IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0366319
(2006-03-02)
|
등록번호 |
US-8544098
(2013-09-24)
|
발명자
/ 주소 |
- Gustave, Christophe
- Chow, Stanley TaiHai
- Wiemer, Douglas
|
출원인 / 주소 |
|
대리인 / 주소 |
Eckert Seamans Cherin & Mellott, LLC
|
인용정보 |
피인용 횟수 :
10 인용 특허 :
27 |
초록
▼
Security vulnerability information aggregation techniques are disclosed. Vulnerability information associated with one or more security vulnerabilities is obtained from multiple sources and aggregated into respective unified vulnerability definitions for the one or more security vulnerabilities. Agg
Security vulnerability information aggregation techniques are disclosed. Vulnerability information associated with one or more security vulnerabilities is obtained from multiple sources and aggregated into respective unified vulnerability definitions for the one or more security vulnerabilities. Aggregation may involve format conversion, content aggregation, or both in some embodiments. Unified vulnerability definitions may be distributed to vulnerability information consumers in accordance with consumer-specific policies. Storage of vulnerability information received from the sources may allow the aggregation process to be performed on existing vulnerability information “retro-actively”. Related data structures and Graphical User Interfaces (GUIs) are also disclosed.
대표청구항
▼
1. An apparatus comprising: an interface to receive from a plurality of sources vulnerability definition information that defines a plurality of security vulnerabilities;a policies store to store one or more aggregation policies, the one or more aggregation policies specifying respective sets of dis
1. An apparatus comprising: an interface to receive from a plurality of sources vulnerability definition information that defines a plurality of security vulnerabilities;a policies store to store one or more aggregation policies, the one or more aggregation policies specifying respective sets of distribution parameters for one or more vulnerability definition information consumers;one or more output interfaces to enable transmission of vulnerability definitions to respective groups of the one or more vulnerability definition information consumers;an aggregator, operatively coupled to the interface, to the policies store, and to the one or more output interfaces, to receive the vulnerability definition information through the interface, to aggregate the vulnerability definition information that defines one or more security vulnerabilities into a respective unified vulnerability description for each of the one or more security vulnerabilities in accordance with the aggregation policy of a vulnerability definition information consumer in the policies store, and to distribute the respective unified vulnerability description for each of the one or more security vulnerabilities to the vulnerability definition information consumer through an output interface of the one or more output interfaces,wherein the vulnerability definition information received from each source comprises respective source content arranged according to a respective source format, and wherein the aggregator comprises:a plurality of format adapters operatively coupled to the interface, the plurality of format adapters comprising respective format adapters configured to convert a format of vulnerability definition information that defines the one or more respective security vulnerabilities and is received from a respective source into a format of the one or more respective unified vulnerability descriptions; anda content aggregator operatively coupled to the plurality of format adapters and configured to determine portions of the one or more respective unified vulnerability descriptions based on corresponding portions of source content in the converted vulnerability definition information received from the plurality of sources and converted by the plurality of format adapters. 2. The apparatus of claim 1, wherein the interface comprises a plurality of interfaces, each interface of the plurality of interfaces being configured to receive vulnerability definition information from a respective group of one or more sources. 3. The apparatus of claim 1, wherein the aggregator comprises a plurality of format adapters operatively coupled to the interface, the plurality of format adapters comprising respective format adapters configured to convert a format of the vulnerability definition information that defines the one or more respective security vulnerabilities and is received from a respective source into a format of the one or more respective unified vulnerability descriptions. 4. The apparatus of claim 3, wherein the aggregator further comprises a content aggregator operatively coupled to the plurality of format adapters and configured to determine portions of the one or more respective unified vulnerability descriptions based on corresponding portions of the vulnerability definition information received from the plurality of sources and converted by the plurality of format adapters. 5. The apparatus of claim 4, wherein the content aggregator is further configured to detect a conflict where vulnerability definition information that is received from one source of the plurality of sources conflicts with vulnerability definition information that is received from a different source of the plurality of sources, and wherein the aggregator further comprises at least one of: a conflict resolution module operatively coupled to the content aggregator and configured to resolve a conflict detected by the content aggregator; anda conflict alert module operatively coupled to the content aggregator and configured to allow a user to resolve a conflict detected by the content aggregator. 