Security scanning system and method

US 9,197,659 B2
Filed: 10/29/2013
Issued: 11/24/2015
Est. Priority Date: 03/21/2006
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable storage medium including processor executable instructions that, when executed by a processor, cause the processor to perform operations comprising:

initiating, by a backbone server, execution of a first scanning program to perform a web level scan of a set-top-box control panel application program;

initiating execution of a second scanning program to perform an operating system level scan of the set-top-box control panel application program;

initiating, by the backbone server, a third scanning program to remotely scan a third application program that relates to a component management system of a digital subscriber line modem;

invoking, by the backbone server, a program to compare security vulnerabilities identified by the first scanning program with security vulnerabilities identified by the second scanning program;

running the first and second scanning programs against a second application program that provides Internet content to a set-top-box device;

running the first and second scanning program against a third application program configured to provide the component management system; and

combining security vulnerabilities identified utilizing the first, second, and third scanning programs;

wherein the first scanning program accesses the set-top-box via a broadband connection to a residential gateway locally coupled to the set-top-box.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure provides a computer-readable medium, method and system for determining security vulnerabilities for a plurality of application programs used to provide television services to a customer device over a communications network. The method includes running a first scanning program against a first application program relating to a control panel for the customer device; running a second scanning program against a second application program that provides Internet content to the customer device; running a third scanning program against a third application program that relates to a component management system of customer premises equipment; and correlating security vulnerabilities identified utilizing the first, second, and third scanning programs.

21 Citations

16 Claims

1. A non-transitory computer-readable storage medium including processor executable instructions that, when executed by a processor, cause the processor to perform operations comprising:
- initiating, by a backbone server, execution of a first scanning program to perform a web level scan of a set-top-box control panel application program;
  
  initiating execution of a second scanning program to perform an operating system level scan of the set-top-box control panel application program;
  
  initiating, by the backbone server, a third scanning program to remotely scan a third application program that relates to a component management system of a digital subscriber line modem;
  
  invoking, by the backbone server, a program to compare security vulnerabilities identified by the first scanning program with security vulnerabilities identified by the second scanning program;
  
  running the first and second scanning programs against a second application program that provides Internet content to a set-top-box device;
  
  running the first and second scanning program against a third application program configured to provide the component management system; and
  
  combining security vulnerabilities identified utilizing the first, second, and third scanning programs;
  
  wherein the first scanning program accesses the set-top-box via a broadband connection to a residential gateway locally coupled to the set-top-box.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The computer-readable storage medium of claim 1, wherein initiating execution of the first scanning program comprises initiating, by a back bone server, execution of the first scanning program on a first server.
  - 3. The computer-readable storage medium of claim 2, wherein the broadband connection includes a digital subscriber line connection.
  - 4. The computer-readable storage medium of claim 1, wherein the first scanning program accesses the set-top-box using a pass through connection to the residential gateway.
  - 5. The computer-readable storage medium of claim 1, wherein the operations include:
    - enabling the backbone server to obtain access to at least one of the first server and the web server.
  - 6. The computer-readable storage medium of claim 1, wherein the operations include:
    - assigning risk levels to the security vulnerabilities; and
      
      providing a report indicative of the risk levels.

7. A method of determining security vulnerabilities associated with providing television services to a set-top-box over a communications network, comprising:
- initiating, by a backbone server, execution of a first scanning program to perform a web level scan of a set-top-box control panel application program;
  
  initiating execution of a second scanning program to perform an operating system level scan of the set-top-box control panel application program;
  
  initiating, by the backbone server, a third scanning program to remotely scan a third application program that relates to a component management system of a digital subscriber line modem;
  
  invoking, by the backbone server, a program to compare security vulnerabilities identified by the first scanning program with security vulnerabilities identified by the second scanning program;
  
  running the first and second scanning programs against a second application program that provides Internet content to the set-top-box device;
  
  running the first and second scanning program against a third application program configured to provide the component management system; and
  
  combining security vulnerabilities identified utilizing the first, second, and third scanning programs;
  
  wherein the first scanning program accesses the set-top-box via a broadband connection on a residential gateway locally coupled to the set-top-box.
- View Dependent Claims (8, 9, 10)
- - 8. The method of claim 7, further comprising:
    - assigning risk levels to the security vulnerabilities and providing a report identifying the assigned risks.
  - 9. The method of claim 7, further comprising:
    - invoking, by the backbone server, a fourth scanning program to remotely scan a fourth application program adapted for use in the set-top-box in an environment that simulates a digital subscriber line network.
  - 10. The method of claim 7, wherein the server of the provider of the first application program has an associated firewall and wherein the method further comprises:
    - obtaining access to the server of the provider of the first application program utilizing a selected identifier.

11. A server, comprising:
- a processor; and
  
  a storage medium including a database to store information relating to security vulnerabilities for a plurality of application programs associated with a customer device and processor executable program instructions that, when executed by the processor, cause the processor to perform operations comprising;
  
  initiating, by a backbone server, execution of a first scanning program to perform a web level scan of a set-top-box control panel application program;
  
  initiating execution of a second scanning program to perform an operating system level scan of the set-top-box control panel application program;
  
  invoking, by the backbone server, a program to compare security vulnerabilities identified by the first scanning program with security vulnerabilities identified by the second scanning program;
  
  invoking, by the backbone server, a third scanning program relating to a component management system for customer premises equipment for use in providing the television services to remotely scan a third application program to identify security vulnerabilities with the third application program;
  
  running the first and second scanning programs against a second application program that provides Internet content to the customer device;
  
  running the first and second scanning program against a third application program configured to provide the component management system; and
  
  combining security vulnerabilities identified utilizing the first, second, and third scanning programs;
  
  wherein the first scanning program accesses the set-top-box via a broadband connection on a residential gateway locally coupled to the set-top-box.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The server of claim 11, wherein the first application program is for use in providing television services via the communication network.
  - 13. The server of claim 11, wherein the operations include:
    - assigning a risk level to each of the security vulnerabilities.
  - 14. The server of claim 13, wherein the operations include:
    - providing a report that indicates the risk level.
  - 15. The server of claim 11, wherein the operations include:
    - obtaining access to the first server of the provider of the first application program.
  - 16. The server of claim 11, wherein the program to compare the security vulnerabilities is configured to compare security vulnerabilities associated with any of the first application program, the second application program, and the third application program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Howcroft, Jerald Robert, Markley, John J., Del Carmine, Rocco A.
Primary Examiner(s)
Revak, Christopher
Assistant Examiner(s)
CHIANG, JASON

Application Number

US14/066,380
Publication Number

US 20140109229A1
Time in Patent Office

756 Days
Field of Search

726/25
US Class Current

1/1
CPC Class Codes

G06F 21/56   Computer malware detection ...

G06F 21/57   Certifying or maintaining t...

G06F 21/577   Assessing vulnerabilities a...

H04L 63/14   for detecting or protecting...

H04L 63/1433   Vulnerability analysis

H04N 21/24   Monitoring of processes or ...

H04N 21/442   Monitoring of processes or ...

H04N 21/443   OS processes, e.g. booting ...

H04N 21/8166   involving executable data, ...

H04N 21/854   Content authoring

H04N 7/173   with two-way working, e.g. ...

Security scanning system and method

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

21 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Security scanning system and method

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others