CN1305261C - A mobile proxy safeguarding method similar to biological self-protection - Google Patents

A mobile proxy safeguarding method similar to biological self-protection Download PDF

Info

Publication number
CN1305261C
CN1305261C CNB2005100377691A CN200510037769A CN1305261C CN 1305261 C CN1305261 C CN 1305261C CN B2005100377691 A CNB2005100377691 A CN B2005100377691A CN 200510037769 A CN200510037769 A CN 200510037769A CN 1305261 C CN1305261 C CN 1305261C
Authority
CN
China
Prior art keywords
agent
security
mobile
sender
function
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2005100377691A
Other languages
Chinese (zh)
Other versions
CN1655524A (en
Inventor
王汝传
穆鸿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Post & Telecommunication College
Original Assignee
Nanjing Post & Telecommunication College
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Post & Telecommunication College filed Critical Nanjing Post & Telecommunication College
Priority to CNB2005100377691A priority Critical patent/CN1305261C/en
Publication of CN1655524A publication Critical patent/CN1655524A/en
Application granted granted Critical
Publication of CN1305261C publication Critical patent/CN1305261C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The present invention relates to a mobile agent safety protection method similar to biological self-protection, which is mainly used for solving mobile agent safety problems. The method is a strategy-based method which is provided through introducing various agents with special functions and using the biological self-protection method for reference, and aims to dynamically process the mobile agent safety problems through agent combining, agent camouflage, etc. Compared with a traditional mobile agent structure, the structure is additionally provided with four parts: an environment perceptron, an agency generation control logic, a combination receiver and variation logic controller. The mobile agent matrix core comprises the traditional mobile agent structure and is additionally provided with the core logic of the four parts. Despite the added parts, the size of the mobile agent is increased very little, and the realized model is only a plurality of thousand bytes.

