Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indicators and Patent Document
ICCMSE 2007@Corfu, Greece
Nai-Wen Hsu; Jr-Shiuan Liang; Yi-Chang Chen [email protected]; [email protected]; [email protected]
STPI@TaiwanProvide the strategies for Taiwan’s government in drawin
g up science and technology policies.
04/13/23 3
Outline
• Introduction• Why patents?• Methods
– Patent indicator analysis– Patent documents analysis
• Results• Potential strategies• Conclusions
04/13/23 4
The Method of Policy Formulation in Taiwan
• Delphi• Focus groups• Discussion forums
04/13/23 5
What Is the Problem?
• One of information security policy goal in Taiwan :– Consolidation of national information &
communication security
Gap: What? When? Who?
– Action plan...
04/13/23 6
Our Approach
• Patent indicators analysis– Provide comprehensive point of view
• Patent document analysis– Discover the specific trend
04/13/23 7
Why Patents?
• Patent statistics is used to be economic indicators– Griliches Z., 1990. Patent Statistics as Economic Indicators: A Survey
• To identify advanced technological areas and leading country (who)– Karki M. M. S., and Road K. S. K., 1997. Patent Citation Analysis: A Policy Analy
sis Tool – H. Ernst, 2003, Patent Information for Strategic Technology Management
• Discover the trend by analyzing patent document (what)– Lent B., Agrawal R., and Srikant R.,1997. Discovering Trends in Text
Databases
– Sheremetyeva S., 2003, Natural Language Analysis of Patent Claims
04/13/23 8
USPTO
• United States Patent and Trademark Office– 6 million entries,– 70 countries,– open access database,– well-structured classification,– fixed format
04/13/23 9
Work Flow
Association Rules [ARs]
Patent DB(USPTO)
Potential Strategies
WordNet Dictionary
Linguistic Preprocessing
Candidate Phrase Generation
Domain Expert
Step 1
Step 2
CII / TCT / SLI
Patent Indicators
Patentscountry
Tokens [T] Phrases [P]
NooJTime
Periods
UPC/726 to Taiwan’s IS
Categorization
04/13/23 10
USPTO UPC/726 to Taiwan’s IS Categorizations
Abbrev.
IS categorizations in Taiwan
UPC/726 Quant.
FW Firewall 11, 12, 13 117
VPN Virtual Private Network 14, 15 232
IPS Intrusion Prevention Systems 22, 23 365
VM Vulnerability Management 22, 25 299
MP Malware Prevention 22, 24 354
AC Electronic Authentication Security•Access Control Method
21, 26, 27, 28, 29, 30
752
NA Electronic Authentication Security •Network Access Control
02, 03, 04, 05, 06, 07, 08, 09, 10, 21
1461
SA Electronic Authentication Security• System Access Control
02, 16, 17, 18, 19, 20, 21
783
Ref: RDEC, 2005. Information Security Regulation Development Blueprint (Draft)
04/13/23 11
Step 1: Patent Indicators Analysis
Association Rules [ARs]
Patent DB(USPTO)
Potential Strategies
WordNet Dictionary
Linguistic Preprocessing
Candidate Phrase Generation
Domain Expert
Step 1
Step 2
CII / TCT / SLI
Tokens [T] Phrases [P]
NooJTime
Periods
UPC/726 to Taiwan’s IS
Categorization
PatentscountryPatent
Indicators
04/13/23 12
Selected Countries
US
CA
GB
FR
IL
DE
FI
TW
JP
IE
04/13/23 13
Patent Indicators
• Number of Patent• Current Impact Index, CII
– Number of citation → Imply the capability of technology
• Technology Cycle Time, TCT– Average year cited → Measure the speed of innovation
• Science Linkage Index, SLI– Comparison of scientific research to patent → Evaluate
the utilization of scientific research
i iijij
ijijij KC
KCCII
/
/
ij
P
nijn
ij P
TTCT
ij
1
i iijij
ijijij PR
PRSL
/
/
Ref: Narin F. and Hamilton K. S., 1996. Bibliometric performance measures
04/13/23 14
Results of Step 1
0
5
10
15
US JP CA FR IL GB FI DE TW IE
Firewall Virtual Private Network Intrusion Prevention Systems Vulnerability Management Malware Prevention Access ControlNetwork Access System Access
0
25
50
75
US JP CA FR IL GB FI DE TW IE
Firewall Virtual Private Network Intrusion Prevention Systems Vulnerability Management Malware Prevention Access ControlNetwork Access System Access
Fig. 1 Patent issued by year Fig. 2 CII of category by country in 2004, 2005, 2006
Fig. 4 SLI of category by countryFig. 3 TCT of category by country
0
500
1000
1500
` 99 ` 00 ` 01 ` 02 ` 03 ` 04 ` 05 ` 06
Firewall Virtual Private Network Intrusion Prevention Systems Vulnerability Management Malware Prevention Access ControlNetwork Access System Access
