Security Concerns - 随笔分类 - CoryXie

一种面向云服务的UCON多义务访问控制方法及系统

摘要：本发明公开了一种面向云服务的UCON多义务访问控制方法及系统。本方法为：1）设置每一云服务的义务项；建立每一云服务所包含的义务图；2）根据用户所请求的云服务查找该云服务的所有强制义务图和可选义务图，并提取该用户对该云服务的历史完成情况；3）对每一强制义务图，监控其每一义务项所对应属性的属性值，判断该义务项是否完成，并检查所有强制义务图是否已经完成，如果完成则进行步骤4）；4）对每一可选义务图，监控... 阅读全文

posted @ 2015-04-14 00:21 CoryXie

Using a USB host controller security extension for controlling changes in and auditing USB topology

摘要：Protecting computer systems from attacks that attempt to change USB topology and for ensuring that the system's information regarding USB topology is accurate is disclosed. A software model is defined... 阅读全文

posted @ 2014-09-28 17:11 CoryXie

Security arrangements for extended USB protocol stack of a USB host system

摘要：Securityarrangements for a universal serial bus (USB) protocol stack of aUSB host system are provided. Thesecurityarrangements prevent an unauthorized or suspiciousUSBdevice from communicating w... 阅读全文

posted @ 2014-09-24 10:25 CoryXie

FORTIFY_SOURCE

摘要：In recent years Linux distributions started treating security more seriously. Out of many security features two are directly affecting C programmers:-fstack-protectorand-D_FORTIFY_SOURCE=2. These G... 阅读全文

posted @ 2014-09-18 13:50 CoryXie

Obfuscating computer code to prevent an attack

摘要：A method and system for obfuscating computer code of a program to protect it from the adverse effects of malware is provided. The obfuscation system retrieves an executable form of the computer code. ... 阅读全文

posted @ 2014-09-13 12:07 CoryXie

Network authentication method and device for implementing the same

摘要：A network authentication method is to be implemented using a network authentication device and a user end for authenticating the user end. The network authentication method includes the steps of: conf... 阅读全文

posted @ 2014-09-12 14:26 CoryXie

一种基于RBAC模型的动态访问控制改进方法

摘要：本发明涉及一种基于RBAC模型的动态访问控制改进方法，属于访问控制领域。对原有RBAC模型进行了权限的改进和约束条件的改进，具体为将权限分为静态权限和动态权限，其中静态权限是非工作流的权限，动态权限是工作流中的权限；将约束条件分为静态约束和动态约束，其中静态约束包括最小权限约束和职责分离约束，动态约束使动态权限按照工作流进行操作。采用本发明的方法改进后的RBAC模型具有以下优势：为传统的RBAC模... 阅读全文

posted @ 2014-09-11 17:24 CoryXie

Introducing ASLR for FreeBSD

摘要：Shawn WebbOliver Pinter10 July 2014http://www.hardenedbsd.org/ [ 1. Introduction ]Security in FreeBSD is based primarily in policy-based technologies. Existing tools such as jails, Capsicum, vnet/vi... 阅读全文

posted @ 2014-09-10 23:50 CoryXie

BUFFER OVERFLOW 10 Vulnerability & Exploit Example

摘要：SRC=http://www.tenouk.com/Bufferoverflowc/Bufferoverflow6.html THE VULNERABLE AND THE EXPLOIT Warning: All the security setting for buffer overflow protection (non-executable stackandra... 阅读全文

posted @ 2014-09-10 22:58 CoryXie

Safe and efficient allocation of memory

摘要：Aspects of the present invention are directed at centrally managing the allocation of memory to executable images in a way that inhibits malware from identifying the location of the executable image. ... 阅读全文

posted @ 2014-09-10 17:07 CoryXie

Resource Access Based on Multiple Credentials

摘要：A collection of multipleusercredentialseach associated with one of multiple different users is obtained at a device, and one or more of the multipleuser credentialsare verified. A determination i... 阅读全文

posted @ 2014-09-09 20:08 CoryXie

Writing buffer overflow exploits - a tutorial for beginners

摘要：Buffer overflows in user input dependent buffers have become one of the biggest security hazards on the internet and to modern computing in general. This is because such an error can easily be made at... 阅读全文

posted @ 2014-09-09 18:28 CoryXie

Detecting a return-oriented programming exploit

摘要：A method and apparatus for detecting a Return-Oriented Programming exploitation. At a computer device, a mechanism to detect a control transfer of a code location in a memory is established. This may ... 阅读全文

posted @ 2014-09-09 17:59 CoryXie

System and method for critical address space protection in a hypervisor environment

摘要：A system and method in one embodiment includes modules for detecting an access attempt to a criticaladdressspace(CAS) of a guest operating system (OS) that has implementedaddressspacelayoutrand... 阅读全文

posted @ 2014-09-09 16:24 CoryXie

Method of address space layout randomization for windows operating systems

摘要：A system and method foraddressspacelayoutrandomization("ASLR") for a Windows operating system is disclosed. Theaddressspacelayoutincludes one or more memory regions that are identified and th... 阅读全文

posted @ 2014-09-09 14:19 CoryXie

Method for address space layout randomization in execute-in-place code

摘要：The present application relates generally to laying outaddressspace for execute-in-place code and, more specifically, to a method for addressspacelayoutrandomizationfor such code. Ahead of execu... 阅读全文

posted @ 2014-09-09 12:48 CoryXie

Mac OS X Kernel Basic User Credentials

摘要：User Credentials In order to understand security in OS X, it is important to understand that there are two security models at work. One of these is the kernel security model, which is based on users,... 阅读全文

posted @ 2014-09-06 10:44 CoryXie

TrustedBSD Mandatory Access Control Framework分析

摘要：本文为CoryXie原创译文，转载及有任何问题请联系cory.xie#gmail.com。本文分析FreeBSD 10.0【 http://xrefs.info/freebsd-10.0/ 】的MAC Framework的整体流程。在【/usr/src/sys/security/mac/mac_framework.c】中有如下一段注释，描述了MAC Framework实现的三大功能：也... 阅读全文

posted @ 2014-09-04 09:28 CoryXie

Role-based access control modeling and auditing system

摘要：Arole-basedaccesscontrol(RBAC) modeling and auditing system is described that enables a user toaccessand/or create security roles that can be applied to users of a first software application. Wh... 阅读全文

posted @ 2014-08-27 09:29 CoryXie

DDoS ATTACK PROCESSING APPARATUS AND METHOD IN OPENFLOW SWITCH

摘要：An OpenFlow switch in an OpenFlow environment includes anattack determination module to collect statistical information on packet processing with respect to incoming packets to be processed in the Op... 阅读全文

posted @ 2014-08-26 23:27 CoryXie

CoryXie

公告

随笔分类 - Security Concerns