DE112012003977T8 - Eingriffsfreies Verfahren und Vorrichtung zum automatischen Zuteilen von Sicherheitsregelnin einer Cloud-Umgebung - Google Patents
Eingriffsfreies Verfahren und Vorrichtung zum automatischen Zuteilen von Sicherheitsregelnin einer Cloud-Umgebung Download PDFInfo
- Publication number
- DE112012003977T8 DE112012003977T8 DE112012003977.7T DE112012003977T DE112012003977T8 DE 112012003977 T8 DE112012003977 T8 DE 112012003977T8 DE 112012003977 T DE112012003977 T DE 112012003977T DE 112012003977 T8 DE112012003977 T8 DE 112012003977T8
- Authority
- DE
- Germany
- Prior art keywords
- cloud environment
- security rules
- automatically distributing
- intrusive method
- distributing security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Business, Economics & Management (AREA)
- Computing Systems (AREA)
- Business, Economics & Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110324588.2 | 2011-10-24 | ||
CN201110324588.2A CN103067344B (zh) | 2011-10-24 | 2011-10-24 | 在云环境中自动分发安全规则的非侵入性方法和设备 |
PCT/CN2012/081274 WO2013060203A1 (en) | 2011-10-24 | 2012-09-12 | Non-intrusive method and apparatus for automatically dispatching security rules in cloud environment |
Publications (2)
Publication Number | Publication Date |
---|---|
DE112012003977T5 DE112012003977T5 (de) | 2014-09-11 |
DE112012003977T8 true DE112012003977T8 (de) | 2014-10-30 |
Family
ID=48109810
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
DE112012003977.7T Expired - Fee Related DE112012003977T8 (de) | 2011-10-24 | 2012-09-12 | Eingriffsfreies Verfahren und Vorrichtung zum automatischen Zuteilen von Sicherheitsregelnin einer Cloud-Umgebung |
Country Status (5)
Country | Link |
---|---|
US (1) | US9444787B2 (de) |
CN (1) | CN103067344B (de) |
DE (1) | DE112012003977T8 (de) |
TW (1) | TWI540457B (de) |
WO (1) | WO2013060203A1 (de) |
Families Citing this family (38)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2884321C (en) * | 2013-08-15 | 2015-06-30 | Immun.io Inc. | Method and system for protecting web applications against web attacks |
US9692789B2 (en) * | 2013-12-13 | 2017-06-27 | Oracle International Corporation | Techniques for cloud security monitoring and threat intelligence |
US10063654B2 (en) | 2013-12-13 | 2018-08-28 | Oracle International Corporation | Systems and methods for contextual and cross application threat detection and prediction in cloud applications |
WO2015094196A1 (en) * | 2013-12-17 | 2015-06-25 | Hewlett-Packard Development Company, L.P. | A generic model to implement a cloud computing service |
CN103731430A (zh) * | 2014-01-09 | 2014-04-16 | 北京哈工大计算机网络与信息安全技术研究中心 | 一种基于struts2架构文件上传安全控制方法 |
CN103812693B (zh) * | 2014-01-23 | 2017-12-12 | 汉柏科技有限公司 | 一种基于不同类型服务的云计算防护处理方法及系统 |
WO2015137978A1 (en) | 2014-03-14 | 2015-09-17 | Hewlett Packard Development Company, L.P. | Semantic restriction |
US10193892B2 (en) | 2014-03-14 | 2019-01-29 | Hewlett Packard Enterprise Development Lp | Resource restriction |
CN103916399B (zh) * | 2014-04-15 | 2018-09-25 | 浪潮电子信息产业股份有限公司 | 一种计算机信息安全防御系统 |
