Security monitoring

US 8,768,964 B2
Filed: 03/14/2011
Issued: 07/01/2014
Est. Priority Date: 05/13/2010
Status: Active Grant

First Claim

Patent Images

1. A method of analyzing computing site information, the method comprising:

selecting, at a server, an analysis tool for analyzing site records stored on a storage medium, the site records comprising a first site record comprising information related to a computing site providing a service on behalf of an on-demand service provider;

determining, at the server, whether a first confidentiality level for the computing site exceeds a trust level for the analysis tool, the first confidentiality level indicating a level of importance of maintaining confidentiality of a site record, the trust level for the analysis tool indicating a threshold confidentiality level for information that the analysis tool is trusted to receive;

when it is determined that the first confidentiality level exceeds the trust level, modifying the first site record to create a second site record, the second site record having a second confidentiality level lower than the first confidentiality level, the second confidentiality level not exceeding the trust level, wherein modifying the first site record to create the second site record comprises;

identifying, in the first site record, a first data value indicating confidential information, the first data value causing the first confidentiality level to exceed the trust level for the analysis tool; and

omitting the first data value from the second site record, the omission of the first data value from the second site record causing the second confidentiality level to be lower than the first confidentiality level; and

transmitting the second site record to the analysis tool.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are systems, apparatus, methods, and computer readable media for analyzing computing site information. In one embodiment, an analysis tool for analyzing a first site record stored on a storage medium may be selected. The first site record comprising information may relate to a computing site. The computing site may comprise a unit of computing functionality accessible via a network. When it is determined that first confidentiality level for the computing site exceeds a trust level for the analysis tool, the first site record may be modified to create a second site record, the second site record having a second confidentiality level, the second confidentiality level not exceeding the trust level.

Citations

22 Claims

1. A method of analyzing computing site information, the method comprising:
- selecting, at a server, an analysis tool for analyzing site records stored on a storage medium, the site records comprising a first site record comprising information related to a computing site providing a service on behalf of an on-demand service provider;
  
  determining, at the server, whether a first confidentiality level for the computing site exceeds a trust level for the analysis tool, the first confidentiality level indicating a level of importance of maintaining confidentiality of a site record, the trust level for the analysis tool indicating a threshold confidentiality level for information that the analysis tool is trusted to receive;
  
  when it is determined that the first confidentiality level exceeds the trust level, modifying the first site record to create a second site record, the second site record having a second confidentiality level lower than the first confidentiality level, the second confidentiality level not exceeding the trust level, wherein modifying the first site record to create the second site record comprises;
  
  identifying, in the first site record, a first data value indicating confidential information, the first data value causing the first confidentiality level to exceed the trust level for the analysis tool; and
  
  omitting the first data value from the second site record, the omission of the first data value from the second site record causing the second confidentiality level to be lower than the first confidentiality level; and
  
  transmitting the second site record to the analysis tool.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method recited in claim 1, wherein modifying the first site record to create the second site record comprises:
    - determining whether the presence of a data value having a form of the first data value is necessary for the analysis tool to analyze the second site record.
  - 3. The method recited in claim 2, wherein modifying the first site record to create the second site record further comprises:
    - when the presence of a data value having a form of the first data value is necessary for the analysis tool to analyze the second site record, replacing the first data value with a second data value when creating the second site record, the second data value having the form of the first data value, the replacement of the first data value with the second data value being at least partly responsible for the second confidentiality level not exceeding the trust level.
  - 4. The method recited in claim 1, the method further comprising:
    - identifying a site record source associated with the first site record, the site record source indicating a location at which the first site record was located; and
      
      determining the first confidentiality level based on the site record source.
  - 5. The method recited in claim 4, wherein determining the first confidentiality level comprises:
    - determining a source-based confidentiality level based on the site record source, the source-based confidentiality level indicating a level of importance of maintaining the confidentiality of information obtained via the site record source.
  - 6. The method recited in claim 5, wherein determining the first confidentiality level further comprises:
    - determining whether a pre-existing confidentiality level for the first site record is greater than the source-based confidentiality level; and
      
      when the pre-existing confidentiality is greater than the source-based confidentiality level, setting the first confidentiality level equal to the source-based confidentiality level.
  - 7. The method recited in claim 1, wherein the first site record comprises a uniform resource locator.
  - 8. The method recited in claim 1, wherein the computing site further comprises a webpage, and wherein the webpage is publicly accessible via the network.
  - 9. The method recited in claim 1, the method further comprising:
    - storing the first confidentiality level in a storage location.
  - 10. The method recited in claim 9, wherein the storage location comprises a multitenant database accessible to a plurality of tenants via an on-demand computing services environment.

