METHOD AND DEVICE FOR MANAGING SECURITY EVENTS

• Main Authors: BACA JIM S, MORGAN DENNIS M, PURCELL STACY P, ROSS ALAN D, KOHLENBERG TOBIAS M, AISSI SELIM
• Format: Patent
• Language: English; Korean
• Published: 03.04.2013
• Subjects: CALCULATING; COMPUTING; COUNTING; ELECTRIC COMMUNICATION TECHNIQUE; ELECTRIC DIGITAL DATA PROCESSING; ELECTRICITY; PHYSICS; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION

PURPOSE: A method for managing security events and a device thereof are provided to efficiently manage security events by receiving security event data from security event sources, determining the security events, and responding to the security events based on security policies. CONSTITUTION: A security event manager is opened in a mobile computing device and security event data is generated in the mobile computing device. The security event data is generated by a security event source of the mobile computing device. The security event data is received by using the security event manager(304). If the mobile computing device is close enough from a company security event manager server, the security event data is transmitted to the company security event manager server(310). If the mobile computing device is out of the company environment, the security event manager responds to a security event(320). [Reference numerals] (302) Opening a security event manager; (304) Collecting security event data from security event sources; (306) Memorizing action logs; (308) Computing device in a company environment?; (310) Transmitting the security event data to a company SEM server; (312) Transmitting user action logs and RBAC data; (314) Locally analyzing the security event data?; (316) Analyzing the security event data; (318) Security event?; (320) Responding to the security event; (AA,CC) No; (BB,DD) Yes;