Patent · US Expired

Mechanism for evaluating security risks

US8156558B2 · kind B2 · utility

42Cited by

22References

19Claims

0Family size

Assignee

Microsoft Corporation · US

Inventors

Aaron Goldfeder · Seattle, US
John M. Hawkins · Duvall, US
Sergey Khorun · Seattle, US
Viresh Ramdatmisier · Seattle, US
Joseph T. Farro · Bothell, US
Gregory D. Fee · Seattle, US
Jeremiah S. Epling · Woodinville, US
Andrew Bybee · Redmond, US
Jingyang Xu · Malden, US
Tony E. Schreiner · Redmond, US
Jamie Cool · Redmond, US

Key dates

Filing date	May 17, 2003
Grant date	Apr 10, 2012
Priority date	—
Expiry date	May 7, 2026

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/566
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Described is a mechanism for collectively evaluating security risks associated with loading an application. A hosting environment associated with loading the application invokes a trust manager to evaluate the security risks. The trust manager invokes a plurality of trust evaluators, where each trust evaluator is responsible for analyzing and assessing a different security risk. Upon completion of each security risk evaluation, results of those individual security risk evaluations are returned to the trust manager. The trust manager aggregates the variety of security risk evaluation results and makes a security determination based on the aggregated evaluation results. That determination may be to move forward with loading the application, to block the load of the application, or perhaps to prompt the user for a decision about whether to move forward with the load.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.