Description

Mobile agent safety protection method similar to biological self protection
Technical Field
The invention is a security solution for distributed computing. The method is mainly used for solving the safety problem of the mobile agent, and belongs to the technical field of distributed computing software safety.
Background
The mobile agent technology is an emerging technology along with the development of Internet, better adapts to the characteristics of the Internet, and effectively simplifies the design, implementation and maintenance of a distributed system. Generally, a mobility agent refers to a stand-alone computer program that can autonomously move on a heterogeneous network according to a certain protocol, and perform a specific task on behalf of a user. The advantages of mobile agents are mainly two-fold: on one hand, it realizes the close of calculation to the needed resource, which can save the bandwidth of the network and has asynchronous function; on the other hand, programs are allowed to be dynamically published to the host.
Due to the advantages of the mobile agent, the mobile agent has good application prospects in the aspects of e-commerce, mobile computing, intelligent discovery of Internet information and the like, and the research on the mobile agent technology is becoming one of the hot spots in academia and industry. Key technologies of the mobility agent include mobility mechanisms, communication mechanisms, and security mechanisms. Security is one of the important factors that restrict the wide use of mobile agent technology, and therefore, it is of great significance to study the security problem of mobile agents.
The security problem of the mobile agent mainly includes three aspects: (1) protection of the execution environment of the mobile agent communication channel (2) (3) protection of the mobile agent. At present, the first two aspects of research have been carried out with a plurality of achievements, such as sandbox model, signature encryption, transmitted code verification and the like. However, the research on the protection of the mobile agent is still in the preliminary stage, because the mobile agent is executed by the host, and it has to disclose data and code in the host environment, and risks being tampered, scanned and even terminated by a malicious host, which obviously causes a certain difficulty in solving the problem. Past approaches have primarily used cryptographic methods.
Disclosure of Invention
The technical problem is as follows: the invention aims to provide a mobile agent security protection method similar to biological self-protection to solve the problem of protecting a mobile agent, which is a strategic method different from the cryptography method used in the past, and can achieve the aim of protecting the mobile agent by using the method provided by the invention.
The technical scheme is as follows: the method of the invention is a strategic method, is proposed by introducing a plurality of agents with special functions and using a biological self-protection method as a reference, and aims to dynamically process the security problem of the mobile agent through agent combination, agent camouflage and the like.
Several definitions of special mobility agents are given below:
pseudo Agent (Pseudo Agent PAgent): a pseudo agent is a special type of mobile agent that is created by a mobile agent that performs normal functions to attract targeted attacks.
Guard Agent (Guard Agent GAgent): the daemon agent is also a special type of mobile agent, and can be combined with a normally-functioning mobile agent into a whole with a safety function, and different types of daemon agents can be combined according to different task types.
Variant Agent (variant Agent MAgent): the variant agent is an equivalent of a normal function mobile agent, and the main function of the variant agent is consistent with the function of the original mobile agent.
One, architecture
Fig. 1 shows a block diagram of a mobile agent using this method, which is compared with a conventional mobile agent structure and has 4 parts: context perceptron, agent generation control logic, combinatorial receiver, and variation logic control. The mobile agent parent core in the center of the figure contains the traditional mobile agent structure, and the core logic of the upper four parts is added. Despite the addition of these parts, the increase in size of the mobility agent is small, with only a few thousand bytes in the prototype we implemented.
We now give a description of several specific parts:
the environment sensor comprises: the system is responsible for sensing the surrounding environment during the migration process of the mobile agent and the operation period of the mobile agent to the target host, and judging the potential threat, so that a decision-making body is caused to react to the threat by adopting a proper method. The environment perceptron can be implemented by referring to the principle of virus discovery mechanism, and other mechanisms such as code detection method based on virtual machine can also be adopted. In the mobility agent approach presented herein, no limitations are made to the specific implementation.
Agent generation control: the agent generation control is mainly used for activating special security agents or generating pseudo agents and the like according to the result of the environment perceptron, and the key logic of the agent generation control comprises a typical code generation and code migration control.
A combined receiver: the combined receiver is used to hash the agent of the main function and the agent of the special function to form a whole agent with differentiated functions and tightly combined functions, and the use of the combined receiver is further described in detail in the following method flow section.
And (3) variant logic control: variant logic control is a control portion that changes the internal logic of an agent, thereby changing the external form of the agent (note that the critical functional form is not changed). The injury is circumvented by changing non-critical features of the agent.
Second, the method flow
1. [ camouflage type]
A mobile agent that performs normal functions may generate some pseudo agents if it encounters a security threat (these pseudo agents are irrelevant even if attacked or destroyed), and the pseudo agents may be similar to the master agent in counters, program stacks, etc., and the pseudo agents generated differently depending on the purpose of protection. A disguise mechanism of biological self-protection is applied, and the strategy protection of the mobile agent is increased.
The main working process comprises the following steps:
(1) the environment perceptron perceives that the environment is not safe (e.g. a finite attack or task independent operation exists) or a pre-specified masquerading policy (mostly occurring in the prior evaluation of the destination by the Agent initiator), the Agent (represented by Agent) creates (represented by Create function) a pseudo-Agent (represented by Agent ^):
Agent^=Create(Agent,Conditions)
where Conditions represent created Conditions and parameter information, which depend on environmental perception or prior specification.
If the program logic part (f) of the agent is protected, then the condition is satisfied
f(Agent^)≠f(Agent)………(i),
If the program data part (d) of the agent is protected, then
d(Agent^)≠d(Agent)………(ü),
