System and method for security information normalization
First Claim
Patent Images
1. A network auditing method comprising:
- retrieving network information gathered by a plurality of heterogeneous information sources;
identifying a network policy to be applied to the retrieved information;
identifying semantic equivalencies in the information gathered by the plurality of heterogeneous information sources; and
uniformly applying the network policy to the information identified as being semantically equivalent.
12 Assignments
0 Petitions
Accused Products
Abstract
A prevention-based network auditing system includes an audit repository storing network information gathered by a plurality of heterogeneous information sources. A semantic normalization module identifies semantic equivalencies in the gathered information, and generates a map listing for each fact gathered by an information source, an equivalent fact or set of facts gathered by each of the other information sources. A network policy is then uniformly applied to the information that is identified as being semantically equivalent.
-
Citations
16 Claims
-
1. A network auditing method comprising:
-
retrieving network information gathered by a plurality of heterogeneous information sources;
identifying a network policy to be applied to the retrieved information;
identifying semantic equivalencies in the information gathered by the plurality of heterogeneous information sources; and
uniformly applying the network policy to the information identified as being semantically equivalent. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A server in a network auditing system, the server comprising:
-
a data store storing network information gathered by a plurality of heterogeneous information sources;
a semantic normalization module coupled to the data store, the module identifying semantic equivalencies in the information gathered by the plurality of heterogeneous information sources; and
means for uniformly applying a network policy to the information identified as being semantically equivalent. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification