METHODS AND SYSTEMS FOR PREVENTING INFORMATION THEFT

US 20080060062A1
Filed: 08/31/2006
Published: 03/06/2008
Est. Priority Date: 08/31/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method of preventing information theft, comprising:

receiving a request to establish a connection to a secure destination;

determining a validity of the secure destination; and

preventing the connection to the secure destination when the secure destination is determined invalid,wherein determining the validity of the secure destination comprises authenticating security credentials of the secure destination.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention assist in preventing information theft by automatically blocking a user from interacting with an invalid or insecure site on a network, such as a suspect SSL site the Internet. In particular, information theft may be prevented by determining the validity of a secure destination. Instead of providing a warning, the user is automatically blocked from establishing a connection to that site, or blocks any rendering of the broken site. The user may then realize that they have navigated to an unsecured location and should reconsider their action.

72 Citations

View as Search Results

20 Claims

1. A method of preventing information theft, comprising:
- receiving a request to establish a connection to a secure destination;
  
  determining a validity of the secure destination; and
  
  preventing the connection to the secure destination when the secure destination is determined invalid,wherein determining the validity of the secure destination comprises authenticating security credentials of the secure destination.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising sending a message when the connection is prevented.
  - 3. The method of claim 1, wherein the secure destination is determined invalid if the security credentials are expired.
  - 4. The method of claim 1, wherein the secure destination is determined invalid if the security credentials are revoked.
  - 5. The method of claim 1, wherein the secure destination is determined invalid if the security credentials are an incorrect type.
  - 6. The method of claim 1, wherein the secure destination is determined invalid if the security credentials do not originate from a known and trusted issuer are self-signed.
  - 7. The method of claim 1, wherein the secure destination is determined invalid if the security credentials are self-signed.
  - 8. The method of claim 1, wherein preventing the connection to the secure destination comprises blocking connection to the secure destination.
  - 9. The method of claim 1, wherein preventing the connection to the secure destination comprises disabling rendering of the secure destination.
  - 10. An apparatus comprising of means for performing the method of claim 1.
  - 11. A computer readable medium comprising computer-readable instructions for causing a processor to perform the method of claim 1.

12. A method of preventing phishing of personal information, comprising:
- receiving a request to establish a connection to a secure socket layer (SSL) website;
  
  determining a validity of the SSL website;
  
  preventing the connection to the SSL website when the SSL website is determined invalid,wherein determining the validity of the SSL website comprises authenticating a certificate of the SSL website.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The method of claim 12, wherein preventing the connection to the SSL website comprises blocking connection to the SSL website.
  - 14. The method of claim 12, wherein preventing the connection to the SSL website comprises preventing rendering of the SSL website.
  - 15. The method of claim 12, wherein the SSL website is determined invalid if the certificate is expired.
  - 16. The method of claim 12, wherein the SSL website is determined invalid if the certificate is revoked.
  - 17. The method of claim 12, wherein the SSL website is determined invalid if the certificate is an incorrect type.
  - 18. The method of claim 12, wherein the SSL website is determined invalid if the certificate does not originate from an issuer that is known and trusted.
  - 19. The method of claim 12, wherein the SSL website is determined invalid if the certificate is self-signed.

20. A system for preventing information theft, comprising:
- an input for receiving a request to establish a connection to a secure destination;
  
  a processor configured to determine a validity of the secure destination and prevent the connection to the secure destination when the secure destination is determined invalid, wherein determining the validity of the secure destination comprises authenticating security credentials of the secure destination.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Red Hat, Inc. (International Business Machines Corporation)
Inventors
Lord, Robert B

Application Number

US11/469,471
Publication Number

US 20080060062A1
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06F 21/33   using certificates

G06F 2221/2119   Authenticating web pages, e...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0823   using certificates cryptogr...

H04L 63/1483   service impersonation, e.g....

H04L 63/166   at the transport layer

H04L 9/3263   involving certificates, e.g...

METHODS AND SYSTEMS FOR PREVENTING INFORMATION THEFT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

72 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHODS AND SYSTEMS FOR PREVENTING INFORMATION THEFT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

72 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links