METHOD AND APPARATUS FOR MONITORING AND ANALYZING DEGREE OF TRUST AND INFORMATION ASSURANCE ATTRIBUTES INFORMATION IN A DATA PROVIDENCE ARCHITECTURE WORKFLOW

US 20100251374A1
Filed: 01/05/2010
Published: 09/30/2010
Est. Priority Date: 03/24/2009
Status: Active Grant

First Claim

Patent Images

1. A method for monitoring and analyzing degree of trust and information assurance attributes information in a data providence architecture workflow, comprising:

receiving a message having a data provenance wrapper, wherein the message may or may not have attachments and the data provenance wrapper contains a data provenance record with data provenance information for the message and each attachment;

examining each data provenance record of the message and any attachments for discrepancies, wherein the examination of each data provenance record of the message and any attachments includes;

verifying signatures of senders of the message and any attachments;

calculating a hash value for the message and any attachments;

verifying that the hash value for the message and any attachments matches the values in the data provenance record for the message and any attachments;

verifying the timestamp of the message and any attachments; and

verifying information assurance attributes of the message and any attachments, the information assurance attributes being at least one of authenticity, confidentiality, integrity, non-repudiation, and availability;

identifying any discrepancies in the examination of each data provenance record of the message and any attachments;

calculating a degree of trust based on the security attributes and message identification information included in the message, the data provenance record and any discrepancies identified in the examination of each data provenance record of the message and any attachments; and

presenting the degree of trust and information assurance attributes information to the user on a display.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus that monitors and analyzes degree of trust and information assurance attributes information in a data providence architecture workflow is disclosed. The method may include receiving a message having a data provenance wrapper, examining each data provenance record of the message and any attachments for discrepancies, identifying any discrepancies in the examination of each data provenance record of the message and any attachments; calculating a degree of trust based on any discrepancies identified in the examination of each data provenance record of the message and any attachments, and presenting the degree of trust and information assurance attributes information to the user on a display.

Citations

21 Claims

1. A method for monitoring and analyzing degree of trust and information assurance attributes information in a data providence architecture workflow, comprising:
- receiving a message having a data provenance wrapper, wherein the message may or may not have attachments and the data provenance wrapper contains a data provenance record with data provenance information for the message and each attachment;
  
  examining each data provenance record of the message and any attachments for discrepancies, wherein the examination of each data provenance record of the message and any attachments includes;
  
  verifying signatures of senders of the message and any attachments;
  
  calculating a hash value for the message and any attachments;
  
  verifying that the hash value for the message and any attachments matches the values in the data provenance record for the message and any attachments;
  
  verifying the timestamp of the message and any attachments; and
  
  verifying information assurance attributes of the message and any attachments, the information assurance attributes being at least one of authenticity, confidentiality, integrity, non-repudiation, and availability;
  
  identifying any discrepancies in the examination of each data provenance record of the message and any attachments;
  
  calculating a degree of trust based on the security attributes and message identification information included in the message, the data provenance record and any discrepancies identified in the examination of each data provenance record of the message and any attachments; and
  
  presenting the degree of trust and information assurance attributes information to the user on a display.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the data provenance information includes at least one of message identification information, outgoing security attributes, timestamp, identification information of owner of signature, references, hash of an invariant part of the message, hash algorithm used, security label, authenticity objective information, authenticity subjective information, confidentiality objective information, confidentiality subjective information, integrity objective information, integrity subjective information, availability objective information, availability subjective information, and sender'"'"'s signature.
  - 3. The method of claim 1, further comprising:
    - receiving a request from the user to generate a report, the report including degree of trust and information assurance attributes information; and
      
      generating the requested report.
  - 4. The method of claim 1, wherein presenting the degree of trust and information assurance attributes information to the user on a display includes presenting one of icons, links, dials, and buttons that when activated, provide detailed information on at least one of the information assurance attributes.
  - 5. The method of claim 1, wherein presenting the degree of trust and information assurance attributes information to the user on a display includes presenting degree of trust information at each stage of a workflow.
  - 6. The method of claim 1, wherein presenting the degree of trust and information assurance attributes information to the user on a display includes presenting a summary that includes a total integrity measurement for the workflow that takes in account degree of trust and information assurance attributes information.
  - 7. The method of claim 1, wherein the message is received at one of a processing device, a mobile communication device, a portable computer, a desktop computer, a server, a network router, a gateway device, and combinations thereof.

8. An apparatus that monitors and analyzes degree of trust and information assurance attributes information in a data providence architecture workflow, comprising:
- a display that presents information to a user;
  
  a communication interface that facilitates the sending and receiving of messages; and
  
