Security-related programming interface

US 7,430,760 B2
Filed: 12/05/2003
Issued: 09/30/2008
Est. Priority Date: 12/05/2003
Status: Expired due to Fees

First Claim

Patent Images

1. A programming interface embodied on one or more computer storage media, comprising:

instructions to communicate a new security policy to a plurality of security engines, wherein at least one of the plurality of security engines implements an antivirus service, wherein each of the plurality of security engines is configured to replace an existing security policy with the new security policy, and wherein a new set of rules and/or data associated with the new policy is provided to each security engine; and

instructions to communicate an indication of each security engine'"'"'s readiness to implement the new security policy, wherein each of the plurality of security engines returns a value signifying whether it has processed the new set of rules and/or data received to indicate readiness to implement the new security policy.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A programming interface includes a first group of functions related to communicating a new security policy to multiple security engines. Each of the multiple security engines is configured to replace an existing security policy with the new security policy. The programming interface also includes a second group of functions related to communicating an indication of each security engine'"'"'s readiness to implement the new security policy.

46 Citations

View as Search Results

30 Claims

1. A programming interface embodied on one or more computer storage media, comprising:
- instructions to communicate a new security policy to a plurality of security engines, wherein at least one of the plurality of security engines implements an antivirus service, wherein each of the plurality of security engines is configured to replace an existing security policy with the new security policy, and wherein a new set of rules and/or data associated with the new policy is provided to each security engine; and
  
  instructions to communicate an indication of each security engine'"'"'s readiness to implement the new security policy, wherein each of the plurality of security engines returns a value signifying whether it has processed the new set of rules and/or data received to indicate readiness to implement the new security policy.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. A programming interface as recited in claim 1 wherein the instructions to communicate a new security policy to a plurality of security engines include a method that instructs each of the plurality of security engines to delete the new security policy.
  - 3. A programming interface as recited in claim 1 wherein the instructions to communicate a new security policy to a plurality of security engines include a method that initializes a particular security engine.
  - 4. A programming interface as recited in claim 1 wherein the instructions to communicate a new security policy to a plurality of security engines include a method that instructs each of the plurality of security engines to implement the new security policy.
  - 5. A programming interface as recited in claim 1 wherein the instructions to communicate a new security policy to a plurality of security engines further comprise a method that communicates new data associated with an existing security policy to at least one of the plurality of security engines.
  - 6. A programming interface as recited in claim 1 wherein the instructions to communicate a new security policy to a plurality of security engines further comprise a method that communicates configuration information to at least one of the plurality of security engines.
  - 7. A programming interface as recited in claim 1 wherein the instructions to communicate an indication of each security engine'"'"'s readiness to implement the new security policy include a method that indicates whether a particular security engine has implemented the new security policy.
  - 8. A programming interface as recited in claim 1 wherein the instructions to communicate an indication of each security engine'"'"'s readiness to implement the new security policy further comprise a method that retrieves updated data associated with a particular security policy.
  - 9. A programming interface as recited in claim 1 wherein the instructions to communicate an indication of each security engine'"'"'s readiness to implement the new security policy further comprise a method that communicates new data identified by one of the plurality of security engines to a security agent.
  - 10. A programming interface as recited in claim 1 wherein the instructions to communicate an indication of each security engine'"'"'s readiness to implement the new security policy further comprise a method that allows one of the plurality of security engines to query a user of a system containing the plurality of security engines.
  - 11. A programming interface as recited in claim 1 wherein at least one of the plurality of security engines implements a firewall application.
  - 12. A programming interface as recited in claim 1 wherein the plurality of security engines implement the new security policy after all security engines have indicated a readiness to implement the new security policy.

