WO2007110877A2 - An intelligent security management system on a network - Google Patents

An intelligent security management system on a network Download PDF

Info

Publication number
WO2007110877A2
WO2007110877A2 PCT/IN2007/000108 IN2007000108W WO2007110877A2 WO 2007110877 A2 WO2007110877 A2 WO 2007110877A2 IN 2007000108 W IN2007000108 W IN 2007000108W WO 2007110877 A2 WO2007110877 A2 WO 2007110877A2
Authority
WO
WIPO (PCT)
Prior art keywords
network
security management
management system
intelligent security
computer
Prior art date
Application number
PCT/IN2007/000108
Other languages
French (fr)
Other versions
WO2007110877A3 (en
Inventor
George John Thekkethil
Original Assignee
Trinity Future-In Private Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Trinity Future-In Private Limited filed Critical Trinity Future-In Private Limited
Publication of WO2007110877A2 publication Critical patent/WO2007110877A2/en
Publication of WO2007110877A3 publication Critical patent/WO2007110877A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Definitions

  • the present invention provides a new means for Security Management System for monitoring network traffic and more particularly the present invention provides an electronic mechanism for monitoring network traffic and prohibits unauthorized Internet access or Internet Downloads.
  • the present invention provides an electronic means of managing the file system over the Internet.
  • Security is generally defined as the freedom from danger or as the condition of safety.
  • Computer security specifically, is the protection of data in a system against unauthorized disclosure, modification, or destruction and protection of the computer system itself against unauthorized use, modification, or denial of service.
  • Managing computer and network security programs has become an increasingly difficult and challenging job. Dramatic advances in computing and communications technology during the past few years have redirected the focus of data processing from the computing center to the terminals in individual offices and homes. The result is that managers must now monitor security on a more widely dispersed level. These changes are continuing to accelerate, making the security manager's job increasingly difficult.
  • IP Internet Protocol
  • a gateway device is provided, wherein the device is configured to initiate communication with a client device to notify the client device of detected network events and to query the user for action.
  • a method of managing a gateway device includes: detecting an unauthorized network event, transmitting from the gateway device to a client device over a local area network (LAN) a message indicating the detection of the unauthorized or unexpected network event and requesting a response from a user of the client device, receiving the response from the client device, and handling the unauthorized or unexpected network event pursuant to the response from the client device.
  • LAN local area network
  • the gateway device (will be a router) to a client device over a local area network (LAN), i.e. it checks unauthorized network event in the downloading informations.
  • LAN local area network
  • the present invention 'an Intelligent Security Management System on a Network' checks or valid and invalid requests from the client system itself.
  • This prior art requests the user to select an action from the list of actions comprising: allow the network traffic and block the network traffic.
  • the present invention 'an Intelligent Security Management System on a Network' doesn 't request user.
  • This prior art uses router as a gateway but present invention 'an Intelligent Security Management System on a Network' uses a complete specific target oriented device.
  • This policy-based network security management system comprises a security management controller comprising one or more processors; a computer- readable medium carrying one or more sequences of instructions for policy-based network security management, wherein execution of the one or more sequences of instructions by the one or more processors causes the one or more processors to perform the steps of receiving a set of data regarding a user of a computer network; automatically deciding on a course of action based on the set of data, wherein the course of action may be adverse to the user although the set of data is insufficient to establish whether the user is performing a malicious action; and sending signals to one or more network elements in the computer network to implement the decision.
  • controller unit receives security data, via alert unit, from external alert source. But in the present invention, controller unit receives complete requests from the client computer via ad takes action according to the processor's signa, and a special external alert system is not required.
  • the data from external alert source may be information such as the likelihood of a terrorist attack, sabotage, act of war, criminal activity, other types of malicious acts, natural disasters, or other incidents that may affect network security.
  • the data from external alert source may be information such as the likelihood of a terrorist attack, sabotage, act of war, criminal activity, other types of malicious acts, natural disasters, or other incidents that may affect network security.
  • Main object of the present invention is to provide a new means for an Intelligent Security
  • Another object of the present invention is to provide an electronic mechanism for monitoring network traffic and to prohibit unauthorized Internet access.
  • Still another object of the present invention is to provide an electronic based system for managing the file system over the Internet
  • Fig (1) represents the Intelligent Security Management System (13) wherein (1), (2), (3), (4), (5), (6) are the connectors of the Intelligent Security Management System through which the computers are connected to a server system (12), (7) is the smart processor, (8) is the controller, (9) and (10) are the memory storage units and the memory storage unit (10) is connected to a computer (11).
  • DETAILED DESCRIPTION :
  • an Intelligent Security Management System which comprises: - a smart processor (7), which is responsible for the processing of all the requests of the clients (1) to (6). It analyses the valid and invalid request from the users connected to the network through connectors (1) to (6).
  • This smart processor unit uses the data from the memory unit (9) where all the valid and invalid Internet requests are stored for reference; a controller (8) which is responsible for blocking the invalid requests from entering into server system (12) interconnects between the client and the server system (12).
  • the controller (8) monitors the network request and takes action according to smart processor unit's signal. The results that are monitored are transferred to computer (11) via memory unit (10) and the network follows the architecture of the client and server system (12).
  • the Intelligent Security Management System on a Network device will transfer the request to server system and the client can access the same.

