Data processing: measuring – calibrating – or testing – Testing system – Of circuit
Reexamination Certificate
2006-01-31
2006-01-31
McElheny, Jr., Donald E. (Department: 2857)
Data processing: measuring, calibrating, or testing
Testing system
Of circuit
C702S120000, C702S121000, C702S188000, C702S189000
Reexamination Certificate
active
06993448
ABSTRACT:
A computer-implemented system, method and medium for assessing the risk of and/or determining the suitability of a system to comply with at least one predefined standard, regulation and/or requirement. In at least some embodiments of the present invention, the method comprises the steps of: 1) automatically or manually gathering information pertaining to the system, 2) selecting one or more requirements with which the system is to comply; 3) testing the system against the requirements; 4) performing risk assessment of the failed test procedures, and 5) generating certification documentation based on an assessment of the first four elements.
REFERENCES:
patent: 5032979 (1991-07-01), Hecht et al.
patent: 5621889 (1997-04-01), Lermuzeaux et al.
patent: 5625751 (1997-04-01), Brandwajn et al.
patent: 5684959 (1997-11-01), Bhat et al.
patent: 5699403 (1997-12-01), Ronnen
patent: 5740248 (1998-04-01), Fieres et al.
patent: 5796942 (1998-08-01), Esbensen
patent: 5850516 (1998-12-01), Schneier
patent: 5859847 (1999-01-01), Dew et al.
patent: 5870545 (1999-02-01), Davis et al.
patent: 5892900 (1999-04-01), Ginter et al.
patent: 5892903 (1999-04-01), Klaus
patent: 5931946 (1999-08-01), Terada et al.
patent: 6006328 (1999-12-01), Drake
patent: 6134664 (2000-10-01), Walker
patent: 6148401 (2000-11-01), Devanbu et al.
patent: 6151599 (2000-11-01), Shrader et al.
patent: 6185689 (2001-02-01), Todd, Sr. et al.
patent: 6205407 (2001-03-01), Testa et al.
patent: 6219626 (2001-04-01), Steinmetz et al.
patent: 6219628 (2001-04-01), Kodosky et al.
patent: 6219805 (2001-04-01), Jones et al.
patent: 6230105 (2001-05-01), Harris et al.
patent: 6256773 (2001-07-01), Bowman-Amuah
patent: 6282546 (2001-08-01), Gleichauf et al.
patent: 6298445 (2001-10-01), Shostack et al.
patent: 6317868 (2001-11-01), Grimm et al.
patent: 6324647 (2001-11-01), Bowman-Amuah
patent: 6370573 (2002-04-01), Bowman-Amuah
patent: 6389402 (2002-05-01), Ginter et al.
patent: 6401073 (2002-06-01), Tokuda et al.
patent: 6405364 (2002-06-01), Bowman-Amuah
patent: 6408391 (2002-06-01), Huff et al.
patent: 6473794 (2002-10-01), Guheen et al.
patent: 6546493 (2003-04-01), Magdych et al.
patent: 2001/0027389 (2001-10-01), Beverina et al.
patent: 2001/0034847 (2001-10-01), Gaul, Jr.
patent: 2002/0042687 (2002-04-01), Tracy et al.
patent: 2002/0069035 (2002-06-01), Tracy et al.
patent: 2002/0104014 (2002-08-01), Zobel et al.
patent: 2002/0198750 (2002-12-01), Innes et al.
patent: 2002/0199122 (2002-12-01), Davis et al.
patent: 2003/0046128 (2003-03-01), Heinrich
patent: 2003/0064717 (2003-04-01), Rajaram
patent: 2003/0065793 (2003-04-01), Kouznetsov et al.
patent: 2003/0159063 (2003-08-01), Apfelbaum et al.
patent: 2003/0163728 (2003-08-01), Shaw
patent: 2003/0172166 (2003-09-01), Judge et al.
patent: 2004/0010709 (2004-01-01), Baudoin et al.
patent: 2004/0025015 (2004-02-01), Satterlee et al.
patent: 2004/0049698 (2004-03-01), Ott et al.
patent: 0999489 (2000-05-01), None
patent: WO 00/70463 (2000-11-01), None
patent: WO 01/37511 (2001-05-01), None
patent: WO 01/59989 (2001-08-01), None
patent: WO 01/99349 (2001-12-01), None
patent: WO 02/061544 (2002-08-01), None
Dec. 26, 1985. “Department of Defense Trusted Computer System Evaluation Criteria.” DoD 5200.28-STD.
Jul. 31, 2000. “Department of Defense Information Technology Security Certification and Accreditation Process (DITSCAP): Application Manual.” DoD 8510.1-M.
Jan. 23, 2003. International Search Report from PCT/US02/28179.
Apr. 11, 2003. International Preliminary Examination Report from PCT/US00/09842.
Dennis Szerszen, “Secure Strategies—A Year-Long Series on the Fundamentals of Information Systems Security—Extending your business to the Web requires a firm understanding of directories, what they offer and the challenges you'll face in deploying them,” Apr. 2000, Part 1, from http://infosecuritymag.techtarget.com/articles/april00/features4.shtml.
“DOD Information Technology Security Certification and Accreditation Process (DITSCAP),” Lesson 11, Aug. 29, 2000, from http://atzhssweb.gordon.army.rail/otd/c2protect/isso/item17.html, pp. 1-25.
The Mitre Corporation, “The Key to Information Sharing—Common Vulnerabilities & Exposures,” Aug. 17, 2000, from http://www.cve.mitre.org/about/introduction.html.
Al Berg, “Secure Strategies—A Year-Long Series on the Fundamentals of Information Systems Security—On the surface, all vulnerability assessment scanners perform essentially the same way. Here's how to decide which one-if any-is right for your requirements,” Part 2, “Audits, Assessments & Tests (Oh, My),” from http://www.infosecuritymag.com/aug2000/securestrategies.htm, pp. 1-5.
Dan Swanson, “Secure Strategies—A Year-Long Series on the Fundamentals of Information Systems Security—Avoiding IS Icebergs,” Part 4, “Audits, Assessments & Tests (Oh, My),” from http://www.infosecuritymag.com/oct2000/icebergs.htm, pp. 1-4.
George Kurtz and Chris Prosise, “Secure Strategies—Penetration Testing Exposed,” Part 3, “Audits, Assessments & Tests (Oh, My),” from http://www.infosecuritymag.com/sep2000/securestrategies.htm, pp. 1-5.
Polk, W. T. Dec. 1992. “Automated Tools for testing computer system vulnerability (Abstract).” National Institute of Standards & Technology. Washington, DC.
U.S. Appl. No. 09/794,386, filed Feb. 28, 2001, Tracy et al.
Hochberg, Judith, Kathleen Jackson, Cathy Stallings, J.F. McClary, David Dubois, and Josephine Ford. May 3, 1993. “NADIR: An automated system for detecting network intrusion and misuse (Abstract).” Computers & Security, vol. 12, No. 3, pp. 235-248.
Baskerville, Richard. Dec. 4, 1993. “Information Systems Security Design Methods: Implications for Information Systems Development.” ACM Computing Surveys, vol. 25, No. 4, pp. 375-414.
Zhou, Qin, J. Davidson, and A.A. Fouad. Feb. 1994. “Application of artificial neural networks in power system security and vulnerability assessment (Abstract).” IEEE Transactions on Power Systems, vol. 9, No. 1, pp. 525-532.
Jackson, K. A., J. G. Hochberg, S. K. Wilhelmy, J. F. McClary, and G. G. Christoph. May 3-5, 1994. “Management issues in automated audit analysis (Abstract).” Los Alamos National Lab, Department of Energy computer security group training conference. Denver, Colorado.
Jackson, K. A., M. C. Neuman, D. D. Simmonds, C. A. Stallings, and J. L. Thompson. May 1-4, 1995. “Misuse and intrusion detection at Los Alamos National Laboratory (Abstract).” Department of Energy computer security group training conference (17th). Milwaukee, Wisconsin.
Casella, K. A. Sep. 17-22, 1995. “Security administration in an open networking environment (Abstract).” Proceedings of the Ninth Systems Administration Conference, pp. 67-73. Monterey, California.
Doty, T. Fall 1995. “Test Driving SATAN (Abstract).” Computer Security Journal, vol. 11, No. 2, pp. 9-14.
Karygiannis, T. Mar. 23-25, 1998. “Network security testing using mobile agents (Abstract).” Proceedings of the Third International Conference on the Practical Application of Intelligent Agents and a Multi-Agent Technology, pp. 625-626. London, United Kingdom.
Gimble, T. F., M. F. Ugone, C. A. Miggins, D. L. Dixon, and K. Fitzpatrick. Jun. 3, 1998. “Information Assurance for the Defense Civilian Personnel Data System—Washington, Headquarters Services (Abstract).” Audit Report, Department of Defense, Office of the Inspector General. Washington, DC.
Swiler, L. P. and C. Phillips. Jun. 30, 1998. “Graph-based system for network-vulnerability analysis (Abstract).” USDOE Office of Financial Management and Controller. Washington DC.
Rudd, Alan, Joel McFarland, and Scott Olsen. Aug. 1998. “Managing security vulnerabilities in a networked world (Abstract).” Journal of Digital Imaging, vol. 1
Barrett Hugh
Berman Lon J.
Catlin Gary M.
Tracy Richard P.
McElheny Jr. Donald E.
Suarez Felix
Telos Corporation
LandOfFree
System, method and medium for certifying and accrediting... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System, method and medium for certifying and accrediting..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System, method and medium for certifying and accrediting... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3567037