JP5534373B2 - 評判システムにおける調整されただまし行為を防ぐためのセキュリティトークン内のメタデータの使用 - Google Patents

評判システムにおける調整されただまし行為を防ぐためのセキュリティトークン内のメタデータの使用 Download PDF

Info

Publication number
JP5534373B2
JP5534373B2 JP2012528923A JP2012528923A JP5534373B2 JP 5534373 B2 JP5534373 B2 JP 5534373B2 JP 2012528923 A JP2012528923 A JP 2012528923A JP 2012528923 A JP2012528923 A JP 2012528923A JP 5534373 B2 JP5534373 B2 JP 5534373B2
Authority
JP
Japan
Prior art keywords
client
correlation
metadata
security
degree
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
JP2012528923A
Other languages
English (en)
Japanese (ja)
Other versions
JP2013504821A (ja
JP2013504821A5 (enExample
Inventor
キャリー・ナッチェンバーグ
ズルフィカール・ラムザン
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gen Digital Inc
Original Assignee
Symantec Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Symantec Corp filed Critical Symantec Corp
Publication of JP2013504821A publication Critical patent/JP2013504821A/ja
Publication of JP2013504821A5 publication Critical patent/JP2013504821A5/ja
Application granted granted Critical
Publication of JP5534373B2 publication Critical patent/JP5534373B2/ja
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2101Auditing as a secondary aspect
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2111Location-sensitive, e.g. geographical location, GPS
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2115Third party
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2117User registration

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)
JP2012528923A 2009-09-15 2010-09-10 評判システムにおける調整されただまし行為を防ぐためのセキュリティトークン内のメタデータの使用 Expired - Fee Related JP5534373B2 (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US12/559,976 US8621654B2 (en) 2009-09-15 2009-09-15 Using metadata in security tokens to prevent coordinated gaming in a reputation system
US12/559,976 2009-09-15
PCT/US2010/048408 WO2011034786A2 (en) 2009-09-15 2010-09-10 Using metadata in security tokens to prevent coordinated gaming in a reputation system

Publications (3)

Publication Number Publication Date
JP2013504821A JP2013504821A (ja) 2013-02-07
JP2013504821A5 JP2013504821A5 (enExample) 2013-10-17
JP5534373B2 true JP5534373B2 (ja) 2014-06-25

Family

ID=43027655

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2012528923A Expired - Fee Related JP5534373B2 (ja) 2009-09-15 2010-09-10 評判システムにおける調整されただまし行為を防ぐためのセキュリティトークン内のメタデータの使用

Country Status (5)

Country Link
US (2) US8621654B2 (enExample)
EP (1) EP2478459B1 (enExample)
JP (1) JP5534373B2 (enExample)
CA (1) CA2770222C (enExample)
WO (1) WO2011034786A2 (enExample)

