Patents Assigned to Symantec
  • Patent number: 7660790
    Abstract: A method and apparatus for utilizing a file change log is described. In one example, the access of a file is initially detected. The identifier of the entity accessing the file is recorded. Similarly, an indicia of identifying at least one portion of the file that was accessed by the entity is recorded. The file change log is then updated to reflect the identifier and the indicia.
    Type: Grant
    Filed: February 24, 2005
    Date of Patent: February 9, 2010
    Assignee: Symantec Operating Corporation
    Inventors: Yusuf Batterywala, Naga Kishore Kommuri, Nookala Sunder Phani Kumar, Sree Hari Nagaralu
  • Patent number: 7657717
    Abstract: A computer system that implements a method for creating a virtual snapshot of a first storage object. A first storage object such as a data volume is created, wherein creating the first storage object includes creating a first storage object description. This first storage object description relates the first storage object to underlying first storage objects or first physical memory regions. After creating the first storage object, a virtual copy of the first storage object is created as a second storage object. Creating the second storage object includes creating a second storage object description, wherein the second storage object description relates the second storage object to the first storage object. The first storage object is transmitted to a first computer system, and the second storage object description is transmitted to a second computer system.
    Type: Grant
    Filed: February 2, 2004
    Date of Patent: February 2, 2010
    Assignee: Symantec Operating Corporation
    Inventors: Ronald S. Karr, Anand A. Kekre
  • Patent number: 7657927
    Abstract: A method of protecting a system from attack that includes monitoring processes running on a system, identifying behavior of the processes and attributes of the processes, grouping the processes into process sets based on commonality of attributes, and generating behavior control descriptions for each process set.
    Type: Grant
    Filed: December 13, 2004
    Date of Patent: February 2, 2010
    Assignee: Symantec Corporation
    Inventors: Homayoon Tajalli, Jeffrey J. Graham, Timothy J. Fraser
  • Patent number: 7657582
    Abstract: A system for using recent activity information to select backup versions of storage objects for restoration comprises a processor and memory coupled to the processor, where the memory stores program instructions computer-executable by the processor to implement a backup manager. The backup manager is configured to maintain one or more backup versions of a plurality of storage objects and a plurality of access history records, where each access history record is associated with a particular backup version. Each access history record includes information indicative of an access to the corresponding storage object by a user. The backup manager may be configured to select a particular backup version as a restoration candidate using at least the contents of the access history record associated with the backup version.
    Type: Grant
    Filed: August 4, 2005
    Date of Patent: February 2, 2010
    Assignee: Symantec Operating Corporation
    Inventors: Paul Cram, Stephen Andrew Breidbach, Anthony T. Orling, Brian Greene
  • Patent number: 7657796
    Abstract: A system, method, and computer-accessible medium for storage management are disclosed. A failure condition is detected in a storage stack comprising a first host and a storage device. Data from the storage device is exported to a plurality of additional hosts. The data is validated using the plurality of additional hosts.
    Type: Grant
    Filed: September 30, 2005
    Date of Patent: February 2, 2010
    Assignee: Symantec Operating Corporation
    Inventors: Scott D. Kaiser, Randy R. Taylor
  • Patent number: 7657530
    Abstract: A system and method for file system content processing. In one embodiment, the system may include a storage device configured to store data and a file system configured to manage access to the storage device, to store file system content, to perform in-band detection of a file system content access event, and to responsively generate an event record. The system may further include a content processor configured to perform out-of-band detection of the event record and to responsively generate additional file system content.
    Type: Grant
    Filed: June 7, 2004
    Date of Patent: February 2, 2010
    Assignee: Symantec Operating Corporation
    Inventors: Dhrubajyoti Borthakur, Nur Premo, Joseph Pasqua
  • Patent number: 7657578
    Abstract: A system for volume replication in a distributed block virtualization environment includes a first and a second set of one or more physical block devices, a first and a second volume server, one or more volume clients, and a replication manager. The first volume server may be configured to aggregate storage in the first set of one or more physical block devices into one or more logical volumes, and to make the one or more logical volumes accessible to the one or more volume clients. The replication manager may be configured to operate in cooperation with the first and second volume servers and the one or more volume clients to maintain a replica of at least a subset of the one or more logical volumes at the second set of one or more physical block devices.
