Network security regulation conflict analysis and simplification method

A network security and conflict analysis technology, applied in the field of network security, can solve the problems of complex logical relationship between rules, difficult to manage, increase the load of security protection equipment, etc., to improve ease of use, improve robustness, and reduce the number of rule items. Effect

Inactive Publication Date: 2015-09-02
BEIJING KUANGEN NETWORK TECH
View PDF3 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Conflicts between rule items have many negative effects on user security rule management. In a system with many security rules, unnecessary rule...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security regulation conflict analysis and simplification method
  • Network security regulation conflict analysis and simplification method
  • Network security regulation conflict analysis and simplification method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] In order to make the objectives, technical solutions, and advantages of the present invention clearer, the following further describes the present invention in detail with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, but not to limit the present invention.

[0041] The present invention utilizes the logical relationship between the same attributes in the rule items to automatically analyze the conflict mode between each rule item and other rule items. At the same time automatically resolve some conflicts.

[0042] Such as figure 1 As shown, the flow of rule conflict analysis method is:

[0043] Input: User rule G=[g 1 , G 2 , G 3 ,...G m ];

[0044] Output: rule conflict list CT=[ct 1 , Ct 2 , Ct 3 ,...];

[0045] g i Is rule item i, including the source address (S i ), the destination address (D i ), rule details (R i ) And countermeasures (A i ).

[0...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention discloses a network security regulation conflict analysis and simplification method. The network security regulation conflict analysis and simplification method analyzes the relation between regulation items based on target equipment and detailed content of a safety regulation, alarms when regulation conflict occurs, and automatically deletes useless regulation items (simplifying the regulation). Compared with the traditional information network security strategy analysis, the method provided by the invention supports analysis of detailed information of deep data packets of network protocols in network security, and supports complex logic relation analysis between the safety regulation items. The user can understand the relation between complex regulation items conveniently through analysis results, and the usability of the safety regulation is improved. The regulation simplifying function of the network security regulation conflict analysis and simplification method allows the user to realize complex functions such as combination and optimization of regulations and regulation item modification conveniently.

Description

Technical field [0001] The present invention relates to the field of network security, in particular to a method for analyzing and simplifying network security rules conflict. Background technique [0002] With the popularization of network technology, network security has received more and more attention from various countries. Especially in the industrial field where automation equipment is widely used, industrial control network security has been raised to a strategic height. Data transmission between network devices through one or more network protocols, such as IEC104, Modbus, Profinet, MMS, etc. Security rules are an important way to protect network security. By deploying and implementing security rules on security protection devices, you can effectively strengthen the permissions of different devices, prevent illegal operations, and prevent information leakage. [0003] A security rule consists of a series of rule items, each rule item includes attributes and countermeasur...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
Inventor 徐林孙一桉
Owner BEIJING KUANGEN NETWORK TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap