Computer-implemented method and device for providing security on a computer network

US 7,797,332 B1
Filed: 01/16/2007
Issued: 09/14/2010
Est. Priority Date: 01/17/2006
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for searching for registry information stored in registries on a plurality of computers in a communication network, the method comprising:

(A) receiving search criteria, wherein the search criteria specifies a registry keyword string including a key and a value corresponding to the key;

(B) calculating a digital fingerprint from the key and the value according to a hash function;

(C) searching for computers including the digital fingerprint, the searching including referencing a search index having the digital fingerprint to locate computers indexed in the search index as corresponding to the digital fingerprint, wherein;

the index includes digital fingerprints for a plurality of registry keyword value sets;

each registry keyword value set is associated with at least one machine identifier;

the machine identifiers include a configuration, attributes, and a name of each respective computer storing the registry; and

the search index includes entries corresponding to the registries on the plurality of computers in the communication network, each entry for each registry including;

a registry keyword value set, the registry keyword value set comprising at least a key and a value corresponding to the key;

a machine identifier corresponding to the respective computer storing the registry; and

the digital fingerprint of the registry keyword value set calculated from the registry keyword value set according to the hash function;

(D) returning search results from the searching, the search results indicating the registries and respective machine identifiers including the received search criteria;

(E) for each computer of the returned machine identifiers, assessing whether the configuration and attributes of the computer is associated with a vulnerability, wherein;

the vulnerability identifies a configuration and attributes and specifies a remediation process to remediate the vulnerability; and

the assessing includes comparing the configuration and attributes of the computer to the configuration and attributes identified of the vulnerability; and

executing the specified remediation process on each computer assessed as having the vulnerability.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Documents can be searched for, and include a keyword value set, that is at least a key and a value corresponding to the key. The documents store (i) a machine identifier corresponding to the computer storing the document, and (ii) a digital fingerprint calculated from the keyword value set. The documents are indexed into a search index that includes digital fingerprints for the keyword value sets. The machine identifier includes a configuration, attributes and a name of the computer. Search criteria are received that specifies a keyword string including a key and a value corresponding to the key. A digital fingerprint is calculated from the key and the value. A search is conducted for documents which include the digital fingerprint, including referencing a search index having the digital fingerprint to locate the documents. Search results are returned and can indicate the documents and/or respective machine identifiers stored in the document(s).

Citations

12 Claims

1. A computer-implemented method for searching for registry information stored in registries on a plurality of computers in a communication network, the method comprising:
- (A) receiving search criteria, wherein the search criteria specifies a registry keyword string including a key and a value corresponding to the key;
  
  (B) calculating a digital fingerprint from the key and the value according to a hash function;
  
  (C) searching for computers including the digital fingerprint, the searching including referencing a search index having the digital fingerprint to locate computers indexed in the search index as corresponding to the digital fingerprint, wherein;
  
  the index includes digital fingerprints for a plurality of registry keyword value sets;
  
  each registry keyword value set is associated with at least one machine identifier;
  
  the machine identifiers include a configuration, attributes, and a name of each respective computer storing the registry; and
  
  the search index includes entries corresponding to the registries on the plurality of computers in the communication network, each entry for each registry including;
  
  a registry keyword value set, the registry keyword value set comprising at least a key and a value corresponding to the key;
  
  a machine identifier corresponding to the respective computer storing the registry; and
  
  the digital fingerprint of the registry keyword value set calculated from the registry keyword value set according to the hash function;
  
  (D) returning search results from the searching, the search results indicating the registries and respective machine identifiers including the received search criteria;
  
  (E) for each computer of the returned machine identifiers, assessing whether the configuration and attributes of the computer is associated with a vulnerability, wherein;
  
  the vulnerability identifies a configuration and attributes and specifies a remediation process to remediate the vulnerability; and
  
  the assessing includes comparing the configuration and attributes of the computer to the configuration and attributes identified of the vulnerability; and
  
  executing the specified remediation process on each computer assessed as having the vulnerability.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising automatically monitoring the plurality of computers for compliance.
  - 3. The method of claim 1, further comprising, in response to a request to index a particular registry, wherein the particular registry does not have stored therein the digital fingerprint corresponding to the key and the value:
    - calculating the digital fingerprint from the key and value sets stored in the particular registry, according to the hash function;
      
      obtaining the machine identifier for the particular computer;
      
      storing the digital fingerprint and the machine identifier in the particular registry; and
      
      indexing the particular registry into the search index.
  - 4. The method of claim 1, further comprising, in response to a request to index a particular registry, wherein the particular registry has stored therein the digital fingerprint corresponding to the key and the value:
    - obtaining the machine identifier for the particular computer;
      
      storing the machine identifier in the particular registry;
      
      and indexing the particular registry into the search index.

