WO2007109711A3 - Security scanning system and method - Google Patents
Security scanning system and method Download PDFInfo
- Publication number
- WO2007109711A3 WO2007109711A3 PCT/US2007/064495 US2007064495W WO2007109711A3 WO 2007109711 A3 WO2007109711 A3 WO 2007109711A3 US 2007064495 W US2007064495 W US 2007064495W WO 2007109711 A3 WO2007109711 A3 WO 2007109711A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- scanning
- running
- customer device
- application program
- program
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
- H04N21/24—Monitoring of processes or resources, e.g. monitoring of server load, available bandwidth, upstream requests
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/442—Monitoring of processes or resources, e.g. detecting the failure of a recording device, monitoring the downstream bandwidth, the number of times a movie has been viewed, the storage space available from the internal hard disk
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/443—OS processes, e.g. booting an STB, implementing a Java virtual machine in an STB or power management in an STB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/80—Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
- H04N21/81—Monomedia components thereof
- H04N21/8166—Monomedia components thereof involving executable data, e.g. software
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/80—Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
- H04N21/85—Assembly of content; Generation of multimedia applications
- H04N21/854—Content authoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/173—Analogue secrecy systems; Analogue subscription systems with two-way working, e.g. subscriber sending a programme selection signal
Abstract
The present disclosure provides a computer-readable medium, method and system for determining security vulnerabilities for a plurality of application programs (120, 130, 140 and 150) u sed to provide television services to a customer device (132) over a communications network (100). The method includes running a first scanning program against a first application program relating to a control panel for the customer device; running a second scanning program against a second application program that provides Internet content to the customer device; running a third scanning program against a third application program that relates to a component management system of customer premises equipment; and correlating security vulnerabilities identified utilizing the first, second, and third scanning programs.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/385,609 | 2006-03-21 | ||
US11/385,609 US8387138B2 (en) | 2006-03-21 | 2006-03-21 | Security scanning system and method |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2007109711A2 WO2007109711A2 (en) | 2007-09-27 |
WO2007109711A3 true WO2007109711A3 (en) | 2008-10-30 |
Family
ID=38523278
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2007/064495 WO2007109711A2 (en) | 2006-03-21 | 2007-03-21 | Security scanning system and method |
Country Status (2)
Country | Link |
---|---|
US (4) | US8387138B2 (en) |
WO (1) | WO2007109711A2 (en) |
Families Citing this family (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110075047A1 (en) * | 2009-09-29 | 2011-03-31 | Sony Corporation | Firewall port selection using atsc tuner signals |
US8925039B2 (en) * | 2009-12-14 | 2014-12-30 | At&T Intellectual Property I, L.P. | System and method of selectively applying security measures to data services |
US9747187B2 (en) * | 2010-10-27 | 2017-08-29 | International Business Machines Corporation | Simulating black box test results using information from white box testing |
US9830142B2 (en) | 2013-09-13 | 2017-11-28 | Microsoft Technology Licensing, Llc | Automatic installation of selected updates in multiple environments |
US9626176B2 (en) * | 2013-09-13 | 2017-04-18 | Microsoft Technology Licensing, Llc | Update installer with technical impact analysis |
EP3100192B1 (en) * | 2014-01-27 | 2018-10-31 | Cronus Cyber Technologies Ltd. | Automated penetration testing device, method and system |
US9742792B2 (en) * | 2014-10-01 | 2017-08-22 | Whitehat Security, Inc. | Site security monitor |
US9407656B1 (en) * | 2015-01-09 | 2016-08-02 | International Business Machines Corporation | Determining a risk level for server health check processing |
US10075475B2 (en) | 2015-02-06 | 2018-09-11 | Honeywell International Inc. | Apparatus and method for dynamic customization of cyber-security risk item rules |
US10021125B2 (en) | 2015-02-06 | 2018-07-10 | Honeywell International Inc. | Infrastructure monitoring tool for collecting industrial process control and automation system risk data |
US10021119B2 (en) | 2015-02-06 | 2018-07-10 | Honeywell International Inc. | Apparatus and method for automatic handling of cyber-security risk events |
