Verifying Captured Objects Before Presentation

US 20100268959A1
Filed: 07/01/2010
Published: 10/21/2010
Est. Priority Date: 12/10/2003
Status: Active Grant

First Claim

Patent Images

1-26. -26. (canceled)

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Objects can be extracted from data flows captured by a capture device. Each captured object can then be classified according to content. Meta-data about captured objects can be stored in a tag. In one embodiment, the present invention includes receiving a request to present a previously captured object to a user, accessing a tag associated with the requested object, the tag containing metadata related to the object, the metadata including an object signature, and verifying that the object has not been altered since capture using the object signature before presenting the object to the user.

Citations

46 Claims

1-26. -26. (canceled)

27. A method, comprising:
- receiving a request to present a previously captured object to a user, wherein the captured object was intercepted by a capture system configured to intercept packets from data streams, and store network transmitted objects from the data streams according to a capture rule that defines which objects are to be captured by the capture system;
  
  accessing a tag associated with the object being requested, the tag containing metadata related to the object;
  
  verifying that the object has not been altered since capture using an object signature in the tag associated with the object; and
  
  presenting the object if the object and the tag are verified, and wherein if the object is not verified, then an alert is generated to indicate whether the object or the tag has been compromised.
- View Dependent Claims (28, 29, 30, 31, 32, 33, 34)
- - 28. The method of claim 27, wherein the tag includes a tag signature, and wherein the tag is verified using a hash, which is decrypted with a public key of the capture system.
  - 29. The method of claim 28, wherein the tag signature comprises a cryptographically secure signature.
  - 30. The method of claim 29, wherein the tag signature is signed using a private key of the capture system, the private key being part of a public key cryptosystem.
  - 31. The method of claim 27, wherein presenting the object to the user includes an option for the user to download the object.
  - 32. The method of claim 27, wherein the object is still presented to the user if the verification fails.
  - 33. The method of claim 27, wherein the capture system is configured to store a document captured by the capture system according to the capture rule, which identifies a particular internet protocol (IP) address from which the document was sent,
  - 34. The method of claim 27, wherein verifying that the object has not been altered since capture comprises calculating a new object signature for the object, and comparing the new object signature with the object signature in the tag associated with the object.

35. A capture system, comprising:
- a memory element and a processor, the capture system being configured for;
  
  receiving a request to present a previously captured object to a user, wherein the captured object was intercepted by the capture system configured to intercept packets from data streams, and store network transmitted objects from the data streams according to a capture rule that defines which objects are to be captured by the capture system;
  
  accessing a tag associated with the object being requested, the tag containing metadata related to the object;
  
  verifying that the object has not been altered since capture using an object signature in the tag associated with the object; and
  
  presenting the object if the object and the tag are verified, and wherein if the object is not verified, then an alert is generated to indicate whether the object or the tag has been compromised.
- View Dependent Claims (36, 37, 38, 39, 40, 41)
- - 36. The logic of claim 35, wherein the tag includes a tag signature, and wherein the tag is verified using a hash, which is decrypted with a public key of the capture system.
  - 37. The logic of claim 36, wherein the tag signature comprises a cryptographically secure signature.
  - 38. The logic of claim 37, wherein the tag signature is signed using a private key of the capture system, the private key being part of a public key cryptosystem.
  - 39. The logic of claim 35, wherein presenting the object to the user includes an option for the user to download the object.
  - 40. The logic of claim 35, wherein the object is still presented to the user if the verification fails.
  - 41. The logic of claim 35, wherein verifying that the object has not been altered since capture comprises calculating a new object signature for the object, and comparing the new object signature with the object signature in the tag associated with the object.

42. Logic encoded in one or more tangible media that includes code for execution and when executed by a processor operable to perform operations comprising:
- receiving a request to present a previously captured object to a user, wherein the captured object was intercepted by a capture system configured to intercept packets from data streams, and store network transmitted objects from the data streams according to a capture rule that defines which objects are to be captured by the capture system;
  
  accessing a tag associated with the object being requested, the tag containing metadata related to the object;
  
  verifying that the object has not been altered since capture using an object signature in the tag associated with the object; and
  
  presenting the object if the object and the tag are verified, and wherein if the object is not verified, then an alert is generated to indicate whether the object or the tag has been compromised.
- View Dependent Claims (43, 44, 45, 46)
- - 43. The logic of claim 42, wherein the tag includes a tag signature, and wherein the tag is verified using a hash, which is decrypted with a public key of the capture system.
  - 44. The logic of claim 43, wherein the tag signature comprises a cryptographically secure signature, and wherein the tag signature is signed using a private key of the capture system, the private key being part of a public key cryptosystem.
  - 45. The logic of claim 42, wherein the object is still presented to the user if the verification fails.
  - 46. The logic of claim 42, wherein presenting the object to the user includes an option for the user to download the object.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
de la Iglesia, Erik, King, Samuel, Khasgiwala, Ashish, Lowe, Rick, Coleman, Shaun

Granted Patent

US 8,271,794 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

H04L 9/3247 involving digital signatures

Verifying Captured Objects Before Presentation

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

Citations

46 Claims

Specification

Solutions

Use Cases

Quick Links

Verifying Captured Objects Before Presentation

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

46 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links