JP2002366525A - Security policy maintenance system - Google Patents
Security policy maintenance systemInfo
- Publication number
- JP2002366525A JP2002366525A JP2001215975A JP2001215975A JP2002366525A JP 2002366525 A JP2002366525 A JP 2002366525A JP 2001215975 A JP2001215975 A JP 2001215975A JP 2001215975 A JP2001215975 A JP 2001215975A JP 2002366525 A JP2002366525 A JP 2002366525A
- Authority
- JP
- Japan
- Prior art keywords
- client
- network
- security
- security level
- security policy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012423 maintenance Methods 0.000 title claims description 4
- 238000012544 monitoring process Methods 0.000 claims 1
- 238000000034 method Methods 0.000 description 8
- 230000004913 activation Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 230000005856 abnormality Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000009385 viral infection Effects 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
Description
【0001】[0001]
【発明の属する技術分野】本発明は、コンピュータネッ
トワークの利用においてネットワークに参加するクライ
アントセキュリティレベルにより、ネットワークセキュ
リティレベル管理制御装置やアプリケーションとそれを
記録する媒体に関するものである。BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a network security level management control device and an application according to a client security level participating in a network when using a computer network, and a medium for recording the same.
【0002】[0002]
【従来の技術】従来は、コンピュータネットワークを構
築し運用していく場合は、事前に運用マニュアル等を作
成し、その中でセキュリティ維持の為の項目を設定し、
利用者のモラルの向上を行い、セキュリティレベルを維
持していた。2. Description of the Related Art Conventionally, when constructing and operating a computer network, an operation manual or the like is created in advance, and items for maintaining security are set in the manual.
The moral of users was improved and the security level was maintained.
【0003】また、ネットワーク参加者の区別は、ネッ
トワークログインIDとパスワードのみチェックで参加
を許可していた為、プライベートパソコンや取り決めた
セキュリティレベルを維持していないクライアントも、
簡単にネットワークに参加していた。[0003] In addition, the network participants are distinguished by checking only the network login ID and password to permit participation, so that even a private personal computer or a client who does not maintain the determined security level,
Easy to join the network.
【0004】また、ネットワーク管理者が知らないセキ
ュリティレベルの低いクライアントが数多くネットワー
クに参加する事で、ネットワークのセキュリティレベル
が低下し、ウィルスへの感染や情報の漏洩などの重大な
問題が発生する場合があった。[0004] In addition, when a large number of clients with a low security level that the network administrator does not know participate in the network, the security level of the network is reduced, and serious problems such as virus infection and information leakage occur. was there.
【0005】[0005]
【発明が解決しようとする課題】本発明は、前記の課題
を解決する為に、クライアントのセキュリティレベル情
報取得と取得したセキュリティレベルによりネットワー
クへの参加を拒否および制限を行うことが出来る様にし
たもので、以下の装置および方法を特徴とする。SUMMARY OF THE INVENTION In order to solve the above-mentioned problems, the present invention makes it possible to refuse and restrict participation in a network based on security level information of a client and the obtained security level. And is characterized by the following apparatus and method.
【0006】本発明の目的は、ネットワーク管理者が定
めたセキュリティレベルの基準に至らないクライアント
のネットワーク参加を制限する管理方法を提供すること
にある。It is an object of the present invention to provide a management method for restricting a client who does not reach a security level standard set by a network administrator from participating in a network.
【0007】[0007]
【課題を解決する為の手段】サーバーとクライアントに
セキュリティチェックエージェントを常駐させ、クライ
アントの電源を入れ、起動した時点からセキュリティエ
ージェントが起動する。そのセキュリティエージェント
は、クライアント上にネットワーク管理者が設定した、
常時正常動作が必要なアプリケーションの稼動状況とバ
ージョン情報の取得を行う。また、その他の稼動中アプ
リケーション情報の取得を行い、取得した情報をログイ
ン処理と共にサーバーに伝送する。Means for Solving the Problems A security check agent is made resident in a server and a client, the client is turned on, and the security agent is activated from the time of activation. The security agent is configured by the network administrator on the client,
Obtain the operating status and version information of applications that need to operate normally at all times. Further, it acquires other running application information and transmits the acquired information to the server together with the login processing.
