专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

21. 发明申请

US20080229422A1 Enterprise security assessment sharing 有权
标题翻译：企业安全评估共享
公开(公告)号：US20080229422A1
公开(公告)日：2008-09-18
申请号：US11724061
申请日：2007-03-14
申请人： Efim Hudis , Yair Helman , Joseph Malka , Uri Barash
发明人： Efim Hudis , Yair Helman , Joseph Malka , Uri Barash
IPC分类号： G06F11/00
CPC分类号： H04L63/20 , G06F21/552 , G06F21/577 , H04L41/0803 , H04L41/0893 , H04L63/1425
摘要： An enterprise-wide sharing arrangement uses a semantic abstraction, called a security assessment, to share security-related information between different security products, called endpoints. A security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information that is collected about an object of interest. Its tentative nature is reflected in two of its components: a fidelity field used to express the level of confidence in the assessment, and a time-to-live field for an estimated time period for which the assessment is valid. Endpoints may publish security assessments onto a security assessment channel, as well as subscribe to a subset of security assessments published by other endpoints. A specialized endpoint is coupled to the channel that performs as a centralized audit point by subscribing to all security assessments, logging the security assessments, and also logging the local actions taken by endpoints in response to security threats.
摘要翻译：企业级共享安排使用称为安全评估的语义抽象来共享称为端点的不同安全产品之间的安全相关信息。安全评估被定义为由更广泛的语境意义的端点对关于感兴趣的对象收集的信息的暂时分配。其暂定性质体现在其两个组成部分：用于表达对评估的信心程度的忠实领域，以及评估有效的估计时间段的实时生存领域。端点可以将安全评估发布到安全评估通道上，并订阅其他端点发布的安全评估子集。通过订阅所有安全性评估，记录安全性评估以及记录端点响应安全威胁所采取的本地操作，专用端点与作为集中审核点执行的通道相连。

22. 发明申请

US20100125912A1 ESTIMATING AND VISUALIZING SECURITY RISK IN INFORMATION TECHNOLOGY SYSTEMS 有权
标题翻译：信息技术系统的安全风险估算和可视化
公开(公告)号：US20100125912A1
公开(公告)日：2010-05-20
申请号：US12274309
申请日：2008-11-19
申请人： Adar Greenshpon , Ron Karidi , Yair Helman , Shai Aharon Rubin
发明人： Adar Greenshpon , Ron Karidi , Yair Helman , Shai Aharon Rubin
IPC分类号： G06F12/14 , G06N5/04
CPC分类号： H04L63/1433 , G06F21/577
摘要： Security risk for a single IT asset and/or a set of IT assets in a network such as an enterprise or corporate network may be estimated and represented in a visual form by categorizing risk into different discrete levels. The IT assets may include both computing devices and users. The risk categorization uses a security assessment of an IT asset that is generated to indicate the type of security problem encountered, the severity of the problem, and the fidelity of the assessment. The asset value of an IT asset to the enterprise is also assigned. Security risk is then categorized (and a numeric risk value provided) for each IT asset for different problem types by considering the IT asset value along with the severity and fidelity of the security assessment. The security risk for the enterprise is estimated using the numeric risk value and then displayed in visual form.
摘要翻译：通过将风险分为不同的离散级别，可以以视觉形式估计和表示单个IT资产和/或网络中企业或公司网络中的一组IT资产的安全风险。 IT资产可能包括计算设备和用户。风险分类使用IT资产的安全评估来产生，以指示遇到的安全问题的类型，问题的严重性和评估的忠实度。 IT资产对企业的资产价值也被分配。然后通过考虑IT资产价值以及安全性评估的严重性和保真度，为不同问题类型的每个IT资产对安全风险进行分类（并提供数值风险值）。使用数字风险值估算企业的安全风险，然后以视觉形式显示。

23. 发明授权

US06505190B1 Incremental filtering in a persistent query system 有权
标题翻译：持续查询系统中的增量过滤
公开(公告)号：US06505190B1
公开(公告)日：2003-01-07
申请号：US09606431
申请日：2000-06-28
申请人： Dov Harel , Yair Helman , Uri Barash
发明人： Dov Harel , Yair Helman , Uri Barash
IPC分类号： G06F1730
CPC分类号： G06F17/30699 , G06F17/30693 , Y10S707/99932
摘要： A system and method track changes to a document and analyze the changes to the document against a set of predefined queries without re-analyzing the entire document. Hence, after a document has been processed in the system (i.e., had its terms matched against the set of predefined queries), only a small subset of the document needs to be reprocessed and analyzed after changes (i.e., edits) are made. The analysis of the small subset is accomplished by maintaining an incremental-results data set for each document. The incremental-results data set is much smaller than the actual document, only comprising a set of unique words found in a document. After a document is changed, only the words deleted or added to the changed portion are used to update the incremental-results data set.
摘要翻译：系统和方法跟踪文档的更改，并根据一组预定义查询分析文档的更改，而无需重新分析整个文档。因此，在系统中处理了文档（即，其术语与预定义查询集合匹配）之后，在进行改变（即，编辑）之后，仅需要对文档的一小部分进行再处理和分析。通过维护每个文档的增量结果数据集来实现小子集的分析。增量结果数据集远小于实际文档，只包含文档中找到的一组唯一字。更改文档后，仅使用删除或添加到更改的部分的单词来更新增量结果数据集。

24. 发明授权

US08402546B2 Estimating and visualizing security risk in information technology systems 有权
标题翻译：估计和可视化信息技术系统中的安全风险
公开(公告)号：US08402546B2
公开(公告)日：2013-03-19
申请号：US12274309
申请日：2008-11-19
申请人： Adar Greenshpon , Ron Karidi , Yair Helman , Shai Aharon Rubin
发明人： Adar Greenshpon , Ron Karidi , Yair Helman , Shai Aharon Rubin
IPC分类号： H04L29/06
CPC分类号： H04L63/1433 , G06F21/577
摘要： Security risk for a single IT asset and/or a set of IT assets in a network such as an enterprise or corporate network may be estimated and represented in a visual form by categorizing risk into different discrete levels. The IT assets may include both computing devices and users. The risk categorization uses a security assessment of an IT asset that is generated to indicate the type of security problem encountered, the severity of the problem, and the fidelity of the assessment. The asset value of an IT asset to the enterprise is also assigned. Security risk is then categorized (and a numeric risk value provided) for each IT asset for different problem types by considering the IT asset value along with the severity and fidelity of the security assessment. The security risk for the enterprise is estimated using the numeric risk value and then displayed in visual form.
摘要翻译：通过将风险分为不同的离散级别，可以以视觉形式估计和表示单个IT资产和/或网络中企业或公司网络中的一组IT资产的安全风险。 IT资产可能包括计算设备和用户。风险分类使用IT资产的安全评估来产生，以指示遇到的安全问题的类型，问题的严重性和评估的忠实度。 IT资产对企业的资产价值也被分配。然后通过考虑IT资产价值以及安全性评估的严重性和保真度，为不同问题类型的每个IT资产对安全风险进行分类（并提供数值风险值）。使用数字风险值估算企业的安全风险，然后以视觉形式显示。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式