[Federal Register Volume 74, Number 131 (Friday, July 10, 2009)]
[Notices]
[Page 33210]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E9-16370]


-----------------------------------------------------------------------

DEPARTMENT OF COMMERCE

National Institute of Standards and Technology


Notice of Invention Available for Licensing

AGENCY: National Institute of Standards and Technology, Commerce.

ACTION: Notice of invention available for licensing.

-----------------------------------------------------------------------

SUMMARY: The invention listed below is owned in part by the U.S. 
Government, as represented by the Department of Commerce, and George 
Mason University. The U.S. Government's ownership in the invention is 
available for licensing in accordance with 35 U.S.C. 207 and 37 CFR 
part 404 to achieve expeditious commercialization of results of 
federally funded research and development.

FOR FURTHER INFORMATION CONTACT: Technical and licensing information on 
this invention may be obtained by writing to: National Institute of 
Standards and Technology, Office of Technology Partnerships, Attn: Mary 
Clague, Building 222, Room A240, Gaithersburg, MD 20899. Information is 
also available via telephone: 301-975-4188, fax 301-975-3482, or e-
mail: [email protected]. Any request for information should include 
the NIST Docket number and title for the invention as indicated below.

SUPPLEMENTARY INFORMATION: NIST may enter into a Cooperative Research 
and Development Agreement (``CRADA'') with the licensee to perform 
further research on the invention for purposes of commercialization. 
The invention available for licensing is:
[NIST DOCKET NUMBER: 07-001].
    Title: Interactive Analysis of Attack Graphs Using Relational 
Queries.
    Abstract: Attack graph is important in defending against well-
orchestrated network intrusions. However, the current analysis of 
attack graphs requires an algorithm to be developed and implemented, 
causing a delay in the availability of analysis. Such a delay is 
usually unacceptable because the needs for analyzing attack graphs may 
change rapidly in defending against network intrusions. An 
administrator may want to revise an analysis upon observing its 
outcome. Such an analysis, similar to that in decision support systems, 
is difficult if at all possible with current approaches based on 
proprietary algorithms. This invention removes the above limitation and 
enables interactive analysis of attack graphs. A relational model is 
devised for representing necessary inputs including network 
configuration and domain knowledge. The attack graph from those inputs 
as relational views is generated. Typical analyses of the attack graph 
can be realized as relational queries against the views are shown. This 
approach eliminates the needs for developing a proprietary algorithm 
for each different analysis, because an analysis is now simply a 
relational query. The interactive analysis of attack graphs is now 
possible, because relational queries can be dynamically constructed and 
revised at run time. Moreover, the mature optimization techniques in 
relational databases can also improve the performance of the analysis.

    Dated: July 6, 2009.
Patrick Gallagher,
Deputy Director.
[FR Doc. E9-16370 Filed 7-9-09; 8:45 am]
BILLING CODE 3510-13- P