35 results about "Security as a service" patented technology

A system and a computer-based method for providing bundled services to a client application in a service call to a service system in a service provider computer system includes receiving a message defining an API service request comprising at least a parameter portion and a payload portion, determining at the gateway system an identity of an application transmitting the received message using identity information that has been established within the service provider computer system, providing, by a services platform, at least one of encryption services and decryption services for data contained in the payload portion using the parameters received in the parameter portion, managing key material for security of the data, and transmitting the encrypted data back to the calling application.

A cyber system including a method of providing cyber security as a service is provided. The cyber system may include an integrated architecture of defensive and offensive security procedures and processes that enable enterprises to practice safe, holistic security techniques. The plurality of cyber defense procedures may include a plurality of risk-based assessment procedures, a plurality of attack-prevention procedures, a plurality of detection procedures and a plurality of response and recovery procedures. The plurality of cyber offense procedures may include a plurality of cyber weapon procedures, a plurality of cyber Intelligence, surveillance and reconnaissance procedures, a plurality of information operations target exploitation procedures and a plurality of information operations attack procedures. The cyber system may also include a plurality of overlapping processes interconnecting the plurality of cyber offense procedures and plurality of cyber defense procedures. The plurality of overlapping processes may include a change management, a configuration management, a service desk and a service-level management. The change management may be structured within an enterprise for ensuring that changes in people, facilities, technology and/or processes are smoothly and successfully implemented to achieve lasting benefits. The configuration management may establish and maintain the consistency of a product's performance, functional and physical attributes with its requirements, design and operational information throughout its life. The service desk may provide the communication needs of the users, employees and customers. Service-level management may assess the impact of change on service quality and establish performance metrics and benchmarks.

In one implementation, traffic in a mobile network is offloaded to a security as a service server or a cloud server. A mobile access gateway (MAG) in the mobile network identifies one or more mobile nodes that are configured for communication on the mobile network. The MAG receives a message that includes an address of a mobile node and sends a request based on the message to the security as a service server. The MAG forwards traffic flows to the security as a service server according to the message, which is configured to detect an indication of malicious software in the traffic flows and/or filter content of the traffic flows according to a user profile.

A system and method for managing administration of security services provided to users includes a computer system and an operating system running on the computer system. A plurality of Virtual Execution Environments (VEEs) are executed on the computer system. The VEEs can be any of a Virtual Private Server, a Virtual Machine, a Hypervisor-based Virtual Machine, and a Lightweight Hypervisor-based Virtual Machine, a session of Terminal Server and a session of Presentation Server, Lightweight Hypervisor-based Virtual Machines, VMM-based VMs or hypervisor-based VMs. Each VEE provides a set of services to remote users. One or more designated VEE(s) provide security services to each of the VEEs based on the needs of the remote users of the particular VEEs. The security services provided by the designated VEE can be firewall services, spam filtering and anti-virus protection. The security services are controlled and administered by each of the VEEs requesting a particular service via control means of the designated VEE(s).

A cloud infrastructure security assurance service is enhanced to facilitate bursting of cloud applications into other cloud infrastructures. The security assurance service provides a mechanism to enable creation and management of secure application zones within a cloud infrastructure. When the security assurance service receives an indication that a workload associated with a cloud application triggers a cloud burst, the service is extended into a new cloud infrastructure. Once the security assurance service is instantiated in the new cloud infrastructure, it identifies the broad security requirements of the application, as well as the security capabilities of the new environment. Using this information, the security assurance service computes a minimal security environment needed by the cloud application for the burst operation. The security assurance service then configures the necessary topology in the new cloud environment, and the burst operation is then completed by having the cloud application deployed in that topology.

The invention discloses an internet risk management method based on security as service. The method comprises the following steps: receiving a website access request transmitted from a user, and returning an IP address which corresponds to the website access request to the user so that the user can visit a website server through the IP address; and monitoring the website server, and returning a mistaken interface to the user who visits the website when a website in which security events occur in the website server. According to the internet risk management method provided by an embodiment, the website server is detected through cloud detection; when the security events occur, website access operation of the user is intercepted automatically, and response is in time; and steps of deployment of security equipment such as a firewall are omitted, and the running and maintenance cost is low. Meanwhile, only the ability of cloud detection and monitoring of the security events needs to be updated, and the protecting ability of the system to a website server can be improved. The invention further discloses an internet risk management system, and the technical effect can also be achieved.