11. A computing system comprising one or more computing devices, the computing system configured to:
- select, at a server, an analysis tool for analyzing site records stored on a storage medium, the site records comprising a first site record comprising information related to a computing site providing a service on behalf of an on-demand service provider;
  
  determine, at the server, whether a first confidentiality level for the computing site exceeds a trust level for the analysis tool, the first confidentiality level indicating a level of importance of maintaining confidentiality of a site record, the trust level for the analysis tool indicating a threshold confidentiality level for information that the analysis tool is trusted to receive;
  
  when it is determined that the first confidentiality level exceeds the trust level, modify the first site record to create a second site record, the second site record having a second confidentiality level lower than the first confidentiality level, the second confidentiality level not exceeding the trust level, wherein modifying the first site record to create the second site record comprises;
  
  identifying, in the first site record, a first data value indicating confidential information, the first data value causing the first confidentiality level to exceed the trust level for the analysis tool; and
  
  omitting the first data value from the second site record, the omission of the first data value from the second site record causing the second confidentiality level to be lower than the first confidentiality level; and
  
  transmit the second site record to the analysis tool.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The computing system recited in claim 11, wherein modifying the first site record to create the second site record comprises:
    - determining whether the presence of a data value having a form of the first data value is necessary for the analysis tool to analyze the second site record.
  - 13. The computing system recited in claim 12, wherein modifying the first site record to create the second site record further comprises:
    - when the presence of a data value having a form of the first data value is necessary for the analysis tool to analyze the second site record, replacing the first data value with a second data value when creating the second site record, the second data value having the form of the first data value, the replacement of the first data value with the second data value being at least partly responsible for the second confidentiality level not exceeding the trust level.
  - 14. The computing system recited in claim 11, wherein the computing system is further configured to:
    - identify a site record source associated with the first site record, the site record source indicating a location at which the first site record was located; and
      
      determine the first confidentiality level based on the site record source.
  - 15. The computing system recited in claim 14, wherein determining the first confidentiality level comprises:
    - determining a source-based confidentiality level based on the site record source, the source-based confidentiality level indicating a level of importance of maintaining the confidentiality of information obtained via the site record source.
  - 16. The computing system recited in claim 15, wherein determining the first confidentiality level further comprises:
    - determining whether a pre-existing confidentiality level for the first site record is greater than the source-based confidentiality level; and
      
      when the pre-existing confidentiality is greater than the source-based confidentiality level, setting the first confidentiality level equal to the source-based confidentiality level.
  - 17. The computing system recited in claim 11, wherein the first site record comprises a uniform resource locator.

18. One or more non-transitory computer readable media having instructions stored thereon for performing a method of analyzing computing site information, the method comprising:
- selecting, at a server, an analysis tool for analyzing site records stored on a storage medium, the site records comprising a first site record comprising information related to a computing site providing a service on behalf of an on-demand service provider;
  
  determining, at the server, whether a first confidentiality level for the computing site exceeds a trust level for the analysis tool, the first confidentiality level indicating a level of importance of maintaining confidentiality of a site record, the trust level for the analysis tool indicating a threshold confidentiality level for information that the analysis tool is trusted to receive;
  
  when it is determined that the first confidentiality level exceeds the trust level, modifying the first site record to create a second site record, the second site record having a second confidentiality level lower than the first confidentiality level, the second confidentiality level not exceeding the trust level, wherein modifying the first site record to create the second site record comprises;
  
  identifying, in the first site record, a first data value indicating confidential information, the first data value causing the first confidentiality level to exceed the trust level for the analysis tool; and
  
  omitting the first data value from the second site record, the omission of the first data value from the second site record causing the second confidentiality level to be lower than the first confidentiality level; and
  
  transmitting the second site record to the analysis tool.
- View Dependent Claims (19, 20, 21, 22)
- - 19. The one or more non-transitory computer readable media recited in claim 18, wherein modifying the first site record to create the second site record comprises:
    - determining whether the presence of a data value having a form of the first data value is necessary for the analysis tool to analyze the second site record.
  - 20. The one or more non-transitory computer readable media recited in claim 19, wherein modifying the first site record to create the second site record further comprises:
    - when the presence of a data value having a form of the first data value is necessary for the analysis tool to analyze the second site record, replacing the first data value with a second data value when creating the second site record, the second data value having the form of the first data value, the replacement of the first data value with the second data value being at least partly responsible for the second confidentiality level not exceeding the trust level.
  - 21. The one or more non-transitory computer readable media recited in claim 18, the method further comprising:
    - identifying a site record source associated with the first site record, the site record source indicating a location at which the first site record was located; and
      
      determining the first confidentiality level based on the site record source.
  - 22. The one or more non-transitory computer readable media recited in claim 21, wherein determining the first confidentiality level comprises:
    - determining a source-based confidentiality level based on the site record source, the source-based confidentiality level indicating a level of importance of maintaining the confidentiality of information obtained via the site record source.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Fly, Robert, Greene, Collin, Soby, Brian, Dolph, James
Primary Examiner(s)
Alam, Shahid
Assistant Examiner(s)
LODHI, ANDALIB FT

Application Number

US13/047,544
Publication Number

US 20110282908A1
Time in Patent Office

1,205 Days
Field of Search

707/783, 707/812
US Class Current

707/783
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

H04L 63/1408   by monitoring network traff...

H04L 9/3234   involving additional secure...

Security monitoring

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Security monitoring

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links