Electrical computers and digital processing systems: multicomput – Remote data accessing
Reexamination Certificate
2000-09-15
2004-10-19
El-hady, Nabil (Department: 2154)
Electrical computers and digital processing systems: multicomput
Remote data accessing
C709S218000, C709S219000, C705S002000, C705S044000, C705S064000, C705S078000, C713S152000
Reexamination Certificate
active
06807569
ABSTRACT:
FIELD OF THE INVENTION
The invention relates to a method and system of creating and maintaining a database for providing authenticated and anonymous sharing of information associated with threats to industry assets, and available resolutions or solutions to such threats on industry and national information infrastructures.
BACKGROUND OF THE INVENTION
With the expansion of the global computer network known as the Internet, and an increase in business, commonly known as electronic business, conducted on the global computer network, security risks to such businesses and the related information infrastructure have become much more common in recent years. Specific risks involve potential liability related to invasion of privacy, copyright and trademark infringement, as well as attacks, implantation or spread of a computer virus, programming errors, information theft, fraud, security breaches, and other perils associated with electronic data.
The global computer network known as the Internet has opened extensive opportunities for financial services firms to connect critical business systems and create virtual businesses online. However, as noted, with the evolution of these businesses, there is an increased risk.
Not only are computer viruses a problem, but direct attacks on web sites have also become more common. Specifically, it has become common for hackers or unauthorized users to change the content of a web page and/or make other more damaging changes to such web pages.
SUMMARY OF THE INVENTION
Accordingly, there has been a need to provide a trusted yet anonymous method for sharing information about security incidents and vulnerabilities in such systems. A problem with such sharing of information, however, is that people are unwilling to report information about vulnerabilities for, among other reasons, fear of publicity that casts them in a negative light. As a result, there has to date not been available a good comprehensive database of data, and method and system of accessing data, concerning threats and evolutions of threats used to exploit vulnerabilities in the systems.
In accordance with the system and method of the invention, the problems of the absence of such a method and system are avoided by providing a trusted and anonymous system and method for sharing information about security incidents and vulnerabilities.
More specifically, in accordance with the invention, there is provided a system and method for anonymously sharing information about security incidents and vulnerability in corporate and national information infrastructures. Specifically, the method and system provide a means for submitting information and categorizing the corresponding data in a secure manner in which the submitting party's anonymity is ensured.
In one aspect, the invention broadly involves a method for allowing sharing of information associated with threats to industry assets. By “threats” to industry assets is meant such things as: (1) anything that breaches the security of a company and its computer systems such as new viruses, “spoofing,” “break-ins”, defacements, etc. (“Incident Data”); (2) known technical vulnerabilities in products, systems or software (“Vulnerability Data”); (3) known information about groups or individuals who are actively posing an electronic threat to systems (“Threat Activity Data”); and (4) data made up of controlled early notification from vendors of discovered “holes,” problems, vulnerabilities and the downloaded or downloadable “fixes,” if available (“Vendor Data”). As it relates to the identified “threats,” “Incident Resolution Data” shall mean known fixes or processes that correct the problems submitted. Of course, as will be readily apparent to those of ordinary skill in the art, other “threats” can eventually arise and be included among the specific threats enumerated, and dealt with within the method and system described.
The method thus will involve establishing a secured database which is made up of threat data, preferably in specifically classified form. Predetermined entities will be allowed access to the database to uncover information about threats. The database is augmented over time with additional threat data received from at least one of a plurality of sources. After the database is augmented, at least some of the predetermined entities are notified of additional threat data received which has been augmented to the database, whereby the predetermined entities will know to access the database if it is desired to learn more about the additional threat data.
From a system perspective, a data center is established which includes a secured database containing threat data stored thereon. A communications interface serves to allow predetermined entities access to the database, and a temporary database, separate or as part of and segmented from the secured database, is established for storing additional threat data received from at least one of a plurality of sources to allow review and classification of the additional threat data. The secured database is connected to the temporary database, either as a segmented part thereof, or as a separate database, for allowing the additional threat data to be stored on the secured database once it has been reviewed and classified. An electronic notification system serves to notify at least some of the predetermined entities about additional threat data stored on the secured database so that the predetermined entities will know to access the secured database if the additional threat data stored thereon is of interest.
More specifically, a secure facility, i.e., a data center, is established that provides for authenticated and, where appropriate, anonymous input and sharing of information associated with threats to industry assets and the available resolutions or solutions. The information may be shared securely through, for example, the World Wide Web, between authorized organizations who are oftentimes competitors, in an open and anonymous form. The database may be augmented by information provided by government and vendor sources.
Enrolled participants are provided the capability of anonymously submitting information to the database. Information then becomes available through secure, encrypted web-based connections. A team of analysts and security professionals assess each submittal regardless of the seriousness of the vulnerability or attack to identify patterns. As appropriate, end users/participants are then notified by electronic page and/or e-mail, or other means, that an urgent or crisis situation exists, and are advised how to obtain additional information. Optionally, a user profile allows filtering of notifications so those participants receive notification only when a relevant issue arises.
REFERENCES:
patent: 3956615 (1976-05-01), Anderson et al.
patent: 5414833 (1995-05-01), Hershey et al.
patent: 5799317 (1998-08-01), He et al.
patent: 5862325 (1999-01-01), Reed et al.
patent: 6088796 (2000-07-01), Cianfrocca et al.
patent: 6182226 (2001-01-01), Reid et al.
patent: 2002/0038430 (2002-03-01), Edwards et al.
patent: 2002/0095381 (2002-07-01), Takahashi et al.
patent: 2002/0107927 (2002-08-01), Gallant
patent: 2002/0120310 (2002-08-01), Linden et al.
patent: 2003/0004774 (2003-01-01), Greene et al.
patent: 2003/0120615 (2003-06-01), Kuo
International Search Report for Application No. PCT/US01/28077, dated Dec. 5, 2001 (mailing date).
Preliminary Examination Report for Application No. PCT/US01/28077, dated Jul. 10, 2002 (mailing date).
Bhimani Anish
Marlow William
Schugar Francis W.
Weiss Errol
El-hady Nabil
Kilpatrick & Stockton LLP
Science Applications International Corporation
LandOfFree
Trusted and anonymous system and method for sharing threat... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Trusted and anonymous system and method for sharing threat..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Trusted and anonymous system and method for sharing threat... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3332313