US2009106817A1PendingUtilityA1

Security management apparatus, security management system, security management method, and security management program

Assignee: FUJITSU LTDPriority: Feb 24, 2003Filed: Dec 18, 2008Published: Apr 23, 2009
Est. expiryFeb 24, 2023(expired)· nominal 20-yr term from priority
H04L 9/40H04L 63/145H04L 67/34H04L 63/14
51
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A security management apparatus is capable of taking various security measures while referencing machine information and hence excellent in flexibility and widely applicable. The apparatus includes a security diagnostic unit for making a security diagnosis on the basis of security information obtained from a security information providing apparatus for providing information concerning security in a network and further on the basis of machine information obtained from at least one network machine connected to a network to judge a type of security-related processing to be executed for the network machine and also judge whether or not the security-related processing needs to be executed. A security execution unit executes predetermined security measure processing for the network machine on the basis of a result of diagnosis made by the security diagnostic unit.

Claims

exact text as granted — not AI-modified
1 . A security management apparatus comprising:
 a security diagnostic unit for making a security diagnosis on a basis of machine information obtained from at least one network machine connected to a network and further on a basis of machine-related information obtained from a machine-related information storage unit containing predetermined information about network machines that are connected to said network or may be connected to said network to judge a type of security-related processing to be executed for said network machine or a predetermined network including said network machine and also judge whether the security-related processing needs to be executed; and   a security execution unit for executing predetermined security measure processing for said network machine or the predetermined network including said network machine on a basis of a result of diagnosis made by said security diagnostic unit.   
   
   
       2 . The security management apparatus according to  claim 1 , wherein said machine information includes a notice of a change in equipment configuration and at least information concerning the equipment configuration that may be changed, and said machine-related information includes equipment configuration information specifying whether the network machine is usable in said network. 
   
   
       3 . A security management method comprising:
 obtaining machine information from at least one network machine connected to a network;   obtaining machine-related information from a machine-related information storage unit containing predetermined information about network machines that are connected to said network or may be connected to said network;   making a security diagnosis on a basis of said machine information and said machine-related information to judge a type of security-related processing to be executed for said network machine or a predetermined network including said network machine and also judge whether the security-related processing needs to be executed; and   executing predetermined security measure processing for said network machine or the predetermined network including said network machine on a basis of a result of diagnosis made by said security diagnosis.   
   
   
       4 . A computer readable storage unit storing a security management program for instructing a computer to execute security management operations comprising:
 obtaining machine information from at least one network machine connected to a network;   obtaining machine-related information from a machine-related information storage unit containing predetermined information about network machines that are connected to said network or may be connected to said network;   making a security diagnosis on a basis of said machine information and said machine-related information to judge a type of security-related processing to be executed for said network machine or a predetermined network including said network machine and also judge whether the security-related processing needs to be executed; and   executing predetermined security measure processing for said network machine or the predetermined network including said network machine on a basis of a result of diagnosis made by said security diagnosis.   
   
   
       5 . The security management method according to  claim 3 , wherein said machine information includes a notice of a change in equipment configuration and at least information concerning the equipment configuration that may be changed, and said machine-related information includes equipment configuration information specifying whether the network machine is usable in said network. 
   
   
       6 . The computer readable storage unit according to  claim 4 , wherein said machine information includes a notice of a change in equipment configuration and at least information concerning the equipment configuration that may be changed, and said machine-related information includes equipment configuration information specifying whether the network machine is usable in said network. 
   
   
       7 . The security management apparatus according to  claim 1 , wherein said security diagnostic unit judges whether said network machine needs to be isolated, and said security execution unit executes processing for isolating said network machine on a basis of a result of judgment made by said security diagnostic unit. 
   
   
       8 . The security management method according to  claim 3 , said security diagnosis judges whether said network machine needs to be isolated, and said security measure processing executes processing for isolating said network machine on a basis of a result of judgment made by said security diagnostic unit. 
   
   
       9 . The computer readable storage unit according to  claim 4 , said security diagnosis judges whether said network machine needs to be isolated, and said security measure processing executes processing for isolating said network machine on a basis of a result of judgment made by said security diagnostic unit.

Join the waitlist — get patent alerts

Track US2009106817A1 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.