Trusted third party broker for collection and private sharing of successful computer security practices
First Claim
1. A computer implemented method for a trusted third party broker to collect information concerning successful computer security practices from a plurality of source organizations, and to share collected information at an inter-organizational level privately, the method comprising the steps of:
- receiving, by a central computer, information concerning empirically successful computer security practices, from a plurality of remote computers associated with a plurality of source organizations, wherein different ones of the empirically successful computer security practices are being used at different ones of the plurality of source organizations;
amalgamating the information concerning empirically successful computer security practices received from the plurality of remote computers associated with the plurality of source organizations, further comprising gleaning implicitly determined information about at least one of the plurality of source organizations of the received information;
analyzing the amalgamated information concerning empirically successful computer security practices received from the plurality of remote computers associated with the plurality of source organizations, further comprising categorizing the amalgamated information based on the implicitly determined information about the at least one source organization;
identifying specific information concerning empirically successful computer security practices to share with at least one specific target organization, based on analyzing category granularity of the amalgamated information;
removing source information from the identified specific information concerning empirically successful computer security practices to share with the at least one specific target organization; and
providing the identified specific information concerning empirically successful computer security practices to share with the at least one specific target organization, with the source information removed, wherein the at least one target organization does not receive information identifying the source of the provided information concerning empirically successful computer security practices.
2 Assignments
0 Petitions
Accused Products
Abstract
A trusted third party broker collects information concerning successful computer security practices from multiple organizations, and privately shares collected information at an inter-organizational level. Information concerning empirically successful computer security practices is received from multiple source organizations. The information concerning empirically successful computer security practices received from the multiple source organizations is amalgamated and analyzed. Based on the analysis, specific information concerning empirically successful computer security practices is identified to share with specific target organizations. Once information to share with a target organization has been identified, any explicit and/or implicit source information that could identify the organization(s) from which the information originated is removed. The identified specific information concerning empirically successful computer security practices is then provided to the specific target organizations, with the source identifying information removed.
-
Citations
20 Claims
-
1. A computer implemented method for a trusted third party broker to collect information concerning successful computer security practices from a plurality of source organizations, and to share collected information at an inter-organizational level privately, the method comprising the steps of:
-
receiving, by a central computer, information concerning empirically successful computer security practices, from a plurality of remote computers associated with a plurality of source organizations, wherein different ones of the empirically successful computer security practices are being used at different ones of the plurality of source organizations; amalgamating the information concerning empirically successful computer security practices received from the plurality of remote computers associated with the plurality of source organizations, further comprising gleaning implicitly determined information about at least one of the plurality of source organizations of the received information; analyzing the amalgamated information concerning empirically successful computer security practices received from the plurality of remote computers associated with the plurality of source organizations, further comprising categorizing the amalgamated information based on the implicitly determined information about the at least one source organization; identifying specific information concerning empirically successful computer security practices to share with at least one specific target organization, based on analyzing category granularity of the amalgamated information; removing source information from the identified specific information concerning empirically successful computer security practices to share with the at least one specific target organization; and providing the identified specific information concerning empirically successful computer security practices to share with the at least one specific target organization, with the source information removed, wherein the at least one target organization does not receive information identifying the source of the provided information concerning empirically successful computer security practices. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. At least one non-transitory computer readable medium for a trusted third party broker to collect information concerning successful computer security practices from a plurality of source organizations, and to share collected information at an inter-organizational level privately, the at least one non-transitory computer readable medium storing computer executable instructions that, when loaded into computer memory and executed by at least one processor of at least one computing device, cause the at least one computing device to perform the following steps:
-
receiving information concerning empirically successful computer security practices, from a plurality of remote computers associated with a plurality of source organizations, wherein different ones of the empirically successful computer security practices are being used at different ones of the plurality of source organizations; amalgamating the information concerning empirically successful computer security practices received from the plurality of remote computers associated with the plurality of source organizations, further comprising gleaning implicitly determined information about at least one of the plurality of source organizations of the received information; analyzing the amalgamated information concerning empirically successful computer security practices received from the plurality of remote computers associated with the plurality of source organizations, further comprising categorizing the amalgamated information based on the implicitly determined information about the at least one source organization; identifying specific information concerning empirically successful computer security practices to share with at least one specific target organization, based on analyzing category granularity of the amalgamated information; removing source information from the identified specific information concerning empirically successful computer security practices to share with the at least one specific target organization; and providing the identified specific information concerning empirically successful computer security practices to share with the at least one specific target organization, with the source information removed, wherein the at least one target organization does not receive information identifying the source of the provided information concerning empirically successful computer security practices.
-
-
20. A computer system for a trusted third party broker to collect information concerning successful computer security practices from a plurality of source organizations, and to share collected information at an inter-organizational level privately, the computer system comprising:
-
a processor; system memory; an information receiving module residing in the system memory, the information receiving module being programmed to receive information concerning empirically successful computer security practices, from a plurality of remote computers associated with a plurality of source organizations, wherein different ones of the empirically successful computer security practices are being used at different ones of the plurality of source organizations; an amalgamating module residing in the system memory, the amalgamating module being programmed to amalgamate the information concerning empirically successful computer security practices received from the plurality of remote computers associated with the plurality of source organizations, and glean implicitly determined information about at least one of the plurality of source organizations of the received information; an analyzing module residing in the system memory, the analyzing module being programmed to analyze the amalgamated information concerning empirically successful computer security practices received from the plurality of remote computers associated with the plurality of source organizations, and categorize the amalgamated information based on the implicitly determined information about the at least one source organization; an identifying module residing in the system memory, the identifying module being programmed to identify specific information concerning empirically successful computer security practices to share with at least one specific target organization, based on analyzing category granularity of the amalgamated information; an anonymizing module residing in the system memory, the anonymizing module being programmed to remove source information from the identified specific information concerning empirically successful computer security practices to share with the at least one specific target organization; and an information providing module residing in the system memory, the information providing module being programmed to provide the identified specific information concerning empirically successful computer security practices to share with the at least one specific target organization, with the source information removed, wherein the at least one target organization does not receive information identifying the source of the provided information concerning empirically successful computer security practices.
-
Specification