Security control verification and monitoring subsystem for use in a computer information database system
US8225409B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 23, 2006 |
| Grant date | Jul 17, 2012 |
| Priority date | — |
| Expiry date | Oct 19, 2028 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2101
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A security control verification and monitoring subsystem of a managed computer system performs security control verification operations regularly and for each security control verification operation determines the applicable security benchmark level for use by a given computer. The subsystem assigns security risk categories to groups of computers based, for example, on overall system or group administrator supplied potential impact settings and/or system type and business or information type selections. The subsystem further associates the security risk categories with security benchmark levels based on mapping information supplied by the overall system or group administrator. The subsystem then directs the computer to benchmark definition files based on the assigned security risk category, the associated security benchmark level and attributes of the computer. The subsystem performs the security control verification operations whenever the computer performs computer profile data update operations, and thus, monitors essentially continuously the security control compliance of the computer. The subsystem stores the results of the security verification operations and includes the res…
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.