Patents Assigned to Symantec
-
Patent number: 8051478Abstract: A secure browsing manager intercepts load calls, and determines whether intercepted load calls are attempting to load code into the browser. When the secure browsing manager detects that a load call is attempting to load code into the browser, it determines whether that code is trusted. The secure browsing manager processes the attempt to load the code into the browser according to whether or not the code is trusted. If the secure browsing manager determines that the code is trusted, it allows the code to be loaded into the browser, thereby securely allowing the benefits of loaded code. If the secure browsing manager determines that the code is not trusted, it blocks the attempt to load the code into the browser, or alternatively takes other actions, such as allowing the code to be loaded into the browser, but blocking certain user initiated activity.Type: GrantFiled: November 7, 2005Date of Patent: November 1, 2011Assignee: Symantec CorporationInventors: Archana S. Rajan, Edward Bonver, Mark Kennedy
-
Patent number: 8051246Abstract: A method and apparatus for utilizing a semiconductor memory of a node as disk cache is described. In one embodiment, a method of utilizing a semiconductor memory of a second server for a first server, comprising generating a storage access request at a first server, routing the storage access request through a communication link to a second server and performing the storage access request using a semiconductor memory of the second server.Type: GrantFiled: December 21, 2007Date of Patent: November 1, 2011Assignee: Symantec CorporationInventor: Nenad Caklovic
-
Publication number: 20110264833Abstract: A storage method, a storage system, and a controller are disclosed. The method is applicable to a system that includes at least one controller, at least two Peripheral Component Interconnection Express (PCIE) Input/Output (IO) modules, and at least two storage devices. The at least two storage devices are connected through a PCIE switch chip of the at least one controller, and the at least two PCIE IO modules are connected through a PCIE switch chip of the at least one controller. The method includes: receiving a request message from a server through the at least two PCIE IO modules; and accessing the at least two storage devices according to the request message. The at least two PCIE IO modules are shared between controllers, thereby saving resources; and the storage devices access the controllers without the need of a hard disk controller or a hard disk extension chip, thereby saving costs.Type: ApplicationFiled: June 24, 2011Publication date: October 27, 2011Applicant: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES CO., LTD.Inventors: Wei ZHANG, Xianhong LV, Qi WANG, Ruiqi FAN
-
Publication number: 20110264865Abstract: Techniques for directory server integration are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for directory server integration comprising setting one or more parameters determining a range of permissible expiration times for a plurality of cached directory entries, creating, in electronic storage, a cached directory entry from a directory server, assigning a creation time to the cached directory entry, and assigning at least one random value to the cached directory entry, the random value determining an expiration time for the cached directory entry within the range of permissible expiration times, wherein randomizing the expiration time for the cached directory entry among the range of permissible expiration times for a plurality of cached directory entries reduces an amount of synchronization required between cache memory and the directory server at a point in time.Type: ApplicationFiled: April 27, 2010Publication date: October 27, 2011Applicant: Symantec CorporationInventors: Ayman MOBARAK, Nathan Moser, Chad Jamart
-
Publication number: 20110265181Abstract: A method, a system and a gateway for protection against network attacks are provided. The method includes: receiving source request information and destination request information that are sent by a client, where the destination request information is notified by a Domain Name System (DNS) to the client sending the source request information; checking the source request information and the destination request information; and discarding the source request information and the destination request information when the checking result is undesirable. Through the technical solution, the DNS selects the destination request information according to the source request information sent by the client, and establishes a corresponding relation between the client and a server according to a matching relation between the source request information and the destination request information, so as to prevent DDOS attacks.Type: ApplicationFiled: April 28, 2011Publication date: October 27, 2011Applicant: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES CO., LTD.Inventor: Wu JIANG
-
Publication number: 20110264908Abstract: A method for preventing network attacks is provided, which includes: obtaining a data packet, where a source address of the data packet is a cryptographically generated address (CGA); determining that the obtained data packet includes a CGA parameter and signature information; authenticating the CGA parameter; authenticating the signature information according to the authenticated CGA parameter; and sending the data packet to a destination address when the signature information is authenticated. Accordingly, a device for preventing network attacks is also provided. A CGA parameter used by a data packet is directly used to ensure authenticity of a source address of the data packet, thus preventing network attacks performed by counterfeiting the address. In addition, by authenticating signature information, authenticity of identification of a sender of the data packet and bound address of the sender of the data packet are further ensured.Type: ApplicationFiled: April 29, 2011Publication date: October 27, 2011Applicant: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES CO., LTD.Inventors: Hongyan Feng, Lifeng Liu