CN104158910B (zh) * | 2014-08-29 | 2017-12-15 | 金石易诚(北京)科技有限公司 | 一种云端Web应用自动化部署系统 |
CN105471821B (zh) * | 2014-08-29 | 2019-09-17 | 腾讯科技(深圳)有限公司 | 一种基于浏览器的信息处理方法及装置 |
US9838431B2 (en) * | 2014-11-28 | 2017-12-05 | International Business Machines Corporation | Context-based cloud security assurance system |
US9894100B2 (en) * | 2014-12-30 | 2018-02-13 | Fortinet, Inc. | Dynamically optimized security policy management |
AU2016226956B2 (en) * | 2015-03-04 | 2019-04-18 | Nippon Telegraph And Telephone Corporation | Security measure invalidation prevention device, security measure invalidation prevention method, and security measure invalidation prevention program |
CN104796743B (zh) * | 2015-04-03 | 2020-04-24 | 腾讯科技(北京)有限公司 | 内容项显示系统、方法及设备 |
CN105049440B (zh) * | 2015-08-06 | 2018-04-10 | 福建天晴数码有限公司 | 检测跨站脚本攻击注入的方法及系统 |
US9900285B2 (en) | 2015-08-10 | 2018-02-20 | International Business Machines Corporation | Passport-controlled firewall |
TWI569165B (zh) * | 2015-09-14 | 2017-02-01 | Chunghwa Telecom Co Ltd | The method of grouping external sites through proxy logs |
CN106603473B (zh) * | 2015-10-19 | 2021-01-01 | 华为技术有限公司 | 网络安全信息的处理方法及网络安全信息的处理系统 |
US10536478B2 (en) | 2016-02-26 | 2020-01-14 | Oracle International Corporation | Techniques for discovering and managing security of applications |
CN105791289A (zh) * | 2016-03-02 | 2016-07-20 | 夏杰 | 一种基于大数据计算的网络保护的方法及系统 |
CN107205006A (zh) * | 2016-03-18 | 2017-09-26 | 上海有云信息技术有限公司 | 一种面向网站集约化建设的统一Web安全防护方法 |
CN106341400B (zh) * | 2016-08-29 | 2019-06-18 | 联动优势科技有限公司 | 一种处理业务请求的方法及装置 |
CN106603535B (zh) * | 2016-12-17 | 2019-08-20 | 苏州亿阳值通科技发展股份有限公司 | 基于SaaS平台的安全系统构架 |
US20180307472A1 (en) * | 2017-04-20 | 2018-10-25 | Sap Se | Simultaneous deployment on cloud devices and on on-premise devices |
WO2019047030A1 (en) * | 2017-09-05 | 2019-03-14 | Nokia Solutions And Networks Oy | METHOD AND APPARATUS FOR MANAGING ALS IN CLOUD-DISTRIBUTED ENVIRONMENTS |
JP6375047B1 (ja) * | 2017-12-05 | 2018-08-15 | 株式会社サイバーセキュリティクラウド | ファイアウォール装置 |
US10645121B1 (en) * | 2017-12-11 | 2020-05-05 | Juniper Networks, Inc. | Network traffic management based on network entity attributes |
CN108092979B (zh) * | 2017-12-20 | 2021-05-28 | 国家电网公司 | 一种防火墙策略处理方法及装置 |
CN108540453B (zh) * | 2018-03-15 | 2021-06-18 | 新智数字科技有限公司 | 一种应用于PaaS的网络隔离方法、装置以及设备 |
CN110505190A (zh) * | 2018-05-18 | 2019-11-26 | 深信服科技股份有限公司 | 微分段的部署方法、安全设备、存储介质及装置 |
CN109286617B (zh) * | 2018-09-13 | 2021-06-29 | 郑州云海信息技术有限公司 | 一种数据处理方法及相关设备 |
CN112805687A (zh) * | 2018-10-11 | 2021-05-14 | 日本电信电话株式会社 | 信息处理装置、异常分析方法以及程序 |
CN109660548B (zh) * | 2018-12-28 | 2022-07-05 | 奇安信科技集团股份有限公司 | 基于全局网络拓扑结构的防火墙规则生成方法及服务器 |
CN110941681B (zh) * | 2019-12-11 | 2021-02-23 | 南方电网数字电网研究院有限公司 | 电力系统的多租户数据处理系统、方法和装置 |
CN111343016B (zh) * | 2020-02-21 | 2021-01-26 | 北京京东尚科信息技术有限公司 | 云服务器集群管理方法和装置 |
US11716311B2 (en) * | 2020-11-24 | 2023-08-01 | Google Llc | Inferring firewall rules from network traffic |
TWI773200B (zh) * | 2021-03-18 | 2022-08-01 | 中華電信股份有限公司 | 容器服務基礎設施供裝管理系統、方法及電腦可讀媒介 |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6119230A (en) | 1997-10-01 | 2000-09-12 | Novell, Inc. | Distributed dynamic security capabilities |
