System and method utilizing clean groups for security management
US7673326B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 4, 2004 |
| Grant date | Mar 2, 2010 |
| Priority date | — |
| Expiry date | Feb 10, 2027 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/577
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A system and method that utilizes clean groups for reducing security management complexity. The system reduces the complexity of managing security technologies by automatically assigning objects such as computers or persons to clean groups which are defined by existing management infrastructure. In an embodiment where members are computers, ongoing automatic efforts ensure that clean groups include only computers that satisfy specified security principles, which allows administrators to treat all computers that are in compliance as a group. Separately, the members of the clean group are required to implement self-governance, which is an ability to detect being compromised and to take steps to remove themselves from the clean group when they are compromised. In addition to attempting to remove itself from the clean group, a compromised computer may take additional steps aimed at minimizing further damage, such as erasing or hiding computer domain credentials, hiding/protecting/disabling cryptographic (e.g. EFS) keys, or logging out a user.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.