Systems and methods for dynamic and risk-aware network security
First Claim
1. A network security system, comprising:
- a static policy data store;
a dynamic policy data store;
an authorization enforcement facility (AEF) in communication with said static policy data store and said dynamic policy data store and operable to perform a risk-aware analysis of a connection.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for dynamic and risk-aware network security are described. In one embodiment, a system dynamically assesses whether a connection over a communications medium (102) is anomalous (suspicious, malicious, deviating from normal behavior, fits a certain profile or pattern, or has the potential to be any one of these) and generates an appropriate response depending on whether the connection is deemed to be normal or anomalous for a specified period of time. The types of responses include, but are not limited to, blocking the source of the connection from connecting to its intended destination, altering the destination of the connection, auditing the connection, or any combination of these.
-
Citations
17 Claims
-
1. A network security system, comprising:
-
a static policy data store;
a dynamic policy data store;
an authorization enforcement facility (AEF) in communication with said static policy data store and said dynamic policy data store and operable to perform a risk-aware analysis of a connection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method comprising:
-
receiving a static policy data attribute from a static policy data store;
receiving a connection request directed to a node;
receiving a dynamic policy data attribute from a dynamic policy data store;
determining whether said connection request is anomalous based at least in part on said static policy data attribute and at least in part on said dynamic policy data attribute. - View Dependent Claims (14, 15, 16, 17)
-
Specification