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8572746B2 (en) * 2010-01-21 2013-10-29 The Regents Of The University Of California Predictive blacklisting using implicit recommendation
US9122877B2 (en) 2011-03-21 2015-09-01 Mcafee, Inc. System and method for malware and network reputation correlation
US9106680B2 (en) 2011-06-27 2015-08-11 Mcafee, Inc. System and method for protocol fingerprinting and reputation correlation
US8983076B2 (en) 2011-12-22 2015-03-17 Adobe Systems Incorporated Methods and apparatus for key delivery in HTTP live streaming
US8931043B2 (en) 2012-04-10 2015-01-06 Mcafee Inc. System and method for determining and using local reputations of users and hosts to protect information in a network environment
JP6066586B2 (ja) * 2012-05-22 2017-01-25 キヤノン株式会社 情報処理システム、その制御方法、およびそのプログラム。
WO2014095001A1 (de) * 2012-12-17 2014-06-26 Giesecke & Devrient Gmbh Reputationssystem und verfahren
US9323935B2 (en) 2012-12-18 2016-04-26 Mcafee, Inc. User device security profile
US9741032B2 (en) 2012-12-18 2017-08-22 Mcafee, Inc. Security broker
RU2536663C2 (ru) 2012-12-25 2014-12-27 Закрытое акционерное общество "Лаборатория Касперского" Система и способ защиты от нелегального использования облачных инфраструктур
WO2015060857A1 (en) 2013-10-24 2015-04-30 Mcafee, Inc. Agent assisted malicious application blocking in a network environment
US9171174B2 (en) * 2013-11-27 2015-10-27 At&T Intellectual Property I, L.P. Methods, systems, and computer program products for verifying user data access policies when server and/or user are not trusted
US20170063883A1 (en) * 2015-08-26 2017-03-02 Fortinet, Inc. Metadata information based file processing
US10362007B2 (en) * 2015-11-12 2019-07-23 Facebook, Inc. Systems and methods for user account recovery
US20170365027A1 (en) * 2016-06-16 2017-12-21 Hewlett Packard Enterprise Development Lp Considering geolocation information in a security information sharing platform
US10178122B1 (en) * 2016-08-12 2019-01-08 Symantec Corporation Systems and methods for disseminating location-based reputations for link-layer wireless attacks
EP3713189A1 (de) * 2019-03-22 2020-09-23 Siemens Aktiengesellschaft Intrusionserkennung bei computersystemen
US11296881B2 (en) * 2019-10-30 2022-04-05 Microsoft Technology Licensing, Llc Using IP heuristics to protect access tokens from theft and replay
US12149516B2 (en) * 2020-06-02 2024-11-19 Flex Integration, LLC System and methods for tokenized hierarchical secured asset distribution
JP7510340B2 (ja) * 2020-12-14 2024-07-03 Kddi株式会社 認証装置、認証方法及び認証プログラム
DE102021004427B4 (de) 2021-08-31 2024-05-29 Mercedes-Benz Group AG Verfahren zur lmplementierung und Nutzung von kryptografischem Material in wenigstens einer Systemkomponente eines informationstechnischen Systems

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5712914A (en) 1995-09-29 1998-01-27 Intel Corporation Digital certificates containing multimedia data extensions
JPH09252323A (ja) * 1996-01-11 1997-09-22 Sony Corp 通信システムおよび通信装置
US6845453B2 (en) * 1998-02-13 2005-01-18 Tecsec, Inc. Multiple factor-based user identification and authentication
MXPA02009908A (es) * 2000-04-05 2006-03-09 Ods Properties Inc Sistema interactivo de apuestas y metodos para restringir el acceso a apuestas.
US7739402B2 (en) * 2002-03-01 2010-06-15 Enterasys Networks, Inc. Locating devices in a data network
JP2003271469A (ja) * 2002-03-13 2003-09-26 Lac Co Ltd クライアント検査方法、クライアント検査装置、およびプログラム
US7269732B2 (en) * 2003-06-05 2007-09-11 Sap Aktiengesellschaft Securing access to an application service based on a proximity token
US7055392B2 (en) 2003-07-04 2006-06-06 Robert Bosch Gmbh Micromechanical pressure sensor
US7373385B2 (en) 2003-11-03 2008-05-13 Cloudmark, Inc. Method and apparatus to block spam based on spam reports from a community of users
US20050198181A1 (en) 2004-03-02 2005-09-08 Jordan Ritter Method and apparatus to use a statistical model to classify electronic communications
JP2005293408A (ja) * 2004-04-02 2005-10-20 Sony Corp 電子機器装置、サーバ装置、制御方法及びそのプログラム
US7562304B2 (en) 2005-05-03 2009-07-14 Mcafee, Inc. Indicating website reputations during website manipulation of user information
US7437755B2 (en) * 2005-10-26 2008-10-14 Cisco Technology, Inc. Unified network and physical premises access control server
KR100721522B1 (ko) * 2005-11-28 2007-05-23 한국전자통신연구원 위치토큰을 이용한 위치기반 서비스 제공 방법
JP2007164465A (ja) 2005-12-14 2007-06-28 Hitachi Ltd クライアントセキュリティ管理システム
US7860752B2 (en) 2006-08-30 2010-12-28 Ebay Inc. System and method for measuring reputation using take volume
US20080104672A1 (en) * 2006-10-25 2008-05-01 Iovation, Inc. Detecting and preventing man-in-the-middle phishing attacks
US8312536B2 (en) 2006-12-29 2012-11-13 Symantec Corporation Hygiene-based computer security
CN101657807A (zh) * 2007-02-01 2010-02-24 瑞士信贷证券(美国)有限责任公司 用于动态控制对网络的访问的方法和系统
US7953969B2 (en) * 2007-04-16 2011-05-31 Microsoft Corporation Reduction of false positive reputations through collection of overrides from customer deployments
US8849921B2 (en) * 2007-06-28 2014-09-30 Symantec Corporation Method and apparatus for creating predictive filters for messages
CN101399683B (zh) 2007-09-25 2011-05-11 中国科学院声学研究所 一种信誉系统中的信誉计算方法
US8220034B2 (en) * 2007-12-17 2012-07-10 International Business Machines Corporation User authentication based on authentication credentials and location information
US8799630B2 (en) * 2008-06-26 2014-08-05 Microsoft Corporation Advanced security negotiation protocol
US8595282B2 (en) 2008-06-30 2013-11-26 Symantec Corporation Simplified communication of a reputation score for an entity
CN101459718B (zh) 2009-01-06 2012-05-23 华中科技大学 一种基于移动通信网的垃圾语音过滤方法及其系统

