Managing supplied data
First Claim
1. By a data recipient in a computing system environment, a method of managing entropy data supplied from a data source, comprising:
- scoring the entropy data to determine whether it meets or exceeds a predetermined policy score; and
developing a reputation value of the data source based upon the scoring.
7 Assignments
0 Petitions
Accused Products
Abstract
In a computing system environment, a data recipient manages entropy data supplied from an external data source despite not knowing or being certain about their trustworthiness or if such varies over time. Features relate to scoring the data and determining whether it meets or exceeds a predetermined policy score. One or more initial or updated reputation values of the data source are contemplated and used for scoring. Logging of the scoring, reputation values or other matters is provided for historical purposes and to identify possible future corrective actions. Other embodiments contemplate enhancing the score of the entropy data. In some instances, use of less than all the data by the recipient occurs to increase attack-resistance. Whether such occurs or how much occurs remains substantially unbeknownst to all parties other than the data recipient. Still other embodiments contemplate computer-readable media.
-
Citations
29 Claims
-
1. By a data recipient in a computing system environment, a method of managing entropy data supplied from a data source, comprising:
-
scoring the entropy data to determine whether it meets or exceeds a predetermined policy score; and developing a reputation value of the data source based upon the scoring. - View Dependent Claims (2, 3, 4, 5)
-
-
6. By a data recipient in a computing system environment, a method of managing entropy data supplied from a data source, comprising:
-
scoring the entropy data to determine whether it meets or exceeds a predetermined policy score; developing a reputation value of the data source based upon the scoring; and logging the scoring and the reputation value. - View Dependent Claims (7, 8)
-
-
9. By a data recipient in a computing system environment, a method of managing entropy data supplied from a data source, comprising:
-
scoring multiple instances of received said entropy data to determine whether it meets or exceeds a predetermined policy score; and logging the multiple instances of the scoring. - View Dependent Claims (10, 11)
-
-
12. In a computing system environment, a method of managing data, comprising:
-
by a data source, supplying entropy data to a data recipient; by the data recipient, scoring the entropy data to determine whether it meets or exceeds a predetermined policy score; and by the data recipient and only known to the data recipient, selecting only certain of the entropy data for use in an intended application requiring entropy data. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A computer-readable medium having computer-executable instructions for managing supplied entropy data in a computing system environment, comprising:
-
a first component for receiving the supplied entropy data; a second component for scoring the supplied entropy data; a third component for determining whether the supplied entropy data meets or exceeds a predetermined policy score; and a fourth component for utilizing a reputation value of a data source supplying the entropy data with the second component for the scoring. - View Dependent Claims (18, 19, 20)
-
-
21. A method of managing a supplied plurality of random bits of ones and zeros from a data source, comprising;
-
unbiasing the supplied plurality of random bits to obtain a substantially equal number of one and zero bits; randomly selecting bits of the substantially equal number of one and zero bits; and discarding all other bits of the substantially equal number of one and zero bits not randomly selected. - View Dependent Claims (22, 23, 24)
-
-
25. By a data recipient in a computing system environment, a method of managing entropy data supplied from a data source, comprising:
-
scoring the entropy data to determine whether it meets or exceeds a predetermined policy score; developing a reputation value of the data source based upon the scoring; receiving subsequent entropy data from the data source and performing subsequent scoring of the subsequent entropy data, the performing the subsequent scoring using the developed reputation value; for a later intend application requiring entropy data, selecting only certain of the supplied or subsequent entropy data for use in the intended application; and discarding all other entropy data not found in the selected certain of the supplied or subsequent entropy data, the act of the discarding or the amount of the discarding being substantially unbeknownst to all parties other than the data recipient. - View Dependent Claims (26, 27, 28, 29)
-
Specification