WO2023277846A1 - A security system - Google Patents
A security system Download PDFInfo
- Publication number
- WO2023277846A1 WO2023277846A1 PCT/TR2022/050615 TR2022050615W WO2023277846A1 WO 2023277846 A1 WO2023277846 A1 WO 2023277846A1 TR 2022050615 W TR2022050615 W TR 2022050615W WO 2023277846 A1 WO2023277846 A1 WO 2023277846A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- security
- firm
- intuitive
- data
- information
- Prior art date
Links
- 230000008520 organization Effects 0.000 claims abstract description 13
- 238000004891 communication Methods 0.000 claims abstract description 4
- 238000013475 authorization Methods 0.000 claims description 11
- 238000007726 management method Methods 0.000 claims description 11
- 230000000694 effects Effects 0.000 claims description 10
- 238000000034 method Methods 0.000 claims description 10
- 238000012550 audit Methods 0.000 claims description 9
- 238000005259 measurement Methods 0.000 claims description 7
- 238000005516 engineering process Methods 0.000 claims description 6
- 230000002265 prevention Effects 0.000 claims description 4
- 238000012502 risk assessment Methods 0.000 claims description 3
- 238000004364 calculation method Methods 0.000 description 4
- 238000011156 evaluation Methods 0.000 description 3
- 238000012544 monitoring process Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
- G06F16/252—Integrating or interfacing systems involving database management systems between a Database Management System and a front-end application
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
Definitions
- the present invention relates to a system which enables to perform the communication between units that are included in organizations and responsible for the security of information within the organization and different workers in the said organization in a coordinated way, and ensures that the officials in the senior management unit within organizations can instantly monitor violations of information security in the organization.
- a security system which enables to display the security notifications, that are sent over existing security services, to company employees on a role-based basis; to enrich the data, that are received from human resources and active directory, while the security notifications are displayed to the company employees; to process the collected data and then prioritize the said data according to the risk calculation; to enable the company employees to view the intra-company security notifications based on the active directory groups wherein they are members of and the authorizations assigned to the said group, without the company employees passing over the data traffic over themselves and then controlling it, without preventing data transfers in the company, without using monitoring agents and interface of application programs.
- the United States patent document no. US10148694B1 discloses a system for data loss prevention (DLP) by monitoring the file system activity of an application having a network connection.
- a DLP agent tracks the file system activity (e.g., opening and reading files) initiated by an application.
- the DLP agent intercepts the file system activity and evaluates a file specified by the file system operation to determine whether the file includes sensitive data or not. If such data is detected, the DLP agent enables to prevent transmission of sensitive data by blocking the file system activity or removing the sensitive data from the file.
- the objective of the present invention is to realize a security system which enables to display the security notifications, that are sent over existing security services, to company employees on a role-based basis; to enrich the data, that are received from human resources and active directory, while the security notifications are displayed to the company employees; to process the collected data and then prioritize the said data according to the risk calculation; to enable the company employees to view the intra-company security notifications based on the active directory groups wherein they are members of and the authorizations assigned to the said group, without the company employees passing over the data traffic over themselves and then controlling it, without preventing data transfers in the company, without using monitoring agents and interface of application programs.
- Figure 1 is schematic view of the inventive security system.
- the inventive security system (1) which enables to enables to perform the communication between units that are included in organizations and responsible for the security of information within the organization and different workers in the said organization in a coordinated way, and ensures that the officials in the senior management unit within organizations can instantly monitor violations of information security in the organization comprises:
- At least one electronic device (2) which is configured to enable firm employees, security teams and officials to communicate with other persons;
- At least one database (4) which connects with an intuitive security application (3) and is configured to store the data entered over an intuitive security application (3) and/or used by the external service, and the rule sets related to the actions to be taken according to the data;
- - at least one server (5) which connects with an intuitive security application (3), the database (4), the external services (ES) and the security services (SS) in the firm (F) and is configured to access the data transmitted from the external services (ES) and the security services (SS); to monitor the transfers of data -that are considered as critical- within the firm (F) by evaluating the accessed data with the rule set in the database (4); and to inform the security teams in the firm (F) about determining whether the alarms occurring in the security service (ES) are within the scope of business needs or not.
