US2012185390A1PendingUtilityA1

Method and system for providing wireless vulnerability management for local area computer networks

46
Assignee: PALNITKAR SAMIRPriority: Nov 6, 2007Filed: Aug 18, 2011Published: Jul 19, 2012
Est. expiryNov 6, 2027(~1.3 yrs left)· nominal 20-yr term from priority
H04W 12/10H04L 63/1433G06Q 20/40H04L 63/08G06Q 20/145G06Q 20/10G06Q 30/0283H04W 12/069H04W 12/126H04W 12/122
46
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A Software-as-a-Service (SaaS) based method for providing wireless vulnerability management for local area computer networks. The method includes providing a security server being hosted by a service provider entity to provide analysis of data associated with wireless vulnerability management for a plurality of local area computer networks of a plurality of customer entities, respectively. The method includes creating a workspace for wireless vulnerability management for a customer entity on the security server and receiving configuration information associated with the workspace. The method also includes supplying one or more sniffers to the customer entity. The method includes receiving at the security server information associated with wireless activity monitored by the one or more sniffers at premises of the customer entity and processing the received information within the workspace for the customer entity using the security server. The method includes metering usage of the workspace for wireless vulnerability management for the customer entity.

Claims

exact text as granted — not AI-modified
1 . A Software-as-a-Service (SaaS) based method for providing wireless vulnerability management for local area computer networks, the method comprising:
 providing a security server, the security server being hosted by a service provider entity, the security server being coupled to the Internet, the security server being adapted to provide analysis of data associated with wireless vulnerability management for a plurality of local area computer networks of a plurality of customer entities, respectively;   creating a workspace for wireless vulnerability management for a first customer entity on the security server, the creating the workspace being responsive to a request from the first customer entity to subscribe to wireless vulnerability management;   receiving configuration information associated with the workspace for the first customer entity at the security server;   supplying one or more sniffers to the first customer entity;   receiving connection requests at the security server over the Internet from the one or more sniffers, respectively, subsequent to the one or more sniffers being deployed at premises of the first customer entity;   associating identities of the one or more sniffers with the workspace for the first customer entity at the security server;   receiving at the security server information associated with wireless activity monitored by the one or more sniffers at the premises of the first customer entity, the receiving being receiving over the Internet;   processing the received information associated with the wireless activity within the workspace for the first customer entity using the security server; and   metering usage of the workspace for wireless vulnerability management for the first customer entity.   
     
     
         2 . The method of  claim 1  wherein the service provider entity and the first customer entity being business entities separate from one another. 
     
     
         3 . The method of  claim 1  wherein the metering the usage of the workspace for the first customer entity comprising:
 tracking usage of the one or more sniffers at the premises of the first customer entity for the monitoring of the wireless activity; and 
 charging the first customer entity periodically based at least upon the usage of the one or more sniffers. 
 
     
     
         4 . The method of  claim 1  wherein the metering the usage of the workspace for the first customer entity comprising:
 tracking vulnerabilities detected during a selected period; and 
 charging the first customer entity based at least upon the vulnerabilities detected during the selected period. 
 
     
     
         5 . The method of  claim 1 , and further comprising receiving a selection of one or more modules associated with the workspace for the first customer entity at the security server. 
     
     
         6 . The method of  claim 5  wherein the metering the usage of the workspace for the first customer entity comprising charging the first customer entity based at least upon the selection of the one or more modules. 
     
     
         7 . The method of  claim 5  wherein the one or more modules comprise at least one module selected from the group consisting of scanning module, threat assessment module, remediation module, location tracking module, reporting module, RF visualization module, and managed services module. 
     
     
         8 . The method of  claim 5  wherein the receiving the selection of the one or more modules associated with the workspace for the first customer entity at the security server comprising:
 receiving a request to initiate logging into the workspace for the first customer entity from a computer, the request being initiated over the Internet; 
 transferring information associated with a listing of modules comprising the one or more modules to the computer over the Internet; and 
 receiving the selection of the one or more modules at the security server over the Internet, the selection being inputted by a person operating the computer using the listing of the modules. 
 
     
     
         9 . The method of  claim 5  wherein the processing the received information associated with the wireless activity within the workspace for the first customer entity using the security server comprising:
 authenticating the received information using a digital secret shared between the security server and the first customer entity; 
 accessing the configuration information associated with the workspace for the first customer entity; 
 accessing the module selection information associated with the workspace for the first customer entity; 
 processing the received information based at least upon the configuration information and the module selection information to generate a result information; and 
 triggering one or more actions based at least upon the result information. 
 
