公开(公告)号：US11349964B2

公开(公告)日：2022-05-31

申请号：US16935824

申请日：2020-07-22

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： David Anthony Herr ,  Joyce Anne Porter ,  Christopher Meyer

IPC: H04L69/16 ,  H04L69/163 ,  G06F11/20 ,  H04L67/1001 ,  H04L43/10

Abstract: A method, system, and program product are provided. A plurality of recovery groups is defined on each transmission control protocol/internet protocol (TCP/IP) stack in a cluster of servers. The recovery group includes a service, one or more IP addresses associated with the service, a trigger condition, and a recovery action. Each of the recovery groups is monitored for an occurrence of the trigger condition associated with the service. In response to detecting the trigger condition, a backup TCP/IP stack is notified to automatically perform the recovery action defined for a failing recovery group on an owning TCP/IP stack. Only the failing recovery group is recovered and the remaining recovery groups execute uninterrupted.

公开(公告)号：US20220030093A1

公开(公告)日：2022-01-27

申请号：US16935824

申请日：2020-07-22

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： David Anthony Herr ,  Joyce Anne Porter ,  Christopher Meyer

IPC: H04L29/06 ,  H04L12/26 ,  H04L29/08 ,  G06F11/20

Abstract: A method, system, and program product are provided. A plurality of recovery groups is defined on each transmission control protocol/internet protocol (TCP/IP) stack in a cluster of servers. The recovery group includes a service, one or more IP addresses associated with the service, a trigger condition, and a recovery action. Each of the recovery groups is monitored for an occurrence of the trigger condition associated with the service. In response to detecting the trigger condition, a backup TCP/IP stack is notified to automatically perform the recovery action defined for a failing recovery group on an owning TCP/IP stack. Only the failing recovery group is recovered and the remaining recovery groups execute uninterrupted.

公开(公告)号：US20200374039A1

公开(公告)日：2020-11-26

申请号：US16422950

申请日：2019-05-24

Applicant: International Business Machines Corporation

Inventor： Benjamin Thomas Rau ,  Christopher Meyer ,  Kaleb Joshua Holley ,  Richard Roberts

IPC: H04L1/00 ,  H04L1/18

Abstract: An example operation may include one or more of receiving a data packet from a network controller, where the data packet is marked as valid based on a checksum calculated by the network controller, determining that the checksum generated by the network controller is in error based on a recalculation of the checksum of the data packet via a network layer, and transmitting the data packet from the network layer to the network controller with a notification that the checksum is in error.

公开(公告)号：US10529152B2

公开(公告)日：2020-01-07

申请号：US16451308

申请日：2019-06-25

Applicant: International Business Machines Corporation

Inventor： William Lucy ,  Hank Ibell ,  John Anthony Feller ,  Christopher Meyer

IPC: G07C9/00 ,  G08B13/22 ,  H04W4/80 ,  H04W4/38

Abstract: Monitoring a physical area for detection of a wireless device includes scanning for signals from a wireless device within a scanning range defining the physical area, detecting a wireless signal from a wireless device within the scanning range, determining a wireless device ID associated with the wireless device detected within the scanning range and determining whether the wireless device ID is unknown. In response to determining that the wireless device ID is unknown, analyzing the wireless signal to determine scan data representative of the wireless signal, monitoring the scan data over time, determining a scan data pattern as a function of time based on the monitored scan data, comparing the scan data pattern to scan data patterns stored in a database and in response to determining that the scan data pattern based on the monitored scan data matches a scan data pattern in the database, activate a first alert.

公开(公告)号：US20190266817A1

公开(公告)日：2019-08-29

申请号：US15904801

申请日：2018-02-26

Applicant: International Business Machines Corporation

Inventor： William Lucy ,  Hank Ibell ,  John Anthony Feller ,  Christopher Meyer

IPC: G07C9/00 ,  G08B13/22

Abstract: Monitoring a physical area for unauthorized access by a user of a wireless device includes setting a wireless signal scanning range using at least one wireless scanning device, detecting a wireless signal within the scanning range, determining a status of the wireless device of authorized, unauthorized or unknown, monitoring scan data obtained from the scanning device during the time the wireless signal remains within the scanning range. A scan data pattern based on the monitored scan data is determined and compared to a scan data pattern database containing scan data patterns indicative of suspicious behavior and determining whether the monitored scan data pattern matches a suspicious scan data pattern based on the comparison. The system identifies the wireless device as unauthorized in response to a match with a suspicious scan data pattern and activates a security alert.

公开(公告)号：US20180077176A1

公开(公告)日：2018-03-15

申请号：US15265023

申请日：2016-09-14

Applicant: International Business Machines Corporation

Inventor： Henry L. Cantrell, JR. ,  Charles Cruse, JR. ,  Kerry R. Harpe ,  Christopher Meyer ,  Clifford P. Wall

IPC: H04L29/06

CPC classification number: H04L63/1416 ,  H04L67/12

Abstract: A computer-implemented method includes identifying a data transmission session associated with a display-oriented data transmission scheme; identifying an outbound data stream associated with the data transmission session; and determining one or more protected fields associated with the outbound data stream. The computer-implemented method further includes determining a client attempt to write to at least one of the one or more protected fields; and in response to determining said client attempt, determining an intrusion detection report. A corresponding computer program product and computer system are also disclosed.

