239 results about "Distributed security" patented technology

A technique for securing message traffic in a data network using a protocol such as IPsec, and more particularly various methods for distributing security policies among peer entities in a network while minimizing the passing and storage of detailed policy or key information except at the lowest levels of a hierarchy.

PCT No. PCT / EP95 / 04823 Sec. 371 Date Aug. 8, 1997 Sec. 102(e) Date Aug. 8, 1997 PCT Filed Dec. 8, 1995 PCT Pub. No. WO97 / 22071 PCT Pub. Date Jun. 19, 1997In a method for distributing securities of portfolio items among a plurality of internal portfolios, each portfolio item has a determined number of securities distributed over each internal portfolio according to a determined consolidation ratio (CRCi,,j-1) attributed to each internal portfolio. A total value (PVj-1) of the portfolio items is determined and a transaction assigned to one portfolio item within one internal portfolio is received, having a transaction value (NCAi). A further consolidation ratio (CRCi,j) is determined for each internal portfolio based on the consolidation ratio (CRCi,j-1), total cash assets (PVj-i), and the transaction value (NCAi). In a further step, a transfer of a determined number of securities is performed, for each portfolio item, from each internal portfolio to the one internal portfolio to which the transaction is assigned. Finally, the transaction is allotted to each of said internal portfolios according to the further consolidation ratio (CRCi,j). The result is that the portfolios are cloned portfolios, i.e. internal portfolios being equivalent on a relative basis.

An architecture is provided for a widely distributed security system (SDI-SCAM) that protects computers at individual client locations, but which constantly pools and analyzes information gathered from machines across a network in order to quickly detect patterns consistent with intrusion or attack, singular or coordinated. When a novel method of attack has been detected, the system distributes warnings and potential countermeasures to each individual machine on the network. Such a warning may potentially include a probability distribution of the likelihood of an intrusion or attack as well as the relative probabilistic likelihood that such potential intrusion possesses certain characteristics or typologies or even strategic objectives in order to best recommend and / or distribute to each machine the most befitting countermeasure(s) given all presently known particular data and associated predicted probabilistic information regarding the prospective intrusion or attack. If any systems are adversely affected, methods for repairing the damage are shared and redistributed throughout the network.

A method and system for facilitating the management of user identities includes an ownership component, a registration component, and a servicing component. When a user first desires to access a system using the present invention, the registration component verifies the user's ownership of the underlying account by asking a variety of questions. Thereafter, when a user desires to service his account, the user may be re-queried to determine if he is attempting to access the correct information. An authentication and access component provides the functionality to access a system of the present invention. An audit component can be configured to periodically monitor the various accounts to ensure a continued linking between users and accounts.