[특허]Secure network file access controller implementing access control and auditing

Secure network file access controller implementing access control and auditing 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	H04L-009/00 H04L-009/32 G06F-011/30 G06F-012/14
출원번호	US-0201358 (2002-07-22)
§371/§102 date	20000607 (20000607)
발명자 / 주소	Pham, Duc Nguyen, Tien Le Zhang, Pu Paul Lo, Mingchen
출원인 / 주소	Vormetric, Inc.
대리인 / 주소	NewTechLaw
인용정보	피인용 횟수 : 125 인용 특허 : 119

초록 ▼

A network file access appliance operates as a secure portal for network file access operations between client computer systems and network storage resources. The file access appliance terminates network file access transactions, identified by packet information including client system, mount point, and file request identifiers, between client systems and mount points supported by the access controller. A policy parser determines, based on the packet information, to selectively initiate network file access transactions between the access controller and network storage resources to enable completion of selected network file access transactions directed from the clients to the network file access appliance. The network file access transactions directed to the network storage resources are modified counterparts of policy selected client network file access transactions modified to reference mapped network storage resource mount points and support the secure transfer and storage of network file data.

대표청구항 ▼

1. A secure portal for network file access transactions between client computer systems and network storage resources, said secure portal comprising:a) a network interface supporting network connections to a client system and a network storage resource, respectively; and b) an access controller coupled to said network interface, said access controller operative to terminate a first network file access transaction between said client system and a virtual mount point supported by said access controller, wherein said access controller includes a policy parser, responsive to a client system identifier, authorization data including a user session identifier that references a session related group of one or more user processes executing on the client system identified by said client system identifier, a virtual mount point identifier, and a request identifier provided with a first network file request received within said first network file access transaction, operative to selectively enable initiation of a second network file access transaction between said access controller and a defined mount point of said network storage resource dependent on a defined combination including said client system identifier, said virtual mount point identifier, and said request identifier, said second network file access transaction including a second network file request having a modified correspondence with said first network file request to support completion of said first network file access transaction relative to said defined mount point. 2. The secure portal of claim 1 wherein said policy parser is further responsive to a user identifier and a group identifier included with said authorization data and wherein said second network file access transaction is selectively enabled dependent on said defined combination including said client system identifier, said virtual mount point identifier, said user session identifier, said user identifier, said group identifier, and said request identifier.3. The secure portal of claim 1 wherein said policy parser includes policy sets defined for predetermined combinations of said client system identifier, said authorization data, said virtual mount point identifier, and said request identifier, said second network file access transaction being enabled dependent on said policy sets including a defined policy set corresponding to said defined combination.4. The secure portal of claim 3 wherein said policy parser is further responsive to a user identifier and a group identifier included with said authorization data, wherein said policy sets are further defined for predetermined combinations of said client system identifier, user session identifier, said user identifier, said group identifier, said virtual mount point identifier, and said request identifier, and wherein said second network file access transaction is selectively enabled dependent on said defined combination including said client system identifier, user session identifier, said user identifier, said group identifier, said virtual mount point identifier, and said request identifier.5. The secure portal of claim 4 wherein said access controller is operative to provide auditing report data and wherein said access controller includes said defined combination in said auditing report data where said policy sets fail to contain said defined policy set corresponding to said defined combination.6. The secure portal of claim 5 wherein said access controller is operative to provide an administrative alarm selectively based on said defined combination where said policy sets fail to contain said defined policy set corresponding to said defined combination.7. A network file access controller providing secure access controls over accesses by client computer systems to network storage resources, said network file access controller comprising:a) a client network interface presenting a plurality of client mount points for connecting to logical network storage resources; b) a storage network interface coupleable to a plurality of network storage resources; c) a file access processor, responsive to session and control information provided by a client computer system in a network data packet within a client network file transaction, operative to selectively perform a storage network file transaction to support completion of said client network file transaction, wherein said session and control information includes a target client mount point specification, a process identifier, and a file access request, and wherein said process identifier references a session related group of one or more user processes executing on said client computer system; and d) a policy parser, responsive to said file access processor, operative to evaluate a plurality of predefined access constraints against said session and control information to enable said storage network file transaction. 8. The network file access controller of claim 7 wherein said file access processor includes mapping data, accessible by said policy parser, establishing a correspondence between said plurality of client mount points and said plurality of network storage resources.9. The network file access controller of claim 8 wherein said mapping data supports aliasing between said plurality of client mount points and said plurality of network storage resources.10. The network file access controller of claim 9 wherein said session and control information includes a file path specification and wherein said policy parser is responsive to said file path specification in evaluating said plurality of predefined access constraints.11. The network file access controller of claim 10 wherein said client network file transaction references a network file and wherein said policy parser qualifies execution of said storage network file transaction to retrieve an encryption key specific to said network file.12. The network file access controller of claim 11 wherein said policy parser qualifies execution of said storage network file transaction to retrieve an encryption key identifier, specific to said network file, from said plurality of network storage resources.13. The network file access controller of claim 12 wherein said file access processor includes a policy store and wherein said encryption key is accessed from said policy store based on said encryption key identifier.14. The network file access controller of claim 12 wherein said encryption key is retrieved from a trusted encryption key server based on said encryption key identifier.15. A method of controlling access by client systems to network storage resources, said method comprising the steps of:a) terminating first network file request transactions, including first file access requests and client and session identifications, initiated by client systems directed against first network files identified by first path specifications, wherein a session identification references a session related group of one or more user processes executing on the client system identified by the associated client identification; b) selecting predetermined ones of said first file access requests discriminated by said first path specifications by comparison of said first file access requests and said client and session identifications against a predefined set of policy specifications; and c) initiating second network file request transactions, including second file access requests, against second network files, identified by second file path specifications, stored by network storage resources, wherein said second file access requests correspond to said predetermined ones of said first file access requests to enable completion of said first network file request transactions, and wherein said second file path specifications correspond to said first file path specifications of said predetermined ones of said first file access requests. 16. The method of claim 15 further comprising the step of recording an audit log of said first network file request transactions with respect to said first file access requests as evaluated against said predefined set of policy specifications to select said predetermined ones of said first file access requests.17. The method of claim 15 wherein said first path specifications include client mount point identifiers, wherein said second path specifications include resource mount point identifiers, and wherein said step of initiating provides for the conversion of said client mount point identifiers to said resource mount point identifiers.18. The method of claim 17 wherein said step of selecting minimally evaluates said client mount point identifiers of said first path specifications against said predefined set of policy specifications to select said predetermined ones of said first file access requests.19. The method of claim 18 wherein said client and session identifications include client source IPs and process identifiers.20. The method of claim 19 wherein said client and session identifications further include authenticated user and group identifiers.21. The method of claim 20 further comprising the step of recording an audit log of said first network file request transactions with respect to said first file access requests as evaluated against said predefined set of policy specifications to select said predetermined ones of said first file access requests.22. A method of operating a secure portal appliance to control access to files stored on network storage resources, said method comprising the steps of:a) establishing a plurality of virtual mount points accessible by client systems for establishing network file access connections within which to receive first network file access requests, wherein said first network file access requests include client session information that identifies the user session processes executing on a client system that originates a corresponding one of said first network file access requests; b) evaluating said first network file access requests, including said client session information, against a predetermined set of access policies associated by said virtual mount points to identify a second network file requests executable to selectively complete said first network file access requests; and c) issuing said second network file requests to access network file data to enable selective completion of said first network file access requests. 23. The method of claim 22 wherein said client session information includes a client process identifier.24. The method of claim 22 wherein said client session information includes a source client identifier and an authenticated user identifier.25. The method of claim 22 wherein said client session information includes a source client identifier, a user identifier, a group identifier, and a client process identifier.26. The method of claim 22 wherein said step of issuing issues said second network file requests with respect to network storage resources having a predetermined correspondence with said plurality of virtual mount points.27. The method of claim 26 wherein said predetermined correspondence is determined by said predetermined set of access policies.

