System trustworthiness tool and methodology

US 7,240,213 B1
Filed: 03/14/2003
Issued: 07/03/2007
Est. Priority Date: 03/15/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method for evaluating a designated system, comprising;

receiving input relating to the designated system;

classifying the input into information about elements of the designated system;

evaluating the elements based on evaluation parameters corresponding to each of the elements; and

producing a representation of trustworthiness of the designated system based on the classified information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A tool and methodology are described that can evaluate the trustworthiness of a system. In one embodiment, the system is classified in terms of the resources that constitute the system, the codes that apply to the system, the services produced by the system, the risks incurred by the system, and the costs associated with its use. A functional component of a trust decision to use the system involves a calculus to evaluate whether the probability that the services as a result of using the system will exceed the risks that may occur as valued by a user. The cost component of a trust decision includes an evaluation that the use of a system will occur at an acceptable cost and will produce economically acceptable results.

73 Citations

View as Search Results

35 Claims

1. A method for evaluating a designated system, comprising;
- receiving input relating to the designated system;
  
  classifying the input into information about elements of the designated system;
  
  evaluating the elements based on evaluation parameters corresponding to each of the elements; and
  
  producing a representation of trustworthiness of the designated system based on the classified information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. A method according to claim 1, wherein the input further relates to external circumstances applicable to the designated system.
  - 3. A method according to claim 1, wherein the representation of the trustworthiness of the designated system is capable of being displayed as vectors in a representation of a three-dimensional space, said vectors having a magnitude in accordance with the evaluated elements.
  - 4. A method according to claim 3, further comprising:
    - performing a Procrustes analysis with respect to the vectors in the representation in the three-dimensional space to compare with other vectors relating to other elements classified for another designated system.
  - 5. A method according to claim 4, wherein each of the elements of the designated system and the other elements of the other designated system are classified in terms of a common referential digital sequence.
  - 6. A method according to claim 1, wherein producing the representation of the trustworthiness of the system includes computing a trust signature stating the trustworthiness of the designated system based on the evaluated elements.
  - 7. A method according to claim 1, wherein the evaluation parameters include a weight, a rating, a frequency, and a probability.
  - 8. A method according to claim 1 further comprising:
    - collecting performance data relating to operating the designated system; and
      
      updating the evaluation parameters based on the collected performance data.
  - 9. A method according to claim 1, wherein the information about the element of the designated system includes information about positive costs and negative costs of the designated system.
  - 10. A method according to claim 1, further comprising:
    - identifying a risk that contributes negatively to the trustworthiness of the designated system;
      
      identifying an asset to mitigate the identified risk, wherein the asset includes at least one of a resource and a code;
      
      modifying the designated system to include the identified asset; and
      
      evaluating trustworthiness of the modified system.
  - 11. A method according to claim 10, wherein the asset identified to mitigate the identified risk are assigned a common referential digital sequence number.

12. A method for evaluating a designated system, comprising:
- receiving input relating to the designated system;
  
  classifying the input into information about elements of the designated system,wherein the information about the elements of the designated system includes information about the resources and codes of the designated system; and
  
  producing a representation of trustworthiness of the designated system based on the classified information.

13. A method for evaluating a designated system, comprising:
- receiving input relating to the designated system;
  
  classifying the input into information about elements of the designated system,wherein the information about the elements of the designated system includes information about the services and risks of the designated system; and
  
  producing a representation of trustworthiness of the designated system based on the classified information.

14. A computer-readable medium bearing instructions for evaluating a designated system, said instructions being arranged, upon execution, to cause one or more processors to perform the steps of:
- receiving input relating to the designated system;
  
  classifying the input into information about elements of the designated system; and
  
  producing a representation of trustworthiness of the designated system based on the classified information.

15. A tool for evaluating a designated system, comprising a computer system configured to perform the steps of:
- receiving input relating to the designated system;
  
  classifying the input into information about elements of the designated system; and
  
  producing a representation of trustworthiness of the designated system based on the classified information.

16. A method for evaluating a plurality of designated systems, comprising:
- producing respective trust profiles for the designated systems based on information about respective sets of elements of the designated systems;
  
  comparing the respective trust profiles, the step of comparing including,receiving a set of weights corresponding to at least one of a designated service and a designated risk,evaluating the respective trust profiles in accordance with the set of weights to produce respective numbers indicating respective trustworthiness of the designated systems, wherein each of the trust profiles references a corresponding functional profile that lists services performed by the corresponding designated system and risks incurred by operation of the corresponding designated system, andcomparing the respective numbers.

17. A method for evaluating a plurality of designated systems, comprising:
- producing respective trust profiles for the designated systems based on information about respective sets of elements of the designated systems;
  
  comparing the respective trust profiles, the step of comparing including,receiving a set of weights corresponding to at least one of a designated resource and a designated code,evaluating the respective trust profiles in accordance with the set of weights to produce respective numbers indicating respective trustworthiness of the designated systems, wherein each of the trust profiles references a corresponding functional profile that lists resources and codes, andcomparing the respective numbers.

