Настройки

Укажите год
-

Небесная энциклопедия

Космические корабли и станции, автоматические КА и методы их проектирования, бортовые комплексы управления, системы и средства жизнеобеспечения, особенности технологии производства ракетно-космических систем

Подробнее
-

Мониторинг СМИ

Мониторинг СМИ и социальных сетей. Сканирование интернета, новостных сайтов, специализированных контентных площадок на базе мессенджеров. Гибкие настройки фильтров и первоначальных источников.

Подробнее

Форма поиска

Поддерживает ввод нескольких поисковых фраз (по одной на строку). При поиске обеспечивает поддержку морфологии русского и английского языка
Ведите корректный номера.
Ведите корректный номера.
Ведите корректный номера.
Ведите корректный номера.
Укажите год
Укажите год
Применить Всего найдено 23. Отображено 20.
16-01-2020 дата публикации

AUTOMATIC COPY VALIDATION USING REAL-WORLD APPLICATION TRAFFIC

Номер: US20200019676A1
Автор: Fireberger Aviram, Golan Oron, Shemer Jehuda, Wolfson Kfir, Zamir Amos
Принадлежит:

One example method includes bringing up a clone application in a validation environment, replaying recorded incoming network traffic to the clone application, obtaining a response of the clone application to the incoming network traffic, comparing the response of the clone application to recorded outgoing network traffic of the production application, and making a validation determination regarding the clone application, based on the comparison of the response of the clone application to recorded outgoing network traffic of the production application. When the clone application is not validated, the example method includes identifying and resolving a problem relating to the clone application. 1. A method , comprising:bringing up a clone application in a validation environment;replaying recorded incoming network traffic to the clone application;obtaining a response of the clone application to the incoming network traffic;comparing the response of the clone application to recorded outgoing network traffic of the production application;making a validation determination regarding the clone application, based on the comparison of the response of the clone application to recorded outgoing network traffic of the production application; andwhen the clone application is not validated, identifying and resolving a problem relating to the clone application.2. The method as recited in claim 1 , wherein the clone application is created by applying a cloning process to the production application.3. The method as recited in claim 1 , wherein the validation environment comprises a clone of a production environment in which the production application operates.4. The method as recited in claim 1 , wherein the recorded incoming network traffic was generated by recording incoming network traffic to the production application.5. The method as recited in claim 1 , wherein part of the method is performed by a network traffic generator player-validator.6. The method as recited in claim 1 , ...

Подробнее
Номер записи: 1
23-01-2020 дата публикации

Tracing Mechanism for Monitoring and Analysis of Cloud-Based Communication Session Attacks

Номер: US20200028863A1
Автор: Amos Zamir, Aviram Fireberger, Jehuda Shemer, Kfir Wolfson, Oron Golan
Принадлежит: EMC IP Holding Co LLC

A tracing mechanism is provided for analyzing session-based attacks. An exemplary method comprises: detecting a potential attack associated with a session from a potential attacker based on predefined anomaly detection criteria; adding a tracing flag identifier to a response packet; sending a notification to a cloud provider of the potential attack, wherein the notification comprises the tracing flag identifier; and sending the response packet to the potential attacker, wherein, in response to receiving the response packet with the tracing flag identifier, the cloud provider: determines a source of the potential attack based on a destination of the response packet; forwards the response packet to the potential attacker based on the destination of the response packet; and monitors the determined source to evaluate the potential attack. The response packet is optionally delayed by a predefined time duration and/or until the cloud provider has acknowledged receipt of the notification.

Подробнее
Номер записи: 2
26-03-2020 дата публикации

Enterprise Non-Encryption Enforcement And Detection of Ransomware

Номер: US20200097650A1
Автор: Golan Oron, Shemer Udi, Wolfson Kfir, Zamir Amos
Принадлежит: EMC IP Holding Company LLC

