公开(公告)号：BRPI0811365A2

公开(公告)日：2015-06-16

申请号：BRPI0811365

申请日：2008-05-27

Applicant: IBM

Inventor： KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN ,  MURILLO JESSICA CAROL ,  SHIEH JOHNNY MENG-HAN

公开(公告)号：AT549688T

公开(公告)日：2012-03-15

申请号：AT07727987

申请日：2007-04-11

Applicant: IBM

Inventor： MULLEN SHAWN ,  SHANKAR RAVI ,  CELIKKAN UFUK ,  CONKLIN WILLIAM

IPC: G06F21/24 ,  H04L9/00

Abstract: Mechanisms for providing an encrypted file system are provided. The mechanisms use a combination of encryption methodologies so as to reduce the amount of decryption and re-encryption that is necessary to a file in the Encrypted File System in the event that the file needs to be modified. The encryption methodologies are interleaved, or alternated, with regard to each block of plaintext. In one illustrative embodiment, Plaintext Block Chaining (PBC) and Cipher Block Chaining (CBC) encryption methodologies are alternated for encrypting a sequence of blocks of data. The encryption of a block of plaintext is dependent upon the plaintext or a cipher generated for the plaintext of a previous block of data in the sequence of blocks of data so that the encryption is more secure than known Electronic Code Book encryption methodologies.

公开(公告)号：AT488945T

公开(公告)日：2010-12-15

申请号：AT08736291

申请日：2008-04-16

Applicant: IBM

Inventor： KEOHANE SUSANN ,  MCBREARTY GERALD ,  MULLEN SHAWN ,  MURILLO JESSICA ,  SHIEH JOHNNY

IPC: H04L29/06 ,  H04L12/22

Abstract: A computer implemented method, apparatus, and computer program product for port scan protection. A reply data packet having a modified transmission control protocol header is generated to form a modified reply data packet, in response to detecting a port scan. The modified reply data packet will elicit a response from a recipient of the modified data packet. The reply data packet is sent to a first Internet protocol address associated with the port scan. A second Internet protocol address is identified from a header of the response to the modified reply data packet. The second Internet protocol address is an actual Internet protocol address of a source of the port scan. All network traffic from the second Internet protocol address may be blocked to prevent an attack on any open ports from the source of the port scan.

公开(公告)号：AT434327T

公开(公告)日：2009-07-15

申请号：AT02703728

申请日：2002-03-04

Applicant: IBM

Inventor： MULLEN SHAWN ,  VENKATARAMAN GUHA PRASAD

IPC: H04L9/16 ,  H04L29/06 ,  H04L9/32

Abstract: Encryption is provided in wireless personal palm type computer devices for Internet transmitted documents despite the limited data processing and memory functions in such devices. The palm type device initially encrypts only a portion of a text document which is then wirelessly transmitted to the server computer which normally functions as the Web server, i.e. the server through which Web computer terminals are wired or connected into the Web. This Web server then further encrypts the received text document and then further transmits this further encrypted document to a terminal in said network. Preferably, the further encryption in the server involves two steps: decrypting the lower level encryption (necessitated by the limited CPU and memory resources in the palm device) to restore the text document at the server before the server may then re-encrypt the whole document using a higher level conventional 128 bit Web encryption protocols such as SSL.