이 특허에 인용된 특허 (119)

Andreas V. Bechtolsheim ; David R. Cheriton, Access control list processing in hardware.
상세보기
Wobber Edward (Menlo Park CA) Abadi Martin (Palo Alto CA) Birrell Andrew (Los Altos CA) Lampson Butler (Cambridge MA), Access control subsystem and method for distributed computer system using locally cached authentication credentials.
상세보기
Epstein, Jeremy; Thomas, Linda, Advanced data guard having independently wrapped components.
상세보기
Chen James F. (Potomac MD) Wang Jieh-Shan (Potomac MD), Application level security system and method.
상세보기
Chin Hon Wah, Arrangement for rendering forwarding decisions for packets transferred among network switches.
상세보기
Hauser Stephen A. ; Caldara Stephen A. ; Manning Thomas A. ; McClure Robert B., Asynchronous transfer mode based service consolidation switch.
상세보기
Buhle Gordon ; Wessman Richard R., Authentication and authorization in a multi-tier relational database management system.
상세보기
Lloyd Brian ; McGregor Glenn, Centralized authentication, authorization and accounting server with support for multiple transport protocols and multiple client types.
상세보기
Gauvin William J. ; Cheung Raymond ; Brosnan Kevin P. ; Taranto Edward J., Client application program mobilizer.
상세보기
Ballard Clinton L., Client-side load-balancing in client server network.
상세보기
Sanchaita Datta ; Ragula Bhaskar, Combining routers to increase concurrency and redundancy in external network access.
상세보기
Lin Cher-Wen ; Ramaswamy Kumar ; Rahman Mizanur Mohammed ; Rettberg Randall David ; Doolittle Robert Arthur, Computer data packet switching and load balancing system using a general-purpose multiprocessor architecture.
상세보기
Brownlie Michael,CAX ; Hillier Stephen,CAX ; Van Oorschot Paul C.,CAX, Computer network security system and method having unilateral enforceable security policy provision.
상세보기
Cummins Marty T. (Rochester MI), Computer software encryption apparatus.
상세보기
Hsu Mike S. C. (1518 Ambergrove Dr. San Jose CA 95131), Computer system including a transparent and secure file transform mechanism.
상세보기
Fischer Addison M. (60 14th Ave. South Naples FL 33942), Computer system security method and apparatus having program authorization information data structures.
상세보기
Carlson Brent A. (Rochester MN) Huss Frederic L. (Rochester MN) Schmucki Nancy M. (Rochester MN) Zelenski Richard E. (Rochester MN), Connection authorizer for controlling access to system resources.
상세보기
Peirce, Jr., Kenneth L.; Xu, Yingchun; Mortsolf, Timothy Glenn; Harper, Matthew, Control and coordination of encryption and compression between network entities.
상세보기
Ballard C. Bare, Cost propagation switch protocols.
상세보기
Bellovin Steven M. (Westfield NJ) Merritt Michael J. (Berkeley Heights NJ), Cryptographic protocol for remote authentication.
상세보기
Thomas Collins ; John Gregory ; Ralph Bestock, Cryptographic system.
상세보기
Randal Chilton Burns ; Edward Gustav Chron ; Darrell Long ; Benjamin Clay Reed, Decentralized remotely encrypted file system.
상세보기
Paul Kanevsky ; Anthony C. Pizi ; Thomas Tsao ; Daniel Tyler, Distributed adaptive computing.
상세보기
Knight, John; Roden, Thomas Anthony; Shively, II, Darrell Myers; Chen, Pauline; Patil, Kavita Shekhar; Bui, Sonny, Distributed database system with authoritative node.
상세보기
Raz Yoav ; Vishlitzky Natan ; Alterescu Bruno, Dynamic load balancing.
상세보기
Bedard Fran.cedilla.ois,CAX ; Regnier Jean,CAX ; Caron France,CAX, Dynamically controlled routing using dynamic management of intra-link traffic to virtual destination nodes.
상세보기
Engel, Robert; Barzilai, Tsipora P.; Kandlur, Dilip Dinkar; Mehra, Ashish, Efficient classification, manipulation, and control of network transmissions by associating network flows with rule based functions.
상세보기
Wei-Ting Yu TW, Electrical connector.
상세보기
Brundrett Peter ; Garg Praerit ; Gu Jianrong ; Kelly ; Jr. James W. ; Kaplan Keith S. ; Reichel Robert P. ; Andrew Brian ; Kimura Gary D. ; Miller Thomas J., Encrypting file system and method.
상세보기
Zeidler Howard M. (Palo Alto CA), End-to-end encryption system and method of operation.
상세보기
Atalla Martin M. (Atherton CA), File access security method and means.
상세보기
Nozawa Masafumi (Odawara JPX) Shimada Akinobu (Hiratsuka JPX) Nishimura Toshifumi (Minamiashigara JPX) Kakuse Katsuharu (Hadano JPX) Tsukiyama Tokuhiro (Kanagawa JPX) Yata Kiyoshi (Hadano JPX) Ishii , File encryption method and file cryptographic system.
상세보기
Akizawa Mitsuru (Hachioji JPX) Yamashita Hirofumi (Yokohama JPX) Kawaguchi Hisamitsu (Sagamihara JPX) Tada Katsumi (Yokohama JPX) Kato Kanji (Yokohama JPX) Kito Akira (Ebina JPX) Yamada Hidenori (Had, File server system and file access control method of the same.
상세보기
Dahlgren Kent Blair ; Bedell Daniel J., Hierarchical address translation system for a network switch.
상세보기
Sindhu Pradeep S. ; Anand Ramalingam K. ; Ferguson Dennis C. ; Liencres Bjorn O., High speed switching device.
상세보기
Pi-Yu Chung ; Om P. Damani ; Yennun Huang ; Chandra M. Kintala ; Yi-Min Wang, Hosting a network service on a cluster of servers using a single-address image.
상세보기
Raz Uri, Information transfer systems and method with dynamic distribution of data, control and management of information.
상세보기
Wright Steven R. ; Brook Christopher T., Key encryption system and method, pager unit, and pager proxy for a two-way alphanumeric pager network.
상세보기
Kevin Michael Jordan ; Kun-Lung Wu ; Philip Shi-Lung Yu, Load balancing cooperating cache servers by shifting forwarded request.
상세보기
Jindal Anita ; Lim Swee Boon ; Radia Sanjay ; Chang Whei-Ling, Load balancing in a network environment.
상세보기
Allon David (Jerusalem ILX) Bach Moshe (Haifa ILX) Moatti Yosef (Haifa ILX) Teperman Abraham (Haifa ILX), Load balancing of network by maintaining in each computer information regarding current load on the computer and load on.
상세보기
Philip Shi-Lung Yu, Loading balancing across servers in a computer network.
상세보기
Ullum Daniel ; Edsall Thomas J. ; Hang Soei-Shin, Look up mechanism and associated hash table for a network switch.
상세보기
Bakke Mark A. (Maple Grove MN) Fiore Edward J. (Ramsey MN), Method and apparatus for accelerated packet forwarding.
상세보기
Adelman Kenneth Allen ; Kashtan David Lyon ; Palter William L. ; Piper ; II Derrell D., Method and apparatus for an internet protocol (IP) network clustering system.
상세보기
Hu Wei-Ming (Arlington MA), Method and apparatus for authenticating a client to a server in computer systems which support different security mechan.
상세보기
Blumenau Steven M., Method and apparatus for authenticating connections to a storage system coupled to a network.
상세보기
Kingdon Kevin (Orem UT), Method and apparatus for authentication of client server communication.
상세보기
Carter Stephen R., Method and apparatus for collaborative document control.
상세보기
Pedersen Bradley J., Method and apparatus for connecting a client node to a server node based on load levels.
상세보기
Yu Philip Shi-Lung, Method and apparatus for dynamic interval-based load balancing.
상세보기
Timothy E. Moses CA; Glenn C. Langford CA, Method and apparatus for facilitating information security policy control on a per security engine user basis.
상세보기
Schibler Ross M. (San Mateo CA) Topol A. Mitchell (Mountain View CA) Duffie P. Kingston (Palo Alto CA), Method and apparatus for generating route information for asynchronous transfer mode cell processing.
상세보기
Crichton Joseph M. ; Garvin Peter F. ; Staten Jeffrey W. ; Wright Waiki L., Method and apparatus for lightweight secure communication tunneling over the internet.
상세보기
Partridge Craig ; Milliken Walter C., Method and apparatus for multiplexing bytes over parallel communications links using data slices.
상세보기
Arnold Todd Weston, Method and apparatus for protecting application data in secure storage areas.
상세보기
Lang Gerald S. (812 Downs Dr. Silver Spring MD 20904), Method and apparatus for protecting material on storage media.
상세보기
Watson Colin (Issaquah WA) Herron Andrew M. (Issaquah WA), Method and apparatus for supporting multiple, simultaneous services over multiple, simultaneous connections between a cl.
상세보기
Malkin Gary ; Kossack Nancy ; Raison Paul ; Tran Thuan ; Wong Ellis L., Method and apparatus for transparently providing mobile network functionality.
상세보기
Nikander Pekka,FIX ; Ylonen Tatu,FIX, Method and arrangement for implementing IPSEC policy management using filter code.
상세보기
Tatu Ylonen FI; Tero Kivinen FI, Method and arrangement for secure tunneling of data between virtual routers.
상세보기
Peirce Kenneth L. ; Calhoun Patrick ; Harper Matthew H. ; Schoo Daniel L. ; Vakil Sumit, Method and system for coordination and control of data streams that terminate at different termination units using virtual tunneling.
상세보기
Takashima Youichi (Kanagawaken JPX) Ishii Shinji (Kanagawaken JPX) Yamanaka Kiyoshi (Kanagawaken JPX), Method and system for digital information protection.
상세보기
Gorczyca Robert ; Rashid Aamir Arshad ; Rodgers Kevin Forress ; Warnsman Stuart ; Weaver Thomas Van, Method and system for dynamically reconfiguring a cluster of computer systems.
상세보기
Kazar, Michael L.; Nydick, Daniel S.; Sanzi, Jr., Richard N.; Gohh, Fred; Bianchini, Jr., Ronald P.; Speiser, Benjamin, Method and system for responding to file system requests.
상세보기
Chan, Shannon; Jensenworth, Gregory; Goertzel, Mario C.; Shah, Bharat; Swift, Michael M.; Ward, Richard B., Method and system for secure running of untrusted content.
상세보기
Theimer Marvin M. (Mountain View CA) Nichols David A. (Mountain View CA) Terry Douglas B. (San Carlos CA), Method for delegating access rights through executable access control program without delegating access rights not in a.
상세보기
Raman Anant ; Rungta Sanjay, Method for determining a networking capability index for each of a plurality of networked computers and load balancing.
상세보기
Bass Walter E. (Sunnyvale CA) Matyas Stephen M. (Kingston NY) Oseas Jonathan (Hurley NY), Method for establishing user authenication with composite session keys among cryptographically communicating nodes.
상세보기
Witte Martin (Ulm DEX) Oehlerich Joerg (Stockdorf DEX) Held Walter (Geretsried DEX), Method for load balancing in a multi-processor system where arising jobs are processed by a plurality of processors unde.
상세보기
Puhl Larry C. (Sleepy Hollow IL) Finkelstein Louis D. (Wheeling IL) Dabbish Ezzat A. (Cary IL), Method for providing blind access to an encryption key.
상세보기
Case Jeffrey D., Method for secure key production.
상세보기
Zizzi Stephen, Method of transparent encryption and decryption for an electronic document management system.
상세보기
Johnson, Kirk L.; Kaashoek, M. Franz, Methods and apparatus for routing requests in a network.
상세보기
Kent K. Leung, Mobile IP mobility agent standby protocol.
상세보기
Matti Turunen FI, Mobile internet access.
상세보기
Chen James F. ; Wang Jieh-Shan ; Brook Christopher T. ; Garvey Francis, Multi-access virtual private network.
상세보기
Chen James F. ; Wang Jieh-Shan ; Brook Christopher T. ; Garvey Francis, Multi-access virtual private network.
상세보기
Williams Timothy C., Multi-level security network system.
상세보기
