Timothy L Dodd

US Patent:

6907531, Jun 14, 2005

Filed:

Jun 30, 2000

Appl. No.:

09/608282

Inventors:

Timothy D. Dodd - Tucker GA, US
Scott Mewett - Holloways Beach, AU
Curtis E. Ide - Roswell GA, US
Kevin A. Overcash - Atlanta GA, US
David A. Dennerline - Atlanta GA, US
Bobby J. Williams - Atlanta GA, US
Martin D. Sells - Canton GA, US

Assignee:

Internet Security Systems, Inc. - Atlanta GA

International Classification:

G06F011/30
G06F012/14
G06F015/16
H04L001/00
H04L009/00

US Classification:

713201, 713165, 709224

Abstract:

A method and system identifies, fixes, and updates security vulnerabilities in a host computer or host computers. The present invention can communicate between a scanner with plug-in capability, an operating system, and an express update package. The architectural set-up can allow exploits within the scanner and exploits in the express update package to function with no knowledge of each other. The user also needs no knowledge of whether the exploits are within the scanner or the express update package. Mutual authentication procedures can enable the scanner to load only legitimate express update packages, and can provide that express update packages can only be loaded into legitimate scanners.

US Patent:

7340776, Mar 4, 2008

Filed:

Jan 31, 2002

Appl. No.:

10/066367

Inventors:

Robert David Zobel - Atlanta GA, US
Timothy David Dodd - Tucker GA, US
Sharon A. Millar - Dawsonville GA, US
Christopher S. Singer - Decatur GA, US

Assignee:

International Business Machines Corporation - Armonk NY

International Classification:

G06F 12/14

US Classification:

726 24, 726 22, 726 23, 713188

Abstract:

Managing the selection and scheduling of security audits run on a computing network. The computer network is surveyed by a security audit system to determine the function and relative importance of the elements in the network. Based on function and priority, a more thorough type of security audit is selected to run against each of the network elements by the security audit system. The security audit can also be automatically scheduled based on the information gathered from the survey. Once the system runs the security audit, a vulnerability assessment can be calculated for each element in the network. The vulnerability assessment can be presented in a format that facilitates interpretation and response by someone operating the system. The vulnerability assessment can also be used to configure and schedule future security audits.

US Patent:

7712138, May 4, 2010

Filed:

Jun 21, 2007

Appl. No.:

11/821194

Inventors:

Robert David Zobel - Atlanta GA, US
Timothy David Dodd - Tucker GA, US
Sharon A. Millar - Dawsonville GA, US
Christopher S. Singer - Decatur GA, US

Assignee:

International Business Machines Corporation - Armonk NY

International Classification:

G06F 12/14

US Classification:

726 25, 726 22, 726 23, 726 24, 713188, 709224, 709225

Abstract:

Managing the selection and scheduling of security audits run on a computing network. The computer network is surveyed by a security audit system to determine the function and relative importance of the elements in the network. Based on function and priority, a more thorough type of security audit is selected to run against each of the network elements by the security audit system. The security audit can also be automatically scheduled based on the information gathered from the survey. Once the system runs the security audit, a vulnerability assessment can be calculated for each element in the network. The vulnerability assessment can be presented in a format that facilitates interpretation and response by someone operating the system. The vulnerability assessment can also be used to configure and schedule future security audits.

US Patent:

20020147803, Oct 10, 2002

Filed:

Jan 31, 2002

Appl. No.:

10/066461

Inventors:

Timothy Dodd - Tucker GA, US
Nicolas Heinrich - Nice, FR

International Classification:

G06F015/173

US Classification:

709/223000, 713/201000

Abstract:

Calculating risk based on information collected during a security audit of a computing network. The computer network is surveyed to determine the significance of elements in the network and to identify vulnerabilities associated with the elements. Using this information, the security audit system calculates a risk value for each vulnerability. The risk value is a function of the asset value, the probability that the vulnerability will be exploited, and the potential severity of damage to the network if the vulnerability is exploited. The risk value can be adjusted based on the ease with which the vulnerability can be fixed. A network element may have one or more risk values associated with it based on one or more vulnerabilities. The security audit system employs a band calculation method for summing risk values and computing a single security score for the element. The band calculation method can also be used to produce a security score for a group of elements. The band calculation method produces a more accurate score for comparing elements and groups of elements throughout a network.

US Patent:

20090241109, Sep 24, 2009

Filed:

Mar 24, 2008

Appl. No.:

12/053999

Inventors:

Marshall Thomas Vandegrift - Atlanta GA, US
Kevin Michael Skapinetz - Mableton GA, US
Timothy David Dodd - Atlanta GA, US

Assignee:

INTERNATIONAL BUSINESS MACHINES CORPORATION - Armonk NY

International Classification:

G06F 9/455

US Classification:

718 1

Abstract:

A computer implemented method, apparatus, and computer usable program code for executing a process within a virtual machine. A module is injected into an operating system for the virtual machine to form an injected module. The injected module is executed to load an agent process within an application space within the virtual machine. Execution of the agent process is initiated by the injected module.

US Patent:

20150149760, May 28, 2015

Filed:

Feb 3, 2015

Appl. No.:

14/612330

Inventors:

- Armonk NY, US
Kevin M. Skapinetz - Mableton GA, US
Timothy D. Dodd - Atlanta GA, US

International Classification:

G06F 1/24
G06F 9/44

US Classification:

713 2

Abstract:

A computer implemented method, apparatus, and computer usable program code for executing a process within a virtual machine. A module is injected into an operating system for the virtual machine to form an injected module. The injected module is executed to load an agent process within an application space within the virtual machine. Execution of the agent process is initiated by the injected module.