Method and apparatus for verifying the integrity of computer networks and implementation of counter measures
First Claim
Patent Images
1. ) A security system for a computer connected to a network of computers comprising:
- at least one security subsystem associated with said computer, said subsystem configured to detect attacks on said computer;
and a secure link between said security subsystem and a master system enabling data communication therebetween;
wherein said master system monitors said security subsystem through said secure link and registers information pertaining to attacks detected by said security subsystem.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for verifying the integrity of devices on a target network having two components: a subsystem connected to the target network, and a master system, isolated therefrom by a secure link. The topological and hierarchical relationship of the of the devices to each other improves stability of the apparatus. Random testing of target network devices by the subsystem and random testing of the subsystem by the master system provide verification and independent self-checking.
60 Citations
12 Claims
-
1. ) A security system for a computer connected to a network of computers comprising:
-
at least one security subsystem associated with said computer, said subsystem configured to detect attacks on said computer;
and a secure link between said security subsystem and a master system enabling data communication therebetween;
whereinsaid master system monitors said security subsystem through said secure link and registers information pertaining to attacks detected by said security subsystem. - View Dependent Claims (2, 3, 4)
-
-
5. ) A network security system for a target network of computers comprising:
-
at least one security subsystem associated with said target network, said subsystem configured to detect attacks on said network; and
a secure link between said security subsystem and a master system enabling data communication therebetween;
whereinsaid master system monitors said security subsystem through said secure link and registers information pertaining to the attacks detected by said security subsystem. - View Dependent Claims (6, 7)
-
-
8. ) A network security system for a target network of computers comprising:
-
at least one security subsystem associated with said target network and configured to detect and register attacks on said target network;
a secure link for data communication between said security subsystem and said master system; and
testing means associated with said master system for generating pseudo-attacks on said target network initiated by said master system and detectable by said security subsystem;
whereinsaid master system monitors said security subsystem through said secure link by comparing the pseudo-attacks generated by said testing means to the detected attacks registered by said security subsystem. - View Dependent Claims (9, 10)
-
-
11. ) A method for monitoring the integrity of a security subsystem associated with a target network of computers and configured to detect attacks on said network of computers comprising:
-
establishing a secure link for the transfer of data between said security subsystem and a master system hierarchically independent from said security subsystem;
monitoring the status of said security subsystem through said secure link; and
registering information pertaining to the status of said security subsystem. - View Dependent Claims (12)
-
Specification