Inventors:
Ellis E. Bishop - Austin TX, US
Randy S. Johnson - O'Fallon MI, US
Linda D. Kalmes - Loveland CO, US
Gary Little - Apex NC, US
Tedrick N. Northway - Wood River IL, US
H. William Rinckel - Prospect CT, US
Samuel R. Thennis - Longmont CO, US
International Classification:
G06F 12/14
Abstract:
An on-demand security service ensures isolation of the service provider's customers where the customers share resources at the system, subsystem, and storage level. The security service is provided in a pre-production phase and in a post production phase. The pre-production phase takes place prior to boarding the customer. In the pre-production phase the resources to be protected are defined in a security guide, and using the security guide, physical segregation at the facility, network, and technical and delivery support levels is planned and then implemented. In the post production phase, on going activities are proactive and reactive. Proactive activities include maintaining physical segregation by reviewing and updating the security guide, and testing physical segregation by performing security audits and penetration tests. Observations and finding of the audits and penetration tests are resolved. Reactive activities include identifying isolation failures, coordinating appropriate actions, and resolving the isolation failure. The service may be embodied in a system and in a computer implemented process comprising a security guide file (SGF), a security guide application (SGA), a security implementation application (SIA), a security validation application (SVA), and an event coordination application (ECA).