Security system for cloud computing

US 9,154,958 B2
Filed: 12/07/2011
Issued: 10/06/2015
Est. Priority Date: 09/06/2011
Status: Active Grant

First Claim

Patent Images

1. A security system for cloud computing comprising:

a computing resource available for remote access by a user over a network;

an authentication permitting use of said computing resource;

hardware connected to the network for accessing said computing resource, wherein the user does not have administrative rights and/or physical security control over said hardware;

an external device in communication with said hardware; and

software stored on said external device analyzing security of said hardware by scanning said hardware and preventing transmission of said authentication to said computing resource unless said software confirms security of said hardware to a predetermined trust level;

whereby the risk of transmitting said authentication to the network from insecure hardware is reduced;

wherein the computing resource sends a request for the authentication before the software analyzes the security of the hardware.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Security system for cloud computing that will improve the security of users'"'"' authentications to cloud data and resources. User authentication to cloud resources requires analyzing confidence in the hardware used to transmit the authentication for access to the cloud data and/or resource. User authentication can be transmitted after the user confirms administrative rights and/or physical security control over the hardware used to transmit the authentication for access to the cloud data and/or resource. The hardware used to access the cloud data and/or resource can be analyzed for malicious code before the user authentication is transmitted. The authentication can be provided on a hardware token, and the system can execute on the hardware token to analyze hardware confidence and thereafter transmit the user authentication.

15 Citations

View as Search Results

29 Claims

1. A security system for cloud computing comprising:
- a computing resource available for remote access by a user over a network;
  
  an authentication permitting use of said computing resource;
  
  hardware connected to the network for accessing said computing resource, wherein the user does not have administrative rights and/or physical security control over said hardware;
  
  an external device in communication with said hardware; and
  
  software stored on said external device analyzing security of said hardware by scanning said hardware and preventing transmission of said authentication to said computing resource unless said software confirms security of said hardware to a predetermined trust level;
  
  whereby the risk of transmitting said authentication to the network from insecure hardware is reduced;
  
  wherein the computing resource sends a request for the authentication before the software analyzes the security of the hardware.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The security system of claim 1 in which said computing resource includes data.
  - 3. The security system of claim 2 in which the data was previously stored on the network by the user.
  - 4. The security system of claim 3 in which the data was previously processed on said computing resource.
  - 5. The security system of claim 1 in which said software comprises antivirus software that scans said hardware for viruses.
  - 6. The security system of claim 1 in which said software scans ports on said hardware.
  - 7. The security system of claim 1 in which said authentication is stored on said external device.
  - 8. The security system of claim 1 in which said authentication includes a multifactor in addition to username and password.
  - 9. The security system of claim 8 in which said multifactor is biometric.
  - 10. The security system of claim 8 in which said multifactor is stored on said external device.
  - 11. The security system of claim 1 in which the network comprises the Internet.
  - 12. The security system of claim 1 in which said hardware comprises a public computer.
  - 13. The security system of claim 1 in which said external device comprises a mobile phone.
  - 14. The security system of claim 1 in which said external device comprises a tablet.
  - 15. The system of claim 1 wherein the software confirms security of said hardware has a confidence level ranking that meets a predetermined trust level.
  - 16. The system of claim 1 wherein said software analyzes said hardware for software and hardware vulnerabilities.
  - 17. The system of claim 1 wherein said external device comprises a USB device.
  - 18. The system of claim 1 wherein said external device comprises a laptop.
  - 19. The system of claim 1 wherein said computing resource comprises a software-as-a-service application.
  - 20. The system of claim 1 wherein administrative rights and/or physical security control over said hardware is confirmed by the user.

21. A method for cloud computing security comprising the steps of:
- providing a computing resource available for remote access over a network, the computing resource requiring an authentication for use;
  
  providing hardware enabling a user to access the computing resource, wherein the user does not have administrative rights and/or physical security control over said hardware;
  
  providing an external device in communication with said hardware; and
  
  providing software stored on said external device analyzing the security of the hardware by scanning said hardware and preventing the authentication from being transmitted to the computing resource unless the software confirms security of the hardware to a predetermined trust level;
  
  whereby the risk of transmitting said authentication to the network from insecure hardware is reduced;
  
  wherein the computing resource sends a request for the authentication before the software analyzes the security of the hardware.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29)
- - 22. The method of claim 21, in which the authentication is transmitted to the computing resource only after the hardware is analyzed for malicious code.
  - 23. The method of claim 21, in which the authentication is transmitted to the computing resource only after the hardware is analyzed for open ports.
  - 24. The method of claim 21 wherein the external device comprises a USB memory device.
  - 25. The method of claim 21 wherein the hardware comprises a public computer.
  - 26. The method of claim 21 wherein the external device comprises a tablet.
  - 27. The method of claim 21 wherein the external device comprises a mobile phone.
  - 28. The method of claim 21 wherein the external device comprises a laptop.
  - 29. The method of claim 21 wherein said computing resource comprises a software-as-a-service application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
WhitServe LLC
Original Assignee
WhitServe LLC
Inventors
Whitmyer, Wesley W. Jr.
Primary Examiner(s)
Zecher, Dede
Assistant Examiner(s)
Savenkov, Vadim

Application Number

US13/313,882
Publication Number

US 20130061311A1
Time in Patent Office

1,399 Days
Field of Search

726/9, 726 22- 25
US Class Current

1/1
CPC Class Codes

G06F 21/30   Authentication, i.e. establ...

G06F 21/31   User authentication

G06F 21/34   involving the use of extern...

G06F 21/577   Assessing vulnerabilities a...

H04W 12/12   Detection or prevention of ...

H04W 12/128   Anti-malware arrangements, ...

Security system for cloud computing

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

15 Citations

29 Claims

Specification

Use Cases

Quick Links

Others

Security system for cloud computing

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

29 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others