移动时对于攻击更脆弱。
图1示出了现有技术的示例网络系统100。网络系统100包括分别耦合到企业内联网115的桌上型电脑105和移动设备110。内联网115经由网络安全系统120(其作为企业网关的一部分)耦合到不可信的互联网130。因此,桌上型电脑105和移动设备110经由网络安全系统120访问互联网130。安全管理器125一般管理网络安全系统120,以确保其包括最当前的安全保护,从而使得桌上型电脑105和移动设备110免受恶意代码的损害。分界线135将可信的企业140和不可信的公共互联网130分开。由于桌上型电脑105和移动设备110都经由网络安全系统120而连接到互联网130,所以他们都具有两条抵抗来自互联网130的恶意代码的防线(即,网络安全系统120和位于设备自身上的安全软件)。当然,尽管可信,内联网115也是恶意代码的来源。
图2示出了当移动设备110已经移动到可信企业140外并且重新连接到不可信的互联网130时的现有技术的示例网络系统200。这可能在用户旅行时携带移动设备110并在计算机咖啡馆、旅馆、或经由任何不可信的有线或无线连接将移动设备连接到互联网130时发生。因此,如图所示,移动设备110不再受第一条防线(由网络安全系统120提供)保护,所以增加了其接收恶意代码的风险。另外,通过物理地将移动设备110带回可信的企业140中并重新从其中连接,移动设备110有将所接收的任意恶意代码传输到内联网115的风险。
随着移动设备的数目和攻击的数目的增加,移动安全变得越来越重要。这个问题在2005年12月7日到8日在纽约召开的最近的信息安全会议(recent info-security conference)中得到了强调。但是没有提出完整的解决方案。
需要提供能够提供如企业网络安全系统所提供的网络安全等级的个人安全装置。
发明内容
本发明的实施例使用了连接到移动设备并过滤出攻击和恶意代码的小块硬件。该块硬件可以被称为“移动安全系统”或“个人安全装置”。使用移动安全系统,移动设备可以被更强的安全措施所保护,并且可能与其相关的公司/企业所提供的安全等级相同。
在实施例中,移动安全系统包括:连接机构,用于连接到移动设备的数据端口以及用于与移动设备通信;网络连接模块,用于充当到网络的网关;安全策略,用于确定是否将打算供移动设备使用的内容转发到移动设备;以及安全引擎,用于执行安全策略。
连接机构可以包括USB连接器、PCMCIA连接器、以太网连接器、以及蓝牙通信模块中的至少一种。网络连接模块可以包括执行WiFi、WiMAX、GPRS、GSM、UMTS、CDMA、Generation3、其他手机互联网连接协议等的网络接口卡。安全引擎可以包括反病毒引擎、反间谍软件引擎、防火墙引擎、IPS/IDS引擎、内容过滤引擎、多层安全监控器、字节码监控器、以及URL监控器中的至少一种。安全策略可以基于内容类型、内容来源、内容种类、或用户的历史行为来执行加权风险分析。远程管理模块能够接收安全策略更新、安全引擎更新、以及安全数据更新(包括恶意内容签名)。移动安全系统可以包括能够将更新转发到其他移动安全系统的分发模块、和/和能够存储移动设备的引导扇区的至少一部分以防移动设备的引导扇区被损坏的备份模块。移动安全系统可以包括能够与向导(wizard)通信的远程配置模块,其中,向导与企业网络安全系统通信,该向导能够基本自动地基于企业网络安全系统上的策略和数据生成策略和数据,该远程配置模块能够安装由该向导生成的策略和数据。移动安全系统可以包括在运行时间不能被访问的预引导存储器,该预引导存储器存储移动安全系统的操作系统的至少一部分的副本,该移动安全系统被配置为每当该移动安全系统被重新引导时就加载该操作系统部分。
在另一实施例中,一种方法包括:从可信网络外的移动设备接收网络连接请求;充当代表移动设备到网络的网关;从网络接收打算供移动设备使用的信息;以及根据安全策略确定是否将该信息转发到移动设备。
在另一实施例中,一种移动安全系统包括:用于充当代表可信网络外的移动设备到网络的网关的装置;用于从网络接收打算供移动设备使用的信息的装置;以及用于根据安全策略确定是否将该信息转发到移动设备的装置。
在又一实施例中,一种方法包括:经由无线连接在移动设备上接收互联网流量;在内核级上将该互联网流量重定向到移动安全系统;扫描违反安全策略的互联网流量;清理任何违反安全策略的互联网流量,以生成清洁的互联网流量;以及将清洁的互联网流量发送到移动设备用于执行。
在再一实施例中,一种系统包括:位于移动设备上的无线网络接口卡,用于接收互联网流量;位于移动设备上的内核级重定向器,用于在内核级上将互联网流量重定向到移动安全系统;安全引擎,用于扫描违反安全策略的互联网流量,以及用于清理任何违反安全策略的互联网流量以生成清洁的互联网流量;以及连接机构,用于从内核级重定向器接收重定向的互联网流量,以及用于将清洁的互联网流量发送到移动设备用于执行。
附图说明
图1是第一状态的现有技术网络系统的框图。
图2是第二状态的现有技术网络系统的框图。
图3是根据本发明实施例的网络系统的框图。
图4是示出根据本发明实施例的计算机系统的细节的框图。
图5是示出根据本发明实施例的移动安全系统的细节的框图。
图6是示出根据Microsoft Window的实施例的移动安全系统的细节的框图。
图7是示出根据本发明实施例的智能策略更新系统的细节的框图。
图8是示出针对OSI各层的网络安全措施的细节的框图。
图9是示出用于将安全代码传播到移动安全系统的通信技术的细节的框图。
图10A至图10C是示出根据本发明的多种实施例的用于将移动设备连接到移动安全系统的各种体系结构的框图。
图11是示出移动安全系统上的存储器的分区的框图。
具体实施方式
提供以下描述以使本领域的任何技术人员都可以制造并使用本发明,并且在特定应用及其要求的背景下提供以下描述。本实施例的各种修改对于本领域技术人员来说都是可以想到的,并且本文中限定的一般原则可以在不脱离本发明的精神和范围的条件下被应用于其他实施例和应用。所以,本发明的目的不在于限制于所示的实施例,而在于符合与本文中公开的原则、特征、及教导一致的最宽范围。
本发明的实施例使用了连接到移动设备并过滤出攻击和恶意代码的小块硬件。该块硬件被称为“移动安全系统”或“个人安全装置”。使用移动安全系统,移动设备可以被更强的安全措施所保护,并且可能被与其相关的公司/企业所提供的相同安全等级所保护。
图3示出了根据本发明实施例的网络系统300。网络系统300包括桌上型电脑305、第一移动设备310a、以及第二移动设备310b。第一移动设备310a此时被示出处于企业网络340内,并经由移动安全系统345a耦合到企业的内联网315。桌上型电脑305和第二移动设备310b也处于企业网络340内,但在本实施例中在没有插入诸如移动安全系统345b的移动安全系统345的条件下被耦合到内联网315。内联网315经由网络安全系统320(其可以是企业网关的一部分)被耦合到不可信的互联网330。因此,第一移动设备310a、第二移动设备310b、以及桌上型电脑305经由网络安全系统320访问不可信的互联网330。每一个都可以被位于其上的个人安全系统(未示出)所保护。第三移动设备310c当前处于企业网络340外,并经由移动安全系统345b耦合到不可信的互联网330。第三移动设备310可以被当前正在旅行的可信企业340的员工使用。安全管理器325管理移动安全系统345a、移动安全系统345b、以及网络安全系统320,以确保他 们都包括最当前的安全保护。本领域技术人员将明白,同一个的安全管理器不需要管理多种设备。另外,安全管理器可以是用户,并且不需要处于可信企业340内。
分界线335将可信企业340和不可信的、可公共访问的互联网330分开。移动设备310a、310b、310c中的每一个都被统称为移动设备310,尽管他们不需要一样。每个移动安全系统345a和345b都可以被统称为移动安全系统345,尽管他们不需要一样。
如图所示,尽管移动设备310c已经移动出了可信企业340,但是移动设备310c还经由移动安全系统345b连接到不可信的互联网330,所以保留了两条防线(即,移动安全系统345b和位于该设备本身上的安全软件)。在本实施例中,移动安全系统345有效地充当了代表移动设备310c的移动互联网网关。在一个实施例中,移动安全系统345可以是专门用于网络安全的设备。在一个实施例中,每个移动安全系统345都可以支持多个移动设备310(可能仅是注册过的移动设备310,例如,属于企业340的设备)。
每个移动安全系统345(例如,345a、345b)都可以是基于商业硬件(使用Intel的Xscale作核心)、Linux OS和网络服务、以及开源防火墙、IDS/IPS和反病毒保护的微型服务器。移动安全系统345可以基于硬化的嵌入式Linux2.6。
在这个实施例中,由于安全管理器325能够远程地与移动安全系统345b通信,所以IT可以监控和/或更新在移动安全系统345b上执行的安全策略/数据/引擎。安全管理器325可以在中心远程地或直接地管理所有的企业设备。另外,安全管理器325和移动安全系统345可以交互以自动地将企业安全策略翻译为移动安全策略,并可以相应地配置移动安全系统345。由于移动安全系统345可以是从企业340的相关安全策略生成的,所以当前正在移动的移动设备310c可以具有与可信企业340内的设备305/310相同的保护等级。
移动安全系统345可以被设计为添加到现有软件安全上或代替正在移动的移动设备上的所有安全硬件和软件。这些安全应用将优选地在不同 OSI层上工作,以提供最大的安全和恶意代码保护,如图8中所示的示例系统所示。在较低的OSI层上工作和仅仅进行TCP/IP分组分析(通过屏蔽防火墙或路由器分组)将会错过病毒和/或蠕虫行为。而且,很多现代病毒使用在比7th OSI层(应用-HTTP、FTP等)“更高”的等级上执行的移动代码,所以既不能在分组层也不能在应用层上被解译。例如,仅在会话或传输层对恶意Java脚本(包括在HTML页中)应用反病毒分析、试图将签名与分组匹配而不理解内容类型(Java脚本),将不能检测Java脚本的恶意本性。为了提供更强的保护,移动安全系统345可以充当公司型安全装置,并可以基于内容类型和适当的OSI层(或在相似内容被封装在应用层中时“更高”层)来参与不同的安全应用。移动安全系统345可以被配置为在不同的OSI层执行内容分析,例如,从分组层到应用层。将明白,在应用层执行深层检测对于检测恶意内容行为和改进病毒、蠕虫、间谍软件、特洛伊木马等的检测是很关键的。下列软件包可以在移动安全系统345上执行:
·防火墙和VPN-包括有状态和无状态防火墙、NAT、分组过滤和操纵、DOS/DDOS、网络过滤器(netfilter)、将用户移动设备与互联网隔离并在该设备上运行VPN程序等。
·可选的网页加速器和基于Squid的带宽/高速缓冲存储器管理。
·IDS/IPS-基于Snort的入侵检测和预防系统。Snot是一种利用规则驱动语言的开放源代码的网络入侵预防和检测系统,其结合了签名、基于协议和基于异常的检测的优点。
·基于ClamAV的反病毒程序和反间谍软件;附加的AV和AS引擎(例如,McAfee、Kaspersky、Pandamay)可以被提供以获得附加的定购费。
·恶意内容检测-在执行内容分析以在具有签名之前检测恶意内容的敏锐启发(fly heuristics)上。这将是基于规则库和更新的规则的,并且将是由内容决定的扫描。
·URL种类过滤(categorization filtering)-基于诸如Surfcontrol、Smart Filter、或Websense的商业引擎。可以提供70种左右的URL,诸如 赌博、成人内容、新闻、网页邮件等。移动设备345可以应用基于URL种类的不同安全策略,例如,对于赌博或承认内容的网站等的更高限制和启发。
图4是示出示例计算机系统400的细节的框图,桌上型电脑305、移动设备310、网络安全系统320、移动安全系统345、以及安全管理器325是该计算机系统的一个实例。计算机系统400包括耦合到通信信道410的处理器405,诸如,Intel微处理器或Motorola Power微处理器。计算机系统400进一步包括分别耦合到通信信道410的输入设备415(诸如,键盘或鼠标)、输出设备420(诸如,阴极射线管显示器)、通信设备425、数据存储设备430(诸如,磁盘)、存储器435(诸如,随机存取存储器(RAM))。通信接口425可以被直接或经由移动安全系统345耦合到诸如互联网的网络。本领域技术人员将明白,尽管数据存储设备430和存储器435被图示为不同的单元,但是数据存储设备430和存储器435可以是同一个单元的多个部分、分散的单元、或虚拟存储器等。
数据存储设备430和/或存储器435可以存储诸如Microsoft Windows XP、IBM OS/2操作系统、MAC OS、UNIX OS、LINUX OS的操作系统440和/或其他程序445。将可以理解,优选实施例可以在不同于以上所述的平台和操作系统上执行。一个实施例可以使用JAVA、C、和/或C++语言、或其他语言写出(可能使用面向对象的编程方法)。
本领域技术人员将明白,计算机系统400还可以包括附加信息,诸如,网络连接、附加存储器、附加处理器、LAN、用于跨越硬件信道传输信息的输入/输出线路、互联网、或内联网等。本领域技术人员将明白,这些程序和数据可以以可选方式被该系统接收并存储。例如,计算机可读存储介质(CRSM)读出器450(诸如,磁盘驱动器、硬盘驱动器、磁光读出器、CPU等)可以耦合到用于读计算机可读存储介质(CRSM)455(诸如,磁盘、硬盘、磁光盘、RAM等)的通信总线410。因此,计算机系统400可以经由CRSM读出器450接收程序和/或数据。另外,将可以理解,本文中使用的术语“存储器”的目的在于覆盖所有数据存储介质,而不论其是永久的还是暂时的。
图5是示出根据本发明实施例的移动安全系统345的细节的框图。移动安全系统345包括:适配器/端口/驱动器505、存储器510、处理器515、存储移动安全系统的操作系统的安全版本或其他应用的预引导闪存/ROM存储模块520、网络连接模块525、安全引擎530、安全策略535、安全数据540、远程管理模块550、分发模块555、以及备份模块560。尽管图示了移动安全系统345内的这些模块,但是本领域技术人员将明白,他们中的很多也可以位于其他地方,例如,位于安全管理器325上或位于与移动安全系统345通信的第三方系统上。移动安全系统345可以为袖珍尺寸的、手持尺寸的、或钥匙链尺寸的壳体,或可以更小。另外,移动安全系统345可以结合在移动设备310中。
适配器/端口/驱动器505包括用于移动安全系统345上的USB、以太网、WiFi、WiMAX、GSM、CDMA、蓝牙、PCMCIA、和/或其他连接数据端口的连接机构。在一个实施例中,适配器/端口/驱动器505能够连接到多个设备310,以为多个设备310提供网络安全。
存储器510和处理器515执行移动安全系统345上的操作系统和应用。在这个示例中,预引导闪存520存储操作系统和应用。在引导时,操作系统和应用被从预引导闪存520加载到存储器510用于执行。由于操作系统和应用被存储在了在运行期间不能被用户访问的预引导闪存520中,所以预引导闪存520中的操作系统和应用是不易破坏的。在存储器510中的操作系统和应用的副本被破坏(例如,被恶意代码破坏)的情况下,操作系统和应用可以在(例如)重启时被重新从预引导闪存520加载到存储器510中。尽管描述了操作系统和应用被存储在预引导闪存520中的情况,但是OS和应用还可以被安全地存储在诸如ROM、PROM、EEPROM等的其他只读存储设备中。
移动安全系统345上的存储器(包括存储器510和预引导闪存520)可以被分成如图11所示的多个区。在每个“硬”重启时,移动安全系统345的引导加载器(位于区域1中)将内核和安全应用(最新的、未改变的副本)从区域1复制到区域2。这使得清洁版本的OS和应用每次都被 加载到区域2中。这样,如果专用的移动安全系统345攻击被开发了出来,该攻击将不能感染该系统,因为OS和应用在运行期间被从存储区域1中排除了。另外,到达存储器510的任何攻击将仅可以运行一次,并将在硬重启时消失。触发机制可以被用来在感染检测时自动地重新启动移动安全系统345。
网络连接模块525使网络能够经由包括WiFi、WiMAX、CDMA、GSM、GPRS、以太网、调制解调器等的网络通信硬件/软件连接到例如互联网330或内联网315。例如,如果移动设备310希望经由WiFi连接连接到互联网330,则适配器/端口/驱动器505可以被连接到移动设备310的PCI端口、USB端口、或PCMCIA端口,并且移动安全系统345的网络连接模块525将包括用于连接到无线接入点的WiFi网络接口卡。使用网络连接模块425,移动安全系统345可以作为用于移动设备310的安全网关与网络通信。在图10A至图10C中描述其他连接结构。
安全引擎530基于安全策略535和安全数据540(他们二者都可以由IT管理者开发)执行安全程序。安全引擎530可以包括防火墙、VPN、IPS/IDS、反病毒程序、反间谍软件、恶意内容过滤、多层安全监控器、Java和字节码监控器等。每个安全引擎530都可以具有专用的安全策略535和安全数据540,以指示引擎530可以或不可以允许哪些进程、内 容、URL、系统呼叫等。安全引擎530、安全策略535、以及安全数据540可以与网络安全系统320上的引擎、策略、和数据的子集相同,和/或可以从他们开发出来。
为了提供由反病毒程序和反间谍软件提供的更高的安全等级,每个移动安全系统345上的安全引擎530可以执行内容分析和风险估计算法。例如,在OSI层7或其他处的运转,这些算法可以通过由规则引擎和规则更新控制的专用的高风险内容过滤(HRCF)执行。HRCF将基于能够执行深层内容分析以校验真正的内容类型的强大检测库。这是因为很多攻击都隐藏在错误的模仿类型(mime type)内,和/或可以使用复杂的骗局来将文本文件类型呈现为危险的动态脚本或动态X内容类型。HRCF可以与用于基于URL种类的自动规则调整的URL种类安全引擎530结合。在一个实施例中,当风险等级增加时(使用所描述的机构),移动安全系统345可以自动地调整和增加过滤,以从流量中去除更多的动态内容。例如,如果更大的风险被确定,则每块移动代码(例如,Java脚本、VB脚本等)都可以被剥除出去。
用于与公司策略服务器遗留系统结合的三个方面包括:(下面讨论的)规则、LDAP和动态目录、以及记录和报告。在一个实施例中,在安全管理器325上运行的策略引入代理将访问Checkpoint防火墙-1和Cisco PIX防火墙的规则库,并将他们引入本地副本。规则分析模块将处理重要的规则,并将为移动安全系统345提供不确定规则(out-of-box rule)和策略。提出的这个策略将为所有的移动安全系统345提供符合企业340的防火墙策略的最适合的规则。该代理将周期性地运行,以反映任何改变并生成用于移动安全系统345的策略535的更新。LDAP和动态目录可以与目录服务结合,以保持响应与企业的目录定义的移动安全系统345的安全策略535。例如,用于LDAP用户群“G”的企业策略将自动传播到“G”群中的所有的移动安全系统345。移动安全系统345的本地日志和查账索引可以根据记录和报告策略被发送到存储在安全管理器325处的中心日志。使用网络界面,IT能够生成与所有移动设备310用户和他们的互联网经验有关的报告和查账视图,并可以启动将感染的设备携带回企业340。IT将 能够经由SYSLOG和SNMP Traps将时间和日志记录转发到遗留管理系统内。
安全引擎530可以执行加权风险分析。例如,安全引擎530可以分析包括从互联网330到达的任意流量在内的HTTP、FTP、SMTP、POP3、IM、P2P等。安全引擎530可以基于每个对象的类型、复杂性、能力的富裕度、对象的来源等来为每个对象分配权重和等级。安全引擎530可以使用已知的危险或已知的安全来源的列表来基于来源分配权重。安全引擎530可以基于来源的种类(例如,赌博来源、成人内容来源、新闻来源、著名公司来源、银行业来源等)来为对象分配权重。安全引擎530可以计算权重,并基于该结果确定允许还是不允许对内容的访问、对脚本的运行、以及对系统的修改等。安全引擎530可以“学习”用户内容(通过对用户访问的一般内容进行预定时间段的分析),并可以相应地创建个人内容简介。个人内容简介可以用于校准在运行时间分析期间分配给内容的权重,以改进精确性并适应对于特定用户特性的加权风险分析。
在一些实施例中,安全引擎530、安全策略535、以及安全数据540可以使能对移动安全系统345的回避。由安全管理器325设置的安全策略535可以包括特殊属性,以在移动设备处于可信企业340外时促使移动设备通过移动安全系统325进行网络连接。所以,如果这些属性被设置为“有效(on)”,则当移动设备310企图在没有移动安全系统345的情况下、并不从可信企业340内开始连接到互联网330时,包括LAN连接、USB网、调制解调器、蓝牙、WiFi等的所有数据传输连接都可以被关闭。移动设备310可以被完全隔离并不能连接到包括互联网330在内的任何网络。
在一个实施例中,为了这个能实现,当首先使用(例如)USB线(用于电源和USB连接创建)连接到移动设备310时,USB即插即用设备驱动器可以被发送到移动设备310中。所安装的驱动器可以是允许用于移动安全系统345的USB网连接的“Linux.inf”。这个连接允许移动安全系统345经由USB端口并使用移动设备310网络连接和附加代码(“连接客户”)来访问互联网330。在Windows示例中,连接客户可以被安装在如 图6中所示的每个网络连接的所有网络接口卡上方的移动设备310的NDIS等级。该实施方式将作为NDIS中间层(IM)驱动器或NDIS勾过滤驱动器(NDIS-hooking filter driver)。两种实施方式都是内核级的,所以终端用户不能停止或去除他。当开启移动设备310时,连接客户可能企图连接到可信企业340本地的网络安全系统320或安全管理器325。如果该节点没有被找到(经由VPN的查找被认为没有在本地LAN中找到),则连接客户将假设其从可信企业340外工作并希望找到例如,经由USB网或其他连接机制连接的移动安全系统345。如果移动安全系统345没有被找到,则连接客户可以避免到任何网络连接的任何通信。通过策略定义,这个行为可以被修改为允许经由安装在移动设备310中的VPN到企业340的通信。类似地,在移动安全系统345故障的情况下,所有流量都无效,除了连接到企业340中的VPN外。
将明白,NDIS是在内核级上截取流量的一种可能的实施方式。例如,在另一实施例中,该系统可以勾住Winsok或应用可能在未来的Windows版本中的其他方式。
在移动安全系统345支持多个移动设备310的实施例中,对于每一个移动设备310,安全引擎530、安全策略535、和安全数据540可以不同(例如,基于例如用户偏好或IT决定)。可选地,可以应用对于所有连接的设备310都相同的引擎530、策略535、以及数据540。
远程管理模块550使能与安全管理器325(和/或其他安全管理器)的通信,并使能安全引擎530、安全策略535、包括签名和其他应用的安全数据540的本地更新。在一个实施例中,对安全策略535和数据540的修改可以仅通过安全管理器325进行。移动安全系统345的远程管理模块550可以经由安全连接,从(例如)安全管理器325上的更新职权设备(UAD)接收更新。UAD可以在位于互联网330上的客户IT中心处的更新服务器上运转,以将更新转发给可能不属于负责管理更新的企业540的移动安全系统345。UAD可以在移动安全系统345上运转。安全引擎530更新可以修改反病毒程序引擎DLL等,OS和安全应用更新可以在连接到安全管理器325的同时经由加密和认证的连接从企业540内执行。
安全管理器325可以修改用于对旅行用户进行远程支持的URL黑白列表。在错误肯定的情况下,安全管理器325可以通过回避抢先的启发式安全措施而仍通过防火墙、反病毒程序、IPS/IDS等进行监控来允许对某些URL的访问。附加的远程设备管理特征可以使安全管理器325能够在移动安全系统345上执行远程诊断、访问本地日志、改变配置参数等。安全管理器325可以将任务委托给用于支持的帮助台。
远程管理模块550可以与可以位于安全管理器325或其他系统上的向导(例如,向导745)通信,如图7中所示。下面参考图7描述向导745的细节和远程管理模块550与向导745之间的通信配置的细节。
分发模块555使能更新的分发,例如,通过移动安全系统345的、到N个其他移动安全系统345的更新的分发,例如,包括规则更新的安全策略535的更新、包括签名更新的安全数据540的更新、安全引擎530的更新、应用/OS的更新等。标识更新将转发到的N个其他移动安全系统345的路由表可以被提供给分发模块555,以使系统345能够与系统345通信。更新可以根据安全管理器325设置的策略执行。当转发更新时,分发模块555充当UAD。
每个移动安全系统345都可以周期性地、以预定次数、在登陆时等获取他的路由表和安全信息更新。路由表可以被保持在服务器(例如,安全管理器325或其他移动安全系统345)上。在一个实施例中,移动安全系统345可以接触该服务器,以检索路由表。可选地,该服务器可以将路由表推到移动安全系统345。
分发模块555可以使能快速更新,如图9中所示。当前,所有可获得的商业反病毒程序产品对设备的更新都比病毒的传播慢。为了确保新的病毒攻击不比(例如)签名更新传播得更快,每个移动安全系统345都可以是动态UAD。在一个实施例中,如图9中所示,每个移动安全系统345都负责将签名更新转发到四个其他设备345。本领域技术人员将明白,所有设备345都需要向相同数目的其他设备345转发。多个设备345可以负责向同一设备345的转发。当需要时,被激活的离线设备345可以对用于路由表更新的服务器(例如,安全管理器325)进行调查。
备份模块560可以不断地将移动设备310的引导扇区和系统文件的图像和改变备份到闪存520或另一永久性存储设备中。这样,在包括移动设备310的系统或引导扇区丢失的严重故障情况下,移动安全系统345可以在重新引导期间被识别为CD-ROM,并可以发动备份模块(或独立程序)在移动设备310上恢复引导扇区和系统文件,从而在不需要IT支持的条件下恢复移动设备310。在网络安全系统345支持多个移动设备310的实施例中,备份模块560可以包含用于每个移动设备310的独立的引导扇区和系统文件(如果不同的话)。
图7是示出根据本发明实施例的智能策略更新系统700的细节的框图。系统700包括耦合到网络安全系统320和移动安全系统345的安全管理器325。网络安全系统320包括安全引擎705,该安全引擎包括反病毒程序引擎715、IPS/IDS引擎720、防火墙引擎725、以及其他安全引擎。网络安全系统320还包括安全策略和数据710,该安全策略和数据包括反病毒策略和数据730、IPS/IDS策略和数据735、防火墙策略和数据740、以及其他策略和数据。类似地,移动安全系统345包括反病毒程序引擎755、IPS/IDS引擎760、防火墙引擎765、以及其他引擎。移动安全系统345还包括安全策略和数据535/540,该安全策略和数据包括反病毒安全策略和数据770、IPS/IDS安全策略和数据775、防火墙安全策略和数据780、以及其他安全策略和数据。
安全管理器325可以包括用于基本使能移动安全系统345上的安全引擎530、安全策略535、和安全数据540的自动初始化和可能的动态设立的向导745。在一个实施例中,向导745可以自动加载作为移动安全系统345的安全引擎530和策略和数据535/540的网络安全系统320的所有安全引擎750和策略和数据710。在另一实施例中,向导745可以包括除了无关部件外的所有安全引擎705和策略和数据710,例如,与计帐用的计费软件有关的那些、与仅在网络服务器上运行的网络软件相关的那些。在另一实施例中,引擎530需要被IT管理器加载,而不需要被向导745自动加载。