- the electronic device (2) included in the inventive system (1) is a smart device such as a mobile phone, tablet or computer configured to enable employees, managers, internal audit and compliance teams, cyber security teams, members of information security committees and risk committees, department managers, and help desk teams of information technologies within the firm (F) to communicate with other persons.
- An intuitive security application (3) included in the inventive system (1) is configured to enable all employees using the electronic device (2) to access data in accordance with their roles and responsibilities in the service of information security management in the said firm (F), by connecting with external services (ES) such as human resources in the firm (F) and remote access, and security services (SS) such as prevention of data loss, security management and event management.
- An intuitive security application (3) is configured to ensure that the notifications and outputs of information security processes produced by the cyber security and information security teams, audit and compliance teams, information technologies teams in the external services (ES) and security services (SS) included in the firm (F) are understandable by different business units within the firm (F).
- An intuitive security application (3) is configured to ensure that screens customized for different roles such as managers, internal audit and compliance teams, cyber security teams, members of information security committees and risk committees, department managers, help desk teams of information technologies in the firm (F) are displayed on the electronic device (2), by running on the electronic device (2).
- An intuitive security application (3) is configured to enable the said managers to create security groups according to different departments and units in the firm (F) within the active directory by running on the electronic devices (2) of the managers in the firm (F), and to ensure that different role-based authorization assignments are made to security groups according to the department they are associated with.
- An intuitive security application (3) is configured to transmit the role-based authorization information related to the security groups on itself in the active directory, to the database (4).
- An intuitive security application (3) is configured to connect with external services (ES) in the firm (F) such as human resources and remote access via web service protocols.
- An intuitive security application (3) is configured to connect with security systems (S) in the firm (F) such as DLP, DAM, FAM and SIEM via JDBC and Syslog protocols.
- an intuitive security application (3) is configured to enable an authorized user in the firm (F) to create information security measurement criteria and key performance indicators with the interface included on itself.
- the database (4) included in the inventive system (1) is configured to store information security measurement criteria and key performance indicators created on an intuitive security application (3), in the library on itself by connecting with an intuitive security application (3).
- the server (5) included in the inventive system (1) is configured to access the data transmitted from external services (ES) and security services (SS), and to evaluate the accessed data based on security parameters such as measurement scores of information security effectiveness, violation events of information security, outputs of risk analysis, critical security vulnerabilities detected, and audit findings.
- the server (5) is configured to detect information such as requirements arising from business processes, cyber security condition in the firm (F), company loyalty of the employee in the firm (F), suspicious activities of the employee of the firm (F) and the criticality of the data transferred to the firm (F) and/or from the firm (F), by evaluating the data accessed from external services (ES) and security services (SS) according to security parameters.
- the server (5) is configured to create security units by enriching information such as requirements arising from business processes, cyber security status in the firm (F), company loyalty of the employee in the firm (F), suspicious activities of the employee of the firm (F) and the criticality of the data transferred to the firm (F) and/or from the firm (F) with the data in human resources and active directory in the firm (F) and to enable the firm (F) authorities running the application (3) to display security notifications on the interface of an application (3) according to the roles and authorizations assigned to the security group in the active directory, by transmitting security notifications to an intuitive security application (3).
- employees working in the firm (F) can view the security notifications produced on the server (5) by running an intuitive security application (3) on their electronic devices (2).
- An intuitive security application (3) included in the system (1) connects with various external services (ES) and security services (SS) in the firm (F).
- An intuitive security application (3) enables the said managers to create security groups according to different departments and units in the firm (F) within the active directory by running on the electronic devices (2) of the managers in the firm (F), and to perform different role-based authorization assignments to security groups according to the department they are associated with.
