A method for connecting an application to a resource by a command, the application being provided for configuring the resource by connecting to the resource by means of a program and configuration parameters, the program implementing a client side of a communication protocol, the method comprising the steps of executing the command when the program is called by the application, the command being interposed between the application and the program; receiving authentication data for accessing the resource, by querying a vault, on the basis of configuration parameters; establishing a connection between the command and the resource by executing the program, into which the authentication data for accessing the resource are input and the configuration parameters retrieved; and establishing a direct connection between the application and the resource.
09 - Appareils et instruments scientifiques et électriques
38 - Services de télécommunications
41 - Éducation, divertissements, activités sportives et culturelles
42 - Services scientifiques, technologiques et industriels, recherche et conception
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
Software; computer software; software for provision of
security on networks, the Internet, extranet and computers;
software for provision of security concerning online
transactions; software for provision of online identity
protection, privacy control and parental control; software
to prevent, diagnose, computer problems; software for
provision of intrusion detection and prevention; software
for scanning, detecting, and removing viruses, spam, adware,
spyware and other malware; antivirus, antispam, firewall
software for computers, filtering tools; software for use in
monitoring and controlling computer and online activity;
software for protection against fraud; computer software and
downloadable software, namely, utility software; open source
software packages; software for certifying registration and
data storage in the field of computer security; software
for automating processes for archiving physical and/or
electronic data; software for logging and/or traceability
in the field of transmitting, securing and archiving of
physical and/or electronic data; software for securing
and/or cryptography of physical and/or electronic data;
manual and/or automatic indexing software; software for
displaying multi-format secure files; search engine
software; Apparatus for recording, transmitting and
reproducing text, sound or images; digital, magnetic and
optical recording media; digital, magnetic and optical data
media; apparatus for recording the time (timestamping);
computer programs; apparatus and instruments for recording,
storing, processing, analyzing, transmitting, distributing
and/or displaying data; security solutions, namely, computer
software and programs for managing computer access to
resources; computer programs for accessing computer
networks, wireless networks and the Internet; computer
terminals; data terminals. Providing access to databases, namely, provision of access
to databases. Education; training; entertainment; organization of
competitions (education or entertainment); organization and
conducting of colloquiums, conferences, congresses;
organization of exhibitions for cultural or educational
purposes. Computer security consultancy; computer support in the
field of computer security and data security; engineering
and technical support services for software and security;
computer diagnostic services; computer data recovery;
technical support services, namely, troubleshooting of
computer software and hardware problems; software
installation services; programming for computers; computer
network services; Internet security services, namely,
security services for computer networks, computer access and
computerized transactions; technical advice in relation to
software installation and maintenance; consulting services
in the field of design, selection, implementation and use of
computer apparatus and computer systems; design,
elaboration, installation, development, updating, servicing
and maintenance of software, software packages,
applications, computer programs, hosted and/or operated
services (SaaS), online databases and platforms; provision
of information in the field of network and Internet
security; expertise, expertise in industrializing free
software and open source development; online technical
support in the field of computers, software and computer
systems; computer security services, namely, computer
network security services, computer access and computerized
transactions; controlling the computer systems of others
for technical purposes; project studies in the field of
computer security; risk and prevention studies in the field
of computer security; setting up and managing technical
support procedures for events regarding software, databases,
computers and computer security; implementing platforms for
the deployment of secure remote systems and architectures;
provision of information in the field of computer and online
security services, via computer networks, wireless networks
and the Internet; controlling computer systems for security
purposes; provision of computer threat management systems,
namely, monitoring and tracking vulnerability and
security-related problems in software products, on the
Internet, and on computer networks; designing computer
systems and software architecture; computer programming
services; maintenance of database software; monitoring of
computer systems for the detection of unauthorized access or
data protection breaches; electronic data storage; online
data storage; software as a service [SaaS]; control
software design for self-service terminals. Identity theft protection services, namely, fraud prevention
in the nature of controlling personal and financial
information; licensing of computer software and programs;
security services for the protection of identities,
terminals, infrastructures, servers (computer hardware) for
others; identity screening services.
3.
Method and device for detecting compromise of a target by a side attack
A method for detecting a side attack of a target by a user comprising a step of recording data relating to a so-called sensitive file, the sensitive file being a configuration file of the target; a step of primary connection of the user on a proxy gateway to establish a secondary connection of the proxy gateway on the target; a step of verification of the integrity of the sensitive file, subsequently to the step of secondary connection of the proxy gateway on the target and when the integrity of the sensitive tile is determined as compromised by the step of verification of the integrity of the sensitive file, and a step of detection of a side attack of the target by the user.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
A method for automatically supplying a secure connection proxy with remote targets on the basis of privileged account data, includes a step of exploring, by a robot program, at least one domain for identifying the privileged accounts; a step of filtering the privileged accounts on the basis of criteria; steps of extracting characteristics from identified privileged accounts; and a step of supplying the proxy with the gathered data.