在一个实施例中,向导745可以确定移动安全系统345是否需要特定 的安全引擎530,例如,反病毒程序引擎755、IPS/IDS引擎760、防火墙引擎765等。如果确定如此,则向导745将引擎530加载到移动安全系统345上。然后,向导745将确定哪些策略和数据集(例如,用于反病毒程序引擎755的一些、用于IPS/IDS引擎760的一些、用于防火墙引擎765的一些等)对于移动安全系统345是重要的。然后,向导745将确定网络安全系统320上的反病毒策略和数据730中的哪些与移动安全系统345上的反病毒策略和数据770相关,网络安全系统320上的IPS/IDS策略和数据735中的哪些与移动安全系统345上的IPS/IDS策略和数据775相关,网络安全系统320上的防火墙策略和数据740中的哪些与移动安全系统34上的防火墙策略和数据780相关,以及网络安全系统320上的其他策略和数据中的哪些与移动安全系统345上的策略和数据相关。如上所述,向导745可以确定移动安全系统345上需要所有的安全引擎705还是仅需要一部分。向导745确定是应该转发用于给定引擎类型的所有策略和数据710还是只转发一部分。向导745可以基于由IT管理员开发的规则、基于设立进程期间的逐项选择,来确定哪个相关策略和数据710应该被转发给移动安全系统345。对于向导745可选的,IT管理员可以在没有向导745的移动安全系统345上设立引擎530和策略和数据535/540。
安全管理器325还可以包括更新职权设备750。更新职权设备750可以获取安全系统更新(例如,签名更新),并可以将该更新发送到网络安全系统320和移动安全系统345。本领域技术人员将明白,网络安全系统320的更新和移动安全系统345的更新不需要相同。另外,更新职权设备750可以从安全管理者、安全引擎开发者、反病毒程序专家等获取更新。更新职权设备750可以将该更新转发到所有网络安全系统320和所有移动安全系统345,或可以将路由表转发给所有移动安全系统345并仅将该更新发送给移动安全系统能够345的初始设置。移动安全系统345的初时设置可以以类似于图9所示的过程的P2P方式将更新转发到在路由表中标识的移动安全系统345。如上所述,运转以转发更新的每个移动安全系统345本身充当更新职权设备750。
其他应用也可以包括在移动安全系统345上。例如,用于再现来自现 有客户的收入的添加上的应用可以包括一般电子邮件、反垃圾程序、直接且安全的电子邮件传递、信息库(information vault)、安全的Skype、以及其他即时信息发送服务等。
·邮件安全和反垃圾程序-在移动安全系统345(包括以上的网络安全引擎)上实现邮件的中继,以及本地spam quarantine可以通过实时索引(经由在线搜索引擎作弊源(web spam quarries))来实现包括反垃圾程序在内的完整的邮件安全软件套件。用户可以访问该来源,以经由网络界面查阅垃圾消息、释放消息、修改和定制垃圾规则。
·基于邮件中继的直接且安全的电子邮件传递将允许移动安全系统345直接从一个移动安全系统345向另一个移动安全系统345发送用户邮件,而无需在路由邮件服务器中使用。这使得公司用户可以发送无需在互联网中移动的电子邮件,从而在路由中的不同的未知邮件服务器上留下了痕迹和副本。这与使用两个移动安全系统之间的安全管道的能力的结合对于公司是有价值的。在没有这种方法的情况下,人们可以不用访问公司的邮件服务器而通过追捕用于传递消息的中间邮件服务器中的副本来追踪电子邮件交换。
·信息库-仅有被授权的用户可以经由在每个移动安全系统345上执行的网络界面和网络服务器可以获取移动安全系统345上的加密并存储终端用户信息的应用(例如,BOA、Apache等)。
·安全的Skype和其他IM-在移动安全系统345上执行即时消息发送的客户可以保证即时消息发送系统和P2P应用不具有对移动设备310上的数据的访问。添加AC/97的芯片集以在移动安全系统325上提供声音接口可以使用户直接向移动安全系统325讲话和直接从移动安全系统325接收呼叫。
尽管没有示出,但移动安全系统345也可以包括小电池。这个电池可以在运行期间通过USB连接充电、或在任意时间使用电源适配器充电。该电池可以保证适当的关机,例如,当用户从移动安全系统345断开USB线时。这将由将发动应用和系统关机的系统用信号通知。这将确保文件系统的适当状态和闪开文件缓冲器。
需要多层防御和保护能力。这可以由具有以下特点的特殊代码实现:通过不同系统(反病毒程序、IDS/IPS、防火墙、反间谍软件、URL种类等)在不同等级不断监控扫描结果,以构建难题并识别攻击(即使在气没有被每个单独子系统辨别出来)。
移动安全系统345的一个可获得的优点在于他在终端用户旅行时或在家工作时在终端用户上强制执行企业540的策略的能力。由于移动安全系统345使用了与从企业540内连接时相类似的安全引擎和策略,并且由于终端用户不能在没有他(除经由VPN进入企业540外)的情况下访问互联网330,所以,IT能够在企业540的边界线外强制执行他的安全策略。当移动安全系统345的OS充当在他的控制下的终端用户的OS时,该OS可以处于IT的完全监督下。这解决了谁控制什么、以及安全和生产率如何面对最小妥协的问题。
孤立版本的移动安全系统345可以提供相同的功能,并可以经由网络浏览器提供本地管理接口。对于没有IT部门的家庭用户或小办公室有吸引力的是,移动安全系统345使得终端用户可以发动浏览器、连接到移动安全系统345、设置包括修改白黑URL列表的不同策略(更新策略、安全规则等)等。还有机会通过定购为终端用户提供移动安全系统345的远程管理服务。
图10A、10B、和10C示出了根据本发明多种实施例的用于将移动安全系统345连接到移动设备310的三种示例结构。在图10A中,移动设备310经由USB连接1015和1020被耦合到移动安全系统345,并经由NIC卡1005被耦合到互联网330。移动设备310经由他的NIC卡1005从互联网330接收互联网流量。移动设备310上的内核级重定向器1010(例如,经由NDIS、Winsock等)自动地经由USB连接1015和1020将互联网流量重定向到移动安全系统345,该移动安全系统对互联网流量进行扫描和清理,并经由USB连接1015和1020将清洁的互联网流量返回给移动设备310。在图10B中,移动设备310经由USB连接1025和1030被耦合到移动安全系统345。移动安全系统345包括用于从互联网330接收互联网流量的NIC卡1035。移动安全系统345对互联网流量进行扫描和清理,并经 由USB连接1025和1030将互联网流量转发到移动设备310。在图10C中,移动设备310经由NIC卡1040和1045被耦合到移动安全系统345。移动安全系统345经由他的NIC卡1045从互联网330接收互联网流量。移动安全系统345对互联网流量进行扫描和清理,并经由NIC卡1040和1045将互联网流量无线转发给移动设备310。其他连接机构也可以。
本发明的优选实施例的上述描述仅通过示例作出,并且在以上描述的教导下可以作出对上述实施例和方法进行其他变形和修改。尽管网络站点被描述为了单独且截然不同的站点,但是本领域技术人员将明白,这些站点可以是一个整体站点的一部分,可以分别包括多个站点的多个部分,或可以包括单个和多个站点的组合。本文中描述的各种实施例可以利用硬件、软件、或他们的组合来实现。为此,可以使用能够实现上述各种功能性设置的任何逻辑类型。可以使用编程的通用数字计算机、使用专用集成电路、或使用互联的传统组件和电路来实现多个组件。连接可以是有线的、无线的、或调制解调器等。本文中描述的这些实施例不用于排他或限制。本发明仅受所附权利要求的限制。
Claims (20)
1.一种移动安全系统,包括:
移动安全系统处理器;
存储操作系统的至少一部分的预引导存储器;
在重新引导移动安全系统时从所述预引导存储器接收所述操作系统的至少一部分的运行时存储器;
连接机构,用于连接到移动设备的数据端口以及用于与所述移动设备通信,所述移动设备具有不同于所述移动安全系统处理器的移动设备处理器;
网络连接模块,用于充当到网络的网关;
安全策略,用于保护所述移动设备免受恶意内容的损害;以及
安全引擎,用于在运行时存储器中执行所述安全策略。
2.如权利要求1的移动安全系统,其中,所述连接机构包括USB连接器、PCMCIA连接器、以太网连接器和无线通信模块中的至少一种。
3.如权利要求1的移动安全系统,其中,所述网络连接模块包括无线网络接口卡。
4.如权利要求1的移动安全系统,其中,所述安全引擎包括反病毒引擎、反间谍软件引擎、防火墙引擎、入侵防御系统/入侵检测系统即IPS/IDS引擎、内容过滤引擎、多层安全监控器、字节码监控器以及URL监控器中的至少一种。
5.如权利要求1的移动安全系统,其中,所述安全策略执行加权风险分析。
6.如权利要求5的移动安全系统,其中,所述加权风险分析基于内容类型来对风险加权。
7.如权利要求5的移动安全系统,其中,所述加权风险分析基于内容来源来对风险加权。
8.如权利要求5的移动安全系统,其中,所述加权风险分析基于内容来源种类来对风险加权。
9.如权利要求5的移动安全系统,其中,所述加权风险分析基于用户的历史行为来对风险加权。
10.如权利要求1的移动安全系统,还包括:能够接收安全策略更新的远程管理模块。
11.如权利要求1的移动安全系统,还包括:能够接收安全引擎更新的远程管理模块。
12.如权利要求1的移动安全系统,还包括:安全数据和能够接收安全数据更新的远程管理模块。
13.如权利要求1的移动安全系统,其中,所述安全数据包括恶意内容签名。
14.如权利要求1的移动安全系统,还包括:能够将更新转发到其他移动安全系统的分发模块。
15.如权利要求1的移动安全系统,还包括:如果所述移动设备的引导扇区被损坏,能够存储所述移动设备的所述引导扇区的至少一部分的备份模块。
16.如权利要求1的移动安全系统,还包括:能够与向导通信的远程配置模块,所述向导与企业网络安全系统通信,所述向导能够基本自动地基于所述企业网络安全系统上的策略和数据生成策略和数据,所述远程配置模块能够安装由所述向导生成的所述策略和数据。
17.如权利要求1的移动安全系统,还包括:在运行期间不能被访问的预引导存储器,所述预引导存储器存储所述移动安全系统的操作系统的至少一部分的副本,所述移动安全系统被配置为每当所述移动安全系统被重新引导时就加载所述操作系统部分。
18.一种方法,包括:
在具有移动安全系统处理器的移动安全系统的预引导存储器中存储操作系统的至少一部分;
当重新引导所述移动安全系统时,从所述预引导存储器接收所述操作系统的至少一部分的副本;
当移动设备处于可信网络外时,通过网络连接机构从所述移动设备接收网络连接请求,所述移动设备具有不同于所述移动安全系统处理器的移动设备处理器;
充当代表所述移动设备到网络的网关;
从所述网络接收打算供所述移动设备使用的信息;以及
基于安全策略保护所述移动设备免受符合安全策略的恶意内容的损害;
在运行时存储器中执行安全策略。
19.根据权利要求18所述的方法,其中所述连接机构包括USB连接器、PCMCIA连接器、以太网连接器和无线通信模块中的至少一种。
20.一种系统,包括:
用于在具有移动安全系统处理器的移动安全系统的预引导存储器中存储操作系统的至少一部分的装置;
用于在重新引导所述移动安全系统时从所述预引导存储器接收所述操作系统的至少一部分的副本的装置;
用于在移动设备处于可信网络外时充当代表移动设备到网络的网关的装置,其中所述移动设备具有不同于所述移动安全系统处理器的移动设备处理器;
用于从所述网络接收打算供所述移动设备使用的信息的装置;以及
用于根据安全策略保护所述移动设备免受符合安全策略的恶意内容的损害的装置;
用于在运行时存储器中执行安全策略的装置。
Applications Claiming Priority (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US75032605P | 2005-12-13 | 2005-12-13 | |
US60/750,326 | 2005-12-13 | ||
US11/376,919 | 2006-03-15 | ||
US11/376,919 US8381297B2 (en) | 2005-12-13 | 2006-03-15 | System and method for providing network security to mobile devices |
CN2006800527808A CN101496025B (zh) | 2005-12-13 | 2006-12-12 | 用于向移动设备提供网络安全的系统和方法 |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2006800527808A Division CN101496025B (zh) | 2005-12-13 | 2006-12-12 | 用于向移动设备提供网络安全的系统和方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103905416A true CN103905416A (zh) | 2014-07-02 |
CN103905416B CN103905416B (zh) | 2018-05-08 |
Family
ID=38163327
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2006800527808A Active CN101496025B (zh) | 2005-12-13 | 2006-12-12 | 用于向移动设备提供网络安全的系统和方法 |
CN201310556909.0A Active CN103905416B (zh) | 2005-12-13 | 2006-12-12 | 用于向移动设备提供网络安全的系统和方法 |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2006800527808A Active CN101496025B (zh) | 2005-12-13 | 2006-12-12 | 用于向移动设备提供网络安全的系统和方法 |
Country Status (8)
Country | Link |
---|---|
US (12) | US8381297B2 (zh) |
EP (1) | EP1960866B1 (zh) |
JP (1) | JP2009523331A (zh) |
CN (2) | CN101496025B (zh) |
AU (1) | AU2006324929A1 (zh) |
CA (1) | CA2632951A1 (zh) |
EA (1) | EA200870044A1 (zh) |
WO (1) | WO2007069245A2 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107526625A (zh) * | 2017-07-18 | 2017-12-29 | 杭州趣链科技有限公司 | 一种基于字节码检查的Java智能合约安全检测方法 |
Families Citing this family (308)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2003058879A1 (en) | 2002-01-08 | 2003-07-17 | Seven Networks, Inc. | Secure transport for mobile communication network |
US8468126B2 (en) | 2005-08-01 | 2013-06-18 | Seven Networks, Inc. | Publishing data in an information community |
US7917468B2 (en) | 2005-08-01 | 2011-03-29 | Seven Networks, Inc. | Linking of personal information management data |
US8438633B1 (en) | 2005-04-21 | 2013-05-07 | Seven Networks, Inc. | Flexible real-time inbox access |
WO2006136660A1 (en) | 2005-06-21 | 2006-12-28 | Seven Networks International Oy | Maintaining an ip connection in a mobile network |
US20080276302A1 (en) | 2005-12-13 | 2008-11-06 | Yoggie Security Systems Ltd. | System and Method for Providing Data and Device Security Between External and Host Devices |
US8381297B2 (en) | 2005-12-13 | 2013-02-19 | Yoggie Security Systems Ltd. | System and method for providing network security to mobile devices |
US8869270B2 (en) | 2008-03-26 | 2014-10-21 | Cupp Computing As | System and method for implementing content and network security inside a chip |
US7769395B2 (en) | 2006-06-20 | 2010-08-03 | Seven Networks, Inc. | Location-based operations and messaging |
US20070288989A1 (en) * | 2006-06-09 | 2007-12-13 | Nokia Corporation | Method, electronic device, apparatus, system and computer program product for updating an electronic device security policy |
US7603333B2 (en) * | 2006-06-14 | 2009-10-13 | Microsoft Corporation | Delayed policy evaluation |
US8631494B2 (en) | 2006-07-06 | 2014-01-14 | Imation Corp. | Method and device for scanning data for signatures prior to storage in a storage device |
US20080040773A1 (en) * | 2006-08-11 | 2008-02-14 | Microsoft Corporation | Policy isolation for network authentication and authorization |
US8346863B2 (en) * | 2006-08-15 | 2013-01-01 | International Business Machines Corporation | Contact initialization based upon automatic profile sharing between computing devices |
ES2730219T3 (es) | 2007-02-26 | 2019-11-08 | Microsoft Israel Res And Development 2002 Ltd | Sistema y procedimiento para una protección automática de datos en una red informática |
JP5029850B2 (ja) * | 2007-03-09 | 2012-09-19 | 日本電気株式会社 | ネットワークシステム、通信方法、通信端末及び通信プログラム |
US8127412B2 (en) * | 2007-03-30 | 2012-03-06 | Cisco Technology, Inc. | Network context triggers for activating virtualized computer applications |
US7966660B2 (en) * | 2007-05-23 | 2011-06-21 | Honeywell International Inc. | Apparatus and method for deploying a wireless network intrusion detection system to resource-constrained devices |
US8365272B2 (en) | 2007-05-30 | 2013-01-29 | Yoggie Security Systems Ltd. | System and method for providing network and computer firewall protection with dynamic address isolation to a device |
US8805425B2 (en) | 2007-06-01 | 2014-08-12 | Seven Networks, Inc. | Integrated messaging |
US9165301B2 (en) * | 2007-06-06 | 2015-10-20 | Core Audience, Inc. | Network devices for replacing an advertisement with another advertisement |
US8190716B2 (en) * | 2007-08-24 | 2012-05-29 | Broadcom Corporation | Method and system for managing bluetooth communication using software or firmware filtering |
US8819763B1 (en) * | 2007-10-05 | 2014-08-26 | Xceedium, Inc. | Dynamic access policies |
CN101414332A (zh) * | 2007-10-15 | 2009-04-22 | 鸿富锦精密工业(深圳)有限公司 | 防病毒装置和方法 |
US20090111425A1 (en) * | 2007-10-26 | 2009-04-30 | Sony Eriscsson Mobile Communications Ab | Device and method for category based collaboration and control for mobile communications devices |
FI124279B (fi) * | 2007-11-01 | 2014-06-13 | Teliasonera Ab | Suojattu datanlähetys viestintäjärjestelmässä |
US8364181B2 (en) | 2007-12-10 | 2013-01-29 | Seven Networks, Inc. | Electronic-mail filtering for mobile devices |
US9002828B2 (en) | 2007-12-13 | 2015-04-07 | Seven Networks, Inc. | Predictive content delivery |
CA2625274C (en) * | 2007-12-13 | 2018-11-20 | Kevin Gerard Boyce | Method and system for protecting a computer system during boot operation |
US8862657B2 (en) | 2008-01-25 | 2014-10-14 | Seven Networks, Inc. | Policy based content service |
US20090193338A1 (en) | 2008-01-28 | 2009-07-30 | Trevor Fiatal | Reducing network and battery consumption during content delivery and playback |
US20090204966A1 (en) * | 2008-02-12 | 2009-08-13 | Johnson Conrad J | Utility for tasks to follow a user from device to device |
FR2928062B1 (fr) | 2008-02-26 | 2010-02-26 | Thales Sa | Procede de gestion dans les equipements de securite et entite de securite |
US7472420B1 (en) | 2008-04-23 | 2008-12-30 | Kaspersky Lab, Zao | Method and system for detection of previously unknown malware components |
US8548428B2 (en) | 2009-01-28 | 2013-10-01 | Headwater Partners I Llc | Device group partitions and settlement platform |
US8346225B2 (en) | 2009-01-28 | 2013-01-01 | Headwater Partners I, Llc | Quality of service for device assisted services |
US8725123B2 (en) | 2008-06-05 | 2014-05-13 | Headwater Partners I Llc | Communications device with secure data path processing agents |
US8391834B2 (en) | 2009-01-28 | 2013-03-05 | Headwater Partners I Llc | Security techniques for device assisted services |
US8406748B2 (en) | 2009-01-28 | 2013-03-26 | Headwater Partners I Llc | Adaptive ambient services |
US8275830B2 (en) | 2009-01-28 | 2012-09-25 | Headwater Partners I Llc | Device assisted CDR creation, aggregation, mediation and billing |
