| 发明名称 |
METHOD AND SYSTEM FOR RAPID ACCREDITATION/RE-ACCREDITATION OF AGILE IT ENVIRONMENTS, FOR EXAMPLE SERVICE ORIENTED ARCHITECTURE (SOA) |
| 摘要 |
A system and method for managing and analyzing security requirements in reusable models. At least one functional model, at least one security implementation model, at least one requirement model, and meta models of the models are read by a reader. A correspondence between the functional model, security implementation model, and the requirements model is analyzed, whereby the correspondence indicates that compliance/security/accreditation requirements defined in the requirement model match with security objectives implemented by controls defined by the security implementation model. Next, it is determined whether correspondence is or is not given based on the analysis of the correspondence and then evidence is generated based on the analysis of the correspondence and the determination and the impact of changes is analyzed. |
| 申请公布号 |
US2014366085(A1) |
申请公布日期 |
2014.12.11 |
| 申请号 |
US201414466382 |
申请日期 |
2014.08.22 |
| 申请人 |
Object Security LLC |
发明人 |
Lang Ulrich;Schreiner Rudolf |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for detecting and analyzing changes to an IT system and its security, the method comprising:
reading a current or previously stored evidence version relating to the IT system; normalizing the current evidence version; storing the current evidence version; reading one or more previously stored versions of the normalized evidence; identifying differences between the read normalized evidence versions; and determining whether a change has been detected based on the identified differences between the read normalized evidence versions. |
| 地址 |
Palo Alto CA US |
