WO2004111760A3 - Application layer security method and system - Google Patents

Application layer security method and system Download PDF

Info

Publication number
WO2004111760A3
WO2004111760A3 PCT/US2004/016740 US2004016740W WO2004111760A3 WO 2004111760 A3 WO2004111760 A3 WO 2004111760A3 US 2004016740 W US2004016740 W US 2004016740W WO 2004111760 A3 WO2004111760 A3 WO 2004111760A3
Authority
WO
WIPO (PCT)
Prior art keywords
application
security method
operation request
layer security
illegal
Prior art date
Application number
PCT/US2004/016740
Other languages
French (fr)
Other versions
WO2004111760A2 (en
Inventor
Yuval Ben-Itzhak
Original Assignee
Kavado Inc
Yuval Ben-Itzhak
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kavado Inc, Yuval Ben-Itzhak filed Critical Kavado Inc
Priority to JP2006533459A priority Critical patent/JP2007535017A/en
Priority to EP04753556A priority patent/EP1627308A4/en
Publication of WO2004111760A2 publication Critical patent/WO2004111760A2/en
Priority to IL172178A priority patent/IL172178A/en
Publication of WO2004111760A3 publication Critical patent/WO2004111760A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0245Filtering by information in the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Abstract

The invention provides an application layer security method and system to secure trusted computer applications from executing out of their intended and authorized scope caused by illegal or harmful operation requests received from a distrusted environment. In an embodiment of the invention, a protective layer is implemented in between a trusted application and distrusted application operation requests. In operation, the protective layer identifies an application path of each operation request. Depending on the application path identified, one or more security pipes scrutinize the application contents of the operation request to determine if the operation request is illegal or harmful to the application or a surrounding environment.
PCT/US2004/016740 2003-05-28 2004-05-27 Application layer security method and system WO2004111760A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
JP2006533459A JP2007535017A (en) 2003-05-28 2004-05-27 Application layer security method and application layer security system
EP04753556A EP1627308A4 (en) 2003-05-28 2004-05-27 Application layer security method and system
IL172178A IL172178A (en) 2003-05-28 2005-11-24 Application layer security method and system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/446,054 US7882555B2 (en) 2001-03-16 2003-05-28 Application layer security method and system
US10/446,054 2003-05-28

Publications (2)

Publication Number Publication Date
WO2004111760A2 WO2004111760A2 (en) 2004-12-23
WO2004111760A3 true WO2004111760A3 (en) 2005-12-29

Family

ID=33551234

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2004/016740 WO2004111760A2 (en) 2003-05-28 2004-05-27 Application layer security method and system

Country Status (5)

Country Link
US (1) US7882555B2 (en)
EP (1) EP1627308A4 (en)
JP (1) JP2007535017A (en)
IL (1) IL172178A (en)
WO (1) WO2004111760A2 (en)

