Security system for computer systems

Number of patents in Portfolio can not be more than 2000

United States of America Patent

PATENT NO 5859966
SERIAL NO

08541636

Stats

ATTORNEY / AGENT: (SPONSORED)

Importance

Loading Importance Indicators... loading....

Abstract

See full text

A security system for a computer system imposes specific limitations on who has access to the computer system and to exactly what operations and data. Viruses are securely contained and prevented from expanding into areas where they can destroy stored programs or data. Viruses are also prevented from being introduced or executed in a large number of instances. The totality of computer functions is broken up into a set of events with an associated set of capabilities and different capabilities are assigned to each user depending on the particular job which that user is to do on the computer system. Also, security labels are placed on each data file and other system resources, and on each process. Further, a range of hierarchy/category labels (MAC labels) is assigned to each process to define a sub-lattice in which special capabilities can apply. Further, the hierarchy of labels is divided into a small number (for example 3) of regions, and a process operating in one region is generally not allowed to cross over into another region. Further, an owner of a data file is allowed to place restrictions on the file so that only users who posses certain privileges can gain access to the file.

Loading the Abstract Image... loading....

First Claim

See full text

Family

Loading Family data... loading....

Patent Owner(s)

Patent OwnerAddressTotal Patents
DATA GENERAL CORPORATIONWESTBORO, MA52

International Classification(s)

  • [Classification Symbol]
  • [Patents Count]

Inventor(s)

Inventor Name Address # of filed Patents Total Citations
Hayman, Kenneth John Durham, NC 3 161
Keene, Michael Donovan Coral Springs, FL 2 118
Lewine, Eric Scott Apex, NC 2 113
Meyers, William James Research Triangle Park, NC 1 113
Spencer, Jon Frederick Raleigh, NC 1 113
Taylor, II Millard Cranford Chapel Hill, NC 1 113

Cited Art Landscape

Patent Info (Count) # Cites Year
 
Other [Check patent profile for assignment information] (1)
* 5121345 System and method for protecting integrity of computer data and software 156 1990
 
SYBASE, INC. (1)
* 5572673 Secure multi-level system for executing stored procedures 172 1993
 
HUGHES SIMULATION SYSTEMS, INC. (1)
* 5263147 System for providing high security for personal computers and workstations 82 1991
 
SECURE COMPUTING CORPORATION (1)
* 4713753 Secure data processing system architecture with format control 319 1985
 
Digital Corporation (1)
* 5204961 Computer network operating with multilevel hierarchical security with selectable common trust realms and corresponding security protocols 263 1990
 
IPG HEALTHCARE 501 LIMITED (1)
* 5335346 Access control policies for an object oriented database, including access control lists which span across object boundaries 302 1991
 
HUGHES AIRCRAFT COMPANY (1)
* 5504814 Efficient security kernel for the 80960 extended architecture 242 1994
 
TANDEM COMPUTERS INCORPORATED (1)
* 5265221 Access restriction facility method and apparatus 155 1992
 
INTERNATIONAL COMPUTERS LIMITED (1)
* 5339403 Access control in a distributed computer system 76 1993
 
ROUND ROCK RESEARCH, LLC (1)
* 5577209 Apparatus and method for providing multi-level security for communication among computers and terminals on a network 300 1994
 
GREEN WIRELESS LLC (2)
* 5355474 System for multilevel secure database management using a knowledge base with release-based and other security constraints for query, response and update modification 272 1991
* 5481700 Apparatus for design of a multilevel secure database management system based on a multilevel logic programming system 118 1991
 
INTEL CORPORATION (1)
* 4442484 Microprocessor memory management and protection mechanism 177 1980
 
INTERSIL CORPORATION (1)
* 5469556 Resource access security system for controlling access to resources of a data processing system 53 1992
 
GENSYM CORPORATION (1)
* 5432934 Access restrictions as a means of configuring a user interface and making an application secure 48 1993
 
RAYTHEON COMPANY (1)
* 5283828 Architecture for utilizing coprocessing systems to increase performance in security adapted computer systems 66 1993
 
RAKUTEN, INC. (1)
* 5455953 Authorization system for obtaining in single step both identification and access rights of client to server directly from encrypted authorization ticket 447 1993
 
AT&T CORP. (1)
* 5375244 System and method for granting access to a resource 193 1992
* Cited By Examiner

