Patents by Inventor Klaus Julisch
Klaus Julisch has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9094457Abstract: A method for automated network deployment of cloud services into a network is suggested. The method includes receiving a certain cloud service with a certain resource protection template specifying an isolation policy for isolating zones in the network, receiving certain customer protection parameters specifying customer needs regarding protection in the network, providing security requirements by matching the received resource protection templates and the received customer protection parameters, and automatically deploying the certain cloud service into the network by using the provided security requirements.Type: GrantFiled: July 29, 2013Date of Patent: July 28, 2015Assignee: International Business Machines CorporationInventors: Klaus Julisch, Georg Ochs, Matthias Schunter
-
Patent number: 8826455Abstract: Given a new user U or a user whose role in the organization changed, an automated method of the present disclosure in one aspect determines the new or revised access permissions the user should have. In one aspect, the method of the present disclosure automatically determines access rights based on the access rights held by similar users. This general idea, including a formalization of similarity between users, the details of how access rights are determined, and an algorithm to test if the presented methods are safe to use are provided.Type: GrantFiled: February 17, 2009Date of Patent: September 2, 2014Assignee: International Business Machines CorporationInventors: Klaus Julisch, Guenter Karjoth
-
Publication number: 20140033268Abstract: A method for automated network deployment of cloud services into a network is suggested. The method includes receiving a certain cloud service with a certain resource protection template specifying an isolation policy for isolating zones in the network, receiving certain customer protection parameters specifying customer needs regarding protection in the network, providing security requirements by matching the received resource protection templates and the received customer protection parameters, and automatically deploying the certain cloud service into the network by using the provided security requirements.Type: ApplicationFiled: July 29, 2013Publication date: January 30, 2014Applicant: International Business Machnies CorporationInventors: Klaus Julisch, Georg Ochs, Matthias Schunter
-
Method, computer program element and a system for processing alarms triggered by a monitoring system
Patent number: 8615803Abstract: A method and system is designed for processing alarms, that have been triggered by a monitoring system such as an intrusion detection system, a firewall, or a network management system, comprising the steps of entering the triggered alarms into an alarm log, evaluating similarity between alarms, grouping similar alarms into alarm clusters, summarizing alarm clusters by means of generalized alarms, counting the covered alarms for each generalized alarm and forwarding generalized alarms for further processing if the number of alarms covered satisfies a predetermined criterion. In the event of high rates of alarm messages, possibly containing many false alarms, a system administrator will therefore not be confronted with a flood of messages with little significance. Instead, only generalized alarms, more meaningful and smaller in number, are presented.Type: GrantFiled: June 19, 2008Date of Patent: December 24, 2013Assignee: International Business Machines CorporationInventors: Marc Dacier, Klaus Julisch -
Patent number: 8544092Abstract: A peripheral device includes an interface configured to communicate with a computer, the peripheral device; logic configured to perform an integrity verification of an operating system of the computer; and a display configured to display a result of the integrity verification. A method for integrity verification of a computer using a peripheral device includes connecting the peripheral device to the computer; sending a challenge from the device to the computer; computing attestation data using the challenge and information stored in the computer, retrieving the attestation data from the computer by a client program running on the computer; sending the attestation data to the peripheral device; and verifying the attestation data by the peripheral device.Type: GrantFiled: March 12, 2009Date of Patent: September 24, 2013Assignee: International Business Machines CorporationInventors: Reto Hermann, Klaus Julisch, Matthias Schunter
-
Publication number: 20130031182Abstract: A method for resolving an exchange of a first object and a second object in a communication network. The first object is sent by a first entity to a second entity, the second object having been requested by the first entity from the second entity. A number of verifiers verify a transfer of the first object from the first entity, a number of trustees provide the second object or an equivalent to the second object. There are at least two verifiers or two trustees. Transfer verification is provided by at least one verifier. If the transfer of the first object from the first entity is verified, and a step of transferring the second objector the equivalent to the first entity by at least one trustee of the number of trustees based on the transfer verification.Type: ApplicationFiled: July 19, 2012Publication date: January 31, 2013Applicant: International Business Machines CorporationInventors: Thomas R. Gross, Klaus Julisch, Matthias Schunter
-
Publication number: 20120084868Abstract: A method for locating documents has a step of, on each entity of the plurality of document-storing entities, calculating a respective fingerprint for each document of the documents stored on the entity, a step of transferring the calculated fingerprints by the entities to a data localization server having a fingerprint database for storing the transferred fingerprints, and a step of, at the data localization server, locating copies of a specimen document by calculating a fingerprint of the specimen document and comparing the calculated fingerprint of the specimen document with the fingerprints stored in the fingerprint database.Type: ApplicationFiled: September 16, 2011Publication date: April 5, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: Klaus Julisch
-
Patent number: 7953677Abstract: A computer implemented method and system for analysing a first set of data records where each data record comprises attribute values for one or more attributes, by expanding the first set of data records into a second set of data records by creating for at least one of the attributes of the first set of data records at least two redundant attributes with corresponding redundant attribute values, assigning different generalization rules to the at least two redundant attributes, and performing a generalization of the second set of data records by means of an attribute-oriented induction (AOI)-algorithm.Type: GrantFiled: December 19, 2007Date of Patent: May 31, 2011Assignee: International Business Machines CorporationInventors: Birgit Baum-Waidner, Klaus Julisch, Andreas Wespi
-
Publication number: 20100235912Abstract: A peripheral device includes an interface configured to communicate with a computer, the peripheral device; logic configured to perform an integrity verification of an operating system of the computer; and a display configured to display a result of the integrity verification. A method for integrity verification of a computer using a peripheral device includes connecting the peripheral device to the computer; sending a challenge from the device to the computer; computing attestation data using the challenge and information stored in the computer, retrieving the attestation data from the computer by a client program running on the computer; sending the attestation data to the peripheral device; and verifying the attestation data by the peripheral device.Type: ApplicationFiled: March 12, 2009Publication date: September 16, 2010Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Reto Hermann, Klaus Julisch, Matthias Schunter
-
Publication number: 20100211989Abstract: Given a new user U or a user whose role in the organization changed, an automated method of the present disclosure in one aspect determines the new or revised access permissions the user should have. In one aspect, the method of the present disclosure automatically determines access rights based on the access rights held by similar users. This general idea, including a formalization of similarity between users, the details of how access rights are determined, and an algorithm to test if the presented methods are safe to use are provided.Type: ApplicationFiled: February 17, 2009Publication date: August 19, 2010Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Klaus Julisch, Guenter Karjoth
-
METHOD, COMPUTER PROGRAM ELEMENT AND A SYSTEM FOR PROCESSING ALARMS TRIGGERED BY A MONITORING SYSTEM
Publication number: 20080291018Abstract: A method and system is designed for processing alarms, that have been triggered by a monitoring system such as an intrusion detection system, a firewall, or a network management system, comprising the steps of entering the triggered alarms into an alarm log, evaluating similarity between alarms, grouping similar alarms into alarm clusters, summarizing alarm clusters by means of generalized alarms, counting the covered alarms for each generalized alarm and forwarding generalized alarms for further processing if the number of alarms covered satisfies a predetermined criterion. In the event of high rates of alarm messages, possibly containing many false alarms, a system administrator will therefore not be confronted with a flood of messages with little significance. Instead, only generalized alarms, more meaningful and smaller in number, are presented.Type: ApplicationFiled: June 19, 2008Publication date: November 27, 2008Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Marc Dacier, Klaus Julisch -
Method, computer program element and a system for processing alarms triggered by a monitoring system
Patent number: 7437762Abstract: A method and system is designed for processing alarms, that have been triggered by a monitoring system such as an intrusion detection system, a firewall, or a network management system, comprising the steps of entering the triggered alarms into an alarm log, evaluating similarity between alarms, grouping similar alarms into alarm clusters, summarizing alarm clusters by means of generalized alarms, counting the covered alarms for each generalized alarm and forwarding generalized alarms for further processing if the number of alarms covered satisfies a predetermined criterion.Type: GrantFiled: November 1, 2002Date of Patent: October 14, 2008Assignee: International Business Machines CorporationInventors: Marc Dacier, Klaus Julisch -
Publication number: 20080235799Abstract: Described is a technique for detecting attacks on a data communications network having a plurality of addresses for assignment to data processing systems in the network. The technique involves identifying data traffic on the network originating at any assigned address and addressed to any unassigned address. Any data traffic so identified is inspected for data indicative of an attack. On detection of data indicative of an attack, an alert signal is generated.Type: ApplicationFiled: June 2, 2008Publication date: September 25, 2008Inventors: Klaus Julisch, James F. Riordan
