Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Risk-based model for security policy management

a security policy and risk-based technology, applied in the field of information technology (it) systems security policy management, can solve the problems of affecting the environment, affecting the continuity and consistency of the environment, and changing the probability of both positive impact (effectiveness) and negative impact (loss of productivity)

Inactive Publication Date: 2013-02-28
IBM CORP
View PDF6 Cites 46 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

This patent describes a way to make a security policy management system more effective by enabling a user to model and visualize how changes to a policy will impact its effectiveness and the risk associated with it. The technique uses a tool that allows the user to create new versions of the policy and evaluate different scenarios to see what impact the policy change will have. This results in a more informed decision-making process for security policy changes.

Problems solved by technology

The specific values for attributes in a schema of any security policy can be modified, and such modifications may change the probability of both positive impact (effectiveness at managing risk) and negative impact (unhappy users, loss of productivity) on the environment which the policy is intended to protect.
Nevertheless, security policy management as a technology domain typically does not express policy explicitly in a way that recognizes the original purpose of risk management.
In this regard, most commercial policy management systems do not provide policy versioning; moreover, in those systems that do, policy versions do not link to risk assessment.
This gap is usually caused by the lack of continuity and consistency from the business view of information security through to the implementation in IT systems.
Existing security solutions typically use a predefined set of security levels and do not allow user-defined versions of policies to be configured.
They also do not provide any mechanism to enable a user to associate (with a security policy) a risk assessment determined by an organization.
More significantly, such approaches do not provide any reference to the potential negative impact of changing security levels.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Risk-based model for security policy management
  • Risk-based model for security policy management
  • Risk-based model for security policy management

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023]With reference now to the drawings and in particular with reference to FIGS. 1-2, exemplary diagrams of data processing environments are provided in which illustrative embodiments of the disclosure may be implemented. It should be appreciated that FIGS. 1-2 are only exemplary and are not intended to assert or imply any limitation with regard to the environments in which aspects or embodiments of the disclosed subject matter may be implemented. Many modifications to the depicted environments may be made without departing from the spirit and scope of the present invention.

[0024]With reference now to the drawings, FIG. 1 depicts a pictorial representation of an exemplary distributed data processing system in which aspects of the illustrative embodiments may be implemented. Distributed data processing system 100 may include a network of computers in which aspects of the illustrative embodiments may be implemented. The distributed data processing system 100 contains at least one ne...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A security policy management solution (such as a Data Loss Prevention (DLP) system) is augmented to enable a user to model and visualize how changes in a security policy may impact (positively or negatively) the effectiveness of a policy configuration as well as the risk associated with its deployment. This technique enables a user (e.g., a security policy administrator) to evolve enterprise information technology (IT) security policies and, in particular, to generate and display “what-if” scenarios by which the user can determine trade-offs between, on the one hand, the effectiveness of a proposed change to a policy, and on the other hand, the risk associated with the proposed change.

Description

BACKGROUND OF THE INVENTION[0001]1. Technical Field[0002]This disclosure relates generally to security policy management for information technology (IT) systems.[0003]2. Background of the Related Art[0004]Information security is the process of providing a set of controls to manage risk with an end goal of demonstrating compliance with a set of regulations. Security policies specify how a set of controls operate and therefore to what extent risk may be capable of being managed. The specific values for attributes in a schema of any security policy can be modified, and such modifications may change the probability of both positive impact (effectiveness at managing risk) and negative impact (unhappy users, loss of productivity) on the environment which the policy is intended to protect.[0005]For example, Data Loss Prevention (DLP) systems are well-known in the prior art and operate generally to identify, monitor use of, and to control user operations on, sensitive information within an ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/00
CPCG06F21/577
Inventor CHOI, CHRISTOPHER Y.READSHAW, NEIL I.
Owner IBM CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com