Cooperative processing and escalation in a multi-node application-layer security system and method
First Claim
1. A cooperative processing and escalation method for application-layer security comprising the steps of:
- defining escalating operational modes at a plurality of receiving security nodes including standby, passive and active modes, andat a same single security node;
identifying a security violation,matching said security violation to one or more escalation rule(s) of a pre-defined set of escalation rules, wherein said matched escalation rule(s) determine how said single security node responds to said security violation including whether to transmit or receive an escalation trigger or both,creating said escalation trigger associated with said matched escalation rule(s), wherein said escalation trigger instructs said plurality of receiving security nodes to activate one of said escalating operational modes, andtransmitting said escalation trigger to said plurality of receiving security nodes.
1 Assignment
0 Petitions
Accused Products
Abstract
A cooperative processing and escalation method and system for use in multi-node application-layer security management is disclosed. The method includes the steps of identifying individual application security nodes, grouping and configuring nodes for cooperative processing, assigning the default operational mode at each node, assignment of logging and alert event tasks at each node, and defining escalation and de-escalation rules and triggers at each node. Both loosely-coupled and tightly-coupled configurations, each with its cooperative processing model, are disclosed. The method includes provision for central console configuration and control, near real-time central console dashboard operations interface, alert notification, and operator override of operational modes and event tasks.
63 Citations
35 Claims
-
1. A cooperative processing and escalation method for application-layer security comprising the steps of:
-
defining escalating operational modes at a plurality of receiving security nodes including standby, passive and active modes, and at a same single security node; identifying a security violation, matching said security violation to one or more escalation rule(s) of a pre-defined set of escalation rules, wherein said matched escalation rule(s) determine how said single security node responds to said security violation including whether to transmit or receive an escalation trigger or both, creating said escalation trigger associated with said matched escalation rule(s), wherein said escalation trigger instructs said plurality of receiving security nodes to activate one of said escalating operational modes, and transmitting said escalation trigger to said plurality of receiving security nodes. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A cooperative processing and escalation system for application-layer security comprising:
-
means for selectively configuring multiple network nodes to operate in two or more predetermined escalating operational modes including standby, passive and active modes, and a same single security node configured to; identify a security violation; match said security violation to one or more escalation rule(s) of a pre-defined set of escalation rules, wherein said escalation rule(s) determine how said security node is to respond to said security violation including whether to transmit or receive an escalation trigger or both, create said escalation trigger associated with said matched escalation rule(s), wherein said escalation trigger instructs said multiple network nodes to activate one of said predetermined escalating operational modes, and transmit said escalation trigger to said multiple network nodes to cause said multiple network nodes to operate in one of said two or more predetermined escalating operational modes in near-real time. - View Dependent Claims (32, 33, 34, 35)
-
Specification