Lin David Dah-Haur ; Shaheen Amal Ahmed ; Yellepeddy Krishna Kishore, Multiple remote data access security mechanism for multitiered internet computer networks.
상세보기
Dellacona Richard, Network information server.
상세보기
Nguyen Minhtam C. (335 Elan Village La. ; Apt. 217 San Jose CA 95134), Network with secure communications sessions.
상세보기
Madoukh Ashraf T., Object-based security system.
상세보기
Madoukh, Ashraf T., Object-based security system.
상세보기
Narad Charles E. ; Fall Kevin ; MacAvoy Neil ; Shankar Pradip ; Rand Leonard M. ; Hall Jerry J., Packet processing system including a policy engine having a classification unit.
상세보기
Lumelsky, Leon L.; Manohar, Nelson R.; Wood, Stephen P., Policy-based multivariate application-level QoS negotiation for multimedia services.
상세보기
Warrier Padmanand ; Richter Roger, Scaleable network system for remote access of a local network.
상세보기
Burns Randal Chilton ; Chron Edward Gustav ; Long Darrell ; Reed Benjamin Clay, Secure array of remotely encrypted storage devices.
상세보기
Boebert William E. (Minneapolis MN) Hanson Mark H. (Eagan MN) Markham Thomas R. (Anoka MN), Secure computer network using trusted path subsystem which encrypts/decrypts and communicates with user through local wo.
상세보기
Cane David ; Hirschman David ; Speare Philip ; Vaitzblit Lev, Secure file archive through encryption key management.
상세보기
McManis Charles E. (Sunnyvale CA), Secure network protocol system and method.
상세보기
Andrew W. Trieger, Secure session tracking method and system for client-server environment.
상세보기
Elgamal Taher (Palo Alto CA) Hickman Kipp E. B. (Los Altos CA), Secure socket layer application program apparatus and method.
상세보기
Elgamal Taher ; Hickman Kipp E.B., Secure socket layer application program apparatus and method.
상세보기
Chan Steve S. C. (P.O. Box 34620 Chicago IL 60634), Secured data storage devices.
상세보기
Pravetz James D. ; Malloy Thomas J., Secured document access control using recipient lists.
상세보기
Dan Linh Nguyen, Security between client and server in a computer network.
상세보기
Gelb Edward J. (Wayne NJ), Security system for preventing unauthorized communications between networks by translating communications received in ip.
상세보기
Inala Suman Kumar ; Rangan P Venkat ; Satyavolu Ramakrishna, Server-side web summary generation and presentation.
상세보기
Stanton Leroy K. ; Wright Steven R. ; Brook Christopher T. ; Loane Russell F., Session key recovery system and method.
상세보기
Kumar Ramaswamy ; Cher-Wen Lin ; Randall David Rettberg ; Mizanur Mohammed Rahman, Software interface between switching module and operating system of a data packet switching and load balancing system.
상세보기
Locklear ; Jr. Robert H. ; Cantrell Craig S. ; McClanahan Kip R. ; Brewer William K. ; Carew Anthony J. P., Switched architecture access server.
상세보기
Moran, Douglas B., System and method for analyzing filesystems to detect intrusions.
상세보기
Brown Ross M. ; Greenberg Richard G., System and method for controlling access to data entities in a computer network.
상세보기
Shimada Kazutoshi,JPX, System and method for controlling access to subject data using location data associated with the subject data and a requ.
상세보기
Harrison, Bret Elliott; Reed, William Donald; Temoshenko, Leo, System and method for generation VPN network policies.
상세보기
Wright Tim ; Marconi Peter ; Conlin Richard ; Opalka Zbigniew, System architecture for and method of dual path data processing and management of packets and/or cells and the like.
상세보기
Opalka Zbigniew ; Aggarwal Vijay ; Kong Thomas ; Firth Christopher ; Costantino Carl, System architecture for and method of processing packets and/or cells in a common switch.
상세보기
East, Jeffrey A.; Walker, James J.; Jenness, Steven M.; Ozur, Mark C.; Kelly, Jr., James W., System for determining the rights of object access for a server process by combining them with the rights of the client process.
상세보기
Choquier Philippe,FRX ; Peyroux Jean-Francios ; Griffin William J., System for on-line service in which gateway computer uses service map which includes loading condition of servers broad.
상세보기
Scheifler Robert W., System for separately designating security requirements for methods invoked on a computer.
상세보기
Berger David A. ; Weber Jay C. ; Madapurmath Vilas I., System, method and article of manufacture for virtual point of sale processing utilizing an extensible, flexible archite.
상세보기
Brown, Eric William; Coden, Anni R.; Prager, John Martin; Radev, Dragomir Radkov, System, method and program product for answering questions using a search engine.
상세보기
Chipman Richard R. ; Mankofsky Alan ; Karandikar Harshavardhan M.,DEX ; Warren Gary, System, method, and medium for retrieving, organizing, and utilizing networked data.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for the secure transaction management and electronic rights protection.
상세보기
Chen James F. ; Wang Jieh-Shan, Token distribution, registration, and dynamic configuration of user entitlement for an application level security system.
상세보기
Thompson Bruce A. (Highlands Ranch CO) Van Maren David J. (Ft. Collins CO) McCarthy John G. (Thornton CO) Purcell R. Andrew (Ft. Collins CO) Rottinghaus Michael (Greeley CO), Transparent peripheral file systems with on-board compression, decompression, and space management.
상세보기
Morris C. Carson (Broad Run VA) Bielsker Barry H. (Vienna VA) Cole Donald A. (Rockville MD), Two-tiered communication security employing asymmetric session keys.
상세보기
Peirce, Jr., Kenneth L.; Harper, Matthew; Mortsolf, Timothy G.; Xu, Yingchun; Dynarski, Richard J., Virtual home agent service using software-replicated home agents.
상세보기

