Methods and systems for managing assets

US 7,668,947 B2
Filed: 10/04/2002
Issued: 02/23/2010
Est. Priority Date: 06/18/2002
Status: Active Grant

First Claim

Patent Images

1. A method of managing at least one asset, the method comprising:

associating at least one asset with at least one user;

generating at least one task list associated with the at least one asset and the at least one user via a framework server, the at least one task list based on an assessed security posture of the asset and the at least one user associated with the at least one asset;

providing the at least one user with the at least one task list associated with the at least one asset, the task list comprising at least one task associated with a vulnerability of the asset and at least one task associated with at least one configuration standard associated with the asset; and

wherein;

presence of a task on the task list indicates that the task is to be performed by the at least one user; and

the at least one task list comprises a list of tasks that are to be performed to configure the at least one asset in accordance with the task list.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosed methods and systems can be used to manage at least one asset, where the methods and systems include associating the at least one asset with at least one user, and providing the at least one user with at least one task list that includes at least one task associated with a vulnerability of the asset and at least one task associated with a configuration standard associated with the asset.

Citations

39 Claims

1. A method of managing at least one asset, the method comprising:
- associating at least one asset with at least one user;
  
  generating at least one task list associated with the at least one asset and the at least one user via a framework server, the at least one task list based on an assessed security posture of the asset and the at least one user associated with the at least one asset;
  
  providing the at least one user with the at least one task list associated with the at least one asset, the task list comprising at least one task associated with a vulnerability of the asset and at least one task associated with at least one configuration standard associated with the asset; and
  
  wherein;
  
  presence of a task on the task list indicates that the task is to be performed by the at least one user; and
  
  the at least one task list comprises a list of tasks that are to be performed to configure the at least one asset in accordance with the task list.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 18, 19, 20, 21, 22, 23, 32, 33, 34, 35, 36, 37, 38, 39)
- - 2. A method according to claim 1, wherein the at least one task list is at least one of:
    - an asset administration task list, an overdue notification task list, an archive notification task list, an approval task list, and an asset risk exception task list.
  - 3. A method according to claim 1, wherein the at least one asset comprises one or more asset components, where an asset component is at least one of:
    - at least one application, at least one device, at least one operating system, and at least one database.
  - 4. A method according to claim 1, wherein the at least one user is associated with at least one responsibility group.
  - 5. A method according to claim 1, further comprising:
    - providing at least one interface to associate the at least one asset with the at least one user.
  - 6. A method according to claim 1, wherein the at least one asset is associated with at least one of:
    - at least one Enterprise, at least one functional unit, and at least one responsibility group.
  - 7. A method according to claim 1, further comprising:
    - providing an interface to associate the at least one asset with at least one of;
      
      at least one Enterprise, at least one functional unit, and at least one responsibility group.
  - 8. A method according to claim 1, where the at least one asset is connected to a network.
  - 9. A method according to claim 1, where the at least one configuration standard comprises at least one minimum baseline procedure associated with at least one operational characteristic of the at least one asset.
  - 10. A method according to claim 1, further comprising providing at least one policy, where the at least one configuration standard is associated with the at least one policy.
  - 11. A method according to claim 10, where the policy is associated with an Enterprise.
  - 12. A method according to claim 1, further comprising:
    - generating at least one vulnerability profile associated with at least one detected vulnerability of the at least one asset, the at least one vulnerability profile comprising at least one link to at least one of;
      
      a patch and information, the patch and the information associated with the at least one vulnerability; and
      
      notifying the at least one user of the at least one generated vulnerability profile.
  - 13. A method according to claim 12, where the at least one link to the at least one patch comprises at least one uniform resource locator (URL).
  - 14. A method according to claim 1, further comprising:
    - providing the at least one configuration standard, where the at least one configuration standard is associated with an operational characteristic of the at least one asset; and
      
