Collecting anonymous and traceable telemetry
First Claim
Patent Images
1. A method implemented at least in part by a computer, the method comprising:
- establishing a trust relationship with an escrow certificate issuer operable to issue certificates for use in providing telemetry data, the telemetry data including attack detection data;
receiving a certificate from a telemetry source, the certificate including information usable to verify that the certificate is valid but not usable to determine an entity that controls the telemetry source without additional data not included in the certificate;
determining, by a processor, whether the certificate is valid; and
when the certificate is valid, determining whether the certificate is associated with low quality telemetry data or known false quality telemetry data and, when the certificate is associated with low quality telemetry data or known false quality telemetry data, causing the telemetry data to be rejected.
2 Assignments
0 Petitions
Accused Products
Abstract
Aspects of the subject matter described herein relate to collecting anonymous and traceable telemetry. In aspects, a telemetry source may obtain a certificate or other data from an escrow certificate issuer. The certificate includes information usable by a certificate collector to verify that the certificate is valid, but does not include information usable to identify the telemetry source to the telemetry collector.
-
Citations
20 Claims
-
1. A method implemented at least in part by a computer, the method comprising:
-
establishing a trust relationship with an escrow certificate issuer operable to issue certificates for use in providing telemetry data, the telemetry data including attack detection data; receiving a certificate from a telemetry source, the certificate including information usable to verify that the certificate is valid but not usable to determine an entity that controls the telemetry source without additional data not included in the certificate; determining, by a processor, whether the certificate is valid; and when the certificate is valid, determining whether the certificate is associated with low quality telemetry data or known false quality telemetry data and, when the certificate is associated with low quality telemetry data or known false quality telemetry data, causing the telemetry data to be rejected. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer storage medium, the computer storage medium not consisting of a signal per se, storing computer-executable instructions, which when executed perform actions, comprising:
-
receiving first data from an escrow certificate issuer, the first data usable to verify that telemetry data sent to a telemetry receiver is sent by an entity that has access to the first data, the first data providing anonymity to the entity with respect to the telemetry receiver, the telemetry data including attack detection data; and in conjunction with sending telemetry data to the telemetry receiver from a telemetry source, using the first data to indicate that the telemetry data is sent by the entity that has access to the first data, and determining whether the first data is associated with low quality telemetry data or known false quality telemetry data and, when the first data is associated with low quality telemetry data or known false quality telemetry data, indicating the telemetry data sent to the telemetry receiver should be discarded or rejected. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. In a computing environment, an apparatus, comprising:
-
one or more hardware elements, the one or more hardware elements including a processor; a telemetry receiver operable with the processor to receive from a telemetry source telemetry data in conjunction with a certificate, the certificate including information usable to verify that the certificate is issued by an escrow certificate issuer but not usable to determine an identity of an entity that sent the telemetry data without additional data not included in the certificate, the telemetry data including attack detection data; a certificate validator operable to verify that the certificate was issued by the escrow certificate issuer; a ranking unit operable to generate a reliability rank of the telemetry source; and a transmitter configured to transmit the reliability rank of the telemetry source to a telemetry collector, the reliability rank indicating the telemetry source is associated with low quality telemetry data and the telemetry data should be discarded by the telemetry collector. - View Dependent Claims (18, 19, 20)
-
Specification