An enterprise storage system and method detects the probability of encryption of data by comparing the level of randomness in the data to a set of increasing thresholds to determine the severity of encryption. Encryption exceeding a high predetermined threshold is determined to be due to ransomware. Upon determining the level of encryption, an appropriate action is taken based upon one or both of the policy of the enterprise or local governmental regulations as to encryption or non-encryption of data. 1. A method of detecting encryption of data in an enterprise data storage system , comprising:providing a virtualization system for managing the storage of data received by said virtualization system from a data source;analyzing said received data to determine a probability of encryption of said received data prior to writing said received data to data storage;comparing said determined probability with each one of a set of threshold levels having increasing values to determine a severity level of said encryption; andtaking an action determined by a policy of said enterprise based upon said severity level of said encryption.2. The method of claim 1 , wherein said analyzing comprises analyzing a predetermined number claim 1 , L claim 1 , blocks of sequential data in real time to determine a measure of randomness in said data claim 1 , and detecting encryption based upon said measure of randomness.3. The method of claim 2 , wherein said predetermined number of blocks is selected based upon the type of data received and the source of said received data.4. The method of claim 2 , wherein said analyzing said received data comprises determining a measure of entropy in said received data and applying another statistic to determine a deviation in said randomness in said data from an expected result.5. The method of claim 4 , wherein said applying another statistic comprises using Chi square to differentiate encryption of said received data from compression of said received data ...

Подробнее
Номер записи: 3
26-03-2020 дата публикации

Translating existing security policies enforced in upper layers into new security policies enforced in lower layers

Номер: US20200099721A1
Автор: Amos Zamir, Aviram Fireberger, Kfir Wolfson, Oron Golan, Udi Shemer
Принадлежит: EMC IP Holding Co LLC

Existing policies enforced at or above an operating system (OS) layer of a device are obtained. Translation rules are stored that include data structure descriptions of conditions, corresponding actions performed when the conditions are satisfied, and attributes specified in the existing policies, and attributes of one or more layers below the OS layer that are relevant to policy enforcement in the one or more layers below the OS layer. The existing policies are parsed using the data structure descriptions to identify the conditions, corresponding actions, and attributes specified in the existing policies. New policies are generated that are consistent with the existing policies. The new policies include the identified attributes specified in the existing policies and the attributes relevant to policy enforcement in the one or more layers below the OS layer. The new policies are enforced in the one or more layers below the OS layer.

Подробнее
Номер записи: 4
02-04-2020 дата публикации

Moving target defense with network level changes providing substantially continuous access to applications

Номер: US20200106807A1
Автор: Amos Zamir, Jehuda Shemer, Kfir Wolfson, Oron Golan
Принадлежит: EMC IP Holding Co LLC

Network level Moving Target Defense techniques are provided with substantially continuous access to protected applications. An exemplary method comprises identifying a first application listening to a first port or a first network address; notifying the first application to listen to a second port or a second network address; notifying at least one additional application that the first application is listening to the second port or the second network address; and notifying the first application to unlisten to the first port or the first network address, wherein the first application operates in a substantially continuous manner during a change from listening to one or more of the first port and the first network address and listening to one or more of the second port and the second network address. The first application can be a stateful application having persistent storage.

Подробнее
Номер записи: 5
30-04-2020 дата публикации

Life Cycle Management for Cloud-Based Application Executors with Key-Based Access to Other Devices

Номер: US20200133700A1
Автор: Eliyahu Roie Ben, Fireberger Aviram, Golan Oron, Saffar Or Herman, Savir Amihai
Принадлежит:

Life cycle management techniques are provided for cloud-based application executors with key-based access to other devices. An exemplary method comprises determining that a retention time for a first cloud-based application executor (e.g., a virtual machine or a container) has elapsed, wherein the first cloud-based application executor has key-based access to at least one other device using a first key; in response to the determining, performing the following steps: creating a second cloud-based application executor; and determining a second key for the second cloud-based application executor that is different than the first key, wherein the second cloud-based application executor uses the first key to add the second key to one or more trusted keys of the at least one other device and deactivates the first key from the one or more trusted keys. 1. A method , comprising:determining that a retention time for a first cloud-based application executor has elapsed, wherein the first cloud-based application executor has key-based access to at least one other device using a first key;in response to the determining, performing the following steps, using at least one processing device:creating a second cloud-based application executor; anddetermining a second key for the second cloud-based application executor that is different than the first key,wherein the second cloud-based application executor uses the first key to add the second key to one or more trusted keys of the at least one other device and deactivates the first key from the one or more trusted keys.2. The method of claim 1 , wherein the first cloud-based application executor comprises a configuration manager that uses the first key to control the at least one other device.3. The method of claim 1 , wherein the first cloud-based application executor is associated with a first Internet Protocol (IP) address and a first media access control (MAC) address claim 1 , and wherein the second cloud-based application ...

Подробнее
Номер записи: 6
29-09-2020 дата публикации

Container life cycle management with honeypot service

Номер: US10791144B1
Автор: Amos Zamir, Aviram Fireberger, Oron Golan, Raul Shnier, Yevgeni Gehtman
Принадлежит: EMC IP Holding Co LLC

The life cycle of one or more containers related to one or more containerized applications is managed by determining that a predefined retention time for a first container of the plurality of containers has elapsed; in response to the determining, performing the following honeypot container creation steps: suspending new session traffic to the first container; maintaining the first container as a honeypot container; and identifying communications sent to the honeypot container as an anomalous communication. Alert notifications are optionally generated for the anomalous communication.

Подробнее
Номер записи: 7
05-11-2019 дата публикации

Method and system for implementing cyber security as a service

Номер: US10469518B1
Автор: Amit Lieberman, Assaf Natanzon, Oron Golan, Raul Shnier, Yuri Manusov
Принадлежит: EMC IP Holding Co LLC

A method and system for implementing cyber security as a service in a cloud computing environment. Specifically, method and system entail leveraging existing disaster recovery (DR) solutions to perform cyber security tests and assess cyber security vulnerabilities, if any, on system and/or application images backed up on the existing DR solution. In leveraging existing DR solutions, a cyber security service is integrated into the existing DR solution as an additional feature.

Подробнее
Номер записи: 8
19-03-2024 дата публикации

Detection of supply chain-related security threats to software applications

Номер: US11934533B2
Автор: Adir ATIAS, Aviad PINES, Aviram Fireberger, Oron Golan
Принадлежит: Microsoft Technology Licensing LLC

The disclosure is directed towards the detection of supply chain-related security threats to software applications. One method includes identifying differences between updated source code and previous source. The updated source code corresponds to an updated version of an application. The previous source code corresponds to a previous version of the application. A risk score is determined for the updated version. The risk score is based on a machine learning (ML) risk model. The ML risk model analyzes the differences between the updated source code and the previous source code. A value of the risk score corresponds to potential security threats that are associated with the updated version. The potential security threats are not associated with the previous version of the application. The risk score is provided to interested parties.

Подробнее
Номер записи: 9
06-07-2023 дата публикации

Database management engine for a database management system

Номер: WO2023129342A1
Автор: Adir ATIAS, Aviad PINES, Aviram Fireberger, Evgeny LUTSKY, Oron Golan
Принадлежит: Microsoft Technology Licensing, LLC.

Methods, systems, and computer storage media provide a privacy compliance notification indicating a database's level of compliance with a privacy policy after restoring the database to the database's backup copy. The database is associated with a database management engine. The database supports privacy-based first-class data entities. The privacy-based first-class data entities are database entities having privacy system-level metadata properties associated with data operations in a database language syntax. The privacy compliance notification may be generated based on determining whether a privacy database operation associated with a database journal and a privacy journal has been executed on a database since the database was restored to a backup copy of the database. The database transaction journal includes a transaction log of database operations executed against the database, and the privacy journal includes the database operations logged as privacy database operations associated with the plurality of privacy-based first-class data entities.

Подробнее
Номер записи: 10
13-06-2024 дата публикации

Database management engine for a database management system

Номер: AU2022424983A1
Автор: Adir ATIAS, Aviad PINES, Aviram Fireberger, Evgeny LUTSKY, Oron Golan
Принадлежит: Microsoft Technology Licensing LLC

Methods, systems, and computer storage media provide a privacy compliance notification indicating a database's level of compliance with a privacy policy after restoring the database to the database's backup copy. The database is associated with a database management engine. The database supports privacy-based first-class data entities. The privacy-based first-class data entities are database entities having privacy system-level metadata properties associated with data operations in a database language syntax. The privacy compliance notification may be generated based on determining whether a privacy database operation associated with a database journal and a privacy journal has been executed on a database since the database was restored to a backup copy of the database. The database transaction journal includes a transaction log of database operations executed against the database, and the privacy journal includes the database operations logged as privacy database operations associated with the plurality of privacy-based first-class data entities.

Подробнее
Номер записи: 11
01-12-2020 дата публикации

Tracing mechanism for monitoring and analysis of cloud-based communication session attacks

Номер: US10855709B2
Автор: Amos Zamir, Aviram Fireberger, Jehuda Shemer, Kfir Wolfson, Oron Golan
Принадлежит: EMC IP Holding Co LLC

A tracing mechanism is provided for analyzing session-based attacks. An exemplary method comprises: detecting a potential attack associated with a session from a potential attacker based on predefined anomaly detection criteria; adding a tracing flag identifier to a response packet; sending a notification to a cloud provider of the potential attack, wherein the notification comprises the tracing flag identifier; and sending the response packet to the potential attacker, wherein, in response to receiving the response packet with the tracing flag identifier, the cloud provider: determines a source of the potential attack based on a destination of the response packet; forwards the response packet to the potential attacker based on the destination of the response packet; and monitors the determined source to evaluate the potential attack. The response packet is optionally delayed by a predefined time duration and/or until the cloud provider has acknowledged receipt of the notification.

Подробнее
Номер записи: 12
06-07-2023 дата публикации

Database management engine for a database management system

Номер: CA3241274A1
Автор: Adir ATIAS, Aviad PINES, Aviram Fireberger, Evgeny LUTSKY, Oron Golan
Принадлежит: Microsoft Technology Licensing LLC

Methods, systems, and computer storage media provide a privacy compliance notification indicating a database's level of compliance with a privacy policy after restoring the database to the database's backup copy. The database is associated with a database management engine. The database supports privacy-based first-class data entities. The privacy-based first-class data entities are database entities having privacy system-level metadata properties associated with data operations in a database language syntax. The privacy compliance notification may be generated based on determining whether a privacy database operation associated with a database journal and a privacy journal has been executed on a database since the database was restored to a backup copy of the database. The database transaction journal includes a transaction log of database operations executed against the database, and the privacy journal includes the database operations logged as privacy database operations associated with the plurality of privacy-based first-class data entities.

Подробнее
Номер записи: 13
01-05-2024 дата публикации

Detection of supply chain-related security threats to software applications

Номер: EP4359978A1
Автор: Adir ATIAS, Aviad PINES, Aviram Fireberger, Oron Golan
Принадлежит: Microsoft Technology Licensing LLC

The disclosure is directed towards the detection of supply chain-related security threats to software applications. One method includes identifying differences between updated source code and previous source. The updated source code corresponds to an updated version of an application. The previous source code corresponds to a previous version of the application. A risk score is determined for the updated version. The risk score is based on a machine learning (ML) risk model. The ML risk model analyzes the differences between the updated source code and the previous source code. A value of the risk score corresponds to potential security threats that are associated with the updated version. The potential security threats are not associated with the previous version of the application. The risk score is provided to interested parties.

Подробнее
Номер записи: 14
23-07-2024 дата публикации

Secure data replication systems and methods

Номер: US12045237B2
Автор: Adir ATIAS, Aviad PINES, Aviram Fireberger, Evgeny LUTSKY, Oron Golan
Принадлежит: Microsoft Technology Licensing LLC

One method embodiment includes receiving input creating a data distribution restriction implemented to restrict distribution of data by publisher nodes located in at least one geographic or political area to subscriber nodes outside of the at least one geographic or political area. The method then queries a subscription repository storing data defining subscriptions to publisher node data events on publisher nodes located in the at least one geographic or political area to identify existing subscriptions to data events about the particular data by subscriber nodes located outside of the at least one geographic or political area. The method may then output the query results identifying existing subscriber node subscriptions contrary to the new or newly modified data distribution restriction. The received input may then be stored in a database such that subsequent changes are conditionally limited by the new or newly modified data distribution restriction.

Подробнее
Номер записи: 15
03-08-2023 дата публикации

Secure data replication systems and methods

Номер: WO2023146739A1
Автор: Adir ATIAS, Aviad PINES, Aviram Fireberger, Evgeny LUTSKY, Oron Golan
Принадлежит: Microsoft Technology Licensing, LLC.

One method embodiment includes receiving input creating a data distribution restriction implemented to restrict distribution of data by publisher nodes located in at least one geographic or political area to subscriber nodes outside of the at least one geographic or political area. The method then queries a subscription repository storing data defining subscriptions to publisher node data events on publisher nodes located in the at least one geographic or political area to identify existing subscriptions to data events about the particular data by subscriber nodes located outside of the at least one geographic or political area. The method may then output the query results identifying existing subscriber node subscriptions contrary to the new or newly modified data distribution restriction. The received input may then be stored in a database such that subsequent changes are conditionally limited by the new or newly modified data distribution restriction.

Подробнее
Номер записи: 16
03-08-2023 дата публикации

Secure data replication systems and methods

Номер: US20230244668A1
Автор: Adir ATIAS, Aviad PINES, Aviram Fireberger, Evgeny LUTSKY, Oron Golan
Принадлежит: Microsoft Technology Licensing LLC

One method embodiment includes receiving input creating a data distribution restriction implemented to restrict distribution of data by publisher nodes located in at least one geographic or political area to subscriber nodes outside of the at least one geographic or political area. The method then queries a subscription repository storing data defining subscriptions to publisher node data events on publisher nodes located in the at least one geographic or political area to identify existing subscriptions to data events about the particular data by subscriber nodes located outside of the at least one geographic or political area. The method may then output the query results identifying existing subscriber node subscriptions contrary to the new or newly modified data distribution restriction. The received input may then be stored in a database such that subsequent changes are conditionally limited by the new or newly modified data distribution restriction.

Подробнее
Номер записи: 17
03-08-2023 дата публикации

Secure data replication systems and methods

Номер: CA3242357A1
Автор: Adir ATIAS, Aviad PINES, Aviram Fireberger, Evgeny LUTSKY, Oron Golan
Принадлежит: Microsoft Technology Licensing LLC

One method embodiment includes receiving input creating a data distribution restriction implemented to restrict distribution of data by publisher nodes located in at least one geographic or political area to subscriber nodes outside of the at least one geographic or political area. The method then queries a subscription repository storing data defining subscriptions to publisher node data events on publisher nodes located in the at least one geographic or political area to identify existing subscriptions to data events about the particular data by subscriber nodes located outside of the at least one geographic or political area. The method may then output the query results identifying existing subscriber node subscriptions contrary to the new or newly modified data distribution restriction. The received input may then be stored in a database such that subsequent changes are conditionally limited by the new or newly modified data distribution restriction.

Подробнее
Номер записи: 18
20-06-2024 дата публикации

Secure data replication systems and methods

Номер: AU2023212693A1
Автор: Adir ATIAS, Aviad PINES, Aviram Fireberger, Evgeny LUTSKY, Oron Golan
Принадлежит: Microsoft Technology Licensing LLC

One method embodiment includes receiving input creating a data distribution restriction implemented to restrict distribution of data by publisher nodes located in at least one geographic or political area to subscriber nodes outside of the at least one geographic or political area. The method then queries a subscription repository storing data defining subscriptions to publisher node data events on publisher nodes located in the at least one geographic or political area to identify existing subscriptions to data events about the particular data by subscriber nodes located outside of the at least one geographic or political area. The method may then output the query results identifying existing subscriber node subscriptions contrary to the new or newly modified data distribution restriction. The received input may then be stored in a database such that subsequent changes are conditionally limited by the new or newly modified data distribution restriction.

Подробнее
Номер записи: 19
06-11-2024 дата публикации

Database management engine for a database management system

Номер: EP4457679A1
Автор: Adir ATIAS, Aviad PINES, Aviram Fireberger, Evgeny LUTSKY, Oron Golan
Принадлежит: Microsoft Technology Licensing LLC

Methods, systems, and computer storage media provide a privacy compliance notification indicating a database's level of compliance with a privacy policy after restoring the database to the database's backup copy. The database is associated with a database management engine. The database supports privacy-based first-class data entities. The privacy-based first-class data entities are database entities having privacy system-level metadata properties associated with data operations in a database language syntax. The privacy compliance notification may be generated based on determining whether a privacy database operation associated with a database journal and a privacy journal has been executed on a database since the database was restored to a backup copy of the database. The database transaction journal includes a transaction log of database operations executed against the database, and the privacy journal includes the database operations logged as privacy database operations associated with the plurality of privacy-based first-class data entities.

Подробнее
Номер записи: 20