Information security – Monitoring or scanning of software or data including attack... – Vulnerability assessment
Reexamination Certificate
2003-05-01
2009-11-03
Dinh, Minh (Department: 2432)
Information security
Monitoring or scanning of software or data including attack...
Vulnerability assessment
C726S001000, C726S011000, C726S023000, C726S024000
Reexamination Certificate
active
07614085
ABSTRACT:
The invention relates to a method for creating and/or updating a security policy within a computerized system protected by at least one security package, comprising: (a) Providing at least one trusted source within the system, capable of issuing a report detailing the structure and/or attributes of the system and/or security flaws within the system; (b) Periodically operating said at least one trusted source in order to periodically issue said report; (c) Importing each trusted source report into a security correcting unit, and forming one consolidated file containing the details from all said reports; (d) Importing into said security correcting unit the attributes files of all the security packages; (e) Separately comparing the content of said consolidated file with each of the imported attributes files, and updating each attributes file with the security information included within said consolidated file, information which is missing from the said attributes file, and is relevant to said attributes file; and (f) Separately exporting said updated attributes files and effecting each of them as the active attributes file of the corresponding security package, thereby effecting an updated security policy.
REFERENCES:
patent: 4734853 (1988-03-01), Nakano
patent: 5073933 (1991-12-01), Rosenthal
patent: 5166977 (1992-11-01), Ross
patent: 5191611 (1993-03-01), Lang
patent: 5220604 (1993-06-01), Gasser et al.
patent: 5224163 (1993-06-01), Gasser et al.
patent: 5315657 (1994-05-01), Abadi et al.
patent: 5317742 (1994-05-01), Bapat
patent: 5347578 (1994-09-01), Duxbury
patent: 5559800 (1996-09-01), Mousseau et al.
patent: 5566326 (1996-10-01), Hirsch et al.
patent: 5594227 (1997-01-01), Deo
patent: 5611048 (1997-03-01), Jacobs et al.
patent: 5623600 (1997-04-01), Ji et al.
patent: 5623601 (1997-04-01), Vu
patent: 5629981 (1997-05-01), Nerlikar
patent: 5657390 (1997-08-01), Elgamal et al.
patent: 5724355 (1998-03-01), Bruno et al.
patent: 5774695 (1998-06-01), Autrey et al.
patent: 5778189 (1998-07-01), Kimura et al.
patent: 5826014 (1998-10-01), Coley et al.
patent: 5870544 (1999-02-01), Curtis
patent: 5889953 (1999-03-01), Thebaut et al.
patent: 5892900 (1999-04-01), Ginter et al.
patent: 5908469 (1999-06-01), Botz et al.
patent: 5910987 (1999-06-01), Ginter et al.
patent: 5917912 (1999-06-01), Ginter et al.
patent: 5933498 (1999-08-01), Schneck et al.
patent: 5941947 (1999-08-01), Brown et al.
patent: 5944794 (1999-08-01), Okamoto et al.
patent: 5949876 (1999-09-01), Ginter et al.
patent: 5968176 (1999-10-01), Nessett et al.
patent: 5974549 (1999-10-01), Golan
patent: 5982891 (1999-11-01), Ginter et al.
patent: 5983270 (1999-11-01), Abraham et al.
patent: 6035423 (2000-03-01), Hodges et al.
patent: 6092194 (2000-07-01), Touboul
patent: 6105027 (2000-08-01), Schneider et al.
patent: 6154844 (2000-11-01), Touboul et al.
patent: 6158010 (2000-12-01), Moriconi et al.
patent: 6199181 (2001-03-01), Rechef et al.
patent: 6226372 (2001-05-01), Beebe et al.
patent: 6298445 (2001-10-01), Shostack et al.
patent: 6311278 (2001-10-01), Raanan et al.
patent: 6317868 (2001-11-01), Grimm et al.
patent: 6321337 (2001-11-01), Reshef et al.
patent: 6356906 (2002-03-01), Lippert et al.
patent: 6477651 (2002-11-01), Teal
patent: 6584569 (2003-06-01), Reshef et al.
patent: 6668282 (2003-12-01), Booth, III et al.
patent: 6684329 (2004-01-01), Epstein et al.
