Apparatus and method for providing program protection engineering, security management, and report preparation for sensitive and classified projects
First Claim
1. An apparatus for providing program protection engineering, security management, and report preparation for sensitive and classified projects, comprising:
- a program protection engineering (P2E) toolkit, comprising;
a core architectural module that provides internal navigational controls, standard style sheets, and standard color palettes, database connectivity, text string functions, date functions, encryption and decryption algorithms, user, permission functions, hidden data value transfer functions, window functions, table handling functions, floating menu handling functions, combo box and list box functions, frame functions, menu functions, image functions, document and report functions, sorting functions, and password validation functions;
a program information module that provides information on a user specified acquisition program, wherein the user specified acquisition program includes technical components and programmatic components;
a timeline module that provides and displays a timeline of the user specified acquisition program;
a system deconstruction module that identifies the technical components that need security protections using questionnaires directed to the technical components;
a system programmatics module that identifies the programmatic components that need security protections using questionnaires directed to the programmatic components;
a questionnaire module that presents questionnaires to determine factors including criticality, vulnerabilities, threats, susceptibilities, countermeasures, and a residual risk for each technical component and each programmatic component that need security protections; and
a report module that provides a report based on user specified reporting requirements of the user specified acquisition program.
13 Assignments
0 Petitions
Accused Products
Abstract
An apparatus and method using a program protection engineering (P2E) toolkit to provide program protection engineering, security management, and report preparation for sensitive and classified projects. The P2E toolkit is an implementation of security policies, procedures, and methodologies associated with acquisition programs. Acquisition programs may range from large-scale classified systems for the government to sensitive corporate acquisition programs focusing on company proprietary or intellectual property issues. Specifically, the P2E toolkit provides end-to-end program protection engineering, security management, and report preparation for sensitive and classified programs throughout the program lifecycle, and assists security professionals and program managers to make appropriate decisions to protect their acquisition programs from compromise due to foreign intelligence threats or corporate/industrial espionage. The P2E toolkit enhances the traditional program management concerns of technical performance, schedule, and cost, by adding lifecycle protection as in integral component.
-
Citations
51 Claims
-
1. An apparatus for providing program protection engineering, security management, and report preparation for sensitive and classified projects, comprising:
a program protection engineering (P2E) toolkit, comprising;
a core architectural module that provides internal navigational controls, standard style sheets, and standard color palettes, database connectivity, text string functions, date functions, encryption and decryption algorithms, user, permission functions, hidden data value transfer functions, window functions, table handling functions, floating menu handling functions, combo box and list box functions, frame functions, menu functions, image functions, document and report functions, sorting functions, and password validation functions;
a program information module that provides information on a user specified acquisition program, wherein the user specified acquisition program includes technical components and programmatic components;
a timeline module that provides and displays a timeline of the user specified acquisition program;
a system deconstruction module that identifies the technical components that need security protections using questionnaires directed to the technical components;
a system programmatics module that identifies the programmatic components that need security protections using questionnaires directed to the programmatic components;
a questionnaire module that presents questionnaires to determine factors including criticality, vulnerabilities, threats, susceptibilities, countermeasures, and a residual risk for each technical component and each programmatic component that need security protections; and
a report module that provides a report based on user specified reporting requirements of the user specified acquisition program. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
23. A method for providing program protection engineering, security management, and report preparation for sensitive and classified projects, comprising:
-
enabling a user to login to a program protection engineering (P2E) toolkit;
enabling the user to specify an acquisition program, wherein the acquisition program includes technical components and programmatic components;
copying variables from a master database to a program specific database, wherein the variables include timeline phase groups, phases, milestones, protection activities for the specified acquisition program, and templates for required report documents;
providing and displaying a timeline of the specified acquisition program;
identifying the technical components that need security protections;
identifying critical technical components using questionnaires directed to the technical components;
determining factors including criticality, vulnerabilities, threats, susceptibilities, countermeasures, and a residual risk for each technical component that needs security protections;
identifying the programmatic components that need security protections;
identifying critical system programmatics components using questionnaires directed to the programmatic components;
determining factors including criticality, vulnerabilities, threats, susceptibilities, countermeasures, and a residual risk for each programmatic component that needs security protections; and
providing reports based on timeline phase and specific acquisition program reporting requirements. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
40. A computer readable medium providing instructions for providing program protection engineering, security management, and report preparation for sensitive and classified projects, the instructions comprising:
-
enabling a user to login to a program protection engineering (P2E) toolkit;
enabling the user to specify an acquisition program, wherein the acquisition program includes technical components and programmatic components;
copying variables from a master database to a program specific database, wherein the variables include timeline phase groups, phases, milestones, protection activities for the specified acquisition program, and templates for required report documents;
providing and displaying a timeline of the specified acquisition program;
identifying the technical components that need security protections;
identifying critical technical components using questionnaires directed to the technical components;
determining factors including criticality, vulnerabilities, threats, susceptibilities, countermeasures, and a residual risk for each technical component that needs security protections;
identifying the programmatic components that need security protections;
identifying critical system programmatics components using questionnaires directed to the programmatic components;
determining factors including criticality, vulnerabilities, threats, susceptibilities, countermeasures, and a residual risk for each programmatic component that needs security protections; and
providing reports based on timeline phase and specific acquisition program reporting requirements. - View Dependent Claims (41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
-
Specification