A method to quantize threats on database through Analyzing and mining security rules' action
Publication Date: 2014-May-06
The IP.com Prior Art Database
In this idea, actions of the pre-defined security and auditing rules represent valuable information and most of them are discarded , our core idea is to capture and analyze these actions accroding to pre-defined rules to get the corresponding database health information. The actions will be catagorized and put into time frame here to show database health information in time period. This method will provide customer an intuition way to observe the database health in quantity-time dimension.
Page 01 of 6
A method to quantize threats on database through Analyzing and mining security rules
A method to quantize threats on database through Analyzing and mining security rules'
Currently, security and audit products have provided capabilities to monitor database access requests event, even block unauthorized or suspicious events following customer's predefined policies. so user's data could be safer than before. But the problem is that customers just have feelings that somebody want to attack or is attacking their data, they don't know how dangerous the database is, or whether it is more dangerous than last week. So presenting the real time database health status is very important, when monitoring data.
Current solutions just use reports or analyze the system log.
The disadvantages of current solution are summarized below:
1, Valuable data is diffused in huge volume data warehouse. building reports is a professional job which is hard for normal
user. it is hard to present data in an intuitive way.
2, Valuable data may be discarded because of inappropriate policies or actions, which make report a mission impossible.
3, It's very hard to get the database health trend by going though events log in real time.
Page 02 of 6
This invention will quantize the threats on database to let users have an intuitive view of database health status and database health trend. It use a little process to continue analyzing, mining and extracting the valuable data from captured database access event in real-time ,which reflects database health status , then save the data for later use. It will enforce much more customer confidence on database safety.
Our core idea is via continue analyzing actions taken according to predefined policy, generate new rules for extracting valuable information from all coming database accessing events that will be processed by security and audit product. Then the result will be summarized into one time frame to deduce the database health status during this time frame. It means the database health information is packed by using time frame as unit.
The advantages of the solution are listed below:
1. The actions of policy itself means a lot, this invention can take advantage of that to extract more useful information.
2. Reduce customer's workload. It presents most useful data directly, so the user does not need to look for a needle in a bottle of hay.
3. It also provides a way to make database health information linearization, and then it is possible to know the database health in real time.
4. It saves taken actions for data access, which make customer possible to do more re...