System, method and software for supplying activation information to a subsystem
First Claim
1. A security system comprising:
- an activation token identifying system characteristics and specifying a threat level and at least one preset activation measure, wherein a system characteristic is one of the group of a hardware system, a service, a configuration of a service, a service execution platform, and a service version;
a first system comprising a processor, the first system configured to at least review security and vulnerability information from information publishers and to provide the activation token based on the security and vulnerability information; and
a second system configured to receive the activation token from a source external to the second system, the second system further configured to determine whether the activation token is relevant by checking if actual characteristics at the second system correspond to the system characteristics identified by the activation token, the second system further configured to transform the activation token into at least one activation measure if the activation token is considered relevant by the second system, the activation measure configured to modify services executing at the second system.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention provides a form of reacting on security or vulnerability information relevant for a system comprising computer software and/or hardware or electronics, wherein a service provider with a first subsystem (1) is providing activation tokens to be received by a customer with a second subsystem (2). The activation tokens including activation information and naming of system characteristics in machine readable and filterable manner. The second subsystem (2) comprises receiving means (11) for controlling the receiving of the activation tokens, checking means (12) for automatically determining whether the activation information is relevant for the second subsystem (2) by checking whether the second subsystem has characteristics corresponding to the naming of an activation token, and transforming means (13) for transforming relevant activation information into at least one activation measure for the second subsystem (2). The activation measures will reduce the vulnerability of the second subsystem.
60 Citations
18 Claims
-
1. A security system comprising:
-
an activation token identifying system characteristics and specifying a threat level and at least one preset activation measure, wherein a system characteristic is one of the group of a hardware system, a service, a configuration of a service, a service execution platform, and a service version; a first system comprising a processor, the first system configured to at least review security and vulnerability information from information publishers and to provide the activation token based on the security and vulnerability information; and a second system configured to receive the activation token from a source external to the second system, the second system further configured to determine whether the activation token is relevant by checking if actual characteristics at the second system correspond to the system characteristics identified by the activation token, the second system further configured to transform the activation token into at least one activation measure if the activation token is considered relevant by the second system, the activation measure configured to modify services executing at the second system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A security system comprising:
-
an activation token identifying system characteristics and specifying a threat level and at least one preset activation measure, wherein a system characteristic is one of the group of a hardware system, a service, a configuration of a service, a service execution platform, and a service version; a first system comprising a processor, the first system configured to at least review security and vulnerability information from information publishers and to provide the activation token based on the security and vulnerability information, wherein the information publishers are external to the first system; and a second system configured to determine whether the activation token is relevant by checking if actual characteristics at the second system correspond to the system characteristics identified by the activation token, the second system further configured to transform the activation token into at least one activation measure if the activation token is considered relevant by the second system, the activation measure configured to modify services executing at the second system. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification