Trust relationships in a computerized system
US-9602478-B2 · Mar 21, 2017 · US
Trust relationships in a computerized system
US10616237B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10616237-B2 |
| Application number | US-201815977297-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 11, 2018 |
| Priority date | Jul 8, 2013 |
| Publication date | Apr 7, 2020 |
| Grant date | Apr 7, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods and apparatuses for a computerized system are disclosed. A data processing device receives information from at least one source of log information in the computerized system and detects, based at least in part on said received log information, at least one security protocol related event at a first host device, the at least one security protocol related event being initiated by a second host device. Information is then stored for determination of a trust relationship record based on the detected at least one security protocol related event and information of the second host device.
First claim
Opening claim text (preview).
We claim: 1. A method for security protocol key management in a computerized system, comprising: monitoring at least one file system by at least one file system monitor apparatus comprising at least one hardware processor and at least one memory; determining, based on the monitoring by the at least one file system monitor apparatus, a change event in the at least one monitored file system; and performing, in response to the determining of the change event, a file system scan for determining at least one security protocol key in the at least one monitored file system. 2. The method according to claim 1 , comprising generating a file system change notification in response to the determining of the change event. 3. The method according to claim 2 , comprising providing the notification via a notification system comprising one of an application programming interface, a protocol, and a system log. 4. A method for key management in a computerized system, comprising: monitoring at least one file system by at least one file system monitor apparatus comprising at least one hardware processor and at least one memory; determining, based on the monitoring by the at least one file system monitor apparatus, a change event in the at least one monitored file system; generating a file system change notification in response to the determining of the change event; filtering the file system change notification; and performing, in response to the determining of the change event, a file system scan for determining at least one key in the at least one monitored file system. 5. The method according to claim 4 , wherein the filtering allows the notification to proceed to the scanning step only if the notification comprises a notification relating to one of a public key file, a private key file, and a file residing in a location where information of keys is expected to be located. 6. A method for key management in a computerized system, comprising: monitoring at least one file system by at least one file system monitor apparatus comprising at least one hardware processor and at least one memory; determining, based on the monitoring by the at least one file system monitor apparatus, a change event in the at least one monitored file system; performing, in response to the determining of the change event, a file system scan for determining at least one key in the at least one monitored file system; and scheduling at least one scanning task in response to the determining of the change event. 7. The method according to claim 6 , wherein the scanning task comprises at least one of a full file system scan, a partial file system scan, a scan for public keys, a scan for access-granting public keys, and a scan for private keys. 8. The method according to claim 1 , comprising continuously monitoring the at least one file system. 9. The method according to claim 1 , wherein the change event comprises at least one of a file creation event, a file deletion event and a file modification event. 10. An apparatus comprising at least one processor, and at least one memory including computer program code, wherein the at least one memory and the computer program code are configured, with the at least one processor, to cause the apparatus to: monitor at least one file system; determine, based on the monitoring, a change event in the at least one monitored file system; and perform, in response to the determined change event, a file system scan for determining at least one security protocol key in the at least one monitored file system. 11. The apparatus according to claim 10 , configured to generate a file system change notification in response to the determined change event. 12. The apparatus according to claim 11 , comprising a notification system configured to provide the notification, the notification system comprising one of an application programming interface, a protocol, and a system log. 13. An apparatus comprising at least one processor, and at least one memory including computer program code, wherein the at least one memory and the computer program code are configured, with the at least one processor, to cause the apparatus to: monitor at least one file system; determine, based on the monitoring, a change event in the at least one monitored file system; perform, in response to the determined change event, a file system scan for determining at least one key in the at least one monitored file system; and generate a file system change notification in response to the determined change event, the apparatus comprising a filter for filtering file system change notifications. 14. The apparatus according to claim 13 , wherein the filter is configured to allow a file system change notification through only if the notification comprises a notification relating to one of a public key file, a private key file, and a file residing in a location where keys are expected to be located. 15. An apparatus comprising at least one processor, and at least one memory including computer program code, wherein the at least one memory and the computer program code are configured, with the at least one processor, to cause the apparatus to: monitor at least one file system; determine, based on the monitoring, a change event in the at least one monitored file system; and perform, in response to the determined change event, a file system scan for determining at least one key in the at least one monitored file system; the apparatus comprising a scheduling system for scheduling at least one scanning task in response to the determined change event. 16. The apparatus according to claim 15 , wherein the scheduling system is configured to schedule, in response to the determined change event, at least one of a full file system scan, a partial file system scan, a scan for public keys, a scan for access-granting public keys, and a scan for private keys. 17. The apparatus according to claim 10 , configured to continuously monitor the at least one file system. 18. The apparatus according to claim 10 , comprising a kernel subsystem or an entity configured to monitor file system journals. 19. The apparatus according to claim 10 , wherein the change event comprises at least one of a file creation event, a file deletion event and a file modification event. 20. A computerized monitoring system for monitoring file systems, comprising: a file system monitor configured to monitor at least one file system and determine, based on the monitoring, a change event in the at least one monitored file system; a notification system configured to provide a notification in response to the determined change event; and a scheduling system configured to schedule, in response to the notification, a file system scan for determining at least one security protocol key in the at least one monitored file system.
Assignees
Inventors
Classifications
wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption (cryptographic mechanisms or cryptographic arrangements for public-key encryption H04L9/30) · CPC title
for key exchange, e.g. in peer-to-peer networks (cryptographic mechanisms or cryptographic arrangements for key agreement H04L9/0838) · CPC title
involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics · CPC title
involving long-term monitoring or reporting · CPC title
for supporting key management in a packet data network (cryptographic mechanisms or cryptographic arrangements for key management H04L9/08) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10616237B2 cover?
- Methods and apparatuses for a computerized system are disclosed. A data processing device receives information from at least one source of log information in the computerized system and detects, based at least in part on said received log information, at least one security protocol related event at a first host device, the at least one security protocol related event being initiated by a second…
- Who is the assignee on this patent?
- Ssh Communications Security Oyj
- What technology area does this patent fall under?
- Primary CPC classification H04L63/105. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Apr 07 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).