US10075474B2 (en) | 2015-02-06 | 2018-09-11 | Honeywell International Inc. | Notification subsystem for generating consolidated, filtered, and relevant security risk-based notifications |
US10298608B2 (en) | 2015-02-11 | 2019-05-21 | Honeywell International Inc. | Apparatus and method for tying cyber-security risk analysis to common risk methodologies and risk levels |
US20160234242A1 (en) * | 2015-02-11 | 2016-08-11 | Honeywell International Inc. | Apparatus and method for providing possible causes, recommended actions, and potential impacts related to identified cyber-security risk items |
US9800604B2 (en) | 2015-05-06 | 2017-10-24 | Honeywell International Inc. | Apparatus and method for assigning cyber-security risk consequences in industrial process control environments |
US10489746B2 (en) * | 2015-07-30 | 2019-11-26 | Espresa, Inc. | Cloud based platform for vehicle related services |
US10243957B1 (en) * | 2015-08-27 | 2019-03-26 | Amazon Technologies, Inc. | Preventing leakage of cookie data |
US11522901B2 (en) * | 2016-09-23 | 2022-12-06 | OPSWAT, Inc. | Computer security vulnerability assessment |
US9749349B1 (en) * | 2016-09-23 | 2017-08-29 | OPSWAT, Inc. | Computer security vulnerability assessment |
US10298605B2 (en) * | 2016-11-16 | 2019-05-21 | Red Hat, Inc. | Multi-tenant cloud security threat detection |
CN107231381A (en) * | 2017-08-02 | 2017-10-03 | 中电长城网际系统应用有限公司 | Safety detection method, service interface module, safety detection device and network system |
US20220150273A1 (en) * | 2019-09-04 | 2022-05-12 | Haiku, Inc. | System and method for cyber training |
CN114866327B (en) * | 2022-05-16 | 2024-02-13 | 中国联合网络通信集团有限公司 | Host security scanning method, device, electronic equipment and system |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6976163B1 (en) * | 2000-07-12 | 2005-12-13 | International Business Machines Corporation | Methods, systems and computer program products for rule based firmware updates utilizing certificate extensions and certificates for use therein |
US20060085852A1 (en) * | 2004-10-20 | 2006-04-20 | Caleb Sima | Enterprise assessment management |
Family Cites Families (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4654852A (en) | 1984-05-15 | 1987-03-31 | International Business Machines Corporation | On-line problem-determination procedure for diagnosis of faults in a data-processing system |
US4817080A (en) | 1987-02-24 | 1989-03-28 | Digital Equipment Corporation | Distributed local-area-network monitoring system |
US5123017A (en) | 1989-09-29 | 1992-06-16 | The United States Of America As Represented By The Administrator Of The National Aeronautics And Space Administration | Remote maintenance monitoring system |
US5159685A (en) | 1989-12-06 | 1992-10-27 | Racal Data Communications Inc. | Expert system for communications network |
US5319776A (en) | 1990-04-19 | 1994-06-07 | Hilgraeve Corporation | In transit detection of computer virus with safeguard |
US5072370A (en) | 1990-05-08 | 1991-12-10 | International Business Machines Corporation | System and method for monitoring electronic data processing equipment |
US5475625A (en) | 1991-01-16 | 1995-12-12 | Siemens Nixdorf Informationssysteme Aktiengesellschaft | Method and arrangement for monitoring computer manipulations |
AU660661B2 (en) | 1991-02-05 | 1995-07-06 | Storage Technology Corporation | Knowledge based machine initiated maintenance system |
EP0570513B1 (en) | 1991-02-05 | 1999-04-21 | Storage Technology Corporation | Maintenance apparatus and method initiated by a hierarchical distributed knowledge based machine |
DE69225822T2 (en) | 1991-03-12 | 1998-10-08 | Hewlett Packard Co | Diagnostic method of data communication networks based on hypotheses and conclusions |
US5544308A (en) | 1994-08-02 | 1996-08-06 | Giordano Automation Corp. | Method for automating the development and execution of diagnostic reasoning software in products and processes |
US5491791A (en) | 1995-01-13 | 1996-02-13 | International Business Machines Corporation | System and method for remote workstation monitoring within a distributed computing environment |
US5958008A (en) | 1996-10-15 | 1999-09-28 | Mercury Interactive Corporation | Software system and associated methods for scanning and mapping dynamically-generated web documents |
IT1288763B1 (en) | 1996-10-17 | 1998-09-24 | Umberto Sardo | APPARATUS WITH RETRACING OPTICAL CIRCUIT FOR THE MEASUREMENT OF PHYSICAL QUANTITIES INSENSIBLE TO ENVIRONMENTAL DISTURBANCES |
US5960170A (en) | 1997-03-18 | 1999-09-28 | Trend Micro, Inc. | Event triggered iterative virus detection |
US6530022B1 (en) | 1998-12-17 | 2003-03-04 | International Business Machines Corporation | Permission-based scanning of a web site |
US6535227B1 (en) * | 2000-02-08 | 2003-03-18 | Harris Corporation | System and method for assessing the security posture of a network and having a graphical user interface |
US6868292B2 (en) * | 2000-09-14 | 2005-03-15 | The Directv Group, Inc. | Device control via digitally stored program content |
