Information security – Monitoring or scanning of software or data including attack... – Vulnerability assessment
Reexamination Certificate
2002-09-30
2008-12-30
Revak, Christopher A (Department: 2131)
Information security
Monitoring or scanning of software or data including attack...
Vulnerability assessment
C726S023000, C713S151000, C713S189000, C709S221000, C709S223000
Reexamination Certificate
active
07472421
ABSTRACT:
The security risk associated with a computer system may be quantified by identifying a computer system, identifying a risk associated with the computer system, the risk relating to an event that may interrupt a normal operating mode of the computer system, determining a likelihood that the event associated with the risk will occur, determining a cost associated with the event occurring on the computer system, and quantifying the risk into an impact value by using the likelihood and the cost.
REFERENCES:
patent: 5699403 (1997-12-01), Ronnen
patent: 6535227 (2003-03-01), Fox et al.
patent: 6895383 (2005-05-01), Heinrich
patent: 6907430 (2005-06-01), Chong et al.
patent: 6952779 (2005-10-01), Cohen et al.
patent: 7315801 (2008-01-01), Dowd et al.
patent: 2002/0066034 (2002-05-01), Schlossberg et al.
patent: 2005/0203921 (2005-09-01), Newman et al.
patent: 2006/0191010 (2006-08-01), Benjamin
patent: 2007/0121596 (2007-05-01), Kurapati et al.
patent: 1119151 (2001-07-01), None
patent: WO 2004031953 (2004-04-01), None
Zhou et al, Modeling Network Intrusion Detection Alerts for Correlation, 2007, ACM, pp. 1-31.
Haag et al, An Artificial Immune System-Inspired Multiobjective Evolutionary Algorithm with Application to the Detection of Distributed Computer Network Intrusions, 2007, ACM, pp. 2717-2724.
Dantu et al, Risk management using behavior based attack graphs, 2004, IEEE, pp. 445-449.
Mihaela Ulieru, Design for Resilience of Networked Critical Infrastructures, 2007, IEEE, pp. 540-545.
Bodeau D. J., “A Conceptual Model for Computer Security Risk Analysis”, Computer Security Applications Conference, 1992 Proceedings, Nov. 30, 1992, pp. 56-63, XP010030989.
Ciechanowicz Z., “Risk Analysis: Requirements, Conflicts and Problems”, Computers & Security, Elsevier Science Publishers, Amsterdam, NL, vol. 16, No. 3, 1997, pp. 223-232, XP004093507.
Devargas M., “Survival is Not Compulsory: An Introduction to Business Continuity Planning”, Computers & Security, Elsevier Science Publishers, Amsterdam, NL, vol. 18, No. 1, 1999, pp. 35-46, XP004154864.
Fitch, J.A. III et al., “On the Shortest Path to Network Security”, Computer Security Applications Conference, 1993 Proceedings, Dec. 6, 1993, pp. 149-158, XP010096765.
Gerber, M. et al., “From Risk Analysis to Security Requirements”, Computers & Security, Elsevier Science Publishers, Amsterdam, NL, vol. 20, No. 7, Oct. 31, 2001, pp. 577-584, XP004322838.
Lam, F.K. et al., “A Security Officer's Workbench”, Computers & Security, Elsevier Science Publishers, Amsterdam, NL, vol. 15, No. 8, 1996, pp. 695-705, XP004016490.
Niemeyer, R.E., “Applying the TNI to System Certification and Accreditation”, Computer Security Applications Conference, Dec. 4, 1989, pp. 248-252, XP010017882.
Tr{tilde over (c)}ek, D., “An Integral Framework for Information Systems Security Management”, Computers & Security, Elsevier Science Publishers, Amsterdam, NL, vol. 22, No. 4, May 4, 2003, pp. 337-360, XP004433001.
Veatch, J.D. et al., “Requirements Driven Methodology for Conducting Risk Analysis of Unclassified Networks”, Security Technology, 1995 Proceedings, Oct. 18, 1995, pp. 232-243, XP010196421.
International Search Report, PCT/US03/30082, dated Feb. 26, 2004.
Electronic Data Systems Corporation
Fish & Richardson P.C.
Moorthy Aravind K
Revak Christopher A
LandOfFree
Computer model of security risks does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Computer model of security risks, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Computer model of security risks will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4041474