System and method for assessing the security posture of a network

US 7,096,502 B1
Filed: 02/08/2000
Issued: 08/22/2006
Est. Priority Date: 02/08/2000
Status: Expired due to Term

First Claim

Patent Images

1. A method for assessing the security posture of a network comprising the steps of:

creating a system object model database representing a network, wherein the system object model database supports the information data requirements of separate, non-integrated network vulnerability analysis programs;

exporting the system object model database of the network to the separate, non-integrated network vulnerability/risk analysis programs, wherein each analysis program is operative to run as a separate program and produce an initial data source separate from any data sources produced by respective other programs also running to produce a plurality of initial data sources for creating the system object model database;

analyzing the network with each network vulnerability analysis program to produce data results from each program; and

correlating the data results of the network vulnerability analysis programs to determine the security posture of the network.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and data processing system assesses the security vulnerability of a network by creating a system object model database representing a network. The system object model database supports the information data requirements of disparate network vulnerability analysis programs. The system object model database is exported to the disparate network vulnerability analysis programs. The network is analyzed with each network vulnerability analysis program to produce data results from each program. Data results are correlated to determine the security posture of the network.

165 Citations

36 Claims

1. A method for assessing the security posture of a network comprising the steps of:
- creating a system object model database representing a network, wherein the system object model database supports the information data requirements of separate, non-integrated network vulnerability analysis programs;
  
  exporting the system object model database of the network to the separate, non-integrated network vulnerability/risk analysis programs, wherein each analysis program is operative to run as a separate program and produce an initial data source separate from any data sources produced by respective other programs also running to produce a plurality of initial data sources for creating the system object model database;
  
  analyzing the network with each network vulnerability analysis program to produce data results from each program; and
  
  correlating the data results of the network vulnerability analysis programs to determine the security posture of the network.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. A method according to claim 1, and further comprising the step of importing the system object model database to the network vulnerability analysis programs via an integrated application programming interface.
  - 3. A method according to claim 1, and further comprising the step of modeling the network as a map on a graphical user interface.
  - 4. A method according to claim 1, and further comprising the step of establishing a class hierarchy to define components of the network vulnerability analysis programs that share common data and programming traits.
  - 5. A method according to claim 1, and further comprising the step of correlating the data results of the network vulnerability analysis programs using fuzzy logic processing.
  - 6. A method according to claim 1, and further comprising the step of running the network vulnerability assessment/risk analysis programs to obtain data results pertaining to network system details, network topologies, node level vulnerabilities and network level vulnerabilities.

7. A method for assessing the security posture of a network comprising the steps of:
- creating a system object model database representing a network, wherein the system object model database supports the information data requirements of separate, non-integrated network vulnerability/risk analysis programs, wherein each analysis program is operative to run as a separate program and produce an initial data source separate from any data sources produced by respective other programs also running to produce a plurality of initial data sources for creating the system object model database;
  
  importing the system object model database of the network to the network vulnerability analysis programs through filters associated with each respective network vulnerability analysis program to export only the data required by a respective network vulnerability analysis program;
  
  analyzing the network with each network vulnerability analysis program to produce data results from each program; and
  
  correlating the data results of the network vulnerability analysis programs to determine the security posture of the network.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. A method according to claim 7, and further comprising the step of exporting the system object model database to the network vulnerability assessment/risk analysis programs via an integrated application programming interface.
  - 9. A method according to claim 7, and further comprising the step of modeling the network as a map on a graphical user interface.
  - 10. A method according to claim 7, and further comprising the step of establishing a class hierarchy to define components of the network vulnerability analysis programs that share common data and programming traits.
  - 11. A method according to claim 7, and further comprising the step of correlating the data results of the network vulnerability analysis programs using fuzzy logic processing.
  - 12. A method according to claim 7, and further comprising the step of running the network vulnerability analysis programs to obtain data results pertaining to network system details, network topologies, node level vulnerabilities and network level vulnerabilities.

13. A computer program that resides on a medium that can be read by a program, wherein the computer program comprises instructions to cause a computer to create a system object model database representing a network, wherein the system object model database supports the information data requirements of separate, non-integrated disparate network vulnerability analysis programs that analyze discrete network portions, wherein each analysis program is operative to run as a separate program and produce an initial data source separate from any data sources produced by respective other programs also running to produce a plurality of initial data sources for creating the system object model database;
- export the system object model database of the network to the network vulnerability analysis programs;
  
  analyze the network with each network vulnerability/risk analysis program to produce data results from each program; and
  
  correlate the data results of the network vulnerability analysis programs to determine the security posture of the network.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. A computer program according to claim 13, and further comprising instructions for displaying an integrated application programming interface, and exporting the system object model database to the network vulnerability analysis programs via the integrated application programming interface.
  - 15. A computer program according to claim 13, and further comprising instructions for modeling the network as a map on a graphical user interface.
  - 16. A computer program according to claim 13, and further comprising instructions for establishing a class hierarchy to define components of the network vulnerability analysis programs that share common data and programming traits.
  - 17. A computer program according to claim 13, and further comprising instructions for correlating the data results of the network vulnerability analysis programs using fuzzy logic processing.
  - 18. A computer program according to claim 13, and further comprising instructions for running the network vulnerability analysis programs to obtain data results that pertain to network system details, network topologies, node level vulnerabilities and network level vulnerabilities.

