-
公开(公告)号:US20180225466A1
公开(公告)日:2018-08-09
申请号:US15749289
申请日:2016-07-20
Inventor: Gery DUCATEL , Theo DIMITRAKOS , Joshua DANIEL
CPC classification number: G06F21/62 , G06F21/10 , G06Q20/065 , H04L9/0637 , H04L9/3247 , H04L63/10 , H04L63/12 , H04L2209/16
Abstract: A computer implemented method of access control for a restricted resource of a resource provider in a network connected computer system, wherein a blockchain data structure accessible via the network stores digitally signed records validated by network connected miner software components, the method including: identifying an access control role definition for access to the resource, the role including a specification of access permissions; defining a cryptocurrency for indicating authorization to access the resource, the cryptocurrency being formed of tradable units of value associated with records in the blockchain and wherein transfer of the cryptocurrency between records in the blockchain is validated by the miners; receiving a request from an authenticated resource consumer for authorization to access the resource; and submitting a blockchain transaction to the miner components to transfer a quantity of cryptocurrency to a consumer record in the blockchain, the transaction including an identification of the role, such that the consumer record identifies that the consumer is authorized to access the resource in accordance with the role definition.
-
公开(公告)号:US20170237563A1
公开(公告)日:2017-08-17
申请号:US15038833
申请日:2014-11-13
Inventor: Fadi EL-MOUSSA , Theo DIMITRAKOS , Georgios VAFIADIS
CPC classification number: H04L9/3226 , G06F3/0622 , G06F3/0659 , G06F3/0673 , G06F21/44 , H04L63/0876
Abstract: A method for securely accessing a hardware storage device connected to a computer system, the hardware storage device having a unique hardware identifier and the computer system including a processor, the method comprising: an agent software component receiving the identifier of the storage device to authenticate the storage device, wherein the agent executes in an unrestricted mode of operation of the processor such that the agent is a trusted software component; in response to the authentication, the agent accessing a secure data key for encrypting and decrypting data on the storage device, wherein the data key is accessible only to trusted agents executing in the unrestricted mode of the processor such that software executing in a user mode of the processor stores and retrieves data on the storage device only via the agent.
-
公开(公告)号:US20170034197A1
公开(公告)日:2017-02-02
申请号:US15223261
申请日:2016-07-29
Inventor: Joshua DANIEL , Gery DUCATEL , Theo DIMITRAKOS
CPC classification number: H04L63/1425 , G06Q20/065 , G06Q2220/00 , H04L9/3236 , H04L63/1416 , H04L63/1458 , H04L2209/38 , H04L2209/56 , H04L2463/102
Abstract: A computer implemented method for detecting malicious events occurring with respect to a blockchain data structure comprising: defining a transaction creation profile according to which transactions can be generated and submitted to the blockchain; submitting a transaction to the blockchain, the transaction causing the generation of a profiler data structure in the blockchain including executable code to generate profile transactions to be submitted to the blockchain according to the transaction creation profile; monitoring the blockchain to identify profile transactions; and comparing identified profile transactions with the transaction creation profile to detect a deviation from the transaction creation profile, such detection corresponding to a malicious event occurring with respect to the blockchain.
Abstract translation: 一种用于检测关于块链数据结构发生的恶意事件的计算机实现的方法,包括:根据哪个事务可以生成并提交给所述块链来定义事务创建简档; 将事务提交给块链,所述事务导致在块链中生成包含可执行代码的轮廓仪数据结构以生成将根据交易创建简档提交到块链的轮廓事务; 监控块链以识别配置文件交易; 以及将所识别的简档事务与所述事务创建简档进行比较以检测与所述事务创建简档的偏差,所述检测对应于相对于所述块链发生的恶意事件。
-
公开(公告)号:US20160147522A1
公开(公告)日:2016-05-26
申请号:US14899857
申请日:2014-06-12
Inventor: Theo DIMITRAKOS , Nektarios GEORGALAS , Pramod PAWAR
IPC: G06F9/445
CPC classification number: G06F8/64 , G06F8/61 , G06F9/45533
Abstract: A method for deploying a software application for execution, the method comprising: receiving an application specification for the application, the application specification including an identification of one or more resources required for execution of the application; receiving a set of infrastructure specifications, each infrastructure specification including an identification of one or more resources associated with a virtualised computing environment in a set of virtualised computing environments; receiving a set of compliance characteristics for the application, each compliance characteristic including one or more criteria, each of the criteria being based on one or more formal parameters concerning a resource; receiving a set of software component definitions, each software component definition including one or more of: a) an indication of one or more actual parameters the software component is operable to provide; and b) an indication of one or more virtualised computing environments in the set of virtualised computing environments with which the software component is operable to execute; selecting, for each of the resources identified in the application specification, a virtualised computing environment based on the set of infrastructure specifications, the set of compliance characteristics and the set of software component definitions, wherein the selected virtualised computing environments are operable to generate actual parameters corresponding to one or more formal parameters for the criteria such that a measure of a number of evaluable criteria meets a predetermined threshold.
