| 发明名称 | Method for adapting security policies of an information system infrastructure | ||
| 摘要 | The present invention refers to a method for adapting security policies of an information system infrastructure as a function of attacks on the system by storing potential attacks, their associated risks and curative security policies in a data repository, monitoring entering contents representing data streams of the information system, detecting at least one attack in the information system, assessing a success probability parameter of the at least one detected attack and its associated cost impact parameter, assessing an activation impact parameter of at least one curative security policy in response to the at least one detected attack and its associated cost impact parameter, deciding to activate or deactivate a curative security policy based on the success probability parameter of a detected attack, the activation impact parameter of associated curative security policies and the cost impact parameters of both an attack and associated curative security policies. | ||
| 申请公布号 | US8973092(B2) | 申请公布日期 | 2015.03.03 |
| 申请号 | US201113695822 | 申请日期 | 2011.05.05 |
| 申请人 | Alcatel Lucent | 发明人 | Kanoun Wael;Dubus Samuel;Cuppens Nora;Cuppens Frédéric |
| 分类号 | H04L29/06;G06F21/57 | 主分类号 | H04L29/06 |
| 代理机构 | Carmen Patti Law Group, LLC | 代理人 | Carmen Patti Law Group, LLC |
| 主权项 | 1. Method for adapting security policies of an information system infrastructure in function of attacks comprising the steps of: storing potential attacks and their associated risks in a data repository implemented in a hardware storage device; storing curative security policies in response of the potential attacks in a data repository said method further comprising the steps, implemented in a hardware processing means, of; monitoring entering contents representing data streams of the information system; detecting at least one attack in the information system; assessing a success probability parameter of the at least one detected attack and its associated cumulative cost impact parameter, further comprising the steps of generating attack strategy graphs based on the stored potential attacks and the detected at least one attack; and assessing the probability for the detected attack to reach its objective; assessing an activation impact parameter of at least one curative security policy in response to the at least one detected attack and its associated cumulative cost impact parameter; deciding of the activation or deactivation of a curative security policy in function of the success probability parameter of the, at least one, detected attack, of the activation impact parameter of at least one curative security policy and of the cumulative cost impact parameters of both the detected at least one attack and the at least one curative security policy. | ||
| 地址 | Boulogne-Billancourt FR | ||