      notifying the at least one user of the at least one configuration standard.
  - 16. A method according to claim 1, further comprising:
    - providing at least one report based on at least one of;
      
      at least one asset profile, at least one vulnerability profile, and the at least one configuration standard.
  - 17. A method according to claim 16, where the at least one report is at least one of:
    - an asset vulnerability assessment report, an asset configuration standard assessment report, an asset vulnerability risk state report, an asset configuration standard risk state report, a vulnerability status summary report, a configuration standard status summary report, and an ad hoc report.
  - 18. A method according to claim 1, further comprising:
    - providing the at least one user with data based on a scanning module, the data comprising a detected vulnerability of the at least one asset.
  - 19. A method according to claim 1, further comprising:
    - providing the at least one user with data based on a scanning module, the data associated with at least one of;
      
      at least one detected vulnerability based on the at least one asset associated with the at least one user, at least one asset that is not associated with the user, and at least one detected vulnerability that is associated with at least one asset that is not associated with the user.
  - 20. A method according to claim 1, further comprising:
    - providing the at least one user with data based on a scanning module, the data associated with at least one of;
      
      at least one detected vulnerability based on the at least one asset component associated with the at least one user, at least one asset component that is not associated with the user, and at least one detected vulnerability that is associated with at least one asset component that is not associated with the user.
  - 21. A method according to claim 10, where the at least one policy comprises a name, a purpose, and a statement.
  - 22. A method according to claim 10, where the at least one policy is based on a default policy.
  - 23. A method according to claim 1, further comprising providing a risk assessment questionnaire, the risk assessment questionnaire defining criteria for determining a default level of security for the at least one asset.
  - 32. The method of claim 1, wherein at least one of the tasks comprises prompting the user to review the configuration standard and approve, reject, or revise the configuration standard.
  - 33. The method of claim 1, wherein:
    - at least one of the tasks comprises prompting the user to approve, reject, or modify a selection of security requirements associated with the asset; and
      
      the selected security requirements are associated with less security than default security requirements associated with the asset.
  - 34. The method of claim 1, wherein:
    - associating at least one asset with at least one user comprises in an asset profile for the at least one asset, associating the at least one asset with at least one user, the association indicating that the at least one user is responsible for managing the at least one asset; and
      
      further comprising;
      
      determining the identity of the user to receive the task list from the asset profile.
  - 35. The method of claim 1, wherein the task list comprises an asset administration task list, and further comprising providing the user with an overdue notification task list identifying at least one task in the asset administration task list if that task has not been performed after a period of time.
  - 36. The method of claim 1, further comprising allowing the user to view, search, and edit at least one of the tasks using an interface.
  - 37. The method of claim 1, wherein:
    - the at least one asset comprises one of a plurality of assets of the same type; and
      
      the at least one task associated with the at least one configuration standard allows for a consistent deployment of the plurality of assets to a plurality of users, the consistent deployment comprising consistent operation characteristics of the plurality of assets.
  - 38. The method of claim 1, wherein the user comprises a responsibility group, and further comprising:
    - enabling a first member of the responsibility group to accept responsibility for completing at least one of the tasks on the task list; and
      
      notifying a second member of the responsibility group that the first member has accepted the responsibility.
  - 39. The method of claim 1, wherein the user comprises a responsibility group and further comprising:
    - informing the responsibility group as to a completion status of each of the tasks on the task list.

15. A method of managing at least one asset, the method comprising:
- associating at least one asset with at least one user;
  
  generating at least one task list associated with the at least one asset and the at least one user via a framework server, the at least one task list based on an assessed security posture of the asset and the at least one user associated with the at least one asset;
  
  providing the at least one user with the at least one task list associated with the at least one asset, the task list comprising at least one task associated with a vulnerability of the asset and at least one task associated with at least one configuration standard associated with the asset;
  
  providing the at least one configuration standard, where the at least one configuration standard is associated with an operational characteristic of the at least one asset;
  
  notifying the at least one user of the at least one configuration standard, wherein;
  
  the at least one configuration standard comprises a procedure for implementing an operational characteristic of the at least one asset; and
  
  the at least one task list comprises a list of task that are to be performed by the at least one user to configure the at least one configuration standard.