Abstract translation: 一种用于部署用于执行的软件应用的方法,所述方法包括:接收所述应用的应用规范,所述应用规范包括执行所述应用所需的一个或多个资源的标识; 接收一组基础设施规范,每个基础设施规范包括在一组虚拟化计算环境中与虚拟化计算环境相关联的一个或多个资源的标识; 接收针对所述应用的一组遵从性特征,每个合规性特征包括一个或多个标准,所述标准中的每一个都基于关于资源的一个或多个形式参数; 接收一组软件组件定义,每个软件组件定义包括以下中的一个或多个:a)软件组件可操作以提供的一个或多个实际参数的指示; 以及b)所述虚拟化计算环境集合中的一个或多个虚拟化计算环境的指示,所述软件组件可通过该虚拟化计算环境来执行; 基于所述一组基础架构规范,所述一致性特征和所述一组软件组件定义,为所述应用规范中识别的每个资源选择虚拟化计算环境,其中,所选择的虚拟化计算环境可操作以生成实际参数 对应于用于标准的一个或多个形式参数,使得可评估标准的数量的度量满足预定阈值。
-
公开(公告)号:US20150349966A1
公开(公告)日:2015-12-03
申请号:US14654918
申请日:2013-12-17
Inventor: Theo DIMITRAKOS , Michael TURNER , Yair DIAZ-TELLEZ
CPC classification number: H04L9/3228 , H04L9/3271 , H04L63/0838 , H04L63/0876 , H04W12/00522 , H04W12/06
Abstract: An authentication process controls access from a client terminal 2 to a remote server 3 via an unsecure network, by transmitting a challenge 63 from the server to the client in the form of a matrix barcode into which is embedded a sequence of images embedded in it selected (step 61) from a predetermined set of images stored on the server. The user responds to the challenge (e.g by sorting the images into groups, or order, according to a rule which is a shared secret (step 64) and generates a response in the form of a code (step 67) generated dynamically by convolving the user response 64 with a random PIN string (65) extracted from the matrix barcode, and data intrinsic to the user terminal, using a predetermined dynamically generated encryption algorithm for transmission to the server (step 68) for verification (69).
Abstract translation: 身份验证过程通过将不正确的网络从客户终端2到远程服务器3的访问通过以矩阵条形式的形式从服务器向客户端发送挑战63,嵌入到嵌入在其中的图像序列 (步骤61)从存储在服务器上的预定图像集合。 用户响应挑战(例如,根据作为共享秘密的规则将图像排序成组或排序)(步骤64),并以通过卷积生成的动态生成的代码(步骤67)的形式生成响应 使用从矩阵条形码提取的随机PIN字符串(65)的用户响应64以及用户终端固有的数据,使用预定的动态生成的加密算法传送到服务器(步骤68)进行验证(69)。
-
Patent Agency Ranking
公开(公告)号:US20170323113A1
公开(公告)日:2017-11-09
申请号:US15521964
申请日:2015-10-28
Inventor: Fadi EL-MOUSSA , Theo DIMITRAKOS
CPC classification number: G06F21/6218 , G06F8/61 , G06F8/65 , G06F9/445 , G06F9/5077 , G06F21/53 , G06F21/602 , G06Q10/10
Abstract: A computer implemented method of deploying a software application in a virtualized computing environment, comprising: receiving a description of the software application including an identification of a set of one or more application software resources; determining one or more types of security facility required for the set of application software resources and determining a security requirement for each of the determined types of security facility; selecting a security software resource for each of the determined types of security facility; determining a security configuration for each of the selected security software resources, the security configuration being based on a security requirement associated with a type of security facility for the security software resource; and generating a deployment specification for the software application specifying the application software resources and the security software resources for deployment of the application in the virtualized computing environment, each of the security software resources having associated the determined security configuration.
