Identification of an attacker in an electronic system

US 7,140,039 B1
Filed: 06/07/2000
Issued: 11/21/2006
Est. Priority Date: 06/08/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method for identifying a particular component of an electronic system that accessed a resource of said electronic system comprising:

(a) creating an electronic security value unit that is used as payment to access said resource;

(b) distributing said electronic security value unit to said component;

(c) creating a first association between said component and said electronic security value unit, wherein said first association indicates said electronic security value unit was distributed to said component;

(d) providing said electronic security value unit from said component to a resource manager in exchange for access to said resource;

(e) creating a second association between said electronic security value unit and said access to said resource, wherein said second association indicates said electronic security value unit was used to access said resource; and

(f) analyzing said first association and said second association to determine that said component accessed said resource.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for identifying a particular component of an electronic system that accesses a resource of the electronic system using electronic security value units is described. First, electronic security value units are selectively distributing to a plurality of components, such as to a client, of the electronic system. Next, a unique first association is created with each individual component to which the security electronic security value units are distributed. Further, upon a particular access to a resource, a unique second association is created between particular ones of security electronic security value units and the particular access to the resource. In addition, the unique second association is analyzed to determine which particular security electronic security value units were used to access the particular resource. Then, the first association of the particular security electronic security value units is analyzed to determine the identity of the component which accessed the resource.

Citations

21 Claims

1. A method for identifying a particular component of an electronic system that accessed a resource of said electronic system comprising:
- (a) creating an electronic security value unit that is used as payment to access said resource;
  
  (b) distributing said electronic security value unit to said component;
  
  (c) creating a first association between said component and said electronic security value unit, wherein said first association indicates said electronic security value unit was distributed to said component;
  
  (d) providing said electronic security value unit from said component to a resource manager in exchange for access to said resource;
  
  (e) creating a second association between said electronic security value unit and said access to said resource, wherein said second association indicates said electronic security value unit was used to access said resource; and
  
  (f) analyzing said first association and said second association to determine that said component accessed said resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein said component is a group of one or more components, and wherein said resource is a group of one of more resources.
  - 3. The method of claim 1, wherein said electronic security value unit is distributed to said component upon a request of said component for access to said resource.
  - 4. The method of claim 1, wherein said distributing further comprises distributing said electronic security value unit from a first electronic bank server associated with said resource to a second electronic bank server associated with said component,wherein said first electronic bank server creates and records a first part of said first association, said first part indicating the distribution of said electronic security value unit to said second electronic bank server, andwherein said second electronic bank server creates and records a second part of said first association, said second part indicating the distribution of said electronic security value unit to said component.
  - 5. The method of claim 4, wherein said creating a second association further comprises subsequently distributing said electronic security value unit from said second electronic bank server to said component, and wherein said component creates and records said second association.
  - 6. The method of claim 1, wherein said first association and said second associations are protected against unauthorized access, tampering, and duplication.
  - 7. The method of claim 6, wherein said first association and said second associations are protected by encrypting said first association and said second associations.

8. A system, comprising:
- a resource;
  
  a component; and
  
  a resource manager; and
  
  wherein the system;
  
  creates an electronic security value unit that is used as payment to access said resource;
  
  distributes said electronic security value unit to said component;
  
  creates a first association between said component and said electronic security value unit, wherein said first association indicates said electronic security value unit was distributed to said component;
  
  provides said electronic security value unit from said component to said resource manager in exchange for access to said resource;
  
  creates a second association between said electronic security value unit and said access to said resource, wherein said second association indicates said electronic security value unit was used to access said resource; and
  
  analyzes said first association and said second association to determine that said component accessed said resource.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein said component is a group of one or more components, and wherein said resource is a group of one of more resources.
  - 10. The system of claim 8, wherein said electronic security value unit is distributed to said component upon a request of said component for access to said resource.
  - 11. The system of claim 8, further comprising a first electronic bank server associated with said resource and a second electronic bank server associated with said component,wherein, in distributing, said system distributes said electronic security value unit from said first electronic bank server to said second electronic bank server,wherein said first electronic bank server creates and records a first part of said first association, said first part indicating the distribution of said electronic security value unit to said second electronic bank server, andwherein said second electronic bank server creates and records a second part of said first association, said second part indicating the distribution of said electronic security value unit to said component.
  - 12. The system of claim 11, wherein, in creating said second association, said system also subsequently distributes said electronic security value unit from said second electronic bank server to said component, and wherein said component creates and records said second association.
  - 13. The system of claim 8, wherein said first association and said second association are protected against unauthorized access, tampering, and duplication.
  - 14. The system of claim 13, wherein said first association and said second association are protected by encrypting said first association and said second association.

15. At least one computer readable medium comprising instructions for executing on a computer system, the instructions including software applications for identifying a particular component of the computer system that accessed a resource of said computer system, the instructions for implementing:
- (a) creating an electronic security value unit that is used as payment to access said resource;
  
  (b) distributing said electronic security value unit to said component;
  
  (c) creating a first association between said component and said electronic security value unit, wherein said first association indicates said electronic security value unit was distributed to said component;
  
  (d) providing said electronic security value unit from said component to a resource manager in exchange for access to said resource;
  
  (e) creating a second association between said electronic security value unit and said access to said resource, wherein said second association indicates said electronic security value unit was used to access said resource; and
  
  (f) analyzing said first association and said second association to determine that said component accessed said resource.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The at least one computer readable medium of claim 15, wherein said component is a group of one or more components, and wherein said resource is a group of one of more resources.
  - 17. The at least one computer readable medium of claim 15, wherein said electronic security value unit is distributed to said component upon a request of said component for access to said resource.
  - 18. The at least one computer readable medium of claim 15, wherein said distributing further comprises distributing said electronic security value unit from a first electronic bank server associated with said resource to a second electronic bank server associated with said component,wherein said first electronic bank server creates and records a first part of said first association, said first part indicating the distribution of said electronic security value unit to said second electronic bank server, andwherein said second electronic bank server creates and records a second part of said first association, said second part indicating the distribution of said electronic security value unit to said component.
  - 19. The at least one computer readable medium of claim 18, wherein said creating a second association further comprises subsequently distributing said electronic security value unit from said second electronic bank server to said component, and wherein said component creates and records said second association.
  - 20. The at least one computer readable medium of claim 15, wherein said first association and said second association are protected against unauthorized access, tampering, and duplication.
  - 21. The at least one computer readable medium of claim 20, wherein said first association and said second association are protected by encrypting said first association and said second association.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Columbia Innovation Enterprise, Trustees Of Columbia University In The City Of New York (Columbia University)
Original Assignee
Trustees Of Columbia University In The City Of New York (Columbia University)
Inventors
Florissi, Danilo, Dailianas, Apostolos, Yemeni, Yechiam
Primary Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US09/589,427
Time in Patent Office

2,358 Days
Field of Search

713168-170, 713/187, 713200-202, 713/178, 713/150, 713/175, 713/176, 713179-181, 705/1, 705/14, 705/2, 705/80, 705/40, 705/26, 705/35, 705/42, 705 50- 56, 705/64, 705/65, 705/67, 705 75- 78, 709/219, 709/201, 709223-229, 370/352, 382/100, 382/139, 382/233, 700/266, 434/322, 372/29, 710/242, 711/219, 707/1, 707/9
US Class Current

726/9
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2135   Metering

G06F 2221/2151   Time stamp

G06Q 20/3821   Electronic credentials

Identification of an attacker in an electronic system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Identification of an attacker in an electronic system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links