18. A computer-readable medium bearing instructions for evaluating the designated system, said instructions being arranged, upon execution, to cause one or more processors to perform the steps of:
- producing respective trust profiles for the designated systems based on information about respective sets of elements of the designated systems; and
  
  comparing the respective trust profiles.

19. A tool for evaluating the designated system, comprising a computer system configured to perform the steps of:
- producing respective trust profiles for the designated systems based on information about respective sets of elements of the designated systems; and
  
  comparing the respective trust profiles.

20. A method for evaluating a designated system, comprising:
- receiving input indicative of a code that regulates conduct of a person operating the designated system or services performed by the designated system,wherein the input employs a referential digital sequence for the code, said referential digital sequence being derived from a hierarchical decomposition of the code;
  
  identifying a risk associated with the conduct of the person regulated by the code; and
  
  evaluating the trustworthiness of the designated system based on the identified risk.
- View Dependent Claims (21)
- - 21. A method according to claim 20, wherein the referential digital sequence for the code can be used to identify elements of the system that can be deployed to address the identified risk.

22. A computer-readable medium bearing instructions for evaluating the designated system, said instructions being arranged, upon execution, to cause one or more processors to perform the steps of:
- receiving input indicative of a code that regulates conduct of a person operating the designated system or services performed by the designated system;
  
  identifying a risk associated with the conduct of the person regulated by the code; and
  
  evaluating the trustworthiness of the designated system based on the identified risk.

23. A tool for evaluating the designated system, comprising a computer system configured to perform the steps of:
- receiving input indicative of a code that regulates conduct of a person operating the designated system or services performed by the designated system;
  
  identifying a risk associated with the conduct of the person regulated by the code; and
  
  evaluating the trustworthiness of the designated system based on the identified risk.

24. A method for evaluating a designated system, comprising:
- receiving input indicative of assets of the designated system;
  
  identifying services performed by the assets and risks incurred by operation of the assets;
  
  receiving a set of weights corresponding to at least one of a designated service and a designated risk; and
  
  evaluating the designated system based on the set of weights, the identified services, and the identified risks.
- View Dependent Claims (25, 26, 27, 28, 29)
- - 25. A method according to claim 24, further comprising:
    - receiving input indicative of a specified service to be produced by the designated system; and
      
      identifying a risk corresponding to the specified service.
  - 26. A method according to claim 24, wherein evaluating the designated system based on the set of weights includes:
    - evaluating the designated system based further on a set of ratings, frequencies, and probabilities corresponding to said at least one of the designated service and the designated risk.
  - 27. A method according to claim 26, further comprising:
    - collecting performance data relating to operating the designated system; and
      
      updating the set of evaluation parameters based on the collected performance data.
  - 28. A computer-readable medium bearing instructions for evaluating the designated system, said instructions being arranged, upon execution, to cause one or more processors to perform the steps of the method according to claim 24.
  - 29. A tool for evaluating the designated system, comprising a computer system configured to perform the method according to claim 24.

30. A method for evaluating trustworthiness of information produced by a system, comprising:
- generating a trust signature for the system, wherein the trust signature indicates trustworthiness of the system;
  
  associating the trust signature to the information; and
  
  comparing the trust signature associated to the information with a trust specification specified by a user.
- View Dependent Claims (31, 32)
- - 31. A computer-readable medium bearing instructions for evaluating the designated system, said instructions being arranged, upon execution, to cause one or more processors to perform the steps of the method according to claim 30.
  - 32. A tool for evaluating the designated system, comprising a computer system configured to perform the method according to claim 30.

33. A method for classifying elements of a designated system to facilitate automated evaluation of trustworthiness of the designated system:
- hierarchically decomposing a code applicable to the system into a listing that pertains to a related service and a related risk;
  
  assigning a referential digital sequence number to the listings of the decomposed code; and
  
  assigning referential digital sequence numbers to the related service and the related risk;
  
  whereby the referential digital sequence numbers can be employed to identify services and risks related to the code.
- View Dependent Claims (34, 35)
- - 34. A computer-readable medium bearing instructions for evaluating the designated system, said instructions being arranged, upon execution, to cause one or more processors to perform the steps of the method according to claim 33.
  - 35. A tool for evaluating the designated system, comprising a computer system configured to perform the method according to claim 33.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Waters Edge Consulting LLC
Original Assignee
Waters Edge Consulting LLC
Inventors
Ritter, Jeffrey B.
Primary Examiner(s)
Peeso; Thomas R.

Application Number

US10/387,419
Time in Patent Office

1,572 Days
Field of Search

713/182, 380/25, 380/23, 380/24
US Class Current

713/182
CPC Class Codes

G06Q 40/00 Finance; Insurance; Tax str...

System trustworthiness tool and methodology

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

73 Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

System trustworthiness tool and methodology

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

73 Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links