-
公开(公告)号:US20070067847A1
公开(公告)日:2007-03-22
申请号:US11366101
申请日:2006-03-02
IPC分类号: G06F11/00
CPC分类号: H04L63/1433 , G06F21/577
摘要: Information system service-level security risk analysis systems, methods, and Graphical User Interfaces are disclosed. Assets of an information system that have relationships with a service provided by the information system are identified, and at least one security risk to the service is determined by analyzing security vulnerabilities associated with the identified assets. A consolidated representation of the service is provided, and includes an indication of the determined security risk(s) and an indication of a relationship between the service and at least one of the identified assets. The security risk indication may include indications of multiple security parameters. Security risks may be represented differently depending on whether they arise from a security vulnerability of an asset that has a relationship with the service or a security vulnerability of an asset that has a relationship with the service only through a relationship with an asset that has a relationship with the service.
摘要翻译: 公开了信息系统服务级安全风险分析系统,方法和图形用户界面。 识别与由信息系统提供的服务有关系的信息系统的资产,并且通过分析与所识别的资产相关联的安全漏洞来确定对服务的至少一个安全风险。 提供了该服务的综合表示,并且包括确定的安全风险的指示以及该服务与至少一个所识别的资产之间的关系的指示。 安全风险指示可以包括多个安全参数的指示。 安全风险可能会有所不同,具体取决于它们是否来自与服务关系的资产的安全漏洞或与服务关系的资产的安全漏洞,只能通过与具有关系的资产的关系 与服务。
-
公开(公告)号:US4673031A
公开(公告)日:1987-06-16
申请号:US547439
申请日:1983-11-01
申请人: Douglas Wiemer
发明人: Douglas Wiemer
CPC分类号: G05D23/1906 , B60H1/00885
摘要: A variable speed integrator for controlling the response time of a valve which regulates the amount of coolant flowing to a heat exchanger so as to control the temperature of the cooled substance output from the exchanger. The temperature of the cooled substance is sensed and compared to a set point temperature to determine an error temperature representing the difference between the sensed and set point temperatures. The error temperature is integrated by the variable speed integrator, the output of which is used to drive the valve into position. The control system monitors the rate of change of the sensed temperature to determine a low system gain. When the rate of temperature change indicates a low gain system, the gain of the integrator is increased to decrease the response time of the valve.
摘要翻译: 用于控制阀的响应时间的变速积分器,其调节流向热交换器的冷却剂的量,以便控制从交换器输出的冷却物质的温度。 感测冷却物质的温度并与设定点温度进行比较,以确定表示感测温度和设定温度之差的误差温度。 误差温度由可变速度积分器积分,其输出用于将阀门驱动到位置。 控制系统监测感测温度的变化率,以确定低系统增益。 当温度变化率表示低增益系统时,增加积分器的增益以减小阀的响应时间。
-
公开(公告)号:US20080300834A1
公开(公告)日:2008-12-04
申请号:US11756970
申请日:2007-06-01
申请人: Douglas Wiemer , Mohammed Riyas Valiyapalathingal , Louie Kwan , Jennifer Li , Stanley TaiHai Chow
发明人: Douglas Wiemer , Mohammed Riyas Valiyapalathingal , Louie Kwan , Jennifer Li , Stanley TaiHai Chow
CPC分类号: G06F17/504
摘要: Graph-based modeling apparatus and techniques are disclosed. Based on a model including model nodes that represent components of a modeled system, operational dependencies between model nodes, and model edges that interconnect the nodes and represent relationships between the components in the modeled system, subset computations are performed to compute subsets of the model nodes that can impact operational dependencies between other model nodes. When the model changes, a determination is made as to whether an incremental subset computation should be performed for one or more particular operational dependencies between model nodes in the changed model, and if so, an incremental subset computation is performed. Otherwise, a full subset computation or no subset computation might be performed. In this manner, model changes are considered on a case-by-case basis to determine an extent, if any, to which subsets should be re-computed.