【0008】サーバー側は、伝送されたクライアントセ
キュリティ情報および、クライアントのMACアドレス
やCPUおよびHDDサイズ等の固有データをセキュリ
ティポリシー設定データベースの内容と比較し、ネット
ワーク参加の可否を判断する。[0008] The server side compares the transmitted client security information and the unique data such as the MAC address of the client, the size of the CPU and the HDD with the contents of the security policy setting database, and determines whether or not to participate in the network.
【0009】ネットワーク参加が許可された場合は、ネ
ットワーク資源を利用する事が出来る様になるが、不許
可の場合は、ネットワークログインを拒否する。If network participation is permitted, network resources can be used, but if not, network login is rejected.
【0010】また、前記のセキュリティエージェントが
稼動していないクライアントからネットワークサーバー
にログイン処理が行われた場合は、サーバー側に常駐し
ているセキュリティエージェントにより、ネットワーク
ログイン処理を強制的に中断し、ネットワーク参加を拒
否する。[0010] Further, when a client in which the security agent is not operating performs login processing to the network server, the network agent login processing is forcibly interrupted by the security agent resident on the server side. Refuse to participate.
【0011】[0011]
【発明の実施の形態】ネットワーク利用者は、自己の管
理している6のクライアントを起動し、起動後IDとパ
スワードを入力して、ネットワークにログインする。BEST MODE FOR CARRYING OUT THE INVENTION A network user activates six clients managed by himself, inputs an ID and a password after the activation, and logs in to the network.
【0012】前記のクライアントが、正規許可のクライ
アント場合は、7のセキュリティエージェントクライア
ントにより、8のソフト稼動状況や9のハードリソース
情報が取得され、ログイン処理と共に7のセキュリティ
エージェントクライアントから5のセキュリティエージ
ェントサーバーに送られ、6のセキュリティエージェン
トサーバーは、1のセキュリティポリシーサーバー上
の、2のクライアント固有情報データベースと3のセキ
ュリティポリシーデータベース情報を元に、ログインの
可否を判断する。If the client is an authorized client, the security agent client obtains the software operation status of 8 and the hardware resource information of 9, and together with the log-in processing, the security agent client of FIG. The security agent server is sent to the server, and the security agent server determines whether login is possible based on the client unique information database and the security policy database information on the security policy server.
【0013】セキュリティレベルが基準に達していれ
ば、5のセキュリティエージェントサーバーは、7のセ
キュリティエージェントクライアントに対し、ログイン
を許可する。If the security level has reached the standard, the security agent server 5 permits the security agent client 7 to log in.
【0014】しかし、セキュリティレベルが基準以下の
場合、5のセキュリティエージェントサーバーは、7の
セキュリティエージェントクライアントに対し、ログイ
ンを拒否し、ログインの拒否理由を7のセキュリティエ
ージェントクライアントに送信する。7のセキュリティ
エージェントクライアントは、受信した拒否理由を表示
しする。利用者は指示に従って対処し、再度ログイン処
理を行う。However, when the security level is equal to or lower than the standard, the security agent server of No. 5 rejects the login to the security agent client of No. 7 and transmits the reason for rejecting the login to the security agent client of No. 7. The security agent client of No. 7 displays the received rejection reason. The user responds according to the instruction and performs the login process again.
【0015】また、個人所有の正規許可のクライアント
で無い場合は、7のセキュリティエージェントクライア
ントが稼動していなか、または稼動していてもMACア
ドレスやCPUおよびHDDサイズとうのクライアント
固有の情報が、2のクライアント固有情報データベース
に登録が無い為、5のセキュリティエージェントサーバ
ーにより、ネットワーク参加が拒否される。If the client is not a personally authorized client, the security agent client 7 is not running, or even if it is running, the client-specific information such as the MAC address and CPU and HDD size is 2 Since there is no registration in the client specific information database, the security agent server 5 rejects participation in the network.