Abstract

An Intelligent Security Management System is a system that monitors the activities within a group of computer systems on a network. It acts as a network barrier that understands valid and invalid activities of a user under constrained environment. These valid or invalid activities are monitored or controlled by the system administrator and acknowledge the same. It monitors the utility of the resources on a network and optimizes the resources in the network. The network interchange does not affect the performance of the intelligent security management system.

Description

"AN INTELLIGENT SECURITY MANAGEMENT SYSTEM ON A NETWORK"
FIELD OF THE INVENTION:
The present invention provides a new means for Security Management System for monitoring network traffic and more particularly the present invention provides an electronic mechanism for monitoring network traffic and prohibits unauthorized Internet access or Internet Downloads.
More particularly the present invention provides an electronic means of managing the file system over the Internet.
BACKGROUND ART:
Security is generally defined as the freedom from danger or as the condition of safety. Computer security, specifically, is the protection of data in a system against unauthorized disclosure, modification, or destruction and protection of the computer system itself against unauthorized use, modification, or denial of service. Managing computer and network security programs has become an increasingly difficult and challenging job. Dramatic advances in computing and communications technology during the past few years have redirected the focus of data processing from the computing center to the terminals in individual offices and homes. The result is that managers must now monitor security on a more widely dispersed level. These changes are continuing to accelerate, making the security manager's job increasingly difficult.
Internet Service providers are very much concerned about the stability and security of Internet Protocol (IP) networks. According to several wireless network operators, the major source of concern is the high- volume of malicious user traffic, especially when the network utilization and latency are high. These concerns threatens the service providers, that existing network operating systems and procedures are inadequate or traffic analysis is too cumbersome, for the purpose of malicious user detection. Result- is the collapsing of the network before the analysis is completed and the results are understood.
Reference may be made to the US Publication No. 2006/0272014, Al, McRae; Matthew B, et al; wherein it has been disclosed that: A gateway device is provided, wherein the device is configured to initiate communication with a client device to notify the client device of detected network events and to query the user for action. A method of managing a gateway device is provided. The method includes: detecting an unauthorized network event, transmitting from the gateway device to a client device over a local area network (LAN) a message indicating the detection of the unauthorized or unexpected network event and requesting a response from a user of the client device, receiving the response from the client device, and handling the unauthorized or unexpected network event pursuant to the response from the client device.
According to this prior art application, it detects an unauthorized network event, transmitting from the gateway device (will be a router) to a client device over a local area network (LAN), i.e. it checks unauthorized network event in the downloading informations. But the present invention 'an Intelligent Security Management System on a Network' checks or valid and invalid requests from the client system itself.
This prior art requests the user to select an action from the list of actions comprising: allow the network traffic and block the network traffic. But the present invention 'an Intelligent Security Management System on a Network' doesn 't request user.
This prior art uses router as a gateway but present invention 'an Intelligent Security Management System on a Network' uses a complete specific target oriented device.
Reference may also be made to the International Application No.: PCT/US2004/033828, RAYES, Ammar, et al; wherein it has been disclosed that: This policy-based network security management system comprises a security management controller comprising one or more processors; a computer- readable medium carrying one or more sequences of instructions for policy-based network security management, wherein execution of the one or more sequences of instructions by the one or more processors causes the one or more processors to perform the steps of receiving a set of data regarding a user of a computer network; automatically deciding on a course of action based on the set of data, wherein the course of action may be adverse to the user although the set of data is insufficient to establish whether the user is performing a malicious action; and sending signals to one or more network elements in the computer network to implement the decision. In this prior art application, controller unit receives security data, via alert unit, from external alert source. But in the present invention, controller unit receives complete requests from the client computer via ad takes action according to the processor's signa, and a special external alert system is not required.
In this prior art, the data from external alert source may be information such as the likelihood of a terrorist attack, sabotage, act of war, criminal activity, other types of malicious acts, natural disasters, or other incidents that may affect network security. Hence this clearly indicated that, it is not for Corporate Security as mentioned in the present invention.
OBJECT OF THE PRESENT INVENTION:
Main object of the present invention is to provide a new means for an Intelligent Security
Management System, which obviates the drawbacks of the prior art.
Another object of the present invention is to provide an electronic mechanism for monitoring network traffic and to prohibit unauthorized Internet access.
Still another object of the present invention is to provide an electronic based system for managing the file system over the Internet
BRIEF DESCRIPTION OF THE DRAWINGS:
In the drawing accompanying this specification, Fig (1) represents the Intelligent Security Management System (13) wherein (1), (2), (3), (4), (5), (6) are the connectors of the Intelligent Security Management System through which the computers are connected to a server system (12), (7) is the smart processor, (8) is the controller, (9) and (10) are the memory storage units and the memory storage unit (10) is connected to a computer (11). DETAILED DESCRIPTION:
Accordingly the present invention provides an Intelligent Security Management System, which comprises: - a smart processor (7), which is responsible for the processing of all the requests of the clients (1) to (6). It analyses the valid and invalid request from the users connected to the network through connectors (1) to (6). This smart processor unit uses the data from the memory unit (9) where all the valid and invalid Internet requests are stored for reference; a controller (8) which is responsible for blocking the invalid requests from entering into server system (12) interconnects between the client and the server system (12). The controller (8) monitors the network request and takes action according to smart processor unit's signal. The results that are monitored are transferred to computer (11) via memory unit (10) and the network follows the architecture of the client and server system (12).
EXAMPLE:
Consider a Corporate network, where all the client systems are interconnected to a centralized server system. If this Corporate Network adapted An Intelligent Security Management System on a Network device, it can easily prevent its staffs from using unauthorized Internet service. For example: If that organization does not want their employees to access www.gmail.com service, employees can't access this service at any cost. The details of this site will be stored in a memory storage unit from where smart processor fetches instructions for processing of the client's requests. If any staff requests for this site, Intelligent Security Management System on a Network device analyzes this request and blocks and send details to a computer dedicated for this purpose only. These details include the information about client system requested, time of request, requested Internet site and other relevant information.
If the employee requests for Internet service other than the blocked sites then the Intelligent Security Management System on a Network device will transfer the request to server system and the client can access the same.