이 특허를 인용한 특허 (125)

Bharadwaj, Vijay G; Bryce, Duncan G; Hamburg, Mike; Pandya, Ravindra N, Access control and encryption in multi-user systems.
상세보기
Dillaway, Blair B., Auditing authorization decisions.
상세보기
Dillaway, Blair B., Auditing authorization decisions.
상세보기
Hsieh, Jonathan Ming-Cyn, Automatic repair of corrupt HBases.
상세보기
Kornacker, Marcel; Erickson, Justin; Li, Nong; Kuff, Lenni; Robinson, Henry Noel; Choi, Alan; Behm, Alex, Background format optimization for enhanced SQL-like queries in Hadoop.
상세보기
Zeyliger, Philip; Langdale, Philip L.; Hunt, Patrick D., Centralized configuration and monitoring of a distributed computing cluster.
상세보기
Zeyliger, Philip; Langdale, Philip Lee; Hunt, Patrick David, Centralized configuration of a distributed computing cluster.
상세보기
Hsieh, Jonathan Ming-Cyn; Robinson, Henry Noel, Collecting and aggregating datasets for analysis.
상세보기
Hsieh, Jonathan Ming-Cyn; Robinson, Henry Noel, Collecting and aggregating log data with fault tolerance.
상세보기
Hsieh, Jonathan Ming-Cyn; Robinson, Henry Noel, Collecting and aggregating log data with fault tolerance.
상세보기
Hsieh, Jonathan Ming-Cyn; Robinson, Henry Noel, Collecting and aggregating log data with fault tolerance.
상세보기
Kobayashi,Ikuko; Kimura,Shinji, Computer system that enables a plurality of computers to share a storage device.
상세보기
Hsieh, Jonathan Ming-Cyn; Robinson, Henry Noel, Configuring a system to collect and aggregate datasets.
상세보기
Hsieh, Jonathan Ming-Cyn; Robinson, Henry Noel, Configuring a system to collect and aggregate datasets.
상세보기
Goyal, Sanyam; Chathoth, Vikas Pooven, Controlling access to a large number of electronic resources.
상세보기
Dillaway, Blair B.; Becker, Moritz Y.; Gordon, Andrew D.; Fournet, Cedric, Controlling the delegation of rights.
상세보기
Bharadwaj, Vijay G.; Ferguson, Niels T; Ellison, Carl M.; Nyström, Magnus Bo Gustaf; Zhou, Dayi; Issoupov, Denis; Ureche, Octavian T.; Novotney, Peter J.; Ilac, Cristian M., Cryptographic key management.
상세보기
Lipcon, Todd; Myers, Aaron T.; Collins, Eli, Data node fencing in a distributed file system.
상세보기
Tokutani, Takashi; Hatakeyama, Takahisa; Tanaka, Keishiro; Yura, Masakazu; Nagaoka, Teruyoshi, Data processing apparatus for digital copyrights management.
상세보기
Lipcon, Todd, Data processing performance enhancement in a distributed file system.
상세보기
Lipcon, Todd, Data processing performance enhancement in a distributed file system.
상세보기
Subramanian, Ananthan, Discarding sensitive data from persistent point-in-time image.
상세보기
Subramanian, Ananthan, Discarding sensitive data from persistent point-in-time image.
상세보기
Mizuno, Makio, Disk control unit.
상세보기
Mizuno,Makio, Disk control unit.
상세보기
Vainstein, Klimenty, Document security system that permits external users to gain access to secured files.
상세보기
Vainstein, Klimenty, Document security system that permits external users to gain access to secured files.
상세보기
Ouye, Michael Michio; Crocker, Steven Toye, Dynamic evaluation of access rights.
상세보기
Hsieh, Jonathan Ming-Cyn; Robinson, Henry Noel, Dynamically processing an event using an extensible data model.
상세보기
Hsieh, Jonathan Ming-Cyn; Robinson, Henry Noel, Dynamically processing an event using an extensible data model.
상세보기
Hsieh, Jonathan Ming-Cyn; Robinson, Henry Noel, Dynamically processing an event using an extensible data model.
상세보기
Alves, David; Lipcon, Todd, Ensuring properly ordered events in a distributed computing environment.
상세보기
Cross, David B.; Leach, Paul J., File system operation and digital rights management (DRM).
상세보기
Cross, David B.; Leach, Paul J., File system operation and digital rights management (DRM).
상세보기
Cross,David B.; Leach,Paul J., File system operation and digital rights management (DRM).
상세보기
Supramaniam,Senthilvasan; Huang,Weiqing; Vainstein,Klimenty, Guaranteed delivery of changes to security policies in a distributed system.
상세보기
Iyer, Pradeep, HTTP proxy based captive portal.
상세보기
Rossmann, Alain, Hybrid systems for securing digital assets.
상세보기
Sonwane, Abhilash Vijay; Mahadevia, Jimit Hareshkumau; Malek, Sarfaraz Mohammedhanif; Pandya, Sumit; Shah, Nishit Shantibhai; Modhwadiya, Rajesh Hardasbhai, Identity and policy-based network security and management system and method.
상세보기
Chateau,Alain; Azema,Jerome; Haidamous,Constantin, Indirect data protection using random key encryption.
상세보기
Kornacker, Marcel; Erickson, Justin; Li, Nong; Kuff, Lenni; Robinson, Henry Noel; Choi, Alan; Behm, Alex, Low latency query engine for Apache Hadoop.
상세보기
Kornacker, Marcel; Erickson, Justin; Li, Nong; Kuff, Lenni; Robinson, Henry Noel; Choi, Alan; Behm, Alex, Low latency query engine for apache hadoop.
상세보기
Alain, Rossmann; Zuili, Patrick; Ouye, Michael Michio; Humpich, Serge; Lee, Chang-Ping; Vainstein, Klimenty; Hilderbrand, Hal; Garcia, Denis Jacques Paul; Supramaniam, Senthilvasan; Huang, Weiqing; Ryan, Nicholas Michael, Managing secured files in designated locations.
상세보기