【0016】また、7のセキュリティエージェントクラ
イアントは、ネットワークに接続中に、6のクライアン
トのソフトやハードのリソースに変化を検知し、5のセ
キュリティエージェントサーバーに通知する、5のセキ
ュリティエージェントサーバーは、通知内容がセキュリ
ティポリシーデータベースと比較し、セキュリティポリ
シーに違反があれば、6のクライアントをネットワーク
より強制的に切断する。The security agent client 7 detects a change in the software or hardware resources of the client 6 while connected to the network, and notifies the security agent server 5 of the change. The contents are compared with the security policy database. If there is a violation of the security policy, the client 6 is forcibly disconnected from the network.
【0017】また、5のセキュリティエージェントサー
バーは、常時7のセキュリティエージェントクライアン
トの動作を監視し、7のセキュリティエージェントクラ
イアントからの信号が途絶えた場合、6のクライアント
のセキュリティレベルに異常が発生したと判断し、ネッ
トワークより強制的に切断する。The security agent server (5) constantly monitors the operation of the security agent client (7), and when the signal from the security agent client (7) is interrupted, determines that an abnormality has occurred in the security level of the client (6). And forcibly disconnect from the network.
【0018】[0018]
【発明の効果】本発明のセキュリティポリシー維持シス
テムを利用する事で、セキュリティポリシーに違反する
クライアントの接続を防止し、ネットワークのセキュリ
ティレベルを維持できる。また、各クライアントのリソ
ース状況をデータベースに記録し管理することで、悪意
を持ってMOやRAS環境増設を行っても、ネットワー
クから自動的に切り離される為、機密情報や個人情報の
漏洩やウィルスの侵入を防止することができる。By using the security policy maintenance system of the present invention, it is possible to prevent the connection of the client violating the security policy and maintain the security level of the network. In addition, by recording and managing the resource status of each client in the database, even if the MO or RAS environment is maliciously added, it will be automatically disconnected from the network, so leakage of confidential information and personal information and virus Intrusion can be prevented.
【図1】本発明の基本処理の流れを説明した図であるFIG. 1 is a diagram illustrating a flow of a basic process of the present invention.
1 − セキュリティポリシーサーバー 2 − クライアント固有情報データベース 3 − セキュリティポリシーデータベース 4 − サーバー 5 − セキュリティエージェントサーバー 6 − クライアント 7 − セキュリティエージェントクライアント 8 − ソフト関係 9 − ハード関係 1-Security Policy Server 2-Client Specific Information Database 3-Security Policy Database 4-Server 5-Security Agent Server 6-Client 7-Security Agent Client 8-Software 9-Hardware
【手続補正書】[Procedure amendment]
【提出日】平成13年7月23日(2001.7.2
3)[Submission date] July 23, 2001 (2001.7.2)
3)
【手続補正1】[Procedure amendment 1]
【補正対象書類名】明細書[Document name to be amended] Statement
【補正対象項目名】請求項2[Correction target item name] Claim 2
【補正方法】変更[Correction method] Change
【補正内容】[Correction contents]
【手続補正2】[Procedure amendment 2]
【補正対象書類名】明細書[Document name to be amended] Statement
【補正対象項目名】発明の属する技術分野[Correction target item name] Technical field to which the invention belongs
【補正方法】変更[Correction method] Change
【補正内容】[Correction contents]
【発明の属する技術分野】本発明は、コンピュータネッ
トワークの利用においてネットワークに参加するクライ
アントセキュリティレベルにより、ネットワーク参加を
制限する装置やアプリケーションとそれを記録する媒体
に関するものである。The present invention relates is, by the client security level to participate in the network in the use of the computer network, the network participation
The present invention relates to a device or application to be restricted and a medium for recording the device or application.
Claims (3)
セキュリティレベルにより、サーバー側よりクライアン
トのネットワーク参加を許可および拒否する手段と、前
記のセキュリティレベル情報を取得し、クライアントと
サーバー間でのセキュリティレベルの確認手段と、を備
えたことを特徴とする、セキュリティポリシー維持管理
装置やアプリケーションとそれを記録する媒体1. A means for permitting and denying a client from participating in a network from a server according to a security level of a client participating in a network, and a means for confirming a security level between a client and a server by acquiring the security level information. And a security policy maintenance / management device and application, and a medium for recording the same.
処理を継続している間も、クライアントのセキュリティ
レベル情報を監視し、セキュリティレベルがネットワー
ク参加可能レベルより低くなった場合やセキュリティレ
ベル情報の取得が出来なくなった場合にネットワーク資
源の利用を制限する手段とを備えたことを特徴とする、
メール管理装置やアプリケーションとそれを記録する媒
体2. A client joins the network,
A means for monitoring client security level information while processing continues, and restricting the use of network resources when the security level falls below the network participation level or when security level information cannot be obtained. Characterized by having
Email management devices and applications and media for recording them
アントと無許可のクライアントの判断手段とを備えたこ
とを特徴とする、セキュリティポリシー維持管理装置や
アプリケーションとそれを記録する媒体3. A security policy maintenance / management apparatus and application, and a medium for recording the same, comprising means for judging an authorized client and an unauthorized client permitted by a network administrator.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2001215975A JP2002366525A (en) | 2001-06-12 | 2001-06-12 | Security policy maintenance system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2001215975A JP2002366525A (en) | 2001-06-12 | 2001-06-12 | Security policy maintenance system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| JP2002366525A true JP2002366525A (en) | 2002-12-20 |
Family
ID=19050511
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP2001215975A Pending JP2002366525A (en) | 2001-06-12 | 2001-06-12 | Security policy maintenance system |
Country Status (1)
| Country | Link |
|---|---|
| JP (1) | JP2002366525A (en) |
Cited By (30)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2004234378A (en) * | 2003-01-30 | 2004-08-19 | Fujitsu Ltd | Security management device and security management method |
| JP2004234208A (en) * | 2003-01-29 | 2004-08-19 | Mitsubishi Electric Corp | Security measures operation management device |
| JP2004265286A (en) * | 2003-03-04 | 2004-09-24 | Fujitsu Ltd | Mobile device management according to security policies selected for the environment |
| JP2005293117A (en) * | 2004-03-31 | 2005-10-20 | Fujitsu Ltd | Security improvement auxiliary program, server device, security improvement auxiliary method |
| JP2005301551A (en) * | 2004-04-09 | 2005-10-27 | Hitachi Ltd | Security countermeasure system and integrated security system |
| JP2006215777A (en) * | 2005-02-03 | 2006-08-17 | Nec Corp | Carrying-in/carrying-out management system and method for information processor |
| JP2007520763A (en) * | 2003-06-24 | 2007-07-26 | ノキア インコーポレイテッド | Apparatus, system, method, and computer program product for performing integrity verification of a remote client |
| JP2008083886A (en) * | 2006-09-27 | 2008-04-10 | Hitachi Software Eng Co Ltd | Confidential information leakage prevention method and system |
| JP2008515085A (en) * | 2004-09-30 | 2008-05-08 | サイトリックス システムズ, インコーポレイテッド | Method and apparatus for assigning access control levels in providing access to network content files |
| JP2009069959A (en) * | 2007-09-11 | 2009-04-02 | Hitachi Information Systems Ltd | Software management system and method and program |
| US7809001B2 (en) | 2004-07-21 | 2010-10-05 | Fujitsu Limited | Opened network connection control method, opened network connection control system, connection control unit and recording medium |
| JP2011170886A (en) * | 2011-05-24 | 2011-09-01 | Canon Electronics Inc | Management server and control method of the same, computer program, and network management system |
| US8065423B2 (en) | 2004-09-30 | 2011-11-22 | Citrix Systems, Inc. | Method and system for assigning access control levels in providing access to networked content files |
| EP1428345B1 (en) * | 2001-08-24 | 2012-06-20 | ZIH Corp. | Method and apparatus for article authentication |
| US8266699B2 (en) | 2003-07-01 | 2012-09-11 | SecurityProfiling Inc. | Multiple-path remediation |
| US8281367B2 (en) | 2006-09-29 | 2012-10-02 | Hitachi, Ltd. | Quarantine system and method |
| US8286230B2 (en) | 2004-09-30 | 2012-10-09 | Citrix Systems, Inc. | Method and apparatus for associating tickets in a ticket hierarchy |
| US8312261B2 (en) | 2005-01-28 | 2012-11-13 | Citrix Systems, Inc. | Method and system for verification of an endpoint security scan |
| US8533846B2 (en) | 2006-11-08 | 2013-09-10 | Citrix Systems, Inc. | Method and system for dynamically associating access rights with a resource |