US8832777B2 (en) | 2009-03-02 | 2014-09-09 | Headwater Partners I Llc | Adapting network policies based on device service processor configuration |
US8626115B2 (en) | 2009-01-28 | 2014-01-07 | Headwater Partners I Llc | Wireless network service interfaces |
US8924469B2 (en) | 2008-06-05 | 2014-12-30 | Headwater Partners I Llc | Enterprise access control and accounting allocation for access networks |
US8839387B2 (en) | 2009-01-28 | 2014-09-16 | Headwater Partners I Llc | Roaming services network and overlay networks |
US8924543B2 (en) | 2009-01-28 | 2014-12-30 | Headwater Partners I Llc | Service design center for device assisted services |
US8589541B2 (en) | 2009-01-28 | 2013-11-19 | Headwater Partners I Llc | Device-assisted services for protecting network capacity |
US8898293B2 (en) | 2009-01-28 | 2014-11-25 | Headwater Partners I Llc | Service offer set publishing to device agent with on-device service selection |
US8402111B2 (en) | 2009-01-28 | 2013-03-19 | Headwater Partners I, Llc | Device assisted services install |
US8340634B2 (en) | 2009-01-28 | 2012-12-25 | Headwater Partners I, Llc | Enhanced roaming services and converged carrier networks with device assisted services and a proxy |
US8635335B2 (en) | 2009-01-28 | 2014-01-21 | Headwater Partners I Llc | System and method for wireless network offloading |
US8787947B2 (en) | 2008-06-18 | 2014-07-22 | Seven Networks, Inc. | Application discovery on mobile devices |
US8078158B2 (en) | 2008-06-26 | 2011-12-13 | Seven Networks, Inc. | Provisioning applications for a mobile device |
US20100011432A1 (en) * | 2008-07-08 | 2010-01-14 | Microsoft Corporation | Automatically distributed network protection |
US8631488B2 (en) | 2008-08-04 | 2014-01-14 | Cupp Computing As | Systems and methods for providing security services during power management mode |
US8521775B1 (en) | 2008-08-20 | 2013-08-27 | At&T Mobility Ii Llc | Systems and methods for implementing a master policy repository in a policy realization framework |
US8478852B1 (en) | 2008-08-20 | 2013-07-02 | At&T Mobility Ii Llc | Policy realization framework of a communications network |
US8266694B1 (en) * | 2008-08-20 | 2012-09-11 | At&T Mobility Ii Llc | Security gateway, and a related method and computer-readable medium, for neutralizing a security threat to a component of a communications network |
US9712331B1 (en) | 2008-08-20 | 2017-07-18 | At&T Mobility Ii Llc | Systems and methods for performing conflict resolution and rule determination in a policy realization framework |
US20100058467A1 (en) * | 2008-08-28 | 2010-03-04 | International Business Machines Corporation | Efficiency of active content filtering using cached ruleset metadata |
US20100070660A1 (en) * | 2008-09-15 | 2010-03-18 | David Karl Serisky | Detecting access of video teleconferencing endpoint hardware device serial port |
US8909759B2 (en) | 2008-10-10 | 2014-12-09 | Seven Networks, Inc. | Bandwidth measurement |
US9367680B2 (en) * | 2008-10-21 | 2016-06-14 | Lookout, Inc. | System and method for mobile communication device application advisement |
US9781148B2 (en) * | 2008-10-21 | 2017-10-03 | Lookout, Inc. | Methods and systems for sharing risk responses between collections of mobile communications devices |
US8789202B2 (en) | 2008-11-19 | 2014-07-22 | Cupp Computing As | Systems and methods for providing real time access monitoring of a removable media device |
US11218854B2 (en) | 2009-01-28 | 2022-01-04 | Headwater Research Llc | Service plan design, user interfaces, application programming interfaces, and device management |
US10057775B2 (en) | 2009-01-28 | 2018-08-21 | Headwater Research Llc | Virtualized policy and charging system |
US9858559B2 (en) | 2009-01-28 | 2018-01-02 | Headwater Research Llc | Network service plan design |
US10326800B2 (en) | 2009-01-28 | 2019-06-18 | Headwater Research Llc | Wireless network service interfaces |
US10783581B2 (en) | 2009-01-28 | 2020-09-22 | Headwater Research Llc | Wireless end-user device providing ambient or sponsored services |
US11973804B2 (en) | 2009-01-28 | 2024-04-30 | Headwater Research Llc | Network service plan design |
US9578182B2 (en) | 2009-01-28 | 2017-02-21 | Headwater Partners I Llc | Mobile device and service management |
US10264138B2 (en) | 2009-01-28 | 2019-04-16 | Headwater Research Llc | Mobile device and service management |
US9565707B2 (en) | 2009-01-28 | 2017-02-07 | Headwater Partners I Llc | Wireless end-user device with wireless data attribution to multiple personas |
US9351193B2 (en) | 2009-01-28 | 2016-05-24 | Headwater Partners I Llc | Intermediate networking devices |
US9706061B2 (en) | 2009-01-28 | 2017-07-11 | Headwater Partners I Llc | Service design center for device assisted services |
US10200541B2 (en) | 2009-01-28 | 2019-02-05 | Headwater Research Llc | Wireless end-user device with divided user space/kernel space traffic policy system |
US8793758B2 (en) | 2009-01-28 | 2014-07-29 | Headwater Partners I Llc | Security, fraud detection, and fraud mitigation in device-assisted services systems |
US9609510B2 (en) | 2009-01-28 | 2017-03-28 | Headwater Research Llc | Automated credential porting for mobile devices |
US8606911B2 (en) | 2009-03-02 | 2013-12-10 | Headwater Partners I Llc | Flow tagging for service policy implementation |
US8745191B2 (en) | 2009-01-28 | 2014-06-03 | Headwater Partners I Llc | System and method for providing user notifications |
US10841839B2 (en) | 2009-01-28 | 2020-11-17 | Headwater Research Llc | Security, fraud detection, and fraud mitigation in device-assisted services systems |
US9755842B2 (en) | 2009-01-28 | 2017-09-05 | Headwater Research Llc | Managing service user discovery and service launch object placement on a device |
US9392462B2 (en) | 2009-01-28 | 2016-07-12 | Headwater Partners I Llc | Mobile end-user device with agent limiting wireless data communication for specified background applications based on a stored policy |
US9955332B2 (en) | 2009-01-28 | 2018-04-24 | Headwater Research Llc | Method for child wireless device activation to subscriber account of a master wireless device |
US10779177B2 (en) | 2009-01-28 | 2020-09-15 | Headwater Research Llc | Device group partitions and settlement platform |
US9253663B2 (en) | 2009-01-28 | 2016-02-02 | Headwater Partners I Llc | Controlling mobile device communications on a roaming network based on device state |
US10248996B2 (en) | 2009-01-28 | 2019-04-02 | Headwater Research Llc | Method for operating a wireless end-user device mobile payment agent |
US10715342B2 (en) | 2009-01-28 | 2020-07-14 | Headwater Research Llc | Managing service user discovery and service launch object placement on a device |
US9270559B2 (en) | 2009-01-28 | 2016-02-23 | Headwater Partners I Llc | Service policy implementation for an end-user device having a control application or a proxy agent for routing an application traffic flow |
US9954975B2 (en) | 2009-01-28 | 2018-04-24 | Headwater Research Llc | Enhanced curfew and protection associated with a device group |
US9572019B2 (en) | 2009-01-28 | 2017-02-14 | Headwater Partners LLC | Service selection set published to device agent with on-device service selection |
US9980146B2 (en) | 2009-01-28 | 2018-05-22 | Headwater Research Llc | Communications device with secure data path processing agents |
US10237757B2 (en) | 2009-01-28 | 2019-03-19 | Headwater Research Llc | System and method for wireless network offloading |
US10484858B2 (en) | 2009-01-28 | 2019-11-19 | Headwater Research Llc | Enhanced roaming services and converged carrier networks with device assisted services and a proxy |
US9647918B2 (en) | 2009-01-28 | 2017-05-09 | Headwater Research Llc | Mobile device and method attributing media services network usage to requesting application |
US8351898B2 (en) | 2009-01-28 | 2013-01-08 | Headwater Partners I Llc | Verifiable device assisted service usage billing with integrated accounting, mediation accounting, and multi-account |
US9571559B2 (en) | 2009-01-28 | 2017-02-14 | Headwater Partners I Llc | Enhanced curfew and protection associated with a device group |
US10064055B2 (en) | 2009-01-28 | 2018-08-28 | Headwater Research Llc | Security, fraud detection, and fraud mitigation in device-assisted services systems |
US8893009B2 (en) | 2009-01-28 | 2014-11-18 | Headwater Partners I Llc | End user device that secures an association of application to service policy with an application certificate check |
US9557889B2 (en) | 2009-01-28 | 2017-01-31 | Headwater Partners I Llc | Service plan design, user interfaces, application programming interfaces, and device management |
US10798252B2 (en) | 2009-01-28 | 2020-10-06 | Headwater Research Llc | System and method for providing user notifications |
US10492102B2 (en) | 2009-01-28 | 2019-11-26 | Headwater Research Llc | Intermediate networking devices |
US8745088B2 (en) * | 2009-03-27 | 2014-06-03 | Sap Ag | System and method of performing risk analysis using a portal |
FR2952779B1 (fr) | 2009-11-19 | 2012-11-16 | Clement Saad | Procede de securisation de la connexion d'un terminal a un reseau informatique. |
US8510792B2 (en) * | 2009-11-25 | 2013-08-13 | At&T Intellectual Property I, L.P. | Gated network service |
US9544143B2 (en) | 2010-03-03 | 2017-01-10 | Duo Security, Inc. | System and method of notifying mobile devices to complete transactions |
US9532222B2 (en) | 2010-03-03 | 2016-12-27 | Duo Security, Inc. | System and method of notifying mobile devices to complete transactions after additional agent verification |
US9552478B2 (en) * | 2010-05-18 | 2017-01-24 | AO Kaspersky Lab | Team security for portable information devices |
US9223969B2 (en) * | 2010-06-07 | 2015-12-29 | Samsung Sds Co., Ltd. | Anti-malware system and operating method thereof |
US10693853B2 (en) * | 2010-07-23 | 2020-06-23 | At&T Intellectual Property I, Lp | Method and system for policy enforcement in trusted ad hoc networks |
US8838783B2 (en) | 2010-07-26 | 2014-09-16 | Seven Networks, Inc. | Distributed caching for resource and mobile network traffic management |
CA2806527A1 (en) | 2010-07-26 | 2012-02-09 | Seven Networks, Inc. | Mobile network traffic coordination across multiple applications |
US8555067B2 (en) * | 2010-10-28 | 2013-10-08 | Apple Inc. | Methods and apparatus for delivering electronic identification components over a wireless network |
US8417823B2 (en) | 2010-11-22 | 2013-04-09 | Seven Network, Inc. | Aligning data transfer to optimize connections established for transmission over a wireless network |
WO2012060995A2 (en) | 2010-11-01 | 2012-05-10 | Michael Luna | Distributed caching in a wireless network of content delivered for a mobile application over a long-held request |
US8843153B2 (en) | 2010-11-01 | 2014-09-23 | Seven Networks, Inc. | Mobile traffic categorization and policy for network use optimization while preserving user experience |
US8484314B2 (en) | 2010-11-01 | 2013-07-09 | Seven Networks, Inc. | Distributed caching in a wireless network of content delivered for a mobile application over a long-held request |
WO2012071384A2 (en) | 2010-11-22 | 2012-05-31 | Michael Luna | Optimization of resource polling intervals to satisfy mobile device requests |
US8510820B2 (en) | 2010-12-02 | 2013-08-13 | Duo Security, Inc. | System and method for embedded authentication |
US9282085B2 (en) | 2010-12-20 | 2016-03-08 | Duo Security, Inc. | System and method for digital user authentication |
EP2661697B1 (en) | 2011-01-07 | 2018-11-21 | Seven Networks, LLC | System and method for reduction of mobile network traffic used for domain name system (dns) queries |
US8621634B2 (en) * | 2011-01-13 | 2013-12-31 | F-Secure Oyj | Malware detection based on a predetermined criterion |
US9154826B2 (en) | 2011-04-06 | 2015-10-06 | Headwater Partners Ii Llc | Distributing content and service launch objects to mobile devices |
US20120271903A1 (en) | 2011-04-19 | 2012-10-25 | Michael Luna | Shared resource and virtual resource management in a networked environment |
GB2505585B (en) | 2011-04-27 | 2015-08-12 | Seven Networks Inc | Detecting and preserving state for satisfying application requests in a distributed proxy and cache system |
WO2012149216A2 (en) | 2011-04-27 | 2012-11-01 | Seven Networks, Inc. | Mobile device which offloads requests made by a mobile application to a remote entity for conservation of mobile device and network resources and methods therefor |
US8042186B1 (en) | 2011-04-28 | 2011-10-18 | Kaspersky Lab Zao | System and method for detection of complex malware |
EP2737742A4 (en) | 2011-07-27 | 2015-01-28 | Seven Networks Inc | AUTOMATIC PRODUCTION AND DISTRIBUTION OF GUIDELINES INFORMATION ON MOBILE MOBILE TRANSPORT IN A WIRELESS NETWORK |
US8892885B2 (en) | 2011-08-31 | 2014-11-18 | Duo Security, Inc. | System and method for delivering a challenge response in an authentication protocol |
US9467463B2 (en) | 2011-09-02 | 2016-10-11 | Duo Security, Inc. | System and method for assessing vulnerability of a mobile device |
CN102378166B (zh) * | 2011-09-09 | 2014-04-23 | 周伯生 | 基于无线防火墙的网络安全方法 |
US9407663B1 (en) * | 2011-09-28 | 2016-08-02 | Emc Corporation | Method and apparatus for man-in-the-middle agent-assisted client filtering |
US8763077B2 (en) | 2011-10-07 | 2014-06-24 | Duo Security, Inc. | System and method for enforcing a policy for an authenticator device |
US9098696B2 (en) | 2011-10-25 | 2015-08-04 | Raytheon Company | Appliqué providing a secure deployment environment (SDE) for a wireless communications device |
GB2492857B (en) * | 2011-11-30 | 2013-07-17 | Avecto Ltd | Method and computer device to control software file downloads |
US8918503B2 (en) | 2011-12-06 | 2014-12-23 | Seven Networks, Inc. | Optimization of mobile traffic directed to private networks and operator configurability thereof |
EP2789138B1 (en) | 2011-12-06 | 2016-09-14 | Seven Networks, LLC | A mobile device and method to utilize the failover mechanisms for fault tolerance provided for mobile traffic management and network/device resource conservation |
GB2498064A (en) | 2011-12-07 | 2013-07-03 | Seven Networks Inc | Distributed content caching mechanism using a network operator proxy |
WO2013086447A1 (en) | 2011-12-07 | 2013-06-13 | Seven Networks, Inc. | Radio-awareness of mobile device for sending server-side control signals using a wireless network optimized transport protocol |
WO2013090212A1 (en) | 2011-12-14 | 2013-06-20 | Seven Networks, Inc. | Mobile network reporting and usage analytics system and method using aggregation of data in a distributed traffic optimization system |
RU2472215C1 (ru) | 2011-12-28 | 2013-01-10 | Закрытое акционерное общество "Лаборатория Касперского" | Способ выявления неизвестных программ с использованием эмуляции процесса загрузки |
GB2499306B (en) | 2012-01-05 | 2014-10-22 | Seven Networks Inc | Managing user interaction with an application on a mobile device |
US9203864B2 (en) | 2012-02-02 | 2015-12-01 | Seven Networks, Llc | Dynamic categorization of applications for network access in a mobile network |
WO2013116852A1 (en) | 2012-02-03 | 2013-08-08 | Seven Networks, Inc. | User as an end point for profiling and optimizing the delivery of content and data in a wireless network |
CN102571817B (zh) * | 2012-02-15 | 2014-12-10 | 华为技术有限公司 | 访问应用服务器的方法及装置 |
US8812695B2 (en) | 2012-04-09 | 2014-08-19 | Seven Networks, Inc. | Method and system for management of a virtual network connection without heartbeat messages |
WO2013155208A1 (en) | 2012-04-10 | 2013-10-17 | Seven Networks, Inc. | Intelligent customer service/call center services enhanced using real-time and historical mobile application and traffic-related statistics collected by a distributed caching system in a mobile network |
CN102663321B (zh) * | 2012-04-24 | 2016-01-13 | 百度在线网络技术(北京)有限公司 | 用于软件的安全性增强系统及方法 |
US9202047B2 (en) | 2012-05-14 | 2015-12-01 | Qualcomm Incorporated | System, apparatus, and method for adaptive observation of mobile device behavior |
US9609456B2 (en) | 2012-05-14 | 2017-03-28 | Qualcomm Incorporated | Methods, devices, and systems for communicating behavioral analysis information |
US9690635B2 (en) | 2012-05-14 | 2017-06-27 | Qualcomm Incorporated | Communicating behavior information in a mobile computing device |
US9298494B2 (en) | 2012-05-14 | 2016-03-29 | Qualcomm Incorporated | Collaborative learning for efficient behavioral analysis in networked mobile device |
US9324034B2 (en) | 2012-05-14 | 2016-04-26 | Qualcomm Incorporated | On-device real-time behavior analyzer |
CN102694733B (zh) * | 2012-06-06 | 2015-03-25 | 济南大学 | 一种获得具有准确应用类型标识的网络流量数据集的方法 |
WO2014011216A1 (en) | 2012-07-13 | 2014-01-16 | Seven Networks, Inc. | Dynamic bandwidth adjustment for browsing or streaming activity in a wireless network based on prediction of user behavior when interacting with mobile applications |
DE112012006736T5 (de) | 2012-07-24 | 2015-04-23 | Hewlett-Packard Development Company, L.P. | Empfangen eines Update-Moduls durch Zugreifen auf eine Netzwerkstelle |
US9319897B2 (en) | 2012-08-15 | 2016-04-19 | Qualcomm Incorporated | Secure behavior analysis over trusted execution environment |
US20140150100A1 (en) * | 2012-08-15 | 2014-05-29 | Qualcomm Incorporated | Adaptive Observation of Driver and Hardware Level Behavioral Features on a Mobile Device |
US9330257B2 (en) | 2012-08-15 | 2016-05-03 | Qualcomm Incorporated | Adaptive observation of behavioral features on a mobile device |
US9747440B2 (en) | 2012-08-15 | 2017-08-29 | Qualcomm Incorporated | On-line behavioral analysis engine in mobile device with multiple analyzer model providers |
US9495537B2 (en) * | 2012-08-15 | 2016-11-15 | Qualcomm Incorporated | Adaptive observation of behavioral features on a mobile device |
US9245144B2 (en) * | 2012-09-27 | 2016-01-26 | Intel Corporation | Secure data container for web applications |
WO2014059037A2 (en) | 2012-10-09 | 2014-04-17 | Cupp Computing As | Transaction security systems and methods |
US9742872B2 (en) | 2012-10-10 | 2017-08-22 | Fortinet, Inc. | Configuring initial settings of a network security device via a hand-held computing device |
US9161258B2 (en) | 2012-10-24 | 2015-10-13 | Seven Networks, Llc | Optimized and selective management of policy deployment to mobile clients in a congested network to prevent further aggravation of network congestion |
US20140177497A1 (en) | 2012-12-20 | 2014-06-26 | Seven Networks, Inc. | Management of mobile device radio state promotion and demotion |
US10089582B2 (en) | 2013-01-02 | 2018-10-02 | Qualcomm Incorporated | Using normalized confidence values for classifying mobile device behaviors |
US9684870B2 (en) | 2013-01-02 | 2017-06-20 | Qualcomm Incorporated | Methods and systems of using boosted decision stumps and joint feature selection and culling algorithms for the efficient classification of mobile device behaviors |
US9686023B2 (en) | 2013-01-02 | 2017-06-20 | Qualcomm Incorporated | Methods and systems of dynamically generating and using device-specific and device-state-specific classifier models for the efficient classification of mobile device behaviors |
US9742559B2 (en) | 2013-01-22 | 2017-08-22 | Qualcomm Incorporated | Inter-module authentication for securing application execution integrity within a computing device |
US9241314B2 (en) | 2013-01-23 | 2016-01-19 | Seven Networks, Llc | Mobile device with application or context aware fast dormancy |
KR101829114B1 (ko) * | 2013-01-25 | 2018-03-29 | 퀄컴 인코포레이티드 | 모바일 디바이스에 대한 거동 특징들의 적응적 관찰 |
US8874761B2 (en) | 2013-01-25 | 2014-10-28 | Seven Networks, Inc. | Signaling optimization in a wireless network for traffic utilizing proprietary and non-proprietary protocols |
CN103281288B (zh) * | 2013-02-05 | 2016-01-13 | 武汉安天信息技术有限责任公司 | 一种手机防火墙系统及方法 |
US9491187B2 (en) | 2013-02-15 | 2016-11-08 | Qualcomm Incorporated | APIs for obtaining device-specific behavior classifier models from the cloud |
US9338156B2 (en) | 2013-02-22 | 2016-05-10 | Duo Security, Inc. | System and method for integrating two-factor authentication in a device |
US9443073B2 (en) | 2013-08-08 | 2016-09-13 | Duo Security, Inc. | System and method for verifying status of an authentication device |
US9607156B2 (en) * | 2013-02-22 | 2017-03-28 | Duo Security, Inc. | System and method for patching a device through exploitation |
US8893230B2 (en) | 2013-02-22 | 2014-11-18 | Duo Security, Inc. | System and method for proxying federated authentication protocols |
US8750123B1 (en) | 2013-03-11 | 2014-06-10 | Seven Networks, Inc. | Mobile device equipped with mobile network congestion recognition to make intelligent decisions regarding connecting to an operator network |
US9916567B1 (en) | 2013-03-15 | 2018-03-13 | Vantiv, Llc | Systems, methods and apparatus for payment terminal management |
US9306943B1 (en) * | 2013-03-29 | 2016-04-05 | Emc Corporation | Access point—authentication server combination |
US11157976B2 (en) | 2013-07-08 | 2021-10-26 | Cupp Computing As | Systems and methods for providing digital content marketplace security |
US9065765B2 (en) | 2013-07-22 | 2015-06-23 | Seven Networks, Inc. | Proxy server associated with a mobile carrier for enhancing mobile traffic management in a mobile network |
US9053310B2 (en) | 2013-08-08 | 2015-06-09 | Duo Security, Inc. | System and method for verifying status of an authentication device through a biometric profile |
US9471781B2 (en) | 2013-08-23 | 2016-10-18 | Cisco Technology, Inc. | Method and apparatus for monitoring and filtering universal serial bus network traffic |
GB2517740B (en) * | 2013-08-30 | 2016-03-30 | Eco Hive Ltd | A Monitoring Arrangement |
US9608814B2 (en) | 2013-09-10 | 2017-03-28 | Duo Security, Inc. | System and method for centralized key distribution |
US9092302B2 (en) | 2013-09-10 | 2015-07-28 | Duo Security, Inc. | System and method for determining component version compatibility across a device ecosystem |
CN103490992B (zh) * | 2013-10-10 | 2016-10-19 | 沈阳航空航天大学 | 即时通讯蠕虫检测方法 |
US9774448B2 (en) | 2013-10-30 | 2017-09-26 | Duo Security, Inc. | System and methods for opportunistic cryptographic key management on an electronic device |
EP2899940B1 (en) * | 2014-01-23 | 2020-06-03 | Vodafone GmbH | Connection method for secure connecting of a mobile device system to a network |
WO2015123611A2 (en) | 2014-02-13 | 2015-08-20 | Cupp Computing As | Systems and methods for providing network security using a secure digital device |
US9762590B2 (en) | 2014-04-17 | 2017-09-12 | Duo Security, Inc. | System and method for an integrity focused authentication service |
US9444790B2 (en) | 2014-12-17 | 2016-09-13 | International Business Machines Corporation | Method and apparatus for threat isolation and remote resolution for computer systems |
US9979719B2 (en) | 2015-01-06 | 2018-05-22 | Duo Security, Inc. | System and method for converting one-time passcodes to app-based authentication |
TWI544361B (zh) * | 2015-03-05 | 2016-08-01 | 緯創資通股份有限公司 | 用於網路介面控制器系統之保護方法與其電腦系統 |
US9641341B2 (en) | 2015-03-31 | 2017-05-02 | Duo Security, Inc. | Method for distributed trust authentication |
ES2758755T3 (es) | 2015-06-01 | 2020-05-06 | Duo Security Inc | Método para aplicar normas de salud de punto final |
US10536357B2 (en) | 2015-06-05 | 2020-01-14 | Cisco Technology, Inc. | Late data detection in data center |
US10142353B2 (en) | 2015-06-05 | 2018-11-27 | Cisco Technology, Inc. | System for monitoring and managing datacenters |
US9774579B2 (en) | 2015-07-27 | 2017-09-26 | Duo Security, Inc. | Method for key rotation |
US10803437B2 (en) * | 2015-08-28 | 2020-10-13 | Ncr Corporation | Self-service terminal technical state monitoring and alerting |
US9578054B1 (en) | 2015-08-31 | 2017-02-21 | Newman H-R Computer Design, LLC | Hacking-resistant computer design |
CN105491026B (zh) * | 2015-11-24 | 2018-07-06 | 无锡江南计算技术研究所 | 一种安全策略的远程加载方法 |
US20220164840A1 (en) | 2016-04-01 | 2022-05-26 | OneTrust, LLC | Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design |
US11102238B2 (en) | 2016-04-22 | 2021-08-24 | Sophos Limited | Detecting triggering events for distributed denial of service attacks |
US10986109B2 (en) | 2016-04-22 | 2021-04-20 | Sophos Limited | Local proxy detection |
US11277416B2 (en) | 2016-04-22 | 2022-03-15 | Sophos Limited | Labeling network flows according to source applications |
US11165797B2 (en) | 2016-04-22 | 2021-11-02 | Sophos Limited | Detecting endpoint compromise based on network usage history |
WO2018202995A1 (fr) * | 2017-05-02 | 2018-11-08 | Leal Monteiro Vladimir Michael | Périphérique portable de communication, système de protection d'un terminal portable et procédé de communication |
FR3050852B1 (fr) * | 2016-04-29 | 2019-06-07 | Vladimir Michael Leal Monteiro | Peripherique portable de communication, systeme de protection d'un terminal portable et procede de communication |
US11341243B2 (en) * | 2016-04-29 | 2022-05-24 | Vladimir Mickael LEAL MONTEIRO | Mobile communication peripheral, system for protecting a mobile terminal and communication method |
US10997318B2 (en) | 2016-06-10 | 2021-05-04 | OneTrust, LLC | Data processing systems for generating and populating a data inventory for processing data access requests |
US11636171B2 (en) | 2016-06-10 | 2023-04-25 | OneTrust, LLC | Data processing user interface monitoring systems and related methods |
US11392720B2 (en) | 2016-06-10 | 2022-07-19 | OneTrust, LLC | Data processing systems for verification of consent and notice processing and related methods |
US11475136B2 (en) | 2016-06-10 | 2022-10-18 | OneTrust, LLC | Data processing systems for data transfer risk identification and related methods |
US11544667B2 (en) | 2016-06-10 | 2023-01-03 | OneTrust, LLC | Data processing systems for generating and populating a data inventory |
US11416589B2 (en) | 2016-06-10 | 2022-08-16 | OneTrust, LLC | Data processing and scanning systems for assessing vendor risk |
US11134086B2 (en) | 2016-06-10 | 2021-09-28 | OneTrust, LLC | Consent conversion optimization systems and related methods |
US10740487B2 (en) | 2016-06-10 | 2020-08-11 | OneTrust, LLC | Data processing systems and methods for populating and maintaining a centralized database of personal data |
US11410106B2 (en) | 2016-06-10 | 2022-08-09 | OneTrust, LLC | Privacy management systems and methods |
US11354434B2 (en) | 2016-06-10 | 2022-06-07 | OneTrust, LLC | Data processing systems for verification of consent and notice processing and related methods |
US11520928B2 (en) | 2016-06-10 | 2022-12-06 | OneTrust, LLC | Data processing systems for generating personal data receipts and related methods |
US10846433B2 (en) | 2016-06-10 | 2020-11-24 | OneTrust, LLC | Data processing consent management systems and related methods |
US10909265B2 (en) | 2016-06-10 | 2021-02-02 | OneTrust, LLC | Application privacy scanning systems and related methods |
US11188615B2 (en) | 2016-06-10 | 2021-11-30 | OneTrust, LLC | Data processing consent capture systems and related methods |
US11227247B2 (en) | 2016-06-10 | 2022-01-18 | OneTrust, LLC | Data processing systems and methods for bundled privacy policies |
US11461500B2 (en) | 2016-06-10 | 2022-10-04 | OneTrust, LLC | Data processing systems for cookie compliance testing with website scanning and related methods |
US11675929B2 (en) | 2016-06-10 | 2023-06-13 | OneTrust, LLC | Data processing consent sharing systems and related methods |
US11651104B2 (en) | 2016-06-10 | 2023-05-16 | OneTrust, LLC | Consent receipt management systems and related methods |
US11651106B2 (en) | 2016-06-10 | 2023-05-16 | OneTrust, LLC | Data processing systems for fulfilling data subject access requests and related methods |
US11343284B2 (en) | 2016-06-10 | 2022-05-24 | OneTrust, LLC | Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance |
US10510031B2 (en) | 2016-06-10 | 2019-12-17 | OneTrust, LLC | Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques |
US11366786B2 (en) | 2016-06-10 | 2022-06-21 | OneTrust, LLC | Data processing systems for processing data subject access requests |
US11562097B2 (en) | 2016-06-10 | 2023-01-24 | OneTrust, LLC | Data processing systems for central consent repository and related methods |
US11416798B2 (en) | 2016-06-10 | 2022-08-16 | OneTrust, LLC | Data processing systems and methods for providing training in a vendor procurement process |
US20170359306A1 (en) | 2016-06-10 | 2017-12-14 | Sophos Limited | Network security |
US10318761B2 (en) | 2016-06-10 | 2019-06-11 | OneTrust, LLC | Data processing systems and methods for auditing data request compliance |
US10592648B2 (en) | 2016-06-10 | 2020-03-17 | OneTrust, LLC | Consent receipt management systems and related methods |
US10678945B2 (en) | 2016-06-10 | 2020-06-09 | OneTrust, LLC | Consent receipt management systems and related methods |
US11328092B2 (en) | 2016-06-10 | 2022-05-10 | OneTrust, LLC | Data processing systems for processing and managing data subject access in a distributed environment |
US10949565B2 (en) | 2016-06-10 | 2021-03-16 | OneTrust, LLC | Data processing systems for generating and populating a data inventory |
US11354435B2 (en) | 2016-06-10 | 2022-06-07 | OneTrust, LLC | Data processing systems for data testing to confirm data deletion and related methods |
US11341447B2 (en) | 2016-06-10 | 2022-05-24 | OneTrust, LLC | Privacy management systems and methods |
US11294939B2 (en) | 2016-06-10 | 2022-04-05 | OneTrust, LLC | Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software |
US11586700B2 (en) | 2016-06-10 | 2023-02-21 | OneTrust, LLC | Data processing systems and methods for automatically blocking the use of tracking tools |
US11188862B2 (en) | 2016-06-10 | 2021-11-30 | OneTrust, LLC | Privacy management systems and methods |
US11222142B2 (en) | 2016-06-10 | 2022-01-11 | OneTrust, LLC | Data processing systems for validating authorization for personal data collection, storage, and processing |
US11222139B2 (en) | 2016-06-10 | 2022-01-11 | OneTrust, LLC | Data processing systems and methods for automatic discovery and assessment of mobile software development kits |
US11416109B2 (en) | 2016-06-10 | 2022-08-16 | OneTrust, LLC | Automated data processing systems and methods for automatically processing data subject access requests using a chatbot |
US10685140B2 (en) | 2016-06-10 | 2020-06-16 | OneTrust, LLC | Consent receipt management systems and related methods |
US11301796B2 (en) | 2016-06-10 | 2022-04-12 | OneTrust, LLC | Data processing systems and methods for customizing privacy training |
US11727141B2 (en) | 2016-06-10 | 2023-08-15 | OneTrust, LLC | Data processing systems and methods for synching privacy-related user consent across multiple computing devices |
US10909488B2 (en) | 2016-06-10 | 2021-02-02 | OneTrust, LLC | Data processing systems for assessing readiness for responding to privacy-related incidents |
US11336697B2 (en) | 2016-06-10 | 2022-05-17 | OneTrust, LLC | Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods |
US11416590B2 (en) | 2016-06-10 | 2022-08-16 | OneTrust, LLC | Data processing and scanning systems for assessing vendor risk |
US11481710B2 (en) | 2016-06-10 | 2022-10-25 | OneTrust, LLC | Privacy management systems and methods |
US11366909B2 (en) | 2016-06-10 | 2022-06-21 | OneTrust, LLC | Data processing and scanning systems for assessing vendor risk |
US10284604B2 (en) | 2016-06-10 | 2019-05-07 | OneTrust, LLC | Data processing and scanning systems for generating and populating a data inventory |
US11418492B2 (en) | 2016-06-10 | 2022-08-16 | OneTrust, LLC | Data processing systems and methods for using a data model to select a target data asset in a data migration |
US11625502B2 (en) | 2016-06-10 | 2023-04-11 | OneTrust, LLC | Data processing systems for identifying and modifying processes that are subject to data subject access requests |
US10878127B2 (en) | 2016-06-10 | 2020-12-29 | OneTrust, LLC | Data subject access request processing systems and related methods |
US11438386B2 (en) | 2016-06-10 | 2022-09-06 | OneTrust, LLC | Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods |
US11403377B2 (en) | 2016-06-10 | 2022-08-02 | OneTrust, LLC | Privacy management systems and methods |
PL418864A1 (pl) * | 2016-09-26 | 2018-04-09 | Comarch Spółka Akcyjna | Sposób komunikacji urządzenia kryptograficznego z urządzeniem komputerowym oraz urządzenie kryptograficzne |
AR106244A1 (es) * | 2016-09-30 | 2017-12-27 | Esteban Benitez Carlos | Dispositivo de ciber-protección personal portátil |
GB201617620D0 (en) * | 2016-10-18 | 2016-11-30 | Cybernetica As | Composite digital signatures |
US10013577B1 (en) | 2017-06-16 | 2018-07-03 | OneTrust, LLC | Data processing systems for identifying whether cookies contain personally identifying information |
US11563753B2 (en) * | 2017-09-25 | 2023-01-24 | Rohde & Schwarz Gmbh & Co. Kg | Security surveillance system and security surveillance method |
US20190102533A1 (en) * | 2017-10-04 | 2019-04-04 | Stryker Corporation | Peripheral Cyber-Security Device |
US10574676B2 (en) | 2017-10-06 | 2020-02-25 | Fyde, Inc. | Network traffic inspection |
US11134058B1 (en) * | 2017-10-06 | 2021-09-28 | Barracuda Networks, Inc. | Network traffic inspection |
US10412113B2 (en) | 2017-12-08 | 2019-09-10 | Duo Security, Inc. | Systems and methods for intelligently configuring computer security |
KR102485368B1 (ko) | 2018-01-15 | 2023-01-05 | 삼성전자주식회사 | 전자 장치, 그 제어 방법 및 컴퓨터 판독가능 기록 매체 |
US11038923B2 (en) * | 2018-02-16 | 2021-06-15 | Nokia Technologies Oy | Security management in communication systems with security-based architecture using application layer security |
US10803202B2 (en) | 2018-09-07 | 2020-10-13 | OneTrust, LLC | Data processing systems for orphaned data identification and deletion and related methods |
US11544409B2 (en) | 2018-09-07 | 2023-01-03 | OneTrust, LLC | Data processing systems and methods for automatically protecting sensitive data within privacy management systems |
US11425170B2 (en) * | 2018-10-11 | 2022-08-23 | Honeywell International Inc. | System and method for deploying and configuring cyber-security protection solution using portable storage device |
US11658962B2 (en) | 2018-12-07 | 2023-05-23 | Cisco Technology, Inc. | Systems and methods of push-based verification of a transaction |
US10958662B1 (en) | 2019-01-24 | 2021-03-23 | Fyde, Inc. | Access proxy platform |
EP3694174B1 (en) * | 2019-02-07 | 2021-09-01 | AO Kaspersky Lab | Systems and methods for protecting automated systems using a gateway |
US11457040B1 (en) | 2019-02-12 | 2022-09-27 | Barracuda Networks, Inc. | Reverse TCP/IP stack |
US10715493B1 (en) * | 2019-07-03 | 2020-07-14 | Centripetal Networks, Inc. | Methods and systems for efficient cyber protections of mobile devices |
US11916758B2 (en) | 2019-08-02 | 2024-02-27 | Cisco Technology, Inc. | Network-assisted application-layer request flow management in service meshes |
US11245703B2 (en) | 2019-09-27 | 2022-02-08 | Bank Of America Corporation | Security tool for considering multiple security contexts |
US11405778B2 (en) | 2020-02-20 | 2022-08-02 | International Business Machines Corporation | User confidentiality protection system |
CN111447240B (zh) * | 2020-04-29 | 2022-02-15 | 安康鸿天科技股份有限公司 | 数据通信控制方法、装置、系统、存储介质及计算机设备 |
WO2022011142A1 (en) | 2020-07-08 | 2022-01-13 | OneTrust, LLC | Systems and methods for targeted data discovery |
GB2597909B (en) | 2020-07-17 | 2022-09-07 | British Telecomm | Computer-implemented security methods and systems |
WO2022026564A1 (en) | 2020-07-28 | 2022-02-03 | OneTrust, LLC | Systems and methods for automatically blocking the use of tracking tools |
WO2022032072A1 (en) | 2020-08-06 | 2022-02-10 | OneTrust, LLC | Data processing systems and methods for automatically redacting unstructured data from a data subject access request |
WO2022060860A1 (en) | 2020-09-15 | 2022-03-24 | OneTrust, LLC | Data processing systems and methods for detecting tools for the automatic blocking of consent requests |
US11526624B2 (en) | 2020-09-21 | 2022-12-13 | OneTrust, LLC | Data processing systems and methods for automatically detecting target data transfers and target data processing |
US11727318B2 (en) | 2020-10-30 | 2023-08-15 | International Business Machines Corporation | Meeting room selection based on internet of things privacy level |
EP4241173A1 (en) | 2020-11-06 | 2023-09-13 | OneTrust LLC | Systems and methods for identifying data processing activities based on data discovery results |
US11687528B2 (en) | 2021-01-25 | 2023-06-27 | OneTrust, LLC | Systems and methods for discovery, classification, and indexing of data in a native computing system |
WO2022170047A1 (en) | 2021-02-04 | 2022-08-11 | OneTrust, LLC | Managing custom attributes for domain objects defined within microservices |
US11494515B2 (en) | 2021-02-08 | 2022-11-08 | OneTrust, LLC | Data processing systems and methods for anonymizing data samples in classification analysis |
US20240098109A1 (en) | 2021-02-10 | 2024-03-21 | OneTrust, LLC | Systems and methods for mitigating risks of third-party computing system functionality integration into a first-party computing system |
US11775348B2 (en) | 2021-02-17 | 2023-10-03 | OneTrust, LLC | Managing custom workflows for domain objects defined within microservices |
WO2022178219A1 (en) | 2021-02-18 | 2022-08-25 | OneTrust, LLC | Selective redaction of media content |
US11533315B2 (en) | 2021-03-08 | 2022-12-20 | OneTrust, LLC | Data transfer discovery and analysis systems and related methods |
US11562078B2 (en) | 2021-04-16 | 2023-01-24 | OneTrust, LLC | Assessing and managing computational risk involved with integrating third party computing functionality within a computing system |
CN113992407B (zh) * | 2021-10-27 | 2023-10-13 | 北京天融信网络安全技术有限公司 | 一种安全策略配置方法及装置 |
CN114221779A (zh) * | 2021-10-27 | 2022-03-22 | 广东中科云量信息安全技术有限公司 | 一种基于云计算和人工智能的网络安全系统 |
CN114039795B (zh) * | 2021-11-26 | 2023-06-23 | 郑州信大信息技术研究院有限公司 | 软件定义路由器及基于该软件定义路由器的数据转发方法 |
US11620142B1 (en) | 2022-06-03 | 2023-04-04 | OneTrust, LLC | Generating and customizing user interfaces for demonstrating functions of interactive user environments |
Family Cites Families (233)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US2007109A (en) * | 1931-06-20 | 1935-07-02 | Sullivan Machinery Co | Loading machine |
USH1944H1 (en) * | 1998-03-24 | 2001-02-06 | Lucent Technologies Inc. | Firewall security method and apparatus |
JP3611964B2 (ja) | 1998-04-16 | 2005-01-19 | 富士通株式会社 | 記憶装置、記憶制御方法及び記憶媒体 |
US20010014102A1 (en) | 1998-09-24 | 2001-08-16 | Doris Ann Mattingly | Isochronous pipes channel mapping |
US6957346B1 (en) | 1999-06-15 | 2005-10-18 | Ssh Communications Security Ltd. | Method and arrangement for providing security through network address translations using tunneling and compensations |
US6981155B1 (en) | 1999-07-14 | 2005-12-27 | Symantec Corporation | System and method for computer security |
US7934251B2 (en) | 1999-12-02 | 2011-04-26 | Western Digital Technologies, Inc. | Managed peer-to-peer applications, systems and methods for distributed data access and storage |
US6726509B2 (en) | 1999-12-06 | 2004-04-27 | Henry Milan | Stackable power supply system |
US6466779B1 (en) | 2000-03-07 | 2002-10-15 | Samsung Electronics Co., Ltd. | System and method for secure provisioning of a mobile station from a provisioning server using IWF-based firewall |
US6842861B1 (en) | 2000-03-24 | 2005-01-11 | Networks Associates Technology, Inc. | Method and system for detecting viruses on handheld computers |
US6754709B1 (en) | 2000-03-29 | 2004-06-22 | Microsoft Corporation | Application programming interface and generalized network address translator for intelligent transparent application gateway processes |
US8195823B2 (en) | 2000-04-17 | 2012-06-05 | Circadence Corporation | Dynamic network link acceleration |
KR100358518B1 (ko) | 2000-07-03 | 2002-10-30 | 주식회사 지모컴 | 임베디드 하드웨어와 범용 컴퓨터가 결합된 방화벽 시스템 |
US7539828B2 (en) | 2000-08-08 | 2009-05-26 | Faronics Corporation | Method and system for automatically preserving persistent storage |
US7197638B1 (en) | 2000-08-21 | 2007-03-27 | Symantec Corporation | Unified permissions control for remotely and locally stored files whose informational content may be protected by smart-locking and/or bubble-protection |
GB2366691B (en) * | 2000-08-31 | 2002-11-06 | F Secure Oyj | Wireless device management |
ATE362251T1 (de) | 2000-09-11 | 2007-06-15 | Transnexus Inc | Verrechnungsserver für internet- und multimedia- kommunikationen |
US6813682B2 (en) | 2000-09-29 | 2004-11-02 | Steven Bress | Write protection for computer long-term memory devices |
US20020111824A1 (en) | 2000-11-27 | 2002-08-15 | First To File, Inc. | Method of defining workflow rules for managing intellectual property |
US7168089B2 (en) | 2000-12-07 | 2007-01-23 | Igt | Secured virtual network in a gaming environment |
US6718423B2 (en) | 2000-12-29 | 2004-04-06 | Gateway, Inc. | Bus hub with a selectable number of ports |
US7065644B2 (en) * | 2001-01-12 | 2006-06-20 | Hewlett-Packard Development Company, L.P. | System and method for protecting a security profile of a computer system |
US6725294B1 (en) | 2001-02-20 | 2004-04-20 | Lsi Logic Corporation | Installation and access of a device handler for a peripheral device in a computer |
US7536715B2 (en) | 2001-05-25 | 2009-05-19 | Secure Computing Corporation | Distributed firewall system and method |
US6957274B2 (en) | 2001-06-27 | 2005-10-18 | Microsoft Corporation | System adds additional new routes and default routes to a routing table to allow concurrent access to two different network connections |
EP1412879B1 (en) | 2001-06-29 | 2012-05-30 | Secure Systems Limited | Security system and method for computers |
US7069330B1 (en) | 2001-07-05 | 2006-06-27 | Mcafee, Inc. | Control of interaction between client computer applications and network resources |
US6873988B2 (en) | 2001-07-06 | 2005-03-29 | Check Point Software Technologies, Inc. | System and methods providing anti-virus cooperative enforcement |
US8239531B1 (en) | 2001-07-23 | 2012-08-07 | At&T Intellectual Property Ii, L.P. | Method and apparatus for connection to virtual private networks for secure transactions |
EP1417802A1 (en) | 2001-07-24 | 2004-05-12 | Worldcom. Inc. | Network security architecture |
US7665137B1 (en) | 2001-07-26 | 2010-02-16 | Mcafee, Inc. | System, method and computer program product for anti-virus scanning in a storage subsystem |
US7131141B1 (en) | 2001-07-27 | 2006-10-31 | At&T Corp. | Method and apparatus for securely connecting a plurality of trust-group networks, a protected resource network and an untrusted network |
US8001594B2 (en) | 2001-07-30 | 2011-08-16 | Ipass, Inc. | Monitoring computer network security enforcement |
US7036143B1 (en) | 2001-09-19 | 2006-04-25 | Cisco Technology, Inc. | Methods and apparatus for virtual private network based mobility |
US20030097431A1 (en) | 2001-09-29 | 2003-05-22 | Dill Russell J. | Ethernet firewall multi-access appliance |
US20040019656A1 (en) | 2001-10-04 | 2004-01-29 | Smith Jeffrey C. | System and method for monitoring global network activity |
US7392537B2 (en) | 2001-10-08 | 2008-06-24 | Stonesoft Oy | Managing a network security application |
US20030084319A1 (en) | 2001-10-31 | 2003-05-01 | Tarquini Richard Paul | Node, method and computer readable medium for inserting an intrusion prevention system into a network stack |
US7360242B2 (en) * | 2001-11-19 | 2008-04-15 | Stonesoft Corporation | Personal firewall with location detection |
US7150042B2 (en) | 2001-12-06 | 2006-12-12 | Mcafee, Inc. | Techniques for performing malware scanning of files stored within a file storage device of a computer network |
WO2003060671A2 (en) | 2002-01-04 | 2003-07-24 | Lab 7 Networks, Inc. | Communication security system |
EP1329798A1 (en) | 2002-01-18 | 2003-07-23 | Hewlett-Packard Company, A Delaware Corporation | Power management method and apparatus |
US7873028B2 (en) | 2002-01-25 | 2011-01-18 | Quanta Computer, Inc. | Method and apparatus for a flexible peripheral access router |
US6722917B2 (en) | 2002-02-01 | 2004-04-20 | Yea Yen Huang | USB hub |
US6772345B1 (en) | 2002-02-08 | 2004-08-03 | Networks Associates Technology, Inc. | Protocol-level malware scanner |
US7342903B2 (en) | 2002-04-15 | 2008-03-11 | Qualcomm Incorporated | Methods and apparatus for the utilization of multiple uplinks in reverse tunneling |
US7076690B1 (en) | 2002-04-15 | 2006-07-11 | Emc Corporation | Method and apparatus for managing access to volumes of storage |
US7086089B2 (en) * | 2002-05-20 | 2006-08-01 | Airdefense, Inc. | Systems and methods for network security |
US7478235B2 (en) | 2002-06-28 | 2009-01-13 | Microsoft Corporation | Methods and systems for protecting data in USB systems |
US7894480B1 (en) | 2002-08-27 | 2011-02-22 | Hewlett-Packard Company | Computer system and network interface with hardware based rule checking for embedded firewall |
US7716725B2 (en) | 2002-09-20 | 2010-05-11 | Fortinet, Inc. | Firewall interface configuration and processes to enable bi-directional VoIP traversal communications |
US7340531B2 (en) | 2002-09-27 | 2008-03-04 | Intel Corporation | Apparatus and method for data transfer |
AU2002342591A1 (en) | 2002-09-30 | 2004-04-19 | Mobilethink A/S | Method for transferring, data, e.g. emails, from a computer protected by a firewall to an external device, e.g. a mobile terminal |
US7143288B2 (en) | 2002-10-16 | 2006-11-28 | Vormetric, Inc. | Secure file system server architecture and methods |
US20040085944A1 (en) * | 2002-11-04 | 2004-05-06 | Boehm Lawrence D. | Portable wireless internet gateway |
DE10251993B4 (de) | 2002-11-06 | 2012-09-27 | Actix Gmbh | Verfahren und Vorrichtung zur Optimierung von zellularen drahtlosen Nachrichtennetzen |
US7283542B2 (en) | 2002-11-15 | 2007-10-16 | Nortel Networks Limited | Network address translator and secure transfer device for interfacing networks |
US20040203296A1 (en) * | 2002-11-15 | 2004-10-14 | Globespan Virata Inc. | Method and system for attaching a USB network adapter supporting both RNDIS and non-RNDIS capable operating systems |
US7827607B2 (en) | 2002-11-27 | 2010-11-02 | Symantec Corporation | Enhanced client compliancy using database of security sensor data |
US7353533B2 (en) * | 2002-12-18 | 2008-04-01 | Novell, Inc. | Administration of protection of data accessible by a mobile device |
US7526800B2 (en) | 2003-02-28 | 2009-04-28 | Novell, Inc. | Administration of protection of data accessible by a mobile device |
US20040148450A1 (en) | 2003-01-27 | 2004-07-29 | Shih-Chang Chen | Serially connectable USB drive |
JPWO2004075056A1 (ja) * | 2003-02-21 | 2006-06-01 | 独立行政法人産業技術総合研究所 | ウイルスチェック装置及びシステム |
US7634805B2 (en) | 2003-03-05 | 2009-12-15 | Microsoft Corporation | Use of network address translation for implementation of stateful routing |
US8136155B2 (en) | 2003-04-01 | 2012-03-13 | Check Point Software Technologies, Inc. | Security system with methodology for interprocess communication control |
US7359983B1 (en) | 2003-06-24 | 2008-04-15 | Nvidia Corporation | Fragment processing utilizing cross-linked tables |
WO2005032106A1 (en) | 2003-09-30 | 2005-04-07 | Koninklijke Philips Electronics, N.V. | Client requested external address mapping |
US7213766B2 (en) | 2003-11-17 | 2007-05-08 | Dpd Patent Trust Ltd | Multi-interface compact personal token apparatus and methods of use |
US20050114870A1 (en) | 2003-11-21 | 2005-05-26 | Song Dong H. | System and method for executing an application on a secured run-time environment |
US8661158B2 (en) | 2003-12-10 | 2014-02-25 | Aventail Llc | Smart tunneling to resources in a network |
US7992199B1 (en) | 2003-12-31 | 2011-08-02 | Honeywell International Inc. | Method for permitting two parties to establish connectivity with both parties behind firewalls |
US7769995B2 (en) * | 2004-01-07 | 2010-08-03 | Microsoft Corporation | System and method for providing secure network access |
US7152190B2 (en) | 2004-02-03 | 2006-12-19 | Motorola Inc. | USB OTG intelligent hub/router for debugging USB OTG devices |
WO2005086365A1 (en) | 2004-03-02 | 2005-09-15 | Spartak Buniatyan | Portable universal data storage device |
US8266670B1 (en) | 2004-05-06 | 2012-09-11 | American Express Travel Related Services Company, Inc. | System and method for dynamic security provisioning of data resources |
WO2005117466A2 (en) * | 2004-05-24 | 2005-12-08 | Computer Associates Think, Inc. | Wireless manager and method for managing wireless devices |
US7400648B2 (en) | 2004-05-28 | 2008-07-15 | International Business Machines Corporation | Virtual USB communications port |
US20050278544A1 (en) | 2004-06-14 | 2005-12-15 | Arthur Baxter | Removable data storage medium and associated marketing interface |
USD537036S1 (en) | 2004-06-18 | 2007-02-20 | Skylight Digital Inc. | USB hub |
US7418253B2 (en) * | 2004-07-19 | 2008-08-26 | Telefonaktiebolaget Lm Ericsson (Publ) | Method, security system control module and policy server for providing security in a packet-switched telecommunications system |
TWM260958U (en) | 2004-07-23 | 2005-04-01 | Blueexpert Technology Corp | USB wireless transmitter with USB expansion slot |
AU2005266945A1 (en) | 2004-07-23 | 2006-02-02 | Citrix Systems, Inc. | A method and systems for securing remote access to private networks |
US20060022802A1 (en) | 2004-07-30 | 2006-02-02 | Raj Bridgelall | Radio frequency identification-based power management system and method for wireless communication devices |
US7484247B2 (en) | 2004-08-07 | 2009-01-27 | Allen F Rozman | System and method for protecting a computer system from malicious software |
US8402528B1 (en) * | 2004-08-09 | 2013-03-19 | Symantec Corporation | Portable firewall adapter |
US8996603B2 (en) | 2004-09-16 | 2015-03-31 | Cisco Technology, Inc. | Method and apparatus for user domain based white lists |
US20060069782A1 (en) | 2004-09-16 | 2006-03-30 | Michael Manning | Method and apparatus for location-based white lists in a telecommunications network |
US20060064391A1 (en) | 2004-09-20 | 2006-03-23 | Andrew Petrov | System and method for a secure transaction module |
US7480683B2 (en) | 2004-10-01 | 2009-01-20 | Webroot Software, Inc. | System and method for heuristic analysis to identify pestware |
US20060085528A1 (en) | 2004-10-01 | 2006-04-20 | Steve Thomas | System and method for monitoring network communications for pestware |
US7533131B2 (en) | 2004-10-01 | 2009-05-12 | Webroot Software, Inc. | System and method for pestware detection and removal |
US20060075494A1 (en) | 2004-10-01 | 2006-04-06 | Bertman Justin R | Method and system for analyzing data for potential malware |
WO2006045343A1 (en) * | 2004-10-29 | 2006-05-04 | Telecom Italia S.P.A. | System and method for remote security management of a user terminal via a trusted user platform |
US7418525B2 (en) | 2004-10-29 | 2008-08-26 | International Business Machines Corporation | Shared simultaneously-connected removable drives and servers each housing an I/O controller which maintains an uninterrupted protocol connection |
US20060101277A1 (en) | 2004-11-10 | 2006-05-11 | Meenan Patrick A | Detecting and remedying unauthorized computer programs |
WO2006054340A1 (ja) | 2004-11-17 | 2006-05-26 | Fujitsu Limited | 携帯無線端末及びそのセキュリティシステム |
KR20070087198A (ko) | 2004-12-21 | 2007-08-27 | 미슬토우 테크놀로지즈, 인코포레이티드 | 네트워크 인터페이스 및 방화벽 장치 |
US7735138B2 (en) | 2005-01-14 | 2010-06-08 | Trend Micro Incorporated | Method and apparatus for performing antivirus tasks in a mobile wireless device |
US8520512B2 (en) | 2005-01-26 | 2013-08-27 | Mcafee, Inc. | Network appliance for customizable quarantining of a node on a network |
US7676841B2 (en) | 2005-02-01 | 2010-03-09 | Fmr Llc | Network intrusion mitigation |
US8495700B2 (en) | 2005-02-28 | 2013-07-23 | Mcafee, Inc. | Mobile data security system and methods |
US7865908B2 (en) | 2005-03-11 | 2011-01-04 | Microsoft Corporation | VM network traffic monitoring and filtering on the host |
US8418226B2 (en) | 2005-03-18 | 2013-04-09 | Absolute Software Corporation | Persistent servicing agent |
US20060224794A1 (en) * | 2005-04-04 | 2006-10-05 | Stevens Michael J | Using USB memory device to recover operating system |
US7519809B2 (en) | 2005-04-07 | 2009-04-14 | International Business Machines Corporation | Operating system-wide sandboxing via switchable user skins |
US20060230199A1 (en) | 2005-04-08 | 2006-10-12 | Ta-Lung Yu | USB hub structure |
US7945788B2 (en) | 2005-05-03 | 2011-05-17 | Strong Bear L.L.C. | Removable drive with data encryption |
US20070097976A1 (en) | 2005-05-20 | 2007-05-03 | Wood George D | Suspect traffic redirection |
US7293170B2 (en) | 2005-06-06 | 2007-11-06 | Tranxition Corporation | Changing the personality of a device by intercepting requests for personality information |
US8631483B2 (en) | 2005-06-14 | 2014-01-14 | Texas Instruments Incorporated | Packet processors and packet filter processes, circuits, devices, and systems |
US20070050426A1 (en) | 2005-06-20 | 2007-03-01 | Dubal Scott P | Platform with management agent to receive software updates |
US20070005987A1 (en) | 2005-06-30 | 2007-01-04 | Durham Lenitra M | Wireless detection and/or containment of compromised electronic devices in multiple power states |
US20070022474A1 (en) | 2005-07-21 | 2007-01-25 | Mistletoe Technologies, Inc. | Portable firewall |
US7925756B1 (en) | 2005-09-30 | 2011-04-12 | Packeteer, Inc. | Partition configuration and creation mechanisms for network traffic management devices |
US8042147B2 (en) | 2005-10-05 | 2011-10-18 | Bryes Security | Network security appliance |
US8528096B2 (en) | 2005-10-07 | 2013-09-03 | Stmicroelectronics, Inc. | Secure universal serial bus (USB) storage device and method |
WO2007044986A2 (en) | 2005-10-13 | 2007-04-19 | Trapeze Networks, Inc. | System and method for remote monitoring in a wireless network |
CA2629435A1 (en) | 2005-11-09 | 2007-05-18 | Todd Carper | Device providing a secure work environment and utilizing a virtual interface |
US7873993B2 (en) | 2005-11-09 | 2011-01-18 | Cisco Technology, Inc. | Propagating black hole shunts to remote routers with split tunnel and IPSec direct encapsulation |
US8191105B2 (en) | 2005-11-18 | 2012-05-29 | Research In Motion Limited | System and method for handling electronic messages |
US7966654B2 (en) | 2005-11-22 | 2011-06-21 | Fortinet, Inc. | Computerized system and method for policy-based content filtering |
US8347373B2 (en) | 2007-05-08 | 2013-01-01 | Fortinet, Inc. | Content filtering of remote file-system access protocols |
US20070123214A1 (en) | 2005-11-25 | 2007-05-31 | Motorola, Inc. | Mobile device system and strategies for determining malicious code activity |
US9600661B2 (en) | 2005-12-01 | 2017-03-21 | Drive Sentry Limited | System and method to secure a computer system by selective control of write access to a data storage medium |
US8286002B2 (en) | 2005-12-02 | 2012-10-09 | Alcatel Lucent | Method and apparatus for providing secure remote access to enterprise networks |
US8869270B2 (en) | 2008-03-26 | 2014-10-21 | Cupp Computing As | System and method for implementing content and network security inside a chip |
US8381297B2 (en) | 2005-12-13 | 2013-02-19 | Yoggie Security Systems Ltd. | System and method for providing network security to mobile devices |
US20070143827A1 (en) | 2005-12-21 | 2007-06-21 | Fiberlink | Methods and systems for intelligently controlling access to computing resources |
US20070143851A1 (en) | 2005-12-21 | 2007-06-21 | Fiberlink | Method and systems for controlling access to computing resources based on known security vulnerabilities |
US8621549B2 (en) | 2005-12-29 | 2013-12-31 | Nextlabs, Inc. | Enforcing control policies in an information management system |
US7895309B2 (en) | 2006-01-11 | 2011-02-22 | Microsoft Corporation | Network event notification and delivery |
US7845005B2 (en) | 2006-02-07 | 2010-11-30 | International Business Machines Corporation | Method for preventing malicious software installation on an internet-connected computer |
US8145733B1 (en) | 2006-02-15 | 2012-03-27 | Trend Micro Incorporated | Identification of computers located behind an address translation server |
US20070192500A1 (en) | 2006-02-16 | 2007-08-16 | Infoexpress, Inc. | Network access control including dynamic policy enforcement point |
US8464329B2 (en) | 2006-02-21 | 2013-06-11 | Watchguard Technologies, Inc. | System and method for providing security for SIP-based communications |
US8478860B2 (en) | 2006-03-14 | 2013-07-02 | Strong Bear L.L.C. | Device detection system for monitoring use of removable media in networked computers |
US20070220187A1 (en) | 2006-03-20 | 2007-09-20 | Lawrence Kates | Virus-resistant computer with data interface for filtering data |
CN101444119A (zh) | 2006-03-27 | 2009-05-27 | 意大利电信股份公司 | 在移动通信设备上实施安全策略的系统 |
WO2007117567A2 (en) | 2006-04-06 | 2007-10-18 | Smobile Systems Inc. | Malware detection system and method for limited access mobile platforms |
US7984479B2 (en) | 2006-04-17 | 2011-07-19 | International Business Machines Corporation | Policy-based security certificate filtering |
US7890612B2 (en) | 2006-05-08 | 2011-02-15 | Electro Guard Corp. | Method and apparatus for regulating data flow between a communications device and a network |
US7797555B2 (en) | 2006-05-12 | 2010-09-14 | Intel Corporation | Method and apparatus for managing power from a sequestered partition of a processing system |
US20080016339A1 (en) | 2006-06-29 | 2008-01-17 | Jayant Shukla | Application Sandbox to Detect, Remove, and Prevent Malware |
GB2440170B8 (en) | 2006-07-14 | 2014-07-16 | Vodafone Plc | Digital rights management |
WO2008014800A1 (en) | 2006-07-31 | 2008-02-07 | Telecom Italia S.P.A. | A system for implementing security on telecommunications terminals |
US8869262B2 (en) | 2006-08-03 | 2014-10-21 | Citrix Systems, Inc. | Systems and methods for application based interception of SSL/VPN traffic |
US9860274B2 (en) | 2006-09-13 | 2018-01-02 | Sophos Limited | Policy management |
US8286238B2 (en) | 2006-09-29 | 2012-10-09 | Intel Corporation | Method and apparatus for run-time in-memory patching of code from a service processor |
US20080083037A1 (en) | 2006-10-03 | 2008-04-03 | Rmcl, Inc. | Data loss and theft protection method |
US8001367B2 (en) | 2006-10-10 | 2011-08-16 | Symantec Corporation | Performing application setting activity using a removable storage device |
US20080098478A1 (en) | 2006-10-20 | 2008-04-24 | Redcannon, Inc. | System, Method and Computer Program Product for Administering Trust Dependent Functional Control over a Portable Endpoint Security Device |
US20080114990A1 (en) | 2006-11-10 | 2008-05-15 | Fuji Xerox Co., Ltd. | Usable and secure portable storage |
US20080120423A1 (en) | 2006-11-21 | 2008-05-22 | Hall David N | System and method of actively establishing and maintaining network communications for one or more applications |
US8589341B2 (en) | 2006-12-04 | 2013-11-19 | Sandisk Il Ltd. | Incremental transparent file updating |
US7908476B2 (en) | 2007-01-10 | 2011-03-15 | International Business Machines Corporation | Virtualization of file system encryption |
KR101524881B1 (ko) | 2007-01-16 | 2015-06-01 | 앱솔루트 소프트웨어 코포레이션 | 2차 에이전트가 호스트 에이전트와 협동하는 보안모듈 |
US20080201264A1 (en) | 2007-02-17 | 2008-08-21 | Brown Kerry D | Payment card financial transaction authenticator |
US8543742B2 (en) | 2007-02-22 | 2013-09-24 | Super Talent Electronics, Inc. | Flash-memory device with RAID-type controller |
US7953895B1 (en) | 2007-03-07 | 2011-05-31 | Juniper Networks, Inc. | Application identification |
US7853998B2 (en) | 2007-03-22 | 2010-12-14 | Mocana Corporation | Firewall propagation |
US8365272B2 (en) | 2007-05-30 | 2013-01-29 | Yoggie Security Systems Ltd. | System and method for providing network and computer firewall protection with dynamic address isolation to a device |
US20080307240A1 (en) | 2007-06-08 | 2008-12-11 | Texas Instruments Incorporated | Power management electronic circuits, systems, and methods and processes of manufacture |