     
     
         10 . The method of  claim 1  wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising receiving identity information associated with one or more authorized wireless devices within the local area network of the first customer entity. 
     
     
         11 . The method of  claim 1  wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising:
 receiving information associated with a hierarchy of physical locations within the premises of the first customer entity; and 
 receiving information related to association between the one or more sniffers and the physical locations, respectively. 
 
     
     
         12 . The method of  claim 1  wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising receiving information associated with notification of one or more wireless vulnerabilities to the first customer entity. 
     
     
         13 . The method of  claim 1  wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising receiving information associated with a selection of one or more reports, the one or more reports to be generated based upon the information associated with the monitored wireless activity received at the security server. 
     
     
         14 . The method of  claim 1  wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising:
 receiving a request to initiate logging into the workspace of the first customer entity from a computer, the request being initiated over the Internet; 
 transferring information associated with one or more configuration screens to the computer over the Internet; 
 displaying the one or more configuration screens on the computer; and 
 receiving the configuration information at the security server over the Internet, the configuration information being inputted by a person operating the computer using the one or more configuration screens displayed on the computer. 
 
     
     
         15 . The method of  claim 1  wherein a username, a password, and an administrative privilege being associated with the workspace for the first customer entity on the security server, the administrative privilege being a configuration modification privilege, a viewing privilege, or a module selection privilege. 
     
     
         16 . The method of  claim 1  wherein the information associated with the wireless activity monitored by the one or more sniffers at the premises of the first customer entity including identities of one or more wirelessly active access points and one or more wirelessly active clients within and/or in a vicinity of the premises of the first customer entity. 
     
     
         17 . The method of  claim 1  wherein the information associated with the wireless activity monitored by the one or more sniffers at the premises of the first customer entity including information associated with wireless connections among a plurality of wireless devices within and/or in a vicinity of the premises of the first customer entity. 
     
     
         18 . The method of  claim 1  wherein the information associated with the wireless activity monitored by the one or more sniffers at the premises of the first customer entity including information associated with radio signal strength parameters associated with the wireless activity. 
     
     
         19 . A server computer device adapted to provide wireless vulnerability management as Software-as-a-Service (SaaS) for a plurality of private computer networks of a plurality of customer entities, respectively, the server computer comprising:
 a memory unit storing computer executable instructions;   a processor unit for executing the computer executable instructions; and   a communication interface for coupling the server computer device to a computer network;   wherein the computer executable instructions are adapted to perform the steps of:
 receiving information associated with wireless activity using the communication interface from a plurality of sets of sniffers over the Internet, the plurality of sets of sniffers being positioned within premises of the plurality of customer entities, respectively; 
 maintaining a plurality of workspaces for wireless vulnerability management within the memory unit for the plurality of customer entities, respectively; 
 identifying a plurality of portions of the received information that are associated with the plurality of customer entities, respectively; and 
 processing the plurality of portions using the processor unit in accordance with the plurality of workspaces, respectively. 
   
     
     
         20 . A Software-as-a-Service (SaaS) based method for availing wireless vulnerability management for local area computer network, the method comprising:
 generating a request for wireless vulnerability management for a local area network of a first customer entity;   receiving login information associated with a workspace for the first customer entity, the workspace being created on a security server and being for wireless vulnerability management for the local area network of the first customer entity, the security server being hosted by a service provider entity, the security server being coupled to the Internet, the security server being adapted to provide analysis of data associated with wireless vulnerability management for a plurality of local area computer networks of a plurality of customer entities, respectively;   providing configuration information associated with the workspace for the first customer entity to the security server;   receiving one or more sniffers at premises of the first customer entity;   connecting the one or more sniffers to the local area network of the first customer entity;   generating connection requests to the security server over the Internet from the one or more sniffers, respectively, subsequent to the one or more sniffers being connected to the local area network of the first customer entity;   transferring identity information from the one or more sniffers to the security server, the identity information being used to associate the one or more sniffers with the workspace for the first customer entity;   sending to the security server information associated with wireless activity monitored by the one or more sniffers at the premises of the first customer entity, the sending being sending over the Internet;   receiving results from processing of the sent information associated with the wireless activity, the processing being using the security server and being performed within the workspace for the first customer entity; and   generating payment authorization based at least upon usage of the workspace for the first customer entity.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.