Also Published As

Publication number Publication date
EP2478459A2 (en) 2012-07-25
EP2478459B1 (en) 2016-03-30
US20110067086A1 (en) 2011-03-17
US20140026199A1 (en) 2014-01-23
US8621654B2 (en) 2013-12-31
CA2770222C (en) 2016-07-19
WO2011034786A3 (en) 2011-05-19
WO2011034786A2 (en) 2011-03-24
JP2013504821A (ja) 2013-02-07
US8997190B2 (en) 2015-03-31
CA2770222A1 (en) 2011-03-24

Similar Documents

Publication Publication Date Title
JP5534373B2 (ja) 評判システムにおける調整されただまし行為を防ぐためのセキュリティトークン内のメタデータの使用
JP5599884B2 (ja) 評価システムでのクライアント装置の信頼度メトリクスの使用
US11140150B2 (en) System and method for secure online authentication
US8381289B1 (en) Communication-based host reputation system
US9497210B2 (en) Stateless attestation system
US8015284B1 (en) Discerning use of signatures by third party vendors
US9065845B1 (en) Detecting misuse of trusted seals
EP2147390B1 (en) Detection of adversaries through collection and correlation of assessments
US8756691B2 (en) IP-based blocking of malware
US8286225B2 (en) Method and apparatus for detecting cyber threats
US8499150B1 (en) Selectively trusting signed files
US10643259B2 (en) Systems and methods for dynamic vendor and vendor outlet classification
US20160078229A1 (en) System And Method For Threat Risk Scoring Of Security Threats
CN108369541A (zh) 用于安全威胁的威胁风险评分的系统和方法
Yan et al. Stealing trust: Unraveling blind message attacks in web3 authentication
WO2023174389A1 (zh) 一种安全状态评估方法及装置、电子设备和可读存储介质
Wozak et al. End-to-end security in telemedical networks–a practical guideline
WO2025147293A2 (en) Host-level ticket forgery detection and extension to network endpoints
Aldwairi et al. A zero-day attach exploiting a yahoo messenger vulnerability
EP3261009A1 (en) System and method for secure online authentication
Hatunic-Webster Anti-phishing models: Main challenges
Grover Low Level Packet analysis of Website Authentication on Android Phone

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20130829

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20130829

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20140317

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20140401

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20140416

R150 Certificate of patent or registration of utility model

Ref document number: 5534373

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

S111 Request for change of ownership or part of ownership

Free format text: JAPANESE INTERMEDIATE CODE: R313113

S531 Written request for registration of change of domicile

Free format text: JAPANESE INTERMEDIATE CODE: R313531

S533 Written request for registration of change of name

Free format text: JAPANESE INTERMEDIATE CODE: R313533

R350 Written notification of registration of transfer

Free format text: JAPANESE INTERMEDIATE CODE: R350

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

LAPS Cancellation because of no payment of annual fees