Appliance-based parallelized analytics of data auditing events
First Claim
1. Apparatus for protecting an enterprise data server against insider attack, comprising:
- a processor;
computer memory holding a first code module that when executed on the processor analyzes a trusted user'"'"'s given data access against a set of one or more configurable policy filters; and
the computer memory holding a second code module that when executed by the processor determines whether the trusted user'"'"'s data access is indicative of an action specified by a policy filter in the set of policy filters;
wherein multiple instances of at least one of the first or second code modules are executed in parallel.
11 Assignments
0 Petitions
Accused Products
Abstract
Data auditing involves capturing, filtering, processing and analytics of real-time data transactions. As such, data auditing imposes a heavy burden of processing in the fast path, which cannot afford to slow down. Unfortunately, most processing incurred in traditional data auditing fast paths has been serial, leading to bottlenecks or scaling issues. This disclosure addresses this problem by developing a fast path where both lower and upper stacks of data auditing are analyzed and exploited for potential parallelism. A fully-parallelized analytics fast path could deliver 25-200% speed-up of throughput relative to a serial fast path, depending on the specific conditions.
-
Citations
2 Claims
-
1. Apparatus for protecting an enterprise data server against insider attack, comprising:
-
a processor; computer memory holding a first code module that when executed on the processor analyzes a trusted user'"'"'s given data access against a set of one or more configurable policy filters; and the computer memory holding a second code module that when executed by the processor determines whether the trusted user'"'"'s data access is indicative of an action specified by a policy filter in the set of policy filters; wherein multiple instances of at least one of the first or second code modules are executed in parallel. - View Dependent Claims (2)
-
Specification
-
- Resources
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsMoghe, Pratyush
-
Application NumberUS12/755,996Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current726/26CPC Class CodesG06F 21/552 involving long-term monitor...