Hsieh, Jonathan Ming-Cyn; Bertozzi, Matteo, Manifest-based snapshots in distributed computing environments.
상세보기
Lipcon, Todd, Memory allocation buffer for reduction of heap fragmentation.
상세보기
Lipcon, Todd, Memory allocation buffer for reduction of heap fragmentation.
상세보기
Osaki,Nobuyuki, Method and apparatus for data storage.
상세보기
Gallant, David Austin; Ashmore, Paul Andrew, Method and apparatus for external event notification management over in-band and out-of-band networks in storage system controllers.
상세보기
Yadav,Satyendra, Method and apparatus for providing discrete data storage security.
상세보기
Garcia, Denis Jacques Paul, Method and apparatus for securing digital assets.
상세보기
Lee, Chang-Ping; Garcia, Denis Jacques Paul, Method and apparatus for securing electronic data.
상세보기
Vainstein, Klimenty; Nath, Satyajit; Ouye, Michael Michio, Method and apparatus for transitioning between states of security policies used to secure electronic documents.
상세보기
Vainstein, Klimenty; Nath, Satyajit; Ouye, Michael Michio, Method and apparatus for transitioning between states of security policies used to secure electronic documents.
상세보기
Phillips, Anthony H., Method and system for encrypted file access.
상세보기
Kenrich, Michael Frederick; Hildebrand, Hal S.; Supramaniam, Senthilvasan, Method and system for fault-tolerant transfer of files across a network.
상세보기
Huang, Weiqing; Supramaniam, Senthilvasan; Vainstein, Klimenty, Method and system for implementing changes to security policies in a distributed security system.
상세보기
Huang, Weiqing; Supramaniam, Senthilvasan; Vainstein, Klimenty, Method and system for implementing changes to security policies in a distributed security system.
상세보기
Vainstein, Klimenty, Method and system for managing security tiers.
상세보기
Kinghorn, Gary Mark; Garcia, Denis Jacques Paul, Method and system for protecting electronic data in enterprise environment.
상세보기
Ryan,Nicholas M., Method and system for protecting encrypted files transmitted over a network.
상세보기
Murray, Gregory L.; McClanahan, Craig R.; Burns, Edward J., Method and system for protecting publicly viewable web client reference to server resources and business logic.
상세보기
Nath, Satyajit, Method and system for providing document retention using cryptography.
상세보기
Nath, Satyajit, Method and system for providing document retention using cryptography.
상세보기
Nath, Satyajit; Vainstein, Klimenty; Ouye, Michael Michio, Method and system for securing digital assets using process-driven security policies.
상세보기
Nath, Satyajit; Vainstein, Klimenty; Ouye, Michael Michio, Method and system for securing digital assets using process-driven security policies.
상세보기
Elzur, Uri, Method and system for traffic engineering in secured networks.
상세보기
Elzur, Uri, Method and system for traffic engineering in secured networks.
상세보기
Elzur, Uri, Method and system for traffic engineering in secured networks.
상세보기
Ryan, Nicholas M., Method and system for using remote headers to secure electronic files.
상세보기
Gregg, Richard L.; Giri, Sandeep; Goeke, Timothy C., Method for managing access to protected computer resources.
상세보기
Gregg, Richard L.; Giri, Sandeep; Goeke, Timothy C., Method for managing access to protected computer resources.
상세보기
Gregg, Richard L.; Giri, Sandeep; Goeke, Timothy C., Method for managing access to protected computer resources.
상세보기
Gregg, Richard L.; Giri, Sandeep; Goeke, Timothy C., Method for managing access to protected computer resources.
상세보기
Gregg, Richard L.; Giri, Sandeep; Goeke, Timothy C., Method for managing access to protected computer resources.
상세보기
Lerner, Alexander; Dewey, Michael K., Method, system, and computer program product for facilitating communication in an interoperability network.
상세보기
Lerner, Alexander; Dewey, Michael K., Method, system, and computer program product for facilitating communication in an interoperability network.
상세보기
Garcia, Denis Jacques Paul; Ouye, Michael Michio; Rossmann, Alain; Crocker, Steven Toye; Gilbertson, Eric; Huang, Weiqing; Humpich, Serge; Vainstein, Klimenty; Ryan, Nicholas Michael, Methods and systems for providing access control to secured data.
상세보기
Garcia, Denis Jacques Paul; Ouye, Michael Michio; Rossmann, Alain; Crocker, Steven Toye; Gilbertson, Eric; Huang, Weiqing; Humpich, Serge; Vainstein, Klimenty; Ryan, Nicholas Michael, Methods and systems for providing access control to secured data.
상세보기
Garcia, Denis Jacques Paul; Ouye, Michael Michio; Rossmann, Alain; Crocker, Steven Toye; Gilbertson, Eric; Huang, Weiqing; Humpich, Serge; Vainstein, Klimenty; Ryan, Nicholas Michael, Methods and systems for providing access control to secured data.
상세보기
Garcia, Denis Jacques Paul; Ouye, Michael Michio; Rossmann, Alain; Crocker, Steven Toye; Gilbertson, Eric; Huang, Weiqing; Humpich, Serge; Vainstein, Klimenty; Ryan, Nicholas Michael, Methods and systems for providing access control to secured data.
상세보기
Kenrich, Michael Frederick; Gutnik, Yevgeniy, Multi-level file digests.
상세보기
Kenrich, Michael Frederick; Gutnik, Yevgeniy, Multi-level file digests.
상세보기
Roy, Paul; Al-Azzawe, Khalid; Carter, Cale; Chitnis, Ambarish; Hawes, Richard Masao, Network access control based on program state.
상세보기
Bojinov, Hristo; Subramanian, Ananthan, Network storage server with integrated encryption, compression and deduplication capability.
상세보기
Shelest, Art; Ward, Richard B., Network zones.
상세보기
Pope, Steve L.; Riddoch, David J.; Yu, Ching; Roberts, Derek, Packet validation in virtual network interface architecture.
상세보기
Pope, Steve L.; Riddoch, David J.; Yu, Ching; Roberts, Derek, Packet validation in virtual network interface architecture.
상세보기
Pope, Steve; Riddoch, David; Yu, Ching; Roberts, Derek, Packet validation in virtual network interface architecture.
상세보기
Chaudhary, Puneet; Gunda, Kalyan C.; Shah, Gautam Haridas, Per file system usage of networks.
상세보기
Jeffries, Charles G.; Bharadwaj, Vijay G.; Grass, Michael J.; Setzer, Matthew C.; Sinha, Gaurav; Ellison, Carl M., Portable secure data files.
상세보기
Jeffries, Charles G.; Bharadwaj, Vijay G.; Grass, Michael J.; Setzer, Matthew C.; Sinha, Gaurav; Ellison, Carl M., Portable secure data files.
상세보기
Ryan, Nicholas M., Protecting encrypted files transmitted over a network.
상세보기
Gabrielson, Jacob; Hansen, Zachary J.; Lye, Diane N., Providing private access to network-accessible services.
상세보기
Gabrielson, Jacob; Hansen, Zachary J.; Lye, Diane N., Providing private access to network-accessible services.
상세보기
Zeyliger, Philip, Querying operating system state on multiple machines declaratively.
상세보기
Ranganathan, Jairam, Resource management in a distributed computing environment.
상세보기
Moore, Keith E.; Dekhil, Mohamed; Shenoy, Rajesh K., Secure access of resources at shared appliances.
상세보기
Garcia,Denis Jacques Paul, Secured data format for access control.
상세보기
Dillaway, Blair B.; Becker, Moritz Y.; Gordon, Andrew D.; Fournet, Cedric; LaMacchia, Brian A., Security assertion revocation.
상세보기
Dillaway, Blair B.; Becker, Moritz Y.; Gordon, Andrew D.; Fournet, Cedric, Security authorization queries.
상세보기
Dillaway, Blair B.; Becker, Moritz Y.; Gordon, Andrew D.; Fournet, Cedric, Security authorization queries.
상세보기
Becker, Moritz Y.; Dillaway, Blair B.; Fournet, Cedric; Gordon, Andrew D., Security language expressions for logic resolution.
상세보기
Becker, Moritz Y.; Dillaway, Blair B.; Fournet, Cedric; Gordon, Andrew D.; Mackay, Jason F., Security language translations with logic resolution.
상세보기
Becker, Moritz Y.; Dillaway, Blair B.; Fournet, Cedric; Gordon, Andrew D.; Mackay, Jason F., Security language translations with logic resolution.
상세보기
Hildebrand, Hal S.; Garcia, Denis Jacques Paul, Security system for generating keys from access rules in a decentralized manner and methods therefor.
상세보기
Gutnik, Yevgeniy, Security system that uses indirect password-based encryption.
상세보기
Vainstein, Klimenty; Ouye, Michael Michio, Security system with staging capabilities.
상세보기
Beck, Stefan; Cherdron, Markus; Singler, Joerg, Session handling.
상세보기
Rajashekar, Rajesh; Klinkner, Steve, Simplified and unified management for network-attached storage.
상세보기
Kogelnik, Christoph, Sub-volume level security for deduplicated data.
상세보기
Garcia, Eduardo; Colorado, Carlos Arturo, System and method for communicating with a key management system.
상세보기
Garcia, Eduardo; Pena, Sergio A., System and method for controlling access to decrypted data.
상세보기
Camiel, Noam, System and method for data storage firewall on data storage unit.
상세보기
Ryan, Nicholas, System and method for imposing security on copies of secured items.
상세보기
Hildebrand, Hal S., System and method for providing different levels of key security for controlling access to secured items.
상세보기
Hildebrand, Hal S.; Vainstein, Klimenty, System and method for providing distributed access control to secured documents.
상세보기
Zuili, Patrick; Vainstein, Klimenty, System and method for providing manageability to security information for secured items.
상세보기
Vainstein, Klimenty; Hildebrand, Hal, System and method for providing multi-location access management to secured items.
상세보기
Vainstein, Klimenty; Hildebrand, Hal, System and method for providing multi-location access management to secured items.
상세보기
Kirkland, Dustin C.; Garcia, Eduardo, System and method for secure release of secret information over a network.
상세보기
Kirkland, Dustin C.; Garcia, Eduardo, System and method for secure release of secret information over a network.
상세보기
Chacko, Vinoo; Agarwal, Puneet; Nanjudaswamy, Shashi; Soni, Ajay, Systems and methods for enabling assured records using fine grained auditing of virtual private network traffic.
상세보기
Newton, Aaron; Zeyliger, Philip, User interface implementation for partial display update.
상세보기
Garcia, Eduardo, Virtual machine image encryption.
상세보기
Halcrow, Michael; Dierks, Timothy, Volatile encryption keys.
상세보기

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

내보내기 구분	파일저장 인쇄 메일전송
구성항목	기본정보 상세정보 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 공고번호, 공고일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표출원인, 출원인국적, 출원인주소, 발명자, 발명자E, 발명자코드, 발명자주소, 발명자 우편번호, 발명자국적, 대표IPC, IPC코드, 요약, 미국특허분류, 대리인주소, 대리인코드, 대리인(한글), 대리인(영문), 국제공개일자, 국제공개번호, 국제출원일자, 국제출원번호, 우선권, 우선권주장일, 우선권국가, 우선권출원번호, 원출원일자, 원출원번호, 지정국, Citing Patents, Cited Patents
저장형식	Text(ASCII format) Excel format PIAS분석(.xls)
메일정보	받는사람 (필수) @ 보내는사람 (선택) @ 제목 내용 KISTI 검색결과 이메일 서비스
안내	총 건의 자료가 검색되었습니다. 다운받으실 자료의 인덱스를 입력하세요. (1-10,000) 검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다. 데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요) 다운로드 파일은 UTF-8 형태로 저장됩니다. 파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오. ~ Text(ASCII format) Excel format

연합인증

Secure network file access controller implementing access control and auditing 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

이 특허에 인용된 특허 (119)

이 특허를 인용한 특허 (125)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트

연합인증

Secure network file access controller implementing access control and auditing 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

전체(0) 논문(0) 특허(0) 보고서(0)

전체(0) 논문(0) 특허(0) 보고서(0)

이 특허에 인용된 특허 (119)

이 특허를 인용한 특허 (125)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트