Method for adapting security policies of an information system infrastructure
US8973092B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 5, 2011 |
| Grant date | Mar 3, 2015 |
| Priority date | — |
| Expiry date | Jul 31, 2031 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1441
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The present invention refers to a method for adapting security policies of an information system infrastructure as a function of attacks on the system by storing potential attacks, their associated risks and curative security policies in a data repository, monitoring entering contents representing data streams of the information system, detecting at least one attack in the information system, assessing a success probability parameter of the at least one detected attack and its associated cost impact parameter, assessing an activation impact parameter of at least one curative security policy in response to the at least one detected attack and its associated cost impact parameter, deciding to activate or deactivate a curative security policy based on the success probability parameter of a detected attack, the activation impact parameter of associated curative security policies and the cost impact parameters of both an attack and associated curative security policies.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.