- the security notifications transmitted from the server (5) are displayed in a different way by different departments in the firm (F) by means of an intuitive application (3).
- the server (5) creates a security notification by detecting audit findings such as measurement scores of information security effectiveness, information security violation events, outputs of risk analysis and critical security vulnerabilities detected on the accessed data, by connecting with various external services (ES) and security services (SS) in firm (F). Security notifications are transmitted to an intuitive security application (3) via the server (5).
- ES external services
- SS security services
- the inventive system (1) it is ensured that the security notifications, that are sent over existing security services, are displayed to company employees on a role- based basis; the data, that are received from human resources and active directory, are enriched while the security notifications are displayed to the company employees; the collected data are processed and then the said data are prioritized according to the risk calculation; the company employees are enabled to view the intra-company security notifications based on the active directory groups wherein they are members of and the authorizations assigned to the said group.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to a system (1) which enables to perform the communication between units that are included in organizations and responsible for the security of information within the organization and different workers in the said organization in a coordinated way, and ensures that the officials in the senior management unit within organizations can instantly monitor violations of information security in the organization.
Description
A SECURITY SYSTEM Technical Field
The present invention relates to a system which enables to perform the communication between units that are included in organizations and responsible for the security of information within the organization and different workers in the said organization in a coordinated way, and ensures that the officials in the senior management unit within organizations can instantly monitor violations of information security in the organization.
Background of the Invention
Today, institutions and companies have to protect a variety of data generated in their own units. Various security systems such as DLP (data loss prevention) and SIEM (security information and event management), which prevent leakage of intra-company (in-house) data to external environment and/or systems, are used by the said institutions. The said security systems and/or software cannot detect data theft, data sabotage on the said data by means of alarms created in accordance with certain rules by analyzing the data generated in the institution. While detecting whether the occurring alarms are beyond the scope of business requirement, the said alarms should be evaluated by different units other than security teams. However, the fact that data security evaluations are carried out throughout the company by a single employee or team reduces the effectiveness of security controls in the organization because of the problem that important parameters cannot be evaluated. Besides, parameters such as evaluation of requirements arising from business processes, evaluation of the cyber security status by the management, delaying controls due to the large number of notifications examined, employee
loyalty in the company, suspicious activities of an employee and the criticality of transferred data should be evaluated on the security system in an institution. Yet, in the state of art, there is no solution which enables to display the security notifications, that are sent over existing security services, to company employees on a role-based basis; to enrich the data, that are received from human resources and active directory, while the security notifications are displayed to the company employees; to process the collected data and then prioritize the said data according to the risk calculation; to enable the company employees to view the intra-company security notifications based on the active directory groups wherein they are members of and the authorizations assigned to the said group.
Due to the above-mentioned reasons, there is need for a security system which enables to display the security notifications, that are sent over existing security services, to company employees on a role-based basis; to enrich the data, that are received from human resources and active directory, while the security notifications are displayed to the company employees; to process the collected data and then prioritize the said data according to the risk calculation; to enable the company employees to view the intra-company security notifications based on the active directory groups wherein they are members of and the authorizations assigned to the said group, without the company employees passing over the data traffic over themselves and then controlling it, without preventing data transfers in the company, without using monitoring agents and interface of application programs.
The United States patent document no. US10148694B1, an application in the state of the art, discloses a system for data loss prevention (DLP) by monitoring the file system activity of an application having a network connection. In the inventive system, a DLP agent tracks the file system activity (e.g., opening and reading files) initiated by an application. The DLP agent intercepts the file system activity and evaluates a file specified by the file system operation to determine whether the file includes sensitive data or not. If such data is detected, the DLP agent enables to
prevent transmission of sensitive data by blocking the file system activity or removing the sensitive data from the file.
Summary of the Invention
The objective of the present invention is to realize a security system which enables to display the security notifications, that are sent over existing security services, to company employees on a role-based basis; to enrich the data, that are received from human resources and active directory, while the security notifications are displayed to the company employees; to process the collected data and then prioritize the said data according to the risk calculation; to enable the company employees to view the intra-company security notifications based on the active directory groups wherein they are members of and the authorizations assigned to the said group, without the company employees passing over the data traffic over themselves and then controlling it, without preventing data transfers in the company, without using monitoring agents and interface of application programs.
Detailed Description of the Invention
“A Security System” realized to fulfil the objective of the present invention is shown in the figure attached, in which:
Figure 1 is schematic view of the inventive security system.
The components illustrated in the figure are individually numbered, where the numbers refer to the following:
1. System
2. Electronic device
3. An intuitive security application
4. Database
5. Server F. Firm
ES. External service SS. Security service
The inventive security system (1) which enables to enables to perform the communication between units that are included in organizations and responsible for the security of information within the organization and different workers in the said organization in a coordinated way, and ensures that the officials in the senior management unit within organizations can instantly monitor violations of information security in the organization comprises:
- at least one electronic device (2) which is configured to enable firm employees, security teams and officials to communicate with other persons;
- at least one intuitive security application (3) which is run on the electronic device (2) and configured to enable the security teams in the firm (F) to enter data into the interface included on the intuitive security application and/or to view the stored data;
- at least one database (4) which connects with an intuitive security application (3) and is configured to store the data entered over an intuitive security application (3) and/or used by the external service, and the rule sets related to the actions to be taken according to the data; and
- at least one server (5) which connects with an intuitive security application (3), the database (4), the external services (ES) and the security services (SS) in the firm (F) and is configured to access the data transmitted from the external services (ES) and the security services (SS); to monitor the transfers of data -that are considered as critical- within the firm (F) by evaluating the accessed data with the rule set in the database (4); and to inform the security teams in the firm (F) about determining whether the alarms occurring in the security service (ES) are within the scope of business needs or not.
The electronic device (2) included in the inventive system (1) is a smart device such as a mobile phone, tablet or computer configured to enable employees, managers, internal audit and compliance teams, cyber security teams, members of information security committees and risk committees, department managers, and help desk teams of information technologies within the firm (F) to communicate with other persons.
An intuitive security application (3) included in the inventive system (1) is configured to enable all employees using the electronic device (2) to access data in accordance with their roles and responsibilities in the service of information security management in the said firm (F), by connecting with external services (ES) such as human resources in the firm (F) and remote access, and security services (SS) such as prevention of data loss, security management and event management. An intuitive security application (3) is configured to ensure that the notifications and outputs of information security processes produced by the cyber security and information security teams, audit and compliance teams, information technologies teams in the external services (ES) and security services (SS) included in the firm (F) are understandable by different business units within the firm (F). An intuitive security application (3) is configured to ensure that screens customized for different roles such as managers, internal audit and compliance teams, cyber security teams, members of information security committees and risk committees, department managers, help desk teams of information technologies in the firm (F) are displayed on the electronic device (2), by running on the electronic device (2). An intuitive security application (3) is configured to enable the said managers to create security groups according to different departments and units in the firm (F) within the active directory by running on the electronic devices (2) of the managers in the firm (F), and to ensure that different role-based authorization assignments are made to security groups according to the department they are associated with. An intuitive security application (3) is configured to transmit the role-based authorization
information related to the security groups on itself in the active directory, to the database (4). An intuitive security application (3) is configured to connect with external services (ES) in the firm (F) such as human resources and remote access via web service protocols. An intuitive security application (3) is configured to connect with security systems (S) in the firm (F) such as DLP, DAM, FAM and SIEM via JDBC and Syslog protocols. Also, an intuitive security application (3) is configured to enable an authorized user in the firm (F) to create information security measurement criteria and key performance indicators with the interface included on itself.
The database (4) included in the inventive system (1) is configured to store information security measurement criteria and key performance indicators created on an intuitive security application (3), in the library on itself by connecting with an intuitive security application (3).
The server (5) included in the inventive system (1) is configured to access the data transmitted from external services (ES) and security services (SS), and to evaluate the accessed data based on security parameters such as measurement scores of information security effectiveness, violation events of information security, outputs of risk analysis, critical security vulnerabilities detected, and audit findings. The server (5) is configured to detect information such as requirements arising from business processes, cyber security condition in the firm (F), company loyalty of the employee in the firm (F), suspicious activities of the employee of the firm (F) and the criticality of the data transferred to the firm (F) and/or from the firm (F), by evaluating the data accessed from external services (ES) and security services (SS) according to security parameters. The server (5) is configured to create security units by enriching information such as requirements arising from business processes, cyber security status in the firm (F), company loyalty of the employee in the firm (F), suspicious activities of the employee of the firm (F) and the criticality of the data transferred to the firm (F) and/or from the firm (F) with the data in human
resources and active directory in the firm (F) and to enable the firm (F) authorities running the application (3) to display security notifications on the interface of an application (3) according to the roles and authorizations assigned to the security group in the active directory, by transmitting security notifications to an intuitive security application (3).
Industrial Application of the Invention
In the inventive system (1), employees working in the firm (F) can view the security notifications produced on the server (5) by running an intuitive security application (3) on their electronic devices (2). An intuitive security application (3) included in the system (1) connects with various external services (ES) and security services (SS) in the firm (F). An intuitive security application (3) enables the said managers to create security groups according to different departments and units in the firm (F) within the active directory by running on the electronic devices (2) of the managers in the firm (F), and to perform different role-based authorization assignments to security groups according to the department they are associated with. Thus, the security notifications transmitted from the server (5) are displayed in a different way by different departments in the firm (F) by means of an intuitive application (3). However, the managers in the firm (F) can instantly monitor the activity of information security through an intuitive security application (3) in the system (1). The server (5) creates a security notification by detecting audit findings such as measurement scores of information security effectiveness, information security violation events, outputs of risk analysis and critical security vulnerabilities detected on the accessed data, by connecting with various external services (ES) and security services (SS) in firm (F). Security notifications are transmitted to an intuitive security application (3) via the server (5).
With the inventive system (1) it is ensured that the security notifications, that are sent over existing security services, are displayed to company employees on a role-
based basis; the data, that are received from human resources and active directory, are enriched while the security notifications are displayed to the company employees; the collected data are processed and then the said data are prioritized according to the risk calculation; the company employees are enabled to view the intra-company security notifications based on the active directory groups wherein they are members of and the authorizations assigned to the said group.
It is possible to develop various embodiments of the inventive security system (1); the invention cannot be limited to examples disclosed herein and it is essentially according to claims.
Claims
1. A security system (1) which enables to enables to perform the communication between units that are included in organizations and responsible for the security of information within the organization and different workers in the said organization in a coordinated way, and ensures that the officials in the senior management unit within organizations can instantly monitor violations of information security in the organization; comprising
- at least one electronic device (2) which is configured to enable firm employees, security teams and officials to communicate with other persons; characterized by
- at least one intuitive security application (3) which is run on the electronic device (2) and configured to enable the security teams in the firm (F) to enter data into the interface included on the intuitive security application and/or to view the stored data;
- at least one database (4) which connects with an intuitive security application (3) and is configured to store the data entered over an intuitive security application (3) and/or used by the external service, and the rule sets related to the actions to be taken according to the data; and
- at least one server (5) which connects with an intuitive security application (3), the database (4), the external services (ES) and the security services (SS) in the firm (F) and is configured to access the data transmitted from the external services (ES) and the security services (SS); to monitor the transfers of data -that are considered as critical- within the firm (F) by evaluating the accessed data with the rule set in the database (4); and to inform the security teams in the firm (F) about determining whether the alarms occurring in the security service (ES) are within the scope of business needs or not.
2. A security system (1) according to claim 1; characterized by the electronic device (2) which is a smart device such as a mobile phone, tablet or computer,
configured to enable employees, managers, internal audit and compliance teams, cyber security teams, members of information security committees and risk committees, department managers, and help desk teams of information technologies within the firm (F) to communicate with other persons.
3. A security system (1) according to Claim 1 or 2; characterized by an intuitive security application (3) which is configured to enable all employees using the electronic device (2) to access data in accordance with their roles and responsibilities in the service of information security management in the said firm (F), by connecting with external services (ES) such as human resources in the firm (F) and remote access, and security services (SS) such as prevention of data loss, security management and event management.
4. A security system (1) according to any one of the preceding claims, characterized by an intuitive security application (3) which is configured to ensure that the notifications and outputs of information security processes produced by the cyber security and information security teams, audit and compliance teams, information technologies teams in the external services (ES) and security services (SS) included in the firm (F) are understandable by different business units within the firm (F).
5. A security system (1) according any one of the preceding claims; characterized by an intuitive security application (3) which is configured to ensure that screens customized for different roles such as managers, internal audit and compliance teams, cyber security teams, members of information security committees and risk committees, department managers, help desk teams of information technologies in the firm (F) are displayed on the electronic device (2), by running on the electronic device (2).
6. A security system (1) according any one of the preceding claims; characterized by an intuitive security application (3), which is configured to enable the said
managers to create security groups according to different departments and units in the firm (F) within the active directory by running on the electronic devices (2) of the managers in the firm (F), and to ensure that different role-based authorization assignments are made to security groups according to the department they are associated with.
7. A security system (1) according any one of the preceding claims; characterized by an intuitive security application (3) which is configured to transmit the role- based authorization information related to the security groups on itself in the active directory, to the database (4).
8. A security system (1) according any one of the preceding claims; characterized by an intuitive security application (3) which is configured to connect with external services (ES) in the firm (F) such as human resources and remote access via web service protocols.
9. A security system (1) according any one of the preceding claims; characterized by an intuitive security application (3) which is configured to connect with security systems (S) in the firm (F) such as DLP, DAM, FAM and SIEM via JDBC and Syslog protocols.
10. A security system (1) according any one of the preceding claims; characterized by an intuitive security application (3) which is configured to enable an authorized user in the firm (F) to create information security measurement criteria and key performance indicators with the interface included on itself.
11. A security system (1) according any one of the preceding claims; characterized by the database (4) which is configured to store information security measurement criteria and key performance indicators created on an intuitive security application (3), in the library on itself by connecting with an intuitive security application (3).
12. A security system (1) according any one of the preceding claims; characterized by the server (5) which is configured to access the data transmitted from external services (ES) and security services (SS), and to evaluate the accessed data based on security parameters such as measurement scores of information security effectiveness, violation events of information security, outputs of risk analysis, critical security vulnerabilities detected, and audit findings.
13. A security system (1) according any one of the preceding claims; characterized by a server (5) which is configured to detect information such as requirements arising from business processes, cyber security condition in the firm (F), company loyalty of the employee in the firm (F), suspicious activities of the employee of the firm (F) and the criticality of the data transferred to the firm (F) and/or from the firm (F), by evaluating the data accessed from external services (ES) and security services (SS) according to security parameters.
14. A security system (1) according any one of the preceding claims; characterized by a server (5) which is configured to create security units by enriching information such as requirements arising from business processes, cyber security status in the firm (F), company loyalty of the employee in the firm (F), suspicious activities of the employee of the firm (F) and the criticality of the data transferred to the firm (F) and/or from the firm (F) with the data in human resources and active directory in the firm (F) and to enable the firm (F) authorities running the application (3) to display security notifications on the interface of an application (3) according to the roles and authorizations assigned to the security group in the active directory, by transmitting security notifications to an intuitive security application (3).
