APPARATUS AND METHOD FOR RECOGNIZING SECURITY SITUATION AND GENERATING SITUATION INFORMATION BASED ON SPATIAL LINKAGE OF PHYSICAL AND IT SECURITY
First Claim
1. An apparatus for recognizing security situation and generating situation information based on spatial linkage of physical and IT security, the apparatus comprising:
- a security event storage unit for storing security events generated from multiple security devices installed in a physical or logical space, each of the security devices having its own unique information;
a spatial information storage unit for storing locations or object information of a real space in which the multiple security devices are installed.a security event collection unit for mapping, when a security event is detected from one of the multiple security devices, unique information of said one of the security devices to a location or an object in the real space stored in the spatial information storage unit, and collecting correlated security events, related to the detected security event, from the security event storage unit based on the mapped information;
a security situation awareness unit for determining, if the detected security event corresponds to a security situation, a type of the security situation and a degree of threat based on the correlated security events and predefined security situation criteria; and
a situation information generation unit for analyzing a correlation, based on the type of the security situation, between the correlated security events and the detected security event to generate security situation information.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus for recognizing security situation and generating situation information based on spatial linkage of physical and IT security, the apparatus includes: a security event collection unit for mapping, when a security event is detected from a security device, unique information of the security device to a location or an object in a real space, and collecting correlated security events based on the mapped information; a security situation awareness unit for determining a type of a security situation and a degree of threat based on the correlated security events; and a situation information generation unit for analyzing a correlation between the correlated security events and the security event to generate security situation information.
14 Citations
12 Claims
-
1. An apparatus for recognizing security situation and generating situation information based on spatial linkage of physical and IT security, the apparatus comprising:
-
a security event storage unit for storing security events generated from multiple security devices installed in a physical or logical space, each of the security devices having its own unique information; a spatial information storage unit for storing locations or object information of a real space in which the multiple security devices are installed. a security event collection unit for mapping, when a security event is detected from one of the multiple security devices, unique information of said one of the security devices to a location or an object in the real space stored in the spatial information storage unit, and collecting correlated security events, related to the detected security event, from the security event storage unit based on the mapped information; a security situation awareness unit for determining, if the detected security event corresponds to a security situation, a type of the security situation and a degree of threat based on the correlated security events and predefined security situation criteria; and a situation information generation unit for analyzing a correlation, based on the type of the security situation, between the correlated security events and the detected security event to generate security situation information. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for recognizing security situation and generating situation information based on spatial linkage of physical and IT security, in a security system including a security event storage unit for storing security events generated from multiple security devices having unique information installed in a physical space or logical space, and a spatial information storage unit for storing locations or object information of a real space in which the multiple security devices are installed, the method comprising:
-
receiving a message indicating that a security event has been detected from one of the multiple security devices; collecting, from the security event storage unit, correlated security events related to the detected security event; determining, if the detected security event is abnormal and corresponds to a security situation, a type of the security situation and a degree of threat based on the correlated security events and predefined security situation criteria; and analyzing, based on the type of the security situation, a correlation between the correlated security events and the detected security event to generate security situation information. - View Dependent Claims (8, 9, 10, 11, 12)
-
Specification