Secure and differentiated delivery of network security information

US 20050132199A1
Filed: 06/23/2004
Published: 06/16/2005
Est. Priority Date: 07/06/1999
Status: Abandoned Application

First Claim

Patent Images

1. A method in a computer system for distributing network security information, comprising:

attaching to the network security information a signature that both reliably identifies the origin of the network security information and characterizes the contents of the network security information, the attached signature enabling recipients of the network security information to identify the origin of the network security information and determine whether the network security information has been altered since the signature was attached;

receiving a query identifying characteristics of potential network security information recipients that should receive the network security information;

from among the multiplicity of potential recipients, selecting a plurality of recipients for the network security information by performing the query against a recipient profiling data store containing information relating to characteristics of each of a multiplicity of potential network security information recipients; and

transmitting the signed network security information to each of the plurality of selected recipients.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention is directed to a facility for distributing network security information. The facility receives network security information and recipient selection information specifying a characteristic of perspective recipients to be used in selecting recipients for the security information. The facility then compares the received recipient selection information to each of a plurality of perspective recipient profiles. Each perspective recipient profile corresponds to one or more perspective recipients and indicates one or more characteristics of the perspective recipients relating to the receipt of network security information. Based upon this comparison, the facility selects at least a portion of the plurality of perspective recipients as recipients of the network security information, and addresses the network security information to each of the selected recipients.

11 Citations

View as Search Results

50 Claims

1. A method in a computer system for distributing network security information, comprising:
- attaching to the network security information a signature that both reliably identifies the origin of the network security information and characterizes the contents of the network security information, the attached signature enabling recipients of the network security information to identify the origin of the network security information and determine whether the network security information has been altered since the signature was attached;
  
  receiving a query identifying characteristics of potential network security information recipients that should receive the network security information;
  
  from among the multiplicity of potential recipients, selecting a plurality of recipients for the network security information by performing the query against a recipient profiling data store containing information relating to characteristics of each of a multiplicity of potential network security information recipients; and
  
  transmitting the signed network security information to each of the plurality of selected recipients.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein the network security information is transmitted to a recipient computer system, further comprising, in the recipient computer system:
    - receiving the signed network security information;
      
      using the signature to identify the origin of the network security information;
      
      using the signature to determine whether the network security information has been altered since the signature was attached; and
      
      only if the origin of the network security information is an acceptable origin and it is determined that the network security information has not been altered since the signature was attached, utilizing the network security information.
  - 3. The method of claim 2 wherein the network security information is utilized by displaying the network security information.
  - 4. The method of claim 2 wherein the network security information contains a computer program, and wherein the network security information is utilized by executing the computer program contained by the network security information.
  - 5. The method of claim 2 wherein the network security information contains data, and wherein the network security information is utilized by storing the data contained by the network security information in a local data structure.
  - 6. The method of claim 2, further comprising, when the network security information is received, displaying an indication that the network security information has been received.

7. A computer-readable medium whose contents cause a computer system to distribute network security information by:
- attaching to the network security information a signature that both reliably identifies the origin of the network security information and characterizes the contents of the network security information, the attached signature enabling recipients of the network security information to identify the origin of the network security information and determine whether the network security information has been altered since the signature was attached;
  
  receiving a query identifying characteristics of potential network security information recipients that should receive the network security information;
  
  from among the multiplicity of potential recipients, selecting a plurality of recipients for the network security information by performing the query against a recipient profiling data store containing information relating to characteristics of each of a multiplicity of potential network security information recipients; and
  
  p1 transmitting the signed network security information to each of the plurality of selected recipients.

8. A method in one or more computer systems for distributing network security information, comprising:
- receiving network security information;
  
  receiving recipient selection information specifying a characteristic of prospective recipients to be used in selecting recipients for the received network security information;
  
  comparing the received recipient selection information to each of a plurality of prospective recipient profiles, each prospective recipient profile corresponding to one or more prospective recipients and indicating one or more characteristics of the prospective recipients relating to the receipt of network security information;
  
  based upon the comparison, selecting at least a portion of the plurality of prospective recipients as recipients of the network security information; and
  
  addressing the received network security information to each of the selected recipients.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 28, 29, 30)
- - 9. The method of claim 8, further comprising delivering the network security information to one of the selected recipients to which it is addressed.
  - 10. The method of claim 9 wherein the delivery is performed directly in response to addressing the network security information to the selected recipient.
  - 11. The method of claim 9 wherein the delivery is performed directly in response to an inquiry from the selected recipient occurring at a time after the network security information is addressed to the selected recipient.
  - 12. The method of claim 11 wherein the inquiry from the selected recipient includes information reliably identifying the selected recipient, and wherein the delivery is only performed if the selected recipient is determined to be among the selected recipients.
  - 13. The method of claim 11 wherein the inquiry is one of a plurality of inquiries issued by the selected recipient at regular intervals.
  - 14. The method of claim 9, further comprising, before the delivery of the network security information, attaching to the network security information a reliable indication of the origin of the network security information.
  - 15. The method of claim 9, further comprising, before the delivery of the network security information, encrypting the network security information.
  - 16. The method of claim 8 wherein the network security information and recipient selection information are received from one or more specialists engaged in analyzing network security threats.
  - 17. The method of claim 8 wherein the network security information is addressed for delivery to a management computer system associated with each selected recipient.
  - 18. The method of claim 8 wherein the network security information is addressed for delivery to a network security device associated with each selected recipient.
  - 19. The method of claim 8 wherein the network security information contains a reference to related network security information on a secure web server.
  - 20. The method of claim 8 wherein the network security information is a notification of a new network security issue.
  - 21. The method of claim 8 wherein the network security information is usable by at least one of the selected recipients to modify the behavior of a network security device associated with the selected recipient.
  - 22. The method of claim 21 wherein the network security information specifies the modification of software executing on the network security device associated with each selected recipient to provide network security services.
  - 23. The method of claim 21 wherein the network security information specifies the modification of data used by the network security device associated with each selected recipient to provide network security services.
  - 24. The method of claim 8 wherein the network security information is usable by at least one of the selected recipients to modify the behavior of a network security device associated with the selected recipient to better protect the selected recipients against a newly identified network security threat.
  - 28. The method of claim 8, further comprising, in a recipient computer system:
    - receiving the network security information; and
      
      directly in response to receiving the network security information, notifying a user of the recipient computer system of the receipt of the network security information.
  - 29. The method of claim 28 wherein the user is notified by displaying a visual indication that network security information has been received.
  - 30. The method of claim 28 wherein the user is notified by outputting an audible indication that network security information has been received.

25-27. -27. (canceled)

31. A computer-readable medium whose contents cause one or more computer systems to distribute network security information by:
- receiving network security information;
  
  receiving recipient selection information specifying a characteristic of prospective recipients to be used in selecting recipients for the received network security information;
  
  comparing the received recipient selection information to each of a plurality of prospective recipient profiles, each prospective recipient profile corresponding to one or more prospective recipients and indicating one or more characteristics of the prospective recipients relating to the receipt of network security information;
  
  based upon the comparison, selecting at least a portion of the plurality of prospective recipients as recipients of the network security information; and
  
  addressing the received network security information to each of the selected recipients.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
- - 32. The computer-readable medium of claim 31 wherein the contents of the computer-readable medium further cause the computer systems to deliver the network security information to one of the selected recipients to which it is addressed.
  - 33. The computer-readable medium of claim 32 wherein the delivery is performed directly in response to addressing the network security information to the selected recipient.
  - 34. The computer-readable medium of claim 32 wherein the delivery is performed directly in response to an inquiry from the selected recipient occurring at a time after the network security information is addressed to the selected recipient.
  - 35. The computer-readable medium of claim 34 wherein the inquiry from the selected recipient includes information reliably identifying the selected recipient, and wherein the delivery is only performed if the selected recipient is determined to be among the selected recipients.
  - 36. The computer-readable medium of claim 32 wherein the contents of the computer-readable medium further cause the computer systems to, before the delivery of the network security information, attach to the network security information a reliable indication of the origin of the network security information.
  - 37. The computer-readable medium of claim 32 wherein the contents of the computer-readable medium further cause the computer systems to, before the delivery of the network security information, encrypt the network security information.
  - 38. The computer-readable medium of claim 31 wherein the network security information contains a reference to related network security information on a secure web server.
  - 39. The computer-readable medium of claim 31 wherein the network security information is a notification of a new network security issue.
  - 40. The computer-readable medium of claim 31 wherein the network security information is usable by at least one of the selected recipients to modify the behavior of a network security device associated with the selected recipient.
  - 41. The computer-readable medium of claim 40 wherein the network security information specifies the modification of software executing on the network security device associated with each selected recipient to provide network security services.
  - 42. The computer-readable medium of claim 40 wherein the network security information specifies the modification of data used by the network security device associated with each selected recipient to provide network security services.
  - 43. The computer-readable medium of claim 31 wherein the network security information is usable by at least one of the selected recipients to modify the behavior of a network security device associated with the selected recipient to better protect the selected recipients against a newly identified network security threat.

44. An apparatus for distributing network security information, comprising:
- a receiver component adapted to receive network security information and recipient selection information specifying a characteristic of prospective recipients to be used in selecting recipients for the received network security information;
  
  a recipient selection component adapted to compare the recipient selection information received by the receiver component to each of a plurality of prospective recipient profiles, each prospective recipient profile corresponding to one or more prospective recipients and indicating one or more characteristics of the prospective recipients relating to the receipt of network security information, and, based upon the comparison, select at least a portion of the plurality of prospective recipients as recipients of the network security information received by the receiver component; and
  
  an addressing component adapted to address the received network security information to each of the recipients selected by the recipient selection component.

45. A method in a computer system for receiving network security information, comprising:
- periodically transmitting a request to a network security information provider computer system for new network security information, the request containing a reliable identification of the computer system;
  
  receiving from a network security information provider computer system a response to a transmitted request, the response containing network security information, the response further having a signature that both reliably identifies the source of the network security information and characterizes the contents of the network security information when the network security information left the source of the network security information;
  
  using the signature to determine whether the source of the network security information is a trusted source;
  
  using the signature to determine whether the network security information has been altered since the network security information left the source of the network security information; and
  
  only if it is determined both (1) that the source of the network security information is a trusted source and (2) that the network security information has not been altered since the network security information left the source of the network security information, using the network security information in the computer system.

46. A computer-readable medium whose contents cause a computer system to receive network security information by:
- periodically transmitting a request to a network security information provider computer system for new network security information, the request containing a reliable identification of the computer system;
  
  receiving from a network security information provider computer system a response to a transmitted request, the response containing network security information, the response further having a signature that both reliably identifies the source of the network security information and characterizes the contents of the network security information when the network security information left the source of the network security information;
  
  using the signature to determine whether the source of the network security information is a trusted source;
  
  using the signature to determine whether the network security information has been altered since the network security information left the source of the network security information; and
  
  only if it is determined both (1) that the source of the network security information is a trusted source and (2that the network security information has not been altered since the network security information left the source of the network security information, using the network security information in the computer system.

47. A computer system for receiving network security information, comprising:
- a request transmitter adapted to periodically transmit a request to a network security information provider computer system for new network security information, the request containing a reliable identification of the computer system;
  
  a receiver adapted to receive from a network security information provider computer system a response to a request transmitted by the request transmitter, the response containing network security information, the response further having a signature that both reliably identifies the source of the network security information and characterizes the contents of the network security information when the network security information left the source of the network security information;
  
  an analyzer adapted to use the signature contained in the response received by the receiver to determine both (1) whether the source of the network security information is a trusted source and (2) whether the network security information has been altered since the network security information left the source of the network security information; and
  
  a network security subsystem adapted to use the network security information in the computer system only if it is determined by the analyzer both (1) that the source of the network security information is a trusted source and (2) that the network security information has not been altered since the network security information left the source of the network security information.

48. A computer memory containing a network security information addressing data structure, comprising:
- for each of a plurality of addressee candidates, a unique identification of the addressee candidate; and
  
  information about the addressee candidate relating to criteria for distributing network security information, such that, for an instance of network security information specifying distribution criteria, the information about the addressee candidates relating to criteria for distributing network security information contained by the data structure may be used to identify addressee candidates having the distribution criteria specified for the instance of network security information, and such that the unique identifications of the addressee candidates contained by the data structure may be used to indicate the identification of each of the identified addressee candidates.

49. A computer memory containing a network security information data structure, comprising:
- network security information usable to automatically modify the behavior of a network security device, the network security information having a source; and
  
  a signature reliably indicating both the source of the network security information and the contents of the network security information when the network security information left the source, such that the signature contained by the data structure may be used to determine whether to use the network security information contained by the data structure to automatically modify the behavior of a network security device.

50. A generated data signal conveying a network security information data structure, comprising:
- network security information usable to modify the behavior of a network security device, the network security information having a source; and
  
  a signature reliably indicating both the source of the network security information and the contents of the network security information when the network security information left the source, such that the signature contained by the data structure may be used to determine whether to use the network security information contained by the data structure to modify the behavior of a network security device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
David Wayne Bonn, Randall Craig Boroughs
Original Assignee
David Wayne Bonn, Randall Craig Boroughs
Inventors
Boroughs, Randall Craig, Bonn, David Wayne

Application Number

US10/876,257
Publication Number

US 20050132199A1
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

H04L 63/0442 wherein the sending and rec...

H04L 63/126 the source of the received ...

Secure and differentiated delivery of network security information

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

11 Citations

50 Claims

Specification

Use Cases

Quick Links

Others

Secure and differentiated delivery of network security information

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

50 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others