09 - Appareils et instruments scientifiques et électriques
41 - Éducation, divertissements, activités sportives et culturelles
42 - Services scientifiques, technologiques et industriels, recherche et conception
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
Providing access to databases, namely, provision of access to databases downloadable and recorded access security and authorization software for authorizing access to databases; downloadable and recorded computer access security and authorization software for authorizing access to databases; downloadable and recorded software for provision of security on networks, the Internet, extranet and computers; downloadable and recorded software for provision of security concerning online transactions; downloadable and recorded software for provision of online identity protection, privacy control and parental control; downloadable and recorded software to prevent and diagnose computer problems; downloadable and recorded software for provision of intrusion detection and prevention; downloadable and recorded software for scanning, detecting, and removing viruses, spam, adware, spyware and other malware; downloadable and recorded antivirus, antispam, and firewall software for computers incorporating filtering software; downloadable and recorded software for use in monitoring and controlling computer and online activity; downloadable and recorded software for protection against fraud; recorded computer software and downloadable software, namely, utility software; open source software packages, namely, downloadable and recorded open source computer software for authorizing access to databases; downloadable and recorded software for certifying registration and data storage in the field of computer security; downloadable and recorded software for automating processes for archiving physical and electronic data; downloadable and recorded software for logging and traceability in the field of transmitting, securing and archiving of physical and electronic data; downloadable and recorded software for securing and cryptography of physical and electronic data; manual and automatic downloadable and recorded indexing software; downloadable and recorded software for displaying multi-format secure files; downloadable and recorded search engine software; Apparatus for recording, transmitting and reproducing text, sound or images; digital, magnetic and optical recording media, namely, blank data carriers and digital storage media; digital, magnetic and optical data media, namely, blank data carriers and digital storage media; apparatus for recording the time, namely, time clocks for timestamping; downloadable and recorded computer programs for authorizing access to databases; apparatus and instruments for recording, storing, processing, analyzing, transmitting, distributing and displaying data, namely, blank digital storage media, digital displays, data processors; security solutions, namely, downloadable and recorded computer software and programs for managing computer access to resources; downloadable and recorded computer programs for accessing computer networks, wireless networks and the Internet; computer terminals; mobile data terminals Education, namely, providing courses of instruction in the field of computer security; training in the use and operation of computer security hardware and software; entertainment, namely, organizing and arranging exhibitions for entertainment purposes; organization of competitions, namely, online competitions in the field of entertainment and computer security; organization and conducting of colloquiums, conferences for educational or entertainment purposes, and congresses in the field of computer security; organization of exhibitions for cultural or educational purposes Computer security consultancy; computer technology support in the field of computer security and data security, namely, help desk services; engineering and technical support services for software and security, namely, troubleshooting of computer software problems; computer diagnostic services; computer data recovery; technical support services, namely, troubleshooting in the nature of diagnosing computer software and hardware problems; software installation services; programming for computers; computer network configuration services; Internet security services, namely, security services for restricting unauthorized access to computer networks, computer systems and computerized transactions; technical advice in relation to software installation and maintenance; consulting services in the field of design, selection, implementation and use of computer apparatus and computer systems; design, elaboration, installation, development, updating, servicing and maintenance of software, software packages comprising computer software programs, applications, computer programs, hosted and/or operated services (SaaS), online databases and computer platforms; provision of technology information in the field of network and Internet security; expertise in the nature of computer software consulting and advisory regarding industrializing free software and open source development; online technical support in the field of computers, software and computer systems, namely, providing online security threat analysis for protecting data; computer security services, namely, computer network security services for enforcing, restricting and controlling computer access privileges of users of computer networks and encrypting data for computerized transactions; controlling the computer systems of others for technical purposes, namely, remote management of information technology systems of others; project studies being research in the field of computer security; risk and prevention studies being research in the field of computer security; setting up and managing technical support procedures for events regarding software, databases, computers and computer security, namely, infrastructure management services for establishing and administering computer disaster recovery plans; implementing computer platforms for the deployment of secure remote technology systems and architectures; provision of technology information in the field of computer and online security services, via computer networks, wireless networks and the Internet; controlling access privileges of users of computer systems for security purposes; provision of computer threat management systems, namely, computer security threat analysis for protecting data provided by means of monitoring and tracking vulnerability and security-related problems in software products, on the Internet, and on computer networks; designing computer systems and software architecture; computer programming services; maintenance of database software; monitoring of computer systems for the detection of unauthorized access or data protection breaches; electronic data storage; online data storage; software as a service (SaaS) featuring software for encrypting data and assigning credentials, featuring software for provision of identity and access security on networks, the Internet, extranet and computers, data security, data analytics ; control software design for self-service terminals licensing of computer software and programs; security services for monitoring of security alarm systems for the protection of identities, terminals, infrastructures, and computer servers for others; identity screening services, namely, providing background investigations
