公开(公告)号：WO2004051441A2

公开(公告)日：2004-06-17

申请号：PCT/GB0305219

申请日：2003-11-28

Applicant: IBM ,  IBM UK

Inventor： BAFFES PAUL THOMAS ,  GILFIX MICHAEL ,  GARRISON JOHN MICHAEL ,  HSU ALLAN ,  STADING TYRON JERROD

IPC: G06F1/00 ,  G06F9/30 ,  G06F11/30 ,  G06F11/36 ,  G06F15/00 ,  G06F21/00 ,  H04L12/24 ,  H04L29/06

CPC classification number: H04L63/1408 ,  G06F21/316 ,  G06F21/552 ,  G06F21/554 ,  G06F21/566 ,  G06F2221/2101 ,  H04L63/1458

Abstract: A method and system for managing an intrusion on a computer by graphically representing an intrusion pattern of a known past intrusion, and then comparing the intrusion pattern of the known intrusion with a current intrusion. The intrusion pattern may either be based on intrusion events, which are the effects of the intrusion or activities that provide a signature of the type of intrusion, or the intrusion pattern may be based on hardware topology that is affected by the intrusion. The intrusion pattern is graphically displayed with scripted responses, which in a preferred embodiment are presented in pop-up windows associated with each node in the intrusion pattern. Alternatively, the response to the intrusion may be automatic, based on a pre-determined percentage of common features in the intrusion pattern of the known past intrusion and the current intrusion.

Abstract translation: 用于通过图形地表示已知过去入侵的入侵模式来管理计算机上的入侵的方法和系统，然后将已知入侵的入侵模式与当前入侵进行比较。 入侵模式可以基于入侵事件，这是入侵或提供入侵类型的签名的活动的影响，或者入侵模式可能基于受入侵影响的硬件拓扑。 入侵模式以图形方式显示脚本响应，其在优选实施例中以与入侵模式中的每个节点相关联的弹出窗口中呈现。 或者，基于已知的过去入侵和当前入侵的入侵模式中的共同特征的预定百分比，对入侵的响应可以是自动的。

公开(公告)号：WO2004077201A3

公开(公告)日：2005-06-23

申请号：PCT/GB2004000583

申请日：2004-02-13

Applicant: IBM ,  IBM UK ,  GILFIX MICHAEL ,  MALCOLM JERRY WALTER ,  OKUNSEINDE FOLUSO OLAIYA ,  STADING TYRON JERROD ,  WILLIAMSON PAUL STUART ,  WINTERS SCOTT LEE

Inventor： GILFIX MICHAEL ,  MALCOLM JERRY WALTER ,  OKUNSEINDE FOLUSO OLAIYA ,  STADING TYRON JERROD ,  WILLIAMSON PAUL STUART ,  WINTERS SCOTT LEE

IPC: G06F9/46 ,  H04L29/06 ,  H04L29/08 ,  G06F9/44

CPC classification number: H04L67/2823 ,  G06F9/546 ,  H04L29/06 ,  H04L67/02 ,  H04L67/2838 ,  H04L67/327 ,  H04L67/34 ,  H04L69/08 ,  H04L69/329

Abstract: Systems and methods of application integration, including constructing an application integration adapter in dependence upon a profile including data describing the adapter, receiving instructions to alter the adapter, and altering the adapter in dependence upon the instructions. Embodiments of the invention include communicating integration messages among applications through the adapter as altered. In typical embodiments, receiving instructions to alter the adapter includes detecting changes in the adapter profile. In such embodiments, detecting changes in the adapter profile includes creating a copy of the profile, and periodically comparing the profile and the copy. In other exemplary embodiments, receiving instructions to alter the adapter includes receiving from an application an administrative integration message bearing the instructions to alter the adapter. In such embodiments, altering the adapter in dependence upon the instructions includes updating the profile.

