×

Security sharing system

  • US 9,009,827 B1
  • Filed: 05/16/2014
  • Issued: 04/14/2015
  • Est. Priority Date: 02/20/2014
  • Status: Active Grant
First Claim
Patent Images

1. A system for sharing of security information, the system comprising:

  • one or more computing devices programmed, via executable code instructions, to;

    receive a first plurality of security attack data objects from a first entity, the first plurality of security attack data objects comprising information regarding one or more security attacks detected by the first entity, each security attack data object from the first plurality of security attack data objects associated with a first access control list comprising indications of privacy of respective security attack data objects or indications of respective one or more entities permissioned to receive respective security attack data objects;

    determine a first subset of the first plurality of security attack data objects permissioned to be shared by the first entity based at least in part on the first access control list;

    share the first subset of security attack data objects with respective entities based at least in part on the first access control list;

    receive a second plurality of security attack data objects from a second entity, the second plurality of security attack objects comprising information regarding one or more security attacks detected by the second entity, each security attack data object from the second plurality of security attack data objects associated with a second access control list comprising indications of privacy of respective security attack data objects or indications of respective one or more entities permissioned to receive respective security attack data objects;

    determine a second subset of the second plurality of security attack data objects permissioned to be shared by the second entity based at least in part on the second access control list;

    share the second subset of security attack data objects with respective entities based at least in part on the second access control list;

    receive a ruleset from a third entity, wherein the ruleset is generated by the third entity, the ruleset based at least in part on one or more shared security attack data objects from the first entity and one or more shared security attack data objects from the second entity, wherein the ruleset comprises code instructions executable by a plurality of entities to detect one or more security attacks, and wherein execution of the code instructions of the ruleset identifies malicious behavior of one or more security attacks, and wherein execution of the code instructions of the ruleset further accesses one or more third data objects associated with respective entities to identify the malicious behavior associated with respective entities, the one or more third data objects comprising at least one of IP address data, proxy data, user login data, malware data, virtual private network data, hostname data, data associated with computing device behavior, or network data, and wherein the ruleset is associated with a ruleset access control list, the ruleset access control list indicating respective one or more entities permissioned to receive the ruleset; and

    share the ruleset with respective entities based at least in part on the ruleset access control list.

View all claims
  • 8 Assignments
Timeline View
Assignment View
    ×
    ×