摘要 |
The present invention relates to an apparatus and a method for controlling a physical/IT security equipment based on a security incident response process comprising: a response process management part for determining a response policy according to information on the security incident detected by an integrated security system and generating information on processes to be performed; a response process processing part for performing the processes generated by the response process management part and generating unified commands for controlling the physical security equipment and the IT security equipment required to be linked with the response policy; a space calculation processing part for searching for the security equipment required to be linked with the response policy, performing the space calculation based on a space phase relation between a corresponding security equipment and a position of the security incident in order to calculate parameters necessary for controlling the searched security equipment; a control proxy agent based equipment controller for performing multiple connections between the physical security equipment and the IT security equipment and transmitting the control commands to a corresponding security equipment; and a database for storing the information on the security incident, the response policy and the scripts of the process. The present invention can take a unified measure with respect to a physical/IT security area against the incident at a converged security space and provide an extendable and flexible structure with respect to various possible security incident types and an addition to or a change of the security equipment. [Reference numerals] (10) Security incident analysis/detection unit;(110) Response process management part;(120) Response process processing part;(130) Space calculation processing part;(140) Equipment controller;(151) Security incident detection information DB;(152) Security equipment DB;(154) Response policy DB;(155) Process script repository;(160) GUI part;(20) Commercial security equipment (physical/IT} |