    Type: Grant
    Filed: December 20, 2004
    Date of Patent: February 2, 2010
    Assignee: Symantec Operating Corporation
    Inventors: Ronald S. Karr, Niranjan Pendharkar, Anand A. Kekre, Angshuman Bezbaruah, Vikas Kailash Gupta, Ashish Agarwal, Raghu Krishnamurthy, Michael Root, Kati Rader, Kedar Karmarkar
  • Patent number: 7653668
    Abstract: A system for fault tolerant multi-stage data replication with relaxed coherency comprises one or more processors and memory coupled to the processors, where the memory stores program instructions executable by the processors to implement a data replication service. In response to an update request directed at a data object, in a first stage of replication, the data replication service is configured to update respective primary replicas at a plurality of primary replica sites for the data object, and to store metadata descriptors at each of the plurality of primary replica sites. The data replication service is configured to determine whether a notification of the update is to be sent to any other replica sites. In response to identifying such other replica sites, an update notification including contents of a metadata descriptor may be sent to the other replica sites in one or more additional replication stages.
    Type: Grant
    Filed: November 23, 2005
    Date of Patent: January 26, 2010
    Assignee: Symantec Operating Corporation
    Inventors: Radha Shelat, Dilip Madhusudan Ranade, Navin Kabra, BijayaLaxmi Nanda, Anindya Banerjee
  • Patent number: 7653059
    Abstract: A system and method supporting communication sessions for nodes in a network. A sender node may initiate a send operation to send a message to one or more receiver nodes. For each receiver node, the message may pass from the sender node to the receiver node via a path including a plurality of nodes. At each node through which the message passes, the node may store state information regarding the message. The state information may include information specifying a link via which the message was received. Each receiver node may issue one or more replies to the message. The replies from each receiver node may pass from the receiver node to the sender node via the same path by which the message reached the respective receiver node. This may be accomplished using the state information stored on each node in the path.
    Type: Grant
    Filed: March 31, 2003
    Date of Patent: January 26, 2010
    Assignee: Symantec Operating Corporation
    Inventors: Gregory L. Slaughter, Thomas E. Saulpaugh, John A. Muth
  • Patent number: 7653699
    Abstract: A method and system are provided for partitioning a file system. The system may include one or more server computer systems and a plurality of physical file systems. The physical file systems may be hosted by the one or more server computer systems. The physical file systems may be accessible to clients through a virtual file system having a single namespace. The virtual file system may include metadata which are partitioned across the plurality of physical file systems. The server computer systems may be configured to independently perform file system consistency checks on each of the physical file systems, in order to independently validate each partition of the metadata.
    Type: Grant
    Filed: June 12, 2003
    Date of Patent: January 26, 2010
    Assignee: Symantec Operating Corporation
    Inventors: John A. Colgrove, Tushar Y. Tambay, Dheer Moghe
  • Patent number: 7653647
    Abstract: A system and method for determining file system data integrity. In one embodiment, the system includes a storage device configured to store data and a file system configured to manage access to the storage device, to store plurality of files, to store a respective signature of each of the plurality of files, and to compare a respective signature of a given file against a corresponding validation signature. In one specific implementation, the system further includes a validation signature inventory including a plurality of validation signatures, and the file system is further configured to validate a particular file by retrieving a corresponding particular validation signature from the validation signature inventory and comparing the corresponding particular validation signature against the respective signature of the particular file. In another specific implementation, the file system is further configured to store the corresponding validation signature of the given file in a write-once storage attribute.
    Type: Grant
    Filed: June 16, 2004
    Date of Patent: January 26, 2010
    Assignee: Symantec Operating Corporation
    Inventors: Dhrubajyoti Borthakur, Nur Premo, Joseph Pasqua
  • Publication number: 20100017877
    Abstract: A computer-implemented method for determining file classifications. The method may include determining identification information of a first file stored on a first computing system. The method may also include querying a second computing system for classification information by sending the identification information of the first file to the second computing system. The first computing system may receive, in response to the query, identification information of a second file. The first computing system may also receive the classification information. The classification information may indicate that the first file and second file are trusted. The first computing system may use the identification information of the second file to determine that the second file is stored on the first computing system. The first computing system may also apply the classification information to the first and second files by excluding the first and second files from a security scan.
    Type: Application
    Filed: June 23, 2008
    Publication date: January 21, 2010
    Applicant: Symantec Corporation
    Inventors: Shaun Cooley, Petrus J. Viljoen
  • Publication number: 20100017889
    Abstract: A client communicates with a website usage server via a network to gain access to an account on a website. The client requests an indication of whether user access to the account on the website is permitted. The website usage server determines whether website usage is permitted based at least in part on a website usage policy associated with the website and the user. The website usage server provides restricted authentication credentials to the website responsive to determining that access to the account is permitted.
