Method and apparatus for providing computer security

US 20060265750A1
Filed: 05/17/2005
Published: 11/23/2006
Est. Priority Date: 05/17/2005
Status: Active Grant

First Claim

Patent Images

1. A method for providing computer security, comprising:

storing subscriber information in a repository;

sending an exploit probe to a subscriber'"'"'s computer system; and

generating a probe message based on the computer system'"'"'s response to the exploit probe.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and apparatus for providing computer security is provided. Subscriber information is stored in a repository and an exploit probe is sent to a subscriber'"'"'s computer system. A probe message based on the computer system'"'"'s response to the exploit probe is generated.

86 Citations

View as Search Results

34 Claims

1. A method for providing computer security, comprising:
- storing subscriber information in a repository;
  
  sending an exploit probe to a subscriber'"'"'s computer system; and
  
  generating a probe message based on the computer system'"'"'s response to the exploit probe.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the repository is a database.
  - 3. The method of claim 1, wherein the subscriber information comprises one or more internet protocol addresses.
  - 4. The method of claim 1, wherein the exploit probe is sent to the computer system manually or automatically.
  - 5. The method of claim 1, further comprising alerting a user to a computer system exploit.
  - 6. The method of claim 5, wherein the alert is generated based on the probe message.
  - 7. The method of claim 5, wherein the alert comprises at least one of a sound generating element and a text message.
  - 8. The method of claim 1, wherein the computer system may deploy a patch to fix a computer system exploit.
  - 9. The method of claim 1, wherein exploit information may be stored in the repository.
  - 10. The method of claim 1, further comprising storing asset management information;
    - generating an exploit vulnerability report and comparing the exploit vulnerability report with the asset management information.

11. An apparatus for providing computer security, comprising:
- a storing system for storing subscriber information in a repository;
  
  a sending system for sending an exploit probe to a subscriber'"'"'s computer system; and
  
  a generating system for generating a probe message based on the computer system'"'"'s response to the exploit probe.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 12. The apparatus of claim 11, wherein the repository is a database.
  - 13. The apparatus of claim 11, wherein the subscriber information comprises one or more internet protocol addresses.
  - 14. The apparatus of claim 11, wherein the exploit probe is sent to the computer system manually or automatically.
  - 15. The apparatus of claim 11, further comprising and alerting system for alerting a user to a computer system exploit.
  - 16. The apparatus of claim 15, wherein the alert is generated based on the probe message.
  - 17. The apparatus of claim 15, wherein the alert comprises at least one of a sound generating element and a text message.
  - 18. The apparatus of claim 15, wherein the computer system may deploy a patch to fix a computer system exploit.
  - 19. The apparatus of claim 11, wherein exploit information may be stored in the repository.
  - 20. The apparatus of claim 11, further comprising a storing system for storing asset management information;
    - a generating system for generating a exploit vulnerability report and a comparing system for comparing the exploit vulnerability report with the asset management information.
  - 21. A system for providing computer security including the apparatus of claims 11 through 20.

22. A computer readable storage medium including computer executable code for providing computer security, comprising:
- code for storing subscriber information in a repository;
  
  code for sending an exploit probe to a subscriber'"'"'s computer system; and
  
  code for generating a probe message based on the computer system'"'"'s response to the exploit probe.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 23. The computer readable storage medium of claim 22, wherein the repository is a database.
  - 24. The computer readable storage medium of claim 22, wherein the subscriber information comprises one or more internet protocol addresses.
  - 25. The computer readable storage medium of claim 22, wherein the exploit probe is sent to the computer system manually or automatically.
  - 26. The computer readable storage medium of claim 22, further comprising code for alerting a user to a computer system exploit.
  - 27. The computer readable storage medium of claim 26, wherein the alert is generated based on the probe message.
  - 28. The computer readable storage medium of claim 26, wherein the alert comprises at least one of a sound generating element and a text message.
  - 29. The computer readable storage medium of claim 26, wherein the computer system may deploy a patch to fix a computer system exploit.
  - 30. The computer readable storage medium of claim 22, wherein exploit information may be stored in the repository.
  - 31. The computer readable storage medium of claim 22, further comprising code for storing asset management information;
    - code for generating a exploit vulnerability report and code for comparing the exploit vulnerability report with the asset management information.

32. An apparatus for providing computer security, comprising:
- a storing system for storing subscriber information in a repository;
  
  a sending system for sending an exploit probe to a subscriber'"'"'s computer system;
  
  a generating system for generating a probe message based on the computer system'"'"'s response to the exploit probe;
  
  a sub-system for interacting with exploitable software(s) to maximize spoofing effectiveness when deploying the exploit probe;
  
  a sub-system for maintaining virus security clearance status of communities of users based on their resistance to being fooled by the exploit probe;
  
  a sub-system for sharing the virus security clearance status with other computer security systems/sub-systems.
- View Dependent Claims (33, 34)
- - 33. The apparatus as recited in claim 32, wherein the sub-system for sharing the virus security clearance status with other computer security systems/sub-systems shares the status for purposes of allowing the other computer security systems/sub-systems to grant/deny/filter access to their enterprise resources based on the virus security clearance status.
  - 34. The apparatus as recited in claim 32, wherein the sub-system for sharing the virus security clearance status with other computer security systems/sub-systems shares the status for purposes of reporting on users'"'"' security clearances.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Computer Associates Think Inc. (Broadcom, Inc.)
Original Assignee
Computer Associates Think Inc. (Broadcom, Inc.)
Inventors
Huddleston, David E.

Granted Patent

US 7,788,723 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/24
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/2103   Challenge-response

Method and apparatus for providing computer security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

86 Citations

34 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for providing computer security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

86 Citations

34 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others