Claims

ADVANTAGES:1) Intelligent monitoring system2) This system can track the activities over the Internet3) Illegal usage of Internet is blocked4) Peer-Peer network monitoring can be achieved5) It maximizes the resource utilization over the computer network monitoring capabilities when the computer is connected back into the network.CLAIMS:
1. An Intelligent Security Management System on a Network contains: a smart processor (7), connectors (1), (2), (3), (4), (5), (6), a server system (12), a controller (8), (9) and (10) are the memory storage means and a computer (11).
2. An Intelligent Security Management System on a Network as claimed in claim 1, wherein the device comprises of a smart processor (7), a controller (8), memory storage means (9) and (10) and connectors (1), (2), (3), (4), (5), (6), are integrated on a card.
3. An Intelligent Security Management System on a Network as claimed in Claim 1 and 2, wherein the device comprises of a smart processor (7), a controller (8), memory storage means (9) and (10) and connectors (1), (2), (3), (4), (5), (6), are integrated on a MEMS (Micro Electro Mechanical System) chip.
4. An Intelligent Security Management System on a Network as claimed in claim 1 to 3, wherein the input requests from the client computers are gathered in the device, will be monitored, analyzed for valid and invalid requests and separated within the device, thereby allowing only valid requests to the server computer and invalid requests to a computer (11) via a memory storage unit (9).
5. Connectors (1), (2), (3), (4), (5), (6) claimed in claim 1, 2 and 3, are the means through which client computers are connected to Intelligent Security Management System on a Network.
6. An Intelligent Security Management System on a Network, which is, claimed in claims 1 to 5, wherein the client system is a desktop computer, a Laptop, a notebook.
7. Connectors claimed in claim 1, 2, 3 and claim 5 will have serial or parallel interface.
8. Smart Processor (7) claimed in claim 1 to claim 3, is responsible for the processing of all the requests of the clients computers. It analyses the valid and invalid request from the users connected to the network through connectors (1) to (6).
9. Smart Processor (7) claimed in claim 1, 2,3 and claim 8, will be an ASIC, FPGA, CPU, etc.
10. A controller (8) claimed in claim 1, 2 and claims 3, is responsible for blocking invalid requests from entering into server system (12). It monitors the network request and takes action according to processor unit's signal.
11. Memory storage units (9) & (10) as claimed in claim 1 to claim 4 will be a Memory Flash, a memory flash card, a Hard disk, a EPROM, a eeprom, a RAM, a disc on chip, etc.
12. Memory storage unit (9) as claimed in claim 1 to 4 and claim 11, will contain predefined software to monitor the input requests from the client system. This software enables the Intelligent Security Management System on a Network to analyze the client's request as valid or invalid.
13. Memory Storage unit (9) as claimed in claim 1 to 4, claim 11 and claim 12, will be interfaced with the processor (7) through ATA, IDE, SATA, SCSI5 SAS, USB, PCMCIA, FLASH, Internet, Network, NV-RAM, etc.
14. Memory storage unit (10) as in claim 1 to 4 and claim 11 will store monitored data given from the controller unit (8) and then transferred to a computer (11).
15. Memory storage unit (10) as in claim 1 to 4, claim 11 and claim 14, will be interfaced with the computer (11) through ATA, IDE, SATA, SCSI, SAS, USB, PCMCIA, FLASH, Internet, Network, NV-RAM, etc.
16. Server system (12) as claimed in claim 1 and claim 10 will be a desktop computer, a Laptop, a notebook.
17. An Intelligent Security Management System on a Network as claimed in claim 1 to claim 15, wherein results that are monitored are transferred to computer (11) via memory unit (10). These results include the information about client system requested, time of request, requested Internet site and other client system related informations.
18. A computer (11) claimed in claim 1, claims 14 and claim 17, is a dedicated system to receive the monitored informations from the controller (8) through Memory Storage Unit (10) of an Intelligent Security Management System on a Network device.
19. An Intelligent Security Management System on a Network as claimed in claim 1 to claim 15 is designed in such a way that server system (12) gets only valid requests from the client systems (1) to (6).
PCT/IN2007/000108 2006-03-27 2007-03-19 An intelligent security management system on a network WO2007110877A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN543/CHE/2006 2006-03-27
IN543CH2006 2006-03-27