-
Publication number: 20080222059Abstract: A computer implemented method and system for analysing a first set of data records where each data record comprises attribute values for one or more attributes, by expanding the first set of data records into a second set of data records by creating for at least one of the attributes of the first set of data records at least two redundant attributes with corresponding redundant attribute values, assigning different generalization rules to the at least two redundant attributes, and performing a generalization of the second set of data records by means of an attribute-oriented induction (AOI)-algorithm.Type: ApplicationFiled: December 19, 2007Publication date: September 11, 2008Applicant: International Business Machines CorporationInventors: Birgit Baum-Waidner, Klaus Julisch, Andreas Wespi
-
Patent number: 7406606Abstract: An apparatus, a method, and a computer program are provided for distinguishing relevant security threats. With conventional computer systems, distinguishing security threats from actual security threats is a complex and difficult task because of the general inability to quantify a “threat.” By the use of an intelligent conceptual clustering technique, threats can be accurately distinguished from benign behaviors. Thus, electronic commerce, and Information Technology systems generally, can be made safer without sacrificing efficiency.Type: GrantFiled: April 8, 2004Date of Patent: July 29, 2008Assignee: International Business Machines CorporationInventors: Anil Jagdish Chawla, David Perry Greene, Klaus Julisch, Aaron Edward Fredrick Rankin, Jonathan Michael Seeber, Rhys Ulerich
-
Publication number: 20070094728Abstract: The present invention provides a method for generating from requests from a first data network attack signatures for use in a second data network having a plurality of addresses assigned to data processing systems, the method comprising receiving data traffic from the first data network addressed to a number of unassigned addresses in a third data network; inspecting several incidents of the received data traffic for a common data pattern, upon finding a said data pattern, determining from the corresponding data traffic the attack signature for use in detecting attacks for the second data network. The invention also provides an apparatus for generating from requests on a first data network attack signatures for use in a second data network having a plurality of addresses assigned to data processing systems.Type: ApplicationFiled: November 24, 2003Publication date: April 26, 2007Inventors: Klaus Julisch, James Riordan
-
Publication number: 20050229253Abstract: An apparatus, a method, and a computer program are provided for distinguishing relevant security threats. With conventional computer systems, distinguishing security threats from actual security threats is a complex and difficult task because of the general inability to quantify a “threat.” By the use of an intelligent conceptual clustering technique, threats can be accurately distinguished from benign behaviors. Thus, electronic commerce, and Information Technology systems generally, can be made safer without sacrificing efficiency.Type: ApplicationFiled: April 8, 2004Publication date: October 13, 2005Applicant: International Business Machines CorporationInventors: Anil Chawla, David Greene, Klaus Julisch, Aaron Edward Rankin, Jonathan Seeber, Rhys Ulerich
-
Method, computer program element and a system for processing alarms triggered by a monitoring system
Publication number: 20030110398Abstract: A method and system is designed for processing alarms, that have been triggered by a monitoring system such as an intrusion detection system, a firewall, or a network management system, comprising the steps of entering the triggered alarms into an alarm log, evaluating similarity between alarms, grouping similar alarms into alarm clusters, summarizing alarm clusters by means of generalized alarms, counting the covered alarms for each generalized alarm and forwarding generalized alarms for further processing if the number of alarms covered satisfies a predetermined criterion. In the event of high rates of alarm messages, possibly containing many false alarms, a system administrator will therefore not be confronted with a flood of messages with little significance. Instead, only generalized alarms, more meaningful and smaller in number, are presented.Type: ApplicationFiled: November 1, 2002Publication date: June 12, 2003Applicant: International Business Machines CorporationInventors: Marc Dacier, Klaus Julisch -
Publication number: 20030101260Abstract: A method and system is proposed that allow to process alarms, that have been triggered by a monitoring system, by means of a model representing the normal alarm behavior of the monitoring system. The number of alarms, that have been triggered, and the number of alarms, that have been filtered by means of the model, are counted. Then the ratio between the number of alarms, that have been filtered, and the number of alarms, that have been triggered, is calculated; and the update of the model is started whenever the ratio has reached a first or a second threshold value. Thus in order to efficiently achieve an optimal over-all performance, an update of the model is always performed, whenever a decline in the model's performance is detected. In a preferred embodiment, alarms that have been triggered, are grouped depending on source address information contained therein.Type: ApplicationFiled: October 31, 2002Publication date: May 29, 2003Applicant: International Business Machines CorporationInventors: Marc Dacier, Klaus Julisch