Processing

Please wait...

Settings

Settings

Goto Application

1. WO2010087838 - MANAGING SECURITY IN A NETWORK

Publication Number WO/2010/087838
Publication Date 05.08.2010
International Application No. PCT/US2009/032501
International Filing Date 29.01.2009
IPC
G06F 21/00 2006.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
H04L 9/32 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Arrangements for secret or secure communication
32including means for verifying the identity or authority of a user of the system
G06F 15/16 2006.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
15Digital computers in general; Data processing equipment in general
16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
G06F 17/00 2006.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
17Digital computing or data processing equipment or methods, specially adapted for specific functions
CPC
G06F 21/554
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
554involving event detection and direct action
G06F 21/56
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
56Computer malware detection or handling, e.g. anti-virus arrangements
H04L 2463/146
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
2463Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
146Tracing the source of attacks
H04L 63/102
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
10for controlling access to network resources
102Entity profiles
H04L 63/107
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
10for controlling access to network resources
107wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
H04L 63/1416
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
1408by monitoring network traffic
1416Event detection, e.g. attack signature detection
Applicants
  • HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. [US]/[US] (AllExceptUS)
  • BALLESTEROS, Rebecca M. [US]/[US] (UsOnly)
  • KRELL, Sherry [US]/[US] (UsOnly)
  • COWHAM, Adrian [US]/[US] (UsOnly)
  • GREEN, John M. [US]/[US] (UsOnly)
  • YALAKANTI, Ramachandra [IN]/[US] (UsOnly)
Inventors
  • BALLESTEROS, Rebecca M.
  • KRELL, Sherry
  • COWHAM, Adrian
  • GREEN, John M.
  • YALAKANTI, Ramachandra
Agents
  • LEE, Denise A.
Priority Data
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) MANAGING SECURITY IN A NETWORK
(FR) GESTION DE SÉCURITÉ DANS UN RÉSEAU
Abstract
(EN)
A method (300) of managing security in a network is described. A data anomaly at a first location on a network is detected (305). A source of this data anomaly is identified (310). The source is compared with a plurality of access control policies, wherein each of the plurality of access control policies comprises at least one access restriction instruction associated with one or more sources (315). Based on the comparing, the source is associated with a corresponding one of the plurality of access control policies (320).
(FR)
L'invention porte sur un procédé [300] de gestion de sécurité dans un réseau. Une anomalie de données à un premier emplacement sur un réseau est détectée [305]. Une source de cette anomalie de données est identifiée [310]. La source est comparée à une pluralité de politiques de contrôle d'accès, chacune de la pluralité de politiques de contrôle d'accès comprenant au moins une instruction de restriction d'accès associée à une ou plusieurs sources [315]. Sur la base de la comparaison, la source est associée à une politique correspondante parmi la pluralité de politiques de contrôle d'accès [320].
Also published as
Latest bibliographic data on file with the International Bureau