  a data provenance information analysis unit that receives a message through the communication interface having a data provenance wrapper, examines each data provenance record of the message and any attachments for discrepancies, identifies any discrepancies in the examination of each data provenance record of the message and any attachments, calculates a degree of trust based on the security attributes and message identification information included in the message, the data provenance record and any discrepancies identified in the examination of each data provenance record of the message and any attachments, and presents the degree of trust and information assurance attributes information to the user on the display,wherein the message may or may not have attachments and the data provenance wrapper contains a data provenance record with data provenance information for the message and each attachment, andwherein in the examination of each data provenance record of the message and any attachments, the data provenance information analysis unit verifies signatures of senders of the message and any attachments, calculates a hash value for the message and any attachments, verifies that the hash value for the message and any attachments matches the values in the data provenance record for the message and any attachments, verifies the timestamp of the message and any attachments, and verifies information assurance attributes of the message and any attachments, the information assurance attributes being at least one of authenticity, confidentiality, integrity, non-repudiation, and availability.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The apparatus of claim 8, wherein the data provenance information includes at least one of message identification information, outgoing security attributes, timestamp, identification information of owner of signature, references, hash of an invariant part of the message, hash algorithm used, security label, authenticity objective information, authenticity subjective information, confidentiality objective information, confidentiality subjective information, integrity objective information, integrity subjective information, availability objective information, availability subjective information, and sender'"'"'s signature.
  - 10. The apparatus of claim 8, wherein the data provenance information analysis unit receives a request from the user to generate a report, and generates the requested report, the report including degree of trust and information assurance attributes information.
  - 11. The apparatus of claim 8, wherein in presenting the degree of trust and information assurance attributes information to the user on the display, the data provenance information analysis unit presents one of icons, links, dials, and buttons that when activated, provide detailed information on at least one of the information assurance attributes.
  - 12. The apparatus of claim 8, wherein in presenting the degree of trust and information assurance attributes information to the user on the display, the data provenance information analysis unit presents degree of trust information at each stage of a workflow.
  - 13. The apparatus of claim 8, wherein in presenting the degree of trust and information assurance attributes information to the user on the display, the data provenance information analysis unit presents a summary that includes a total integrity measurement for the workflow that takes in account degree of trust and information assurance attributes information.
  - 14. The apparatus of claim 8, wherein the message is received at one of a processing device, a mobile communication device, a portable computer, a desktop computer, a server, a network router, a gateway device, and combinations thereof.

15. A computer-readable medium storing instructions for controlling a computing device for monitoring and analyzing degree of trust and information assurance attributes information in a data providence architecture workflow, the instructions comprising:
- receiving a message having a data provenance wrapper, wherein the message may or may not have attachments and the data provenance wrapper contains a data provenance record with data provenance information for the message and each attachment;
  
  examining each data provenance record of the message and any attachments for discrepancies, wherein the examination of each data provenance record of the message and any attachments includes;
  
  verifying signatures of senders of the message and any attachments;
  
  calculating a hash value for the message and any attachments;
  
  verifying that the hash value for the message and any attachments matches the values in the data provenance record for the message and any attachments;
  
  verifying the timestamp of the message and any attachments; and
  
  verifying information assurance attributes of the message and any attachments, the information assurance attributes being at least one of authenticity, confidentiality, integrity, non-repudiation, and availability;
  
  identifying any discrepancies in the examination of each data provenance record of the message and any attachments;
  
  calculating a degree of trust based on the security attributes and message identification information included in the message, the data provenance record and any discrepancies identified in the examination of each data provenance record of the message and any attachments; and
  
  presenting the degree of trust and information assurance attributes information to the user on a display.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The computer-readable medium of claim 15, wherein the data provenance information includes at least one of message identification information, outgoing security attributes, timestamp, identification information of owner of signature, references, hash of an invariant part of the message, hash algorithm used, security label, authenticity objective information, authenticity subjective information, confidentiality objective information, confidentiality subjective information, integrity objective information, integrity subjective information, availability objective information, availability subjective information, and sender'"'"'s signature.
  - 17. The computer-readable medium of claim 15, receiving a request from the user to generate a report, the report including degree of trust and information assurance attributes information;
    - andgenerating the requested report.
  - 18. The computer-readable medium of claim 15, wherein presenting the degree of trust and information assurance attributes information to the user on a display includes presenting one of icons, links, dials, and buttons that when activated, provide detailed information on at least one of the information assurance attributes.
  - 19. The computer-readable medium of claim 15, wherein presenting the degree of trust and information assurance attributes information to the user on a display includes presenting degree of trust information at each stage of a workflow.
  - 20. The computer-readable medium of claim 15, wherein presenting the degree of trust and information assurance attributes information to the user on a display includes presenting a summary that includes a total integrity measurement for the workflow that takes in account degree of trust and information assurance attributes information.
  - 21. The computer-readable medium of claim 15, wherein the message is received at one of a processing device, a mobile communication device, a portable computer, a desktop computer, a server, a network router, a gateway device, and combinations thereof.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lockheed Martin Corporation (Martin Marietta Corporation)
Original Assignee
Lockheed Martin Corporation (Martin Marietta Corporation)
Inventors
CRAPO, Andrew, BARNETT, Bruce, DILL, Stephen J., MOITRA, Abha

Granted Patent

US 8,281,141 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

H04L 51/00   User-to-user messaging in p...

H04L 51/08   Annexed information, e.g. a...

H04L 51/234   for tracking messages

H04L 63/20   for managing network securi...

METHOD AND APPARATUS FOR MONITORING AND ANALYZING DEGREE OF TRUST AND INFORMATION ASSURANCE ATTRIBUTES INFORMATION IN A DATA PROVIDENCE ARCHITECTURE WORKFLOW

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR MONITORING AND ANALYZING DEGREE OF TRUST AND INFORMATION ASSURANCE ATTRIBUTES INFORMATION IN A DATA PROVIDENCE ARCHITECTURE WORKFLOW

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links