Abstract: Remote activation of covert service channels is provided. A remote host can initiate and establish a connection with a target host without exposing a service channel or communications port to an unauthenticated host. Triggers can be received by and sent to a host and an associated operating system, under direction of a stealth listener. The stealth listener provides can control and direct an operating system to respond to incoming data packets, but can also open and close ports to enable access to services on a host. Using a variety of transport mechanisms, protocols, and triggers to covertly enable a connection to be established between a service and a remote client, the disclosed techniques also enable reduction of processing and storage resources by reducing the amount of host or client-installed software.
Type:
Grant
Filed:
October 2, 2003
Date of Patent:
May 27, 2008
Assignee:
Symantec Corporation
Inventors:
Brian Hernacki, Thomas Lofgren, Jeremy Bennett
Abstract: Authorizing a requesting entity to have a service perform a particular action in a manner that is at least partially independent of the underlying target data structure. An authorization station maintains a number of role templates that each define basic access permissions with respect to a number of command methods. The authorization station also maintains a number of role definitions that each define access permissions for specific requesting entities by using one or more of the role templates. When the authorization station receives a request from the requesting entity, the authorization station then identifies the appropriate role definition. Using this role definition, the authorization station determines access permissions for the requesting entity with respect to the requested action.
Type:
Grant
Filed:
October 22, 2001
Date of Patent:
October 16, 2007
Assignee:
Microsoft Corporation
Inventors:
Mark Lucovsky, Shaun D. Pierce, Michael G. Burner, Richard B. Ward, Paul J. Leach, George M. Moore, Arthur Zwiegincew, Robert M. Hyman, Jonathan D. Pincus, Daniel R. Simon
Abstract: Techniques of improving the safety of an information processing system at low cost are provided, the information processing system having an OS provided with an access control function based upon discretionary access control for preventing illegal accesses to files. A method and apparatus for providing the information processing system with functions and areas usable only by a specific user different from a system administrator. The areas are provided with an access control function in order to prevent the access control function from being tampered.
Abstract: A binary state machine system and method for REGEX processing of a data stream in an intrusion detection system are disclosed. The method comprises maintaining a state table. The state table is indexed such that inputs comprising a current state and a current character yield an output of a new state. The new state is related to an indication of an attack on a computer network. The method further includes maintaining the current state. An input stream comprising a plurality of characters is received. A first character of the input stream is selected as the current character. The current character and the current state are compared to the state table to generate a new state.