Configuring and organizing server security information

US 7,712,137 B2
Filed: 02/27/2006
Issued: 05/04/2010
Est. Priority Date: 02/27/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A system that facilitates organizing server security-related information into a format readily usable by a user developing a server, the system comprising a computer having a processor and memory storing:

a server security schema configuration component that facilitates identification of expertise related to the server security-related information and that provides organizational information;

a server security schema component that is a pattern-based information model that groups the server security-related information and the expertise related to the server security-related information into a structure, the server security schema component comprising;

a plurality of server security-related categories associated with the server that are customized to a particular server type of the server, the plurality of server security-related categories identifying areas where security issues exist for the particular server type of the server,a plurality of vulnerability components, wherein each of the plurality of server security-related categories has at least one vulnerability component associated with it, the plurality of vulnerability components describing weaknesses that make attacks possible for the associated security-related category,a plurality of threat/attack components, wherein each of the plurality of vulnerability components has at least one threat/attack component associated with it, each of the plurality of threat/attack components referring to at least a threat or an attack, the threat describing an undesired event or a potential occurrence that may harm or compromise an asset, the attack describing an action taken that utilizes one or more vulnerabilities to realize a threat, anda plurality of countermeasure components, wherein each of the plurality of threat/attack components has at least one countermeasure component associated with it, the plurality of countermeasure components describing safeguards that address attacks or mitigate risks;

wherein the structure of the server security schema component is based on the organizational information and associations; and

wherein the security schema component, plurality of server security-related categories, plurality of vulnerability components, plurality of threat/attack components, and plurality of countermeasure components are used in developing a server of the particular server type.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A server security schema that can incorporate server security-related expertise into an information model is provided. The novel server security schema component can be applied to an application server, a web server and/or a database server to converge knowledge into securing the server by identifying categories, vulnerabilities, threats, attacks and countermeasures. The novel schema can create a common framework that converges knowledge with respect to any server type. More particularly, the novel server security schema can address server categories including a share, a service, an account, an audit and log, a file and directory, a registry, a protocol, a port, and a patch and update category.

Citations

20 Claims

1. A system that facilitates organizing server security-related information into a format readily usable by a user developing a server, the system comprising a computer having a processor and memory storing:
- a server security schema configuration component that facilitates identification of expertise related to the server security-related information and that provides organizational information;
  
  a server security schema component that is a pattern-based information model that groups the server security-related information and the expertise related to the server security-related information into a structure, the server security schema component comprising;
  
  a plurality of server security-related categories associated with the server that are customized to a particular server type of the server, the plurality of server security-related categories identifying areas where security issues exist for the particular server type of the server,a plurality of vulnerability components, wherein each of the plurality of server security-related categories has at least one vulnerability component associated with it, the plurality of vulnerability components describing weaknesses that make attacks possible for the associated security-related category,a plurality of threat/attack components, wherein each of the plurality of vulnerability components has at least one threat/attack component associated with it, each of the plurality of threat/attack components referring to at least a threat or an attack, the threat describing an undesired event or a potential occurrence that may harm or compromise an asset, the attack describing an action taken that utilizes one or more vulnerabilities to realize a threat, anda plurality of countermeasure components, wherein each of the plurality of threat/attack components has at least one countermeasure component associated with it, the plurality of countermeasure components describing safeguards that address attacks or mitigate risks;
  
  wherein the structure of the server security schema component is based on the organizational information and associations; and
  
  wherein the security schema component, plurality of server security-related categories, plurality of vulnerability components, plurality of threat/attack components, and plurality of countermeasure components are used in developing a server of the particular server type.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1, wherein the plurality of security-related categories includes a share, a service, an account, an audit and log, a file and directory, a registry, a protocol, a port, and a patch and update category.
  - 3. The system of claim 1, wherein the plurality of security-related categories includes at least one of an operating system category, a network category and a patch and update category.
  - 4. The system of claim 1, wherein the plurality of security-related categories includes a share, a service, an account, an audit and log, a file and directory, and registry category.
  - 5. The system of claim 1, wherein the plurality of security-related categories includes a protocol and a port category.
  - 6. The system of claim 1, wherein the plurality of security-related categories includes a patch and update category.
  - 7. The system of claim 1, wherein the server type of the server is a web server.
  - 8. The system of claim 1, wherein the server type of the server is an application server.
  - 9. The system of claim 1, wherein the server type of the server is a database server.
  - 10. The system of claim 1, further comprising an artificial intelligence (AI) component that facilitates identifying the expertise based at least in part upon a machine learning mechanism.

11. A method implemented within a computing system that includes a processor and memory storing instructions which, when executed by the processor, implement the method of organizing expertise and server security-related information into a format readily usable by a user developing a server, the method comprising:
- identifying a plurality of server security-related categories associated with the server that are customized to a particular server type of the server, the plurality of server security-related categories identifying areas where security issues exist for the particular server type of the server;
  
  identifying a plurality of vulnerability components, each of the plurality of vulnerability components describing weaknesses that make attacks possible for a corresponding at least one of the plurality of server security-related categories;
  
  associating each of the plurality of vulnerability components with the corresponding at least one of the plurality of server security-related categories;
  
  identifying a plurality of threat/attack components, each of the plurality of threat/attack components referring to at least a threat or an attack, the threat describing an undesired event or a potential occurrence that may harm or compromise an asset, the attack describing an action taken that utilizes one or more vulnerabilities to realize a threat;
  
  associating each of the plurality of threat/attack components with at least one of the plurality of vulnerability components;
  
  identifying a plurality of countermeasure components, the plurality of countermeasure components describing safeguards that address attacks or mitigate risks;
  
  associating each of the plurality of countermeasure components with at least one of the plurality of threat/risk components;
  
  providing organizational information; and
  
  grouping the expertise, the security related information, the plurality of server-security related categories, the plurality of vulnerability components, the plurality of threat/attack components, and the plurality of countermeasure components into a pattern-based information model in a structure, the structure being dictated by the organizational information and associations, and which is usable in developing a server of the particular server type.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The computer implemented method of claim 11, the plurality of server security-related categories is at least one of a share, a service, an account, an audit and log, a file and directory, a registry, a protocol, a port, and a patch and update category.
  - 13. The computer-implemented method of claim 11, wherein the server type of the server is a web server.
  - 14. The computer-implemented method of claim 11, wherein the server type of the server is an application server.
  - 15. The computer-implemented method of claim 11, wherein the server type of the server is a database server.
  - 16. A computer storage medium storing computer-executable instructions that, when implemented, perform the method recited in claim 11.
  - 17. The computer-executable instructions of claim 16, wherein the server is one of an application server, a web server or a database server.
  - 18. The computer-executable instructions of claim 16, wherein the plurality of server-security related categories includes at least one of a share, a service, an account, an audit and log, a file and directory, a registry, a protocol, a port, and a patch and update category.
  - 19. The method of claim 13, wherein the plurality of security-related categories includes at least one of a sites and virtual directories category, a script mapping category, a filters category, a configuration settings category, and a code access security category.
  - 20. The method of claim 15, wherein the plurality of security-related categories includes at least one of a SQL server security category;
    - a SQL server logins, users, and roles category; and
      
      a SQL server database objects category.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Meier, John D.
Primary Examiner(s)
Barron, Jr.; Gilberto
Assistant Examiner(s)
Davanlou; Soheila

Application Number

US11/363,142
Publication Number

US 20070204346A1
Time in Patent Office

1,527 Days
Field of Search

713/176, 713/155, 713/175, 726/25, 726/22, 726/23, 726/4, 726/11, 726/28, 380/200, 380/201, 380/277
US Class Current

726/25
CPC Class Codes

H04L 63/1433 Vulnerability analysis

H04L 63/20 for managing network securi...

Configuring and organizing server security information

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Configuring and organizing server security information

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links