Method and system for secure delivery of information to computing environments

US 10,050,997 B2
Filed: 12/26/2017
Issued: 08/14/2018
Est. Priority Date: 06/30/2014
Status: Active Grant

First Claim

Patent Images

1. A computing system implemented method for protecting and repairing a current virtual asset from damage by potential security threats, comprising:

monitoring the current virtual asset for the potential security threats with a virtual asset agent running within the current virtual asset to identify the potential security threats that risk compromising virtual asset data to unauthorized computing systems;

determining a severity of the potential security threats that are identified by the virtual asset agent for having gained access into the current virtual asset, the determined severity being at least partly based on a content of the virtual asset data;

responsive to determining that the determined severity is greater than a predetermined threshold, replacing the current virtual asset with a newly created virtual asset, the newly created virtual asset executing a new virtual asset agent with substantially similar functionality to the current virtual asset agent, decommissioning the current virtual asset, and receiving, with the new virtual asset, secrets that are associated with the current virtual asset; and

responsive to determining that the determined severity is less than the predetermined threshold, requesting and installing a software update from an asset management computing system.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for protecting and repairing a current virtual asset from damage by potential security threats, according to one embodiment. The method and system include monitoring a current a current virtual asset for potential security threats, with a virtual asset agent, according to one embodiment. The method and system include determining a severity of the potential security threats that are identified by the virtual asset agent, according to one embodiment. The method and system include creating a new virtual asset with the virtual asset agent and decommissioning the current virtual asset, according to one embodiment. The system and method receiving, with the new virtual asset, secrets that are associated with the current virtual asset to enable the new virtual asset to continue operations of the current virtual asset, according to one embodiment.

301 Citations

32 Claims

1. A computing system implemented method for protecting and repairing a current virtual asset from damage by potential security threats, comprising:
- monitoring the current virtual asset for the potential security threats with a virtual asset agent running within the current virtual asset to identify the potential security threats that risk compromising virtual asset data to unauthorized computing systems;
  
  determining a severity of the potential security threats that are identified by the virtual asset agent for having gained access into the current virtual asset, the determined severity being at least partly based on a content of the virtual asset data;
  
  responsive to determining that the determined severity is greater than a predetermined threshold, replacing the current virtual asset with a newly created virtual asset, the newly created virtual asset executing a new virtual asset agent with substantially similar functionality to the current virtual asset agent, decommissioning the current virtual asset, and receiving, with the new virtual asset, secrets that are associated with the current virtual asset; and
  
  responsive to determining that the determined severity is less than the predetermined threshold, requesting and installing a software update from an asset management computing system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein monitoring the current virtual asset includes monitoring one or more of communication ports, log files, memory locations, and network protocols of the current virtual asset.
  - 3. The method of claim 2, wherein monitoring communication ports of the current virtual asset includes comparing a number of authorized open ports in the current virtual asset with a number of actual open ports of the current virtual asset.
  - 4. The method of claim 2, wherein monitoring log files of the current virtual asset includes:
    - determining destination IP addresses of messages sent from the current virtual asset;
      
      determining geographical locations associated with each destination IP address; and
      
      determining that a potential security threat exists when the geographical location associated with any of the destination IP addresses is within one of a number of predetermined flagged regions.
  - 5. The method of claim 2, wherein monitoring the memory locations includes searching for patterns or signatures associated with malicious software or code.
  - 6. The method of claim 1, wherein the severity is a numerical value that is a sum of numerical values representing individual severities of the potential security threats identified by the virtual asset agent.
  - 7. The method of claim 1, wherein requesting and installing a software update from an asset management computing system comprises:
    - requesting a software update from the management computing system;
      
      establishing a trusted communication channel by the current virtual asset with the management computing system; and
      
      receiving the software update from the management computing system over the trusted communication channel.
  - 8. The method of claim 1, wherein replacing the current virtual asset with a newly created virtual asset, the newly created virtual asset executing a new virtual asset agent with substantially similar functionality to the current virtual asset agent includes installing a new version of the current virtual asset agent onto the newly created virtual asset as a second virtual asset agent.

