System and method for securing a computer system connected to a network from attacks

US 20050182949A1
Filed: 06/29/2004
Published: 08/18/2005
Est. Priority Date: 02/13/2004
Status: Active Grant

First Claim

Patent Images

1. A network security system for protecting computing devices connected to a communication network from an identified security threat, the system comprising:

a network security module interposed between a computing device and the communication network; and

a security service that publishes security information for network security modules, the security information comprising security measures, which, when implemented by the network security module, protect the corresponding computing device from an identified security threat.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network security system for protecting computing devices connected to a communication network from identified security threats is presented. A security service published security information intended for network security modules in the communication network. A network security module is interposed, either logically or physically, between a computer and the communication network. The security information comprises security measures which, when implemented by a network security module, protect the corresponding computer from an identified security threat to the computer.

Citations

21 Claims

1. A network security system for protecting computing devices connected to a communication network from an identified security threat, the system comprising:
- a network security module interposed between a computing device and the communication network; and
  
  a security service that publishes security information for network security modules, the security information comprising security measures, which, when implemented by the network security module, protect the corresponding computing device from an identified security threat.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The network security system of claim 1, wherein the security measures may include blocking all network access between the computing device and the communication network except network activities between the computing device and trusted communication network locations.
  - 3. The network security system of claim 2, wherein the security measures may include selectively blocking network activities between the computing device and the communication network that involve a range of communication ports corresponding to the network activity'"'"'s source and/or destination.
  - 4. The network security system of claim 3, wherein the security measures may include blocking network activities between a code module executing on the computing device and the communication network.
  - 5. The network security system of claim 4, wherein the security information further comprises a security level, and wherein the security level corresponds to the security measures in the security information.
  - 6. The network security system of claim 5, wherein the security information further comprises an operating system revision value, the operating system revision value identifying the latest available operating system revision for the computing device.
  - 7. The network security system of claim 6, wherein the security information further comprises an anti-virus software revision value, the anti-virus software revision value identifying the latest available anti-virus software revision for the computing device.
  - 8. The network security system of claim 1, wherein the security service, in response to a security request identifying an operating system revision value of the current revision of the operating system on the computing device, returns a security response comprising security measures for protecting the computing device from known security threats according to the current revision of the operating system on the computing device.
  - 9. The network security system of claim 8, wherein the security request further identifies an anti-virus software revision value of the current anti-virus software revision on the computing device, and wherein the security response comprises security measures for protecting the computing device from known security threats according to the current revision of the operating system and the anti-virus software on the computing device.
  - 10. The network security system of claim 1, wherein the security service publishes the security information by storing the security information on a trusted location connected to the communication network.
  - 11. The network security system of claim 1, wherein the security service publishes the security information by broadcasting the security information over a second communication link apart from the communication network.
  - 12. The network security system of claim 11, wherein the second communication link is a satellite communication link.
  - 13. The network security system of claim 11, wherein the second communication link is a radio frequency communication link.
  - 14. The network security system of claim 1, wherein the security service publishes the security information by a general broadcast over the communication network.
  - 15. The network security system of claim 1, wherein the security service publishes the security information over the communication network using a guaranteed delivery service.

16. A method for securing computing devices in a communication network from an identified security threat delivered over the communication network, the method comprising:
- obtaining information relating to the identified security threat to computing devices in the communication network; and
  
  publishing security information relating to the identified security threat to network security modules in the communication network, wherein each network security module in the communication network is interposed between a computing device and the communication network, and wherein the security information includes protective security measures which, when enforced by a network security module, secure at-risk network activities between the computing device and the communication network from the identified security threat.
- View Dependent Claims (17, 18, 19)
- - 17. The method of claim 16, wherein the protective security measures include blocking all network access between the computing device and the communication network except network activities between the computing device and trusted communication network locations.
  - 18. The method of claim 16, wherein the protective security measures include selectively blocking network activities between the computing device and the communication network that involve a range of communication ports corresponding to the network activity'"'"'s source and/or destination.
  - 19. The method of claim 16, wherein the protective security measures include blocking network activities between a code module executing on the computing device and the communication network.

20. A computer-readable medium having computer-executable instructions which, when executed, carry out a method for securing computing devices in a communication network from an identified security threat delivered over the communication network, the method comprising:
- obtaining information relating to the identified security threat to computing devices in the communication network; and
  
  publishing a security information relating to the identified security threat to network security modules in the communication network, wherein each network security module in the communication network is interposed between a computing device and the communication network, and wherein the security information includes protective security measures which, when enforced by a network security module, secure at-risk network activities between the computing device and the communication network from the identified security threat.

21. A network security system for protecting a computing device connected to a communication network from a network-delivered security threat, the network security system comprising:
- a security service that obtains information relating to a network-delivered security threat to the computing device, and publishes a security bulletin including protective security measures corresponding to network activities between the computing device and the communication network which, if implemented, protect the computing device from the network-delivered security threat; and
  
  a network security module interposed between the computing device and the communication network, wherein the network security module obtains the security bulletin published by the security service and selectively implements the protective security measure thereby securing the computing device from the network-delivered security threat.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Chandley, Adrian M., Westerinen, William J., Frank, Alexander, Phillips, Thomas G., Schoppa, Christopher A.

Granted Patent

US 7,814,543 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/189
CPC Class Codes

G06F 21/567   using dedicated hardware

H04L 63/02   for separating internal fro...

H04L 63/1441   Countermeasures against mal...

H04L 63/145   the attack involving the pr...

H04L 63/20   for managing network securi...

System and method for securing a computer system connected to a network from attacks

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for securing a computer system connected to a network from attacks

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links