×

Configuring and organizing server security information

  • US 7,712,137 B2
  • Filed: 02/27/2006
  • Issued: 05/04/2010
  • Est. Priority Date: 02/27/2006
  • Status: Expired due to Fees
First Claim
Patent Images

1. A system that facilitates organizing server security-related information into a format readily usable by a user developing a server, the system comprising a computer having a processor and memory storing:

  • a server security schema configuration component that facilitates identification of expertise related to the server security-related information and that provides organizational information;

    a server security schema component that is a pattern-based information model that groups the server security-related information and the expertise related to the server security-related information into a structure, the server security schema component comprising;

    a plurality of server security-related categories associated with the server that are customized to a particular server type of the server, the plurality of server security-related categories identifying areas where security issues exist for the particular server type of the server,a plurality of vulnerability components, wherein each of the plurality of server security-related categories has at least one vulnerability component associated with it, the plurality of vulnerability components describing weaknesses that make attacks possible for the associated security-related category,a plurality of threat/attack components, wherein each of the plurality of vulnerability components has at least one threat/attack component associated with it, each of the plurality of threat/attack components referring to at least a threat or an attack, the threat describing an undesired event or a potential occurrence that may harm or compromise an asset, the attack describing an action taken that utilizes one or more vulnerabilities to realize a threat, anda plurality of countermeasure components, wherein each of the plurality of threat/attack components has at least one countermeasure component associated with it, the plurality of countermeasure components describing safeguards that address attacks or mitigate risks;

    wherein the structure of the server security schema component is based on the organizational information and associations; and

    wherein the security schema component, plurality of server security-related categories, plurality of vulnerability components, plurality of threat/attack components, and plurality of countermeasure components are used in developing a server of the particular server type.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×