4. Information security
  5. Access control or authentication
  6. Network

Web application security frame

Information security – Access control or authentication – Network

Reexamination Certificate

Rate now
  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C726S018000, C726S023000, C726S025000, C726S026000

Reexamination Certificate

active

07818788

ABSTRACT:
A web application security frame (e.g., schema) that can incorporate expertise into an engineering activity, for example, a threat modeling activity, is provided. The novel web application security frame component can be applied to a threat modeling component to converge knowledge into the activity by identifying categories, vulnerabilities, threats, attacks and countermeasures. The novel schema can create a common framework that converges knowledge with respect to any application engineering activity (e.g., threat modeling, performance modeling). Additionally, a context precision mechanism can be employed to automatically and/or dynamically determine a context of a web application environment. This context can be used to automatically generate an appropriate web application security frame component.

REFERENCES:
patent: 5107499 (1992-04-01), Lirov
patent: 5446680 (1995-08-01), Sekiya et al.
patent: 5751949 (1998-05-01), Thomson et al.
patent: 5812780 (1998-09-01), Chen et al.
patent: 6067412 (2000-05-01), Blake et al.
patent: 6167521 (2000-12-01), Smith et al.
patent: 6209101 (2001-03-01), Mitchem et al.
patent: 6256773 (2001-07-01), Bowman-Amuah
patent: 6377994 (2002-04-01), Ault
patent: 6408391 (2002-06-01), Huff et al.
patent: 6457040 (2002-09-01), Mizuhara et al.
patent: 6584569 (2003-06-01), Reshef et al.
patent: 6609100 (2003-08-01), Smith
patent: 6631473 (2003-10-01), Townsend
patent: 6643775 (2003-11-01), Granger
patent: 6668325 (2003-12-01), Collberg
patent: 6742143 (2004-05-01), Kaler et al.
patent: 6782425 (2004-08-01), Germscheid et al.
patent: 6816886 (2004-11-01), Elvanoglu et al.
patent: 6836845 (2004-12-01), Lennie et al.
patent: 6850985 (2005-02-01), Giloi et al.
patent: 6912502 (2005-06-01), Buddle
patent: 6915454 (2005-07-01), Moore et al.
patent: 6959393 (2005-10-01), Hollis et al.
patent: 6971026 (2005-11-01), Fujiyama
patent: 6980927 (2005-12-01), Tracy et al.
patent: 6981281 (2005-12-01), LaMacchia et al.
patent: 6985946 (2006-01-01), Vasandani et al.
patent: 6993448 (2006-01-01), Tracy et al.
patent: 6996845 (2006-02-01), Hurst et al.
patent: 7000219 (2006-02-01), Barrett
patent: 7013395 (2006-03-01), Swiler et al.
patent: 7032114 (2006-04-01), Moran
patent: 7096502 (2006-08-01), Fox
patent: 7219304 (2007-05-01), Kraenzel
patent: 7231661 (2007-06-01), Villavicencio
patent: 7249174 (2007-07-01), Srinivasa
patent: 7343626 (2008-03-01), Gallagher
patent: 7370359 (2008-05-01), Hrabik
patent: 2002/0007229 (2002-01-01), Hudson
patent: 2002/0078380 (2002-06-01), Lin
patent: 2002/0144128 (2002-10-01), Rahman et al.
patent: 2002/0161903 (2002-10-01), Besaw
patent: 2003/0005326 (2003-01-01), Flemming
patent: 2003/0014644 (2003-01-01), Burns et al.
patent: 2003/0033516 (2003-02-01), Howard et al.
patent: 2003/0120938 (2003-06-01), Mullor
patent: 2003/0172292 (2003-09-01), Judge
patent: 2003/0217277 (2003-11-01), Narayanan
patent: 2003/0233431 (2003-12-01), Reddy
patent: 2003/0233571 (2003-12-01), Kraus
patent: 2004/0003286 (2004-01-01), Kaler et al.
patent: 2004/0103200 (2004-05-01), Ross et al.
patent: 2004/0139353 (2004-07-01), Forcade
patent: 2004/0205711 (2004-10-01), Ishimitsu
patent: 2004/0221163 (2004-11-01), Jorgensen et al.
patent: 2004/0230831 (2004-11-01), Spelman et al.
patent: 2004/0260754 (2004-12-01), Olson et al.
patent: 2005/0004863 (2005-01-01), Havrilak
patent: 2005/0015591 (2005-01-01), Thrash et al.
patent: 2005/0015752 (2005-01-01), Alpern et al.
patent: 2005/0022003 (2005-01-01), Oliphant
patent: 2005/0022021 (2005-01-01), Bardsley et al.
patent: 2005/0022172 (2005-01-01), Howard
patent: 2005/0039046 (2005-02-01), Bradsley et al.
patent: 2005/0044405 (2005-02-01), Spraggs
patent: 2005/0044418 (2005-02-01), Miliefsky et al.
patent: 2005/0055565 (2005-03-01), Fournet
patent: 2005/0091227 (2005-04-01), McCollum et al.
patent: 2005/0102536 (2005-05-01), Patrick
patent: 2005/0120231 (2005-06-01), Harada et al.
patent: 2005/0125272 (2005-06-01), Hostetler
patent: 2005/0131978 (2005-06-01), Meredith et al.
patent: 2005/0138426 (2005-06-01), Styslinger
patent: 2005/0144471 (2005-06-01), Shupak et al.
patent: 2005/0182941 (2005-08-01), Della-Libera et al.
patent: 2005/0182969 (2005-08-01), Ginter et al.
patent: 2005/0188221 (2005-08-01), Motsinger et al.
patent: 2005/0190769 (2005-09-01), Smith