USIL
TW
04 FW
05 FW
06 FW
0
4
8
04 FW 04 VPN 04 IPS 04 VM 04 MP 04 AC 04 NA 04 SA
05 FW 05 VPN 05 IPS 05 VM 05 MP 05 AC 05 NA 05 SA
06 FW 06 VPN 06 IPS 06 VM 06 MP 06 AC 06 NA 06 SA
04/13/23 15
Fig. 1 Patent issued by year
0
500
1000
1500
` 99 ` 00 ` 01 ` 02 ` 03 ` 04 ` 05 ` 06
Firewall Virtual Private Network Intrusion Prevention Systems Vulnerability Management Malware Prevention Access ControlNetwork Access System Access
04/13/23 16
Results of Step 1
0
5
10
15
US JP CA FR IL GB FI DE TW IE
Firewall Virtual Private Network Intrusion Prevention Systems Vulnerability Management Malware Prevention Access ControlNetwork Access System Access
0
25
50
75
US JP CA FR IL GB FI DE TW IE
Firewall Virtual Private Network Intrusion Prevention Systems Vulnerability Management Malware Prevention Access ControlNetwork Access System Access
Fig. 1 Patent issued by year Fig. 2 CII of category by country in 2004, 2005, 2006
Fig. 4 SLI of category by countryFig. 3 TCT of category by country
0
500
1000
1500
` 99 ` 00 ` 01 ` 02 ` 03 ` 04 ` 05 ` 06
Firewall Virtual Private Network Intrusion Prevention Systems Vulnerability Management Malware Prevention Access ControlNetwork Access System Access
USIL
TW
04 FW
05 FW
06 FW
0
4
8
04 FW 04 VPN 04 IPS 04 VM 04 MP 04 AC 04 NA 04 SA
05 FW 05 VPN 05 IPS 05 VM 05 MP 05 AC 05 NA 05 SA
06 FW 06 VPN 06 IPS 06 VM 06 MP 06 AC 06 NA 06 SA
04/13/23 17
Step 2: Patent Document Analysis
Patent DB(USPTO)
Potential StrategiesLinguistic
PreprocessingCandidate Phrase
Generation
Domain Expert
Step 1
Step 2
CII / TCT / SLI
Patent Indicators
Patentscountry
UPC/726 to Taiwan’s IS
Categorization
WordNet Dictionary
NooJTime
Periods
Tokens [T] Phrases [P]Association Rules [ARs]
04/13/23 18
Linguistic Preprocessing
• Separate every patent into tokens• Noun, Verb, Adjective, or Adverb is
already pre-defined in the WordNet dictionary file
Ref: WordNet 3.0 Reference Manual, 2006 Feldman R. et al, 1998. Text Mining at the Term Level
04/13/23 19
Candidate Phrase Generation
• “Noun Noun” or “Adjective Noun” are chosen as candidate phrase
Ref: NooJ manual, 2006
04/13/23 20
Association Rules Analysis
• Find the association rules in sentences– phrase X → phrase Y , support=10%,
confidence=1%
• Discover the trend by time period– upward, fair, downward
Ref: Lent B., Agrawal R., and Srikant R.,1997. Discovering Trends in Text Databases
04/13/23 21
Example
• The system of claim 1, wherein each of the plurality of interrogation engines comprises intrusion detection, virus detection, spam detection or policy violation detection.
04/13/23 22
Linguistic Preprocessing
• Noun– system, claim, plurality, interrogation, engines,
intrusion, detection, virus, detection, spam, detection, policy, violation, detection
• Verb– comprises
• Adjective– each
04/13/23 23
Candidate Phrase Generation
Phrases Frequency
interrogation engines 1
intrusion detection 1
virus detection 1
spam detection 1
policy violation 1
violation detection 1
04/13/23 24
Association Rules Analysis
• Association Rules – virus detection → spam detection
• Trend: upwardYear Frequen
cy
1999 0
2000 0
2001 1
2002 1
2003 1
2004 2
2005 2
2006 3
04/13/23 25
Results of Step 2
04/13/23 26
Potential StrategiesShort-Term: To fit the trend•Information security trend:
–From network access layer security to application layer security
•In Malware Prevention:–Prevent executable instructions attack from web browser –Prevent virus detection prevent the virus from spam or handheld computer
Middle-Term: To implement the defense-in-depth strategy•MP and IPS / MP and VM are similar:
–Taiwan should integrate with others from Malware Prevention
•Cover the insufficiency of Taiwan:–Israel and United States are the top priority cooperation partners–Israel performs well in Instruction Prevention System and Vulnerability Management
Long-Term: To solve the fundamental problem•Taiwan promotes in e-readiness but lacks in systems/programs security:
–Requires secure programming technique, correct and unified programming trait –Requires assessment scan on application systems codes
04/13/23 27
Conclusion
• Potential strategies could be proposed via our approach
• Some better mining algorithms may be adopted in the future
04/13/23 28
Thank you for your attention.
Top Related