公开(公告)号：US11368489B2

公开(公告)日：2022-06-21

申请号：US16764871

申请日：2017-11-20

Applicant: Nokia Technologies Oy

Inventor： Iris Adam ,  Jing Ping ,  Stephane Mahieu

IPC: G06F21/57 ,  H04L9/40 ,  G06F21/62 ,  H04L67/10

Abstract: An apparatus for security management based on event correlation in a distributed multi-layered cloud environment is disclosed, wherein the distributed multi-layered cloud environment comprises at least one first layer cloud service provider, and at least one second layer cloud service provider as a tenant of the first layer cloud service provider, and the apparatus is installed at least on one cloud service provider of the first layer cloud service provider and the second layer cloud service provider, the apparatus comprising: a central processing module configured to: provide correlation as a Service (CORRaaS) to a plurality of tenants as virtualized security appliances or virtualized security functions for the plurality of tenants's lices, generate a second interface for allowing the plurality of tenants to configure the correlation as a Service (CORRaaS), and correlate and process security events from security functions in the plurality of tenants' slices to form processed security event data, and to detect or predict attacks or anomalies or incompliance with security requirements; and a third interface for transferring the processed security event data and/or log data and/or raw data to the plurality of tenants' security management systems and/or to a plurality of cloud service providers' security management systems; and a fourth interface towards a cloud manager of the cloud service provider for causing the cloud manager to mitigate the detected or predicted attacks or anomalies or incompliance with security requirements. A corresponding system and method for security management based on event correlation in a distributed multi-layered cloud environment, as well as a computer readable medium, are also provided.

公开(公告)号：US12245042B2

公开(公告)日：2025-03-04

申请号：US17799545

申请日：2020-02-14

Applicant: Nokia Technologies Oy

Inventor： Jing Ping ,  Iris Adam ,  Anatoly Andrianov ,  Xiaoguang Zhao

IPC: H04W16/10 ,  H04W12/03

Abstract: A method for network isolation management is described. The method includes assigning or creating one or more isolation groups for at least one service, wherein resources of services assigned in an isolation group are shared with or without isolation; wherein an isolation group is defined for at least one resource in each layer and each domain to gather the at least one resource of the at least one service; linking an isolation profile for each of the one or more isolation groups, wherein the isolation profile comprises at least one policy to protect the at least one resource of the one or more isolation groups, and wherein the isolation profile comprises at least an isolation level to define a type of isolation; and allocating or reallocating the at least one resource to the at least one service based on the isolation profile linked to the one or more isolation groups.

公开(公告)号：US12132732B2

公开(公告)日：2024-10-29

申请号：US17621971

申请日：2019-06-24

Applicant: Nokia Technologies Oy

Inventor： Jing Ping ,  Iris Adam ,  Anatoly Andrianov

IPC: H04L9/40

CPC classification number: H04L63/0892 ,  H04L63/083 ,  H04L63/101 ,  H04L63/20

Abstract: A credential manager imports credentials for a network slice in response to deployment of the network slice. The credentials are not known to other network slices. A repository is configured to store the credentials and protect the credentials based on credential protection policies that are defined by a service profile of the network slice. The repository is implemented in the credential manager, an authentication, authorization, and accounting (AAA) server, or other location. Properties of the credentials are modified in response to a modification trigger and the credentials are withdrawn in response to a withdrawal trigger.

公开(公告)号：US12052143B2

公开(公告)日：2024-07-30

申请号：US18040087

申请日：2020-08-05

Applicant: Nokia Technologies Oy

Inventor： Anja Jerichow ,  Chaitanya Aggarwal ,  Jing Ping ,  Iris Adam ,  Konstantinos Samdanis ,  Yannick Lair

IPC: H04L41/14 ,  H04L43/04

CPC classification number: H04L41/14 ,  H04L43/04

Abstract: Example embodiments of the present disclosure relate to devices, methods and computer readable storage media for service provisioning to facilitate analysis of a service from a network function (NF). In example embodiments, one or more logs are received from at least one of a first NF, a network repository function (NRF) and a service communication proxy (SCP). The one or more logs are associated with a service from a second NF. Further, analysis of provision of the service from the second NF is facilitated based on the one or more logs.

公开(公告)号：US11290490B2

公开(公告)日：2022-03-29

申请号：US16340793

申请日：2016-10-12

Applicant: Nokia Technologies Oy

Inventor： Manfred Schaefer ,  Iris Adam ,  Stephane Mahieu ,  Jing Ping

IPC: H04L29/06 ,  G06F9/50

Abstract: Cloud service security management in cloud computer environment uses a first computer cloud entity with first security capabilities and under security management coordinated by a first security management service point in compliance with predefined first security requirements. Security management of a second computer cloud entity is coordinated by a second security management service point in compliance with predefined second security requirements. In the managing of the security of the cloud service in the cloud computer environment: a trusted relationship is established between the first and second security management service points, general security requirements for the cloud service are obtained; and a first security policy is defined for the first security management service point, based on the general security requirements for the cloud service, the first security capabilities and the first security requirements, for the running of the cloud service by the first computer cloud entity.

公开(公告)号：US20200344267A1

公开(公告)日：2020-10-29

申请号：US16764871

申请日：2017-11-20

Applicant: Nokia Technologies Oy

Inventor： Iris Adam ,  Jing Ping ,  Stephane Mahieu

IPC: H04L29/06 ,  H04L29/08 ,  G06F21/62 ,  G06F21/57

Abstract: An apparatus for security management based on event correlation in a distributed multi-layered cloud environment is disclosed, wherein the distributed multi-layered cloud environment comprises at least one first layer cloud service provider, and at least one second layer cloud service provider as a tenant of the first layer cloud service provider, and the apparatus is installed at least on one cloud service provider of the first layer cloud service provider and the second layer cloud service provider, the apparatus comprising: a central processing module configured to: provide correlation as a Service (CORRaaS) to a plurality of tenants as virtualized security appliances or virtualized security functions for the plurality of tenants's lices, generate a second interface for allowing the plurality of tenants to configure the correlation as a Service (CORRaaS), and correlate and process security events from security functions in the plurality of tenants'slices to form processed security event data, and to detect or predict attacks or anomalies or incompliance with security requirements; and a third interface for transferring the processed security event data and/or log data and/or raw data to the plurality of tenants'security management systems and/or to a plurality of cloud service providers'security management systems; and a fourth interface towards a cloud manager of the cloud service provider for causing the cloud manager to mitigate the detected or predicted attacks or anomalies or incompliance with security requirements. A corresponding system and method for security management based on event correlation in a distributed multi-layered cloud environment, as well as a computer readable medium, are also provided.