6. The apparatus of claim 4, wherein the content aggregator is further configured to detect a conflict where vulnerability definition information that is received from one source of the plurality of sources conflicts with vulnerability definition information that is received from a different source of the plurality of sources, and wherein the aggregator further comprises: a conflict rules store to store a set of conflict rules; anda conflict resolution module, operatively coupled to the content aggregator and to the conflict rules store, configured to resolve, based on the set of conflict rules stored in the conflict rules store, a conflict detected by the content aggregator. 7. The apparatus of claim 1, further comprising: a user interface, operatively coupled to the aggregator, for providing a representation of the respective unified vulnerability description. 8. The apparatus of claim 1, further comprising: a vulnerability definition information store, operatively coupled to the interface and to the aggregator, for storing the vulnerability definition information that defines the plurality of security vulnerabilities,wherein the aggregator is further configured to, responsive to a change in an aggregation policy in the policies store, retrieve from the vulnerability definition information store vulnerability definition information that defines one or more respective security vulnerabilities in accordance with the changed aggregation policy, aggregate the retrieved vulnerability definition information into one or more respective unified vulnerability descriptions, and distribute the one or more respective unified vulnerability descriptions through an output interface of the one or more output interfaces to a vulnerability definition information consumer for which the changed aggregation policy specifies distribution parameters. 9. A method comprising: obtaining, by an aggregator, from a plurality of sources vulnerability definition information that defines a plurality of security vulnerabilities;aggregating, by the aggregator, the vulnerability definition information that defines one or more security vulnerabilities into a respective unified vulnerability description for each of the one or more security vulnerabilities in accordance with an aggregation policy that specifies a set of distribution parameters for a vulnerability definition information consumer; anddistributing, by the aggregator, the respective unified vulnerability description for each of the one or more security vulnerabilities to the vulnerability definition information consumer,wherein the vulnerability definition information obtained from each source comprises respective source content arranged according to a respective source format, wherein the method further comprises:converting the vulnerability definition information associated with the one or more respective security vulnerabilities from each source format into a format of the one or more respective unified vulnerability descriptions,wherein aggregating comprises determining portions of the one or more respective unified vulnerability descriptions based on corresponding portions of source content in the converted vulnerability definition information obtained from the plurality of sources. 10. The method of claim 9, wherein aggregating comprises converting, in respective format adapters, formats of the vulnerability definition information that is received from different sources of the plurality of sources and defines the one or more respective security vulnerabilities into a format of the one or more respective unified vulnerability descriptions. 11. The method of claim 10, wherein aggregating comprises determining portions of the one or more respective unified vulnerability descriptions based on portions of the vulnerability definition information received from the plurality of sources and converted by the format adapters. 12. The method of claim 9, wherein aggregating comprises: detecting a conflict where vulnerability definition information that is received from one source of the plurality of sources conflicts with vulnerability definition information that is received from a different source of the plurality of sources; andresolving a detected conflict in accordance with at least one of: a set of one or more conflict rules, and a user input. 13. The method of claim 9, further comprising: providing a representation of the respective unified vulnerability description. 14. The method of claim 9, wherein obtaining comprises at least one of: requesting vulnerability definition information; andreceiving vulnerability definition information. 15. A non-transitory machine-readable medium storing instructions which when executed perform a method comprising: obtaining from a plurality of sources vulnerability definition information that defines a plurality of security vulnerabilities;aggregating the vulnerability definition information that defines one or more security vulnerabilities into a respective unified vulnerability description for each of the one or more security vulnerabilities in accordance with an aggregation policy that specifies a set of distribution parameters for a vulnerability definition information consumer; anddistributing the respective unified vulnerability description for each of the one or more security vulnerabilities to the vulnerability definition information consumer,wherein the vulnerability definition information obtained from each source comprises respective source content arranged according to a respective source format, wherein the method further comprises:converting the vulnerability definition information associated with the one or more respective security vulnerabilities from each source format into a format of the one or more respective unified vulnerability descriptions,wherein aggregating comprises determining portions of the one or more respective unified vulnerability descriptions based on corresponding portions of source content in the converted vulnerability definition information obtained from the plurality of sources.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.