| US8613048B2 (en) | 2004-09-30 | 2013-12-17 | Citrix Systems, Inc. | Method and apparatus for providing authorized remote access to application sessions |
| JP2014529154A (en) * | 2011-09-27 | 2014-10-30 | アマゾン テクノロジーズ インコーポレイテッド | Secure data access based on policy compliance |
| US8984644B2 (en) | 2003-07-01 | 2015-03-17 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
| US9100431B2 (en) | 2003-07-01 | 2015-08-04 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
| US9118708B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Multi-path remediation |
| US9118710B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | System, method, and computer program product for reporting an occurrence in different manners |
| US9118709B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
| US9117069B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Real-time vulnerability monitoring |
| US9118711B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
| US9231825B2 (en) | 2004-11-09 | 2016-01-05 | Canon Denshi Kabushiki Kaisha | Network management apparatus, management server, client terminal, and control method thereof |
| US9350752B2 (en) | 2003-07-01 | 2016-05-24 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
-
2001
- 2001-06-12 JP JP2001215975A patent/JP2002366525A/en active Pending
Cited By (39)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1428345B1 (en) * | 2001-08-24 | 2012-06-20 | ZIH Corp. | Method and apparatus for article authentication |
| JP2004234208A (en) * | 2003-01-29 | 2004-08-19 | Mitsubishi Electric Corp | Security measures operation management device |
| JP2004234378A (en) * | 2003-01-30 | 2004-08-19 | Fujitsu Ltd | Security management device and security management method |
| JP2004265286A (en) * | 2003-03-04 | 2004-09-24 | Fujitsu Ltd | Mobile device management according to security policies selected for the environment |
| JP2007520763A (en) * | 2003-06-24 | 2007-07-26 | ノキア インコーポレイテッド | Apparatus, system, method, and computer program product for performing integrity verification of a remote client |
| JP2011044167A (en) * | 2003-06-24 | 2011-03-03 | Nokia Inc | Apparatus, system, method and computer program product for implementing remote client integrity verification |
| US10104110B2 (en) | 2003-07-01 | 2018-10-16 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
| US8266699B2 (en) | 2003-07-01 | 2012-09-11 | SecurityProfiling Inc. | Multiple-path remediation |
| US9118711B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
| US10050988B2 (en) | 2003-07-01 | 2018-08-14 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
| US9100431B2 (en) | 2003-07-01 | 2015-08-04 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
| US10154055B2 (en) | 2003-07-01 | 2018-12-11 | Securityprofiling, Llc | Real-time vulnerability monitoring |
| US10021124B2 (en) | 2003-07-01 | 2018-07-10 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
| US9117069B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Real-time vulnerability monitoring |
| US9118708B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Multi-path remediation |
| US8984644B2 (en) | 2003-07-01 | 2015-03-17 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
| US9350752B2 (en) | 2003-07-01 | 2016-05-24 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
| US9225686B2 (en) | 2003-07-01 | 2015-12-29 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
| US9118710B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | System, method, and computer program product for reporting an occurrence in different manners |
| US9118709B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
| JP2005293117A (en) * | 2004-03-31 | 2005-10-20 | Fujitsu Ltd | Security improvement auxiliary program, server device, security improvement auxiliary method |
| JP2005301551A (en) * | 2004-04-09 | 2005-10-27 | Hitachi Ltd | Security countermeasure system and integrated security system |
| US7809001B2 (en) | 2004-07-21 | 2010-10-05 | Fujitsu Limited | Opened network connection control method, opened network connection control system, connection control unit and recording medium |
| US8286230B2 (en) | 2004-09-30 | 2012-10-09 | Citrix Systems, Inc. | Method and apparatus for associating tickets in a ticket hierarchy |
| US8613048B2 (en) | 2004-09-30 | 2013-12-17 | Citrix Systems, Inc. | Method and apparatus for providing authorized remote access to application sessions |