摘要翻译: 公开了基于图形的建模装置和技术。 基于模型,包括表示建模系统的组件的模型节点,模型节点之间的操作依赖性以及互连节点并且表示建模系统中的组件之间的关系的模型边缘,执行子集计算以计算模型节点的子集 这可能会影响其他模型节点之间的操作依赖关系。 当模型改变时,确定是否应该对改变的模型中的模型节点之间的一个或多个特定操作依赖性执行增量子集计算,如果是,则执行增量子集计算。 否则,可能会执行完整子集计算或无子集计算。 以这种方式,在逐个案例的基础上考虑模型更改,以确定应重新计算哪些子集的范围(如果有的话)。
-
公开(公告)号:US20070067846A1
公开(公告)日:2007-03-22
申请号:US11366100
申请日:2006-03-02
申请人: Bradley McFarlane , Douglas Wiemer , Kevin McNamee
发明人: Bradley McFarlane , Douglas Wiemer , Kevin McNamee
IPC分类号: G06F11/00
CPC分类号: H04L63/1433 , G06F21/577
摘要: Systems and methods of associating security vulnerabilities and assets, and related Graphical User Interfaces (GUIs) and data structures, are disclosed. A definition of a security vulnerability, which includes multiple asset characteristics such as an asset platform that may be exploited via the security vulnerability and an asset platform that is affected when the exploited asset platform is exploited via the security vulnerability, is compared with definitions of one or more assets of an information system. An association between the security vulnerability and an asset is made if the definition of the asset includes a first asset characteristic of the security vulnerability definition and either the definition of the asset or the definition of another asset that has a relationship with the asset includes a second asset characteristic of the security vulnerability definition. The security vulnerability definition may also identify an asset platform that protects against the vulnerability.
摘要翻译: 披露了关联安全漏洞和资产的系统和方法以及相关的图形用户界面(GUI)和数据结构。 一个安全漏洞的定义,包括多个资产特征,例如可能通过安全漏洞利用的资产平台,以及受影响资产平台利用安全漏洞影响的资产平台,与一个定义相比较 或更多的信息系统资产。 如果资产的定义包括安全漏洞定义的特征的第一资产,资产的定义或与该资产关系的另一资产的定义包括第二种资产,就会产生安全漏洞与资产之间的关联 资产特征的安全漏洞定义。 安全漏洞定义还可以标识防范漏洞的资产平台。
-
15.发明申请公开(公告)号:US20070067845A1
公开(公告)日:2007-03-22
申请号:US11232004
申请日:2005-09-22
申请人: Douglas Wiemer , Jean-Marc Robert , Bradley McFarlane , Christophe Gustave , Stanley Chow , Jian Tang
发明人: Douglas Wiemer , Jean-Marc Robert , Bradley McFarlane , Christophe Gustave , Stanley Chow , Jian Tang
IPC分类号: G06F11/00
CPC分类号: H04L63/1433 , G06F21/577 , H04L41/0233 , H04L41/12 , H04L41/28
摘要: The invention is directed to providing threat and risk analysis for a network that has a high degree of inter-relationships and interdependencies among the assets comprising it, using a “cut set” enumeration method. The identified cut sets are used as the basis to the threat and risk analysis, since each cut set may affect the traffic between two dependent assets in the network, and thereby affect the security state of the dependent assets themselves. The affected security state may be confidentiality, integrity, availability, or other network or security relevant parameter.
摘要翻译: 本发明旨在使用“切割集”枚举方法为包括它的资产之间的高度相互关系和相互依赖性的网络提供威胁和风险分析。 识别的切割集合被用作威胁和风险分析的基础,因为每个切割集可能会影响网络中两个相关资产之间的流量,从而影响从属资产本身的安全状态。 受影响的安全状态可能是机密性,完整性,可用性或其他网络或安全相关参数。
-
-
-
-
搜索结果
15 条记录 (耗时 0.017 秒)
