Unlock instant, AI-driven research and patent intelligence for your innovation.

Information system service-level security risk analysis

一种安全风险、风险分析的技术,应用在传输系统、数字传输系统、计算机安全装置等方向,能够解决信息丢失等问题

Inactive Publication Date: 2007-07-11
ALCATEL LUCENT SAS
View PDF4 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Therefore, important aspects of information may be lost as information is aggregated to the service level

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Information system service-level security risk analysis
  • Information system service-level security risk analysis
  • Information system service-level security risk analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] As briefly described above, currently available security assessment and management tools do not prescribe a complete and comprehensive security assessment, especially for complex information systems such as communication networks.

[0056] For example, four system classifications are considered to provide partial solutions for security and vulnerability management in network infrastructure. These categories include network vulnerability scanners, intrusion detection / prevention systems, security event / information systems, and exposure risk management systems.

[0057] Of these classifications, the Exposure Risk Management System classification includes the broadest range of tools. A risk management system might provide, for example, a network view that includes scanner data and vulnerability data one after the other for network elements, such as firewalls and routers, servers or other hosts. Typically, each unit is scanned or assessed individually to determine its vulne...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Information system service-level security risk analysis systems, methods, and Graphical User Interfaces are disclosed. Assets of an information system that have relationships with a service provided by the information system are identified, and at least one security risk to the service is determined by analyzing security vulnerabilities associated with the identified assets. A consolidated representation of the service is provided, and includes an indication of the determined security risk(s) and an indication of a relationship between the service and at least one of the identified assets. The security risk indication may include indications of multiple security parameters. Security risks may be represented differently depending on whether they arise from a security vulnerability of an asset that has a relationship with the service or a security vulnerability of an asset that has a relationship with the service only through a relationship with an asset that has a relationship with the service.

Description

[0001] Cross References to Related Applications [0002] This application is related to the following patent applications: U.S. Patent Application No. 11 / 131,598, filed May 18, 2005, entitled "SECURITYRISK ANALYSIS SYSTEMS AND METHODS"; AND METHODS"; U.S. Patent Application No. 11 / 132,118, filed September 22, 2005, entitled "APPLICATION OFCUT-SETS TO NETWORK INTERDEPENDENCY SECURITY RISKASSESSMENT"; filed March 2, 2006 U.S. Patent Application No. 11 / 366,100, entitled "SYSTEMS AND METHODS OF ASSOCIATING SECURITY VULNERABILITIES AND ASSETS"; and U.S. Patent Application No. 11 / 366,319, filed March 2, 2006, entitled "SECURITY VULNERABILITY INFORMATIONAGGREGATION." technical field [0003] The present invention relates generally to security risk analysis, and more particularly to service-level security risk analysis in information systems. Background technique [0004] In complex systems, such as telecommunications and information technology (IT) infrastructure, the potential im...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/00H04L12/24H04L29/06
CPCH04L41/0233G06F21/577H04L41/12H04L41/28H04L63/1433
Inventor D·维马尔C·古斯塔夫S·T·乔B·K·麦克法兰
Owner ALCATEL LUCENT SAS