171 results about "Secure Shell" patented technology

An inventory management system utilizes unattended facilities remote from a central warehouse for service parts logistics. Items are placed in inventory in secure enclosures at the unattended facilities by the inventory management service. The unattended facilities may be located near one or more customers to reduce a service technician's travel time and customers' inventory costs. A service technician utilizes a passcode to retrieve needed items. The service technician may order items that are not kept in the inventory of the unattended facility in which case the items may be delivered to the unattended facility and the service technician may receive a notification related to all the items that comprise an order that the order is ready for pick up at an unattended facility. Unused, used or damaged parts may be returned by a technician to a remote secure enclosure where such returned parts may be retrieved and disposed of, repaired or placed back into inventory if not damaged or after repair, and the processing of such returned parts begins by information entered into a data entry device at the remote secure enclosure location. Return items that are not damaged may be included in the inventory of an unattended facility.

Methods and systems for communicating data between a server and a remote client computer through a secure socket layer (“SSL”). In accordance with the present invention, server-side SSL functions are performed by a network device located remotely from a secure data center, while maintaining the secure use of centralized certificates and their associated private keys. The invention may be employed in conjunction with acceleration functions operating within coordinated network devices, facilitating acceleration of overall SSL traffic. The invention improves on the prior art by allowing the remotely located acceleration device to use the certificate and private key of the target application server, but without compromising the security of the server's private key.

The invention discloses a process monitoring method and a process monitoring system. The method comprises the following steps of: receiving a request for querying the list of monitored hosts from a client, acquiring the list of managed Windows and Linux hosts, and returning the list of the monitored hosts to the client; receiving information for polling a monitored host and the concerned process list of the host from the client, setting login information for logging in the host, and returning the concerned process list of the host to the client; and receiving information for querying the currently-running real-time process of the monitored host from the client, securely logging in the host based on SSH (Secure Shell) service, acquiring the list of all currently-running real-time processes of the host based on SNMP (Simple Network Management Protocol) service, filtering invalid process information according to the concerned process list of the host and a preset strategy, and outputting the acquired real-time process parameters to the client for exhibition. With the adoption of the process monitoring method and the process monitoring system, the cross-platform process monitoring can be achieved, and the cost for maintenance and development can be lowered.

A method to enable remote, secure, self-provisioning of a subscriber unit includes, a security provisioning server: receiving, from a subscriber unit, a certificate signing request having subscriber unit configuration trigger data; generating provisioning data for the subscriber unit using the subscriber unit configuration trigger data; and in response to the certificate signing request, providing to the subscriber unit the provisioning data and a subscriber unit certificate having authorization attributes associated with the provisioning data, to enable the self-provisioning of the subscriber unit.

Management of user keys for public key authentication using the SSH in large SSH deployments is automated by deploying a management system in the environment, discovering SSH identity keys and authorized keys, analyzing authorized connections between user accounts, and automatically managing the authorized connections and the key pairs used for authentication.

The invention concerns an architecture of a terminal (5) allowing communications between a smart card (8) and a web server (4), via an internet network (RI). The terminal (5) is equipped with a secure enclosure (6) comprising a smart card reader (8), a keyboard (62), and optionally, other computing resources (63). The non-secure part of the terminal (5) comprises a web browser (51) and a first communication node (50) that routes the requests received to the browser (51) or to the secure enclosure (6). The secure enclosure (6) comprises a second communication node (60) and an HTTP server (61). The smart card (8) comprises a third communication node (80) and an HTTP server (81). The web server (4) comprises a merchant application (41) that can be placed in communication with the smart card (8) and activate software applications (A₁–A_n) of the latter.

Embodiments of an application gateway architecture may include an application gateway server computer communicatively connected to backend systems and client devices operating on different platforms. The application gateway server computer may include application programming interfaces and services configured for communicating with the backend systems and managed containers operating on the client devices. The application gateway server computer may provide applications that can be centrally managed and may extend the capabilities of the client devices, including the ability to authenticate across backend systems. A managed container may include a managed cache and may provide a secure shell for applications received from the application gateway server computer. The managed container may store the applications in the managed cache and control access to the managed cache according to rules propagated from at least one of the backend systems via the application gateway server computer.