    Type: Application
    Filed: July 17, 2008
    Publication date: January 21, 2010
    Applicant: SYMANTEC CORPORATION
    Inventors: Keith Newstadt, Shaun P. Cooley
  • Patent number: 7650382
    Abstract: A domain (101) has a primary e-mail server (103) with an e-mail delivery address (109), and at least one backup e-mail server (105) with an e-mail delivery address (111). A trap manager (115) adds at least one trap e-mail delivery address (113) to an e-mail delivery address list (107) associated with the domain (101), the trap e-mail delivery address (113) resembling a backup e-mail server delivery address (111) and pointing to the trap manager (115). The trap manager (115) receives (201) e-mail sent to the trap address (113), and determines whether received e-mail comprises spam (119).
    Type: Grant
    Filed: April 24, 2003
    Date of Patent: January 19, 2010
    Assignee: Symantec Corporation
    Inventors: William E Sobel, Bruce McCorkendale
  • Patent number: 7650640
    Abstract: Data streams are scanned to detect malicious jump-call-pop shellcode constructs used in attacks against stack-based buffer overflow vulnerabilities on software executing in the IA32 architecture prior to execution. Upon a detection of a malicious jump-call-pop shellcode construct, protective action is taken, such as preventing the malicious shellcode from executing.
    Type: Grant
    Filed: October 18, 2004
    Date of Patent: January 19, 2010
    Assignee: Symantec Corporation
    Inventor: Elias Levy
  • Patent number: 7647411
    Abstract: A network appliance controls access to network resources by identifying network paths passing through the network appliance to a protected network, drawings conclusions about the type of communications traveling along those paths, and then controlling, i.e. limiting, access to the protected network's resources for transmitting communications on a path-by-path basis. Recipient controlled mechanisms are used to control access to the recipient's network's resources, namely, restricting bandwidth, controlling allocation of SMTP or other connections, and packet level traffic shaping techniques including controlling of parameters of TCP and/or IP communications, such as TCP receive window size and Maximum Segment Size, or otherwise decreasing the amount of network traffic per unit of time passing through the network appliance. This limits the amount of network resources that may be used by incoming communications.
    Type: Grant
    Filed: May 7, 2004
    Date of Patent: January 12, 2010
    Assignee: Symantec Corporation
    Inventors: Vincent J. Schiavone, David Ian Brussin, Tobias Phillip DiPasquale, John Francis D'Alessio
  • Patent number: 7647622
    Abstract: Risk events occurring on a computer system are logged over time and a risk profile is dynamically generated and updated based on the logged risk events. In one embodiment, a security policy is dynamically set and updated based on the risk profile.
    Type: Grant
    Filed: April 22, 2005
    Date of Patent: January 12, 2010
    Assignee: Symantec Corporation
    Inventors: William E. Sobel, Bruce McCorkendale
  • Patent number: 7647362
    Abstract: Mechanisms for saving and accessing versions of files using indexed content, rather than a system version identifier. Thus, a user may identify a version of a file by its content, rather than using a less descriptive system-assigned version identifier. Accordingly, the user is provided with a more intuitive and therefore efficient mechanism for identifying and accessing different versions of files.
    Type: Grant
    Filed: November 29, 2005
    Date of Patent: January 12, 2010
    Assignee: Symantec Corporation
    Inventor: Carey Stover Nachenberg
  • Patent number: 7647449
    Abstract: A method, system, and computer readable medium for maintaining the order of write-commands issued to a data storage, where the write-commands are issued by one or more host. In one embodiment of the present invention the method includes assigning an order-descriptor to each write-command, storing the write-command, storing the order-descriptor, and collating a plurality of order-descriptors and their corresponding write-commands to obtain an ordered write-command stream.
    Type: Grant
    Filed: September 28, 2006
    Date of Patent: January 12, 2010
    Assignee: Symantec Operating Corporation
    Inventors: Subhojit Roy, Niranjan Sanjiv Pendharkar
  • Publication number: 20100005514
    Abstract: A file rights control method, a file rights control system, and a server are described. The file rights control method includes: monitoring identity information of a file author; determining at least one authorization object of the file according to identity information of the file author; determining rights corresponding to different authorization objects of the file according to the identity information of the file author and the at least one authorization object of the file; and authorizing the at least one authorization object of the file according to the determined rights corresponding to different authorization objects of the file. A file rights control system and a server are further described. By using the embodiments of the present invention, the complexity of file authorization control operation is reduced, thus improving the working efficiency of users. Moreover, the authorization of a fine granularity and a higher security are ensured.
    Type: Application
    Filed: June 1, 2009
    Publication date: January 7, 2010
    Applicant: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES CO., LTD.
    Inventor: Liangde Chen