09 - Appareils et instruments scientifiques et électriques
38 - Services de télécommunications
41 - Éducation, divertissements, activités sportives et culturelles
42 - Services scientifiques, technologiques et industriels, recherche et conception
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
(1) Logiciels pour autoriser l'accès à des bases de données; logiciels pour la fourniture de sécurité sur les réseaux, l'Internet, l'Extranet et les ordinateurs; logiciels pour la fourniture de sécurité concernant les transactions en ligne; logiciels pour la fourniture en ligne de protection d'identité, de contrôle de la vie privée, et de contrôle parental; logiciels pour empêcher, diagnostiquer, des problèmes informatiques; logiciels de sécurité informatique pour la détection et la prévention des intrusions de virus; logiciels pour le scannage, la détection, et l'élimination de virus, de spams, de messages publicitaires, de logiciels espions, et autres programmes malveillants; logiciels antivirus, antispams, logiciels pare-feu pour ordinateurs [firewall], logiciel de filtrage de courrier électronique; logiciels destinés à la surveillance et au contrôle de l'activité sur ordinateur et en ligne; logiciel de protection contre la fraude, nommément logiciels de protection de la vie privée et des renseignements confidentiels ; logiciels informatiques et logiciels téléchargeables, à savoir, logiciels utilitaires pour la réalisation de diagnostics de systèmes informatiques; logiciels open source packagés, nommément logiciels à code source ouvert pour autoriser l'accès à des bases de données; logiciels de certification d'enregistrement et de stockage de données dans le domaine de la sécurité informatiques; logiciels d'automatisation des processus d'archivage de données physiques et électroniques; logiciels permettant le suivi de la transmission, de la sécurisation, et de l'archivage de données physiques et électroniques; logiciels pour la sécurité des données physiques et électroniques; logiciels informatiques pour la gestion de la sécurité cryptographique des transmissions électroniques à travers les réseaux informatiques; logiciels d'indexation manuelle et automatique, nommément programmes de service d'archivage de fichiers; logiciels de visualisation sécurisée de fichiers multi-formats pour la protection d'identité, le contrôle de la vie privée, et le contrôle parental; moteurs de recherche en tant que logiciels; appareils pour l'enregistrement, la transmission, la reproduction du texte, du son, et des images, nommément moniteurs informatiques, imprimantes d'ordinateurs et imprimantes photo, scanneurs informatiques, télécopieurs, écouteurs et casques d'écoute, projecteurs multimédias, haut-parleurs, automates d'appels, processeurs de signaux, processeurs vidéo, processeurs de sons, processeurs de signaux par satellites, récepteurs audiovisuels, transformateurs audiovisuels, caméras vidéo, lecteurs de disques compacts, écrans d'ordinateurs, écrans d'ordinateurs tactiles, écrans de projection, enceintes d'ambiance de cinéma maison, terminaux a écran; supports d'enregistrement numériques, magnétiques, optiques, nommément disques magnétiques vierges, disques compacts vierges, clés USB vierges, cartes mémoires flash vierges; supports de données numériques, magnétiques, optiques, nommément disques magnétiques, disques compacts, clés USB et cartes mémoires flash préenregistrées contenant de l'information dans le domaine de la protection d'identité, du contrôle de la vie privée, et du contrôle parental ; appareils pour l'enregistrement de temps (horodatage), nommément horloges de pointage; programmes informatiques pour autoriser l'accès à des bases de données, pour la fourniture de sécurité sur les réseaux, sur l'Internet, sur l'Extranet et sur les ordinateurs, pour la fourniture de sécurité concernant les transactions en ligne, pour la fourniture en ligne de protection d'identité, de contrôle de la vie privée, et de contrôle parental, pour empêcher et diagnostiquer des problèmes informatiques, pour la détection et la prévention des intrusions de virus, pour le scannage, la détection, et l'élimination de virus, de spams, de messages publicitaires, de logiciels espions, et autres programmes malveillants, pour le filtrage de courrier électronique, pour la surveillance et le contrôle de l'activité sur ordinateur et en ligne, pour la protection de la vie privée et des renseignements confidentiels, pour la réalisation de diagnostics de systèmes informatiques, pour la certification d'enregistrement et de stockage de données dans le domaine de la sécurité informatiques, pour l'automatisation des processus d'archivage de données physiques et électroniques, pour le suivi de la transmission, de la sécurisation, et de l'archivage de données physiques et électroniques, pour la sécurité des données physiques et électroniques, pour la gestion de la sécurité cryptographique des transmissions électroniques à travers les réseaux informatiques, pour l'archivage de fichiers et pour la visualisation sécurisée de fichiers multi-formats pour la protection d'identité, le contrôle de la vie privée, et le contrôle parental; appareils et instruments pour enregistrer, stocker, traiter, analyser, transmettre, distribuer et afficher des données, nommément matériel informatique, ordinateurs, serveurs informatiques, unités centrales de traitement, puces d'ordinateurs , cartes d'interface ordinateurs, cartes mères et cartes filles , matériel de réseau pour serveurs d'accès a des réseaux, matériel informatique pour serveurs de stockage en réseau [NAS], tablettes électroniques, stations d'accueil pour ordinateurs portables, cartes interface informatiques, cartes graphiques pour ordinateurs ; solutions de sécurité, à savoir logiciels et programmes informatiques de gestion des accès informatiques aux ressources; programmes informatiques d'accès à des réseaux informatiques, à des réseaux sans fil et à l'Internet; terminaux informatiques à écran; terminaux de données mobiles (MDT). (1) Mise à disposition d'accès à des bases de données, à savoir fourniture d'accès à des bases de données.
(2) Éducation, nommément organisation et tenue de cours dans le domaine de la sécurité informatique; formation, nommément formation à la gestion des risques en matière de cybersécurité et à l'utilisation de logiciels et de matériel pour la sécurité informatique ; divertissement, nommément organisation d'expositions dans le domaine de la sécurité informatique à des fins de divertissement; organisation de concours dans le domaine de la sécurité informatique ; organisation et conduite de colloques, de conférences, de congrès éducatifs dans le domaine de la sécurité informatique; organisation d'expositions à buts culturels et éducatifs dans le domaine de la sécurité informatique.
