Invention Grant
- Patent Title: Enterprise information asset protection through insider attack specification, monitoring and mitigation
- Patent Title (中): 企业信息资产保护通过内部人员攻击规范,监测和减轻
-
Application No.: US10950070Application Date: 2004-09-24
-
Publication No.: US08880893B2Publication Date: 2014-11-04
- Inventor: Pratyush Moghe , Narain Gehani , Peter T. Smith
- Applicant: Pratyush Moghe , Narain Gehani , Peter T. Smith
- Applicant Address: NL Amsterdam
- Assignee: IBM International Group B.V.
- Current Assignee: IBM International Group B.V.
- Current Assignee Address: NL Amsterdam
- Agency: Edell, Shapiro & Finnan, LLC
- Agent Mohammed Kashef
- Main IPC: H04K1/00
- IPC: H04K1/00 ; G06F21/31 ; H04L29/06 ; G06F21/55
Abstract:
The present invention provides a policy specification framework to enable an enterprise to specify a given insider attack using a holistic view of a given data access, as well as the means to specify and implement one or more intrusion mitigation methods in response to the detection of such an attack. The policy specification provides for the use of “anomaly” and “signature” attributes that capture sophisticated behavioral characteristics of illegitimate data access. When the attack occurs, a previously-defined administrator (or system-defined) mitigation response (e.g., verification, disconnect, de-provision, or the like) is then implemented.
Public/Granted literature
Information query
