Jason M Dillon

Address:

2846 Shadow Roll Ct, Glenwood, MD 21738

VIN:

1GCEK19Z07Z163230

Make:

Chevrolet

Model:

Silverado 1500 Classic

Year:

2007

US Patent:

20210056209, Feb 25, 2021

Filed:

Aug 22, 2019

Appl. No.:

16/548363

Inventors:

- Fulton MD, US
Bruce MAYHEW - Fulton MD, US
Jason DILLON - Fulton MD, US
Gazi MAHMUD - Berkeley CA, US

International Classification:

G06F 21/57
G06F 21/54
G06F 21/56
G06F 8/71

Abstract:

A computer system for security of components includes at least one processor. For a new version of a component, the processor determines, based on a dataset of release events over time, a historical behavioral analysis of (i) a project that is released with prior versions of the component, and/or (ii) historical committer behavior of a committer that committed the new version of the component, and/or (iii) historical behavior of a publisher of the project. The dataset of release events includes event data collected over time regarding open source project, committers, and repository. The processor determines whether the new version of the component presents an unusual risk profile, based on the historical behavioral analysis. The processor facilitates delayed consumption of the new version of the component in response to determining that the new version of the component presents the unusual risk profile.

US Patent:

20170147338, May 25, 2017

Filed:

Nov 25, 2015

Appl. No.:

14/951923

Inventors:

- Fulton MD, US
Michael HANSEN - Potomac Falls VA, US
Brian FOX - Goffstown NH, US
Jaime WHITEHOUSE - Guelph, CA
Jason DILLON - San Jose CA, US

International Classification:

G06F 9/44

Abstract:

A computer system, method, or computer-readable medium controls a potentially unacceptable software component intended for a software repository. A pre-defined application or repository policy associated with the repository or application pre-defines risks and, for each of the risks, an action to take for the risk. The action can be a pass action or a does-not-pass action, which are pre-defined programmatic steps also defined in the policy. When the component is not new to the repository or the application, the component is passed through for the usual handling. When the component is new, risks are determined that match the software component; for risks which match, the actions are taken as defined in the pre-defined policy. The pass action can include adding the software component to the software repository. The does-not-pass action is followed for a component that does not pass as a potentially unacceptable software component.