13. A computer system including:
- one or more microprocessors; and
  
  one or more software programs, the one or more software programs utilizing an application program interface to implement a security policy on a plurality of security engines, wherein at least one of the plurality of security engines implements an antivirus service, the application program interface comprising the following functions;
  
  a first function that communicates a new security policy to the plurality of security engines, wherein a new set of rules and/or data associated with the new policy is communicated;
  
  a second function that identifies whether each of the plurality of security engines is prepared to apply the new security policy based on a value generated by each of the plurality of security engines signifying whether it has processed the new set of rules and/or data; and
  
  a third function that instructs each of the plurality of security engines to implement the new security policy after determining that all of the security engines are prepared to apply the new security policy.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. A computer system as recited in claim 13 further comprising a fourth function that causes each of the plurality of security engines to delete the new security policy if at least one of the plurality of security engines is unable to apply the new security policy.
  - 15. A computer system as recited in claim 13 further comprising a fourth function related to communicating event information identified by a first security engine to the other security engines.
  - 16. A computer system as recited in claim 13 further comprising a fourth function related to communicating security-related information identified by a first security engine to an event manager.
  - 17. A computer system as recited in claim 16 wherein the event manager communicates the security-related information to at least one of the plurality of security engines.
  - 18. A computer system as recited in claim 13 wherein at least one of the plurality of security engines is associated with a first type of security attack.
  - 19. A computer system as recited in claim 18 wherein at least one of the plurality of security engines is associated with a second type of security attack.

20. A method comprising:
- calling at least one of a plurality of first functions to facilitate communicating a security policy to a first security engine, wherein at least one of the plurality of security engines implements an antivirus service;
  
  calling at least one of a plurality of second functions to facilitate determining whether the first security engine has applied the security policy; and
  
  calling at least one of a plurality of third functions to facilitate communicating security-related information from the first security engine to a second security engine, wherein the first security engine communicates whether it is ready to apply the security policy.
- View Dependent Claims (21, 22, 23, 24, 25)
- - 21. A method as recited in claim 20 wherein the security-related information identifies a type of security attack.
  - 22. A method as recited in claim 20 further comprising calling one or more fourth functions to facilitate interacting with a user of a system containing the first security engine.
  - 23. A method as recited in claim 20 further comprising calling one or more fourth functions to facilitate communicating configuration information to the first security engine.
  - 24. A method as recited in claim 20 further comprising calling one or more fourth functions to facilitate instructing the first security engine and the second security engine to implement the security policy.
  - 25. A method as recited in claim 20 further comprising calling one or more fourth functions to facilitate communicating a revised security policy to the first security engine.

26. A system comprising:
- means for storing instructions facilitating an application program interface implementing a security policy on a plurality of security engines;
  
  means for defining a first function that communicates a security-related event to an event manager, wherein the security-related event is detection of a virus, and wherein the communication of the security-related event includes information or details of the event being communicated;
  
  means for defining a second function that identifies a plurality of security engines associated with the security-related event, wherein the identified security engines are those security engines determined to be able to use the event information; and
  
  means for defining a third function that communicates the security-related event from the event manager to the identified security engines thus each of the plurality of security engines need not know of the other security engines;
  
  means for defining a fourth function that communicates a new security policy from the event manager to the plurality of security engines to increase security based on shared event information;
  
  means for defining a fifth function that instructs the plurality of security engines to replace an existing security policy with the new security policy; and
  
  means for defining a sixth function that communicates the ability of the plurality of security engines to replace an existing security policy with the new security policy.
- View Dependent Claims (27, 28, 29, 30)
- - 27. A system as recited in claim 26 further comprising:
    - means for defining a seventh function that instructs the plurality of security engines to implement the new security policy if all of the plurality of security engines can implement the new security policy.
  - 28. A system as recited in claim 27 further comprising means for defining a function that instructs the plurality to security engines to delete the new security policy if at least one of the plurality of security engines cannot implement the new security policy.
  - 29. A system as recited in claim 26 comprising means for detecting the security related event wherein the security-related event further comprises an unauthorized attempt to access a storage device.
  - 30. A system as recited in claim 26 further comprising means for defining a function that notifies the event manager that a particular security engine has finished processing another function call.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Fakes, Thomas, Townsend, Steven
Primary Examiner(s)
Parthasarathy; Pramila

Application Number

US10/729,823
Publication Number

US 20050125687A1
Time in Patent Office

1,761 Days
Field of Search

726 12- 14
US Class Current

726/13
CPC Class Codes

G06F 21/55   Detecting local intrusion o...

H04L 63/0227   Filtering policies mail mes...

H04L 63/1408   by monitoring network traff...

Security-related programming interface

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

46 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Security-related programming interface

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

46 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links