patent: 2005/0198332 (2005-09-01), Laertz et al.
patent: 2005/0198520 (2005-09-01), Bardsley et al.
patent: 2005/0234926 (2005-10-01), Warner
patent: 2005/0246716 (2005-11-01), Smith et al.
patent: 2005/0246776 (2005-11-01), Chawro et al.
patent: 2005/0273860 (2005-12-01), Chess
patent: 2005/0283622 (2005-12-01), Hall
patent: 2005/0283831 (2005-12-01), Ryu et al.
patent: 2006/0161989 (2006-07-01), Reshef et al.
patent: 2006/0206615 (2006-09-01), Zheng et al.
patent: 2006/0230430 (2006-10-01), Hondo et al.
patent: 2006/0236394 (2006-10-01), Morrow et al.
patent: 2006/0265740 (2006-11-01), Clark et al.
patent: 2006/0277606 (2006-12-01), Yunus et al.
patent: 2006/0282891 (2006-12-01), Pasko
patent: 2007/0016955 (2007-01-01), Goldberg
patent: 2007/0156375 (2007-07-01), Meier
patent: 2007/0156420 (2007-07-01), Meier
patent: 2007/0157156 (2007-07-01), Meier
patent: 2007/0157311 (2007-07-01), Meier
patent: 2007/0162890 (2007-07-01), Meier
patent: 2007/0192344 (2007-08-01), Meier
patent: 2007/0204346 (2007-08-01), Meier
patent: 2007/0289009 (2007-12-01), Phan-Anh
patent: 2008/0098479 (2008-04-01), O'Rourke
patent: WO 98/53399 (1998-11-01), None
patent: WO0056027 (2000-09-01), None
patent: WO03101069 (2003-12-01), None
James B.D. Joshi/Walid G. Aref/ Arif Ghafor/ Eugene H. Spafford, Security Models For Web-Based Applications, Feb. 2001 (pp. 38-44).
Adding Application Security. http://www.technicalinfo.net/opinions/opinion024.html, last accessed on Nov. 15, 2005, 2 pages.
Chadwick, D.; Threat Modelling for Active Directory; 10 pages.
Connie U. Smith et al., Performance Engineering Evaluation of Object-Oriented Systems with SPE•ED™, Computer Performance Evaluation: Modelling Techniques and Tools, No. 1245, Springer-Verlag, Berlin, 1997, 21 pages.
Connie U. Smith et al., Software Performance Engineering: A Case Study Including Performance Comparison with Design Alternatives, IEEE Transactions on Software Engineering, Jul. 1993, pp. 720-741,vol. 19, No. 7.
D. Snow and W. Chang, Network security. http://ieeexplore.ieee.org/search/srchabstract.jsp?arnumber=267863&isnumber=6694&punumber=630&k2dockey=267863@ieeecnfs&query=%28network+security%29%3Cin%3Emetadata&pos=8.
Desmet, L., et al.; Threat Modelling for Web Services Based Web Applications; 14 pages.
Dunn, M.; Cyber-Threats and Countermeasures Towards an Analytical Framework for Explaining Threat Politics in the Information Age; Aug. 2004; 35 pages.
FortiGate™ series of ASIC-accelerated multi-threat security systems. http://www.fortinet.com/products/.
Gerald A. Marin, Network security basics, Basic Training, IEEE Security & Privacy, Published by the IEEE Computer Society, Nov./Dec. 2005. http://ieeexplore.ieee.org/search/srchabstract.jsp?arnumber=1556540&isnumber=33104&punumber=8013&k2dockey=1556540@ieeejrns&query=%28network+security%29%3Cin%3Emetadata&pos=6 .
J.D. Meier et al., Threat Modeling Web Applications, May 2005. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/tmwa.asp, last accessed on Nov. 15, 2005, 6 pages.
Jiang Tao, et al., The research on dynamic self-adaptive network security model based on mobile agent, National Engineering Research Center for Computer Software, 308 mailbox of Northeastern University, Shen yang, 110006, China. http://ieeexplore.ieee.org/search/srchabstract.jsp?arnumber=885909&isnumber=19142&punumber=7108&k2dockey=885909@ieeecnfs&query=%28network+security%.
Jon Oltsik, Information Security Brief, Apr. 2005. http://www.appsecinc.com
ews/APPSECINC—April.pdf, 3 pages.
Meier, J., et al.; Chapter 2—Threats and Countermeasures: Improving Web Application Security; Jun. 2003, 22 pages; http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht

Meier John D.

Inventor

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Anderson Michael

Examiner

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Bui Kieu Oanh

Examiner

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Microsoft Corporation

Corporate Assignee

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Workman Nydegger

Law Firm

  [ 0.00 ] – not rated yet Voters 0   Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Web application security frame does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Web application security frame, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Web application security frame will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-4164245

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

 Charities
 Companies
 MP Candidates
 Patents
 Employee Salary Disclosure

World

 Places of the World
 Scientific Papers

United States

 Banks
 Companies
 Counties
 Patents
 Employee Salary Disclosure