Security health checking tool

US 20040059920A1
Filed: 09/19/2002
Published: 03/25/2004
Est. Priority Date: 09/19/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method in a storage management system comprising:

accessing one or more security parameters of said storage management system;

evaluating said security parameters against a set of security policies, rules and allowable parameter values; and

indicating in a user-readable report which security parameters fail to meet said security policies, rules and allowable parameter values.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A tool for checking storage management system security settings which accesses one or more security parameters, compares them to security policies, rules, and allowable values, and reports noncompliant settings via a user-readable report. A set of automatic correction rules may be employed to automatically modify noncompliant settings to bring them into compliance, which actions may also be reported in the user-readable report.

108 Citations

View as Search Results

27 Claims

1. A method in a storage management system comprising:
- accessing one or more security parameters of said storage management system;
  
  evaluating said security parameters against a set of security policies, rules and allowable parameter values; and
  
  indicating in a user-readable report which security parameters fail to meet said security policies, rules and allowable parameter values.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method as set forth in claim 1 wherein said step of indicating parameters which fail also comprises indicating which parameters meet or exceed said security policies, rules and allowable parameter values.
  - 3. The method as set forth in claim 1 further comprising modifying security parameter values which fail to meet said security policies, rules and allowable parameter values to bring said parameter values into compliance.
  - 4. The method as set forth in claim 3 further comprising indicating in a user-readable report which security parameters have been modified to bring them into compliance.
  - 5. The method as set forth in claim 1 wherein said step of accessing one or more security parameters comprises accessing security parameters through an administration client interface.
  - 6. The method as set forth in claim 1 wherein said step of accessing one or more security parameters comprises accessing one or more parameters selected from the group of minimum allowable password length, maximum allowable failed password attempts, maximum allowable password expiration time, activity logging enablement, minimum activity log entry retention time, secure administrator activity logging enablement, and system administrator activity logging enablement.
  - 7. The method as set forth in claim 1 wherein said step of accessing one or more security parameters comprises accessing parameters using a method selected from the group of executing an administrator console command, redirecting a displayed parameter to a computer readable media, accessing a computer readable media, examining a computer readable report, and operating an administrative function interface for a storage management product.
  - 8. The method of claim 1 wherein said storage management system is a Tivoli Storage Management system.
  - 9. The method of claim 1 wherein said storage management system is an ADSTAR Storage Management System.

10. A system comprising:
- one or more accessible security settings associated with a storage management system;
  
  a security setting retriever operative to access said security settings;
  
  a policy defining one or more acceptable values for security settings;
  
  a setting comparitor which evaluates said retrieved security settings against said policy; and
  
  a report generator operative to produce a user-readable report with indications of security settings which do not comply with said policy.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system as set forth in claim 10 wherein said report generator is further operative to indicate which settings which comply with said security policy
  - 12. The system as set forth in claim 10 further comprising a setting modifier operative to change noncompliant security settings to a compliant value.
  - 13. The system as set forth in claim 12 wherein said report generator is further operative to indicate which security settings have been modified.
  - 14. The system as set forth in claim 10 wherein said security setting retriever is operative to access security settings through an administration client interface.
  - 15. The system as set forth in claim 10 wherein said security setting retriever is operative to access security settings selected from the group of minimum allowable password length, maximum allowable failed password attempts, maximum allowable password expiration time, activity logging enablement, minimum activity log entry retention time, secure administrator activity logging enablement, and system administrator activity logging enablement.
  - 16. The system as set forth in claim 10 wherein said security setting retriever is operative to access security settings using a method selected from the group of executing an administrator console command, redirecting a displayed parameter to a computer readable media, accessing a computer readable media, examining a computer readable report, and operating an administrative function interface for a storage management product.
  - 17. The system of claim 10 wherein said security settings are associated with a Tivoli Storage Management system.
  - 18. The system of claim 10 wherein said security settings are associated with an ADSTAR Storage Management System.

19. A computer readable media encoded with software for performing the steps of:
- accessing one or more security parameters of said storage management system;
  
  evaluating said security parameters against a set of security policies, rules and allowable parameter values; and
  
  indicating in a user-readable report which security parameters fail to meet said security policies, rules and allowable parameter values.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The media as set forth in claim 19 wherein said software for indicating parameters which fail also comprises software for indicating which parameters meet or exceed said security policies, rules and allowable parameter values.
  - 21. The media as set forth in claim 19 further comprising software for modifying security parameter values which fail to meet said security policies, rules and allowable parameter values to bring said parameter values into compliance.
  - 22. The media as set forth in claim 21 further comprising software for indicating in a user-readable report which security parameters have been modified to bring them into compliance.
  - 23. The media as set forth in claim 19 wherein said software for accessing one or more security parameters comprises software for accessing security parameters through an administration client interface.
  - 24. The media as set forth in claim 19 wherein said software for accessing one or more security parameters comprises software for accessing one or more parameters selected from the group of minimum allowable password length, maximum allowable failed password attempts, maximum allowable password expiration time, activity logging enablement, minimum activity log entry retention time, secure administrator activity logging enablement, and system administrator activity logging enablement.
  - 25. The media as set forth in claim 19 wherein said software for accessing one or more security parameters comprises software for accessing parameters using a method selected from the group of executing an administrator console command, redirecting a displayed parameter to a computer readable media, accessing a computer readable media, examining a computer readable report, and operating an administrative function interface for a storage management product.
  - 26. The media of claim 19 wherein said security parameters are associated with a Tivoli Storage Management system.
  - 27. The media of claim 19 wherein said security parameters are associated with an ADSTAR Storage Management System.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Godwin, Debbie Ann

Application Number

US10/246,969
Publication Number

US 20040059920A1
Time in Patent Office

Days
Field of Search
US Class Current

713/183
CPC Class Codes

G06F 21/55 Detecting local intrusion o...

H04L 63/20 for managing network securi...

Security health checking tool

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

108 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Security health checking tool

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

108 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links