US7673323B1 (en) | 1998-10-28 | 2010-03-02 | Bea Systems, Inc. | System and method for maintaining security in a distributed computer network |
US6950825B2 (en) | 2002-05-30 | 2005-09-27 | International Business Machines Corporation | Fine grained role-based access to system resources |
US8418222B2 (en) | 2008-03-05 | 2013-04-09 | Microsoft Corporation | Flexible scalable application authorization for cloud computing environments |
US9069599B2 (en) * | 2008-06-19 | 2015-06-30 | Servicemesh, Inc. | System and method for a cloud computing abstraction layer with security zone facilities |
US8490150B2 (en) * | 2009-09-23 | 2013-07-16 | Ca, Inc. | System, method, and software for enforcing access control policy rules on utility computing virtualization in cloud computing systems |
US8640195B2 (en) * | 2009-09-30 | 2014-01-28 | International Business Machines Corporation | Method and system for automating security policy definition based on recorded transactions |
CN201717894U (zh) | 2010-04-30 | 2011-01-19 | 上海联启网络科技有限公司 | 模块式云计算智能建站系统 |
CN102045353B (zh) * | 2010-12-13 | 2013-06-19 | 北京交通大学 | 一种公有云服务的分布式网络安全控制方法 |
CN102111420A (zh) * | 2011-03-16 | 2011-06-29 | 上海电机学院 | 基于动态云火墙联动的智能nips架构 |
-
2011
- 2011-10-24 CN CN201110324588.2A patent/CN103067344B/zh active Active
-
2012
- 2012-09-12 US US14/353,053 patent/US9444787B2/en active Active
- 2012-09-12 DE DE112012003977.7T patent/DE112012003977T8/de not_active Expired - Fee Related
- 2012-09-12 WO PCT/CN2012/081274 patent/WO2013060203A1/en active Application Filing
- 2012-10-09 TW TW101137370A patent/TWI540457B/zh not_active IP Right Cessation
Also Published As
Publication number | Publication date |
---|---|
US9444787B2 (en) | 2016-09-13 |
US20150033285A1 (en) | 2015-01-29 |
TWI540457B (zh) | 2016-07-01 |
WO2013060203A1 (en) | 2013-05-02 |
DE112012003977T5 (de) | 2014-09-11 |
CN103067344B (zh) | 2016-03-30 |
CN103067344A (zh) | 2013-04-24 |
TW201337626A (zh) | 2013-09-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE112012003977T8 (de) | Eingriffsfreies Verfahren und Vorrichtung zum automatischen Zuteilen von Sicherheitsregelnin einer Cloud-Umgebung | |
DE102014103531A8 (de) | Verfahren und vorrichtung zum regeln eines workflows in einer verfahrenstechnischen anlage | |
GB201301020D0 (en) | Method and apparatus for deploying industrial plant simulators using cloud computing technologies | |
DE112014000887A5 (de) | Verfahren und Vorrichtung zur Bestimmung eines Fahrbahnzustands | |
DE112012003291A5 (de) | Sicherheitsbehälter zur Handhabung einer elektrochemischen Vorrichtung und Verfahren zur Handhabung einer in einem Sicherheitsbehälter angeordneten elektrochemischen Vorrichtung | |
DE102013215025A8 (de) | System zur Bestimmung der Position eines tragbaren Geräts, Verfahren zur Bestimmung der Position eines tragbaren Geräts, und Vorrichtung zur Bestimmung der Position eines tragbaren Geräts | |