patent: 6782418 (2004-08-01), Cerrone et al.
patent: 6785821 (2004-08-01), Teal
patent: 6792461 (2004-09-01), Hericourt
patent: 6842758 (2005-01-01), Bogrett
patent: 6895383 (2005-05-01), Heinrich
patent: 6944678 (2005-09-01), Lu et al.
patent: 6952779 (2005-10-01), Cohen et al.
patent: 6970943 (2005-11-01), Subramanian et al.
patent: 6988209 (2006-01-01), Balasubramaniam et al.
patent: 6996845 (2006-02-01), Hurst et al.
patent: 7000247 (2006-02-01), Banzhof
patent: 7152240 (2006-12-01), Green et al.
patent: 7162742 (2007-01-01), Flowers et al.
patent: 2001/0034847 (2001-10-01), Gaul, Jr.
patent: 2002/0133590 (2002-09-01), McBrearty et al.
patent: 2002/0169986 (2002-11-01), Lortz
patent: 2003/0056116 (2003-03-01), Bunker et al.
patent: 2003/0131256 (2003-07-01), Ackroyd
patent: 2003/0135749 (2003-07-01), Gales et al.
patent: 2003/0233581 (2003-12-01), Reshef et al.
patent: 2004/0010709 (2004-01-01), Baudoin et al.
patent: 2004/0123141 (2004-06-01), Yadav
patent: 2005/0005112 (2005-01-01), Someren
patent: 2006/0137014 (2006-06-01), Hurst et al.
patent: 1 160 643 (2001-12-01), None
patent: 1 160 645 (2001-12-01), None
patent: WO 99/56196 (1999-11-01), None
patent: 0016200 (2000-03-01), None
patent: 0016206 (2000-03-01), None
patent: 02075547 (2002-09-01), None
patent: PCT/IL03/00352 (2004-07-01), None
Andress, “Network scanner pinpoint problems”, Network World, Jun. 2002, Retrieved from the Internet on Jun. 15, 2007: <URL: http://www.networkworld.com/reviews/2002/0204bgrev.html>.
“Security Assessment Methodology”, Network Magazine India, Dec. 2001, Retrieved from the Internet on Jun. 15, 2007: <URL: http://www.networkmagazineindia.com/200112/cover2.htm>.
U.S. Appl. No. 60/345,689, filed Date: Dec. 31, 2001.
Symantec Corporation: “E-security begins with sound security policies,” Announcement Symantec, Jun. 14, 2001.
Ceponkus A et al: “XML as an information exhange format between clients and servers,” Applied XML: a Toolkit for Programmers, 1999.
Bertino E et al: “On Specifying Security Policies for Web Documents With an XML-Based Language” 2001.
BRP Publications, “App Shield Provides Block Against Application Hacks”, Report on Electronic Commerce, vol. 6, issue 16, Sep. 7, 1999.
Ghosh et al., “Detecting Anomalous and Unknown Intrusions Against Programs”, Computer Security Applications Conference, 1998. Proceedings. 14th Annual, Phoenix, AZ, USA Dec. 7-11, 1998, Los Alamitos, CA, USA, IEEE Comput. Soc. US, Dec. 7, 1998, pp. 259-267, XP010318640.
Javitz et al., “The SRI IDES Statistical Anomaly Detector”, Proceedings on the Symposium on Research in Security and Privacy, Oakland, May 20-22, 1991, Los Alamitos, IEEE Comp. Soc. Press, US, vol. Symp. 12, May 20, 1991, pp. 316-326, XP 010024232.
Messmer, “New Tool Blocks Wily E-Comm Hacker Tricks”, CNN.com Sep. 7, 1999.
Scott et al., “Abstracting Application-Level Web Security”, May 2002, WWW2002, pp. 396-407.
Toshiba, “MAGNIA2000Ri/Anti-Hacker User's Guide”, A2 Edition, K.K. Toshiba Digital Media Network Inc., Feb. 28, 2001.
Dinh Minh
Paul Hastings Janofsky & Walker LLP
Protegrity Corporation
LandOfFree
Method for the automatic setting and updating of a security... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for the automatic setting and updating of a security..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for the automatic setting and updating of a security... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4074473