Patent Citation Ranking

Forward Cite Landscape

Patent Info (Count) # Cites Year
 
Other [Check patent profile for assignment information] (9)
* 6226745 Information sharing system and method with requester dependent sharing and security rules 160 1998
* 2002/0007,413 System and method for using a mapping between client addresses and addresses of caches to support content delivery 211 2001
* 2001/0023,486 Security management system and security managing method 22 2001
* 2005/0171,737 Method and apparatus for assessing the security of a computer system 5 2005
* 2006/0179,434 Software application environment 1 2006
* 2008/0295,181 METHOD FOR PROTECTING COMPUTER PROGRAMS AND DATA FROM HOSTILE CODE 4 2008
* 2008/0222,429 DATA MANAGEMENT SYSTEM 1 2008
* 2008/0201,777 Method and Agent for the Protection Against the Unauthorized Use of Computer Resources 0 2008
9792296 Clustered filesystem with data volume snapshot 0 2014
 
TREND MICRO INCORPORATED (1)
* 7454788 Method for adding and enforcing enhanced authorization policy on devices in computer operation systems 1 2001
 
ADARA NETWORKS, INC. (12)
7725596 System and method for resolving network layer anycast addresses to network layer unicast addresses 25 2001
* 7577754 System and method for controlling access to content carried in a caching architecture 21 2001
7565450 System and method for using a mapping between client addresses and addresses of caches to support content delivery 58 2001
* 2009/0013,083 SYSTEM AND METHOD FOR USING A MAPPING BETWEEN CLIENT ADDRESSES AND ADDRESSES OF CACHES TO SUPPORT CONTENT DELIVERY 22 2001
7343422 System and method for using uniform resource locators to map application layer content names to network layer anycast addresses 48 2001
* 2002/0026,511 System and method for controlling access to content carried in a caching architecture 69 2001
* 2002/0016,860 System and method for resolving network layer anycast addresses to network layer unicast addresses 33 2001
* 2002/0010,737 System and method for using uniform resource locators to map application layer content names to network layer anycast addresses 12 2001
8433787 System and method for directing clients to optimal servers in computer networks 1 2009
8423666 System and method for directing clients to optimal servers in computer networks 2 2009
* 2011/0093,586 SYSTEM AND METHOD FOR DIRECTING CLIENTS TO OPTIMAL SERVERS IN COMPUTER NETWORKS 5 2009
* 2010/0198,913 SYSTEM AND METHOD DIRECTING CLIENTS TO OPTIMAL SERVERS IN COMPUTER NETWORKS 8 2009
 
SCHNEIDER ELECTRIC SYSTEMS USA, INC. (24)
* 7272815 Methods and apparatus for control configuration with versioning, security, composite blocks, edit selection, object swapping, formulaic values and other aspects 227 2000
7761923 Process control methods and apparatus for intrusion detection, protection and network hardening 20 2005
8368640 Process control configuration system with connection validation and configuration 2 2006
* 2006/0206,860 Process control configuration system with connection validation and configuration 53 2006
7860857 Digital data processing apparatus and methods for improving plant performance 4 2007
8090452 Methods and apparatus for control using control devices that provide a virtual machine environment and that communicate via an IP network 25 2007
8023500 Methods for process control with change updates 1 2007
* 2008/0134,215 METHODS FOR PROCESS CONTROL WITH CHANGE UPDATES 14 2007
7890927 Apparatus and method for configuring and editing a control system with live data 27 2008
* 2009/0125,130 CONTROL SYSTEM EDITOR AND METHODS WITH LIVE DATA 26 2008
8229579 Control systems and methods with versioning 13 2008
8060222 Control system configurator and methods with object characteristic swapping 9 2008
8028272 Control system configurator and methods with edit selection 21 2008
8028275 Control systems and methods with smart blocks 8 2008
7984420 Control systems and methods with composite blocks 15 2008
* 2009/0125,128 Control systems and methods with versioning 36 2008
* 2009/0125,129 CONTROL SYSTEM CONFIGURATOR AND METHODS WITH EDIT SELECTION 23 2008
* 2009/0125,131 CONTROL SYSTEMS AND METHODS WITH COMPOSITE BLOCKS 23 2008
8225271 Apparatus for control systems with objects that are associated with live data 17 2008
* 2009/0132,996 Apparatus for control systems with objects that are associated with live data 36 2008
8127060 Methods and apparatus for control configuration with control objects that are fieldbus protocol-aware 48 2009
* 2010/0223,593 METHODS AND APPARATUS FOR CONTROL CONFIGURATION WITH OBJECT HIERARCHY, VERSIONING, CHANGE RECORDS, OBJECT COMPARISON, AND OTHER ASPECTS 20 2010
8463964 Methods and apparatus for control configuration with enhanced change-tracking 3 2010
* 2011/0093,098 METHODS AND APPARATUS FOR CONTROL CONFIGURATION WITH ENHANCED CHANGE-TRACKING 16 2010
 