(3) Consultation en matière de sécurité informatique; assistance informatique dans le domaine de la sécurité informatique et sécurité des données; services d'assistance technique et d'ingénierie pour les logiciels et la sécurité informatique; services de diagnostic de problèmes de matériel et logiciels informatiques; récupération de données informatiques; services de support technique, à savoir résolution de problèmes logiciels et de matériel informatique; services d'installation de logiciels; programmation pour ordinateurs; services de réseaux informatiques, nommément administration de droits d'utilisateurs sur des réseaux informatiques, conception et développement de réseaux informatiques pour le compte de tiers, configuration de réseaux informatiques ; services de sécurité sur Internet, à savoir services de sécurité pour réseaux informatiques, accès informatiques et transactions informatisées; conseils techniques en matière d'installation et d'entretien de logiciels; conseils en matière de conception, de sélection, de mise en service et d'utilisation d'appareils informatiques et de systèmes informatiques; conception, élaboration, installation, développement, mise à jour, entretien et maintenance de logiciels, de progiciels, d'applications, de programmes informatiques hébergés localement et opérés (SaaS), de bases de données et de plateformes en ligne dans le domaine de la cybersécurité; fourniture d'informations dans le domaine de la sécurité sur des réseaux et l'Internet; expertise, nommément conseils et consultation dans le domaine de l'optimisation de solutions de cybersécurité à base de logiciels libres et le développement à partir de logiciels à code source ouvert; support technique en ligne dans le domaine des ordinateurs, des logiciels et des systèmes informatiques, nommément diagnostic de problèmes de matériel informatique et de logiciels, détection et diagnostic des intrusions de virus; services de sécurité informatique, à savoir services de sécurité pour réseaux informatiques, accès informatiques et transactions informatisées; services de contrôle de systèmes informatiques de tiers à des fins techniques; études de projets dans le domaine de la sécurité informatique; études relatives aux risques et à la prévention dans le domaine de la sécurité informatique; mise en place et gestion de procédures d'assistance technique pour les évènements affectant les logiciels, les bases de données, les ordinateurs et la sécurité informatique; mise en place de plateformes en tant que service (PaaS) pour le déploiement à distance de systèmes informatiques et d'architectures logicielles; fourniture d'informations dans le domaine des services de sécurité informatique et en ligne, via des réseaux informatiques, des réseaux sans fil et l'Internet; contrôle de systèmes informatiques à des fins de sécurité; fourniture de systèmes de gestion de menaces informatiques, à savoir surveillance et suivi de la vulnérabilité et des problèmes liés à la sécurité dans des produits logiciels, sur l'Internet, et sur des réseaux informatiques; conception de systèmes informatiques et d'architecture logicielle; services de programmation informatique; maintenance de logiciels de bases de données; surveillance de systèmes informatiques pour la détection d'accès non autorisés ou d'atteintes à la protection de données; stockage électronique de données pour l'archivage sécurisé de documents personnels et confidentiels; stockage de données en ligne, nommément fournisseur d'informatique en nuage pour le stockage de données; logiciel-service [SaaS] pour autoriser l'accès à des bases de données, pour la fourniture de sécurité sur les réseaux, sur l'Internet, sur l'Extranet et sur les ordinateurs, pour la fourniture de sécurité concernant les transactions en ligne, pour la fourniture en ligne de protection d'identité, de contrôle de la vie privée, et de contrôle parental, pour empêcher et diagnostiquer des problèmes informatiques, pour la détection et la prévention des intrusions de virus, pour le scannage, la détection, et l'élimination de virus, de spams, de messages publicitaires, de logiciels espions, et autres programmes malveillants, pour le filtrage de courrier électronique, pour la surveillance et le contrôle de l'activité sur ordinateur et en ligne, pour la protection de la vie privée et des renseignements confidentiels, pour la réalisation de diagnostics de systèmes informatiques, pour la certification d'enregistrement et de stockage de données dans le domaine de la sécurité informatiques, pour l'automatisation des processus d'archivage de données physiques et électroniques, pour le suivi de la transmission, de la sécurisation, et de l'archivage de données physiques et électroniques, pour la sécurité des données physiques et électroniques, pour la gestion de la sécurité cryptographique des transmissions électroniques à travers les réseaux informatiques, pour l'archivage de fichiers et pour la visualisation sécurisée de fichiers multi-formats pour la protection d'identité, le contrôle de la vie privée, et le contrôle parental; conception de logiciels de contrôle pour terminaux libre-service.
(4) Services de protection contre le vol d'identité, à savoir prévention des fraudes sous forme du contrôle des informations personnelles et financières; octroi de licences de logiciels et de programmes informatiques; service de sécurité pour le compte d'autrui pour la protection contre le vol d'identité et pour la protection de biens matériels, nommément des terminaux, des infrastructures, et des serveurs (matériel informatique); services de vérification d'identité, nommément authentification de renseignements individuels sur l'identité.
7.
Integration of a standard network protocol layer in a web browser by compilation to webassembly and use of a websocket
A standard network protocol layer is integrated in a Web browser by compilation to Webassembly and use of a Websocket. A method for connecting a local client device to a remote computing resource, by establishing a computing session in accordance with a standard protocol includes: executing on the client device a Web browsing application; opening a first tunnel (websocket) with a server GATEWAY, wherein the opening of the first tunnel between the client device and the GATEWAY commands the opening of a network connection with the remote resource. The Web application executed on the local client calculates data packets in accordance with a standard protocol (RDP or SSH for example) and commands the transmission of the data packets to the remote resource in the native format of the protocol, without transcoding or transformation other than the standard processing of websockets, by way of the server gateway (Proxy websocket) ensuring the transfer without modification of the packet received from the client device, to the remote server.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
H04L 12/66 - Dispositions pour la connexion entre des réseaux ayant différents types de systèmes de commutation, p. ex. passerelles
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
H04L 69/16 - Implémentation ou adaptation du protocole Internet [IP], du protocole de contrôle de transmission [TCP] ou du protocole datagramme utilisateur [UDP]
H04L 67/08 - Protocoles spécialement adaptés à l'émulation du terminal, p. ex. Telnet
8.
Method and device for displaying, on a local terminal, an application executed on a remote server by means of a remote office protocol
A method for displaying a graphic object, which is generated by a remote server in a local window, which is displayed on a display device, the local terminal communicating with the server via a proxy gateway for the remote office protocol, the gateway establishing a connection between the terminal and the server, the connection comprising a primary connection, which is established between the local terminal and the proxy gateway of the remote application type, and a secondary connection, which is established between the proxy gateway and the remote server, comprises a step of detecting the type of secondary connection and a step, carried out by the proxy gateway, of converting data, which are from the remote server, and which relate to a local window of the office type, into data, which are intended for the local terminal and which relate to a local window of the application type.
