Security record transfer in a computing system
First Claim
Patent Images
1. A computing system, comprising:
- a security information transfer subsystem, comprising;
an input monitoring agent to;
monitor output of a security scanning application;
detect storage of a security record by the security scanning application;
encrypt a copy of the security record; and
delete the security record after the copy is encrypted;
a secure transfer queue to;
decrypt the copy of the security record;
translate the decrypted copy of the security record to a form useable by a security monitor application; and
encrypt the translated copy of the security record; and
an output monitoring agent to;
predict a time when the security monitor application will attempt to import a new unencrypted security file;
decrypt the encrypted translated security record no more than a time interval prior to the predicted time;
store the decrypted translated security record as the new unencrypted security file; and
delete the new unencrypted security file after the security monitor application imports the file.
2 Assignments
0 Petitions
Accused Products
Abstract
An input monitoring agent detects storage of a security record by a security scanning application, encrypts a copy of the security record, and deletes the security record. A secure transfer queue decrypts the encrypted security record, translates the security record for use by a security monitoring application, and encrypts the translated security record. An output monitoring agent predicts when a security monitoring application will attempt to import a new security file, decrypts and stores the encrypted translated security record as the new security file, and deletes the new security file when the security monitoring application has completed importation.
-
Citations
15 Claims
-
1. A computing system, comprising:
a security information transfer subsystem, comprising; an input monitoring agent to; monitor output of a security scanning application; detect storage of a security record by the security scanning application; encrypt a copy of the security record; and delete the security record after the copy is encrypted; a secure transfer queue to; decrypt the copy of the security record; translate the decrypted copy of the security record to a form useable by a security monitor application; and encrypt the translated copy of the security record; and an output monitoring agent to; predict a time when the security monitor application will attempt to import a new unencrypted security file; decrypt the encrypted translated security record no more than a time interval prior to the predicted time; store the decrypted translated security record as the new unencrypted security file; and delete the new unencrypted security file after the security monitor application imports the file. - View Dependent Claims (2, 3, 4, 5)
-
6. A method, comprising:
-
scanning a computing system for vulnerabilities; monitoring, by an input monitoring agent, output of a security scanning tool performing the scanning; detecting, by the input monitoring agent, storage of a security record by the security scanning tool; encrypting, by the input monitoring agent, a copy of the security record; and deleting, by the input monitoring agent, the security record stored by the security scanning tool on completion of the copy of the security record; transferring the encrypted security record to a secure transfer queue; decrypting, by the secure transfer queue, the encrypted copy of the security record; translating, by the secure transfer queue, the decrypted copy of the security record to a form useable by a security monitor application; encrypting, by the secure transfer queue, the translated copy of the security record; transferring, by the secure transfer queue, the encrypted translated security record to an output monitoring agent; predicting, by the output monitoring agent, when the security monitor application will attempt to import a new security file; decrypting, by the output monitoring agent, the encrypted translated security record no more than a predetermined time interval prior to a predicted time that the security monitor application will attempt to import the new security file; storing, by the output monitoring agent, the decrypted translated security record as the new security file; and deleting, by the output monitoring agent, the new security file based on the security monitor application having completed importation of the file. - View Dependent Claims (7, 8, 9)
-
-
10. A computing system, comprising:
a security information transfer subsystem, comprising; an input monitoring agent to; monitor output of computer system security scanning application; detect storage of a security record by the security scanning application; generate a copy of the security record stored by the security scanning application; delete the security record stored by the security scanning application on completion of the copy of the security record; encrypt the copy of the security record; and generate a transport block that includes the encrypted copy of the security record; a transport processing engine to; receive the transport block from the input monitoring agent; extract, from the transport block, information describing content of the security record; and store the information in a security information transfer audit log; a secure transfer queue to; receive the transport block from the transport processing engine; decrypt the copy of the security record; translate the decrypted copy of the security record to a form useable by a security monitor; encrypt the translated copy of the security record; and generate a processed block that includes the encrypted translated copy of the security record; and an output monitoring agent to; receive the encrypted, translated security record; monitor input timing of the security monitor; decrypt the encrypted, translated security record no more than a predetermined time interval prior to when, based on the monitored input timing of the security monitor, the security monitor is to check for availability of a file containing the translated security record; create the file containing the decrypted translated security record in storage that is accessible to the security monitor; determine whether the security monitor has imported the file containing the decrypted translated security record; delete the file containing the decrypted translated security record from the storage based on the security monitor having completed importation of the file. - View Dependent Claims (11, 12, 13, 14, 15)
Specification