|
Match
|
Document |
Document Title |
|
|
7171684 |
Data processing system providing secure communication between software components
A virtual security server enabling a set of applications to access a plurality of security services. In response to a service request from a software application, the virtual security server...
|
|
|
7171685 |
Standard format specification for automatically configuring IP security tunnels
A data processing system, method, and product are disclosed for automatically configuring IP security tunnels. A security policy specification format is established that is capable of being...
|
|
|
7165173 |
System and method for secure over-the-air administration of a wireless mobile station
There is disclosed a mobile station for securely communicating with base stations in a wireless network and receiving at least one of a software program, a software correction patch and...
|
|
|
7162738 |
E-mail firewall with stored key encryption/decryption
An e-mail firewall ( 105 ) applies policies to e-mail messages ( 204 ) between a first site and a plurality of second sites in accordance with a plurality of administrator selectable policies ( 216...
|
|
|
7159242 |
Secure IPsec tunnels with a background system accessible via a gateway implementing NAT
A method and system for enabling secure IPsec tunnels within NAT without compromising security. A local network is configured with a gateway machine connected to the Internet and having an IPsec ID...
|
|
|
7158640 |
Method and apparatus for re-synchronization of a stream cipher during handoff
A method and apparatus for re-synchronizing a stream cipher during soft handoff. Transmitted quasi-secret keying information is used with a secret key to reinitialize a stream cipher generator...
|
|
|
7155738 |
System and method for managing a trusted email datastore
A Trust Email Datastore (TED) system is employed to maintain a list of message addresses with associated trust ratings. The trust rating of a message address is derived from an underlying message...
|
|
|
7146636 |
Method and system for enabling centralized control of wireless local area networks
A wireless local area network (WLAN) includes mobile devices that are allowed to transfer wireless connections between WLAN subnets or channels having different access points. The access points...
|
|
|
7143188 |
Method and apparatus for network address translation integration with internet protocol security
Method and apparatus for enhanced security for communication over a network, and more particularly to Network Address Translation (NAT) integration Internet Protocol Security (IPSec), is described....
|
|
|
7142672 |
Method and system for transmitting sensitive information over a network
A method ( 300 ) and system for transmitting sensitive information from a client computer to a service provider operating in the INTERNET. The sensitive information (for example a credit card...
|
|
|
7143137 |
Method and apparatus for security protocol and address translation integration
Method and apparatus for Internet Protocol Security (IPSec) and Network Address Translation (NAT) integration is described. A client obtains a public address from a gateway for IPSec communication....
|
|
|
7143439 |
Efficient evaluation of rules
A method and apparatus uses a proprietary algorithm for organizing network security policy rules in a way that minimizes the number of rules considered when determining the set of rules applicable...
|
|
|
7139792 |
Mechanism for locking client requests to a particular server
In one aspect of the invention is a method for locking in all client requests having the same session I.D. to the same server to facilitate secure e-commerce transactions. A client's session I.D....
|
|
|
7134140 |
Token-based authentication for network connection
A token based system for authenticating a client computer when it connects to a network. An address is requested from a server connected to the network. Provision of the address by the server...
|
|
|
7127741 |
Method and system for e-mail message transmission
An e-mail firewall applies policies to e-mail messages transmitted between a first site and a plurality of second sites. The e-mail firewall includes a plurality of mail transfer relay modules for...
|
|
|
7127742 |
Establishing a secure connection with a private corporate network over a public network
An external client securely accesses a private corporate network using a communications device, but without the communications device being required to communicate through the private corporate...
|
|
|
7127740 |
Monitoring system for a corporate network
A monitoring system for a corporate network includes a client that exchanges information with a target server to establish an SSL communication channel through which cryptographically protected...
|
|
|
7117358 |
Method and system for filtering communication
A e-mail relay provides message filtering services to an e-mail network. The e-mail relay monitors incoming communication and intercepts e-mail messages. The e-mail relay compares attributes of the...
|
|
|
7117530 |
Tunnel designation system for virtual private networks
A system and method are provided to couple tunnel servers to tunnel clients executing host applications for use in a virtual private network (VPN) environment. A receiver receives requests from...
|
|
|
7107612 |
Method, apparatus and computer program product for a network firewall
An improved firewall for providing network security is described. The improved firewall provides for dynamic rule generation, as well using conventional fixed rules. This improvement is provided...
|
|
|
7107613 |
Method and apparatus for reducing the number of tunnels used to implement a security policy on a network
According to one embodiment, the number of tunnels on a network may be reduced. A set of tunnels are selected which exchange data packets between a first security device and a second security...
|
|
|
7103783 |
Method and system for providing data security in a file system monitor with stack positioning
A System for providing data security in a first device driver operably installed in a computer operating system having a layered plurality of device drivers ( 81, 82, 83, 84 ) for accessing data in...
|
|
|
7100160 |
Method and system for implementing host-dependent SCSI behavior in a heterogeneous host environment
A method, system, and program product is provided for configuring a target device, the method comprising the steps of: receiving a log-in request to connect the target device to a host, wherein the...
|
|
|
7099320 |
Method and apparatus for detection of and response to abnormal data streams in high bandwidth data pipes
The method and apparatus of the present invention provide real time detection of abnormal data streams in high bandwidth data pipes, such as those found at network service provider data hubs....
|
|
|
7096352 |
Security protocol structure in application layer
A security protocol structure for a Wireless Application Protocol (WAP) standard structure is disclosed. The security protocol structure provides a data security function in an application layer by...
