APPARATUS AND METHOD FOR RECOGNIZING SECURITY SITUATION AND GENERATING SITUATION INFORMATION BASED ON SPATIAL LINKAGE OF PHYSICAL AND IT SECURITY

US 20120159650A1
Filed: 12/15/2011
Published: 06/21/2012
Est. Priority Date: 12/17/2010
Status: Abandoned Application

First Claim

Patent Images

1. An apparatus for recognizing security situation and generating situation information based on spatial linkage of physical and IT security, the apparatus comprising:

a security event storage unit for storing security events generated from multiple security devices installed in a physical or logical space, each of the security devices having its own unique information;

a spatial information storage unit for storing locations or object information of a real space in which the multiple security devices are installed.a security event collection unit for mapping, when a security event is detected from one of the multiple security devices, unique information of said one of the security devices to a location or an object in the real space stored in the spatial information storage unit, and collecting correlated security events, related to the detected security event, from the security event storage unit based on the mapped information;

a security situation awareness unit for determining, if the detected security event corresponds to a security situation, a type of the security situation and a degree of threat based on the correlated security events and predefined security situation criteria; and

a situation information generation unit for analyzing a correlation, based on the type of the security situation, between the correlated security events and the detected security event to generate security situation information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus for recognizing security situation and generating situation information based on spatial linkage of physical and IT security, the apparatus includes: a security event collection unit for mapping, when a security event is detected from a security device, unique information of the security device to a location or an object in a real space, and collecting correlated security events based on the mapped information; a security situation awareness unit for determining a type of a security situation and a degree of threat based on the correlated security events; and a situation information generation unit for analyzing a correlation between the correlated security events and the security event to generate security situation information.

14 Citations

View as Search Results

12 Claims

1. An apparatus for recognizing security situation and generating situation information based on spatial linkage of physical and IT security, the apparatus comprising:
- a security event storage unit for storing security events generated from multiple security devices installed in a physical or logical space, each of the security devices having its own unique information;
  
  a spatial information storage unit for storing locations or object information of a real space in which the multiple security devices are installed.a security event collection unit for mapping, when a security event is detected from one of the multiple security devices, unique information of said one of the security devices to a location or an object in the real space stored in the spatial information storage unit, and collecting correlated security events, related to the detected security event, from the security event storage unit based on the mapped information;
  
  a security situation awareness unit for determining, if the detected security event corresponds to a security situation, a type of the security situation and a degree of threat based on the correlated security events and predefined security situation criteria; and
  
  a situation information generation unit for analyzing a correlation, based on the type of the security situation, between the correlated security events and the detected security event to generate security situation information.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The apparatus of claim 1, wherein the security event collection unit includes:
    - a notice message reception module for receiving, when the security event is detected, a message indicating the detection of the security event to extract a generation time of the detected security event and the unique information of said one of the security devices within the message;
      
      an ID/location mapping module for mapping the extracted unique information to the location or the object in the real space stored in the spatial information storage unit; and
      
      a security event collection module for collecting correlated security events in the same location or space as an installation location of said one of the security devices by searching the security event storage unit based on the mapped information.
  - 3. The apparatus of claim 2, wherein the security event collection module collects the correlated security events by searching the security event storage unit based on the generation time and generation location of the detected security event.
  - 4. The apparatus of claim 1, wherein the security situation awareness unit includes:
    - a security event verification module for verifying whether the detected security event is normal or not based on the correlated security events and a generation location of the detected security event;
      
      a security situation type reference module for referring to the predefined security situation criteria to recognize the security situation of the detected security event; and
      
      a security situation awareness module for determining a validity of the security situation, the type thereof and the degree of threat depending on the security situation criteria referred to by the security situation type reference module and the correlated security events.
  - 5. The apparatus of claim 1, wherein the situation information generation unit includes:
    - a space-time correlation analysis module for analyzing a space-time correlation between the correlated security events and the detected security event depending on the type of the security situation; and
      
      a situation information generation module for generating security situation information that includes real space information, the type of the security situation and threat details based on the space-time correlation.
  - 6. The apparatus of claim 1, further comprising:
    - a situation map display unit for displaying business/security sections and personnel/asset object information on a location or a space corresponding to generation location of the detected security event, and providing the generated security situation information to a security officer.

7. A method for recognizing security situation and generating situation information based on spatial linkage of physical and IT security, in a security system including a security event storage unit for storing security events generated from multiple security devices having unique information installed in a physical space or logical space, and a spatial information storage unit for storing locations or object information of a real space in which the multiple security devices are installed, the method comprising:
- receiving a message indicating that a security event has been detected from one of the multiple security devices;
  
  collecting, from the security event storage unit, correlated security events related to the detected security event;
  
  determining, if the detected security event is abnormal and corresponds to a security situation, a type of the security situation and a degree of threat based on the correlated security events and predefined security situation criteria; and
  
  analyzing, based on the type of the security situation, a correlation between the correlated security events and the detected security event to generate security situation information.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, wherein said collecting the correlated security events includes:
    - extracting a generation time of the detected security event and unique information of said one of the security devices from the message;
      
      mapping the extracted unique information to a location or an object in the real space stored in the spatial information storage unit; and
      
      collecting correlated security events in the same location or space as an installation location of said one of the security devices by searching the security event storage unit based on the mapped information.
  - 9. The method of claim 8, wherein the correlated security events are collected by searching the security event storage unit based on the generation time and generation location of the detected security event.
  - 10. The method of claim 7, wherein said determining the type of the security situation and the degree of threat includes:
    - verifying whether the detected security event is normal or not based on the correlated security events and generation location of the detected security event;
      
      referring to the predefined security situation criteria to recognize the security situation of the detected security event, when the detected security event is abnormal; and
      
      determining a validity of the security situation, the type thereof and the degree of threat depending on the referred security situation criteria and the correlated security events.
  - 11. The method of claim 7, wherein said analyzing the correlation includes:
    - analyzing a space-time correlation between the correlated security events and the detected security event depending on the type of the security situation; and
      
      generating security situation information that includes real space information, the type of the security situation and threat details based on the space-time correlation.
  - 12. The method of claim 7, further comprising:
    - displaying business/security sections and personnel/asset object information on a location or a space corresponding to the generation location of the detected security event, and providing the generated security situation information to a security officer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Electronics and Telecommunications Research Institute
Original Assignee
Electronics and Telecommunications Research Institute
Inventors
CHANG, Beom Hwan, JEONG, Chi Yoon, CHO, Hyeon Koo

Application Number

US13/327,334
Publication Number

US 20120159650A1
Time in Patent Office

Days
Field of Search
US Class Current

726/34
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 2221/2111   Location-sensitive, e.g. ge...

G06Q 10/06   Resources, workflows, human...

APPARATUS AND METHOD FOR RECOGNIZING SECURITY SITUATION AND GENERATING SITUATION INFORMATION BASED ON SPATIAL LINKAGE OF PHYSICAL AND IT SECURITY

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

14 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

APPARATUS AND METHOD FOR RECOGNIZING SECURITY SITUATION AND GENERATING SITUATION INFORMATION BASED ON SPATIAL LINKAGE OF PHYSICAL AND IT SECURITY

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links