公开(公告)号：US07565549B2

公开(公告)日：2009-07-21

申请号：US11824986

申请日：2007-07-03

申请人： Thomas James Satterlee ,  William Frank Hackenberger

发明人： Thomas James Satterlee ,  William Frank Hackenberger

IPC分类号： G06F11/30 ,  H04L9/00

CPC分类号： G06F21/552 ,  G06F21/51 ,  G06F21/52 ,  G06F21/53 ,  G06F21/554 ,  G06F21/565 ,  G06F21/566 ,  G06F21/629 ,  G06F2221/2141 ,  G06F2221/2149

摘要： Managing and controlling the execution of software programs with a computing device to protect the computing device from malicious activities. A protector system implements a two-step process to ensure that software programs do not perform malicious activities which may damage the computing device or other computing resources to which the device is coupled. In the first phase, the protector system determines whether a software program has been previously approved and validates that the software program has not been altered. If the software program is validated during the first phase, this will minimize or eliminate security monitoring operations while the software program is executing during the second phase. If the software program cannot be validated, the protector system enters the second phase and detects and observes executing activities at the kernel level of the operating system so that suspicious actions can be anticipated and addressed before they are able to do harm to the computing device.

摘要翻译： 使用计算设备管理和控制软件程序的执行，以保护计算设备免受恶意活动的影响。 保护器系统实现两步过程，以确保软件程序不执行可能损坏与设备耦合的计算设备或其他计算资源的恶意活动。 在第一阶段，保护系统确定软件程序是否已经被批准，并验证软件程序是否未被更改。 如果在第一阶段验证软件程序，则在软件程序在第二阶段执行期间，这将最大限度地减少或消除安全监控操作。 如果软件程序无法验证，则保护系统进入第二阶段，并在操作系统的内核级别检测并观察执行活动，以便在对计算设备造成伤害之前可以预期和解决可疑的操作。

公开(公告)号：US07673137B2

公开(公告)日：2010-03-02

申请号：US10336299

申请日：2003-01-03

申请人： Thomas James Satterlee ,  William Frank Hackenberger

发明人： Thomas James Satterlee ,  William Frank Hackenberger

IPC分类号： H04L29/06 ,  G06F7/04

CPC分类号： G06F21/552 ,  G06F21/51 ,  G06F21/52 ,  G06F21/53 ,  G06F21/554 ,  G06F21/565 ,  G06F21/566 ,  G06F21/629 ,  G06F2221/2141 ,  G06F2221/2149

摘要： Managing and controlling the execution of software programs with a computing device to protect the computing device from malicious activities. A protector system implements a two-step process to ensure that software programs do not perform malicious activities which may damage the computing device or other computing resources to which the device is coupled. In the first phase, the protector system determines whether a software program has been previously approved and validates that the software program has not been altered. If the software program is validated during the first phase, this will minimize or eliminate security monitoring operations while the software program is executing during the second phase. If the software program cannot be validated, the protector system enters the second phase and detects and observes executing activities at the kernel level of the operating system so that suspicious actions can be anticipated and addressed before they are able to do harm to the computing device.

摘要翻译： 使用计算设备管理和控制软件程序的执行，以保护计算设备免受恶意活动的影响。 保护器系统实现两步过程，以确保软件程序不执行可能损坏与设备耦合的计算设备或其他计算资源的恶意活动。 在第一阶段，保护系统确定软件程序是否已经被批准，并验证软件程序是否未被更改。 如果在第一阶段验证软件程序，则在软件程序在第二阶段执行期间，这将最大限度地减少或消除安全监控操作。 如果软件程序无法验证，则保护系统进入第二阶段，并在操作系统的内核级别检测并观察执行活动，以便在对计算设备造成伤害之前可以预期和解决可疑的操作。

公开(公告)号：US07562388B2

公开(公告)日：2009-07-14

申请号：US10159139

申请日：2002-05-31

申请人： William Frank Hackenberger ,  Randy Jay Hendry ,  Christopher James Wood

发明人： William Frank Hackenberger ,  Randy Jay Hendry ,  Christopher James Wood

IPC分类号： G08B23/00

CPC分类号： G06F21/577 ,  G06F21/55 ,  H04L63/1408 ,  H04L63/1433

摘要： Supporting the implementation and collaboration of a variety of security modules in a distributed computing network. A security interface provides a universal platform for coupling security modules to the network. The various security modules are linked to and provide identifying information to the security interface. The security interface also receives subscription requests used to coordinate which security modules will communicate. When a security event occurs, a message can be generated by the relevant security module. The security interface shares the message with those security modules that have subscribed to the relevant security module. The sharing of security information enables better performance by the entire network security system.