Identifying data associated with security issue attributes

US 20090007272A1
Filed: 06/28/2007
Published: 01/01/2009
Est. Priority Date: 06/28/2007
Status: Active Grant

First Claim

Patent Images

1. A method for identifying data related to a software security issue comprising:

accessing a software security issue;

determining one or more attributes associated with said software security issue;

accessing aggregated software security data retrieved from a plurality of on-line sources;

analyzing said aggregated software security data for said attributes associated with said security issue; and

associating a first portion of said aggregated data with said security issue based on matching said attributes associated with said security issue with contents of said first portion of said aggregated data based on said analyzing.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for identifying data related to a software security issue is provided. The method includes accessing a software security issue and determining one or more attributes associated with the software security issue. The method also includes accessing aggregated software security data retrieved from a plurality of on-line sources and searching the aggregated software security data for the attributes associated with the security issue. The method further includes associating a portion of the aggregated data with the security issue based on matching the attributes associated with the security issue with contents of the portion of the aggregated data.

101 Citations

View as Search Results

19 Claims

1. A method for identifying data related to a software security issue comprising:
- accessing a software security issue;
  
  determining one or more attributes associated with said software security issue;
  
  accessing aggregated software security data retrieved from a plurality of on-line sources;
  
  analyzing said aggregated software security data for said attributes associated with said security issue; and
  
  associating a first portion of said aggregated data with said security issue based on matching said attributes associated with said security issue with contents of said first portion of said aggregated data based on said analyzing.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein said first portion of said aggregated data includes a seed document associated with said security issue.
  - 3. The method of claim 1 further comprising:
    - determining a similarity between said seed document and a second portion of said aggregated data.
  - 4. The method of claim 1 further comprising:
    - using a learning approach to determine a weight value for one or more of said attributes, said weight value for determining similarity between said first portion and a second portion of said aggregated data.
  - 5. The method of claim 4 wherein said weight value is used to determine if said first portion of said aggregated data is associated with said security issue.
  - 6. The method of claim 1 wherein said portion of said aggregated data includes a set of documents associated with said security issue.

7. Instructions on a computer-usable medium wherein said instructions when executed cause a computer system to perform a method for identifying data associated with a software security issue, said computer-implemented method comprising:
- accessing a software security issue;
  
  determining one or more attributes associated with said software security issue;
  
  accessing aggregated software security data retrieved from a plurality of on-line sources;
  
  analyzing said aggregated software security data for said attributes associated with said security issue; and
  
  associating a first portion of said aggregated data with said security issue based on matching said attributes associated with said security issue with contents of said first portion of said aggregated data based on said analyzing.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The instructions of claim 7 wherein said first portion of said aggregated data includes a seed document associated with said security issue.
  - 9. The instructions of claim 7 wherein said method further comprises:
    - determining a similarity between said seed document and a second portion of said aggregated data.
  - 10. The instructions of claim 7 wherein said method further comprises:
    - using a learning approach to determine a weight value for one or more of said attributes, said weight value for determining similarity between said first portion and a second portion of said aggregated data.
  - 11. The instructions of claim 10 wherein said weight value is used to determine if said first portion of said aggregated data is associated with said security issue.
  - 12. The instructions of claim 7 wherein said portion of said aggregated data includes a set of documents associated with said security issue.

13. A system for identifying data associated with a software security issue comprising:
- an issue accessor module for accessing a software security issue;
  
  an attribute determiner module for determining one or more attributes associated with said software security issue;
  
  a data accessor module accessing aggregated software security data retrieved from a plurality of on-line sources;
  
  a search module for analyzing said aggregated software security data for said attributes associated with said security issue; and
  
  an associator module for associating a portion of said aggregated data with said security issue based on matching said attributes associated with said security issue with contents of said portion of said aggregated data.
- View Dependent Claims (14, 15, 16, 18, 19)
- - 14. The system of claim 13 wherein said matching includes finding an exact match or a partial match to one or more of said attributes associated with said security issue.
  - 15. The system of claim 13 wherein said matching comprises determining a probability that said contents of said portion of said aggregated data is matches said attributes associated with said security issue.
  - 16. The system of claim 13 further comprising:
    - an attribute weight determiner module for determining a weight value for one or more of said attributes associated with said security issue.
  - 18. The system of claim 13 wherein said portion of said aggregated data includes a document associated with said security issue.
  - 19. The system of claim 13 wherein said portion of said aggregated data is provided to a user.

17. The system of claim 17 wherein said weight value is used to determine if said portion of said aggregated data is associated with said security issue.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Zhang, Dongmei, Hou, Xiaohui, Dang, Yingnong, Huang, Song, Wang, Jian

Granted Patent

US 8,302,197 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/26
CPC Class Codes

G06F 21/57 Certifying or maintaining t...

Identifying data associated with security issue attributes

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

101 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Identifying data associated with security issue attributes

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

101 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links