Method and system for modeling, analysis and display of network security events
US7293287B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 24, 2002 |
| Grant date | Nov 6, 2007 |
| Priority date | — |
| Expiry date | Apr 14, 2025 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method and system is disclosed for cross-correlating information between the domains of network management and network security. The present invention discloses a model representing the security domain that can be used to define relationship between devices and events in the security domain in the context of a managed network. With this model, a security topology of the network security domain can be created based on the current implementation of the network. This model and topology allows the present invention to correlate relevant network security information to diagnose problems as they occur by using events detected within the network. Using the disclosed method and system for correlating information in the network security, the present invention provides further enhancements over conventional methods by cross-correlating information between the network security and network management domains to aid in their detection and analysis of problems. Cross-correlating information across network security and network management domains enhances the ability of the present invention to diagnose problems that may arise in the network to allow an operator to get a more complete view of th…
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.