G06F 3/0481 - Techniques d’interaction fondées sur les interfaces utilisateur graphiques [GUI] fondées sur des propriétés spécifiques de l’objet d’interaction affiché ou sur un environnement basé sur les métaphores, p. ex. interaction avec des éléments du bureau telles les fenêtres ou les icônes, ou avec l’aide d’un curseur changeant de comportement ou d’aspect
G06F 9/451 - Dispositions d’exécution pour interfaces utilisateur
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
9.
METHOD FOR CONNECTING A COMPUTER APPLICATION TO A SECURE COMPUTER RESOURCE
The invention relates to a method for connecting an application (A) to a resource (D) by a command (B), the application being provided for configuring the resource by connecting to the resource by means of a program (F) and configuration parameters, the program implementing a client side of a communication protocol, the method comprising the steps of executing the command when the program is called by said application, the command being interposed between the application and the program; receiving authentication data for accessing the resource, by querying a vault (C), on the basis of configuration parameters; establishing a connection between the command and the resource by executing the program, into which the authentication data for accessing the resource are input and the configuration parameters retrieved; establishing a direct connection between the application and the resource.
The invention relates to a method for connecting an application (A) to a resource (D) by a command (B), the application being provided for configuring the resource by connecting to the resource by means of a program (F) and configuration parameters, the program implementing a client side of a communication protocol, the method comprising the steps of executing the command when the program is called by said application, the command being interposed between the application and the program; receiving authentication data for accessing the resource, by querying a vault (C), on the basis of configuration parameters; establishing a connection between the command and the resource by executing the program, into which the authentication data for accessing the resource are input and the configuration parameters retrieved; establishing a direct connection between the application and the resource.
H04L 67/08 - Protocoles spécialement adaptés à l'émulation du terminal, p. ex. Telnet
H04L 67/125 - Protocoles spécialement adaptés aux environnements propriétaires ou de mise en réseau pour un usage spécial, p. ex. les réseaux médicaux, les réseaux de capteurs, les réseaux dans les véhicules ou les réseaux de mesure à distance en impliquant la commande des applications des terminaux par un réseau
11.
Method for accessing a secure computer resource by a computer application
A method for accessing a secure computer resource by a computer application having no human-machine interaction for inputting authentication information comprises: a) a first initialization step comprising the creation of a temporary cryptographic key consisting of applying a cryptographic process to a plurality of information that is invariant over time and of encrypting, using the thus calculated key, authentication data of an account authorized to access a vault with passwords and b) steps for automatic access by the application to the secure computer resource consisting of creating a temporary cryptographic key consisting of applying a cryptographic process to the plurality of information that is invariant over time, reading the credentials file created during the initialization step and decrypting the credentials file with the temporary cryptographic key calculated in the preceding step, then transferring, to the calling application, the data coming from the computer resource.
H04L 9/00 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité
G06F 21/44 - Authentification de programme ou de dispositif
G06F 21/53 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade de l’exécution du programme, p. ex. intégrité de la pile, débordement de tampon ou prévention d'effacement involontaire de données par exécution dans un environnement restreint, p. ex. "boîte à sable" ou machine virtuelle sécurisée
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
12.
METHOD AND DEVICE FOR DETECTING COMPROMISE OF A TARGET BY A SIDE ATTACK
Method for detecting a side attack of a target (3) by a user comprising a step of recording (E) data relating to a so-called sensitive file, said sensitive file being a configuration file of the target; a step of primary connection (C1) of the user on an agent gateway (2) to establish a secondary connection (C2) of the agent gateway on the target; a step of verification (C) of the integrity of the sensitive file, subsequently to the step of secondary connection of the agent gateway on the target and when the integrity of the sensitive file is determined as compromised by the step of verification of the integrity of the sensitive file, a step of detection (D) of a side attack of the target by the user.
A method for information retrieval in an encrypted corpus stored on a server, from a digital request calculated on a customer device, containing a sequence of terms, includes the following steps: encryption of the request on a customer computer device and transmission of same to a database management server; and homomorphic calculation, on the server, of the encrypted response to the encrypted request recorded on the server. The method further comprises an additional requesting step performed on the customer device; and presentation of the result in an ordered form of the documents, in application of the processing of the previous step. The present disclosure also relates to a method for preparing a requestable base and to a method for information retrieval in an encrypted corpus.
Method for detecting a side attack of a target (3) by a user comprising a step of recording (E) data relating to a so-called sensitive file, said sensitive file being a configuration file of the target; a step of primary connection (C1) of the user on an agent gateway (2) to establish a secondary connection (C2) of the agent gateway on the target; a step of verification (C) of the integrity of the sensitive file, subsequently to the step of secondary connection of the agent gateway on the target and when the integrity of the sensitive file is determined as compromised by the step of verification of the integrity of the sensitive file, a step of detection (D) of a side attack of the target by the user.
A method for end-to-end transmission of a piece of encrypted digital information includes the following steps: selection, on the computer equipment of the transmitter, of a piece of digital information and a digital identifier of the recipient; temporary encryption of the piece of digital information by execution of a local encryption application on the computer equipment with the private key of the sender; decryption of the piece of information on the equipment of the sender and encryption of the piece of information with the public key of the recipient; transmission to the recipient, by the computer equipment, from the sender, of the piece of digital information encrypted with the public key of the sender, optionally by the intermediary of the transactional platform; and decryption by the computer equipment of the recipient of the piece of information with the public key of the sender.
The invention relates to a method for displaying a graphic object which is generated by a remote server (2041, 2042) in a local window which is displayed on a display device, the local terminal communicating with the server via a proxy gateway (206) for the remote office protocol, the gateway establishing a connection (2061, 2062) between the terminal and the server, the connection comprising a primary connection (2061p) which is established between the local terminal and the proxy gateway of the remote application type, and a secondary connection (2061s, 2062s) which is established between the proxy gateway and the remote server, comprising a step (E1) of detecting the type of secondary connection and a step (E3), carried out by the proxy gateway, of converting data which are from the remote server, and which relate to a local window of the office type, into data which are intended for the local terminal and which relate to a local window of the application type.
The invention relates to a method for displaying a graphic object which is generated by a remote server (2041, 2042) in a local window which is displayed on a display device, the local terminal communicating with the server via a proxy gateway (206) for the remote office protocol, the gateway establishing a connection (2061, 2062) between the terminal and the server, the connection comprising a primary connection (2061p) which is established between the local terminal and the proxy gateway of the remote application type, and a secondary connection (2061s, 2062s) which is established between the proxy gateway and the remote server, comprising a step (E1) of detecting the type of secondary connection and a step (E3), carried out by the proxy gateway, of converting data which are from the remote server, and which relate to a local window of the office type, into data which are intended for the local terminal and which relate to a local window of the application type.
09 - Appareils et instruments scientifiques et électriques
16 - Papier, carton et produits en ces matières
35 - Publicité; Affaires commerciales
42 - Services scientifiques, technologiques et industriels, recherche et conception
Produits et services
Safety tokens [encryption devices]; privacy protection
software; interactive software for computers for the
exchange of information; software for commercial use;
application software for cloud computing services; computer
application software; computer software for keeping email
secure; security software; downloadable security software;
software for encryption; downloadable software from global
computer networks; downloadable cloud software;
downloadable software for data transmission. Computer software manuals; computer software manuals. Wholesale services for computer software; advertising;
presentation of goods on all communication media, for retail
sale; document reproduction. Data encryption services; software development; software
development (design); updating of software; software as a
service (SaaS).
19.
METHOD FOR ACCESSING A SECURE COMPUTER RESOURCE BY A COMPUTER APPLICATION
The present invention concerns a method for accessing a secure computer resource (3) by a computer application (1) having no human-machine interaction for inputting authentication information, comprising: a) a first initialisation step comprising the creation of a temporary cryptographic key consisting of applying a cryptographic process to a plurality of information that is invariant over time and of encrypting, using the thus calculated key, authentication data of an account authorised to access a vault with passwords and b) steps for automatic access by said application to said secure computer resource consisting of creating a temporary cryptographic key consisting of applying a cryptographic process to said plurality of information that is invariant over time, reading the credentials file created during the initialisation step and decrypting said credentials file with said temporary cryptographic key calculated in the preceding step, then transferring, to the calling application, the data coming from said computer resource.
The present invention concerns a method for accessing a secure computer resource (3) by a computer application (1) having no human-machine interaction for inputting authentication information, comprising: a) a first initialisation step comprising the creation of a temporary cryptographic key consisting of applying a cryptographic process to a plurality of information that is invariant over time and of encrypting, using the thus calculated key, authentication data of an account authorised to access a vault with passwords and b) steps for automatic access by said application to said secure computer resource consisting of creating a temporary cryptographic key consisting of applying a cryptographic process to said plurality of information that is invariant over time, reading the credentials file created during the initialisation step and decrypting said credentials file with said temporary cryptographic key calculated in the preceding step, then transferring, to the calling application, the data coming from said computer resource.
The application relates to a method for secure connection from a client computer device to a target computer resource comprising a server, comprising the following steps: the emission of a session-opening request by an application installed on the client station, leading to the creation of a primary session between the client station and the proxy gateway, the request containing either the identifier of the target server or the identifier of the target application; and the opening of a session between the proxy gateway and the server. The request-emission step is implemented by the prior opening of a primary session [RDP] between the client station and the proxy gateway by the transmission of a message containing the identifier of the target server or the identifier of the target application.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 16/955 - Recherche dans le Web utilisant des identifiants d’information, p. ex. des localisateurs uniformisés de ressources [uniform resource locators - URL]
22.
METHOD FOR INFORMATION RETRIEVAL IN AN ENCRYPTED CORPUS STORED ON A SERVER
The invention relates to a method for information retrieval in an encrypted corpus stored on a server, from a digital request calculated on a customer device, containing a sequence of terms, said method comprising the following steps: encryption of said request (20) on a customer computer device (1) and transmission of same to a database (3) management server (1); and homomorphic calculation, on the server, of the encrypted response (41) to the encrypted request (40) recorded on the server (2), characterised in that it comprises an additional requesting step performed on the customer device (1), for adding said identifiers of the data contained in said encrypted response (50) and in the index df_A (13) recorded on the customer device (1); and presentation of the result in an ordered form of the documents, in application of the processing of the previous step. The invention also relates to a method for preparing a requestable base and to a method for information retrieval in an encrypted corpus.
The invention relates to a method for information retrieval in an encrypted corpus stored on a server, from a digital request calculated on a customer device, containing a sequence of terms, said method comprising the following steps: encryption of said request (20) on a customer computer device (1) and transmission of same to a database (3) management server (1); and homomorphic calculation, on the server, of the encrypted response (41) to the encrypted request (40) recorded on the server (2), characterised in that it comprises an additional requesting step performed on the customer device (1), for adding said identifiers of the data contained in said encrypted response (50) and in the index df_A (13) recorded on the customer device (1); and presentation of the result in an ordered form of the documents, in application of the processing of the previous step. The invention also relates to a method for preparing a requestable base and to a method for information retrieval in an encrypted corpus.