The invention provides a distributed encrypted service gateway and an implementation method thereof. The gateway comprises a basic network service sub-system, a security service sub-system and a communication service sub-system communicating with each other, wherein both the basic network service sub-system and the security service sub-system communicate with a user application via the communication service sub-system. The method comprises the steps of providing a basic gateway; configuring the basic network service sub-system and the communication service sub-system on the basic gateway; and configuring the security service sub-system on the basic gateway, thus acquiring the distributed encrypted service gateway, wherein the security service sub-system provides security service for the basic gateway via an encrypted server cluster can be accesses remotely. According to the gateway and the implementation method thereof provided by the invention, security service, network service and reliable and flexible gateway of application server for the user application via the distributed software and hardware system module, extremely high redundancy and expansibility are provided, the Internet application security requirement in the age of big data can be met, and a reliable path is provided for secure utilization and flexible control of the network.

The invention discloses a security service system for a cloud computation center. The system comprises a cloud computation center basic security service engine core module, a virtualization layer management module, an upper layer service open interface and a third-party platform open API (Application Program Interface), wherein the cloud computation center basic security service engine core module is used for managing security service arrangement, managing calculation resources, network resources and storage resources of basic resources, and performing continuous security monitoring on the basic resources; and the cloud computation center basic security service engine core module is connected with the virtualization layer security management module, the upper layer service open interface and the third-party platform open API.

The invention discloses a system for distributing cloud security resources, which is connected with a cloud service platform for providing user business application computing storage resources, and comprises a cloud security resource pool of a plurality of security service components, a user-oriented user platform, an operator-oriented operation platform and a security service provider-oriented security ecological platform. A selectable cloud security resource adaptation service and a visual channel are provided for a user, so that the user can effectively configure and use the cloud security resources as required, a cloud security resource operator can operate and create the security ecology, the security requirements of all parties are met, the cloud security resource ecological operation capability for continuously resisting new security threats is created, and the user experience is improved. The method has the characteristics of safety as a service, visual full threat, complete decoupling, clear safety responsibility, operable platform, ecological sustainability and the like.

The invention provides a method for building a desktop cloud virtual trust safety wall. A TCM serves as a trust root, a safety wall trust chain and a basic trust chain together form a two-dimensional trust chain, the virtual trust safety wall can move along with virtual desktops synchronously, the two-dimensional trust chain is built, and a trust relationship can be expanded to a whole desktop cloud system from the trust root through the two-dimensional trust chain. By means of a virtual trust safety wall system structure, on the basis of a trust computing basis platform, a virtual trust safety wall is built for each virtual desktop, and a desktop visit method high in safety and instantaneity is provided for business application. For enhancing the safety of desktop cloud, the two-dimensional trust chain is formed by the safety wall trust chain and the basis trust chain, and the trust relationship is expanded to the whole desktop cloud system from the trust root. Aiming at dynamic characteristics of the cloud environment, the virtual trust safety wall has the capability of moving along with the virtual desktops dynamically, and the aim of 'safe service' can be achieved.

Systems and methods for providing security services during a power management mode are disclosed. In some embodiments, a method comprises detecting with a mobile security system a wake event on a mobile device, providing from the mobile security system a wake signal, the providing being in response to the wake event to wake a mobile device from a power management mode, and managing with the mobile security system security services of the mobile device. Managing security services may comprise scanning a hard drive of the mobile devices for viruses and/or other malware. Managing security services may also comprise updating security applications or scanning the mobile device for unauthorized data.

The invention discloses a system and a method using dedicated computer security services. The exemplary method includes the steps of: storing a rule indicating when a first cloud service or a second cloud service is used in the security services in an electronic database; receiving a request visiting the security services from a client computer; determining parameters relevant to the received request; applying the parameters to multiple rules to determine to indicate an instruction whether a request is transferred to the first cloud service or the second cloud service; and transmitting the request to the first cloud service or the second cloud service to use at least a security service based on the instruction.

The invention discloses an urban mobile comprehensive management and service platform, and belongs to the technical field of network platforms. The urban mobile comprehensive management and service platform is characterized by including a front end and a background. The front end is a mobile client. The background provides services for the front end. The services include a data service, a function service, a filtering service and a security service. The data service includes providing required data for the front end, and the data is obtained by carrying out online requests to all government department or agency websites. The function service is a necessary additional feature of uniformity planning a variety of network services. The filtering service means that feedback data streams received from other servers are fed back to the mobile client after necessary information is filtered out. The security service ensures that the data requested by the mobile client are not used for bad purposes. The platform is convenient to use, and integrates online affair handling services provided by relevant governments into one mobile terminal.