An object control and tracking system and related methods using separate object identification and location detection mechanisms for objects, such as keys, that are maintained in a secure enclosure, such as a key drawer. A plurality of object slots are located on the top tray of the enclosure to receive object tags that include both an RFID tag and an object to be tracked. The objects (e.g., keys) are attached to a portion of the object tags that are outside of the enclosure. Presence detectors are used to determine if an object tag is present in the corresponding slot of the enclosure. RFID sensors located on opposite interior side walls of the enclosure interrogate each RFID tag to determine the presence of each RFID tag within the enclosure. The object control and tracking system includes a controller, a memory for storing an object control database, and related processing logic operating on the controller to control scanning of the presence detectors to determine an object tag's presence in a corresponding slot, to identify each object present in the enclosure and to compare the identified objects with an object control database to determine each object removed or replaced since the previous database update.

Disclosed is an apparatus for high-throughput non-contact liquid transfer. The high-throughput non-contact liquid transfer apparatus may be implemented for high-throughput biological, chemical and biochemical, synthesis and/or screening. In one variation, the apparatus comprise of an acoustic emitter, one or more X/Y linear stage with associated handling device, one or more storage queue, and an image detection system. The apparatus may be controlled by a centralized system controller with associated electronic and/or software. The apparatus may further be integrated within a frame with environment and safety enclosure. The system controller may control positioning of source vessel and target device relative to an acoustic emitter device. The system controller may also track the location of all the source well plates and target well plates, thus providing for user-defined association of any well on any source well plate with any well on any target well plate for liquid transfer.

A method and a system for obtaining a Security Shell (SSH) host key of a managed device, including: while detecting the managed device, the management station obtaining the related information of the SSH host key in a UDP transport mode. According to the present invention, the management station can obtain the SSH host key and at the same time detect the managed device. As a result, the workload of the distribution management of the host key is reduced and the speed of the host key distribution is increased.

Systems and methods are disclosed for performing operations on a host system with one or more virtual machines without persistently storing an agent or daemon thereon. In certain examples, a management server is configured to inject dependencies, such as binary data, over a network to the host system for performing a requested operation. For instance, systems and methods can establish a secure shell (SSH) port forwarding connection through which dependencies stored on the management server are injected into a service console of the host system. The injected dependencies can then be executed and/or used to perform the requested operation, such as a backup or compression operation on virtual machine data. Once the requested operation has completed, the injected binaries are preferably removed from the host system so as to conserve system resources.

A system for managing access to resources in a plurality of servers by a plurality of client computers by using an operating system independent Secure Shell (SSH) protocol running in each server and using a central policy database that centrally stores access rules which specify access to the servers for a plurality of users/accounts. Each time a target server receives a user request to establish an SSH session, it retrieves associated access rules from the central policy database to obtain the latest access rules. Based on the retrieved rules and the identity of the user and the identity of the client computer, the target server determines whether the user has permission to establish the SSH session with the target server. Using a centralized database and requiring the servers to always retrieve the latest access rules from a central database provides consistent application of the access rules across all servers and all client computers.

The invention provides an automatic server cluster detecting method and system. The method comprises steps as follows: IP addresses of all operating cluster servers are collected and saved; a first script is operated according to the collected IP addresses, and all the cluster servers are logged in without account passwords; a second script is operated, the resource use condition and the state information of all the operating cluster servers are detected, and a detecting result is filed and saved. The first script is used for logging in the cluster servers without passwords and is pre-written with an SSH (secure shell) remote login authentication method; the second script is used for detecting the operating cluster servers and is pre-written through SHELL. According to the method and the system, no server is required to be purchased alone for deployment, no third-party business software is adopted, automatic detection is used to replace manual operation, the workload of a system administrator is reduced, the working efficiency is improved, and the cost is lower.

The invention relates to a code generator based on an SSH (secure shell) architecture. The code generator comprises a flow chart lead-in module (11), a flow chart reading module (12), a rule template storage module (13) and a code generation module (14), the flow chart lead-in module (11) is used for leading a flow chart into the code generator, the flow chart reading module (12) is used for reading business rules defined by the flow chart, the rule template storage module (13) is used for storing predetermined engine rule templates, the engine rule templates are called by the code generation module, and the code generation module (14) is used for generating relevant codes according to combination of definition of roles of the flow chart and the corresponding engine rule templates. The invention further relates to a code generating method based on the SSH architecture. By the aid of the code generator and the code generating method, operability, the quality of the codes and efficiency are improved to a great extent.

An apparatus serving as a portable, lockable secure shell that prevents unauthorized physical and electrical signal access to a device enclosed within the shell. The apparatus comprises a case, a lid, a locking mechanism, cooling means, and charging means. When closed, the apparatus provides Faraday cage protection to an enclosed device to block external electronic, electromagnetic, and radio frequency signals from reaching the enclosed device, which preserves data stored in the device in its original form. In addition, the apparatus prevents clandestine access to an electronic device, which creates an obstacle to unauthorized access of information stored on the device.