The present invention concerns a method for end-to-end transmission of a piece of encrypted digital information, comprising the following steps: selection, on the computer equipment (1, 11) of the transmitter, of a piece of digital information and a digital identifier of the recipient temporary encryption of said piece of digital information by execution of a local encryption application on the computer equipment (1, 11) with the private key of the sender decryption of said piece of information on the equipment (1, 11) of the sender and encryption of said piece of information with the public key of the recipient transmission to the recipient, by the computer equipment (1, 11), from the sender, of the piece of digital information encrypted with the public key of the sender, optionally by the intermediary of the transactional platform (20), and decryption by the computer equipment of the recipient of the piece of information with the public key of the sender. The invention also concerns the application of this method and a connected object implementing the method.
H04L 9/30 - Clé publique, c.-à-d. l'algorithme de chiffrement étant impossible à inverser par ordinateur et les clés de chiffrement des utilisateurs n'exigeant pas le secret
H04L 51/00 - Messagerie d'utilisateur à utilisateur dans des réseaux à commutation de paquets, transmise selon des protocoles de stockage et de retransmission ou en temps réel, p. ex. courriel
H04L 51/04 - Messagerie en temps réel ou quasi en temps réel, p. ex. messagerie instantanée [IM]
H04L 67/06 - Protocoles spécialement adaptés au transfert de fichiers, p. ex. protocole de transfert de fichier [FTP]
H04L 67/12 - Protocoles spécialement adaptés aux environnements propriétaires ou de mise en réseau pour un usage spécial, p. ex. les réseaux médicaux, les réseaux de capteurs, les réseaux dans les véhicules ou les réseaux de mesure à distance
H04W 12/04 - Gestion des clés, p. ex. par architecture d’amorçage générique [GBA]
25.
METHOD FOR END-TO-END TRANSMISSION OF A PIECE OF ENCRYPTED DIGITAL INFORMATION, APPLICATION OF THIS METHOD AND OBJECT IMPLEMENTING THIS METHOD
The present invention concerns a method for end-to-end transmission of a piece of encrypted digital information, comprising the following steps: • selection, on the computer equipment (1, 11) of the transmitter, of a piece of digital information and a digital identifier of the recipient • temporary encryption of said piece of digital information by execution of a local encryption application on the computer equipment (1, 11) with the private key of the sender • decryption of said piece of information on the equipment (1, 11) of the sender and encryption of said piece of information with the public key of the recipient • transmission to the recipient, by the computer equipment (1, 11), from the sender, of the piece of digital information encrypted with the public key of the sender, optionally by the intermediary of the transactional platform (20), and • decryption by the computer equipment of the recipient of the piece of information with the public key of the sender. The invention also concerns the application of this method and a connected object implementing the method.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
H04W 4/14 - Services d'envoi de messages courts, p. ex. SMS ou données peu structurées de services supplémentaires [USSD]
H04W 12/02 - Protection de la confidentialité ou de l'anonymat, p. ex. protection des informations personnellement identifiables [PII]
H04W 12/04 - Gestion des clés, p. ex. par architecture d’amorçage générique [GBA]
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
Integration of a standard network protocol layer in a Web browser by compilation to Webassembly and use of a Websocket. The invention relates to a method for connecting a local client device (3) to a remote computing resource (1), by establishing a computing session in accordance with a standard protocol consisting in: - executing on the client device a Web browsing application (4) - opening a first tunnel [websocket] with a server GATEWAY (2) - said opening of the first tunnel between the client device and the GATEWAY commanding the opening of a network connection with said remote resource. The Web application executed on the local client calculates data packets in accordance with a standard protocol (RDP or SSH for example) and commands the transmission of said data packets to the remote resource in the native format of said protocol, without transcoding or transformation other than the standard processings of websockets, by way of the server gateway (Proxy websocket) ensuring the transfer without modification of the packet received from the client device, to the remote server.
Integration of a standard network protocol layer in a Web browser by compilation to Webassembly and use of a Websocket. The invention relates to a method for connecting a local client device (3) to a remote computing resource (1), by establishing a computing session in accordance with a standard protocol consisting in: - executing on the client device a Web browsing application (4) - opening a first tunnel [websocket] with a server GATEWAY (2) - said opening of the first tunnel between the client device and the GATEWAY commanding the opening of a network connection with said remote resource. The Web application executed on the local client calculates data packets in accordance with a standard protocol (RDP or SSH for example) and commands the transmission of said data packets to the remote resource in the native format of said protocol, without transcoding or transformation other than the standard processings of websockets, by way of the server gateway (Proxy websocket) ensuring the transfer without modification of the packet received from the client device, to the remote server.
A secure method connects to an application run on a server from a client computer device, by a user who does not have the authentication data of the account declared in the application, the account including at least one proxy ID. The disclosure also relates to the application and associated authentication data, implementing a proxy [mandatary gateway] including a memory for recording, for each user declared by a primary account comprising at least one user ID, the list of resource targets C and accounts to which the user has access.
G06F 7/04 - Contrôle d'égalité, c.-à-d. pour valeurs égales ou non
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p. ex. pour le traitement simultané de plusieurs programmes
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/41 - Authentification de l’utilisateur par une seule ouverture de session qui donne accès à plusieurs ordinateurs
G06F 21/44 - Authentification de programme ou de dispositif
The present invention relates to a method for automatically supplying a secure connection proxy (3) with remote targets (37) on the basis of privileged account data (32), comprising: - a step of exploring, by a robot, at least one domain for identifying the privileged accounts (32); - a step of filtering the privileged accounts (32) on the basis of criteria; - steps of extracting characteristics from identified privileged accounts (32); - a step of supplying the proxy (3) with the gathered data.
