Software Defect and Incident Response Tool
Background: Web server administrators need a mechanism to prevent software defects in their systems from leading to full-system compromises. They need to ensure a malicious web client cannot affect other users of the site. Currently, every person visiting a web server shares the same instance of the server (“multiplexing”) so when a breach occurs, it can affect any / all other users on the web server.
Technology Overview: This invention consists of creating a separate copy of a web server for each person / client visiting a particular web server. A copy of the server is created and kept in a separate ‘container’ (like a lightweight virtual machine or VM). Each client will interact with a separate copy of that server instead of every person sharing the same instance of the server (called “multiplexing”). The containers have enforceable boundaries, allowing each to have its own permissions, processes, and storage. In turn, this limits any breach to only one container instead of the entire web server.
Key Features/Benefits
Benefits:
- Web server copies kept in separate ‘containers’ (lightweight virtual machine or VM)
- Containers have enforceable boundaries
- Tailored permissions, processes, and storage for each container is matched to rights associated with specific person using it
- Analysts can detect when web site exceeds associated permissions
- When permissions exceeded, the container can be frozen for analysis
- Freezing one copy does not affect other users
- Freezing a copy can preserve forensics associated with the violation, simplifying debugging
- ‘Containerization’ prevents the entire web server from being compromised
- Reduces incident response time by 93-97%, saving corporations billions in aggregate (analyst time spent on web server breaches)
Applications:
- Any computer server
- Publicly facing web servers from small (department level), medium (corporate level) to large (major e-commerce sites)
- Invented tool is designed specifically for the WordPress content management system (CMS) used by over 41% of websites.