43 results about "Information technology security" patented technology

Aspects of the present invention dynamically reduce a frequency at which IT infrastructure automatically generates alerts. Historical data across a plurality of data sources in the IT infrastructure is analyzed. An opportunity to reduce the frequency at which the IT infrastructure automatically generates the alerts is identified. A new alert policy addressing the opportunity to reduce alert frequency is generated. An impact of the new alert policy on a set of predefined service level objectives (SLOs) and service level agreements (SLAs) is evaluated. The new alert policy is deployed in the IT infrastructure.

Methods, systems, and computer program products are provided herein for facilitating security in an information technology environment. Web application security vulnerabilities are discovered and addressed by means of virtual patches deployed to components of the information technology environment. An intelligent feedback loop is created to fill the void in the security of the web application when implemented in the specific information technology environment, thereby providing end-to-end security application management through dynamic, pre-emptive, and proactive security awareness and protection in the information technology environment. As new web application security vulnerabilities are discovered, the vulnerability is diagnosed and resolved to preemptively prevent exploitation of the security vulnerability.

Methods, systems, and computer program products are provided herein for facilitating security in an information technology environment. Web application security vulnerabilities are discovered and addressed by means of virtual patches deployed to components of the information technology environment. An intelligent feedback loop is created to fill the void in the security of the web application when implemented in the specific information technology environment, thereby providing end-to-end security application management through dynamic, pre-emptive, and proactive security awareness and protection in the information technology environment. As new web application security vulnerabilities are discovered, the vulnerability is diagnosed and resolved to preemptively prevent exploitation of the security vulnerability.

A method and apparatus for integrating a software application into an information technology (IT) infrastructure. An inventory is created using a Model-Driven Architecture (MDA) approach from the Object Management Group (OMG). The inventory includes information about: each component of the IT infrastructure, the software application, how each component communicates with each other component, and how the software application communicates with each component. Each element of information in the inventory has a single source and owner. The inventory is used to analyze the IT infrastructure and the software application during integrating the software application. From contents of the inventory, using the MDA approach from the OMG, artifacts that execute the integration are generated, and test programs are generated to verify that the integration is complete and correct. The inventory is progressively updated during and after the integration as more information about the IT infrastructure or the software application is developed.

In one embodiment, a process for managing information technology (IT) infrastructure of an enterprise includes: (1) capturing and storing IT infrastructure information regarding the IT infrastructure of the enterprise; (2) defining a plurality of roles within the enterprise, each role specifying a particular job function within the enterprise; (3) associating items of IT infrastructure with roles within the enterprise such that each role is associated with one or more predetermined items of IT infrastructure; (4) assigning roles to one or more employees of the enterprise such that each of the one or more employees is associated with one or more roles and is assigned the one or more predetermined items of IT infrastructure associated with each of these one or more roles; (5) automatically modeling a change in the IT infrastructure for one or more impacted employees; and (6) automatically initiating deployment of one or more IT infrastructure assets for the one or more impacted employees by organizing delivery of the one or more IT infrastructure assets to the one or more impacted employees to implement the change modeled.

The invention discloses a linear SVM model training algorithm for privacy protection based on vector homomorphic encryption and belongs to the field of information technology security. The method comprises the following steps: step 1, a user encrypts a training data set by using a vector-based homomorphic encryption scheme VHE and sends the encryption result to a server; step 2, the server calculates the encryption result, obtains a ciphertext linear kernel function matrix and returns the ciphertext linear kernel function matrix to the user; step 3, the user decrypts the ciphertext linear kernel function matrix to obtain a plaintext linear kernel function matrix and sends the plaintext linear kernel function matrix to the server; step 4, the server adopts a ciphertext SMO algorithm to train the plaintext linear kernel function matrix and returns the training result to the user.