EP1407356B1 (en) * | 2001-07-03 | 2016-09-07 | Accenture Global Services Limited | Broadband communications |
US7243148B2 (en) * | 2002-01-15 | 2007-07-10 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US7257630B2 (en) * | 2002-01-15 | 2007-08-14 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US20040163126A1 (en) * | 2003-01-31 | 2004-08-19 | Qwest Communications International Inc. | Methods and apparatus for delivering a computer data stream to a video appliance with a network interface device |
US20040197082A1 (en) * | 2003-04-04 | 2004-10-07 | Lg Electronics Inc. | Broadcasting program reservation recording system using PDA and method thereof |
US7409719B2 (en) * | 2004-12-21 | 2008-08-05 | Microsoft Corporation | Computer security management, such as in a virtual machine or hardened operating system |
US20070198718A1 (en) * | 2006-01-27 | 2007-08-23 | Sbc Knowledge Ventures, L.P. | System and method for providing virtual access, storage and management services for IP devices via digital subscriber lines |
-
2006
- 2006-03-21 US US11/385,609 patent/US8387138B2/en not_active Expired - Fee Related
-
2007
- 2007-03-21 WO PCT/US2007/064495 patent/WO2007109711A2/en active Application Filing
-
2013
- 2013-02-25 US US13/776,429 patent/US8601582B2/en not_active Expired - Fee Related
- 2013-10-29 US US14/066,380 patent/US9197659B2/en active Active
-
2015
- 2015-11-10 US US14/937,665 patent/US10044743B2/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6976163B1 (en) * | 2000-07-12 | 2005-12-13 | International Business Machines Corporation | Methods, systems and computer program products for rule based firmware updates utilizing certificate extensions and certificates for use therein |
US20060085852A1 (en) * | 2004-10-20 | 2006-04-20 | Caleb Sima | Enterprise assessment management |
Also Published As
Publication number | Publication date |
---|---|
US20070226794A1 (en) | 2007-09-27 |
US20160080409A1 (en) | 2016-03-17 |
US20130239218A1 (en) | 2013-09-12 |
US8387138B2 (en) | 2013-02-26 |
US10044743B2 (en) | 2018-08-07 |
WO2007109711A2 (en) | 2007-09-27 |
US9197659B2 (en) | 2015-11-24 |
US8601582B2 (en) | 2013-12-03 |
US20140109229A1 (en) | 2014-04-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2007109711A3 (en) | Security scanning system and method | |
WO2008073618A3 (en) | Instant on platform | |
WO2007092881A3 (en) | System and method for controlling provision of content over a television network | |
WO2008024501A3 (en) | System and method for mobile device application management | |
WO2006044135A3 (en) | Enterprise assessment management | |
WO2009040673A3 (en) | System and method for providing real time targeted rating to enable content placement for video audiences | |
WO2008008863A3 (en) | System, method and apparatus for troubleshooting an ip network | |
WO2005094270A3 (en) | Methods and systems for a/v input device to diplay networking | |
WO2008019193A3 (en) | Method and apparatus for monitoring and synchronizing user interface events with network data | |
WO2005094168A3 (en) | Method and system for device group management using virtual device domains | |
WO2007103449A3 (en) | System and method for generating a unified accounting record for a communication session | |
WO2006078729A3 (en) | Network appliance for vulnerability assessment auditing over multiple networks | |
WO2008138747A3 (en) | Method and device for data processing and communication system comprising such device | |
WO2008043109A3 (en) | System and method of reporting and visualizing malware on mobile networks | |
WO2007123882A3 (en) | System and method for controlling content and delivery of internet protocol television (ptv) services | |
WO2007111697A3 (en) | Channel changes between services with differing bandwidth in a switched digital video system | |
WO2007050590A3 (en) | Media content delivery audit and verification services | |
WO2006022917A3 (en) | A system, method, service method, and program product for managing entitlement with identity and privacy applications for electronic commerce | |
EP1550310A4 (en) | Method and system for emulating an http server through a broadcast carousel | |
WO2008045370A3 (en) | Method, system and apparatus for a dual mode mobile device | |
WO2002084489A3 (en) | An apparatus and method for accessing a mass storage device in a fault-tolerant server | |
WO2004010258A3 (en) | System and method for validating security access across a network layer and a local file layer | |
WO2008022339A3 (en) | Method of data collection in a distributed network | |
WO2008039741A3 (en) | System and method for project process and workflow optimization | |
WO2004051505A3 (en) | Web service agent |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07758991 Country of ref document: EP Kind code of ref document: A2 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 07758991 Country of ref document: EP Kind code of ref document: A2 |