Patent · US Active

Policy specification framework for insider intrusions

US7870598B2 · kind B2 · utility

1Cited by

1References

20Claims

0Family size

Assignee

Tizor Systems, Inc. · US

Inventors

Pratyush Moghe · Stow, US
Narain H. Gehani · Summit, US

Key dates

Filing date	Aug 18, 2008
Grant date	Jan 11, 2011
Priority date	—
Expiry date	Aug 18, 2028

Classification

Technology area (CPC H)Electricity
CPC primaryH05K7/1495
WIPO fieldAudio-visual technology
WIPO sectorElectrical engineering

Abstract

This disclosure provides a policy specification framework to enable an enterprise to specify a given insider attack using a holistic view of a given data access, as well as the means to specify and implement one or more intrusion mitigation methods in response to the detection of such an attack. The policy specification provides for the use of “anomaly” and “signature” attributes that capture sophisticated behavioral characteristics of illegitimate data access. When the attack occurs, a previously-defined administrator (or system-defined) mitigation response (e.g., verification, disconnect, de-provision, or the like) is then implemented.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.