630 results about "Security assessment" patented technology

A scalable method, system, and apparatus for non-intrusively auditing and improving security assessments includes capturing, storing, presenting, displaying, inspecting, monitoring, and analyzing data flow in client-server security assessments and/or network/infrastructure security assessments. The invention provides interested parties with a mechanism to non-intrusively audit in real-time the vulnerability test effort, as well as review, replay, and analyze all aspects of the security assessment during and after the test. For web application assessments, the data capture includes one of the following or some combination: an intermediary with all data passing through the intermediary; a sniffer that can passively extract all data being communicated between the application and tester; and a plurality of computing modules (e.g., software, appliances, etc.) installed in the tester environment or within the application system environment (e.g., software installed on the tester's computer, or on the computer where the intermediary is running, or software installed on the application systems proxy or web server, or an appliance in either environment) for storing, processing, analyzing, reporting, and displaying the data.

A firewall system adapted for location outside the client machine, preferably in the same data processing device as the client machine but outside a virtual machine containing the client machine. Control logic of the firewall system receives incoming and outgoing connections from the network and client machine respectively. In response to a connection request initiating a connection between respective endpoints in the network and client machine, the control logic performs a security assessment comprising obtaining from at least one of the network and client machine information indicative of the security state of the endpoint therein, and allows or inhibits the connection in dependence on the result of the security assessment. The security assessment may be performed in accordance with a security policy of the system, and different security assessments may be performed for different connection requests in accordance with the security policy.

Method and System for Cyber-Security Vulnerability Detection and Compliance Measurement (CDCM) provides any entity, organization or individual with access to or possession of sensitive, confidential or secret information, defined as “protected information,” in digital format that is received, processed, stored or distributed by a computer, computer system or digital processing equipment with the capability to detect and respond to cyber security vulnerabilities and to measure compliance with cyber-security requirements as established by the Federal Security Information Management Act (FISMA) for the security of protected information and certain additional related desirable or mandatory cyber-security requirements. In one sample embodiment of the invention, the method utilizes a damage assessment function; a security assessment function; a security plan or planning function; a training management function; a response management function; a cyber-security management function; a scoring measurement function; and a review and analysis function; to establish a quantifiable and definitive numerical measurement of the relative compliance of a specific processing system, at a specific point in time, to a defined and established threshold value of performance, or compliance acceptance, and to provide, assemble and be capable of archiving the supporting parameters, status, states and analysis that is specifically associated with the numerical value which represents the specific processing system's state of compliance at the specified time and to utilize various intermediate values and parameters to manage and enhance the performance of the specific system thereby improving the systems compliance score and numerical performance measurement value.

The invention relates bridge structure safety evaluation technology by means of combining vibration measuring and structural model analysis techniques for bridge erosion evaluation and pre-warning monitoring applications. This technology can also be applied for long-term bridge structure monitoring and safety evaluation as well as judgment and evaluation of rail structure abnormality.

A method and wireless device select a set of secure network connections (230) between a wireless device (108) in a wireless communication system and a target destination system (238). A first security assessment (708) associated with each of a plurality of base station connections associated with respective each of a plurality of base stations (116) available for wireless communications with the wireless device (108) is performed. A second security assessment (716) associated with each of a plurality of subsequent network connections available between the plurality of base stations (116) and a target destination system (238) is performed. A set of base station connections from the plurality of base station connections are prioritized according to predetermined security criteria associated with the wireless device (108). A set of subsequent network connections from the plurality of subsequent network connections (230) are prioritized according to predetermined security criteria associated with the wireless device (108).

The invention provides a local area network (LAN) security evaluation method and system. Terminals in an LAN comprise a control terminal and a user terminal, and the method comprises the steps of: triggering security detection on the user terminal in the LAN; reporting security detection data corresponding to the user terminal to the control terminal by the user terminal; and generating security evaluation information of the current LAN by the control terminal according to the received security detection data. The method and system provided by the invention can be used for completely and truly feeding back the security state of an enterprise network.

Systems and methods for conducting reliable financial transactions, credit decisions, and security assessments are provided. Connectivity values may be assigned to members of a community by users, third parties, or automatically based on the frequency of interactions between members of the community. Connectivity values may represent such factors as alignment, reputation within the network community, or the degree of trust. Information about a financial transaction may be automatically published to other qualifying members of the community based on connectivity values. The other qualifying members may then be given the opportunity to participate in the same financial transaction or access the same financial application in order to initiate their own financial transaction, or to take action based on information about the financial transaction, credit decision, and/or security assessment. These transactions may also be based on virtual and/or electronic currencies.

