Search
  • Within this site
AsiaIPEX is a one-stop-shop for players in the IP industry, facilitating IP trade and connection to the IP world. Whether you are a patent owner interested in selling your IP, or a manufacturer looking to buy technologies to upgrade your operation, you will find the portal a useful resource.
Back to search results

Integrated Enterprise Security Management


Summary

Lead Inventors: Angelos D. Keromytis, Ph.D.Problem or Unmet Need:Current network security generally depends on a firewall to protect an internal network from the internet, coupled to user/password style security for each network service. A major problem within this framework is the independence of authentication: network services (e.g. database, web and file servers) perform authentication without consultation with each other or an overarching security broker. This leads to difficulty in identifying and controlling security threats from compromised intranet computers or external threats coming from distributed computers. This technology provides a method to implement global, dynamic security policies across network services. The software is based on an event model, where network events are identified by sensor software, which informs a global security manager. The global policy broker determines the course of action, which is carried out by actuator software. This general architecture is broadly applicable to current networks, since only the sensor must be specialized for a particular network service. In more detail, the technology was developed in a event-listener model with the following components: Sensors -- software attached to network services which monitor activity and fire events under certain circumstances; Events -- announcements from sensors to a listener, which indicate network activity of interest has occurred; Policy Engine -- a central listener for a broad variety of events, which is able to make policy decisions for each network service and request for service; Actuators -- software which implements policy decisions, for example turning on logging of requests or blocking services . With the focus on global security, this technology will protect networks which are currently venerable to internal, distributed or extremely slow attacks.


Technology Benefits

Dynamic management of security Communication between services


Technology Application

Enterprise network security Individual computers security


Detailed Technology Description

This technology provides a method to implement global, dynamic security policies across network services. The software is based on an event model, where network events are identified by sensor software, which informs a global security manager. ...


Country/Region

USA

For more information, please click Here
Business of IP Asia Forum
Desktop View