|
|
|
7096495 |
Network session management
This invention uses network stack information to enforce context-based policies. The combination of policies, user/application context information and packet filtering is used to enable...
|
|
|
7093288 |
Using packet filters and network virtualization to restrict network communications
A network mediator corresponding to a computing device uses packet filters to restrict network communications. The network mediator includes a set of one or more filters, each filter having...
|
|
|
7089587 |
ISCSI target offload administrator
A method, system and apparatus for negotiating parameters for an IPSec connection between a requesting client and an iSCSI system using a computer system other than an iSCSI system are provided. By...
|
|
|
7086086 |
System and method for maintaining N number of simultaneous cryptographic sessions using a distributed computing environment
An N session distributed architecture provides a software solution to the major computational challenges faced with providing secure communication. A registration entity is identified as the...
|
|
|
7082530 |
Method and apparatus for accelerating hardware encryption with multiple networking interfaces
The invention provides for utilizing abilities of network interfaces, such as embedded encryption support, or access to such encryption support, so as to extend support for such abilities to...
|
|
|
7076653 |
System and method for supporting multiple encryption or authentication schemes over a connection on a network
A system and method for establishing a secure connection with an entity protected by an access control mechanism. A trusted arbitrator is used as an intermediary between a computer network...
|
|
|
7073196 |
Firewall for processing a connectionless network packet
The present invention is a device for and method of accessing a network by initializing a database, an approved list, and a disapproved list; receiving an connectionless network packet; computing a...
|
|
|
7073068 |
Method and apparatus for distributing shares of a password for use in multi-server password authentication
A method for distributing a password amongst a plurality of servers for subsequent use in a provably secure multi-server threshold password authentication process. A client, having a password to be...
|
|
|
7069438 |
Establishing authenticated network connections
A method and apparatus for establishing authenticated network (e.g., TCP/IP) connections augments the network (e.g., TCP/IP) protocol and enables concealment of the presence of network (e.g.,...
|
|
|
7068789 |
Peer-to-peer name resolution protocol (PNRP) group security infrastructure and method
A method for ensuring valid and secure peer-to-peer communications in a group structure. Specifically, the system of the present invention presents a method of ensuring secure peer-to-peer group...
|
|
|
7069441 |
VPN enrollment protocol gateway
A virtual private network (VPN) enrollment protocol gateway is described herein. The protocol gateway is implemented as a registration authority that operates as an intermediary between routers and...
|
|
|
7069434 |
Secure data transfer method and system
A method and system for securely transferring data between an application server and an agent of the application server through a non-secure node. First, a session key between the agent and the...
|
|
|
7065644 |
System and method for protecting a security profile of a computer system
A security application protects a security profile of a computer system by detecting security settings of the computer system have changed. In this regard, the security application activates the...
|
|
|
7055170 |
Security mechanism and architecture for collaborative software systems using tuple space
According to the present invention, a virtual network communication system is provided for effecting secure communications between user agents at different sites within said virtual network,...
|
|
|
7051366 |
Evidence-based security policy manager
An evidence-based policy manager generates a permission grant set for a code assembly received from a resource location. The policy manager executes in a computer system (e.g., a Web client or...
|
|
|
7047562 |
Conditioning of the execution of an executable program upon satisfaction of criteria
Execution of an executable legacy or underlying program is controlled by a policy module. The policy enforcement agent (PEA) is an executable program including a header, an execution portion or...
|
|
|
7047303 |
Apparatus and method for using a network processor to guard against a “denial-of-service” attack on a server or server cluster
A system comprising a network resource server or a server farm formed by a plurality of computer systems and a network processor which transfers data exchanged with an external network supported by...
|
|
|
7039953 |
Hierarchical correlation of intrusion detection events
A method, computer program product, and apparatus for presenting data about security-related events that puts the data into a concise form is disclosed. Events are abstracted into a set data-type....
|
|
|
7039954 |
Method for enabling a network-addressable device to detect use of its identity by a spoofer
A defense against spoofing vandals is provided, where the defense enlists the network-addressable device whose identity is used by the vandal. A network-addressable device checks incoming messages...
|
|
|
7039946 |
Piggy-backed key exchange protocol for providing secure, low-overhead browser connections when a client requests a server to propose a message encoding scheme
A method, system, and computer program product for establishing security parameters that are used to exchange data on a secure connection. A piggy-backed key exchange protocol is defined, with...
|
|
|
7032243 |
System and method for a group-based network access control for computer
Systems and methods for group-based network access control systems are provided. The group-based network access control system includes a software process operating on a computer. The software...
|
|
|
7024690 |
Protected mutual authentication over an unsecured wireless communication channel
A process for mutual authentication of users and networks over an unsecured wireless communication channel. In one embodiment, sensitive information (e.g., passwords) is not communicated over the...
|
|
|
7007299 |
Method and system for internet hosting and security
The present invention relates to a system and method for providing security to Internet hosting sites and mitigating electronic attacks against such sites. The system and method of the present...
|
|
|
7003798 |
System for operating device from remote location and apparatus for use in the system
Disclosed is a remote operating system in which even if a remote-operated apparatus is connected to a network protected by a firewall and a remote-operating apparatus exists outside of the...
|
|
|
6996842 |
Processing internet protocol security traffic
Processing Internet Protocol security (IPsec) traffic includes determining at a first location if a classification parameter is available for the IPsec traffic that indicates a route for the IPsec...
|