Publications (2)

Publication Number Publication Date
WO2007110877A2 true WO2007110877A2 (en) 2007-10-04
WO2007110877A3 WO2007110877A3 (en) 2008-02-28

Family

ID=38541538

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IN2007/000108 WO2007110877A2 (en) 2006-03-27 2007-03-19 An intelligent security management system on a network

Country Status (1)

Country Link
WO (1) WO2007110877A2 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040187033A1 (en) * 2003-03-19 2004-09-23 Etrunk Technologies Inc. Gateway for use in a network monitoring system to control packet flow to a firewall
US20050228984A1 (en) * 2004-04-07 2005-10-13 Microsoft Corporation Web service gateway filtering
US20050273850A1 (en) * 2004-06-07 2005-12-08 Check Point Software Technologies, Inc. Security System with Methodology Providing Verified Secured Individual End Points

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040187033A1 (en) * 2003-03-19 2004-09-23 Etrunk Technologies Inc. Gateway for use in a network monitoring system to control packet flow to a firewall
US20050228984A1 (en) * 2004-04-07 2005-10-13 Microsoft Corporation Web service gateway filtering
US20050273850A1 (en) * 2004-06-07 2005-12-08 Check Point Software Technologies, Inc. Security System with Methodology Providing Verified Secured Individual End Points

Also Published As

Publication number Publication date
WO2007110877A3 (en) 2008-02-28

Similar Documents

Publication Publication Date Title
US10623431B2 (en) Discerning psychological state from correlated user behavior and contextual information
US11184399B2 (en) File system monitoring and auditing via monitor system having user-configured policies
US9100421B2 (en) Enterprise application session control and monitoring in a large distributed environment
US11134087B2 (en) System identifying ingress of protected data to mitigate security breaches
US8392972B2 (en) Protected access control method for shared computer resources
US8990893B2 (en) Enterprise application session control and monitoring in a large distributed environment
US10148694B1 (en) Preventing data loss over network channels by dynamically monitoring file system operations of a process
AU2022202238B2 (en) Tunneled monitoring service and methods
US20080184368A1 (en) Preventing False Positive Detections in an Intrusion Detection System
KR101201629B1 (en) Cloud computing system and Method for Security Management for each Tenant in Multi-tenancy Environment
US11544390B2 (en) Method, system, and apparatus for probabilistic identification of encrypted files
KR101775517B1 (en) Client for checking security of bigdata system, apparatus and method for checking security of bigdata system
US11562093B2 (en) System for generating an electronic security policy for a file format type
KR20020012855A (en) Integrated log analysis and management system and method thereof
US20190132349A1 (en) Auditing databases for security vulnerabilities
US20200389435A1 (en) Auditing smart bits
WO2007110877A2 (en) An intelligent security management system on a network
WO2019146346A1 (en) Security system, security operation method, and overall incident management device
CN117896166A (en) Method, device, equipment and storage medium for monitoring computer network
WO2008039033A1 (en) Policy based network management method and system
Mendo Document flow tracking within corporate networks

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07736568

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07736568

Country of ref document: EP

Kind code of ref document: A2