If the program logic part (f) and the data part (d) of the agent are protected, then (i) and (ii) are satisfied simultaneously.
(2) The pseudo-Agent (Agent ^) has two purposes:
use 1: pseudo-agents may be used for security assessment of unknown environments
E.g. a dummy agent that assumes that the data part of the agent is to be protected and that assumes that the data part should not be changed when the agent performs a task if reclaimed
d(Agent^)before≠d(Agent^)afterThen the target host or mobile environment has an attack on the data
Use 2: pseudo-agents for use in "lead" attacks
During the moving process or during the operation of the target host, if the pseudo agent is intercepted, modified, suspended and the like, the task execution of the agent is not influenced, and the purpose of attack introduction can be achieved by combining the cryptography technology.
2. [ attachment type]
The mobile agent which completes normal functions applies for a certain security function and combines the mobile agent and the security function together to achieve the purpose of security defense. The difficulty of developing the mobile agent is reduced; the safety configurability is increased; the system is easy to expand.
The main working process comprises the following steps:
(1) the agent initiator (denoted by Sender) sends a security request (denoted by Req) to the security centre (denoted by SC), SC being the security centre's english (security centre) acronym:
wherein Req is subjected to the following operations:
E(Sign(Senderprivate,Req),SCpublic)
wherein E denotes an encryption function, Sign denotes a signature function, SenderprivatePrivate key, SC, representing the senderpublicRepresenting the public key of the security centre.
(2) Security center sends Session key (with Session)keyPresentation) to the proxy originator
(3) The security center sends the encrypted security daemon agent (denoted by GAGent) to the agent initiator
(4) Agent originator generates (representedby Merge function) a combined Agent (represented by Agent) by a combined receiver of agents*Expressed) that is:
Agent*=Merge(Agent,GAgent)
if f is the function of Agent, the requirement is satisfied
f(Agent*)=f(Agent)
(5) Combined Agent*) The operational security conditions during transmission and at the destination site are a finite state machine defined as follows:
setting C as an environment calculation function, H as an environment safety evaluation result set, M as a state transfer function and Action as Agent*S ═ S, S0,S1… is Agent*The state set of (1), which is directly derived from the GAgent.
Comprises the following steps: c (env) e H ═ R0,R1,R2,…}
M(Si,Rj,Actionk)=Sk
3. [ variants]
When encountering security threat, the mobile agent completing normal function can adopt a variant method to escape the security threat, and the principle of the variant method is similar to that of variant virus. The safety self-adapting characteristic of the mobile agent is increased, and the mobile agent can destroy itself under a special part of conditions to achieve the aim of safety.
The main working process comprises the following steps:
(1) agents operate during transmission and at destination sites and mutate if security problems occur, i.e. agents which act as agents
Let C be the environment (denoted by Env) calculation function, and H be the environment security assessment result set as follows: c (env) e H ═ R0,R1,R2… } a variant feature subset for H
C′={m0,m1,m2,…}_H
Figure C20051003776900081
If f is the function of Agent, the requirement is satisfied
f(Agent#)=f(Agent)
The above description indicates that Agent is mutated to Agent when the environment of the mutation is satisfied#And the main body function of the Agent is not changed.
(2) Destructive variation (special variation situation)
When a special rule is satisfied, Agent self-destruction includes clearing a program instruction stack, a data stack and the like.
A mobile agent security protection method similar to biological self-protection comprises the following steps:
step 1), the agent initiator creates a mobile agent, and then judges whether an attaching agent, namely a safety daemon agent, is needed, if not, step 7 is needed;
step 2), the agent initiator sends a request to the security center, the request contains specific request information of the security daemon agent, such as security level and security mode, the request is signed by using a private key of the sender before being sent, then encrypted by using a public key of the security center, and then sent to the security center;
step 3), the security center decrypts the request and verifies the signature of the sender, the security center sends a session key to the proxy sender, and the session key is encrypted by using a public key of the proxy sender;
step 4), the security center uses the security daemon agent of the session key encryption request to send the agent;
step 5), the agent sender decrypts the session key obtained in the step 3 to obtain the security daemon agent;
step 6), the agent sender generates a combined agent through a combined receiver of the mobile agent;
step 7), the agent sender judges whether the pseudo agent function needs to be started according to the user requirement, and if the pseudo agent function does not need to be started, the step 9 is carried out;
step 8), starting a pseudo agent function;
step 9), the agent sender judges whether a variation function needs to be started according to the requirement of a user, and if the variation function does not need to be started, the step 11 is carried out;
step 10), starting a variation function;
step 11), forming a final functional mobile agent for completing a specific task;
step 12), moving the agent to the target host;
step 13), the mobile agent is under the control of a security state machine;
step 14), judging the current safety state by the environment sensing component according to the state of the environment, wherein the change of the safety state can cause the corresponding safety;
step 15), if the safety guard is triggered, the safety guard agent function starts to respond, and if the safety guard is triggered, the step 16 is carried out, and if the safety guard agent function does not trigger, the step 17 is carried out;
step 16), controlling the behavior of the daemon agent according to the security daemon state machine;
step 17), if variation is triggered, starting a variation function, and turning to step 18, otherwise, turning to step 20;
step 18), if the mutation trigger is not a self-destruction mutation, continuing to step 19, otherwise, the agent aborts, and going to step 24;
step 19), the mutation function is general mutation;
step 20), if the pseudo agent is triggered to send, the mobile agent creates and releases the pseudo agent;
step 21), the agent enters a certain security protection state;
step 22), when the task on the target host is completed, judging whether to move to other hosts continuously but not to include the initiating host, if so, turning to the step 12, otherwise, turning to the step 23;
step 23), the agent returns;
and 24) finishing the whole process.
Has the advantages that:
the method of the invention provides a new mobile agent security protection method similar to biological self-protection, which is mainly used for solving the problem of mobile agent security protection. Specific explanations are given below.
The disguise type applies a disguise mechanism of biological self-protection, and increases policy protection of the mobile agent.