-
Publication number: 20110264781Abstract: Techniques for directory data resolution are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for directory data resolution comprising receiving data identifying one or more groups of interest of a directory server, traversing, using a processor, one or more directory entries contained in hierarchical directory data, the traversal starting at a directory entry corresponding to a current group of interest, reading a first directory entry to identify a member contained in the first directory entry, adding, in the event a member is contained in the first directory entry, the current group of interest to a mapping for the member. The method may also include use of caching and recursion.Type: ApplicationFiled: April 27, 2010Publication date: October 27, 2011Applicant: Symantec CorporationInventors: Nathan Moser, Ayman Mobarak, Chad Jamart
-
Patent number: 8046446Abstract: A system for ensuring availability using volume server sets in a storage environment employing distributed block virtualization includes a plurality of volume servers, one or more volume clients, one or more physical block devices and a volume server manager. The volume server manager may be configured to designate the plurality of volume servers as a volume server set with an associated volume server set management policy, and to verify each volume server in the volume server set has access to storage within each block device. In addition, the volume server manager may be configured to designate a first volume server of the volume server set to aggregate storage within the block devices into a logical volume, to make the logical volume accessible to the volume clients, and to share configuration information about the volume with the other volume servers of the volume server set.Type: GrantFiled: October 18, 2004Date of Patent: October 25, 2011Assignee: Symantec Operating CorporationInventors: Ronald S. Karr, Chio Fai Aglaia Kong, Gopal Sharma, Robert Baird, Santosh Rao
-
Patent number: 8046553Abstract: An apparatus and method for faster recovery of validated continuous data protection time images. In one embodiment of the method, an image validation process is initiated. In response, a first write transaction is generated for writing first new data to a first image of a data object that existed at prior time T1. The first new data is written to a first storage. Thereafter data contents of the first storage are copied to a first memory object. Finally, the first memory object is linked with the first image.Type: GrantFiled: October 30, 2009Date of Patent: October 25, 2011Assignee: Symantec Operating CorporationInventor: Raghu Krishnamurthy
-
Patent number: 8046331Abstract: A method and apparatus for recreating placeholders comprising selecting at least one object of information in an archive, determining a source location for the selected at least one object of information, accessing the selected at least one object of information, and recreating a placeholder from the selected at least one object of information.Type: GrantFiled: May 25, 2007Date of Patent: October 25, 2011Assignee: Symantec CorporationInventors: Mugdha Sanghavi, Kishor S. Ghait, Andrew Nash, Laxmikant Vithal Gunda
-
Patent number: 8046329Abstract: Systems and methods for computer system data backup. A computer system includes an application server operating on a first host and a backup application configured to create new target database images for a sequence of backup datasets. The backup datasets include data from source databases associated with the application server. At least one of the source databases is hosted on a remote source host separate from the first host. The computer system includes a client registered with the application server and installed on a backup host. The client stores a seed document in each of the new target database images and modifies each seed document to specify which portions of a backup dataset in the sequence are to be stored in each new target database image. The backup application updates each new target database image based on the contents of a seed document.Type: GrantFiled: June 30, 2008Date of Patent: October 25, 2011Assignee: Symantec Operating CorporationInventors: Amrish Shah, Udayan Majumdar
-
Patent number: 8045457Abstract: Intentionally dropping packets to prevent unauthorized transfer of data through multimedia tunnels is disclosed. A stream of media transport protocol packets is received. One or more packets are dropped intentionally from the stream to render unusable at the destination a file or other data transported through the multimedia tunnel without authorization.Type: GrantFiled: June 29, 2006Date of Patent: October 25, 2011Assignee: Symantec CorporationInventors: Sourabh Satish, Brian Hernacki
-
Patent number: 8046374Abstract: A database intrusion detection system (DIDS) automatically trains itself to account for changes to the database. The DIDS monitors upstream queries sent to the database and downstream data provided in response to the queries. The DIDS classifies an upstream query as legitimate or anomalous. If the query is anomalous, the DIDS determines whether the anomaly resulted from a change in the database by performing one or more tests. One test determines whether the query references new fields or tables. Another test determines the frequency at which the query is received, and/or whether the query is received from multiple sources. A third test determines whether the query accesses sensitive information. Together, the results of these tests describe whether the query should be classified as anomalous or legitimate.Type: GrantFiled: May 6, 2005Date of Patent: October 25, 2011Assignee: Symantec CorporationInventor: Adam Bromwich
-