Families Citing this family (105)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5826014A (en) * 1996-02-06 1998-10-20 Network Engineering Software Firewall system for protecting network elements connected to a public network
US7673323B1 (en) 1998-10-28 2010-03-02 Bea Systems, Inc. System and method for maintaining security in a distributed computer network
US6158010A (en) * 1998-10-28 2000-12-05 Crosslogix, Inc. System and method for maintaining security in a distributed computer network
US7117267B2 (en) * 2001-06-28 2006-10-03 Sun Microsystems, Inc. System and method for providing tunnel connections between entities in a messaging system
US8578480B2 (en) 2002-03-08 2013-11-05 Mcafee, Inc. Systems and methods for identifying potentially malicious messages
US20060015942A1 (en) 2002-03-08 2006-01-19 Ciphertrust, Inc. Systems and methods for classification of messaging entities
US7096498B2 (en) * 2002-03-08 2006-08-22 Cipher Trust, Inc. Systems and methods for message threat management
US8561167B2 (en) 2002-03-08 2013-10-15 Mcafee, Inc. Web reputation scoring
US9237514B2 (en) * 2003-02-28 2016-01-12 Apple Inc. System and method for filtering access points presented to a user and locking onto an access point
US7444675B2 (en) * 2003-02-28 2008-10-28 Hewlett-Packard Development Company, L.P. Systems and methods for defining security information for web-services
US7949877B2 (en) * 2003-06-30 2011-05-24 Realnetworks, Inc. Rights enforcement and usage reporting on a client device
US9118710B2 (en) 2003-07-01 2015-08-25 Securityprofiling, Llc System, method, and computer program product for reporting an occurrence in different manners
US8984644B2 (en) 2003-07-01 2015-03-17 Securityprofiling, Llc Anti-vulnerability system, method, and computer program product
US9350752B2 (en) 2003-07-01 2016-05-24 Securityprofiling, Llc Anti-vulnerability system, method, and computer program product
US9118709B2 (en) 2003-07-01 2015-08-25 Securityprofiling, Llc Anti-vulnerability system, method, and computer program product
US8266699B2 (en) * 2003-07-01 2012-09-11 SecurityProfiling Inc. Multiple-path remediation
US9118711B2 (en) 2003-07-01 2015-08-25 Securityprofiling, Llc Anti-vulnerability system, method, and computer program product
US20070113272A2 (en) 2003-07-01 2007-05-17 Securityprofiling, Inc. Real-time vulnerability monitoring
US7568229B1 (en) 2003-07-01 2009-07-28 Symantec Corporation Real-time training for a computer code intrusion detection system
US9118708B2 (en) 2003-07-01 2015-08-25 Securityprofiling, Llc Multi-path remediation
US9100431B2 (en) 2003-07-01 2015-08-04 Securityprofiling, Llc Computer program product and apparatus for multi-path remediation
US7406714B1 (en) 2003-07-01 2008-07-29 Symantec Corporation Computer code intrusion detection system based on acceptable retrievals
US20050081055A1 (en) * 2003-10-10 2005-04-14 Bea Systems, Inc. Dynamically configurable distributed security system
US7743420B2 (en) 2003-12-02 2010-06-22 Imperva, Inc. Dynamic learning method and adaptive normal behavior profile (NBP) architecture for providing fast protection of enterprise applications
US20050188221A1 (en) * 2004-02-24 2005-08-25 Covelight Systems, Inc. Methods, systems and computer program products for monitoring a server application
US20050187934A1 (en) * 2004-02-24 2005-08-25 Covelight Systems, Inc. Methods, systems and computer program products for geography and time monitoring of a server application user
US20050188080A1 (en) * 2004-02-24 2005-08-25 Covelight Systems, Inc. Methods, systems and computer program products for monitoring user access for a server application
US20050188222A1 (en) * 2004-02-24 2005-08-25 Covelight Systems, Inc. Methods, systems and computer program products for monitoring user login activity for a server application
US7373524B2 (en) * 2004-02-24 2008-05-13 Covelight Systems, Inc. Methods, systems and computer program products for monitoring user behavior for a server application
US7490350B1 (en) 2004-03-12 2009-02-10 Sca Technica, Inc. Achieving high assurance connectivity on computing devices and defeating blended hacking attacks
US7840763B2 (en) * 2004-03-12 2010-11-23 Sca Technica, Inc. Methods and systems for achieving high assurance computing using low assurance operating systems and processes
US8266177B1 (en) 2004-03-16 2012-09-11 Symantec Corporation Empirical database access adjustment
US7422152B2 (en) 2004-05-13 2008-09-09 Cisco Technology, Inc. Methods and devices for providing scalable RFID networks
US7841005B2 (en) * 2004-05-21 2010-11-23 Computer Assoicates Think, Inc. Method and apparatus for providing security to web services