The invention discloses a software safety function component management method based on CC (the Common Criteria for Information Technology Security Evaluation), which is used for implementing recommendation and adjustment of a safety function component based on the CC at the demand analysis stage of software engineering. The method comprises the following steps of: performing abstract analysis and induction on description of threatening information in estimation documents in various fields based on a CC system, thus establishing a threat knowledge base; recommending a corresponding safety function component set for each threat knowledge in the threat knowledge base, and establishing a corresponding relationship between each threat knowledge and safety function components based on standard semantics; and establishing a safety function component cost evaluation table according to each safety function component type, and adjusting the components according to the content of the table. Compared with the prior art, the software safety function component management method points out the safety function component recommending and adjusting method based on the CC at the software requirement analysis stage, so that the software safety problem is considered at the initial stage of the development of a software system, the possibility of a security hole is reduced, and the software safety is improved.

The invention discloses an elliptic curve cipher processor, and relates to the field of information technology security and micro-processor design. The processor is of a transport triggered architecture (TTA) structure, and the hybrid flow mechanism of the elliptic curve cipher processor comprises a transmission flow and a functional unit flow. The elliptic curve cipher processor comprises a command memory, a fetch unit, a decoding unit, a register file, a bus internetwork, a Socket and a functional unit, wherein the fetch unit fetches a command in the command memory; the command is decoded by the decoding unit; the decoded command is subjected to an error correction code (ECC) operation by selecting a corresponding functional unit through the bus internetwork; operation data required by the functional unit is acquired through the register file or the functional unit; and the functional unit is interconnected with the Socket through the bus internetwork. By utilizing the elliptic curve cipher processor, the operation speedup ratio is improved, the engineering change cycle is shortened, a software and hardware collaborative design is realized, and the problem of going against secondary development is solved.

For each of a plurality of endpoints of an information technology system having a plurality of security policies, a probability of being safe of each of said endpoints is determined according to each of said security policies. Said determining takes into account probability of security compromise for a single violation of each given one of said security policies. A risk-aware compliance metric is determined for said information technology system based on each of said probabilities of being safe for each of said endpoints and each of said policies. At least one of an operation and a remediation is carried out on said information technology system based on said risk-aware compliance metric. Techniques for optimizing risk-aware compliance are also provided.

The invention discloses a heterogeneous power utilization data publishing method based on clustering anonymization and differential privacy protection, which relates to the field of information technology security, and aims to achieve the purpose of privacy protection of heterogeneous power utilization data, convert a clustering analysis problem into a classification problem, enabling the cluster structure of the original data to be subjected to generalization anonymity mechanism and noise addition processing at the same time by using the class label, and then publish the power transaction data set satisfying the belonging-differential privacy protection, realize flexible privacy protection cluster analysis, improve the accuracy of the published data for the cluster analysis, and meanwhile, ensure the privacy and availability of various types of data, and provide reliable data for power utilization data analysis.

According to one embodiment of the present disclosure, a method of collecting and reporting exceptions associated with information technology services includes receiving exceptions associated with a service, including receiving exceptions associated with an infrastructure and exceptions associated with an application; formatting the exceptions into an exceptions list; correlating at least one of the exceptions associated with the infrastructure and at least one of the exceptions associated with the application to identify a service error condition; and storing the exceptions list and an identifier of the service error condition for presentation to a client associated with the service.

The invention discloses an authentication process of an ERP management system of a chemical enterprise, and belongs to the technical field of information technology security. The authentication process of the ERP management system of the chemical enterprise is realized mainly through three steps of user registration, user authentication and WeChat authentication. According to the method, before registration, the administrator is not directly registered like other software, but is contacted firstly, so that the administrator helps the user to register, the user can use the software quickly andconveniently, the administrator can provide technical support for the client, and interactive communication between the user and the client is achieved. According to the invention, the applet is docked in the software, so that the client of the user can pay on the system and send the applet two-dimensional code to the client after receiving the goods, the cost is saved, and the working efficiencyis improved.

Information technology / cyber security for computer-related processes in which vulnerabilities are identified and, those vulnerabilities which are technology-related are automatically remediated by determining and executing network-based tasks. The most granular level of computer-related process assessment in made possible by reliance on a critical function / process taxonomy this is automatically generated and, as such, the present invention, identifies both technology and non-technology-related vulnerabilities.