公开(公告)号：US09881173B2

公开(公告)日：2018-01-30

申请号：US15194532

申请日：2016-06-27

申请人： International Business Machines Corporation

发明人： Kristin M. Hazlewood ,  John T. Peck ,  Krishna K. Yellepeddy

IPC分类号： G06F21/62 ,  H04L9/08 ,  H04L9/16 ,  G06F13/36 ,  G06F21/60 ,  H04L29/06

CPC分类号： G06F21/6218 ,  G06F13/36 ,  G06F21/602 ,  G06F2221/2151 ,  H04L9/08 ,  H04L9/0819 ,  H04L9/16 ,  H04L63/0428 ,  H04L2209/24

摘要： A method, a data processing system, and a computer program product for managing cryptographic information. A determination is made as to whether a first time stamp of when cryptographic information was created is more recent than a second time stamp of a backup of the cryptographic information in response to receiving a request for the cryptographic information from a requester. The cryptographic information is used to encrypt data. The cryptographic information is prevented from being provided to the requester in response to a determination that the first time stamp of cryptographic information creation is more recent than the second time stamp of the backup of the cryptographic information.

公开(公告)号：US20180025181A1

公开(公告)日：2018-01-25

申请号：US15215775

申请日：2016-07-21

申请人： Acronis International GmbH

发明人： Igor Barinov ,  Victor Lysenko ,  Serguei Beloussov ,  Mark Shmulevich ,  Stanislav Protasov

IPC分类号： G06F21/64 ,  G06F21/78

CPC分类号： G06F21/645 ,  G06F21/78 ,  G06F2221/2115 ,  G06F2221/2151

摘要： A system and method provided for verifying data integrity for large volumes of critical data using blockchain technology. An exemplary method includes storing data files in electronic storage; creating a hash values for of each of the files; and transmitting the hash values to a blockchain network in which one or more nodes in the blockchain network adds the first hash values as blocks to the blockchain. Moreover, an API is provided to monitor data operations performed on the data files and transmit metadata of any operations performed to a transaction log. In turn, hash values relating to the data operations are also created and transmitted to the blockchain network to be added as additional blocks in the blockchain, such that the blockchain can be used to verify the accuracy of the data files stored on the electronic storage.

公开(公告)号：US09847972B2

公开(公告)日：2017-12-19

申请号：US15442724

申请日：2017-02-27

申请人： Waterfall Security Solutions Ltd.

发明人： Lior Frenkel ,  Amir Zilberstein

IPC分类号： H04L29/06 ,  G06F21/56 ,  G06F21/30 ,  G06F21/51

CPC分类号： H04L63/0227 ,  G06F19/00 ,  G06F21/30 ,  G06F21/51 ,  G06F21/567 ,  G06F2221/2137 ,  G06F2221/2151 ,  H04L29/06755 ,  H04L63/0209

摘要： A method for secure communications between a transmitting computer and a receiving computer includes transmitting data from the transmitting computer over a first one-way link to a data security engine, receiving and validating the data within the data security engine, and, after validating the data, transmitting the data from the data security engine to the receiving computer over a second one-way link.

公开(公告)号：US20170344415A1

公开(公告)日：2017-11-30

申请号：US15672025

申请日：2017-08-08

申请人： Microsoft Technology Licensing, LLC

发明人： Jennifer LEMOND ,  Haoyang DUAN ,  Xiaoming WANG

IPC分类号： G06F11/07 ,  G06F21/55 ,  G06F21/31 ,  G06F21/41

CPC分类号： G06F11/079 ,  G06F11/0751 ,  G06F11/0787 ,  G06F21/316 ,  G06F21/41 ,  G06F21/552 ,  G06F2221/033 ,  G06F2221/2151

摘要： The claimed subject matter includes techniques for detecting anomalous accounts. An example method includes receiving, via a processor, a list of monitored machines and event logs including logons for the list of monitored machines for a predetermined window of time. The example method also includes generating, via the processor, a baseline based on the event logs for the predetermined window of time. The example method also includes collecting, via the processor, daily logon events after the predetermined time and comparing the daily logon events to the baseline. The method further includes detecting, via the processor, an anomalous account based on a difference of logon events of the anomalous account from the baseline. The method also includes displaying, via the processor, the detected anomalous account.

公开(公告)号：US20170336976A1

公开(公告)日：2017-11-23

申请号：US15535378

申请日：2014-12-12

申请人： HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

发明人： Gregg B. Lesartre ,  Naveen Muralimanohar ,  Lidia Warnes

IPC分类号： G06F3/06 ,  G11C13/00

CPC分类号： G06F3/0659 ,  G06F3/0604 ,  G06F3/0683 ,  G06F21/79 ,  G06F2221/2101 ,  G06F2221/2141 ,  G06F2221/2151 ,  G11C13/003

摘要： Example implementations relate to determining resting times for memory blocks. In example implementations, accessed memory blocks in a cross-point non-volatile memory may be tracked. A respective resting time for each of the accessed memory blocks may be determined. An access command may be prevented from being issued to one of the accessed memory blocks.

公开(公告)号：US09817597B2

公开(公告)日：2017-11-14

申请号：US15345597

申请日：2016-11-08

申请人： International Business Machines Corporation

发明人： Jason K. Resch ,  Ethan S. Wozniak

IPC分类号： G06F15/167 ,  G06F3/06 ,  G06F11/10 ,  H04L29/08 ,  H04L12/26 ,  H04L1/16 ,  G06F21/10 ,  G06F21/80 ,  H04N21/218 ,  H04N21/231 ,  H04N21/232 ,  H04N21/274 ,  G06F1/32 ,  H03M13/15 ,  G06F11/07 ,  H04L29/06

CPC分类号： G06F3/0625 ,  G06F1/3296 ,  G06F3/0619 ,  G06F3/064 ,  G06F3/0647 ,  G06F3/065 ,  G06F3/0653 ,  G06F3/067 ,  G06F3/0683 ,  G06F11/0727 ,  G06F11/0751 ,  G06F11/0772 ,  G06F11/079 ,  G06F11/0793 ,  G06F11/1076 ,  G06F21/10 ,  G06F21/80 ,  G06F2221/2129 ,  G06F2221/2151 ,  H03M13/1515 ,  H04L1/16 ,  H04L9/085 ,  H04L9/0894 ,  H04L43/16 ,  H04L63/101 ,  H04L63/102 ,  H04L67/06 ,  H04L67/1097 ,  H04L2209/34 ,  H04N21/2181 ,  H04N21/23116 ,  H04N21/232 ,  H04N21/274

摘要： A method for a dispersed storage network (DSN) receives a data request and issues a read threshold number of read slice requests to storage units of a storage set, by receiving read slice responses from at least some of the storage units within a response timeframe and, when the received read slice responses include less than a decode threshold number of encoded data slices of a set of encoded data slices, generating at least one forced read slice request for an encoded data slice other than the received encoded data slices. The method continues by sending the at least one forced read slice requests to at least one other storage unit of the storage set and, when receiving the decode threshold number of encoded data slices, dispersed storage error decoding the received decode threshold number of encoded data slices to reproduce a data segment of the data reduce recovered data.

公开(公告)号：US09813393B2

公开(公告)日：2017-11-07

申请号：US14632954

申请日：2015-02-26

申请人： Dropbox, Inc.

发明人： Kyle Consalus ,  Alex Sydell

IPC分类号： H04L29/06 ,  G06F21/55 ,  G06F11/34 ,  G06F21/60

CPC分类号： H04L63/0457 ,  G06F11/3476 ,  G06F21/552 ,  G06F21/602 ,  G06F2221/2151 ,  H04L63/168

摘要： A portable computing device with methodologies for client-side analytic data collection are described. In one embodiment, for example, a method performed by a portable computing device having non-volatile memory includes the steps of obtaining event information reflecting runtime behavior of an application executing on the portable computing device; cryptographically encrypting the event information; storing the encrypted event information in the non-volatile memory; decrypting the encrypted event information; and sending the decrypted event information to a server over a data network, the decrypted event information encapsulated in a cryptographically secured network data stream when sent over the data network to the server.

公开(公告)号：US20170308688A1

公开(公告)日：2017-10-26

申请号：US15518157

申请日：2015-10-22

申请人： NIPPON TELEGRAPH AND TELEPHONE CORPORATION

发明人： Shingo ORIHARA ,  Hiroshi ASAKURA ,  Yang ZHONG

IPC分类号： G06F21/31 ,  H04L29/06

CPC分类号： G06F21/316 ,  G06F21/55 ,  G06F21/577 ,  G06F2221/2101 ,  G06F2221/2151 ,  H04L63/083 ,  H04L63/1408 ,  H04L63/1425 ,  H04L63/1441

摘要： An analysis apparatus analyzes access logs including authentication results and authentication information of users, and includes: a calculation unit that calculates a similarity between pieces of authentication information in two consecutive access logs when access logs of the same access source, from the access logs, are chronologically arranged, and presumes that a piece of authentication information of the access logs of the user has been input by a human if the calculated similarity is equal to or greater than a predetermined value; and a risk determination unit that determines that there is a possibility that the access source in the access logs is being an attack source if an authentication result of any of the two access logs is authentication failure and the calculation unit presumes that any piece of authentication information of the two access logs has not been input by a human.

公开(公告)号：US09798467B2

公开(公告)日：2017-10-24

申请号：US15259764

申请日：2016-09-08

申请人： International Business Machines Corporation

发明人： Manish Motwani ,  Jason K. Resch

IPC分类号： G06F15/167 ,  G06F3/06 ,  H04L29/08 ,  G06F11/10 ,  G06F21/10 ,  G06F21/80 ,  H04L29/06 ,  H04N21/218 ,  H04N21/231 ,  H04N21/232 ,  H04N21/274

CPC分类号： G06F3/0607 ,  G06F3/0619 ,  G06F3/0634 ,  G06F3/064 ,  G06F3/0647 ,  G06F3/0659 ,  G06F3/067 ,  G06F11/1076 ,  G06F21/10 ,  G06F21/80 ,  G06F2221/2129 ,  G06F2221/2151 ,  H04L9/085 ,  H04L9/0894 ,  H04L63/101 ,  H04L63/102 ,  H04L67/06 ,  H04L67/1097 ,  H04L2209/34 ,  H04N21/2181 ,  H04N21/23116 ,  H04N21/232 ,  H04N21/274

摘要： A method begins by a storage unit of a dispersed storage network (DSN) executing transitioning storage of one or more groups of encoded data slices. The method continues while transitioning storage of the one or more groups of encoded data slices with the storage unit receiving a proxied data access request regarding an encoded data slice from another storage unit of the DSN. The method continues by the storage unit determining whether the other storage unit is an authentic storage unit of the DSN based on at least one of the encoded data slice, a previous version of the distributed agreement protocol, and a new version of the distributed agreement protocol. The method continues by when the other storage unit is the authentic storage unit, processing the proxied data access request to produce a data access response and sending the data access response to the other storage unit.

公开(公告)号：US09760426B2

公开(公告)日：2017-09-12

申请号：US14723648

申请日：2015-05-28

申请人： Microsoft Technology Licensing, LLC

发明人： Jennifer LeMond ,  Haoyang Duan ,  Xiaoming Wang

IPC分类号： G06F17/00 ,  G08B23/00 ,  G06F11/07 ,  G06F21/31 ,  G06F21/41 ,  G06F21/55

CPC分类号： G06F11/079 ,  G06F11/0751 ,  G06F11/0787 ,  G06F21/316 ,  G06F21/41 ,  G06F21/552 ,  G06F2221/033 ,  G06F2221/2151

摘要： The claimed subject matter includes techniques for detecting anomalous accounts. An example method includes receiving, via a processor, a list of monitored machines and event logs including logons for the list of monitored machines for a predetermined window of time. The example method also includes generating, via the processor, a baseline based on the event logs for the predetermined window of time. The example method also includes collecting, via the processor, daily logon events after the predetermined time and comparing the daily logon events to the baseline. The method further includes detecting, via the processor, an anomalous account based on a difference of logon events of the anomalous account from the baseline. The method also includes displaying, via the processor, the detected anomalous account.