US20060047832A1 (en) * 2004-05-21 2006-03-02 Christopher Betts Method and apparatus for processing web service messages
US8458783B2 (en) * 2004-06-30 2013-06-04 Citrix Systems, Inc. Using application gateways to protect unauthorized transmission of confidential data via web applications
US8635690B2 (en) 2004-11-05 2014-01-21 Mcafee, Inc. Reputation based message processing
US8458467B2 (en) 2005-06-21 2013-06-04 Cisco Technology, Inc. Method and apparatus for adaptive application message payload content transformation in a network infrastructure element
US7664879B2 (en) 2004-11-23 2010-02-16 Cisco Technology, Inc. Caching content and state data at a network element
US7987272B2 (en) 2004-12-06 2011-07-26 Cisco Technology, Inc. Performing message payload processing functions in a network element on behalf of an application
US7725934B2 (en) 2004-12-07 2010-05-25 Cisco Technology, Inc. Network and application attack protection based on application layer message inspection
US8082304B2 (en) 2004-12-10 2011-12-20 Cisco Technology, Inc. Guaranteed delivery of application layer messages by a network element
US20060129810A1 (en) * 2004-12-14 2006-06-15 Electronics And Telecommunications Research Institute Method and apparatus for evaluating security of subscriber network
US8281401B2 (en) * 2005-01-25 2012-10-02 Whitehat Security, Inc. System for detecting vulnerabilities in web applications using client-side application interfaces
US7444331B1 (en) 2005-03-02 2008-10-28 Symantec Corporation Detecting code injection attacks against databases
US8656488B2 (en) * 2005-03-11 2014-02-18 Trend Micro Incorporated Method and apparatus for securing a computer network by multi-layer protocol scanning
US20060224628A1 (en) * 2005-03-29 2006-10-05 Bea Systems, Inc. Modeling for data services
US8086615B2 (en) * 2005-03-28 2011-12-27 Oracle International Corporation Security data redaction
US8046374B1 (en) 2005-05-06 2011-10-25 Symantec Corporation Automatic training of a database intrusion detection system
US7748027B2 (en) * 2005-05-11 2010-06-29 Bea Systems, Inc. System and method for dynamic data redaction
US7558796B1 (en) 2005-05-19 2009-07-07 Symantec Corporation Determining origins of queries for a database intrusion detection system
US8266327B2 (en) 2005-06-21 2012-09-11 Cisco Technology, Inc. Identity brokering in a network element
AU2006262182B2 (en) * 2005-06-22 2012-04-05 Aspira Women’s Health Inc. Biomarker for ovarian cancer: CTAP3-related proteins
US7774361B1 (en) 2005-07-08 2010-08-10 Symantec Corporation Effective aggregation and presentation of database intrusion incidents
US7690037B1 (en) 2005-07-13 2010-03-30 Symantec Corporation Filtering training data for machine learning
US7345585B2 (en) 2005-08-01 2008-03-18 Cisco Technology, Inc. Network based device for providing RFID middleware functionality
US8375423B2 (en) * 2005-09-23 2013-02-12 International Business Machines Corporation Authenticating a source of a scripted code
US8443442B2 (en) * 2006-01-31 2013-05-14 The Penn State Research Foundation Signature-free buffer overflow attack blocker
US8676876B2 (en) * 2006-06-27 2014-03-18 International Business Machines Corporation Synchronizing an active feed adapter and a backup feed adapter in a high speed, low latency data communications environment
US8296778B2 (en) 2006-06-27 2012-10-23 International Business Machines Corporation Computer data communications in a high speed, low latency data communications environment
US20070299936A1 (en) * 2006-06-27 2007-12-27 Borgendale Kenneth W Interactively streaming data from a database in a high speed, low latency data communications environment
US20070300234A1 (en) * 2006-06-27 2007-12-27 Eliezer Dekel Selecting application messages from an active feed adapter and a backup feed adapter for application-level data processing in a high speed, low latency data communications environment
US8122144B2 (en) 2006-06-27 2012-02-21 International Business Machines Corporation Reliable messaging using redundant message streams in a high speed, low latency data communications environment
US7797406B2 (en) * 2006-07-27 2010-09-14 Cisco Technology, Inc. Applying quality of service to application messages in network elements based on roles and status
US20080114938A1 (en) * 2006-11-14 2008-05-15 Borgendale Kenneth W Application Message Caching In A Feed Adapter
US8695015B2 (en) * 2006-12-06 2014-04-08 International Business Machines Corporation Application message conversion using a feed adapter
US20080140550A1 (en) * 2006-12-07 2008-06-12 Berezuk John F Generating a global system configuration for a financial market data system
US20080141273A1 (en) * 2006-12-11 2008-06-12 Borgendale Kenneth W Accessing Application Message Data In A Messaging Environment