Publication number: 20110258255Abstract: A method and an apparatus for accessing a network file system (NFS) are disclosed. The method includes: receiving a first request message, which is sent by a user equipment (UE) to the NFS according to an available first file type; converting, according to a preset mapping relation, the first request message into a second request message capable of driving a second file type in the NFS, and sending the second request message to the NFS; receiving a first response message, which is based on the second file type and is sent by the NFS to the UE in response to the second request message; and converting, according to the preset mapping relation, the first response message into a second response message which is based on the first file type, and sending the second response message to the UE. With the present invention, the file system protocol can be converted, and the NFS is compatible with multiple operating systems.Type: ApplicationFiled: June 29, 2011Publication date: October 20, 2011Applicant: Chengdu Huawei Symantec Technologies Co., Ltd.Inventor: Jiaolin LUO
-
Publication number: 20110258389Abstract: A virtual storage method and a device are disclosed. The virtual storage method includes: obtaining a volume management mode of a Logical Unit Number (LUN) from a storage array and recording the volume management mode into stitch data; and constructing a virtual LUN according to the LUN and the stitch data, and mapping the virtual LUN to a host to enable read/write access; and modifying a destination address of an Input/Output (I/O) data packet delivered by the host according to the stitch data after receiving the I/O data packet, delivering the I/O data packet to the virtual LUN, and delivering the I/O data packet which has been delivered to the virtual LUN to the storage array according to the stitch data, where an address of the storage array to which the I/O data packet is delivered is the same as the destination address of the I/O data packet before the destination address of the I/O data packet is modified.Type: ApplicationFiled: June 29, 2011Publication date: October 20, 2011Applicant: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES CO., LTD.Inventors: Yibin LI, Qingchao LUO, Xiaohua LI
-
Patent number: 8041641Abstract: One implementation of a method for providing backup storage services for encrypted data includes receiving signatures of convergently encrypted portions of data from client computers, determining whether the encrypted portions are already present on a backup storage, and obtaining only the needed portions. Users unassociated with a particular user account are denied access to information backed up in that account. The backup storage also stores password protected key files holding signatures of the unencrypted portions of data. One implementation of a system includes a memory, a single-instance storage circuit, a user account management circuit, and a signature index. The memory holds a user-account database and backup copies of convergently encrypted portions of data. The single-instance storage circuit uses the signature index to prevent duplicative backup copies. The user account management circuit responds to download requests after authenticating the user information associated with the requested data.Type: GrantFiled: December 19, 2006Date of Patent: October 18, 2011Assignee: Symantec Operating CorporationInventors: Ankur P. Panchbudhe, Srineet Sridharan
-
Patent number: 8041719Abstract: A method and apparatus for detecting pre-selected data stored on a personal computing device is described. In one embodiment, contents of data storage media of a personal computing device are searched for pre-selected sensitive data. In one embodiment, if at least a portion of the pre-selected sensitive data is detected, a notification of the detection of the pre-selected data is sent to a system via a network. In another embodiment, if at least a portion of pre-selected sensitive data is detected, the access to this data is blocked.Type: GrantFiled: June 27, 2003Date of Patent: October 18, 2011Assignee: Symantec CorporationInventors: Kevin T. Rowney, Michael R. Wolfe, Mythili Gopalakrishnan, Vitali A. Fridman, Joseph Ansanelli
-
Patent number: 8042161Abstract: Whitelists are automatically shared between users and/or domains without compromising user/domain privacy. Potential trust partners with whom to share whitelist data are automatically identified. A handshaking procedure is carried out to confirm the trust relationship and verify the partner's identity. Once a trust partner is confirmed, the parties can exchange acceptance criteria specifying the types of whitelist data they want to receive. Each party can provide the other with the appropriate entries from its own whitelist. The parties keep each other updated, as their own whitelists change.Type: GrantFiled: March 29, 2007Date of Patent: October 18, 2011Assignee: Symantec CorporationInventors: Shaun Cooley, Bruce McCorkendale
-
Patent number: 8041679Abstract: Creating a synthetic database backup using binary logs. A full backup of a database may be stored, followed by one or more incremental backups. The one or more incremental backups may include first binary log files. A first synthetic differential backup may be created using the first binary log files. Creating the first synthetic differential backup may include translating the first binary log files into a first plurality of SQL statements. The first plurality of SQL statements may be executable to recreate the changes in the database since the full backup. Translating each of the first binary log files into the first plurality of SQL statements may be performed before performing a recovery process to decrease recovery time.Type: GrantFiled: June 4, 2008Date of Patent: October 18, 2011Assignee: Symantec Operating CorporationInventor: Priyesh Narayanan
-
Patent number: 8041675Abstract: A method and apparatus for incrementally backing up database files is described. In one embodiment, the present invention replicates an original database file for the purpose of creating a backup database file. The backup database file is subsequently stored in a data store and the original database file is monitored for at least one change (i.e., new e-mail message). In response to a detected change, the change to the original database file is copied to the backup database file so that the two database files are replicas of each other.Type: GrantFiled: September 20, 2004Date of Patent: October 18, 2011Assignee: Symantec Operating CorporationInventor: Greg McCain