5. A computer-readable storage medium comprising instructions for execution by a computer, the instructions including a computer-implemented method for searching for registry information stored in registries on a plurality of computers in a communication network, the instructions for implementing:
- (A) receiving search criteria, wherein the search criteria specifies a registry keyword string including a key and a value corresponding to the key;
  
  (B) calculating a digital fingerprint from the key and the value according to a hash function;
  
  (C) searching for computers including the digital fingerprint, the searching including referencing a search index having the digital fingerprint to locate computers indexed in the search index as corresponding to the digital fingerprint, wherein;
  
  the index includes digital fingerprints for a plurality of registry keyword value sets;
  
  each registry keyword value set is associated with at least one machine identifier;
  
  the machine identifiers include a configuration, attributes, and a name of each respective computer storing the registry; and
  
  the search index includes entries corresponding to the registries on the plurality of computers in the communication network, each entry for each registry including;
  
  a registry keyword value set, the registry keyword value set comprising at least a key and a value corresponding to the key;
  
  a machine identifier corresponding to the respective computer storing the registry; and
  
  the digital fingerprint of the registry keyword value set calculated from the registry keyword value set according to the hash function;
  
  (D) returning search results from the searching, the search results indicating the registries and respective machine identifiers including the received search criteria; and
  
  (E) for each computer of the returned machine identifiers, assessing whether the configuration and attributes of the computer is associated with a vulnerability, wherein;
  
  the vulnerability identifies a configuration and attributes and specifies a remediation process to remediate the vulnerability; and
  
  the assessing includes comparing the configuration and attributes of the computer to the configuration and attributes identified of the vulnerability; and
  
  executing the specified remediation process on each computer assessed as having the vulnerability.
- View Dependent Claims (6, 7, 8)
- - 6. The computer-readable storage medium of claim 5, further comprising instructions for automatically monitoring the plurality of computers for compliance.
  - 7. The computer-readable storage medium of claim 5, further comprising instructions for, in response to a request to index a particular registry, wherein the particular registry does not have stored therein the digital fingerprint corresponding to the key and the value:
    - calculating the digital fingerprint from the key and value sets stored in the particular registry, according to the hash function;
      
      obtaining the machine identifier for the particular computer;
      
      storing the digital fingerprint and the machine identifier in the particular registry; and
      
      indexing the particular registry into the search index.
  - 8. The computer-readable storage medium of claim 5, further comprising instructions for, in response to a request to index a particular registry, wherein the particular registry has stored therein the digital fingerprint corresponding to the key and the value:
    - obtaining the machine identifier for the particular computer;
      
      storing the machine identifier in the particular registry;
      
      and indexing the particular registry into the search index.

9. A computer system for searching for specified information stored in documents on a plurality of computers in a communication network, the computer system comprising:
- at least one processor;
  
  at least one memory device;
  
  (A) a search engine held in the at least one memory device and executable by the at least one processor, the search engine configured for(1) receiving search criteria, wherein the search criteria specifies a registry keyword string including a key and a value corresponding to the key;
  
  (2) calculating a digital fingerprint from the key and the value according to the hash function;
  
  (3) searching for computers including the digital fingerprint, the searching including referencing a search index having the digital fingerprint to locate computers indexed in the search index as corresponding to the digital fingerprint, wherein;
  
  the index includes digital fingerprints for a plurality of registry keyword value sets;
  
  each registry keyword value set is associated with at least one machine identifier;
  
  the machine identifiers include a configuration, attributes, and a name of each respective computer storing the registry; and
  
  the search index includes entries corresponding to the registries on the plurality of computers in the communication network, each entry for each registry including;
  
  a registry keyword value set, the registry keyword value set comprising at least a key and a value corresponding to the key;
  
  a machine identifier corresponding to the respective computer storing the registry; and
  
  the digital fingerprint of the registry keyword value set calculated from the registry keyword value set according to the hash function; and
  
  (4) returning search results from the searching, the search results indicating the registries and respective machine identifiers including the received search criteria; and
  
  (B) a computer security component held in the at least one memory device and executable by the at least one processor for assessing each computer of the returned machine identifiers, the computer security component executable to;
  
  assess whether the configuration and attributes of the computer is associated with a vulnerability, wherein;
  
  the vulnerability identifies a configuration and attributes and specifies a remediation process to remediate the vulnerability; and
  
  the assessing includes comparing the configuration and attributes of the computer to the configuration and attributes identified of the vulnerability; and
  
  execute the specified remediation process on each computer assessed as having the vulnerability.
- View Dependent Claims (10, 11, 12)
- - 10. The computer system of claim 9, wherein the computer security component is configured for automatically monitoring the plurality of computers for compliance.
  - 11. The computer system of claim 9, further comprising an index component, the index component configured for, in response to a request to index a particular registry, wherein the particular registry does not have stored therein the digital fingerprint corresponding to the key and the value:
    - calculating the digital fingerprint from the key and value sets stored in the particular registry, according to the hash function;
      
      obtaining the machine identifier for the particular computer;
      
      storing the digital fingerprint and the machine identifier in the particular registry;
      
      and indexing the particular registry into the search index.
  - 12. The computer system of claim 9, further comprising an index component, the index component configured for, in response to a request to index a particular registry, wherein the particular registry has stored therein the digital fingerprint corresponding to the key and the value:
    - obtaining the machine identifier for the particular computer;
      
      storing the machine identifier in the particular registry;
      
      and indexing the particular registry into the search index.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fortinet Inc.
Original Assignee
Fortinet Inc.
Inventors
Carpenter, Scott Thomas, Bove, Andrew T., Miller, Ned H., Armstrong, Scott Michael
Primary Examiner(s)
Robinson; Greta L
Assistant Examiner(s)
Wilcox; James J

Application Number

US11/653,311
Time in Patent Office

1,337 Days
Field of Search

None
US Class Current

707/769
CPC Class Codes

G06F 21/51 at application loading time...

G06F 2221/2119 Authenticating web pages, e...

Computer-implemented method and device for providing security on a computer network

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Computer-implemented method and device for providing security on a computer network

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links