US20080137830A1 (en) * 2006-12-12 2008-06-12 Bhogal Kulvir S Dispatching A Message Request To A Service Provider In A Messaging Environment
US8850451B2 (en) 2006-12-12 2014-09-30 International Business Machines Corporation Subscribing for application messages in a multicast messaging environment
US8327381B2 (en) * 2006-12-12 2012-12-04 International Business Machines Corporation Referencing message elements in an application message in a messaging environment
US7779156B2 (en) 2007-01-24 2010-08-17 Mcafee, Inc. Reputation based load balancing
US8214497B2 (en) 2007-01-24 2012-07-03 Mcafee, Inc. Multi-dimensional reputation scoring
US8763114B2 (en) 2007-01-24 2014-06-24 Mcafee, Inc. Detecting image spam
US8179798B2 (en) 2007-01-24 2012-05-15 Mcafee, Inc. Reputation based connection throttling
US20080196094A1 (en) * 2007-02-08 2008-08-14 Dlb Finance & Consultancy B.V. Method and system for restricting access to an electronic message system
US7917912B2 (en) 2007-03-27 2011-03-29 International Business Machines Corporation Filtering application messages in a high speed, low latency data communications environment
US7979896B2 (en) * 2007-04-20 2011-07-12 Microsoft Corporation Authorization for access to web service resources
US20090006560A1 (en) * 2007-06-27 2009-01-01 Bhogal Kulvir S Terminating An Application Message Subscription
US20090006559A1 (en) * 2007-06-27 2009-01-01 Bhogal Kulvir S Application Message Subscription Tracking In A High Speed, Low Latency Data Communications Environment
US8185930B2 (en) 2007-11-06 2012-05-22 Mcafee, Inc. Adjusting filter or classification control settings
US8010522B2 (en) * 2007-12-07 2011-08-30 International Business Machines Corporation System, method and program product for detecting SQL queries injected into data fields of requests made to applications
US8286000B2 (en) * 2007-12-07 2012-10-09 Novell, Inc. Techniques for dynamic generation and management of password dictionaries
US20090158403A1 (en) * 2007-12-14 2009-06-18 Dirk Leonard Benschop Method and system for permitting or denying service
US8412931B2 (en) * 2007-12-27 2013-04-02 Apple Inc. Techniques for credential strength analysis via failed intruder access attempts
US8239921B2 (en) * 2008-01-03 2012-08-07 Dlb Finance & Consultancy B.V. System and method of retrieving a service contact identifier
US8463921B2 (en) * 2008-01-17 2013-06-11 Scipioo Holding B.V. Method and system for controlling a computer application program
US7817636B2 (en) 2008-01-30 2010-10-19 Cisco Technology, Inc. Obtaining information on forwarding decisions for a packet flow
US8589503B2 (en) 2008-04-04 2013-11-19 Mcafee, Inc. Prioritizing network traffic
US8225400B2 (en) * 2008-05-13 2012-07-17 Verizon Patent And Licensing Inc. Security overlay network
US8732451B2 (en) * 2009-05-20 2014-05-20 Microsoft Corporation Portable secure computing network
KR101042857B1 (en) * 2009-09-03 2011-06-20 주식회사 잉카인터넷 method for blocking excution of hacking process
US8458774B2 (en) * 2009-11-02 2013-06-04 Authentify Inc. Method for secure site and user authentication
US8621638B2 (en) 2010-05-14 2013-12-31 Mcafee, Inc. Systems and methods for classification of messaging entities
US8578487B2 (en) 2010-11-04 2013-11-05 Cylance Inc. System and method for internet security
US9116717B2 (en) 2011-05-27 2015-08-25 Cylance Inc. Run-time interception of software methods
WO2013038418A1 (en) * 2011-09-14 2013-03-21 Infosys Limited System and method to authorize the access of the service to an end user
US8640239B2 (en) 2012-02-20 2014-01-28 International Business Machines Corporation Network intrusion detection in a network that includes a distributed virtual switch fabric
US9912641B2 (en) 2014-07-03 2018-03-06 Juniper Networks, Inc. System, method, and apparatus for inspecting online communication sessions via polymorphic security proxies
CN106302507A (en) * 2016-08-31 2017-01-04 北京盛世光明软件股份有限公司 A kind of method based on SSL network data analytic technique
US10325108B2 (en) * 2016-12-30 2019-06-18 Intel Corporation Method and apparatus for range based checkpoints in a storage device
US10348701B2 (en) * 2017-03-02 2019-07-09 Citrix Systems, Inc. Protecting clients from open redirect security vulnerabilities in web applications
US20200382524A1 (en) * 2019-05-28 2020-12-03 Brownie Technologies Ltd. System and method for a secure network
US11411875B1 (en) * 2020-03-31 2022-08-09 Juniper Networks, Inc. Network traffic control based on application identifier
US20220335229A1 (en) * 2021-04-16 2022-10-20 Bank Of America Corporation Apparatus and methods to contextually decipher and analyze hidden meaning in communications

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6321337B1 (en) * 1997-09-09 2001-11-20 Sanctum Ltd. Method and system for protecting operations of trusted internal networks

Family Cites Families (83)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US615844A (en) * 1898-12-13 Motor
JPS61133454A (en) * 1984-12-03 1986-06-20 Hitachi Ltd Terminal control system
US5191611A (en) * 1989-04-03 1993-03-02 Lang Gerald S Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients
US5073933A (en) * 1989-12-01 1991-12-17 Sun Microsystems, Inc. X window security system
US5220604A (en) * 1990-09-28 1993-06-15 Digital Equipment Corporation Method for performing group exclusion in hierarchical group structures
US5224163A (en) * 1990-09-28 1993-06-29 Digital Equipment Corporation Method for delegating authorization from one entity to another through the use of session encryption keys
US5315657A (en) * 1990-09-28 1994-05-24 Digital Equipment Corporation Compound principals in access control lists
US5166977A (en) * 1991-05-31 1992-11-24 Encrypto, Inc. Protocol converter for a secure fax transmission system
US5317742A (en) * 1991-06-21 1994-05-31 Racal-Datacom, Inc. Dynamic translation of network management primitives to queries to a database
GB9205774D0 (en) * 1992-03-17 1992-04-29 Int Computers Ltd Computer security system
US5611048A (en) * 1992-10-30 1997-03-11 International Business Machines Corporation Remote password administration for a computer network among a plurality of nodes sending a password update message to all nodes and updating on authorized nodes
US5566326A (en) * 1993-09-28 1996-10-15 Bull Hn Information Systems Inc. Copy file mechanism for transferring files between a host system and an emulated file system
US5559800A (en) * 1994-01-19 1996-09-24 Research In Motion Limited Remote control of gateway functions in a wireless data communication network
US5629981A (en) * 1994-07-29 1997-05-13 Texas Instruments Incorporated Information management and security system
US5944794A (en) * 1994-09-30 1999-08-31 Kabushiki Kaisha Toshiba User identification data management scheme for networking computer systems using wide area network
US5623601A (en) * 1994-11-18 1997-04-22 Milkway Networks Corporation Apparatus and method for providing a secure gateway for communication and data exchanges between networks
US5892900A (en) * 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
CA2683230C (en) * 1995-02-13 2013-08-27 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US5594227A (en) * 1995-03-28 1997-01-14 Microsoft Corporation System and method for protecting unauthorized access to data contents
US5889953A (en) * 1995-05-25 1999-03-30 Cabletron Systems, Inc. Policy management and conflict resolution in computer networks
US6513060B1 (en) * 1998-08-27 2003-01-28 Internetseer.Com Corp. System and method for monitoring informational resources
US5941947A (en) * 1995-08-18 1999-08-24 Microsoft Corporation System and method for controlling access to data entities in a computer network
US5657390A (en) * 1995-08-25 1997-08-12 Netscape Communications Corporation Secure socket layer application program apparatus and method
US5623600A (en) * 1995-09-26 1997-04-22 Trend Micro, Incorporated Virus detection and removal apparatus for computer networks
US5724355A (en) * 1995-10-24 1998-03-03 At&T Corp Network access to internet and stored multimedia services from a terminal supporting the H.320 protocol
WO1997025798A1 (en) * 1996-01-11 1997-07-17 Mrj, Inc. System for controlling access and distribution of digital property
US5826014A (en) * 1996-02-06 1998-10-20 Network Engineering Software Firewall system for protecting network elements connected to a public network
US5774695A (en) * 1996-03-22 1998-06-30 Ericsson Inc. Protocol interface gateway and method of connecting an emulator to a network
JP3636399B2 (en) * 1996-05-29 2005-04-06 富士通株式会社 Protocol conversion system and protocol conversion method
US5748884A (en) * 1996-06-13 1998-05-05 Mci Corporation Autonotification system for notifying recipients of detected events in a network environment
US6154844A (en) 1996-11-08 2000-11-28 Finjan Software, Ltd. System and method for attaching a downloadable security profile to a downloadable
US6167520A (en) * 1996-11-08 2000-12-26 Finjan Software, Inc. System and method for protecting a client during runtime from hostile downloadables
US5908469A (en) * 1997-02-14 1999-06-01 International Business Machines Corporation Generic user authentication for network computers
US6105027A (en) * 1997-03-10 2000-08-15 Internet Dynamics, Inc. Techniques for eliminating redundant access checking by access filters
US5983270A (en) * 1997-03-11 1999-11-09 Sequel Technology Corporation Method and apparatus for managing internetwork and intranetwork activity
US5974549A (en) * 1997-03-27 1999-10-26 Soliton Ltd. Security monitor
US5968176A (en) * 1997-05-29 1999-10-19 3Com Corporation Multilayer firewall system
US6470386B1 (en) * 1997-09-26 2002-10-22 Worldcom, Inc. Integrated proxy interface for web based telecommunications management tools
US5870544A (en) * 1997-10-20 1999-02-09 International Business Machines Corporation Method and apparatus for creating a secure connection between a java applet and a web server
US6317868B1 (en) * 1997-10-24 2001-11-13 University Of Washington Process for transparently enforcing protection domains and access control as well as auditing operations in software components
US6035423A (en) * 1997-12-31 2000-03-07 Network Associates, Inc. Method and system for providing automated updating and upgrading of antivirus applications using a computer network
US6298445B1 (en) * 1998-04-30 2001-10-02 Netect, Ltd. Computer security
AU3781399A (en) 1998-04-30 1999-11-16 Bindview Development Corporation Computer security
US6311278B1 (en) * 1998-09-09 2001-10-30 Sanctum Ltd. Method and system for extracting application protocol characteristics
AU9093798A (en) 1998-09-10 2000-04-03 Sanctum, Inc. Method and system for protecting operations of trusted internal networks
AU9094198A (en) 1998-09-10 2000-04-03 Sanctum Ltd. Method and system for maintaining restricted operating environments for application programs or operating systems
US6158010A (en) * 1998-10-28 2000-12-05 Crosslogix, Inc. System and method for maintaining security in a distributed computer network
US6266774B1 (en) * 1998-12-08 2001-07-24 Mcafee.Com Corporation Method and system for securing, managing or optimizing a personal computer
US6226372B1 (en) * 1998-12-11 2001-05-01 Securelogix Corporation Tightly integrated cooperative telecommunications firewall and scanner with distributed capabilities
US6477651B1 (en) * 1999-01-08 2002-11-05 Cisco Technology, Inc. Intrusion detection system and method having dynamically loaded signatures
US6754664B1 (en) * 1999-07-02 2004-06-22 Microsoft Corporation Schema-based computer system health monitoring
US6684329B1 (en) * 1999-07-13 2004-01-27 Networks Associates Technology, Inc. System and method for increasing the resiliency of firewall systems
US6356906B1 (en) * 1999-07-26 2002-03-12 Microsoft Corporation Standard database queries within standard request-response protocols
US6842758B1 (en) * 1999-07-30 2005-01-11 Computer Associates Think, Inc. Modular method and system for performing database queries
US6647400B1 (en) * 1999-08-30 2003-11-11 Symantec Corporation System and method for analyzing filesystems to detect intrusions
DE60033615T2 (en) * 1999-10-21 2007-10-31 International Business Machines Corp. Method and system to force the distribution of IP datagrams to multiple servers according to a defined strategy
US6510464B1 (en) * 1999-12-14 2003-01-21 Verizon Corporate Services Group Inc. Secure gateway having routing feature
US6957348B1 (en) * 2000-01-10 2005-10-18 Ncircle Network Security, Inc. Interoperability of vulnerability and intrusion detection systems
US6782418B1 (en) * 2000-01-24 2004-08-24 General Electric Company Method and apparatus for secure data file uploading
GB0003920D0 (en) * 2000-02-21 2000-04-05 Ncipher Corp Limited Computer system
IL151455A0 (en) * 2000-03-03 2003-04-10 Sanctum Ltd System for determining web application vulnerabilities
CA2375206A1 (en) * 2000-03-27 2001-10-04 Network Security Systems, Inc. Internet/network security method and system for checking security of a client from a remote facility
EP1161048A3 (en) 2000-05-19 2005-02-16 Attachmate Corporation System and method for secure duplex browser communication over disparate networks
US6766368B1 (en) * 2000-05-23 2004-07-20 Verizon Laboratories Inc. System and method for providing an internet-based correlation service
TW494292B (en) 2000-06-01 2002-07-11 Asgent Inc Method of establishing a security policy, and apparatus for supporting establishment of security policy
JP2002056176A (en) 2000-06-01 2002-02-20 Asgent Inc Method and device for structuring security policy and method and device for supporting security policy structuring
US7152240B1 (en) * 2000-07-25 2006-12-19 Green Stuart D Method for communication security and apparatus therefor
US6668282B1 (en) * 2000-08-02 2003-12-23 International Business Machines Corporation System and method to monitor and determine if an active IPSec tunnel has become disabled
US6970943B1 (en) * 2000-10-11 2005-11-29 Nortel Networks Limited Routing architecture including a compute plane configured for high-speed processing of packets to provide application layer support
US6996845B1 (en) * 2000-11-28 2006-02-07 S.P.I. Dynamics Incorporated Internet security analysis system and process
US7647402B2 (en) * 2001-03-08 2010-01-12 International Business Machines Corporation Protecting contents of computer data files from suspected intruders by renaming and hiding data files subjected to intrusion
US7313822B2 (en) 2001-03-16 2007-12-25 Protegrity Corporation Application-layer security method and system
WO2002079907A2 (en) * 2001-03-29 2002-10-10 Accenture Llp Overall risk in a system
US20020162021A1 (en) * 2001-04-30 2002-10-31 Audebert Yves Louis Gabriel Method and system for establishing a remote connection to a personal security device
US7107610B2 (en) * 2001-05-11 2006-09-12 Intel Corporation Resource authorization
US20030056116A1 (en) * 2001-05-18 2003-03-20 Bunker Nelson Waldo Reporter
US6944678B2 (en) * 2001-06-18 2005-09-13 Transtech Networks Usa, Inc. Content-aware application switch and methods thereof
US20030135749A1 (en) * 2001-10-31 2003-07-17 Gales George S. System and method of defining the security vulnerabilities of a computer system
AU2002360844A1 (en) * 2001-12-31 2003-07-24 Citadel Security Software Inc. Automated computer vulnerability resolution system
US7269851B2 (en) * 2002-01-07 2007-09-11 Mcafee, Inc. Managing malware protection upon a computer network
US7290275B2 (en) * 2002-04-29 2007-10-30 Schlumberger Omnes, Inc. Security maturity assessment method
US6952779B1 (en) * 2002-10-01 2005-10-04 Gideon Cohen System and method for risk detection and analysis in a computer network
US20040123141A1 (en) * 2002-12-18 2004-06-24 Satyendra Yadav Multi-tier intrusion detection system

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6321337B1 (en) * 1997-09-09 2001-11-20 Sanctum Ltd. Method and system for protecting operations of trusted internal networks

Also Published As

Publication number Publication date
IL172178A0 (en) 2011-08-01
JP2007535017A (en) 2007-11-29
EP1627308A4 (en) 2009-02-04
EP1627308A2 (en) 2006-02-22
US20030204719A1 (en) 2003-10-30
WO2004111760A2 (en) 2004-12-23
IL172178A (en) 2011-10-31
US7882555B2 (en) 2011-02-01

Similar Documents

Publication Publication Date Title
WO2004111760A3 (en) Application layer security method and system
Bertino Data Security and Privacy in the IoT.
WO2007011816A3 (en) An improved means for protecting computers from malicious software
WO2003034188A3 (en) Method and system for detecting unauthorised executable programs _______________________________________________________________
WO2006065956A3 (en) Protecting computing systems from unauthorized programs
WO2010144815A3 (en) System and method for providing security aboard a moving platform
WO2006078446A3 (en) Intrusion detection system
US20190104116A1 (en) Secure service matching
WO2007096871A3 (en) Device, system and method of accessing a security token
WO2004090667A3 (en) Method and apparatus for extending protected content access with peer to peer applications
WO2006023116A3 (en) System and method for enabling device dependent rights protection
WO2007147495A3 (en) Method and system for intrusion detection
GB2430781A (en) Security for computer software
WO2006074294A3 (en) Methods and apparatus providing security to computer systems and networks
WO2007094942A3 (en) Dynamic threat event management system and method
WO2009158531A3 (en) Licensing protected content to application sets
WO2004046934A3 (en) Secure memory for protecting against malicious programs
WO2005029216A3 (en) The method of safe certification service
WO2008033236A3 (en) System and methods for an identity theft protection bot
WO2005029249A3 (en) Secure network system and associated method of use
WO2006101549A3 (en) Secure system for allowing the execution of authorized computer program code
TWI256227B (en) Device, system and method to manage security credentials in a protected computer network domain
WO2008090374A3 (en) Trusted computing entities
Gollmann et al. Cyber-physical systems security
WO2003049106A3 (en) Method and apparatus for verifying the integrity of system data

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 172178

Country of ref document: IL

WWE Wipo information: entry into national phase

Ref document number: 2006533459

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 2004753556

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2004753556

Country of ref document: EP