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TR2021/010488 | 2021-06-28 | ||
TR2021010488 | 2021-06-28 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2023277846A1 true WO2023277846A1 (en) | 2023-01-05 |
Family
ID=84692380
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/TR2022/050615 WO2023277846A1 (en) | 2021-06-28 | 2022-06-20 | A security system |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2023277846A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116192529A (en) * | 2023-03-10 | 2023-05-30 | 广东堡塔安全技术有限公司 | Third party server safety management system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050097149A1 (en) * | 2003-11-05 | 2005-05-05 | Lumigent Technologies, Inc. | Data audit system |
US20110178986A1 (en) * | 2005-11-28 | 2011-07-21 | Commvault Systems, Inc. | Systems and methods for classifying and transferring information in a storage network |
US20170076057A1 (en) * | 2014-03-06 | 2017-03-16 | David Burton | Mobile data management system |
CN109388642A (en) * | 2018-10-23 | 2019-02-26 | 北京计算机技术及应用研究所 | Sensitive data based on label tracks source tracing method |
CN111241099A (en) * | 2020-01-09 | 2020-06-05 | 佛山科学技术学院 | Industrial big data storage method and device |
-
2022
- 2022-06-20 WO PCT/TR2022/050615 patent/WO2023277846A1/en unknown
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050097149A1 (en) * | 2003-11-05 | 2005-05-05 | Lumigent Technologies, Inc. | Data audit system |
US20110178986A1 (en) * | 2005-11-28 | 2011-07-21 | Commvault Systems, Inc. | Systems and methods for classifying and transferring information in a storage network |
US20170076057A1 (en) * | 2014-03-06 | 2017-03-16 | David Burton | Mobile data management system |
CN109388642A (en) * | 2018-10-23 | 2019-02-26 | 北京计算机技术及应用研究所 | Sensitive data based on label tracks source tracing method |
CN111241099A (en) * | 2020-01-09 | 2020-06-05 | 佛山科学技术学院 | Industrial big data storage method and device |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116192529A (en) * | 2023-03-10 | 2023-05-30 | 广东堡塔安全技术有限公司 | Third party server safety management system |
CN116192529B (en) * | 2023-03-10 | 2023-09-29 | 广东堡塔安全技术有限公司 | Third party server safety management system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Swanson et al. | Generally accepted principles and practices for securing information technology systems | |
US8868728B2 (en) | Systems and methods for detecting and investigating insider fraud | |
US8769412B2 (en) | Method and apparatus for risk visualization and remediation | |
US20060123101A1 (en) | Application instrumentation and monitoring | |
US20120224057A1 (en) | Situational intelligence | |
Bishop et al. | A risk management approach to the “insider threat” | |
Clinch | ITIL V3 and information security | |
CN113516337A (en) | Method and device for monitoring data security operation | |
WO2023277846A1 (en) | A security system | |
Gupta et al. | Cyber security assessment education for E-governance systems | |
KR20200071811A (en) | Security Service system based on cloud | |
IBRAHIM | Cybersecurity: Panorama and Implementation in 2021 | |
Bertone et al. | Integrated cyber-physical security approach for healthcare sector | |
Huth et al. | Components and considerations in building an insider threat program | |
Trzeciak et al. | A Framework to Effectively Develop Insider Threat Controls | |
Yaokumah et al. | Exploring the Impact of Security Policy on Compliance | |
Miloslavskaya et al. | Information visualisation in information security management for enterprises’s information infrastructure | |
Pfleeger et al. | Harmonizing privacy with security principles and practices | |
Bańka et al. | Practical Methods of Implementation for the Indispensable Mechanism of GDPR Compliance | |
Board | Criminal Justice Information Services (CJIS) Security Policy | |
Evina et al. | Attacks Scenarios in a Correlated Anomalies Context: Case of Medical System Database Application. | |
Poniszewska-Marańda et al. | Security Intelligence for Real-Time Security Monitoring Software | |
Matulevičius et al. | Security Requirements | |
Caldarulo et al. | Oversharing: The downside of data sharing in local government | |
Callahan | Security information and event management tools and insider threat detection |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 22833814 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |