Apparatus, method and computer-readable medium
US-2015033029-A1 · Jan 29, 2015 · US
Trust relationships in a computerized system
US10880314B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10880314-B2 |
| Application number | US-201916425154-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 29, 2019 |
| Priority date | Jul 8, 2013 |
| Publication date | Dec 29, 2020 |
| Grant date | Dec 29, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods and apparatuses for a computerized system are disclosed. A data processing device receives information from at least one source of log information in the computerized system and detects, based at least in part on said received log information, at least one security protocol related event at a first host device, the at least one security protocol related event being initiated by a second host device. Information is then stored for determination of a trust relationship record based on the detected at least one security protocol related event and information of the second host device.
First claim
Opening claim text (preview).
We claim: 1. A method in a computerized system, comprising: extracting, by a data extractor apparatus comprising at least one hardware processor and at least one memory, and from log data stored in the computerized system, a distinguished name appearing in a certificate associated with a login event; and looking up the distinguished name from a directory associated with the computerized system. 2. The method of claim 1 , further comprising: identifying a user based on the distinguished name; and obtaining additional information about the user from the directory. 3. The method of claim 2 , wherein the additional information comprises information of a full name of the user. 4. The method of claim 2 , wherein the additional information comprises information of a rank of the user and/or a title of the user. 5. The method of claim 2 , wherein the additional information comprises information of a physical location of the user. 6. The method of claim 2 , wherein the additional information comprises addressing information. 7. The method of claim 6 , wherein the addressing information comprises information of a phone number of the user and/or an e-mail address of the user. 8. The method of claim 1 , comprising searching for the login event from the log data based on information of at least one key. 9. The method of claim 8 , comprising searching for a user name from a substring associated with the login event located based on the information of at least one key. 10. An apparatus comprising at least one processor, and at least one memory including computer program code, wherein the at least one memory and the computer program code are configured, with the at least one processor, to cause the apparatus to: extract, from log data stored in a computerized system, a distinguished name appearing in a certificate associated with a login event; and look up the distinguished name from a directory associated with the computerized system. 11. The apparatus of claim 10 , further configured to: identify a user based on the distinguished name; and obtain additional information about the user from the directory. 12. The apparatus of claim 11 , configured to obtain information of a full name of the user. 13. The apparatus of claim 11 , configured to obtain information of a rank of the user and/or a title of the user. 14. The apparatus of claim 11 , configured to obtain information of a physical location of the user. 15. The apparatus of claim 11 , configured to obtain addressing information. 16. The apparatus of claim 15 , configured to obtain information of a phone number of the user and/or an e-mail address of the user. 17. The apparatus of claim 10 , configured to search for the login event from the log data based on information of at least one key. 18. The apparatus of claim 17 , configured to search for a user name from a substring associated with the login event located based on the information of at least one key. 19. A computer program product stored on a non-transitory computer-readable medium for an apparatus in a computerized system comprising a storage for log data and a directory, the computer program product comprising instructions operable to cause the apparatus to: extract, from the log data stored in the computerized system, a distinguished name appearing in a certificate associated with a login event; and look up the distinguished name from the directory associated with the computerized system. 20. The computer program product of claim 19 , further comprising instructions operable to cause the apparatus to: identify a user based on the distinguished name; and obtain additional information about the user from the directory.
Assignees
Inventors
Classifications
- H04L63/168Primary
above the transport layer · CPC title
Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms (network architectures or network communication protocols for using time-dependent keys in a packet data network H04L63/068) · CPC title
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
for key exchange, e.g. in peer-to-peer networks (cryptographic mechanisms or cryptographic arrangements for key agreement H04L9/0838) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10880314B2 cover?
- Methods and apparatuses for a computerized system are disclosed. A data processing device receives information from at least one source of log information in the computerized system and detects, based at least in part on said received log information, at least one security protocol related event at a first host device, the at least one security protocol related event being initiated by a second…
- Who is the assignee on this patent?
- Ssh Communications Security Oyj
- What technology area does this patent fall under?
- Primary CPC classification H04L63/168. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Dec 29 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).