VALIDATING NETWORK SECURITY POLICY COMPLIANCE

US 20100050229A1
Filed: 08/19/2008
Published: 02/25/2010
Est. Priority Date: 08/19/2008
Status: Abandoned Application

First Claim

Patent Images

1. A method of validating network security policy compliance, the method comprising:

creating a plurality of condition simulators for testing a network security policy, each condition simulator having a corresponding expected result; and

comparing a result of a test of the network security policy using one of the condition simulators to the expected result corresponding to the one of the condition simulators.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention may provide the ability to determine the actions triggered by a network security policy given a set of conditions. Embodiments of the invention involve testing the security policy at specified times, documenting and analyzing the test results for compliance, recording the results for auditing purposes, writing events to warn of non-compliance findings, and dynamically taking defensive action to prevent security breaches as the result of non-compliance findings.

38 Citations

View as Search Results

18 Claims

1. A method of validating network security policy compliance, the method comprising:
- creating a plurality of condition simulators for testing a network security policy, each condition simulator having a corresponding expected result; and
  
  comparing a result of a test of the network security policy using one of the condition simulators to the expected result corresponding to the one of the condition simulators.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein each of the plurality of condition simulators comprises at least packet header information and packet direction.
  - 3. The method of claim 2, wherein the packet header information comprises a destination Internet Protocol address, a source Internet Protocol address, a communication protocol, a destination port, and a source port.
  - 4. The method of claim 2, wherein each of the plurality of condition simulators further comprises at least one of a time of day, a user identity, and an application name.
  - 5. The method of claim 1, further comprising:
    - sending the one of the condition simulators to a network security enforcement point at which the test of the network security policy is performed; and
      
      receiving the result of the test of the network security policy.
  - 6. The method of claim 1, further comprising:
    - performing one or more remedial actions if the result of the test of the network security policy using the one of the condition simulators does not conform to the expected result corresponding to the one of the condition simulators.

7. A system for validating network security policy compliance, the system comprising:
- a processing element configured for creating a plurality of condition simulators for testing a network security policy, each condition simulator having a corresponding expected result;
  
  the processing element further configured for comparing a result of a test of the network security policy using one of the condition simulators to the expected result corresponding to the one of the condition simulators.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein each of the plurality of condition simulators comprises at least packet header information and packet direction.
  - 9. The system of claim 8, wherein the packet header information comprises a destination Internet Protocol address, a source Internet Protocol address, a communication protocol, a destination port, and a source port.
  - 10. The system of claim 8, wherein each of the plurality of condition simulators further comprises at least one of a time of day, a user identity, and an application name.
  - 11. The system of claim 7, wherein the processing element is further configured for sending the one of the condition simulators to a network security enforcement point at which the test of the network security policy is performed;
    - and wherein the processing element is further configured for receiving the result of the test of the network security policy.
  - 12. The system of claim 7, wherein the processing element is further configured for performing one or more remedial actions if the result of the test of the network security policy using the one of the condition simulators does not conform to the expected result corresponding to the one of the condition simulators.

13. A computer program product for validating network security policy compliance, the computer program product comprising at least one computer-readable storage medium having computer-readable program code stored therein, the computer-readable program code comprising:
- computer-usable program code for creating a plurality of condition simulators for testing a network security policy, each condition simulator having a corresponding expected result; and
  
  computer-usable program code for comparing a result of a test of the network security policy using one of the condition simulators to the expected result corresponding to the one of the condition simulators.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The computer program product of claim 13, wherein each of the plurality of condition simulators comprises at least packet header information and packet direction.
  - 15. The computer program product of claim 14, wherein the packet header information comprises a destination Internet Protocol address, a source Internet Protocol address, a communication protocol, a destination port, and a source port.
  - 16. The computer program product of claim 14, wherein each of the plurality of condition simulators further comprises at least one of a time of day, a user identity, and an application name.
  - 17. The computer program product of claim 13, further comprising:
    - computer-usable program code for sending the one of the condition simulators to a network security enforcement point at which the test of the network security policy is performed; and
      
      computer-usable program code for receiving the result of the test of the network security policy.
  - 18. The computer program product of claim 13, further comprising:
    - computer-usable program code for performing one or more remedial actions if the result of the test of the network security policy using the one of the condition simulators does not conform to the expected result corresponding to the one of the condition simulators.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Overby, Linwood Hugh JR.

Application Number

US12/193,989
Publication Number

US 20100050229A1
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

H04L 63/20 for managing network securi...

VALIDATING NETWORK SECURITY POLICY COMPLIANCE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

38 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

VALIDATING NETWORK SECURITY POLICY COMPLIANCE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others