The development of mobile agents in the past emphasizes the consistency of the external functions of the mobile agents, so that the main functions and data of one mobile agent are easily exposed. By the method of agent disguising which is specially against security threats, a plurality of disguise agents which do not influence the execution of main body functions can be released aiming at the malicious host, and the disguise agents are captured by the malicious host and do not harm to the agents. The use of a masquerading agent provides a means of protecting the mobile agent from the architectural design of the program, unlike the pure hard-coded implementation of security in the past.
The attachment type reduces the difficulty of developing the mobile agent; the safety configurability is increased; the system is easy to expand. In the past, in mobile agent security protection based on pure cryptography principle, in order to achieve the purpose of protecting the mobile agents, security-related hard coding must be performed on each mobile agent, which brings repetitive workload on one hand, and needs to rewrite related codes when the security requirements of the mobile agents are different in intensity on the other hand. By using the method of the attached agent, a security encryption method can be set in advance, a mobile agent can obtain the security functions of the attached agents without compiling any security related codes, the attached agents and the mobile agents completing specific tasks are combined into a whole through a defined application program interface, the whole functions of the attached agents and the functions realized by hard coding in the past are equivalent, but the method is configurable, all the mobile agents directly apply for the attached agents in order to obtain a certain security protection function, and if the security requirements are different, the attached agents of different levels can also be applied.
The variant increases the safety self-adapting characteristic of the mobile agent, and can destroy the mobile agent to achieve the safety purpose under special partial conditions. The mutation function is also a mobile agent security protection method from the view of program behavior, and the variant function is used for changing the non-core form of the mobile agent so as to change the appearance of the mobile agent, so that a malicious host can be cheated to be the non-target mobile agent of the mobile agent or the mobile agent has no value, therebyavoiding the security problem. The self-destruction agent in special cases can be used for applications with particularly high requirements on security, and if the agent is not safe, the agent is self-destroyed, so that secret leakage can be avoided. This was not mentioned in the past mobile agent security methods.
Drawings
Fig. 1 is a schematic diagram of an agent composition structure. The figure includes: context aware, agent generation control, combinational receiver, mutation logic, mobile agent parent core.
Fig. 2 is a reference architecture diagram. Showing examples of components that may be included in the methods of the present invention.
Fig. 3 is a schematic flow diagram. A flow diagram of the method of the present invention is shown.
Detailed Description
For convenience of description, we assume the following application examples:
a mobile inquiry agent (denoted by a) is migrated to two business servers (denoted by B and C, respectively) to inquire commodity information on behalf of a customer, and the mobile agent is required to enable a security guard function, a mutation function, and a pseudo-agent function.
The specific implementation mode is;
(1) the agent initiator creates a mobile agent A
The following steps are continued because it is assumed that the daemon agent function is enabled;
(2) the agent initiator (set as A) sends a request to the security center (set as B)
The first step is as follows: initializing arequest according to the parameters;
assuming that the parameters include a security level 1 (initial level), a security function is data tamper proof;
the second step is that: signing and encrypting the request A;
the RSA algorithm may be used for signing and encryption;
the third step: a sends a request to B, for example using a TCP/IP based Socket method;
(3) b, decrypting the request and verifying the signature of the sender, if the verification is determined to come from A, B sending a session key (indicated by k) to A, d being encrypted, the encryption key being the public key of A;
(4) b, using the security daemon agent of the d encryption request to the A;
(5) decrypting the first user by using d in the step (3) to obtain a security daemon agent;
(6) generating a combined proxy by a combined receiver of the mobile proxy;
(7) judging whether a pseudo-agent function needs to be started or not according to the user requirement, wherein the pseudo-agent function is started and then continues to be started;
(8) starting a pseudo agent function;
(9) judging whether a variation function needs to be started or not according to the requirement of a user, wherein the variation function is started and then continues to be started;
(10) initiating a mutation function;
(11) the mobile agent which forms the final commodity information inquiry to be completed is represented by FA;
(12) the FA moves to a target host B;
(13) the FA is under the control of a safety state machine;
(14) the method comprises the following steps that a safety state machine runs, the safety state machine is realized by using a state machine based on event triggering, and the current safety state is judged by judging the contents of a data stack and a program stack;
(15) if the security daemon is triggered, the security daemon agent function starts to respond, here, to prevent data tampering.
(16) Controlling the behavior of the daemon agent according to the security daemon state machine; the method for realizing the data tampering prevention comprises the steps of adding lock control for preventing writing to a related data stack and storing data by generating a unique hash value, wherein if the hash value of the data is changed, the original data is written back, or an error report is generated;
(17) if mutation is triggered the mutation function starts to start as allowed here and continues down;
(18) assuming that it is not a self-destruction mutation, continue down;
(19) the mutation function is general mutation, and the method of the general mutation comprises the steps of generating deep copy of the object and generating a corresponding method according to the previous equivalence function;
(20) if the pseudo agent is triggered to send, the mobile agent creates and releases the pseudo agent, and the pseudo agent is a shallow copy of an object, an empty data stack and an empty program method body;
(21) the FA is under safety protection at this time, and is called to be in a safety protection state;
(22) after the commodity information is searched on the B, because a host C is arranged, the FA carries the commodity information obtained on the B to be migrated to the host C, and the steps from (12) to (21) are repeated once, note that the B is C at the moment, and after the commodity information is searched on the B, because the host is completely moved, the next step is continued;
(23) returning by the FA;
(24) the first obtains the required commodity searching information, and the whole process is finished.