Systems and methods for conducting more reliable financial transactions, credit decisions, and security assessments are provided. A user may assign user connectivity values to other members of the community, or connectivity values may be automatically harvested or assigned from third parties or based on the frequency of interactions between members of the community. Connectivity values may represent alignment, reputation within the network community, or the degree of trust. Information about a financial transaction initiated by a first member of the community, a credit decision, and/or a security assessment may be automatically published to other qualifying members of the community based on connectivity values. The other qualifying members may then be given the opportunity to participate in the same financial transaction or access the same financial application in order to initiate their own financial transaction, or to take action based on information about the financial transaction, credit decision, and/or security assessment.

A system and method in one embodiment includes modules for running a test script to generate a request to a target application, receiving a response from the target application, and running a detector script to inspect the response for a vulnerability. More specific embodiments include a target web site, populating a work in a queue, where the work corresponds to content in the response, and running a second test script or detector script to generate a follow-up request to the application if the vulnerability has been identified in the response. Other embodiments include extracting the work from the queue, and running a second test script corresponding to the extracted work. Other embodiments include storing an injection in an injection cache, de-registering the injection from the injection cache if it is identified in the response, and re-crawling the application, if the injection has not been de-registered from the injection cache.

A reconnaissance and assessment (RA) tool can receive base information about the network, such as basic network information and details about an entity and personnel associated with network. The RA tool can utilize the base information to perform reconnaissance procedures on the network to identify the attack surface of the network. The RA tool can perform reconnaissance on the network, itself, and on other external sources, such as third party databases, search engines, and partner networks. Once the attack surface is identified, the RA tool can automatically perform appropriate security assessments on the attack surface. Additionally, if additional information is determined about the network during the security assessments, the RA tool can perform additional reconnaissance and security assessments based on the additional information.

The invention relates to a risk assessment method suitable for an industrial control system. According to the method, modeling is performed on a target network by using a hierarchical modeling method based on the security attribute, and modeling is performed on the capacity of an attacker in the attack process by using an attack mode knowledge base; then a hierarchical attack graph is constructed according to the security model of the target network and the attacker, and the attack graph is converted into an attack tree; and then a hierarchical risk evaluation index system is constructed by using a hierarchical index analysis method, and comprehensive judgment is performed by using a layer-by-layer weighing method so that the risk assessment result of the industrial control system can be obtained. The system or equipment does not need to be offline in the analysis method, and the method is a risk assessment and management tool based on combination of qualitative and quantitative analysis of the model so that the security hidden trouble in the industrial control system can be discovered, and the security assessment level of the industrial control system can be enhanced.

The invention discloses a software running security measurement and estimation method based on a network environment, and belongs to a network information security analysis and estimation technology. The method comprises the following steps of: constructing a measurement system, namely selecting a software security estimation index; performing threat modeling, namely modeling a threat of software under the network environment; and estimating the security of the software, namely performing security estimation on the software facing the threat under the network environment according to the estimation index through a software security estimation method based on reliability, a software security estimation method based on bug and a software security estimation method based on risk. The step of constructing the measurement system also comprises a substep of selecting the completeness, the non-repudiation, the confidentiality, the authorization, the availability and the identity checkability as the software security estimation indexes. By the method, the security bug and the risk of the software can be estimated in advance, so that a function and security module of the software can be immediately adjusted, and dangerous events can be effectively controlled and prevented.

The invention discloses an environment risk source pre-warning system, comprising a data collector, a data server, a risk real-time evaluation system and a warner. The data collector is used for collecting real-time monitoring data of detection points in an environment risk source. An environment risk source information database for recording environment risk source basic information and a threshold value database for recording the threshold values corresponding to the real-time monitoring data of the detection points are installed in the data server. The risk real-time evaluation system is used for carrying out security evaluation on the environment risk source and calculating the risk degree of the environment risk source. The warner is used for carrying out selective warning according to the risk degree of the environment risk source. According to the system, the risk evaluation and pre-warning can be carried out on the environment risk source, a monitor can be helped to take countermeasures effectively and timely, and losses resulting from a risk event can be reduced to the lowest.

A system for calculating cyber-risk in a software application includes a cyber-risk calculator. The cyber-risk calculator receives a security assessment result sample having a list of security modules, each security module listing including a respective result of a security assessment of the application identifying a vulnerability and/or misconfiguration capable of being exploited and/or abused. When run in a risk calculation mode, the cyber-risk calculator determines a world partition of the application in the security assessment result sample belongs to, references a set of parameters from a parametrization database according to the world partition corresponding to the application, determines a cyber-risk exposure level for the application based upon the security assessment result sample and the set of parameters, and reports results of the cyber-risk calculation.