-
公开(公告)号:US20170288863A1
公开(公告)日:2017-10-05
申请号:US15507840
申请日:2015-09-22
Inventor: Theo DIMITRAKOS , Ali SAJJAD
CPC classification number: H04L9/08 , G06F21/62 , G06F21/6209 , H04L9/0866 , H04L29/06 , H04L63/0428
Abstract: A method of securing a virtual data volume storing data in a first virtualized computing environment including: deriving a cryptographic key for encrypting the data, the key being derived from first and second parameters; and encrypting the data, wherein the first parameter is generated for association with the virtualized data volume, and the second parameter is generated based on at least one characteristic of a second virtualized computing environment.
-
公开(公告)号:US20170286136A1
公开(公告)日:2017-10-05
申请号:US15508190
申请日:2015-08-27
Inventor: Theo DIMITRAKOS , Joshua DANIEL , Fadi EL-MOUSSA , Gery DUCATEL
IPC: G06F9/445
CPC classification number: G06F9/44505 , G06F8/61
Abstract: A computer implemented method to provide a software feature in a registry of software components for a first network attached computing environment, each software component in the registry having associated deployment information to assemble a software application to be executed by the first environment as a set of software components, and the software feature being provided in part by a second network attached computing environment external to the first environment, the method comprising: for a selected software component in the registry, determining compatibility of the software feature with the software component; and responsive to the determination, adapting a registry entry of the software component in the registry to indicate the availability of the software feature for the software component.
-
公开(公告)号:US20170286083A1
公开(公告)日:2017-10-05
申请号:US15508209
申请日:2015-08-27
Inventor: Theo DIMITRAKOS , Joshua DANIEL , Fadi EL-MOUSSA , Gery DUCATEL
CPC classification number: G06F8/61 , G06F9/44505 , G06F9/45508 , H04L67/34
Abstract: A computer implemented method to execute a software application in a first network attached computing environment comprising: receiving a definition of the application, the definition identifying a set of software components and including configuration information for installing and executing the components in the first environment; installing and configuring the components in the first environment in accordance with the definition, wherein the definition further includes, for an identified component in the set, software agent information about a software agent that implements part of a software feature, the agent being provided by a second network attached computing environment external to and communicatively connected with the first environment, the second environment providing another part of the software feature, the method further comprising obtaining, installing and configuring the agent based on the agent information to provide part of the software feature for the application.
-
公开(公告)号:US20160139915A1
公开(公告)日:2016-05-19
申请号:US14899884
申请日:2014-06-12
Inventor: Theo DIMITRAKOS , Nektarios GEORGALAS , Fadi EL-MOUSSA , Pramod PAWAR , George VAFIADIS
CPC classification number: G06F8/71 , G06F8/61 , G06F9/45533 , G06F9/5011
Abstract: A software compliance assessment apparatus for determining a level of compliance of a software application in execution in a virtualised computing environment, the apparatus comprising: an identifier component operable to identify resources instantiated for execution of the application; a retriever component operable to retrieve a compliance characteristic for the application, the compliance characteristic being retrieved based on the identified resources, and the compliance characteristic having associated a compliance criterion based on a formal parameter; a selector component operable to select a software component for providing an actual parameter corresponding to the formal parameter, the actual parameter being based on data concerning at least one of the resources; an evaluator component operable to evaluate the compliance criterion using the actual parameter; and a detector component operable to detect a change to one or more of the resources, wherein the identifier component, selector component and evaluator component are operable in response to a determination by the detector component that one or more resources is changed, wherein the selector component selects the software component based on an identification of one or more data items that the software component is operable to provide.
Abstract translation: 一种软件合规性评估装置,用于确定虚拟化计算环境中的执行中的软件应用程序的一致性级别,所述装置包括:标识符组件,可操作以识别实例化用于执行应用程序的资源; 检索部件,用于检索应用程序的符合性特征,基于所识别的资源检索合规特性,以及基于形式参数将合规性标准相关联的符合性特征; 选择器部件,其可操作以选择用于提供与所述形式参数对应的实际参数的软件组件,所述实际参数基于与所述资源中的至少一个有关的数据; 评估器组件,其可操作以使用所述实际参数来评估所述合规性标准; 以及检测器组件,其可操作以检测对一个或多个资源的改变,其中所述标识符组件,选择器组件和评估器组件响应于所述检测器组件确定一个或多个资源被改变而可操作,其中所述选择器组件 基于软件组件可操作提供的一个或多个数据项的标识来选择软件组件。
-
-
-
-
-
-
-
-
-
Search Results
26
records
(took 0.018 seconds)
