公开(公告)号：US20140245449A1

公开(公告)日：2014-08-28

申请号：US14094492

申请日：2013-12-02

申请人： William Shane Powell ,  Thomas L. Chen

发明人： William Shane Powell ,  Thomas L. Chen

IPC分类号： H04L29/06

CPC分类号： H04L63/1433 ,  G06F21/552 ,  G06F21/577

摘要： According to certain embodiments, a cyber threat analysis system generates a network model of a network infrastructure that is used by an organization, assigns a weighting value to each of a plurality of network elements of the network infrastructure according to a relative importance of the each network element to the organization, and generates an attack vector according to a determined vulnerability of the network infrastructure. The attack vector represents one or more illicit actions that may be performed to compromise the network infrastructure. The system may simulate, using a network modeling tool, the attack vector on the network model to determine one or more resulting ramifications of one or more of the plurality of network elements due to the attack vector, and determine a criticality level of the attack vector according to the weighting value of the one or more network elements.

摘要翻译： 根据某些实施例，网络威胁分析系统生成由组织使用的网络基础设施的网络模型，根据每个网络的相对重要性为网络基础设施的多个网络元素中的每一个分配加权值 元素，并根据确定的网络基础设施的脆弱性生成攻击向量。 攻击向量表示可能被执行以破坏网络基础设施的一个或多个非法动作。 系统可以使用网络建模工具来模拟网络模型上的攻击向量，以确定由于攻击向量而导致的多个网络元素中的一个或多个的一个或多个结果的后果，并且确定攻击向量的临界水平 根据所述一个或多个网络元件的权重值。

公开(公告)号：US20110162058A1

公开(公告)日：2011-06-30

申请号：US12650844

申请日：2009-12-31

申请人： William Shane Powell ,  Averett Wade Nelson Thompson ,  Samuel Jeffrey Biller

发明人： William Shane Powell ,  Averett Wade Nelson Thompson ,  Samuel Jeffrey Biller

IPC分类号： H04L9/32 ,  G06F21/00

CPC分类号： G06F21/41 ,  G06F2221/2111

摘要： According to one embodiment, a system for enforcing physical access control and logical access control may include a physical access control system, a logical access control system, a location detection system, and a convergence system. The convergence system may be communicatively coupled to the physical access control system, the logical access control system, and the location detection system and configured to: (i) receive information from the physical access control system regarding a physical access credential; (ii) receive information from the logical access control system regarding a logical access credential; (iii) receive information from the location detection system regarding a location of a location detection tag; and (iv) based on analysis of information regarding the physical access credential, information regarding the logical access credential, and the information regarding the location of the location detection tag, determine the approximate location of a person.

摘要翻译： 根据一个实施例，用于实施物理访问控制和逻辑访问控制的系统可以包括物理访问控制系统，逻辑访问控制系统，位置检测系统和收敛系统。 收敛系统可以通信地耦合到物理访问控制系统，逻辑访问控制系统和位置检测系统，并且被配置为：（i）从物理访问控制系统接收关于物理访问凭证的信息; （ii）从逻辑访问控制系统接收关于逻辑访问凭证的信息; （iii）从所述位置检测系统接收关于位置检测标签的位置的信息; 和（iv）基于关于物理访问凭证的信息的分析，关于逻辑访问凭证的信息以及关于位置检测标签的位置的信息，确定人的大致位置。

公开(公告)号：US20110162064A1

公开(公告)日：2011-06-30

申请号：US12650866

申请日：2009-12-31

申请人： William Shane Powell ,  Averett Wade Nelson Thompson ,  Samuel Jeffrey Biller

发明人： William Shane Powell ,  Averett Wade Nelson Thompson ,  Samuel Jeffrey Biller

IPC分类号： G06F21/00

CPC分类号： G06F21/34 ,  G07C9/00103

摘要： A method for enforcing physical access control and logical access control may include: (i) controlling access of a person to a physical location based on a physical access credential associated with the person provided to a physical access control system; (ii) controlling access of the person to an information system and an enterprise service based on a logical access credential associated with the person provided to a logical access control system; (iii) receiving information from the physical access control system regarding the physical access credential; (iv) receiving information from the logical access control system regarding the logical access credential; (v) determining an approximate location of the person based on the physical access credential and the logical access credential; and (vi) blocking unauthorized access between the physical access control system and the logical access control system by a first firewall.

摘要翻译： 用于实施物理访问控制和逻辑访问控制的方法可以包括：（i）基于与提供给物理访问控制系统的人员相关联的物理访问证书来控制个人访问物理位置​​的访问; （ii）基于与提供给逻辑访问控制系统的人员相关联的逻辑访问凭证来控制该人访问信息系统和企业服务的访问; （iii）从物理访问控制系统接收关于物理访问凭证的信息; （iv）从逻辑访问控制系统接收关于逻辑访问凭证的信息; （v）基于所述物理访问凭证和所述逻辑访问凭证来确定所述人的大致位置; 以及（vi）通过第一防火墙阻止物理访问控制系统与逻辑访问控制系统之间的未授权访问。