SYSTEM AND METHOD FOR VERIFICATION OF DIGITAL CERTIFICATES
First Claim
1. In a computer network, a method for analyzing authenticity digital certificates, the method comprising:
- obtaining, from a plurality of diverse information sources within the computer network, initial information pertaining to digital certificates, wherein for each of the digital certificates the initial information includes;
intrinsic parameter data from among contents of the digital certificate;
extrinsic parameter data pertaining to the digital certificate and comprising static data not contained in the contents of the digital certificate;
storing, in a data store, selected parameter data from among the intrinsic parameter data and the extrinsic parameter data;
analyzing the selected parameter data to determine a measure of suspiciousness for each of the digital certificates;
based on the measure of suspiciousness, determining a need for collection of supplemental data for further analysis of any of the digital certificates;
in response to the determination of need for supplemental data for any of the digital certificates, collecting circumstantial data pertaining to that digital certificate, the circumstantial data being based on actual usage of that digital certificate;
comparing the initial data and supplemental data against a set of decision criteria, the set of decision criteria defining parameters and combinations of parameters associated with fraudulent activity; and
based on the comparing, providing a determination of authenticity of each of the digital certificates.
2 Assignments
0 Petitions
Accused Products
Abstract
Analysis of authenticity digital certificates includes. Initial information pertaining to digital certificates is collected from diverse information sources. For each of the digital certificates the initial information includes intrinsic parameter data from among contents of the digital certificate and extrinsic parameter data pertaining to the digital certificate and comprising static data not contained in the contents of the digital certificate. Selected parameter data is stored and analyzed to determine a measure of suspiciousness for each of the digital certificates. If necessary, circumstantial data based on actual usage of one or more of the digital certificates are collected. The initial data and supplemental data are compared against a set of decision criteria that define fraudulent activity, and a determination of authenticity of each of the digital certificates is made.
-
Citations
30 Claims
-
1. In a computer network, a method for analyzing authenticity digital certificates, the method comprising:
-
obtaining, from a plurality of diverse information sources within the computer network, initial information pertaining to digital certificates, wherein for each of the digital certificates the initial information includes; intrinsic parameter data from among contents of the digital certificate; extrinsic parameter data pertaining to the digital certificate and comprising static data not contained in the contents of the digital certificate; storing, in a data store, selected parameter data from among the intrinsic parameter data and the extrinsic parameter data; analyzing the selected parameter data to determine a measure of suspiciousness for each of the digital certificates; based on the measure of suspiciousness, determining a need for collection of supplemental data for further analysis of any of the digital certificates; in response to the determination of need for supplemental data for any of the digital certificates, collecting circumstantial data pertaining to that digital certificate, the circumstantial data being based on actual usage of that digital certificate; comparing the initial data and supplemental data against a set of decision criteria, the set of decision criteria defining parameters and combinations of parameters associated with fraudulent activity; and based on the comparing, providing a determination of authenticity of each of the digital certificates. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system for analyzing authenticity digital certificates comprising:
-
a computer system including computing hardware and a plurality of operatively coupled modules comprising instructions executable on the computing hardware, the modules including; an initial data collection module configured to obtain, from a plurality of diverse information sources communicatively coupled to the computer system, initial information pertaining to digital certificates, wherein for each of the digital certificates the initial information includes; intrinsic parameter data from among contents of the digital certificate; and extrinsic parameter data pertaining to the digital certificate and comprising static data not contained in the contents of the digital certificate; a database configured to store selected parameter data from among the intrinsic parameter data and the extrinsic parameter data; an abnormality detection module configured to analyze the selected parameter data to determine a measure of suspiciousness for each of the digital certificates, and, based on the measure of suspiciousness, determine a need for collection of supplemental data for further analysis of any of the digital certificates; a communication module configured to collect circumstantial data in response to a determination by the abnormality detection module of a need for supplemental data for any of the digital certificates, the circumstantial data pertaining to that digital certificate, and based on actual usage of that digital certificate; a suspicious certificate detection module configured to compare the initial data and supplemental data against a set of decision criteria, the set of decision criteria defining parameters and combinations of parameters associated with fraudulent activity; and a decision module configured to provide a determination of authenticity of each of the digital certificates based on an output the suspicious certificate detection module. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
Specification