公开(公告)号：US12093710B2

公开(公告)日：2024-09-17

申请号：US17128299

申请日：2020-12-21

Applicant: International Business Machines Corporation

Inventor： Ahilan Rajadeva ,  Al Chakra ,  Constantinos Kassimis ,  Christopher Meyer

IPC: G06F9/455 ,  G06F16/11 ,  G06F21/44

CPC classification number: G06F9/45558 ,  G06F16/116 ,  G06F21/44 ,  G06F2009/45587

Abstract: Techniques for integrated authentication for a container-based environment are described herein. An aspect includes accessing, by an application that is running in a container in a container environment that is hosted by a hypervisor on a host system, an authentication module that is located in the container environment. Another aspect includes invoking an authentication handler in the container environment based on the accessing of the authentication module. Another aspect includes passing control to the hypervisor from the authentication handler. Another aspect includes retrieving a security artifact from a security database of the host system by the hypervisor. Another aspect includes providing the retrieved security artifact to the application via the authentication handler. Another aspect includes performing an authentication operation by the application using the security artifact.

公开(公告)号：US10930100B2

公开(公告)日：2021-02-23

申请号：US16689649

申请日：2019-11-20

Applicant: International Business Machines Corporation

Inventor： William Lucy ,  Hank Ibell ,  John Anthony Feller ,  Christopher Meyer

IPC: G07C9/20 ,  G08B13/22 ,  H04W4/38 ,  H04W4/80

Abstract: A method for monitoring a physical area for unauthorized access by a user of a wireless device, includes scanning for signals from a wireless device, detecting a wireless signal from a wireless device, determining a wireless device ID associated with the wireless signal, determining whether the wireless device ID matches a wireless ID in an authorized or unauthorized ID list and in response to determining that the wireless device ID matches a wireless ID in the unauthorized wireless ID list, activate a security alert. The method may further include in response to determining, that the wireless device ID does not match a wireless ID in the authorized wireless ID list nor the unauthorized wireless ID list, receiving, signal strength information associated with the detected wireless signal for a predetermined time interval and determining a pattern as a function of time of the received signal strength.

公开(公告)号：US10417845B1

公开(公告)日：2019-09-17

申请号：US15904801

申请日：2018-02-26

Applicant: International Business Machines Corporation

Inventor： William Lucy ,  Hank Ibell ,  John Anthony Feller ,  Christopher Meyer

IPC: G07C9/00 ,  H04W4/38 ,  H04W4/80 ,  G08B13/00 ,  G08B13/22

Abstract: Monitoring a physical area for unauthorized access by a user of a wireless device includes setting a wireless signal scanning range using at least one wireless scanning device, detecting a wireless signal within the scanning range, determining a status of the wireless device of authorized, unauthorized or unknown, monitoring scan data obtained from the scanning device during the time the wireless signal remains within the scanning range. A scan data pattern based on the monitored scan data is determined and compared to a scan data pattern database containing scan data patterns indicative of suspicious behavior and determining whether the monitored scan data pattern matches a suspicious scan data pattern based on the comparison. The system identifies the wireless device as unauthorized in response to a match with a suspicious scan data pattern and activates a security alert.

公开(公告)号：US20130219171A1

公开(公告)日：2013-08-22

申请号：US13777931

申请日：2013-02-26

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Curtis Matthew Gearhart ,  Christopher Meyer ,  Scott Christopher Moonen ,  Linwood Hugh Overby

IPC: H04L9/00

CPC classification number: H04L9/00 ,  H04L63/0218 ,  H04L63/0485 ,  H04L63/164

Abstract: A network node for communicating data packets secured with a security protocol over a communications network includes a host information handling system (IHS) and one or more external security offload devices coupled by a secure data link. The host IHS communicates state information about data packets, and the external offload security device provides stateless secure data encapsulation and decapsulation of packets using a security protocol. An external network interface controller or internal network interface controller communicates encapsulated data packets over the communications network to a final destination. Encapsulation and decapsulation of packets by the external security offload device reduces network latency and reduces the computational load on the processor in the host IHS. Maintaining state information in the host IHS allows hot-swapping of external security offload devices without information loss. The external security offload device may be included in a firewall, or intrusion detection device, and may implement IPsec protocol.

Abstract translation: 用于通过通信网络传送用安全协议保护的数据分组的网络节点包括主机信息处理系统（IHS）和通过安全数据链路耦合的一个或多个外部安全卸载设备。 主机IHS通信有关数据包的状态信息，外部卸载安全设备使用安全协议提供无状态安全数据封装和封包封包。 外部网络接口控制器或内部网络接口控制器通过通信网络将封装的数据包传送到最终目的地。 由外部安全卸载设备封装和解封包减少了网络延迟并降低了主机IHS处理器的计算负担。 在主机IHS中维护状态信息允许热插拔外部安全卸载设备，而不会出现信息丢失。 外部安全卸载设备可以包含在防火墙或入侵检测设备中，并且可以实现IPsec协议。