-
1.发明授权公开(公告)号:US10182075B2
公开(公告)日:2019-01-15
申请号:US15087599
申请日:2016-03-31
Applicant: salesforce.com, inc.
Inventor: Benjamin Fry , Timothy Kral , Simon Chen , Andrey Falko
IPC: H04L29/06
Abstract: A request message is generated with a trusted network entity executing trusted code on a first network layer. The request message to target a non-trusted network entity executing non-trusted code on a second network layer. The request message is transmitted from the trusted network entity to the non-trusted network entity through at least a policy enforcement entity. The policy enforcement entity applies one or more network traffic rules to enforce a unidirectional flow of traffic from the first network layer to the second network layer. A response check message is generated with the trusted network entity. The response check message to determine whether response information is available on the non-trusted network entity in response to the request message. The response check message is transmitted from the trusted network entity to the non-trusted network entity through at least the policy enforcement entity. The response check message to determine whether the response information is stored in a conceptual mailbox on the non-trusted network entity.
-
Patent Agency Ranking
2.发明授权公开(公告)号:US10051005B2
公开(公告)日:2018-08-14
申请号:US15087607
申请日:2016-03-31
Applicant: salesforce.com, inc.
Inventor: Benjamin Fry , Timothy Kral , Simon Chen , Andrey Falko
IPC: H04L29/06
Abstract: A request message is generated with a trusted network entity executing trusted code on a first network layer. The request message to target a non-trusted network entity executing non-trusted code on a second network layer. The request message is transmitted from the trusted network entity to the non-trusted network entity through at least a policy enforcement entity. The policy enforcement entity applies one or more network traffic rules to enforce a unidirectional flow of traffic from the first network layer to the second network layer. A response check message is generated with the trusted network entity. The response check message to determine whether response information is available on the non-trusted network entity in response to the request message. The response check message is transmitted from the trusted network entity to the non-trusted network entity through at least the policy enforcement entity. The response check message to determine whether the response information is stored in a conceptual mailbox on the non-trusted network entity.
-
3.发明申请公开(公告)号:US20160285917A1
公开(公告)日:2016-09-29
申请号:US15087607
申请日:2016-03-31
Applicant: salesforce.com, inc.
Inventor: Benjamin Fry , Timothy Kral , Simon Chen , Andrey Falko
IPC: H04L29/06
CPC classification number: H04L63/20 , H04L63/0209 , H04L63/0227 , H04L63/0272 , H04L63/105
Abstract: A request message is generated with a trusted network entity executing trusted code on a first network layer. The request message to target a non-trusted network entity executing non-trusted code on a second network layer. The request message is transmitted from the trusted network entity to the non-trusted network entity through at least a policy enforcement entity. The policy enforcement entity applies one or more network traffic rules to enforce a unidirectional flow of traffic from the first network layer to the second network layer. A response check message is generated with the trusted network entity. The response check message to determine whether response information is available on the non-trusted network entity in response to the request message. The response check message is transmitted from the trusted network entity to the non-trusted network entity through at least the policy enforcement entity. The response check message to determine whether the response information is stored in a conceptual mailbox on the non-trusted network entity.
-
4.发明授权Systems and methods for utilizing uni-directional inter-host communication in an air gap environment 有权在气隙环境中利用单向主机间通信的系统和方法公开(公告)号:US09306906B2
公开(公告)日:2016-04-05
申请号:US14225164
申请日:2014-03-25
Applicant: salesforce.com, inc.
Inventor: Benjamin Fry , Timothy Kral , Simon Chen , Andrey Falko
IPC: H04L29/06
CPC classification number: H04L63/20 , H04L63/0209 , H04L63/0227 , H04L63/0272 , H04L63/105
Abstract: A request message is generated with a trusted network entity executing trusted code on a first network layer. The request message to target a non-trusted network entity executing non-trusted code on a second network layer. The request message is transmitted from the trusted network entity to the non-trusted network entity through at least a policy enforcement entity. The policy enforcement entity applies one or more network traffic rules to enforce a unidirectional flow of traffic from the first network layer to the second network layer. A response check message is generated with the trusted network entity. The response check message to determine whether response information is available on the non-trusted network entity in response to the request message. The response check message is transmitted from the trusted network entity to the non-trusted network entity through at least the policy enforcement entity. The response check message to determine whether the response information is stored in a conceptual mailbox on the non-trusted network entity.
Abstract translation: 使用在第一网络层上执行可信代码的可信网络实体生成请求消息。 所述请求消息针对在第二网络层上执行不可信代码的不可信网络实体。 请求消息通过至少一个策略执行实体从可信网络实体发送到不可信网络实体。 策略执行实体应用一个或多个网络流量规则来强制从第一网络层到第二网络层的单向流量流。 利用可信网络实体产生响应检查消息。 所述响应检查消息用于响应于所述请求消息来确定所述不信任网络实体上的响应信息是否可用。 响应检查消息通过至少策略执行实体从可信网络实体发送到不可信网络实体。 响应检查消息以确定响应信息是否存储在不可信网络实体上的概念邮箱中。
-
5.发明申请SYSTEMS AND METHODS FOR UTILIZING UNI-DIRECTIONAL INTER-HOST COMMUNICATION IN AN AIR GAP ENVIRONMENT 审中-公开利用空气间隙环境中的方向直接通信的系统和方法公开(公告)号:US20160285916A1
公开(公告)日:2016-09-29
申请号:US15087599
申请日:2016-03-31
Applicant: salesforce.com, inc.
Inventor: Benjamin Fry , Timothy Kral , Simon Chen , Andrey Falko
IPC: H04L29/06
CPC classification number: H04L63/20 , H04L63/0209 , H04L63/0227 , H04L63/0272 , H04L63/105
Abstract: A request message is generated with a trusted network entity executing trusted code on a first network layer. The request message to target a non-trusted network entity executing non-trusted code on a second network layer. The request message is transmitted from the trusted network entity to the non-trusted network entity through at least a policy enforcement entity. The policy enforcement entity applies one or more network traffic rules to enforce a unidirectional flow of traffic from the first network layer to the second network layer. A response check message is generated with the trusted network entity. The response check message to determine whether response information is available on the non-trusted network entity in response to the request message. The response check message is transmitted from the trusted network entity to the non-trusted network entity through at least the policy enforcement entity. The response check message to determine whether the response information is stored in a conceptual mailbox on the non-trusted network entity.
Abstract translation: 使用在第一网络层上执行可信代码的可信网络实体生成请求消息。 所述请求消息针对在第二网络层上执行不可信代码的不可信网络实体。 请求消息通过至少一个策略执行实体从可信网络实体发送到不可信网络实体。 策略执行实体应用一个或多个网络流量规则来强制从第一网络层到第二网络层的单向流量流。 利用可信网络实体产生响应检查消息。 所述响应检查消息用于响应于所述请求消息来确定所述不信任网络实体上的响应信息是否可用。 响应检查消息通过至少策略执行实体从可信网络实体发送到不可信网络实体。 响应检查消息以确定响应信息是否存储在不可信网络实体上的概念邮箱中。
-
6.发明申请SYSTEMS AND METHODS FOR UTILIZING UNI-DIRECTIONAL INTER-HOST COMMUNICATION IN AN AIR GAP ENVIRONMENT 有权利用空气间隙环境中的方向直接通信的系统和方法公开(公告)号:US20140289792A1
公开(公告)日:2014-09-25
申请号:US14225164
申请日:2014-03-25
Applicant: salesforce.com, inc.
Inventor: Benjamin Fry , Timothy Kral , Simon Chen , Andrey Falko
IPC: H04L29/06
CPC classification number: H04L63/20 , H04L63/0209 , H04L63/0227 , H04L63/0272 , H04L63/105
Abstract: A request message is generated with a trusted network entity executing trusted code on a first network layer. The request message to target a non-trusted network entity executing non-trusted code on a second network layer. The request message is transmitted from the trusted network entity to the non-trusted network entity through at least a policy enforcement entity. The policy enforcement entity applies one or more network traffic rules to enforce a unidirectional flow of traffic from the first network layer to the second network layer. A response check message is generated with the trusted network entity. The response check message to determine whether response information is available on the non-trusted network entity in response to the request message. The response check message is transmitted from the trusted network entity to the non-trusted network entity through at least the policy enforcement entity. The response check message to determine whether the response information is stored in a conceptual mailbox on the non-trusted network entity.
Abstract translation: 使用在第一网络层上执行可信代码的可信网络实体生成请求消息。 所述请求消息针对在第二网络层上执行不可信代码的不可信网络实体。 请求消息通过至少一个策略执行实体从可信网络实体发送到不可信网络实体。 策略执行实体应用一个或多个网络流量规则来强制从第一网络层到第二网络层的单向流量流。 利用可信网络实体产生响应检查消息。 所述响应检查消息用于响应于所述请求消息来确定所述不信任网络实体上的响应信息是否可用。 响应检查消息通过至少策略执行实体从可信网络实体发送到不可信网络实体。 响应检查消息以确定响应信息是否存储在不可信网络实体上的概念邮箱中。
-
-
-
-
-
Search Results
6
records
(took 0.015 seconds)