The present invention relates to a method for automatically supplying a secure connection proxy (3) with remote targets (37) on the basis of privileged account data (32), comprising: - a step of exploring, by a robot, at least one domain for identifying the privileged accounts (32); - a step of filtering the privileged accounts (32) on the basis of criteria; - steps of extracting characteristics from identified privileged accounts (32); - a step of supplying the proxy (3) with the gathered data.
le invention relates to a method for secure connection, from a client computer device to a target computer resource comprising a server, comprising the following steps: the emission of a session-opening request by an application installed on the client station, leading to the creation of a primary session between the client station and the proxy gateway, said request containing either the identifier of the target server or the identifier of the target application; and the opening of a session between said proxy gateway and said server. The request-emission step is implemented by the prior opening of a primary session [RDP] between the client station and the proxy gateway by the transmission of a message containing the identifier of the target server or the identifier of the target application.
The invention relates to a method for secure connection, from a client computer device to a target computer resource comprising a server, comprising the following steps: the emission of a session-opening request by an application installed on the client station, leading to the creation of a primary session between the client station and the proxy gateway, said request containing either the identifier of the target server or the identifier of the target application; and the opening of a session between said proxy gateway and said server. The request-emission step is implemented by the prior opening of a primary session [RDP] between the client station and the proxy gateway by the transmission of a message containing the identifier of the target server or the identifier of the target application.
The invention relates to a secure method for connection to an application run on a server from a client computer device, by a user who does not have the authentication data of the account declared in said application, said account comprising at least one proxy ID. The invention also relates to the application and associated authentication data, implementing a proxy [mandatary gateway] comprising a memory for recording, for each user declared by a primary account comprising at least one user ID, the list of resource targets C and accounts to which said user has access.
The invention relates to a secure method for connection to an application run on a server from a client computer device, by a user who does not have the authentication data of the account declared in said application, said account comprising at least one proxy ID. The invention also relates to the application and associated authentication data, implementing a proxy [mandatary gateway] comprising a memory for recording, for each user declared by a primary account comprising at least one user ID, the list of resource targets C and accounts to which said user has access.
09 - Appareils et instruments scientifiques et électriques
35 - Publicité; Affaires commerciales
39 - Services de transport, emballage et entreposage; organisation de voyages
42 - Services scientifiques, technologiques et industriels, recherche et conception
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
Computer software; Software; Computer software for providing security on networks, the internet, extranets and computers; Computer software for providing security for online transactions; Computer software for online identity protection, privacy control and parental control; Computer software for preventing and diagnosing computer problems; computer software for providing intrusion detection and prevention; Computer software for scanning, detecting and eliminating viruses, spam, advertising messages, spyware and other malware; Computer antivirus software, Anti-spam software, firewalls, filtering tools; computer software for use in the monitoring and control of computer and online activity; Computer software for fraud protection; Computer software and downloadable computer software, namely, utility software; Packaged open source software; Certification software for data recording and storage in the field of computer security; Software for automating the archiving process of physical and/or electronic data; Logging and/or traceability software in the field of the transmission, securing and archiving of physical and/or electronic data; Computer software for securing and/or encrypting physical and/or electronic data; Manual and/or automatic indexing software; Display software for secure, multi-format files; Computer search engine software; Apparatus for recording, transmission or reproduction of text, sound or images; Digital, magnetic and optical recording media; Digital, magnetic and optical data carriers; Time stamping apparatus; Software; Apparatus and instruments for recordal, storage, processing, analysis, transmission, distribution and/or display of data; security solution; Computer programs for accessing computer networks, wireless networks and the Internet. Reproduction of physical and/or electronic documents; Collection of data in a master file, systematic ordering of data in a master file, Computerised file management and computer database management; Commercial or industrial management assistance, Data searches in computerised files; Business investigations and research; Gathering of information; Administrative management of a computer security deployment and supervision centre; Setting up and administrative management of assistance procedures; Provision of commercial information via the Internet concerning products and services to enable customers to make an informed choice when purchasing those products and services; Dissemination of advertising matter and advertising materials (leaflets, prospectuses, printed matter), outdoor advertising; Publicity columns preparation, updating of advertising material, reproduction of documents; Rental of advertising time on all means of communication, all these services being in the field of computer security; Updating of databases. Secure preservation of data media or documents stored electronically; Information relating to storage and archiving in the field of data security. Consultancy in the field of computers; Computer assistance in the field of computer and data security; Technical support and engineering relating to computer software and computer security; Updating of computer software for others; Computer diagnostic services; Computer services, namely, data recovery services; Technical support services, namely, troubleshooting of computer hardware and software problems; Installation of computer software; Computer programming; Network and Internet security services; Technical consultation in the field of computer software installation and maintenance; Consulting services in the field of design, selection, implementation and use of computer hardware and software systems for others; Design, creation, installation, development, upgrade and maintenance of computer software; Providing information in the field of network and Internet security; Providing of expertise, Expertise relating to the industrialisation of solutions based on free software and open source development; Online technical support in the field of computers, computer software and computer systems; Computer security services, Monitoring the computer systems of others for technical purposes; Project studies in the field of computer security; Studies relating to risks and prevention in the field of computer security; Setting up and management of assistance procedures for events affecting software, databases, computers and computer security; Setting up of platforms for the deployment of remote secure systems and architectures; Providing information in the field of computer and online security services, via computer networks, wireless networks and the Internet; Monitoring of computer systems for security purposes; Providing IT threat management systems, namely monitoring and tracking vulnerability and problems relating to software product security on the internet and on computer networks. Identity theft protection services, namely, fraud prevention in the form of personal and financial information monitoring.