Computer network security management system
First Claim
1. A centralized security system for a computer network comprising a plurality of discrete computer subsystems, each subsystem having a discrete security domain associated therewith, the centralized security system comprising:
- a plurality of collection agents, each agent being operatively coupled with a respective one of said discrete security domains for collecting differently presented security-related data of said security domains;
a collection agent abstraction facility coupled to said collection agents and effective for transforming the differently presented security-related data into a common-format security data which has a format common across said security domains;
a database for storing said common-format security data from the collection agent abstraction facility, the database being comprised of a standardized, off-the-shelf database software program;
a security controlling facility for examining the security data stored in the database, for ensuring that the security related data in the database indicates that the security domains are in compliance with pre-determined security regulations and for issuing security related common-format commands effective for correcting computer security breach conditions; and
a security maintenance software facility for receiving the common format commands and translating them into specific commands that are specific to and understandable by the various security domains.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and system for controlling computer security. The system is a centralized, computer-network security management tool capable of handling many different kinds of equipment in a standardized format despite differences in the computer security features among the diverse range of computer equipment in the computer network. The invention uses a layered software architecture, including a technology specific layer and a technology independent layer. The technology specific layer serves to extract and maintain security data on target platforms and for converting data to and from a common data model used by the technology independent layer. The technology independent layer handles the main functionality of the system such as locating and removing certain present and former employees from computer access lists, auditing system user data, monitoring security events (e.g. failed login attempts), automatically initiating corrective action, interfacing with the system users, reporting, querying and storing of collected data.
-
Citations
34 Claims
-
1. A centralized security system for a computer network comprising a plurality of discrete computer subsystems, each subsystem having a discrete security domain associated therewith, the centralized security system comprising:
-
a plurality of collection agents, each agent being operatively coupled with a respective one of said discrete security domains for collecting differently presented security-related data of said security domains; a collection agent abstraction facility coupled to said collection agents and effective for transforming the differently presented security-related data into a common-format security data which has a format common across said security domains; a database for storing said common-format security data from the collection agent abstraction facility, the database being comprised of a standardized, off-the-shelf database software program; a security controlling facility for examining the security data stored in the database, for ensuring that the security related data in the database indicates that the security domains are in compliance with pre-determined security regulations and for issuing security related common-format commands effective for correcting computer security breach conditions; and a security maintenance software facility for receiving the common format commands and translating them into specific commands that are specific to and understandable by the various security domains. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of centrally controlling security in a computer network comprising a plurality of discrete computer subsystems each having a discrete security domain associated therewith, the method comprising the steps of:
-
separately collecting from each of the security domains security-related data associated with each security domain, wherein each security-related data is uniquely presented; supplying the security-related data collected from the security domains to a collection agent abstraction facility and deploying the collection agent abstraction facility to transform the separately collected security-related data into a common-format security data, said transformation of the separately collected security-related data including the steps of; mapping the data collected from a single security domain to a generic language using a predetermined map for the environment; and sending the mapped data to a database; storing the common-format security data in the database; analyzing the common-format security-related data for discerning in the data out-of-compliance conditions in specific ones of said security domains by comparing the data with predetermined security regulations; issuing common-format security-related commands effective for controlling security at the individual security domains; converting the common-format security-related commands to a plurality of specific security commands which are configured to be understood by corresponding ones of said security domains; and repeating the above-steps for remaining ones of said security domains. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
-
-
28. A method of centrally controlling security in a computer network comprising a plurality of discrete computer subsystems each having a discrete security domain associated therewith, the method comprising the steps of:
-
separately collecting from each of the security domains security-related data associated with each security domain, wherein each security-related data is uniquely presented; supplying the security-related data collected from the security domains to a collection agent abstraction facility and deploying the collection agent abstraction facility to transform the separately collected security-related data into a common-format security data; storing the common-format security data in a database; analyzing the common-format security-related data for discerning in the data out-of-compliance conditions in specific ones of said security domains by comparing the data with predetermined security regulations; issuing common-format security-related commands effective for controlling security at the individual security domains; and converting the common-format security-related commands to a plurality of specific security commands which are configured to be understood by corresponding ones of said security domains, the plurality of specific security commands including a specific command which results in the execution of multiple maintenance agent actions. - View Dependent Claims (29, 30, 31, 32, 33, 34)
-
Specification