Self-Operating Security Platform
First Claim
1. A method comprising:
- monitoring a security status of a first element of a first data-processing system;
detecting that an intrusion has occurred that targeted said first element; and
composing a third workflow script from a first portion of a first workflow script and a second portion of a second workflow script, based on said security status and on said detection.
7 Assignments
0 Petitions
Accused Products
Abstract
A platform is disclosed that enables security monitoring and protection across a plurality of related telecommunications devices. The self-operating security platform of the present invention is based on a collection of security adapters that are tied together and are coupled with an orchestration engine that loads and executes workflow scripts. Workflow scripts have been used for business applications, but their usage in real-time telecommunications devices is relatively new. Each security adapter monitors a different aspect of the system for intrusions or other security threats. The specific security protection rules are taught to the security platform in a basic profile; as the security platform runs, it builds up the actual profile of how the telecommunications device performs in a normal state. In other words, the security platform “composes” new workflow scripts from basic workflow scripts. The self-expanding nature of the workflow enables the telecommunications device to learn the behavioral patterns of its users.
18 Citations
23 Claims
-
1. A method comprising:
-
monitoring a security status of a first element of a first data-processing system; detecting that an intrusion has occurred that targeted said first element; and composing a third workflow script from a first portion of a first workflow script and a second portion of a second workflow script, based on said security status and on said detection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method comprising:
-
receiving, at a first data-processing system, a first status indication from a second data-processing system, wherein said second data-processing system monitors a first element of said first data-processing system, and wherein said first status indication provides information about said first element; and executing; 1) a first software module that performs a first telecommunications function, wherein said first software module utilizes said first element, and 2) a first workflow script that is based on said first status indication; wherein said first data-processing system and said second data-processing system are physically distinct. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A first data-processing system comprising:
-
an interface for receiving a first status indication from a second data-processing system, wherein said second data-processing system monitors a first element of said first data-processing system, and wherein said first status indication provides information about said first element; and a processor for executing; 1) a first software module that performs a first telecommunications function, wherein said first software module utilizes said first element, and 2) a first workflow script that is based on said first status indication; wherein said first data-processing system and said second data-processing system are physically distinct. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
Specification