Method and apparatus for privacy and trust enhancing sharing of data for collaborative analytics
US-9275237-B2 · Mar 1, 2016 · US
Trusted Third Party Broker for Collection and Private Sharing of Successful Computer Security Practices
US2016255113A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016255113-A1 |
| Application number | US-201514632812-A |
| Country | US |
| Kind code | A1 |
| Filing date | Feb 26, 2015 |
| Priority date | Feb 26, 2015 |
| Publication date | Sep 1, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A trusted third party broker collects information concerning successful computer security practices from multiple organizations, and privately shares collected information at an inter-organizational level. Information concerning empirically successful computer security practices is received from multiple source organizations. The information concerning empirically successful computer security practices received from the multiple source organizations is amalgamated and analyzed. Based on the analysis, specific information concerning empirically successful computer security practices is identified to share with specific target organizations. Once information to share with a target organization has been identified, any explicit and/or implicit source information that could identify the organization(s) from which the information originated is removed. The identified specific information concerning empirically successful computer security practices is then provided to the specific target organizations, with the source identifying information removed.
First claim
Opening claim text (preview).
What is claimed is: 1 . A computer implemented method for a trusted third party broker to collect information concerning successful computer security practices from a plurality of source organizations, and to share collected information at an inter-organizational level privately, the method comprising the steps of: receiving, by a central computer, information concerning empirically successful computer security practices, from a plurality of remote computers associated with a plurality of source organizations, wherein different ones of the empirically successful computer security practices are being used at different ones of the plurality of source organizations; amalgamating the information concerning empirically successful computer security practices received from the plurality of remote computers associated with the plurality of source organizations; analyzing the amalgamated information concerning empirically successful computer security practices received from the plurality of remote computers associated with the plurality of source organizations; identifying specific information concerning empirically successful computer security practices to share with at least one specific target organization, based on analyzing the amalgamated information; removing source information from the identified specific information concerning empirically successful computer security practices to share with the at least one specific target organization; and providing the identified specific information concerning empirically successful computer security practices to share with the at least one specific target organization, with the source information removed, wherein the at least one target organization does not receive information identifying the source of the provided information concerning empirically successful computer security practices. 2 . The method of claim 1 wherein receiving information concerning empirically successful computer security practices further comprises: receiving, by the central computer, rules used in an intrusion detection system by at least one specific source organization to prevent at least one attack, from at least one remote computer. 3 . The method of claim 1 wherein receiving information concerning empirically successful computer security practices further comprises: receiving, by the central computer, rules used in a firewall by at least one specific source organization to prevent at least one attack, from at least one remote computer. 4 . The method of claim 1 wherein receiving information concerning empirically successful computer security practices further comprises: receiving, by the central computer, rules used in a data loss prevention system by at least one specific source organization to prevent loss of data, from at least one remote computer. 5 . The method of claim 1 wherein receiving information concerning empirically successful computer security practices further comprises: receiving, by the central computer, settings used in an anti-malware system by at least one specific source organization to prevent infection, from at least one remote computer. 6 . The method of claim 1 wherein receiving information concerning empirically successful computer security practices further comprises: receiving, by the central computer, information concerning empirically successful computer security practices explicitly transmitted to the central computer by at least one specific source organization. 7 . The method of claim 1 wherein receiving information concerning empirically successful computer security practices further comprises: reading, by the central computer, information concerning empirically successful computer security practices on at least one remote computer associated with at least one specific source organization. 8 . The method of claim 1 wherein receiving information concerning empirically successful computer security practices further comprises: monitoring, by the central computer, computer security practices utilized by the plurality of source organizations; and inferring successful security practices based on results of utilizing the monitored computer security practices by the plurality of source organizations over time. 9 . The method of claim 1 wherein receiving information concerning empirically successful computer security practices further comprises: receiving, by the central computer, updated computer security practices utilized by the plurality of remote computers associated with the plurality of source organizations over time. 10 . The method of claim 1 further comprising: categorizing amalgamated information concerning empirically successful computer security practices based on industry. 11 . The method of claim 1 further comprising: identifying specific information concerning empirically successful computer security practices to share with at least one specific target organization based on industry. 12 . The method of claim 1 further comprising: categorizing amalgamated information concerning empirically successful computer security practices based on type of organization. 13 . The method of claim 1 further comprising: identifying specific information concerning empirically successful computer security practices to share with at least one specific target organization based on type of organization. 14 . The method of claim 1 further comprising: identifying specific information concerning empirically successful computer security practices to share with at least one specific target organization based on size of organization. 15 . The method of claim 1 further comprising: identifying specific information concerning empirically successful computer security practices to share with at least one specific target organization based on at least one specific computer security vulnerability which the identified security practices have been empirically successful protecting against for at least one source organization. 16 . The method of claim 1 further comprising: identifying specific information concerning empirically successful computer security practices to share with at least one specific target organization based on at least one specific computer security vulnerability to which the at least one specific target organization is subject. 17 . The method of claim 1 wherein providing the identified specific information concerning empirically successful computer security practices to the at least one specific target organization further comprises: transmitting, by the central computer, at least one recommendation concerning computer security practices to the at least one specific target organization. 18 . The method of claim 1 wherein providing the identified specific information concerning empirically successful computer security practices to the at least one specific target organization further comprises: automatically updating, by the central computer, security settings of at least one remote computer associated with the at least one specific organization. 19 . At least one non-transitory computer readable medium for a trusted third party broker to collect information concerning successful computer security practices from a plurality of source organizations, and to share collected information at an inter-organizational level privately, the at least one non-transitory computer readable medium storing computer executable instructions that, when loaded into computer memory and executed by at least one processor of at
Assignees
Inventors
Classifications
Arrangements for multi-party communication, e.g. for conferences (data switching systems for conference H04L12/18; arrangements for connecting several subscribers to a common circuit, i.e. affording conference facilities H04M3/56; television conferencing systems H04N7/15) · CPC title
- H04L63/20Primary
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
- H04L63/1433Primary
Vulnerability analysis · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016255113A1 cover?
- A trusted third party broker collects information concerning successful computer security practices from multiple organizations, and privately shares collected information at an inter-organizational level. Information concerning empirically successful computer security practices is received from multiple source organizations. The information concerning empirically successful computer security p…
- Who is the assignee on this patent?
- Symantec Corp
- What technology area does this patent fall under?
- Primary CPC classification H04L63/20. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Sep 01 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).