| US9311502B2 (en) | 2004-09-30 | 2016-04-12 | Citrix Systems, Inc. | Method and system for assigning access control levels in providing access to networked content files |
| US8352606B2 (en) | 2004-09-30 | 2013-01-08 | Citrix Systems, Inc. | Method and system for assigning access control levels in providing access to networked content files |
| US8065423B2 (en) | 2004-09-30 | 2011-11-22 | Citrix Systems, Inc. | Method and system for assigning access control levels in providing access to networked content files |
| JP2008515085A (en) * | 2004-09-30 | 2008-05-08 | サイトリックス システムズ, インコーポレイテッド | Method and apparatus for assigning access control levels in providing access to network content files |
| US9231825B2 (en) | 2004-11-09 | 2016-01-05 | Canon Denshi Kabushiki Kaisha | Network management apparatus, management server, client terminal, and control method thereof |
| US8312261B2 (en) | 2005-01-28 | 2012-11-13 | Citrix Systems, Inc. | Method and system for verification of an endpoint security scan |
| JP2006215777A (en) * | 2005-02-03 | 2006-08-17 | Nec Corp | Carrying-in/carrying-out management system and method for information processor |
| JP2008083886A (en) * | 2006-09-27 | 2008-04-10 | Hitachi Software Eng Co Ltd | Confidential information leakage prevention method and system |
| US8281367B2 (en) | 2006-09-29 | 2012-10-02 | Hitachi, Ltd. | Quarantine system and method |
| US8533846B2 (en) | 2006-11-08 | 2013-09-10 | Citrix Systems, Inc. | Method and system for dynamically associating access rights with a resource |
| US9401931B2 (en) | 2006-11-08 | 2016-07-26 | Citrix Systems, Inc. | Method and system for dynamically associating access rights with a resource |
| JP2009069959A (en) * | 2007-09-11 | 2009-04-02 | Hitachi Information Systems Ltd | Software management system and method and program |
| JP2011170886A (en) * | 2011-05-24 | 2011-09-01 | Canon Electronics Inc | Management server and control method of the same, computer program, and network management system |
| JP2014529154A (en) * | 2011-09-27 | 2014-10-30 | アマゾン テクノロジーズ インコーポレイテッド | Secure data access based on policy compliance |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP2002366525A (en) | Security policy maintenance system | |
| US11722875B2 (en) | IoT device discovery and identification | |
| US11330005B2 (en) | Privileged account breach detections based on behavioral access patterns | |
| US8001610B1 (en) | Network defense system utilizing endpoint health indicators and user identity | |
| CN108702360B (en) | Digital asset protection policy using dynamic network attributes | |
| US20200012769A1 (en) | Systems and Methods for Providing Real Time Security and Access Monitoring of a Removable Media Device | |
| US20090217342A1 (en) | Parental Control for Social Networking | |
| US8392972B2 (en) | Protected access control method for shared computer resources | |
| US8925036B2 (en) | Secure enterprise network | |
| US20030130953A1 (en) | Systems and methods for monitoring the presence of assets within a system and enforcing policies governing assets | |
| US8091119B2 (en) | Identity based network mapping | |
| US20120151565A1 (en) | System, apparatus and method for identifying and blocking anomalous or improper use of identity information on computer networks | |
| US20090247125A1 (en) | Method and system for controlling access of computer resources of mobile client facilities | |
| GB2551792A (en) | Elastic outbound gateway | |
| KR20050026624A (en) | Integration security system and method of pc using secure policy network | |
| US20160028771A1 (en) | Using events to identify a user and enforce policies | |
| US20080184368A1 (en) | Preventing False Positive Detections in an Intrusion Detection System | |
| US20250202925A1 (en) | Providing identity protection | |
| CN100539499C (en) | A Safe Star LAN Computer System | |
| US20070162596A1 (en) | Server monitor program, server monitor device, and server monitor method | |
| CN106453336B (en) | Method for internal network to actively provide external network host calling service | |
| CN110875923A (en) | Enhanced network access control (eNAC) framework | |
| US11916858B1 (en) | Method and system for outbound spam mitigation | |
| Wang et al. | Context-aware environment-role-based access control model for web services | |
| CN115486105B (en) | IOT device discovery and identification |