Traitement en cours

Veuillez attendre...

Paramétrages

Paramétrages

Aller à Demande

1. WO2020205507 - PLATEFORME ADAPTATIVE DE PROTECTION ET DE RÉSILIENCE DE DONNÉES D'ENTREPRISE MULTI-COUCHES

Note: Texte fondé sur des processus automatiques de reconnaissance optique de caractères. Seule la version PDF a une valeur juridique

[ EN ]

CLAIMS

1. A system for data protection, the system comprising:

a first computing device comprising a security module; and

a storage device coupled to the first computing device,

wherein the security module comprises a Root of Trust (RoT),

wherein the security module is configured to:

establish a trust channel between the first computing device and the storage device;

establish multi-dimensional data access control by binding data access and permissions to the first computing device for users, applications, system sendees, networks, locations, and access time windows;

monitor the first computing device and the storage device; and take over control of the storage device in response to detection of a security risk to the system.

2. The system of claim 1, wherein the security module comprises at least one of a Software-based Root of Trust (SRoT) or a Hardware Root of Trust (HRoT).

3. The system of claim 1, wherein the first computing device further comprises a third-party agent configured to communicate to one or more third-party applications, which include an insider threat detection application, a data loss prevention application, a system and/or network intrusion detection application, and/or a user behavior analysis application.

4. The system of claim 1, wherein the system further comprises a second computing device, wherein the security module uses resources from the first computing device and the second computing device.

5. The system of claim 1, wherein the security module establishes the trust channel based on permissioned blockchain technology.

6. The system of claim 1, the security module autonomously takes over control of the storage device in response to detection of a security risk to the system.

7. The system of claim I, wherein the RoT prevents access to application, storage, network, and system resources on associated computing devices in response to detection of the security risk to the system

8. The system of claim 2, wherein the HRoT and SRoT work together to monitor user, system, application, storage media, and network access behaviors and activities of the system.

9. The system of claim 2, wherein the SRoT monitors the HRoT and the HRoT monitors the SRoT.

10. The system of claim 5, wherein the RoT uses a permissioned Blockchain to log transactions, securely share secrets, establish consensus, confirm system critical operations, and extend trust in the system.

11. The system of claim 1, wherein the storage device comprises one of a local data storage, external data storage, or a cloud-based storage service.

12. The system of claim 1, wherein the security risk comprises a suspicious or unauthorized data access from a remote device or from inside of the first computing device.

13. A method of data protection, comprising:

employing a first computing device comprising a security module; and employing a storage device coupled to the first computing device, wherein the security module comprises a Root of Trust (RoT),

wherein the security module performs the steps of:

establishing a trust channel between the first computing device and the storage device:

establishing multi-dimensional data access control by binding data access and permissions to the first computing device for users, applications, system services, networks, locations, and access time windows;

monitoring the first computing device and the storage device; and taking over control of the storage device in response to detection of a security risk to the system.

14. The method of claim 13, wherein the security module comprises at least one of a Software-based Root of Trust (SRoT) or a Hardware Root of Trust (HRoT).

15. The method of claim 13, wherein the first computing device further comprises a third-party agent configured to communicate to one or more third-party applications, which include an insider threat detection application, a data loss prevention application, a system and/or network intrusion detection application, and/or a user behavior analysis application.

16. The method of claim 13, wherein the system further comprises a second computing device, wherein the security module uses resources from the first computing device and the second computing device.

17. The method of claim 13, wherein the security module establishes the trust channel based on permissioned blockchain technology

18. The method of claim 13, wherein the security module autonomously takes over con trol of the storage device in response to detection of a security risk to the system.

19. The method of claim 13, wherein the RoT prevents access to application, storage, network, and system resources on associated computing devices in response to detection of the security risk to the system.

20. A system for data protection, the system comprising:

a first computing means comprising a security module: and

a storage means coupled to the first computing means.

wherein the security module comprises a Root of Trust (RoT),

wherein the security module is configured to:

establish a trust channel between the first computing means and the storage means;

establish multi-dimensional data access control by binding data access and permissions to the first computing means for users, applications, system services, networks, locations, and access time windows;

monitor the first computing means and the storage means; and

take over control of the storage means in response to detection of a security risk to the system.