Enterprise security assessment sharing
US8959568B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 14, 2007 |
| Grant date | Feb 17, 2015 |
| Priority date | — |
| Expiry date | Nov 16, 2030 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L41/0803
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An enterprise-wide sharing arrangement uses a semantic abstraction, called a security assessment, to share security-related information between different security products, called endpoints. A security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information that is collected about an object of interest. Its tentative nature is reflected in two of its components: a fidelity field used to express the level of confidence in the assessment, and a time-to-live field for an estimated time period for which the assessment is valid. Endpoints may publish security assessments onto a security assessment channel, as well as subscribe to a subset of security assessments published by other endpoints. A specialized endpoint is coupled to the channel that performs as a centralized audit point by subscribing to all security assessments, logging the security assessments, and also logging the local actions taken by endpoints in response to security threats.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.