SECURITY MANAGEMENT SYSTEM
First Claim
1. A system for providing a tailored security management framework for a business entity based on the business entity'"'"'s operations, infrastructure, and user-based processes, as well as industry-specific rules and regulations associated with the business entity, the system comprising:
- a network-based computing system configured to communicate and exchange data with one or more network access computing devices via a communications network, the network-based computing system comprises;
a first memory for receiving and storing a first set of data associated with the business entity, the first set of data comprises information related to at least one of the business entity'"'"'s operations, the business entity'"'"'s infrastructure, the business entity'"'"'s procedures and policies, and one or more users authorized to have access to the system and exchange data associated with the business entity;
a second memory for receiving and storing a second set of data associated with an industry to which the business entity is related, the second set of data comprises industry-specific rules, regulations, and known security threats;
a processor that correlates the first and second sets of data with one another and generates a plurality of security schemes for use in the security management framework to assess and address potential security threats; and
an interface for receiving a request for access to data associated with the business entity;
wherein the processor compares request data with the plurality of security schemes and identifies a corresponding security scheme based on the comparison, the processor outputs informational data associated with the identified security scheme to a user associated with the one or more network access computing devices to facilitate actions to be taken in response to the received request for access to the business entity data.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention relates to a system for providing an automated security management framework for an enterprise based on the enterprise'"'"'s operations, infrastructure, and user-based processes, as well as industry-specific rules and regulations associated with the enterprise. The system is configured to generate recommendations or instructions based on correlation of enterprise'"'"'s operations, infrastructure, and user-based processes with industry-specific rules and regulations. The recommendations or instructions are then provided to a user associated with the enterprise so as to facilitate actions to be taken to address a potential security threat.
-
Citations
26 Claims
-
1. A system for providing a tailored security management framework for a business entity based on the business entity'"'"'s operations, infrastructure, and user-based processes, as well as industry-specific rules and regulations associated with the business entity, the system comprising:
a network-based computing system configured to communicate and exchange data with one or more network access computing devices via a communications network, the network-based computing system comprises; a first memory for receiving and storing a first set of data associated with the business entity, the first set of data comprises information related to at least one of the business entity'"'"'s operations, the business entity'"'"'s infrastructure, the business entity'"'"'s procedures and policies, and one or more users authorized to have access to the system and exchange data associated with the business entity; a second memory for receiving and storing a second set of data associated with an industry to which the business entity is related, the second set of data comprises industry-specific rules, regulations, and known security threats; a processor that correlates the first and second sets of data with one another and generates a plurality of security schemes for use in the security management framework to assess and address potential security threats; and an interface for receiving a request for access to data associated with the business entity; wherein the processor compares request data with the plurality of security schemes and identifies a corresponding security scheme based on the comparison, the processor outputs informational data associated with the identified security scheme to a user associated with the one or more network access computing devices to facilitate actions to be taken in response to the received request for access to the business entity data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A computer-implemented method for providing a tailored security management framework for a business entity based on the business entity'"'"'s operations, infrastructure, and user-based processes, as well as industry-specific rules and regulations associated with the business entity, comprising executing on a processor the steps of:
-
storing a first set of data associated with the business entity in a first memory location, the first set of data comprises information related to at least one of the business entity'"'"'s operations, the business entity'"'"'s infrastructure, the business entity'"'"'s procedures and policies, and one or more users authorized to have access to data associated with the business entity; storing a second set of data associated with an industry to which the business entity is related, the second set of data comprises industry-specific rules, regulations, and known security threats; correlating, with a processor, the first and second sets of data with one another and generating, with the processor, a plurality of security schemes based on the correlation, the plurality of security schemes for use in the security management framework to assess and address potential security threats; receiving, via an interface, a request for access to data associated with the business entity; comparing, with the processor, request data with the plurality of security schemes to identify a corresponding security scheme; and outputting, via a communications network, informational data associated with the identified security scheme to a user associated with one or more network access computing devices to facilitate actions to be taken in response to the received request for access to the business entity data. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer-readable medium for providing a tailored security management framework for a business entity, comprising instructions stored thereon, that when executed on a processor, perform the steps of:
-
storing a first set of data associated with the business entity in a first memory location, the first set of data comprises information related to at least one of the business entity'"'"'s operations, the business entity'"'"'s infrastructure, the business entity'"'"'s procedures and policies, and one or more users authorized to have access to data associated with the business entity; storing a second set of data associated with an industry to which the business entity is related, the second set of data comprises industry-specific rules, regulations, and known security threats; correlating the first and second sets of data with one another and generating, with the processor, a plurality of security schemes based on the correlation, the plurality of security schemes for use in the security management framework to assess and address potential security threats; receiving a request for access to data associated with the business entity; comparing request data with the plurality of security schemes to identify a corresponding security scheme; and outputting informational data associated with the identified security scheme to a user associated with one or more network access computing devices to facilitate actions to be taken in response to the received request for access to the business entity data. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
-
Specification