9. A computing system implemented method for protecting and repairing a first virtual asset from damage by potential security threats, comprising:
- a virtual asset agent executing within the first virtual asset and configured to monitor the first virtual asset for the potential security threats and repair the first virtual asset from any damage suffered by the virtual asset from any of the potential security threats;
  
  monitoring the first virtual asset, with an asset management computing system external to the first virtual asset, to determine whether the first virtual asset includes security updates for the potential security threats;
  
  upon determining that the first virtual asset does not include one or more security updates for the potential security threats, updating the first virtual asset by transmitting the one or more of the security updates to the first virtual asset over a first communication channel from the asset management computing system, and installing the one or more transmitted updates within the first virtual asset, the first communication channel being different than a second communication channel that is used by the asset management computing system to transmit and receive information over an external network;
  
  receiving notification from the virtual asset agent that the virtual asset agent created a second virtual asset in response to the virtual asset agent detecting intrusion by one or more of the potential security threats into the first virtual asset; and
  
  transmitting secrets associated with the first virtual asset to the second virtual asset using the first communication channel to enable to second virtual asset to continue operations of the first virtual asset.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method of claim 9, wherein updating the first virtual asset includes enabling, by updating the virtual asset agent with one or more security updates, the virtual asset agent to detect and remedy one or more of the potential security threats.
  - 11. The method of claim 9, further comprising:
    - monitoring, with the asset management computing system, the second virtual asset and determining that the second virtual asset includes available security updates for the potential security threats that have not yet been applied to the second virtual asset; and
      
      upon a determination that the second virtual asset does not include one or more of the available security updates for the potential security threats, updating the second virtual asset by transmitting one or more of the security updates to the second virtual asset over the first communication channel and installing the transmitted one or more security updates in the second virtual asset.
  - 12. The method of claim 11, wherein the virtual asset agent is a first virtual asset agent and updating the second virtual asset includes updating a second virtual asset agent running on the second virtual asset.
  - 13. The method of claim 9, further comprising:
    - decommissioning, in cooperation with an asset computing system hosting the first virtual asset, the first virtual asset; and
      
      receiving notification, at the asset management computing system, from an asset computing system that hosted the first virtual asset, that the first virtual asset has been decommissioned.
  - 14. The method of claim 13, wherein decommissioning the first virtual asset includes releasing an allocation of memory resources that were allocated to the first virtual asset.
  - 15. The method of claim 9, wherein repairing the first virtual asset is performed by at least:
    - creating the second virtual asset by the first virtual asset agent; and
      
      decommissioning, by the asset management system, the first virtual asset.
  - 16. The method of claim 9, wherein the first communication channel is a trusted communication channel.

17. A system for protecting and repairing a current virtual asset from damage by potential security threats, the system comprising:
- at least one processor; and
  
  at least one memory coupled to the at least one processor, the at least one memory having stored therein instructions which, when executed by the at least one processors, perform;
  
  monitoring the current virtual asset for the potential security threats with a current virtual asset agent running within the current virtual asset to identify the potential security threats that risk compromising virtual asset data to unauthorized computing systems;
  
  determining a severity of the potential security threats that are identified by the current virtual asset agent for having gained access into the current virtual asset, the determined severity being at least partly based on a content of the virtual asset data;
  
  responsive to determining that the determined severity is greater than a predetermined threshold, replacing the current virtual asset with a newly created virtual asset, the newly created virtual asset executing a new virtual asset agent with substantially similar functionality to the current virtual asset agent, decommissioning the current virtual asset, and receiving, with the new virtual asset, secrets that are associated with the current virtual asset; and
  
  responsive to determining that the determined severity is less than the predetermined threshold, requesting and installing a software update from an asset management computing system.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The system of claim 17, wherein monitoring the current virtual asset includes monitoring one or more of ports, log files, memory locations, and network protocols of the current virtual asset.
  - 19. The system of claim 18, wherein monitoring the one or more ports of the current virtual asset includes comparing a number of authorized open ports in the current virtual asset with a number of actual open ports in the current virtual asset.
  - 20. The system of claim 18, wherein monitoring the log files of the current virtual asset includes:
    - determining destination IP addresses of messages sent from the current virtual asset;
      
      determining geographical locations associated with each destination IP address; and
      
      determining that a potential security threat exists when the geographical location associated with any of the destination IP addresses is within one of a number of predetermined flagged regions.
  - 21. The system of claim 18, wherein monitoring the memory locations includes searching for patterns or signatures associated with malicious software or code.
  - 22. The system of claim 17, wherein the severity is a numerical value that is a sum of numerical values representing individual severities of the potential security threats identified by the current virtual asset agent.
  - 23. The system of claim 17, wherein requesting and installing a software update from an asset management computing system comprises:
    - requesting a software update from the management computing system;
      
      establishing a trusted communication channel by the current virtual asset with the management computing system; and
      
      receiving the software update from the management computing system over the trusted communication channel.
  - 24. The system of claim 17, wherein copying the virtual asset agent to the new virtual asset includes installing a new version of the current virtual asset agent onto the new virtual asset as a second virtual asset agent.

25. A system for protecting and repairing a first virtual asset from damage by potential security threats, comprising:
- at least one processor; and
  
  at least one memory coupled to the at least one processor, the at least one memory having stored therein instructions which when executed by the at least one processors, perform;
  
  monitoring the first virtual asset, with an asset management computing system external to the virtual asset, to determine whether the first virtual asset includes security updates for the potential security threats,wherein the first virtual asset includes a virtual asset agent configured to monitor the first virtual asset for the potential security threats and repair the first virtual asset from the damage by the potential security threats;
  
  upon determining that the first virtual asset does not include one or more security updates for the potential security threats, updating the first virtual asset by transmitting the one or more of the security updates to the first virtual asset over a first communication channel from the asset management computing system, and installing the one or more transmitted updates within the first virtual asset, the first communication channel being different than a second communication channel that is used by the asset management computing system to transmit and receive information over an external network;
  
  receiving notification from the virtual asset agent that the virtual asset agent created a second virtual asset in response to the virtual asset agent detecting intrusion by one or more of the potential security threats into the first virtual asset; and
  
  transmitting secrets associated with the first virtual asset to the second virtual asset using the first communication channel to enable to second virtual asset to continue operations of the first virtual asset.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32)
- - 26. The system of claim 25, wherein updating the first virtual asset includes enabling, by updating the virtual asset agent with one or more security updates, the virtual asset agent to detect and remedy one or more of the potential security threats.
  - 27. The system of claim 25, wherein the process further comprises:
    - monitoring the second virtual asset, with the asset management computing system, to determine whether the second virtual asset includes the security updates for the potential security threats; and
      
      if the second virtual asset excludes one or more of the security updates for the potential security threats, updating the second virtual asset by transmitting the one or more of the security updates to the second virtual asset over the first communication channel.
  - 28. The system of claim 27, wherein the virtual asset agent is a first virtual asset agent and updating the second virtual asset includes updating a second virtual asset agent running on the second virtual asset to protect and repair the second virtual asset from the damage by the security threats.
  - 29. The system of claim 25, wherein the process further comprises:
    - receiving notification, with the asset management computing system, from an asset computing system that hosts the first virtual asset, that the first virtual asset has been decommissioned.
  - 30. The system of claim 29, wherein decommissioning the first virtual asset includes releasing an allocation of memory resources that were allocated to the first virtual asset.
  - 31. The system of claim 25, wherein repairing the first virtual asset from damage by potential security threats is performed by:
    - creating the second virtual asset by the first virtual asset agent; and
      
      decommissioning the first virtual asset.
  - 32. The system of claim 25, wherein the first communication channel is a trusted communication channel.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intuit, Inc.
Original Assignee
Intuit, Inc.
Inventors
Lietz, M. Shannon, Cabrera, Luis Felipe, Bishop, Thomas, Weaver, Brett, Brinkley, Capen
Primary Examiner(s)
Brown, Anthony D
Assistant Examiner(s)
Corum, Jr., William A

Application Number

US15/854,571
Publication Number

US 20180124102A1
Time in Patent Office

231 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/55   Detecting local intrusion o...

G06F 21/57   Certifying or maintaining t...

G06F 21/606   by securing the transmissio...

H04L 63/107   wherein the security polici...

H04L 63/1408   by monitoring network traff...

H04L 63/1441   Countermeasures against mal...

Method and system for secure delivery of information to computing environments

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

301 Citations

32 Claims

Specification

Use Cases

Quick Links

Others

Method and system for secure delivery of information to computing environments

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

301 Citations

32 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others