-
公开(公告)号:US08572678B2
公开(公告)日:2013-10-29
申请号:US13336737
申请日:2011-12-23
申请人: Bruce Barnett , Scott Evans , Robert James Mitchell, Jr. , Thomas Markham , Stephen Dill , Vincent Hannon , John Patrick Elliott , Andrew Crapo
发明人: Bruce Barnett , Scott Evans , Robert James Mitchell, Jr. , Thomas Markham , Stephen Dill , Vincent Hannon , John Patrick Elliott , Andrew Crapo
IPC分类号: G06F21/00
CPC分类号: G06F21/6218 , G06F21/604
摘要: A system and method are provided that distill an organization's information security plan into a detailed and unambiguous security object model. The developed security object model provides a visualization of complex relationships between individual elements and levels that is usable to carry into effect the organization's information security plan. Configuration control and a verifiable level of security compliance are provided through implementation of the organization's information security plan by the developed security object model. The developed security object model is hosted on a computing platform in communication with at least the organization's network to provide information security plan compliance, configuration control and gap analysis in a usable form to the organization.
摘要翻译: 提供了一种系统和方法,将组织的信息安全计划分解成一个详细而明确的安全对象模型。 开发的安全对象模型提供了可用于实现组织信息安全计划的各个元素和级别之间的复杂关系的可视化。 通过开发的安全对象模型,通过实施组织的信息安全计划来提供配置控制和可验证的安全合规级别。 开发的安全对象模型托管在至少与组织网络通信的计算平台上,以可用形式向组织提供信息安全计划合规性,配置控制和差距分析。
-
公开(公告)号:US20130167191A1
公开(公告)日:2013-06-27
申请号:US13336737
申请日:2011-12-23
申请人: Bruce Barnett , Scott Evans , Robert James Mitchell, JR. , Thomas Markham , Stephen Dill , Vincent Hannon , John Patrick Elliott , Andrew Crapo
发明人: Bruce Barnett , Scott Evans , Robert James Mitchell, JR. , Thomas Markham , Stephen Dill , Vincent Hannon , John Patrick Elliott , Andrew Crapo
IPC分类号: G06F21/00
CPC分类号: G06F21/6218 , G06F21/604
摘要: A system and method are provided that distill an organization's information security plan into a detailed and unambiguous security object model. The developed security object model provides a visualization of complex relationships between individual elements and levels that is usable to carry into effect the organization's information security plan. Configuration control and a verifiable level of security compliance are provided through implementation of the organization's information security plan by the developed security object model. The developed security object model is hosted on a computing platform in communication with at least the organization's network to provide information security plan compliance, configuration control and gap analysis in a usable form to the organization.
摘要翻译: 提供了一种系统和方法,将组织的信息安全计划分解成一个详细而明确的安全对象模型。 开发的安全对象模型提供了可用于实现组织信息安全计划的各个元素和级别之间的复杂关系的可视化。 通过开发的安全对象模型,通过实施组织的信息安全计划来提供配置控制和可验证的安全合规级别。 开发的安全对象模型托管在至少与组织网络通信的计算平台上,以可用形式向组织提供信息安全计划合规性,配置控制和差距分析。
-
3.发明授权公开(公告)号:US08495736B2
公开(公告)日:2013-07-23
申请号:US12652298
申请日:2010-01-05
申请人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
发明人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
IPC分类号: H04L29/06
摘要: A method and apparatus that provides information assurance attributes through a data providence architecture is disclosed. The method may include receiving a message having a data provenance wrapper, examining each data provenance record of the message and any attachments for discrepancies, identifying any discrepancies in the examination of each data provenance record of the message and any attachments; calculating a degree of trust based on any discrepancies identified in the examination of each data provenance record of the message and any attachments, and outputting the degree of trust to the user.
摘要翻译: 公开了一种通过数据保护架构提供信息保证属性的方法和装置。 该方法可以包括接收具有数据来源包装器的消息,检查消息的每个数据来源记录和用于差异的任何附件,识别对消息的每个数据来源记录和任何附件的检查中的任何差异; 根据对消息和任何附件的每个数据来源记录的检查中识别的任何差异计算信任度,并向用户输出信任度。
-
4.发明授权Method and apparatus for simulating a workflow and analyzing the behavior of information assurance attributes through a data providence architecture 有权用于模拟工作流并通过数据保护架构分析信息保证属性的行为的方法和装置公开(公告)号:US08452962B2
公开(公告)日:2013-05-28
申请号:US12652266
申请日:2010-01-05
申请人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
发明人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
IPC分类号: H04L9/32
摘要: A method and apparatus that simulates a workflow and analyzes the behavior of information assurance attributes through a data providence architecture is disclosed. The method may include injecting one or more faults into a simulated workflow, receiving a message in the simulated workflow having a data provenance wrapper, examining each data provenance record of the message and any attachments for discrepancies, identifying any discrepancies in the examination of each data provenance record of the message and any attachments; calculating a degree of trust based on any discrepancies identified in the examination of each data provenance record of the message and any attachments, analyzing the calculated degree of trust with respect to the one or more injected faults and the information assurance attributes, and outputting the analysis to a user.
摘要翻译: 公开了一种模拟工作流并通过数据保护架构分析信息保证属性的行为的方法和装置。 该方法可以包括将一个或多个故障注入到模拟工作流中,在具有数据来源的包装器的模拟工作流中接收消息,检查消息的每个数据来源记录和用于差异的任何附件,识别每个数据的检查中的任何差异 消息和任何附件的出处记录; 根据在消息和任何附件的每个数据来源记录的检查中识别的任何差异来计算信任度,分析关于一个或多个注入的故障和信息保证属性的计算的信任度,并输出分析 给用户
-
5.发明授权Method and apparatus for generating a figure of merit for use in transmission of messages in a multi-level secure environment 有权用于在多级安全环境中生成用于消息传输的品质因数的方法和装置公开(公告)号:US08166122B2
公开(公告)日:2012-04-24
申请号:US12652327
申请日:2010-01-05
申请人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
发明人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
IPC分类号: G06F15/16
摘要: A method and apparatus that generate a figure of merit for use in transmission of messages in a multi-level secure environment. The method may include receiving a message having a data provenance wrapper, examining each data provenance record of the message and any attachments for discrepancies, identifying any discrepancies in the examination of each data provenance record of the message and any attachments, generating a figure of merit based on objective and subjective information, substituting the figure of merit for the data provenance information, and transmitting the figure of merit with the message across the security domain.
摘要翻译: 一种在多级安全环境中产生用于消息传输的品质因数的方法和装置。 该方法可以包括接收具有数据来源包装器的消息,检查消息的每个数据来源记录和用于差异的任何附件,识别检查消息的每个数据来源记录和任何附件的任何差异,生成品质因数 基于客观和主观信息,将品质因数替换为数据来源信息,并通过该安全域中的消息传递品质因数。
-
6.发明授权Method and apparatus for monitoring and analyzing degree of trust and information assurance attributes information in a data providence architecture workflow 有权用于监视和分析数据存在架构工作流程中的信任度和信息保证属性信息的方法和装置公开(公告)号:US08281141B2
公开(公告)日:2012-10-02
申请号:US12652356
申请日:2010-01-05
申请人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
发明人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
IPC分类号: H04L9/32
摘要: A method and apparatus that monitors and analyzes degree of trust and information assurance attributes information in a data providence architecture workflow is disclosed. The method may include receiving a message having a data provenance wrapper, examining each data provenance record of the message and any attachments for discrepancies, identifying any discrepancies in the examination of each data provenance record of the message and any attachments; calculating a degree of trust based on any discrepancies identified in the examination of each data provenance record of the message and any attachments, and presenting the degree of trust and information assurance attributes information to the user on a display.
摘要翻译: 公开了一种在数据存储架构工作流程中监视和分析信任度和信息保证属性信息的方法和装置。 该方法可以包括接收具有数据来源包装器的消息,检查消息的每个数据来源记录和用于差异的任何附件,识别对消息的每个数据来源记录和任何附件的检查中的任何差异; 基于在消息和任何附件的每个数据来源记录的检查中识别的任何差异,以及在显示器上向用户呈现信任度和信息保证属性信息来计算信任度。
-
-
-
-
-
搜索结果
6 条记录 (耗时 0.041 秒)
