Expert system having a plurality of security inspectors for detecting security flaws in a computer system
First Claim
1. A program resident in a computer system having a common memory means for controlling a processor to identify security flaws in said computer system comprising:
- a plurality of inspection modules, each one of said plurality of inspection modules adapted to enable said processor to perform a predetermined class of security check operations in said computer system to identify whether security flaws are present in said computer system, wherein each one of said plurality of inspection modules is further adapted to enable said processor to store indicia identifying located security flaws in said common memory means; and
a control module adapted to enable said processor to control processing for each one of said plurality of inspection modules in response to a security test request from an operator and for performing a security evaluation operation in connection with indicia stored in said common memory means during processing of said inspection modules.
2 Assignments
0 Petitions
Accused Products
Abstract
A new security system including a plurality of inspectors each of which performs a security check operation in connection with a particular class of possible security violation conditions. One inspector detects security violation conditions reflecting selection of passwords using easily-guessable formatives. Another inspector detects security violation conditions reflecting ability of a network node to improperly use another node over a network. A third inspector determines whether the operating system files have satisfactory protection. Finally, a fourth inspector determines whether security violation conditions arise in connection with applications programs. If, during a security check operation, an inspector determines that a security violation condition exists, it records the condition in a common working memory for further reporting or analysis.
249 Citations
47 Claims
-
1. A program resident in a computer system having a common memory means for controlling a processor to identify security flaws in said computer system comprising:
-
a plurality of inspection modules, each one of said plurality of inspection modules adapted to enable said processor to perform a predetermined class of security check operations in said computer system to identify whether security flaws are present in said computer system, wherein each one of said plurality of inspection modules is further adapted to enable said processor to store indicia identifying located security flaws in said common memory means; and a control module adapted to enable said processor to control processing for each one of said plurality of inspection modules in response to a security test request from an operator and for performing a security evaluation operation in connection with indicia stored in said common memory means during processing of said inspection modules. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method of checking the security of a computer system having a common memory which includes a plurality of storage locations for storing information, comprising:
-
performing a plurality of security flaw check operations by means resident within said computer system to identify whether security flaws are present; storing indicia identifying located security flaws in said common memory; controlling each of said plurality of security flaw check operations in response to a security flaw test request from an operator; and performing a security evaluation operation in connection with said stored indicia. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A security inspection system in a computer system comprising:
-
common memory means having a plurality of storage locations for storing information; a plurality of inspection means operative within the computer system, each performing a predetermined class of security check operations in connection with said computer system, for identifying security flaws in said computer system, said plurality of inspection means storing, in said common memory means, indicia identifying located security flaws; analyzing means for performing a security evaluation operation in connection with said indicia stored by said plurality of inspection means in said common memory means; and control means, resident within the computer system and connected to each one of said plurality of inspection means and said analyzing means, for controlling each one of said plurality of inspection means in response to a security test request from an operator. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47)
-
Specification