Methods and Systems for Enabling Community-Tested Security Features for Legacy Applications

US 20100154027A1
Filed: 12/17/2008
Published: 06/17/2010
Est. Priority Date: 12/17/2008
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for enabling community-tested security features for legacy applications, the method comprising:

identifying a legacy application on a client system;

identifying a security-feature-enablement rule for the legacy application;

enabling at least one security feature for the legacy application by executing the security-feature-enablement rule;

determining the impact of the security-feature-enablement rule on the health of the legacy application;

relaying the impact of the security-feature-enablement rule on the health of the legacy application to a server.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method for enabling community-tested security features for legacy applications may include: 1) identifying a plurality of client systems, 2) identifying a legacy application on a client system within the plurality of client systems, 3) identifying a security-feature-enablement rule for the legacy application, 4) enabling at least one security feature for the legacy application by executing the security-feature-enablement rule, 5) determining the impact of the security-feature-enablement rule on the health of the legacy application, and then 6) relaying the impact of the security-feature-enablement rule on the health of the legacy application to a server. Various other methods, systems, and computer-readable media are also disclosed.

47 Citations

View as Search Results

20 Claims

1. A computer-implemented method for enabling community-tested security features for legacy applications, the method comprising:
- identifying a legacy application on a client system;
  
  identifying a security-feature-enablement rule for the legacy application;
  
  enabling at least one security feature for the legacy application by executing the security-feature-enablement rule;
  
  determining the impact of the security-feature-enablement rule on the health of the legacy application;
  
  relaying the impact of the security-feature-enablement rule on the health of the legacy application to a server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein identifying the security-feature-enablement rule comprises receiving the security-feature-enablement rule from the server.
  - 3. The method of claim 1, wherein determining the impact of the security-feature-enablement rule on the health of the legacy application comprises:
    - performing a first health evaluation prior to executing the security-feature-enablement rule;
      
      after executing the security-feature-enablement rule, performing a second health evaluation;
      
      comparing the second health evaluation with the first health evaluation to determine how the security-feature-enablement rule impacted the health of the legacy application.
  - 4. The method of claim 1, further comprising, prior to identifying the security-feature-enablement rule, identifying a request from a user to opt in to early testing of security-feature-enablement rules.
  - 5. The method of claim 1, further comprising transmitting a list to the server that identifies each legacy application on the client system.
  - 6. The method of claim 1, wherein the security-feature-enablement rule comprises a particular combination of security-feature-enablement rules.
  - 7. The method of claim 1, further comprising:
    - receiving an instruction from the server to disable the security-feature-enablement rule for the legacy application;
      
      disabling the security-feature-enablement rule for the legacy application.
  - 8. The method of claim 1, wherein executing the security-feature-enablement rule comprises:
    - identifying startup of the legacy application;
      
      retrieving a security configuration for the legacy application;
      
      enabling a security feature in the security configuration as specified by the security-feature-enablement rule.

9. A computer-implemented method for enabling community-tested security features for legacy applications, the method comprising:
- identifying a plurality of client systems;
  
  identifying a subset of the plurality of client systems that is designated to test security features for legacy applications;
  
  transmitting a security-feature-enablement rule to at least one client system in the subset;
  
  receiving, from the client system in the subset, health-impact information that identifies the impact of the security-feature-enablement rule on the health of a legacy application on the client system;
  
  determining, based on the health-impact information, whether to roll out the security-feature-enablement rule to the plurality of client systems.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method of claim 9, further comprising:
    - determining that the security-feature-enablement rule did not negatively impact the health of the legacy application;
      
      initiating a staged roll-out of the security-feature-enablement rule to the plurality of client systems.
  - 11. The method of claim 10, further comprising:
    - receiving, from at least one additional client system within the plurality of client systems, health-impact information for the security-feature-enablement rule;
      
      determining that the security-feature-enablement rule negatively impacted the health of a legacy application on the additional client system;
      
      aborting the staged roll-out of the security-feature-enablement rule.
  - 12. The method of claim 10, wherein initiating the staged roll-out comprises increasing distribution of the security-feature-enablement rule by increments in multiple stages until the distribution encompasses the plurality of client systems.
  - 13. The method of claim 9, wherein the security-feature-enablement rule comprises a particular combination of security-feature-enablement rules.
  - 14. The method of claim 9, wherein the health-impact information comprises:
    - a performance index containing results for at least one performance metric;
      
      a stability index containing results for at least one stability metric.

15. A system for enabling community-tested security features for legacy applications, the system comprising a client module programmed to:
- identify a legacy application on a client system;
  
  identify a security-feature-enablement rule for the legacy application;
  
  enable at least one security feature for the legacy application by executing the security-feature-enablement rule;
  
  determine the impact of the security-feature-enablement rule on the health of the legacy application;
  
  relay the impact of the security-feature-enablement rule on the health of the legacy application to a server.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, further comprising a server module programmed to:
    - identify a plurality of client systems;
      
      identify a subset of the plurality of client systems that designated to test security features for legacy applications;
      
      transmit the security-feature-enablement rule to at least one client system in the subset;
      
      receive, from the client system in the subset, health-impact information that identifies the impact of the security-feature-enablement rule on the health of a legacy application on the client system;
      
      determine, based on the health-impact information, whether to roll out the security-feature-enablement rule to the plurality of client systems.
  - 17. The system of claim 16, wherein the server module is further programmed to:
    - determine that the security-feature-enablement rule did not negatively impact the health of the legacy application;
      
      initiate a staged roll-out of the security-feature-enablement rule to the plurality of client systems.
  - 18. The system of claim 17, wherein the server module is further programmed to:
    - receive, from at least one additional client system within the plurality of client systems, health-impact information for the security-feature-enablement rule;
      
      determine that the security-feature-enablement rule negatively impacted the health of a legacy application on the additional client system;
      
      abort the staged roll-out of the security-feature-enablement rule.
  - 19. The method of claim 17, wherein the staged roll-out comprises increasing distribution of the security-feature-enablement rule by increments in multiple stages until the distribution encompasses the plurality of client systems.
  - 20. The system of claim 15, wherein the security-feature-enablement rule comprises a particular combination of security-feature-enablement rules.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Sobel, William E., Satish, Sourabh

Granted Patent

US 8,713,687 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/125   by manipulating the program...

G06F 21/126   Interacting with the operat...

G06F 21/552   involving long-term monitor...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/604   Tools and structures for ma...

H04L 63/1433   Vulnerability analysis

H04L 63/145   the attack involving the pr...

H04L 63/20   for managing network securi...

Methods and Systems for Enabling Community-Tested Security Features for Legacy Applications

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

47 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and Systems for Enabling Community-Tested Security Features for Legacy Applications

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

47 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links