Information security – Monitoring or scanning of software or data including attack... – Vulnerability assessment
Reexamination Certificate
2007-07-26
2010-10-26
Dinh, Minh (Department: 2432)
Information security
Monitoring or scanning of software or data including attack...
Vulnerability assessment
Reexamination Certificate
active
07823206
ABSTRACT:
There are provided a method of efficiently establishing a security policy and an apparatus for supporting preparation of a security policy. According to a method of establishing a security policy in six steps, a simple security policy draft is first prepared. The security policy draft is adjusted so as to match realities of an organization, as required, thus completing a security policy stepwise. Therefore, a security policy can be established in consideration of a schedule or budget of the organization.
REFERENCES:
patent: 5164988 (1992-11-01), Matyas et al.
patent: 6324647 (2001-11-01), Bowman-Amuah
patent: A-7-141296 (1995-06-01), None
patent: A-7-262135 (1995-10-01), None
patent: A-11-168511 (1999-06-01), None
patent: A-2000-253066 (2000-09-01), None
patent: A-2001-251307 (2001-09-01), None
patent: A-2001-273377 (2001-10-01), None
patent: WO 98/11477 (1998-03-01), None
patent: WO 99/52039 (1999-10-01), None
patent: WO 00/08543 (2000-02-01), None
“Information Security Risk Assessment—Practices of Leading Organizations”, GAO, Nov. 1999, Retrieved from the Internet on Jan. 18, 2010: <URL: http://www.gao.gov/special.pubs/ai00033.pdf >.
Stoneburner et al., “Risk Management Guide for Information Technology Systems”, NIST, Jul. 2002, Retrieved from the Internet on Jan. 18, 2010: <URL: http://csrc.nist.gov/publications
istpubs/800-30/sp800-30.pdf>.
COBIT Steering Committee and Information Systems Audit and Control Foundation : COBIT Executive Summary 2ndEdition (1998) (http://www.isaca.org/execl.htm).
ISO/IEC TR 13335-1-3 (GMITS) Technical Report (1996-1998).
Generally-Accepted System Security Principles (GASSP) V2 (1999) (http://web.mit.edu/security/www/gassopl.html).
Common Criteria V2 (http://csrc.nist.gov/cc/ccv20/ccv2list.htm).
“The Information Security Maturity Grid” Timothy R. Stacey Information System Security p. 22 Summer 1996.
Peltier, “Information Security Policies and Procedures: A Practitioner's Reference,” Auerbach, 1998.
Enger, “Computer Security,” AMACOM.
Sun World vol. 9, No. 8, pp. 64-75, Aug. 1, 1999 (with translation).
Asgent, Inc.
Dinh Minh
Oliff & Berridg,e PLC
LandOfFree
Method and apparatus for establishing a security policy, and... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for establishing a security policy, and..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for establishing a security policy, and... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4177725