ONLINE VIDEO NETWORK, INC. (4)
7908337 System and method for using network layer uniform resource locator routing to locate the closest server carrying specific content 65 2001
* 2002/0004,846 System and method for using network layer uniform resource locator routing to locate the closest server carrying specific content 91 2001
8572214 System and method for discovering information objects and information object repositories in computer networks 53 2006
* 2006/0271,705 System and method for discovering information objects and information object repositories in computer networks 40 2006
 
HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP (2)
* 7167987 Use of biometrics to provide physical and logic access to computer devices 4 2001
* 2003/0046,553 Use of biometrics to provide physical and logic access to computer devices 2 2001
 
NULLRING, INC (2)
* 7840795 Method and apparatus for limiting access to sensitive data 2 2007
* 2008/0091,934 Method and apparatus for limiting access to sensitive data 15 2007
 
AZURE NETWORKS, LLC (3)
* 2004/0073,617 Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail 170 2003
* 2010/0205,671 HASH-BASED SYSTEMS AND METHODS FOR DETECTING AND PREVENTING TRANSMISSION OF POLYMORPHIC NETWORK WORMS AND VIRUSES 2 2010
* 2010/0205,265 HASH-BASED SYSTEMS AND METHODS FOR DETECTING AND PREVENTING TRANSMISSION OF UNWANTED E-MAIL 14 2010
 
THE UNITED STATES OF AMERICA, AS REPRESENTED BY THE SECRETARY OF COMMERCE (1)
* 6023765 Implementation of role-based access control in multi-level secure systems 221 1997
 
Promisec Ltd. (4)
8566939 Method and device for scanning a plurality of computerized devices connected to a network 0 2006
* 2006/0184,682 Method and device for scanning a plurality of computerized devices connected to a network 20 2006
8544099 Method and device for questioning a plurality of computerized devices 0 2010
* 2010/0235,920 METHOD AND DEVICE FOR QUESTIONING A PLURALITY OF COMPUTERIZED DEVICES 1 2010
 
Trigence Corp. (2)
* 7757291 Malware containment by application encapsulation 5 2006
* 2006/0265,761 Malware containment by application encapsulation 22 2006
 
@Seurity Broadband Corp. (1)
7119609 Lifestyle multimedia security system 21 2003
 
PROMISEC LTD. ISRAELI COMPANY, OF (2)
7752671 Method and device for questioning a plurality of computerized devices 5 2005
* 2006/0075,128 Method and device for questioning a plurality of computerized devices 6 2005
 
BULL SAS (2)
* 8627406 Device for protection of the data and executable codes of a computer system 0 2007
* 2009/0037,730 Device For Protection of the Data and Executable Codes of a Computer System 0 2007
 
ORACLE AMERICA, INC. (1)
* 8032500 Dynamic sending policies and client-side disaster recovery mechanism for messaging communication 0 2005
 
ROCHE DIABETES CARE, INC. (2)
* 8566818 Method and system for configuring a consolidated software application 4 2007
* 2009/0150,831 Method and system for configuring a consolidated software application 5 2007
 
ORACLE INTERNATIONAL CORPORATION (3)
* 8316051 Techniques for adding multiple security policies to a database system 10 2001
8510334 Lock manager on disk 2 2009
* 2011/0106,778 LOCK MANAGER ON DISK 9 2009
 
MCAFEE, LLC (1)
* 6453419 System and method for implementing a security policy 132 1998
 
FINJAN, INC. (21)
* 6167520 System and method for protecting a client during runtime from hostile downloadables 132 1997
* 6154844 System and method for attaching a downloadable security profile to a downloadable 301 1997
6804780 System and method for protecting a computer and a network from hostile downloadables 126 2000
6480962 System and method for protecting a client during runtime from hostile downloadables 86 2000
7058822 Malicious mobile code runtime monitoring system and methods 108 2001
6965968 Policy-based caching 144 2003
7418731 Method and system for caching at secure gateways 17 2004
* 2005/0005,107 Method and system for caching at secure gateways 26 2004
8225408 Method and system for adaptive rule-based content scanners 10 2004
* 2005/0108,554 Method and system for adaptive rule-based content scanners 40 2004
7975305 Method and system for adaptive rule-based content scanners for desktop computers 23 2004
* 2005/0240,999 Method and system for adaptive rule-based content scanners for desktop computers 96 2004
7647633 Malicious mobile code runtime monitoring system and methods 14 2005
7613926 Method and system for protecting a computer and a network from hostile downloadables 23 2006
* 2006/0149,968 Method and system for protecting a computer and a network from hostile downloadables 19 2006
8079086 Malicious mobile code runtime monitoring system and methods 15 2009
8677494 Malicious mobile code runtime monitoring system and methods 5 2011
9444844 Malicious mobile code runtime monitoring system and methods 0 2014
9189621 Malicious mobile code runtime monitoring system and methods 4 2015
9141786 Malicious mobile code runtime monitoring system and methods 4 2015
9219755 Malicious mobile code runtime monitoring system and methods 4 2015
 
MICROSOFT TECHNOLOGY LICENSING, LLC (2)
* 7730318 Integration of high-assurance features into an application through application factoring 8 2003
* 2005/0091,661 Integration of high-assurance features into an application through application factoring 12 2003
 
STRAGENT, LLC (3)
8204945 Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail 9 2008
8272060 Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses 4 2010
8166549 Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses 0 2010
 
SAFENET DATA SECURITY (ISRAEL) LTD. (1)
* 7047369 Software application environment 14 1997
 
BIT9, INC. (1)
8984636 Content extractor and analysis system 0 2005
 
BEA SYSTEMS, INC. (1)
* 2009/0178,111 SYSTEM AND METHOD FOR MAINTAINING SECURITY IN A DISTRIBUTED COMPUTER NETWORK 65 2009
 
CANON KABUSHIKI KAISHA (2)
* 7834890 Information processing method and image processing method 2 2004
* 2005/0131,857 Information processing method and image processing method 9 2004
 
INTERNATIONAL BUSINESS MACHINES CORPORATION (14)
* 7370366 Data management system and method 19 2001
* 2003/0097,583 Data management system and method 12 2001
7698441 Intelligent use of user data to pre-emptively prevent execution of a query violating access controls 5 2002
* 2004/0068,661 Intelligent use of user data to pre-emptively prevent execution of a query violating access controls 12 2002
6928554 Method of query return data analysis for early warning indicators of possible security exposures 11 2002
* 2004/0088,561 Method of query return data analysis for early warning indicators of possible security exposures 8 2002
* 2004/0093,514 Method for automatically isolating worm and hacker attacks within a local area network 6 2002
7392246 Method for implementing access control for queries to a content management system 2 2003
* 2004/0162,825 System and method for implementing access control for queries to a content management system 3 2003
* 7890530 Method and system for controlling access to data via a data-centric security model 5 2008
* 2009/0198,697 METHOD AND SYSTEM FOR CONTROLLING ACCESS TO DATA VIA A DATA-CENTRIC SECURITY MODEL 10 2008
7818581 Data management system 1 2008
7761443 Implementing access control for queries to a content management system 6 2008
* 2008/0222,708 IMPLEMENTING ACCESS CONTROL FOR QUERIES TO A CONTENT MANAGEMENT SYSTEM 2 2008
 
CENUS TECHNOLOGIES, INC. (2)
7162539 System and method for discovering information objects and information object repositories in computer networks 90 2001
* 2001/0056,416 System and method for discovering information objects and information object repositories in computer networks 165 2001
 
BUFFERZONE SECURITY LTD. (9)
* 7363493 Method for protecting computer programs and data from hostile code 14 2002
* 2002/0147,923 Method for protecting computer programs and data from hostile code 14 2002
8078886 Method for protecting computer programs and data from hostile code 7 2009
* 2010/0058,472 METHOD FOR PROTECTING COMPUTER PROGRAMS AND DATA FROM HOSTILE CODE 4 2009
8850428 User transparent virtualization method for protecting computer programs and data from hostile code 4 2010
8484483 Method for protecting computer programs and data from hostile code 5 2011
8838994 Method for protecting computer programs and data from hostile code 1 2013
9396326 User transparent virtualization method for protecting computer programs and data from hostile code 0 2014
9390262 Method for protecting computer programs and data from hostile code 0 2014
 
Absio Corporation (2)
8627104 Secure data storage 1 2011
9104888 Secure data storage 0 2013
 
Bit 9, Inc. (6)
8272058 Centralized timed analysis in a network security system 23 2005
7895651 Content tracking in a network security system 20 2005
* 2007/0028,303 Content tracking in a network security system 134 2005
* 2007/0028,110 Content extractor and analysis system 31 2005
* 2007/0028,291 Parametric content control in a network security system 43 2005
* 2007/0028,304 Centralized timed analysis in a network security system 128 2005
 
CISCO TECHNOLOGY, INC. (1)
7516475 Method and apparatus for managing security policies on a network 10 2002
 
SILICON GRAPHICS INTERNATIONAL CORP. (15)
* 2003/0028,514 Extended attribute caching in clustered filesystem 113 2002
* 7640582 Clustered filesystem for mix of trusted and untrusted nodes 12 2003
8396908 Multi-class heterogeneous clients in a clustered filesystem 2 2009
* 2010/0146,045 Multi-Class Heterogeneous Clients in a Clustered Filesystem 5 2009
8151347 Clustered file system for mix of trusted and untrusted nodes 3 2009
* 2010/0154,054 Clustered File System for Mix of Trusted and Untrusted Nodes 8 2009
8683021 Clustered filesystem with membership version support 1 2011
9275058 Relocation of metadata server with outstanding DMAPI requests 0 2011
8578478 Clustered file systems for mix of trusted and untrusted nodes 1 2012
8527463 Clustered filesystem with data volume snapshot maintenance 2 2012
8838658 Multi-class heterogeneous clients in a clustered filesystem 1 2013
9020897 Clustered filesystem with data volume snapshot 0 2013
9405606 Clustered filesystems for mix of trusted and untrusted nodes 0 2013
9519657 Clustered filesystem with membership version support 0 2014
9606874 Multi-class heterogeneous clients in a clustered filesystem 0 2014
 
COMPUTER ASSOCIATES THINK, INC. (1)
* 7383569 Method and agent for the protection against the unauthorized use of computer resources 4 1999
 
COMCAST CABLE COMMUNICATIONS, LLC (22)
6690411 Security system 79 1999
8520068 Video security system 36 2001
* 2002/0147,982 Video security system 93 2001
7015806 Distributed monitoring for a video security system 118 2001
* 2003/0062,997 Distributed monitoring for a video security system 61 2001
7130383 Lifestyle multimedia security system 81 2003
7409045 Lifestyle multimedia security system 28 2003
7120232 Lifestyle multimedia security system 37 2003
6930599 Security system 76 2003
* 2004/0085,202 Security system 2 2003
* 2004/0086,089 Lifestyle multimedia security system 8 2003
* 2004/0041,910 Lifestyle multimedia security system 9 2003
7120233 Lifestyle multimedia security system 39 2003
7103152 Lifestyle multimedia security system 53 2003
* 2004/0086,091 Lifestyle multimedia security system 25 2003
* 2004/0086,090 Lifestyle multimedia security system 18 2003
* 2004/0024,851 Lifestyle multimedia security system 22 2003
8144836 Lifestyle multimedia security system 2 2007
* 2008/0048,861 LIFESTYLE MULTIMEDIA SECURITY SYSTEM 34 2007
8953749 Lifestyle multimedia security system 1 2012
9300921 Video security systems and methods 0 2013
9600945 Lifestyle multimedia security system 0 2014
 
ENTROPIA, INC. (1)
* 2002/0065,874 Method and process for virtualizing network interfaces 4 2000
 
SILVERBACK TECHNOLOGIES, INC. (1)
* 2002/0129,000 XML file system 28 2001
 
SCHNEIDER ELECTRIC SOFTWARE, LLC (2)
7778717 Component object model communication method for a control system 19 2003
* 2003/0225,462 Component object model communication method for process, factory-floor, environmental, computer aided manufacturing-based or other control system 9 2003
 
ENTIT SOFTWARE LLC (1)
* 6026402 Process restriction within file system hierarchies 101 1998
 
INVENSYS SYSTEMS, INC. (6)
* 2003/0217,054 Methods and apparatus for process, factory-floor, environmental, computer aided manufacturing-based or other control system with real-time data distribution 6 2003
* 2009/0164,031 METHODS AND APPARATUS FOR CONTROL USING CONTROL DEVICES THAT COMMUNICATE VIA AN IP NETWORK 24 2008
* 2009/0094,326 CONTROL SYSTEM METHODS AND APPARATUS WITH SERVICES 13 2008
8594814 Systems and methods for immersive interaction with actual and/or simulated facilities for process, environmental and industrial control 2 2009
* 2009/0259,751 METHODS AND APPARATUS FOR MONITORING AND/OR CONTROL OF PROCESS CONTROL APPARATUS 10 2009
* 2010/0076,604 METHOD AND APPARATUS FOR CONTROL USING CONTROL DEVICES THAT PROVIDE A VIRTUAL MACHINE ENVIRONMENT AND THAT COMMUNICATE VIA AN IP NETWORK 25 2009
 
FRANCE TELECOM (1)
* 2008/0104,695 Device and Method for Controlling Access, Core with Components Comprising Same and Use Thereof 5 2005
* Cited By Examiner