Systems and methods which provide a new application security assessment framework that allows auditing and testing systems to automatically perform security and compliance audits, detect technical security vulnerabilities, and illustrate the associated security risks affecting business-critical applications.

A method includes: after installation of software on a first mobile device, receiving new data from a second mobile device; analyzing, using a data repository, the new data to provide a security assessment; determining, based on the security assessment, a new security threat associated with the software; and in response to determining the new security threat, causing the first mobile device to implement a quarantine of the software.

The invention relates to an AADL (architecture analysis and design language) model extension based software system security verification and assessment method, which is provided in order to overcome defect of difficulty in direct processing of system models, high computation cost and high redundancy in computation in existing AADL model based verification and assessment. The method includes: establishing relationship between risk factors and an AADL architecture model to form a mechanism generating model; extracting model elements, generating a time state fault tree, a hardware software impactanalysis tree and a common cause time-dependent analysis tree according to the model elements, and backstepping a risk generation route according to the tree structure from bottom to top; setting physical resource properties and capacity of each physical device; calculating the failure probability of each physical device according to labeled risk factor probability of each physical device; converting an AADL security model into a timed automata; calling a formal verification tool UPPAAL for analysis and verification of the timed automata. The method is applicable to security assessment of software and hardware systems.

The invention discloses a risk assessment algorithm for an information system. According to the GB/T20984-2007 standard, a correlation between the assessment factors of assets, the assessment factors of vulnerability and the assessment factors of threats of the information system is established, a safety assessment indicator system is achieved, and 24 pairs of risk relations are achieved. The 24 pairs of achieved risk relations are substituted into a formula (1), an asset comprehensive value A is obtained through calculation. According to asset comprehensive value A and a vulnerability value V, the comprehensive value F of the loss caused by security events is worked out. According to the vulnerability value V and a threat value T, a security event possibility comprehensive value L is worked out. The comprehensive value F of the loss caused by the security events and the security event possibility comprehensive value L are substituted into a formula (2), and then a risk comprehensive value R is worked out and obtained. The risk assessment algorithm for the information system can eliminate the influence caused by the facts that assessment factor selection is unreasonable and risk correlation analysis cannot objectively reflect the system state, and improve the objectivity and the accuracy of risk assessment.

The invention relates to a verification method and system for safety of expected functions of an autonomous vehicle, and the method comprises the steps of determining a dangerous event and a trigger event based on a system framework of a target vehicle; assessing and screening dangerous events; determining the acceptance degree of the trigger event; and verifying whether the trigger event satisfies the preset acceptance degree. The system comprises a first platform which is used for identifying a dangerous event of the autonomous vehicle and exporting a corresponding trigger event and a trigger event probability, and a second platform which is used for exporting a dangerous event of the autonomous vehicle, determining the ASIL level of the dangerous event and determining a corresponding trigger event tolerance or error rate target according to the ASIL level and the corresponding trigger event probability; a third platform which is used for reproducing the trigger event, testing the autonomous vehicle and verifying whether the trigger event reaches a set target or not. According to the present invention, the requirement for expected function safety assessment in the function development of the autonomous vehicle is met; the quantitative and verifiable evaluation requirements are provided, and the operability is high.

A system for appending security information to search engine results, including a search engine for locating, in a computer network, web pages that include at least one designated search term, for issuing a security analysis request to a content security scanner to assess at least one designated web page for potential security risks, and for preparing a search results summary that includes links to the located web pages and security assessments for the located web pages, a client computer communicatively coupled with the search engine for issuing a search request with at least one user designated search term, to the search engine, and for receiving the search results summary from the search engine, and a content security scanner communicatively coupled with the search engine for assessing security of content in at least one designated web page. A method and computer-readable storage media are also described and claimed.

The invention discloses a method for simplifying a rail transit train operation control system, and belongs to the technical field of rail transit control. The method particularly includes 1), improving a process for designing a universal safety computer platform; 2), simplifying vehicular application or ground application of the rail transit train operation control system. The method has the advantages that the designed universal safety computer platform is implemented on the basis of hardware/software difference design principles and hierarchical diagnosis principles, and functions for simultaneously implementing a plurality of application control logics are supported in the aspect of software on the basis of double-determinacy principles; a plurality of traditional rail transit operation control logic processing functions can be simultaneously supported by a logic processing layer of the universal safety computer platform designed by the process, so that the quantity of equipment of the traditional rail transit train operation control system can be reduced, and the reliability of the operation control system can be improved; the universal safety computer platform designed by the process can be migrated to rail transit train operation control systems with different requirements, so that development and safety assessment workload can be reduced, and the development and safety assessment cost can be lowered.