Claims (1)

1. A mobile agent security protection method similar to biological self-protection is characterized in that the method comprises the following steps:
step 1), an agent sender creates a mobile agent, then judges whether a security daemon agent needs to be attached, and if the mobile agent does not need to be transferred to step 7; if the security daemon agent needs to be attached, the step 2) is carried out;
step 2), the agent sender sends a request to the security center, the request contains specific request information of the security daemon agent, the request is signed by using a private key of the sender before being sent, then encrypted by using a public key of the security center, and then sent to the security center;
step 3), the security center decrypts the request and verifies the signature of the sender, the security center sends a session key to the proxy sender, and the session key is encrypted by using a public key of the proxy sender;
step 4), the security center uses the security daemon agent of the session key encryption request to send the agent;
step 5), the agent sender decrypts the session key obtained in the step 3 to obtain the security daemon agent;
step 6), the agent sender generates a combined agent through a combined receiver of the mobile agent; the mobile agent created by the agent sender and the security daemon agent received by the agent sender are hashed to form a whole agent which is functionally differentiated and closely combined,
step 7), the agent sender judges whether the pseudo agent function needs to be started according to the user requirement, and if the pseudo agent function does not need to be started, the step 9 is carried out; if the pseudo agent function needs to be started, step 8) is carried out;
step 8), starting a pseudo agent function;
step 9), the agent sender judges whether a variation function needs to be started according to the requirement of a user, and if the variation function does not need to be started, the step 11 is carried out; if the mutation function is required to be started, the step 10) is carried out;
step 10), starting a variation function;
step 11), forming a final functional mobile agent for completing a specific task;
step 12), moving the agent to the target host;
step 13), the mobile agent is under the control of a security state machine;
step 14), judging the current safety state by the environment sensing component according to the state of the environment, wherein the change of the safety state can cause the occurrence of corresponding safety protection behaviors;
step 15), if the safety guard is triggered, the safety guard agent function starts to respond, and then the step 16) is carried out, and otherwise, the step 17) is carried out;
step 16), controlling the behavior of the daemon agent according to the security daemon state machine;
step 17), if variation is triggered, starting a variation function, and turning to step 18,otherwise, turning to step 20;
step 18), if the mutation trigger is not a self-destruction mutation, continuing to step 19, otherwise, the agent aborts, and going to step 24;
step 19), the mutation function is general mutation;
step 20), if the pseudo agent is triggered to send, the mobile agent creates and releases the pseudo agent;
step 21), the agent enters a certain security protection state;
step 22), when the task on the target host is completed, judging whether to move to other hosts continuously but not to include the initiating host, if so, turning to the step 12, otherwise, turning to the step 23;
step 23), the agent returns;
and 24) finishing the whole process.
CNB2005100377691A 2005-02-04 2005-02-04 A mobile proxy safeguarding method similar to biological self-protection Expired - Fee Related CN1305261C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2005100377691A CN1305261C (en) 2005-02-04 2005-02-04 A mobile proxy safeguarding method similar to biological self-protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2005100377691A CN1305261C (en) 2005-02-04 2005-02-04 A mobile proxy safeguarding method similar to biological self-protection

Publications (2)

Publication Number Publication Date
CN1655524A CN1655524A (en) 2005-08-17
CN1305261C true CN1305261C (en) 2007-03-14

Family

ID=34894383

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2005100377691A Expired - Fee Related CN1305261C (en) 2005-02-04 2005-02-04 A mobile proxy safeguarding method similar to biological self-protection

Country Status (1)

Country Link
CN (1) CN1305261C (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102664733A (en) * 2012-03-19 2012-09-12 南宁汇软信息科技有限责任公司 Safety protection method of RFID middleware

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000047997A (en) * 1998-07-31 2000-02-18 Toshiba Corp Mobile agent system and mobile agent managing control method in distributedly configurated computer system
US20010051515A1 (en) * 2000-06-09 2001-12-13 Rygaard Christopher A. Mobile application peer-to-peer security system and method
JP2002014933A (en) * 2000-06-30 2002-01-18 Toshiba Corp Mobile agent system construction method and recording medium with support program for the same recorded thereon
CN1478222A (en) * 2000-11-06 2004-02-25 �Ҵ���˾ Method and system for processing request of customer

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000047997A (en) * 1998-07-31 2000-02-18 Toshiba Corp Mobile agent system and mobile agent managing control method in distributedly configurated computer system
US20010051515A1 (en) * 2000-06-09 2001-12-13 Rygaard Christopher A. Mobile application peer-to-peer security system and method
JP2002014933A (en) * 2000-06-30 2002-01-18 Toshiba Corp Mobile agent system construction method and recording medium with support program for the same recorded thereon
CN1478222A (en) * 2000-11-06 2004-02-25 �Ҵ���˾ Method and system for processing request of customer

Also Published As

Publication number Publication date
CN1655524A (en) 2005-08-17

Similar Documents

Publication Publication Date Title
US10153906B2 (en) Systems and methods for implementing computer security
EP2754081B1 (en) Dynamic cleaning for malware using cloud technology
US9413742B2 (en) Systems, methods and apparatus to apply permissions to applications
US9092823B2 (en) Internet fraud prevention
US8225404B2 (en) Trusted secure desktop
CN1553349A (en) Safety chip and information safety processor and processing method
US20180004937A1 (en) Mobile device policy enforcement
US20170302653A1 (en) Portable encryption format
US7478233B2 (en) Prevention of software tampering
CN1897006A (en) Method, apparatus for establishing virtual endorsement
US20110093953A1 (en) Preventing and responding to disabling of malware protection software
CN1658577A (en) System and method for protecting a computing device from computer exploits delivered over a networked environment in a secured communication
CN101039186A (en) Method for auditing safely system log
US7302584B2 (en) Mechanisms for banning computer programs from use
CN1625105A (en) Information processing apparatus, a server apparatus, a method of an information processing apparatus, a method of a server apparatus
CN1728706A (en) Method and system for filtering communication to prevent exploitation of software vulnerability
JP2009537892A (en) How to protect clients and servers
JP2004362552A (en) Dynamic substitution of usb data for on-the-fly encryption/decryption
CN1716220A (en) Multitask execution system
CN101056196A (en) Secure login method, client and its server
CN1621994A (en) Computer security control module and safeguard control method thereof
CN101034991A (en) Secure guiding system, method, code signature construction method and authentication method
CN1929381A (en) Network based software protection method
Tomar et al. Docker security: A threat model, attack taxonomy and real-time attack scenario of dos
CN100342337C (en) Storing apparatus and telecommunications apparatus

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C53 Correction of patent for invention or patent application
CB03 Change of inventor or designer information

Inventor after: Wang Ruchuan

Inventor after: Li Jie

Inventor after: Mu Hong

Inventor before: Wang Ruchuan

Inventor before: Mu Hong

COR Change of bibliographic data

Free format text: CORRECT: INVENTOR; FROM: WANG RUZHUAN MU HONG TO: WANG RUZHUAN LI JIE MU HONG

C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20070314

Termination date: 20130204