-
公开(公告)号:US20080301807A1
公开(公告)日:2008-12-04
申请号:US12177374
申请日:2008-07-22
申请人: Ellis E. Bishop , Randy S. Johnson , Linda D. Kalmes , Gary Little , Tedrick N. Northway , H. William Rinckel , Samuel R. Thennis
发明人: Ellis E. Bishop , Randy S. Johnson , Linda D. Kalmes , Gary Little , Tedrick N. Northway , H. William Rinckel , Samuel R. Thennis
IPC分类号: G06F12/14
CPC分类号: G06F21/554 , G06F2221/2105
摘要: An on-demand security service ensures isolation of the service provider's customers where the customers share resources at the system, subsystem, and storage level. The security service is provided in a pre-production phase and in a post production phase. The pre-production phase takes place prior to boarding the customer. In the pre-production phase the resources to be protected are defined in a security guide, and using the security guide, physical segregation at the facility, network, and technical and delivery support levels is planned and then implemented. In the post production phase, on going activities are proactive and reactive. Proactive activities include maintaining physical segregation by reviewing and updating the security guide, and testing physical segregation by performing security audits and penetration tests. Observations and finding of the audits and penetration tests are resolved. Reactive activities include identifying isolation failures, coordinating appropriate actions, and resolving the isolation failure. The service may be embodied in a system and in a computer implemented process comprising a security guide file (SGF), a security guide application (SGA), a security implementation application (SIA), a security validation application (SVA), and an event coordination application (ECA).
摘要翻译: 按需安全服务确保了客户在系统,子系统和存储级别共享资源的情况下隔离服务提供商的客户。 安全服务在预生产阶段和后期制作阶段提供。 预生产阶段在登记客户之前进行。 在预生产阶段,要保护的资源在安全指南中定义,并使用安全指南,计划并实施设施,网络和技术和交付支持级别的物理隔离。 在后期制作阶段,正在进行的活动是积极主动和反应性的。 主动活动包括通过审查和更新安全指南来维持物理隔离,并通过执行安全审核和渗透测试来测试物理隔离。 审计和渗透测试的观察和发现得到解决。 反应活动包括识别隔离故障,协调适当的操作以及解决隔离故障。 该服务可以体现在系统和计算机实现的过程中,该过程包括安全指南文件(SGF),安全指南应用(SGA),安全实施应用(SIA),安全验证应用(SVA)和事件 协调应用(ECA)。