Abstract translation: 应用程序集成的系统和方法，包括根据包括描述适配器的数据的简档构建应用程序集成适配器，接收改变适配器的指令，以及根据指令改变适配器。 本发明的实施例包括通过适配器在应用程序之间通过改变来通信集成消息。 在典型实施例中，接收改变适配器的指令包括检测适配器简档中的变化。 在这样的实施例中，检测适配器简档中的变化包括创建简档的副本，并且周期性地比较简档和副本。 在其他示例性实施例中，接收改变适配器的指令包括从应用程序接收带有改变适配器的指令的管理集成消息。 在这样的实施例中，根据指令改变适配器包括更新配置文件。

公开(公告)号：AU2003285563A1

公开(公告)日：2004-06-23

申请号：AU2003285563

申请日：2003-11-28

Applicant: IBM

Inventor： BAFFES PAUL THOMAS ,  GILFIX MICHAEL ,  GARRISON JOHN MICHAEL ,  HSU ALLAN ,  STADING TYRON JERROD

IPC: G06F1/00 ,  G06F9/30 ,  G06F11/30 ,  G06F11/36 ,  G06F15/00 ,  G06F21/00 ,  H04L12/24 ,  H04L29/06

Abstract: A method and system for managing an intrusion on a computer by graphically representing an intrusion pattern of a known past intrusion, and then comparing the intrusion pattern of the known intrusion with a current intrusion. The intrusion pattern may either be based on intrusion events, which are the effects of the intrusion or activities that provide a signature of the type of intrusion, or the intrusion pattern may be based on hardware topology that is affected by the intrusion. The intrusion pattern is graphically displayed with scripted responses, which in a preferred embodiment are presented in pop-up windows associated with each node in the intrusion pattern. Alternatively, the response to the intrusion may be automatic, based on a pre-determined percentage of common features in the intrusion pattern of the known past intrusion and the current intrusion.

公开(公告)号：AT341024T

公开(公告)日：2006-10-15

申请号：AT03778561

申请日：2003-11-28

Applicant: IBM

Inventor： BAFFES PAUL THOMAS ,  GILFIX MICHAEL ,  GARRISON JOHN MICHAEL ,  HSU ALLAN ,  STADING TYRON JERROD

IPC: G06F1/00 ,  G06F9/30 ,  G06F11/30 ,  G06F11/36 ,  G06F15/00 ,  G06F21/00 ,  H04L12/24 ,  H04L29/06

Abstract: A method and system for managing an intrusion on a computer by graphically representing an intrusion pattern of a known past intrusion, and then comparing the intrusion pattern of the known intrusion with a current intrusion. The intrusion pattern may either be based on intrusion events, which are the effects of the intrusion or activities that provide a signature of the type of intrusion, or the intrusion pattern may be based on hardware topology that is affected by the intrusion. The intrusion pattern is graphically displayed with scripted responses, which in a preferred embodiment are presented in pop-up windows associated with each node in the intrusion pattern. Alternatively, the response to the intrusion may be automatic, based on a pre-determined percentage of common features in the intrusion pattern of the known past intrusion and the current intrusion.

公开(公告)号：DE60308722D1

公开(公告)日：2006-11-09

申请号：DE60308722

申请日：2003-11-28

Applicant: IBM

Inventor： BAFFES THOMAS ,  GILFIX MICHAEL ,  GARRISON MICHAEL ,  HSU ALLAN ,  STADING TYRON JERROD

IPC: G06F1/00 ,  G06F9/30 ,  G06F11/30 ,  G06F11/36 ,  G06F15/00 ,  G06F21/00 ,  H04L12/24 ,  H04L29/06

Abstract: A method and system for managing an intrusion on a computer by graphically representing an intrusion pattern of a known past intrusion, and then comparing the intrusion pattern of the known intrusion with a current intrusion. The intrusion pattern may either be based on intrusion events, which are the effects of the intrusion or activities that provide a signature of the type of intrusion, or the intrusion pattern may be based on hardware topology that is affected by the intrusion. The intrusion pattern is graphically displayed with scripted responses, which in a preferred embodiment are presented in pop-up windows associated with each node in the intrusion pattern. Alternatively, the response to the intrusion may be automatic, based on a pre-determined percentage of common features in the intrusion pattern of the known past intrusion and the current intrusion.

