System and method for evaluating and enhancing the security level of a network system
First Claim
Patent Images
1. A computer system comprising:
- a combination of memory that stores;
a library of elements for a security model, each element of the element library being defined by at least a data set type and a function, and each element of the element library including a relationship with one or more other elements of the security model;
a library of products, the product library storing information about a plurality of commercially available products, each product of the product library being deemed pertinent to a respective data set type and a respective function;
wherein each product of the product library is associated with one or more metrics that relate to at least one of a security aspect, an effectiveness aspect, a maturity aspect, or a cost aspect of the security model;
one or more processors to execute a set of instructions to;
receive input from a user, the input identifying a set of products that are deployed with a network computer system;
correlates the set of deployed products to a set of elements of the element library;
determine an evaluation for the network computer system with respect to the one or more security aspects, the evaluation being based on the set of elements and the one or more metrics that are associated with the set of deployed products;
generate a representation that reflects (i) the security model as applied to the network computer system, and (ii) the evaluation for the network computer system;
provide a recommendation to the user to improve the evaluation;
wherein the one or more processors generate the representation to have multiple dimensions, with each dimension representing at least one of multiple aspects of the security model; and
wherein the relationships of the element library include a predefined set of hierarchical relationships in which individual levels of the set of hierarchical relationships correlating to a dimension of the multiple dimensions.
1 Assignment
0 Petitions
Accused Products
Abstract
Examples described herein provide for a system that evaluates a security level of a network system. Additionally, examples described herein evaluate a security level of a network system in order to enable a determination of components that can be used to enhance the security level of the network system.
-
Citations
17 Claims
-
1. A computer system comprising:
-
a combination of memory that stores; a library of elements for a security model, each element of the element library being defined by at least a data set type and a function, and each element of the element library including a relationship with one or more other elements of the security model; a library of products, the product library storing information about a plurality of commercially available products, each product of the product library being deemed pertinent to a respective data set type and a respective function; wherein each product of the product library is associated with one or more metrics that relate to at least one of a security aspect, an effectiveness aspect, a maturity aspect, or a cost aspect of the security model; one or more processors to execute a set of instructions to; receive input from a user, the input identifying a set of products that are deployed with a network computer system; correlates the set of deployed products to a set of elements of the element library; determine an evaluation for the network computer system with respect to the one or more security aspects, the evaluation being based on the set of elements and the one or more metrics that are associated with the set of deployed products; generate a representation that reflects (i) the security model as applied to the network computer system, and (ii) the evaluation for the network computer system; provide a recommendation to the user to improve the evaluation; wherein the one or more processors generate the representation to have multiple dimensions, with each dimension representing at least one of multiple aspects of the security model; and wherein the relationships of the element library include a predefined set of hierarchical relationships in which individual levels of the set of hierarchical relationships correlating to a dimension of the multiple dimensions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for evaluating a network computer system, the method being implemented by one or more processors and comprising:
-
accessing a library of elements for a security model, each element of the element library being defined by at least a data set type and a function, and each element of the element library including a relationship with one or more other elements of the security model; accessing a library of products, the product library storing information about a plurality of commercially available products, each product of the product library being deemed pertinent to a respective data set type and a respective function; wherein each product of the product library is associated with one or more metrics that relate to at least one of a security aspect, an effectiveness aspect, a maturity aspect, or a cost aspect of the security model; receiving input from a user, the input identifying a set of products that are deployed with the network computer system; correlating the set of deployed products to a set of elements of the element library; determining an evaluation for the network computer system with respect to the one or more security aspects, the evaluation being based on the set of elements and the one or more metrics that are associated with the set of deployed products; generating a representation that reflects (i) the security model as applied to the network computer system, and (ii) the evaluation for the network computer system; and providing a recommendation to the user to improve the evaluation; wherein generating the representation includes generating the representation to have multiple dimensions, with each dimension representing at least one of multiple aspects of the security model; and wherein the relationships of the element library include a predefined set of hierarchical relationships in which individual levels of the set of hierarchical relationships correlating to a dimension of the multiple dimensions. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A non-transitory computer readable medium that stores instructions, which when executed by one or more processors of a computer system, cause the computer system to perform operations that include:
-
accessing a library of elements for a security model, each element of the element library being defined by at least a data set type and a function, and each element of the element library including a relationship with one or more other elements of the security model; accessing a library of products, the product library storing information about a plurality of commercially available products, each product of the product library being deemed pertinent to a respective data set type and a respective function; wherein each product of the product library is associated with one or more metrics that relate to at least one of a security aspect, an effectiveness aspect, a maturity aspect, or a cost aspect of the security model; receiving input from a user, the input identifying a set of products that are deployed with the network computer system; correlating the set of deployed products to a set of elements of the element library; determining an evaluation for the network computer system with respect to the one or more security aspects, the evaluation being based on the set of elements and the one or more metrics that are associated with the set of deployed products; generating a representation that reflects (i) the security model as applied to the network computer system, and (ii) the evaluation for the network computer system; and providing a recommendation to the user to improve the evaluation; wherein generating the representation includes generating the representation to have multiple dimensions, with each dimension representing at least one of multiple aspects of the security model; and wherein the relationships of the element library include a predefined set of hierarchical relationships in which individual levels of the set of hierarchical relationships correlating to a dimension of the multiple dimensions; wherein generating the representation includes generating the representation to have multiple dimensions, with each dimension representing at least one of multiple aspects of the security model; and wherein the relationships of the element library include a predefined set of hierarchical relationships in which individual levels of the set of hierarchical relationships correlating to a dimension of the multiple dimensions.
-
Specification