Various embodiments of a method, apparatus and article of manufacture provide an automated multi-platform configuration tool for master data management systems using secure shell protocol.

Apparatus is disclosed for managing the use of storage devices on a network of computing devices, the network comprising a plurality of computing devices each running different operating systems, at least one data storage device, and a management system for controlling archival of data from the computing devices to the data storage device, the management system including a database of data previously archived; the apparatus comprising an agent running on a first computing device attached to the network, the first computing device running a first operating system, the agent being adapted to issue an instruction to a second computing device being one of the plurality of computing devices via a remote administration protocol, the second computing device running a second operating system that differs from the first operating system, and the instruction comprising a query to the database concerning data archived from computing devices running the second operating system. The remote administration protocol is preferably Secure Shell (SSH), but other protocols can be employed. A corresponding method and software agent are also disclosed. In addition, a data storage resource management system is disclosed, comprising a query agent and an analysis agent, the query agent being adapted to issue at least one query to a database of backed up or archived objects in order to elicit information relating to the objects; the analysis agent being adapted to organise the query results and display totals of objects meeting defined criteria.

A system and method for efficiently establishing a secure shell connection for accessing Web resources. A user attempts to establish a secure Hypertext Transfer Protocol (HTTP) session between a client computing device and a remote storage device. The storage device redirects the Web browser of the client computing device to a single sign-on (SSO) third-party identity provider for authorizing the user. After successful authorization, the client computing device receives information to use to maintain a secure HTTP session. This information is stored on the storage device. The user attempts to establish a text-based secure shell session. The user is not prompted for login credentials. However, the user is authenticated using the previously stored information and a text-based secure shell session is established.

The invention provides a Docker container safety management method. The Docker container safety management method comprises the following steps: an SSHD (Solid State Hybrid Drive) service is installedin a Docker mirror; a container publishing module transmits container information of a creating container to a server information module; the server information module transmits the container information to an operation-maintenance safety audit module through an API (Application Programmable Interface); an authorization management module acquires operation permission information of the containerset by a user, and transmits the operation permission information to the operation-maintenance safety audit module; and the operation-maintenance safety audit module acquires a container access request of the user, performs login verification according to the operation permission information, is connected with the container through an SSH (Secure Shell) protocol if the verification is passed, so that the user logs in the container through the operation-maintenance safety audit module, and the operation-maintenance safety audit module denies the container access request of the user if the verification fails. Container authorization, safety control of login and operation audit are all finished by the operation-maintenance safety audit module, so that the safety of the container in a using process is ensured fully.

The invention relates to an SSH (Secure Shell) protocol behavior pattern recognition and alarm method based on the total traffic of a bypass network. User network traffic is received through switch bypass mirroring, TCP (Transmission Control Protocol) traffic is separated out, and the key features of SSH protocol traffic are extracted for behavior judgment. The behavior pattern of the traffic dataof each SSH protocol is judged according to the key feature information, the SSH protocol data is aggregated according to the source address and the destination address, and the overall communicationbehavior pattern of the current source address and destination address is considered and judged according to the behavior pattern of each piece of traffic data. Different patterns correspond to different alarm information, and the same type of alarms has different alarm levels. The invention provides an SSH protocol behavior pattern recognition and alarm method based on the total traffic of a bypass network, which has the advantages of simple acquisition of basic data, avoidance of the tedious traditional identification, wide application range, fast and simple identification and judgment andhigh accuracy.

The invention discloses a secure access logic control method based on a terminal access behavior and a secure access platform server. A logic control module of the terminal access behavior is arranged at a secure access platform server terminal; information, such as terminal access authority, scene judging parameters, a dot matrix area command comparison table and the like is configured; each data package of terminal access intranet resource is redirected into an agent program which corresponds to the logic control module; and the logic control module identifies the terminal access behavior in various modes to control forwarding or discard. The method of the invention executes classification and identification of character commands, such as FTP (File Transfer Protocol), TELNET, SSH (Secure Shell) and the like, RDF (Resource Description Framework) graphical interface operation and user free interface system operation for the terminal access behavior on the secure access platform server terminal, and judges whether the execution is permitted or not according to identified commands and user authority logic control, so that the difficulty of resource management is simplified, the repeated authentication of each system is avoided; and the identification and the logic control of the character commands, the graphical interface operation and the like are solved.