Information Security

US 20190312906A1
Filed: 04/09/2019
Published: 10/10/2019
Est. Priority Date: 04/09/2018
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method of implementing information security, the method comprising:

in response to receiving an interaction request for a requesting entity, a request receiving component starting a timer for an approval time period;

in response to receiving the interaction request, the request receiving component sending a request for approval or disproval of the interaction request; and

in response to receiving the interaction request, the request receiving component forwarding the request for processing by a request processing component.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An information security system that incorporates time, feedback, and/or varying trust in analyzing and responding to attacks. A solution can defer processing of a request for a period of time, which can be sufficient to allow the request to be approved or disproved. The solution can be configured to automatically approve or disprove the request after the period of time if no affirmative response is received. Trust for an entity can be periodically determined and can automatically decay over time. Feedback can be used as part of the approval/disproval process and/or to reevaluate trust.

Citations

20 Claims

1. A computer-implemented method of implementing information security, the method comprising:
- in response to receiving an interaction request for a requesting entity, a request receiving component starting a timer for an approval time period;
  
  in response to receiving the interaction request, the request receiving component sending a request for approval or disproval of the interaction request; and
  
  in response to receiving the interaction request, the request receiving component forwarding the request for processing by a request processing component.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising, in response to receiving the interaction request, the request processing component delaying processing the interaction request for a delay line period.
  - 3. The method of claim 2, wherein the delay line period is greater than the approval time period.
  - 4. The method of claim 1, further comprising the request processing component initiating processing the request prior to expiration of the approval time period.
  - 5. The method of claim 4, further comprising the request receiving component halting further processing of the interaction request by the request processing component in response to at least one of:
    - the request being disproved or the approval time period expiring without the request receiving component receiving a response to the request for approval or disproval.
  - 6. The method of claim 1, wherein the request for approval or disproval is sent to the requesting entity.
  - 7. The method of claim 1, wherein the request for approval or disproval is sent to an approving entity, distinct from the requesting entity.
  - 8. The method of claim 7, wherein the approving entity has a higher trust factor than the requesting entity.
  - 9. The method of claim 1, wherein the request for approval or disproval is automatically processed by an attack protection component, wherein the attack protection component evaluates the request using a trust factor for the requesting entity.
  - 10. The method of claim 9, wherein the attack protection component automatically degrades the trust factor for the requesting entity over time.
  - 11. The method of claim 10, wherein the attack protection component adjusts the trust factor in response to evaluating additional information regarding the requesting entity.

12. A computer system comprising:
- a computing device including a request receiving component for receiving interaction requests and a request processing component for processing the interaction requests, wherein the request receiving component is configured to;
  
  in response to receiving an interaction request for a requesting entity, start a timer for an approval time period;
  
  in response to receiving the interaction request, send a request for approval or disproval of the interaction request; and
  
  in response to receiving the interaction request, forward the request for processing by the request processing component.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The system of claim 12, wherein, in response to receiving the interaction request, the request processing component delays processing the interaction request for a delay line period.
  - 14. The system of claim 12, wherein the request processing component initiates processing the request prior to expiration of the approval time period.
  - 15. The system of claim 14, wherein the request receiving component halts further processing of the interaction request by the request processing component in response to at least one of:
    - the request being disproved or the approval time period expiring without the request receiving component receiving a response to the request for approval or disproval.
  - 16. The system of claim 12, wherein the request for approval or disproval is sent to an approving entity, distinct from the requesting entity.
  - 17. The system of claim 12, further comprising an attack protection component configured to automatically process the request for approval or disproval, wherein the attack protection component evaluates the request using a trust factor for the requesting entity.
  - 18. The system of claim 17, wherein the attack protection component automatically degrades the trust factor for the requesting entity over time.

19. A computer system comprising:
- a computing device including;
  
  a request receiving component for receiving interaction requests;
  
  a request processing component for processing the interaction requests; and
  
  an attack protection component for evaluating the interaction requests with respect to at least one type of attack,wherein, in response to receiving an interaction request for a requesting entity;
  
  the request receiving component starts a timer for an approval time period;
  
  the request receiving component sends a request for approval or disproval of the interaction request for processing by the attack protection component;
  
  the request receiving component forwards the request for processing by the request processing component;
  
  the attack protection component evaluates the interaction request and approves or disproves the interaction request; and
  
  the request processing component halts further processing the interaction request in response to the attack protection component disproving the interaction request or continues processing the interaction request in response to the attack protection component approving the interaction request.
- View Dependent Claims (20)
- - 20. The computer system of claim 19, wherein the computing device is a firewall.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Winn Schwartau
Original Assignee
Winn Schwartau
Inventors
Schwartau, Winn

Granted Patent

US 11,438,369 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/55   Detecting local intrusion o...

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/2137   Time limited access, e.g. t...

H04L 63/14   for detecting or protecting...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1441   Countermeasures against mal...

H04L 63/20   for managing network securi...

Information Security

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Information Security

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links