DE102011105141A8 (de) | Verfahren und system zur simulation eines arbeitsprozesses an einer werkzeugmaschine | |
DE112013001673A5 (de) | Verfahren zur Handhabung eines Hydroschalldämpfers und Vorrichtung zur Minderung von Schall im Wasser | |
DE112011105262A5 (de) | Optoelektronische Vorrichtung und Verfahren zur Herstellung von optoelektronischen Vorrichtungen | |
DE102012100553A8 (de) | Verfahren und Vorrichtung zum Spleißen von Garn | |
DE102013210269B8 (de) | Vorrichtung und Verfahren zur Untersuchung von Proben in einer Flüssigkeit | |
DE112014002704A5 (de) | Vorrichtung und Verfahren zur Berechnung von Hologrammdaten | |
DE112013004449T8 (de) | Vorrichtung und Verfahren zum Optimieren von halbaktiven Auslastungen | |
DE102011110978A8 (de) | Verfahren zum Bedienen einer elektronischen Einrichtung oder einer Applikation und entsprechende Vorrichtung | |
DE102013114928A8 (de) | Vorrichtung und Verfahren zum Verarbeiten von Straßendaten | |
DE102012108990A8 (de) | Verfahren zum Lokalisieren eines Feldgerätes in einer Automatisierungsanlage | |
DE112014005669A5 (de) | Vorrichtung und Verfahren zur Messung eines Rotorparameters | |
DE112013003948A5 (de) | Verfahren und Vorrichtung zum Klassifizieren von Wasserfahrzeugen | |
EP2836906A4 (de) | System und verfahren zur echtzeit-befehlsverfolgung | |
DE112013000239A5 (de) | Verfahren und Vorrichtung zur Herstellung eines Seils | |
DE112012001960A5 (de) | Verfahren und System zum Lokalisieren einer Person | |
DE112011105342A5 (de) | Verfahren und Vorrichtung zu Kommissionierung von Waren: Pick-by-arrow | |
LU91878B1 (de) | Verfahren und Vorrichtung zum Wurftraining | |
DE112011100370T8 (de) | Verfahren und Vorrichtung zum Betreiben einer Speichereinheit | |
DE102013014393A8 (de) | System und Verfahren zum Bereitstellen eines Spannungsversorgungsschutzes in einer Speichervorrichtung |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
R012 | Request for examination validly filed | ||
R081 | Change of applicant/patentee |
Owner name: GLOBALFOUNDRIES INC., KY Free format text: FORMER OWNER: INTERNATIONAL BUSINESS MACHINES CORPORATION, ARMONK, N.Y., US |
|
R082 | Change of representative |
Representative=s name: RICHARDT PATENTANWAELTE PARTG MBB, DE Representative=s name: RICHARDT PATENTANWAELTE PART GMBB, DE |
|
R079 | Amendment of ipc main class |
Free format text: PREVIOUS MAIN CLASS: H04L0029060000 Ipc: H04L0012260000 Effective date: 20140813 |
|
R081 | Change of applicant/patentee |
Owner name: GLOBALFOUNDRIES INC., KY Free format text: FORMER OWNER: INTERNATIONAL BUSINESS MACHINES CORPORATION, ARMONK, N.Y., US |
|
R082 | Change of representative |
Representative=s name: RICHARDT PATENTANWAELTE PARTG MBB, DE |
|
R081 | Change of applicant/patentee |
Owner name: GLOBALFOUNDRIES INC., KY Free format text: FORMER OWNER: GLOBALFOUNDRIES US 2 LLC (N.D.GES.DES STAATES DELAWARE), HOPEWELL JUNCTION, N.Y., US |
|
R082 | Change of representative |
Representative=s name: RICHARDT PATENTANWAELTE PARTG MBB, DE |
|
R119 | Application deemed withdrawn, or ip right lapsed, due to non-payment of renewal fee |