公开(公告)号：CA2512432C

公开(公告)日：2013-02-05

申请号：CA2512432

申请日：2004-02-13

Applicant: IBM

Inventor： GILFIX MICHAEL ,  MALCOLM JERRY WALTER ,  OKUNSEINDE FOLUSO OLAIYA ,  STADING TYRON JERROD ,  WILLIAMSON PAUL STUART ,  WINTERS SCOTT LEE

IPC: G06F9/44 ,  G06F9/46 ,  H04L29/06 ,  H04L29/08

Abstract: Systems and methods of application integration, including constructing an application integration adapter in dependence upon a profile including data describing the adapter, receiving instructions to alter the adapter, and altering the adapter in dependence upon the instructions. Embodiments of the invention include communicating integration messages among applications through the adapter as altered. In typical embodiments, receiving instructions to alter the adapter includes detecting changes in the adapter profile. In such embodiments, detecting changes in the adapter profile includes creating a copy of the profile, and periodically comparing the profile and the copy. In other exemplary embodiments, receiving instructions to alter the adapter includes receiving from an application an administrative integration message bearing the instructions to alter the adapter. In such embodiments, altering the adapter in dependence upon the instructions includes updating the profile.

公开(公告)号：DE60308722T2

公开(公告)日：2007-08-16

申请号：DE60308722

申请日：2003-11-28

Applicant: IBM

Inventor： BAFFES THOMAS ,  GILFIX MICHAEL ,  GARRISON MICHAEL ,  HSU ALLAN ,  STADING TYRON JERROD

IPC: G06F1/00 ,  G06F9/30 ,  G06F11/30 ,  G06F11/36 ,  G06F15/00 ,  G06F21/00 ,  H04L12/24 ,  H04L29/06

Abstract: A method and system for managing an intrusion on a computer by graphically representing an intrusion pattern of a known past intrusion, and then comparing the intrusion pattern of the known intrusion with a current intrusion. The intrusion pattern may either be based on intrusion events, which are the effects of the intrusion or activities that provide a signature of the type of intrusion, or the intrusion pattern may be based on hardware topology that is affected by the intrusion. The intrusion pattern is graphically displayed with scripted responses, which in a preferred embodiment are presented in pop-up windows associated with each node in the intrusion pattern. Alternatively, the response to the intrusion may be automatic, based on a pre-determined percentage of common features in the intrusion pattern of the known past intrusion and the current intrusion.

公开(公告)号：CA2512432A1

公开(公告)日：2004-09-10

申请号：CA2512432

申请日：2004-02-13

Applicant: IBM

Inventor： WINTERS SCOTT LEE ,  GILFIX MICHAEL ,  WILLIAMSON PAUL STUART ,  STADING TYRON JERROD ,  MALCOLM JERRY WALTER ,  OKUNSEINDE FOLUSO OLAIYA

IPC: G06F9/46 ,  H04L29/06 ,  H04L29/08 ,  G06F9/44

Abstract: Systems and methods of application integration, including constructing an application integration adapter in dependence upon a profile including data describing the adapter, receiving instructions to alter the adapter, and altering the adapter in dependence upon the instructions. Embodiments of the invention include communicating integration messages among applications through the adapter as altered. In typical embodiments, receiving instructio ns to alter the adapter includes detecting changes in the adapter profile. In such embodiments, detecting changes in the adapter profile includes creating a copy of the profile, and periodically comparing the profile and the copy. In other exemplary embodiments, receiving instructions to alter the adapter includes receiving from an application an administrative integration message bearing the instructions to alter the adapter. In such embodiments, altering the adapter in dependence upon the instructions includes updating the profil e.

公开(公告)号：AU2003285563A8

公开(公告)日：2004-06-23

申请号：AU2003285563

申请日：2003-11-28

Applicant: IBM

Inventor： HSU ALLAN ,  GARRISON JOHN MICHAEL ,  GILFIX MICHAEL ,  STADING TYRON JERROD ,  BAFFES PAUL THOMAS

IPC: G06F1/00 ,  G06F9/30 ,  G06F11/30 ,  G06F11/36 ,  G06F15/00 ,  G06F21/00 ,  H04L12/24 ,  H04L29/06

Abstract: A method and system for managing an intrusion on a computer by graphically representing an intrusion pattern of a known past intrusion, and then comparing the intrusion pattern of the known intrusion with a current intrusion. The intrusion pattern may either be based on intrusion events, which are the effects of the intrusion or activities that provide a signature of the type of intrusion, or the intrusion pattern may be based on hardware topology that is affected by the intrusion. The intrusion pattern is graphically displayed with scripted responses, which in a preferred embodiment are presented in pop-up windows associated with each node in the intrusion pattern. Alternatively, the response to the intrusion may be automatic, based on a pre-determined percentage of common features in the intrusion pattern of the known past intrusion and the current intrusion.