19. A computer program that resides on a medium that can be read by a program, wherein the computer program comprises instructions to cause a computer to create a system object model database representing a network, wherein the system object model database supports the information data requirements of separate, non-integrated network vulnerability analysis programs that analyze discrete network portions, wherein each analysis program is operative to run as a separate program and produce an initial data source separate from any data sources produced by respective other programs also running to produce a plurality of initial data sources for creating the system object model database;
- import the system object model database of the network to the network vulnerability analysis programs through filters associated with each respective network vulnerability analysis program so as to export only the data required by the respective network vulnerability analysis program;
  
  analyze the network with each network vulnerability analysis program to produce data results from each program; and
  
  correlate the data results of the network vulnerability analysis programs to determine the security posture of the network.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. A computer program according to claim 19, and further comprising instructions for displaying an integrated application programming interface, and exporting the system object model database to the network vulnerability analysis programs via the integrated application programming interface.
  - 21. A computer program according to claim 19, and further comprising instructions for modeling the network as a map on a graphical user interface.
  - 22. A computer program according to claim 19, and further comprising instructions for establishing a class hierarchy to define components of the network vulnerability analysis programs that share common data and programming traits.
  - 23. A computer program according to claim 19, and further comprising instructions for correlating the data results of the disparate network vulnerability analysis programs using fuzzy logic processing.
  - 24. A computer program according to claim 19, and further comprising instructions for running the network vulnerability analysis programs to obtain data results that pertain to network system details, network topologies, node level vulnerabilities and network level vulnerabilities.

25. A data processing system for assessing the security vulnerability of a network comprising:
- a plurality of separate, non-integrated network vulnerability/risk analysis programs used for analyzing a network;
  
  a system object model database that represents the network to be analyzed, wherein the system object model database supports the information data requirements of the network vulnerability/risk analysis programs, wherein each analysis program is operative to run as a separate program and produce an initial data source separate from any data sources produced by respective other programs also running to produce a plurality of initial data sources for creating the system object model database;
  
  an applications programming interface for exporting the system object model database of the network to the network vulnerability/risk analysis programs; and
  
  a processor for correlating the data results obtained from each network vulnerability analysis program after analyzing the network to determine the security posture of the network.
- View Dependent Claims (26, 27, 28, 29, 30)
- - 26. A data processing system according to claim 25, wherein the applications programming interface for importing the system object model database comprises a graphical user interface.
  - 27. A data processing system according to claim 25, and further comprising a graphical user interface that models the network as a map.
  - 28. A data processing system according to claim 25, and further comprising a graphical user interface for displaying the security posture of the network.
  - 29. A data processing system according to claim 25, wherein said database further comprises an object oriented class hierarchy to define components of the network vulnerability analysis programs that share common data and programming traits.
  - 30. A data processing system according to claim 25, wherein said processor comprises a fuzzy logic processor.

31. A data processing system for assessing the security vulnerability of a network comprising:
- a plurality of separate, non-integrated network vulnerability/risk analysis programs used for analyzing a network;
  
  a system object model database that represents the network to be analyzed, wherein the system object model database supports the information data requirements of each network vulnerability analysis program, wherein each analysis program is operative to run as a separate program and produce an initial data source separate from any data sources produced by respective other programs also running to produce a plurality of initial data sources for creating the system object model database;
  
  an applications programming interface for exporting the system object model database of the network to the separate, non-integrated network vulnerability analysis programs;
  
  a filter associated with the applications programming interface and each respective network vulnerability analysis program for filtering the system object model database and exporting only the required data requirements to each network vulnerability analysis program; and
  
  a processor for correlating the data results obtained from each network vulnerability analysis program after analyzing the network to determine the security posture of the network.
- View Dependent Claims (32, 33, 34, 35, 36)
- - 32. A data processing system according to claim 31, wherein the applications programming interface for importing the system object model database to comprises a graphical user interface.
  - 33. A data processing system according to claim 31, and further comprising a graphical user interface that models the network as a map.
  - 34. A data processing system according to claim 31, and further comprising a graphical user interface for displaying the vulnerability posture of the network.
  - 35. A data processing system according to claim 31, wherein said database further comprises an object oriented class hierarchy to define components of the network vulnerability analysis programs that share common data and programming traits.
  - 36. A data processing system according to claim 31, wherein said processor comprises a fuzzy logic processor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Harris Corporation (L3Harris Technologies, Inc.)
Original Assignee
Harris Corporation (L3Harris Technologies, Inc.)
Inventors
Fox, Kevin L., Henning, Ronda R., Farrell, John T., Miller, Clifford C.
Primary Examiner(s)
Sheikh, Ayaz
Assistant Examiner(s)
Abrishamkar, Kaveh

Application Number

US09/500,108
Time in Patent Office

2,387 Days
Field of Search

709/224, 714/37, 713/201, 726/25, 707/103, 707/8, 707/45
US Class Current

726/25
CPC Class Codes

H04L 41/28   Restricting access to netwo...

H04L 63/1433   Vulnerability analysis

Y10S 707/99938   Concurrency, e.g. lock mana...

System and method for assessing the security posture of a network

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

165 Citations

36 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for assessing the security posture of a network

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

165 Citations

36 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links