US20100218012A1 (en) | 2007-06-18 | 2010-08-26 | Johnson Joseph | Methods and systems for providing a wireless security service and/or a wireless technical support service for personal computers |
EP2015212A1 (en) | 2007-06-29 | 2009-01-14 | Axalto SA | Portable mass storage device with hooking process |
US20090019223A1 (en) | 2007-07-09 | 2009-01-15 | Lection David B | Method and systems for providing remote strage via a removable memory device |
US8234261B2 (en) | 2007-07-17 | 2012-07-31 | Ebay Inc. | Digital content hub |
WO2009013508A1 (en) | 2007-07-26 | 2009-01-29 | Faiz Zishaan | Improvements to responsive units |
US8249616B2 (en) | 2007-08-23 | 2012-08-21 | Texas Instruments Incorporated | Satellite (GPS) assisted clock apparatus, circuits, systems and processes for cellular terminals on asynchronous networks |
US7971258B1 (en) | 2007-09-28 | 2011-06-28 | Trend Micro Incorporated | Methods and arrangement for efficiently detecting and removing malware |
US8108601B2 (en) | 2007-10-05 | 2012-01-31 | Imation Corp. | Methods for implementation of an array of removable disk drives |
AU2008314461A1 (en) | 2007-10-19 | 2009-04-23 | Imation Corp. | Method of providing assured transactions using secure transaction appliance and watermark verification |
US8180654B2 (en) | 2007-10-31 | 2012-05-15 | Health Record Corporation | Method and system for creating, assembling, managing, utilizing, and securely storing portable personal medical records |
US8068433B2 (en) | 2007-11-26 | 2011-11-29 | Microsoft Corporation | Low power operation of networked devices |
US20090143057A1 (en) | 2007-11-30 | 2009-06-04 | Verizon Services Organization Inc. | Method and apparatus for distinctive alert activation |
US20090165132A1 (en) | 2007-12-21 | 2009-06-25 | Fiberlink Communications Corporation | System and method for security agent monitoring and protection |
US7529932B1 (en) | 2008-03-31 | 2009-05-05 | International Business Machines Corporation | Removable medium and system and method for writing data to same |
US20090253454A1 (en) | 2008-04-02 | 2009-10-08 | Sampson Scott E | Automatic changing mode of a communication device |
US8321934B1 (en) | 2008-05-05 | 2012-11-27 | Symantec Corporation | Anti-phishing early warning system based on end user data submission statistics |
US8607034B2 (en) | 2008-05-24 | 2013-12-10 | Via Technologies, Inc. | Apparatus and method for disabling a microprocessor that provides for a secure execution mode |
GB0812673D0 (en) | 2008-07-10 | 2008-08-20 | Ie Ltd | Power control system for workstations |
US8631488B2 (en) | 2008-08-04 | 2014-01-14 | Cupp Computing As | Systems and methods for providing security services during power management mode |
US8347386B2 (en) | 2008-10-21 | 2013-01-01 | Lookout, Inc. | System and method for server-coupled malware prevention |
US9043919B2 (en) | 2008-10-21 | 2015-05-26 | Lookout, Inc. | Crawling multiple markets and correlating |
US8789202B2 (en) | 2008-11-19 | 2014-07-22 | Cupp Computing As | Systems and methods for providing real time access monitoring of a removable media device |
US7657941B1 (en) | 2008-12-26 | 2010-02-02 | Kaspersky Lab, Zao | Hardware-based anti-virus system |
KR101547889B1 (ko) | 2008-12-30 | 2015-09-04 | 텔레콤 이탈리아 소시에떼 퍼 아찌오니 | 사용자 통신 단말에 내장된 개인 영역 네트워크 노드를 위한 라디오 커버리지 확장기 |
DE102009005187A1 (de) | 2009-01-20 | 2010-07-22 | Siemens Aktiengesellschaft | Verfahren zum Aktivieren eines Netzwerkknotens |
US8392379B2 (en) | 2009-03-17 | 2013-03-05 | Sophos Plc | Method and system for preemptive scanning of computer files |
US20100251369A1 (en) | 2009-03-25 | 2010-09-30 | Grant Calum A M | Method and system for preventing data leakage from a computer facilty |
US8302094B2 (en) | 2009-06-26 | 2012-10-30 | Vmware, Inc. | Routing a physical device request using transformer stack to an equivalent physical device in a virtualized mobile device |
US8776218B2 (en) | 2009-07-21 | 2014-07-08 | Sophos Limited | Behavioral-based host intrusion prevention system |
US8533780B2 (en) | 2009-12-22 | 2013-09-10 | Cisco Technology, Inc. | Dynamic content-based routing |
US8667575B2 (en) | 2009-12-23 | 2014-03-04 | Citrix Systems, Inc. | Systems and methods for AAA-traffic management information sharing across cores in a multi-core system |
TWI389525B (zh) | 2010-02-25 | 2013-03-11 | Gemtek Technology Co Ltd | 具有多網段存取性的資料傳輸系統及其方法 |
SE534566C2 (sv) | 2010-04-07 | 2011-10-04 | Exformation Comm Ab | Förfarande för att kryptera information, som överföres mellan två kommunikationsenheter. |
WO2011143103A2 (en) | 2010-05-10 | 2011-11-17 | Citrix Systems, Inc. | Redirection of information from secure virtual machines to unsecure virtual machines |
US8429256B2 (en) | 2010-05-28 | 2013-04-23 | Red Hat, Inc. | Systems and methods for generating cached representations of host package inventories in remote package repositories |
US8938800B2 (en) | 2010-07-28 | 2015-01-20 | Mcafee, Inc. | System and method for network level protection against malicious software |
US20120042391A1 (en) | 2010-08-11 | 2012-02-16 | Hank Risan | Method and system for protecting children from accessing inappropriate media available to a computer-based media access system |
NO335189B1 (no) | 2010-10-26 | 2014-10-20 | Cupp Computing As | Sikkert databehandlingssystem |
US8560833B2 (en) | 2010-10-29 | 2013-10-15 | Aruba Networks, Inc. | Automatic secure client access |
US8351916B2 (en) | 2010-12-08 | 2013-01-08 | At&T Intellectual Property I, L.P. | Stealth mode for wireless communications device |
RU2453917C1 (ru) | 2010-12-30 | 2012-06-20 | Закрытое акционерное общество "Лаборатория Касперского" | Система и способ для оптимизации выполнения антивирусных задач в локальной сети |
US8582462B2 (en) | 2011-01-14 | 2013-11-12 | International Business Machines Corporation | Network communications over shared links in a virtualized environment |
US10678602B2 (en) | 2011-02-09 | 2020-06-09 | Cisco Technology, Inc. | Apparatus, systems and methods for dynamic adaptive metrics based application deployment on distributed infrastructures |
US9460289B2 (en) | 2011-02-18 | 2016-10-04 | Trend Micro Incorporated | Securing a virtual environment |
US9119017B2 (en) | 2011-03-18 | 2015-08-25 | Zscaler, Inc. | Cloud based mobile device security and policy enforcement |
GB201105222D0 (en) | 2011-03-29 | 2011-05-11 | Becrypt Ltd | Dual environment computing system and method and system for providing a dual environment computing system |
US20120324504A1 (en) | 2011-06-14 | 2012-12-20 | United Video Properties, Inc. | Systems and methods for providing parental controls in a cloud-based media guidance application |
EP2737732A4 (en) | 2011-07-27 | 2015-02-18 | Seven Networks Inc | MOBILE DEVICE USE CONTROL IN A MOBILE NETWORK BY A DISTRIBUTED PROXY SYSTEM |
US8695060B2 (en) | 2011-10-10 | 2014-04-08 | Openpeak Inc. | System and method for creating secure applications |
US20130097660A1 (en) | 2011-10-17 | 2013-04-18 | Mcafee, Inc. | System and method for whitelisting applications in a mobile network environment |
US20130097659A1 (en) | 2011-10-17 | 2013-04-18 | Mcafee, Inc. | System and method for whitelisting applications in a mobile network environment |
US10496834B2 (en) | 2011-10-25 | 2019-12-03 | Cupp Computing As | Secure computing system |
US9124632B2 (en) | 2011-12-13 | 2015-09-01 | At&T Intellectual Property I, L.P. | Method and apparatus for providing privacy management in machine-to-machine communications |
US8918881B2 (en) | 2012-02-24 | 2014-12-23 | Appthority, Inc. | Off-device anti-malware protection for mobile devices |
US9916439B2 (en) | 2012-03-22 | 2018-03-13 | Microsoft Technology Licensing, Llc | Securing a computing environment against malicious entities |
US8849303B2 (en) | 2012-04-23 | 2014-09-30 | Apple Inc. | Apparatus and method for determining a wireless device's location after shutdown |
US20140032314A1 (en) | 2012-07-30 | 2014-01-30 | Nokia Corporation | Method and apparatus for providing collection-based feature programming |
US20140058679A1 (en) | 2012-08-23 | 2014-02-27 | Apple Inc. | Wake Status Detection for Suppression and Initiation of Notifications |
US9202070B2 (en) | 2012-10-31 | 2015-12-01 | Broadcom Corporation | Input/output gatekeeping |
WO2014116888A1 (en) | 2013-01-25 | 2014-07-31 | REMTCS Inc. | Network security system, method, and apparatus |
US9565202B1 (en) | 2013-03-13 | 2017-02-07 | Fireeye, Inc. | System and method for detecting exfiltration content |
WO2014144419A2 (en) | 2013-03-15 | 2014-09-18 | Master Lock Company | Networked security system |
US10229256B2 (en) | 2013-10-25 | 2019-03-12 | Intel Corporation | Techniques for preventing voice replay attacks |
WO2015123611A2 (en) | 2014-02-13 | 2015-08-20 | Cupp Computing As | Systems and methods for providing network security using a secure digital device |
US9910979B2 (en) | 2014-06-24 | 2018-03-06 | International Business Machines Corporation | Intercepting inter-process communications |
US10331881B2 (en) | 2015-08-05 | 2019-06-25 | Crowdstrike, Inc. | User-mode component injection techniques |
US9847020B2 (en) | 2015-10-10 | 2017-12-19 | Videx, Inc. | Visible light communication of an access credential in an access control system |
US20170359306A1 (en) | 2016-06-10 | 2017-12-14 | Sophos Limited | Network security |
US11019056B2 (en) | 2018-01-31 | 2021-05-25 | Sophos Limited | Managing claiming of unrecognized devices for admission to an enterprise network |
US11301569B2 (en) | 2019-03-07 | 2022-04-12 | Lookout, Inc. | Quarantine of software based on analysis of updated device data |
US20230076156A1 (en) | 2021-09-03 | 2023-03-09 | Qualcomm Incorporated | Physical layer security activation |
-
2006
- 2006-03-15 US US11/376,919 patent/US8381297B2/en active Active
- 2006-12-12 CN CN2006800527808A patent/CN101496025B/zh active Active
- 2006-12-12 AU AU2006324929A patent/AU2006324929A1/en not_active Abandoned
- 2006-12-12 EA EA200870044A patent/EA200870044A1/ru unknown
- 2006-12-12 JP JP2008545251A patent/JP2009523331A/ja active Pending
- 2006-12-12 WO PCT/IL2006/001428 patent/WO2007069245A2/en active Application Filing
- 2006-12-12 EP EP06821641.5A patent/EP1960866B1/en active Active
- 2006-12-12 CN CN201310556909.0A patent/CN103905416B/zh active Active
- 2006-12-12 CA CA002632951A patent/CA2632951A1/en not_active Abandoned
-
2013
- 2013-01-07 US US13/735,836 patent/US8627452B2/en active Active
- 2013-11-27 US US14/092,756 patent/US9497622B2/en active Active
-
2016
- 2016-11-15 US US15/352,553 patent/US9781164B2/en active Active
-
2017
- 2017-05-03 US US15/586,176 patent/US9747444B1/en active Active
- 2017-08-29 US US15/689,795 patent/US10089462B2/en active Active
-
2018
- 2018-09-27 US US16/144,408 patent/US10417421B2/en active Active
-
2019
- 2019-09-17 US US16/573,877 patent/US10839075B2/en active Active
- 2019-10-17 US US16/656,358 patent/US10621344B2/en active Active
-
2020
- 2020-11-17 US US16/950,655 patent/US11461466B2/en active Active
-
2022
- 2022-10-04 US US17/959,708 patent/US11822653B2/en active Active
- 2022-11-04 US US17/980,841 patent/US20230071193A1/en active Pending
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107526625A (zh) * | 2017-07-18 | 2017-12-29 | 杭州趣链科技有限公司 | 一种基于字节码检查的Java智能合约安全检测方法 |
Also Published As
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101496025B (zh) | 用于向移动设备提供网络安全的系统和方法 | |
US11757835B2 (en) | System and method for implementing content and network security inside a chip | |
US11652829B2 (en) | System and method for providing data and device security between external and host devices | |
CN101675423B (zh) | 在外部设备与主机设备间提供数据和设备安全的系统和方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C53 | Correction of patent of invention or patent application | ||
CB02 | Change of applicant information |
Address after: Oslo Applicant after: CUPP COMPUTING AS Address before: Bergen Applicant before: CUPP COMPUTING AS |
|
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |