Patents Assigned to ScanSafe Limited
-
Patent number: 8689331Abstract: The invention provides methods and systems for detecting exploits. A received file is examined to determine whether or not it corresponds to any of one or more predetermined models of normal file types. If the received file does not correspond to any of the one or more predetermined models of normal file types, it is flagged as a potential exploit.Type: GrantFiled: December 11, 2009Date of Patent: April 1, 2014Assignee: ScanSafe LimitedInventors: Bryan Feeney, Steven Poulson, John Edwards
-
Publication number: 20130067098Abstract: The invention provides systems and methods for securely transmitting data between a roaming computer and a managed network service over a shared public network. A secure connection is created between the roaming computer and a server computer that hosts or acts as a secure gateway to the managed network service. The connection is set up and established by a client agent installed on the roaming computer and a connection component of the managed service on the server computer. The client agent and the connection component of the managed service operate, on an initial request from the roaming computer to the managed service to negotiate the secure connection using certificate-based client authentication. The client certificate preferably includes user-specific attributes that can be extracted by the connection component and made available to the managed service to apply processing rules specific to the user.Type: ApplicationFiled: October 10, 2012Publication date: March 14, 2013Applicant: SCANSAFE LIMITEDInventor: SCANSAFE LIMITED
-
Patent number: 8312143Abstract: The invention provides systems and methods for securely transmitting data between a roaming computer and a managed network service over a shared public network. A secure connection is created between the roaming computer and a server computer that hosts or acts as a secure gateway to the managed network service. The connection is set up and established by a client agent installed on the roaming computer and a connection component of the managed service on the server computer. The client agent and the connection component of the managed service operate, on an initial request from the roaming computer to the managed service to negotiate the secure connection using certificate-based client authentication. The client certificate preferably includes user-specific attributes that can be extracted by the connection component and made available to the managed service to apply processing rules specific to the user.Type: GrantFiled: October 13, 2006Date of Patent: November 13, 2012Assignee: ScanSafe LimitedInventors: Ivan Litovski, John Edwards
-
Patent number: 8255465Abstract: Methods and systems for communicating information between computer networks in which the information to be communicated is required at one location (e.g. for processing) but only available at another location. The information may be absent deliberately (for privacy reasons) or may simply be unavailable as an artifact of the computer network(s) involved. The required information, such as the internal client IP address, is inserted into the outgoing network communication in a manner that does not to materially affect the normal transit or utility of the network communication (e.g. as custom headers). The information is preferably inserted in an encrypted form, so that it may pass over a public network and be invulnerable to unauthorised scrutiny.Type: GrantFiled: September 22, 2006Date of Patent: August 28, 2012Assignee: ScanSafe LimitedInventor: John Edwards
-
Publication number: 20100162400Abstract: The invention provides methods and systems for detecting exploits. A received file is examined to determine whether or not it corresponds to any of one or more predetermined models of normal file types. If the received file does not correspond to any of the one or more predetermined models of normal file types, it is flagged as a potential exploit.Type: ApplicationFiled: December 11, 2009Publication date: June 24, 2010Applicant: SCANSAFE LIMITEDInventors: Bryan Feeney, Steven Poulson, John Edwards
-
Publication number: 20100082979Abstract: Methods and systems provide for sharing information between computer networks in which the information to be shared is required at one location (e.g. for the provision of a data-processing service) but is only available at a separate location. The information may be deliberately absent (e.g. for privacy reasons) or may be unavailable as an artifact of the computer network(s) involved. For the provision of a data-processing service, where several different devices on one network may service contiguous requests from a client device on another network according to a load-balancing strategy, data is propagated once only through the service network. Network communication software is subsequently amended to provide the minimal information necessary for a device on the service network to retrieve the information pertinent to the client device and necessary for its service. Therefore, a web-based single sign-on scheme can operate over HTTP to authorize data-processing services, such as web-filtering services.Type: ApplicationFiled: September 23, 2009Publication date: April 1, 2010Applicant: SCANSAFE LIMITEDInventor: John EDWARDS
-
Publication number: 20070088834Abstract: The invention provides systems and methods for securely transmitting data between a roaming computer and a managed network service over a shared public network. A secure connection is created between the roaming computer and a server computer that hosts or acts as a secure gateway to the managed network service. The connection is set up and established by a client agent installed on the roaming computer and a connection component of the managed service on the server computer. The client agent and the connection component of the managed service operate, on an initial request from the roaming computer to the managed service to negotiate the secure connection using certificate-based client authentication. The client certificate preferably includes user-specific attributes that can be extracted by the connection component and made available to the managed service to apply processing rules specific to the user.Type: ApplicationFiled: October 13, 2006Publication date: April 19, 2007Applicant: ScanSafe LimitedInventors: Ivan Litovski, John Edwards
-
Publication number: 20070074018Abstract: Methods and systems for communicating information between computer networks in which the information to be communicated is required at one location (e.g. for processing) but only available at another location. The information may be absent deliberately (for privacy reasons) or may simply be unavailable as an artefact of the computer network(s) involved. The required information, such as the internal client IP address, is inserted into the outgoing network communication in a manner that does not to materially affect the normal transit or utility of the network communication (e.g. as custom headers). The information is preferably inserted in an encrypted form, so that it may pass over a public network and be invulnerable to unauthorised scrutiny.Type: ApplicationFiled: September 22, 2006Publication date: March 29, 2007Applicant: ScanSafe LimitedInventor: John Edwards