24. A system for managing at least one asset, the system comprising:
- at least one memory operable to store information that associates at least one asset with at least one vulnerability and at least one configuration standard; and
  
  a processor operable to;
  
  associate the asset with at least one user;
  
  generate at least one task list associated with the at least one asset and the at least one user via a framework server, the at least one task list based on an assessed security posture of the asset and the at least one user associated with the at least one asset;
  
  provide the user with the at least one task list, the task list comprising at least one task associated with a vulnerability of the asset and at least one task associated with a configuration standard associated with the asset; and
  
  wherein;
  
  presence of a task on the task list indicates that the task is to be performed by the user; and
  
  the at least one task list comprises a list of tasks that are to be performed to configure the at least one asset in accordance with the task list.
- View Dependent Claims (25, 26, 27)
- - 25. A system according to claim 24, where the at least one asset comprises one or more asset components, and where an asset component is at least one of:
    - at least one application, at least one device, at least one operating system, and at least one database.
  - 26. A system according to claim 24, where the at least one vulnerability comprises at least one of a vulnerability name, a discovery date, a description of the vulnerability, a vulnerability type, a vulnerability risk rating, and a list of one or more assets affected by the vulnerability.
  - 27. A system according to claim 24, wherein the at least one configuration standard comprises:
    - a description of the at least one configuration standard, at least one implementation procedure, at least one implementation script, and at least one manual review procedure.

28. Logic embodied in a computer readable medium, the logic operable when executed to:
- associate at least one asset with at least one user;
  
  generate at least one task list associated with the at least one asset and the at least one user via a framework server, the at least one task list based on an assessed security posture of the asset and the at least one user associated with the at least one asset;
  
  provide the user with at least one task list, the task list comprising at least one task associated with a vulnerability of the asset and at least one task associated with at least one configuration standard associated with the asset; and
  
  wherein;
  
  presence of a task on the task list indicates that the task is to be performed by the user; and
  
  the at least one task list comprises a list of tasks that are to be performed to configure the at least one asset in accordance with the task list.
- View Dependent Claims (29, 30, 31)
- - 29. The logic of claim 28, wherein the at least one task list is at least one of:
    - an asset administration task list, an overdue notification task list, an archive notification task list, an approval task list, and an asset risk exception task list.
  - 30. The logic of claim 28, wherein the at least one configuration standard comprises at least one minimum baseline procedure associated with at least one operational characteristic of the at least one asset.
  - 31. The logic of claim 28 further operable when executed to:
    - generate at least one vulnerability profile associated with at least one detected vulnerability of the at least one asset, the at least one vulnerability profile comprising at least one link to at least one of;
      
      a patch and information, the patch and the information associated with the at least one vulnerability; and
      
      notify the at least one user of the at least one generated vulnerability profile.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Computer Associates Think Inc. (Broadcom, Inc.), ESecurityOnline, LLC
Original Assignee
Computer Associates Think Inc. (Broadcom, Inc.)
Inventors
Hutchinson, Robin, Giubileo, John, O'Brien, Darci
Primary Examiner(s)
Jacobs; Lashonda T

Application Number

US10/264,789
Publication Number

US 20030233438A1
Time in Patent Office

2,699 Days
Field of Search

709223-224, 709/203, 709/217, 709/219, 713201-202, 705 25- 26
US Class Current

709/223
CPC Class Codes

G06Q 10/10   Office automation; Time man...

H04L 63/0428   wherein the data content is...

H04L 63/102   Entity profiles

H04L 63/20   for managing network securi...

Methods and systems for managing assets

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

39 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for managing assets

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

39 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links