Computer security

US 6,298,445 B1
Filed: 04/30/1998
Issued: 10/02/2001
Est. Priority Date: 04/30/1998
Status: Expired due to Term

First Claim

Patent Images

1. An integrated system for assessing vulnerabilities, comprising:

a database of security vulnerabilities;

a first module for accessing the database and for assessing security vulnerabilities of an operating system of a computer;

a second module for accessing the database and for assessing security vulnerabilities of a computer network that includes the computer;

a third module for accessing the database and for assessing security vulnerabilities in passwords used to access the computer or the network;

a fourth module for accessing the database and for assessing security vulnerabilities of a remote computer connected to the network; and

a fifth module for receiving an update to the database and updating the database.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one aspect, the invention relates to automatically providing enhancements to computer security software whenever the enhancement becomes available. In another aspect, the invention relates to an integrated system for assessing security vulnerabilities of a computer and/or a computer network.

Citations

14 Claims

1. An integrated system for assessing vulnerabilities, comprising:
- a database of security vulnerabilities;
  
  a first module for accessing the database and for assessing security vulnerabilities of an operating system of a computer;
  
  a second module for accessing the database and for assessing security vulnerabilities of a computer network that includes the computer;
  
  a third module for accessing the database and for assessing security vulnerabilities in passwords used to access the computer or the network;
  
  a fourth module for accessing the database and for assessing security vulnerabilities of a remote computer connected to the network; and
  
  a fifth module for receiving an update to the database and updating the database.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The integrated system of claim 1 wherein the first module determines permissions of the operating system.
  - 3. The integrated system of claim 1 wherein the first module determines whether predetermined changes have been made to the operating system.
  - 4. The integrated system of claim 1 wherein the second module connects to a network service and accepts information from the service.
  - 5. The integrated system of claim 1 wherein the second module connects to a network service and interrogates the service.
  - 6. The integrated system of claim 1 wherein the third module checks whether the words in a list have been used as passwords.
  - 7. The integrated system of claim 1 wherein the fourth module allows the remote computer to connect to a network service and accepts information from the service.
  - 8. The integrated system of claim 1 wherein the fourth module allows the remote computer to connect to a network service and interrogate the service.
  - 9. The integrated system of claim 1 wherein the fifth module also checks the authenticity and integrity of the update.
  - 10. The integrated system of claim 9 wherein the fifth module employs a cryptographic technique to check the authenticity and integrity of the update.
  - 11. The integrated system of claim 10 wherein the cryptographic technique comprises a digital signature.
  - 12. The integrated system of claim 1 wherein the fifth module receives the update after a request is made for the update.
  - 13. The integrated system of claim 1 wherein the fifth module receives the update automatically whenever the update becomes available.
  - 14. The integrated system of claim 1 wherein a sixth module is a communications module for communicating with a similar system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NortonLifeLock Inc.
Original Assignee
Netect Ltd (Gen Digital Inc.)
Inventors
Shostack, Adam, Allouch, David
Primary Examiner(s)
Trammell, James P.
Assistant Examiner(s)
Elisca, Pierre E.

Application Number

US09/070,698
Time in Patent Office

1,251 Days
Field of Search

380/21, 713/200, 713/201, 713/202, 340/825.31, 340/825.34, 709/229, 709/235
US Class Current

726/25
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

H04L 63/12   Applying verification of th...

H04L 63/1416   Event detection, e.g. attac...

Computer security

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Computer security

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links