Computer model of security risks
First Claim
Patent Images
1. A computer-implemented method of quantifying a security risk associated with a computer system, the method comprising:
- identifying a computer system;
analyzing an actual configuration of the computer system by;
identifying a vulnerability path of one or more intermediary systems, the vulnerability path comprising a sequence of vulnerabilities in which a first event must interrupt a normal operating mode on a first system before a second event may occur on a second system;
identifying a risk for the actual configuration associated with the computer system, the risk relating to an event that may interrupt a normal operating mode of the computer system as a result of the vulnerability path being exploited;
determining a likelihood for the actual configuration that the event associated with the risk for the actual configuration will occur;
determining a cost for the actual configuration associated with the event occurring on the computer system; and
quantifying the risk into an impact value by using the likelihood for the actual configuration and the cost for the actual configuration;
accessing the actual configuration for the computer system;
analyzing an alternative configuration for the computer system by;
enabling a user to modify the actual configuration to create the alternative configuration;
identifying, using the alternative configuration, an alternative path of one or more intermediary systems, the alternative path comprising a sequence of vulnerabilities in the alternative configuration;
identifying an alternative risk associated with the alternative configuration;
determining an alternative likelihood that an event associated with the alternative risk will occur; and
determining an alternative cost associated with the alternative configuration;
quantifying the alternative risk into an alternative value by using the alternative likelihood and the alternative cost; and
enabling the user to perceive the impact value for the actual configuration and the alternative value for the alternative configuration.
6 Assignments
0 Petitions
Accused Products
Abstract
The security risk associated with a computer system may be quantified by identifying a computer system, identifying a risk associated with the computer system, the risk relating to an event that may interrupt a normal operating mode of the computer system, determining a likelihood that the event associated with the risk will occur, determining a cost associated with the event occurring on the computer system, and quantifying the risk into an impact value by using the likelihood and the cost.
-
Citations
33 Claims
-
1. A computer-implemented method of quantifying a security risk associated with a computer system, the method comprising:
-
identifying a computer system; analyzing an actual configuration of the computer system by; identifying a vulnerability path of one or more intermediary systems, the vulnerability path comprising a sequence of vulnerabilities in which a first event must interrupt a normal operating mode on a first system before a second event may occur on a second system; identifying a risk for the actual configuration associated with the computer system, the risk relating to an event that may interrupt a normal operating mode of the computer system as a result of the vulnerability path being exploited; determining a likelihood for the actual configuration that the event associated with the risk for the actual configuration will occur; determining a cost for the actual configuration associated with the event occurring on the computer system; and quantifying the risk into an impact value by using the likelihood for the actual configuration and the cost for the actual configuration; accessing the actual configuration for the computer system; analyzing an alternative configuration for the computer system by; enabling a user to modify the actual configuration to create the alternative configuration; identifying, using the alternative configuration, an alternative path of one or more intermediary systems, the alternative path comprising a sequence of vulnerabilities in the alternative configuration; identifying an alternative risk associated with the alternative configuration; determining an alternative likelihood that an event associated with the alternative risk will occur; and determining an alternative cost associated with the alternative configuration; quantifying the alternative risk into an alternative value by using the alternative likelihood and the alternative cost; and enabling the user to perceive the impact value for the actual configuration and the alternative value for the alternative configuration. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system configured to quantify a security risk associated with a computer system, the system comprising:
-
an identifying processor structured and arranged to; identify a computer system and analyze an actual configuration of the computer system; a path processor structured and arranged to identify a vulnerability path of one or more intermediary systems, the vulnerability path comprising a sequence of vulnerabilities in which a first event must interrupt a normal operating mode on a first system before a second event may occur on a second system; a risk processor structured and arranged to identify a risk for the actual configuration associated with the computer system, the risk relating to an event that may interrupt a normal operating mode of the computer system as a result of the vulnerability path being exploited; a likelihood processor structured and arranged to determine a likelihood for the actual configuration that the event associated with the risk for the actual configuration will occur; a cost processor structured and arranged to determine a cost for the actual configuration associated with the event occurring on the computer system; and an impact value processor structured and arranged to quantify the risk into an impact value by using the likelihood for the actual configuration and the cost for the actual configuration an alternative configuration processor structured and arranged to; access the actual configuration for the computer system; analyze an alternative configuration for the computer system by; enable a user to modify the actual configuration to create the alternative configuration; identify, using the alternative configuration, an alternative path of one or more intermediary systems, the alternative path comprising a sequence of vulnerabilities in the alternative configuration; identify an alternative risk associated with the alternative configuration; determining an alternative likelihood that an event associated with the alternative risk will occur; and determine an alternative cost associated with the alternative configuration; quantifying the alternative risk into an alternative value by using the alternative likelihood and the alternative cost; and enable the user to perceive the impact value for the actual configuration and the alternative value for the alternative configuration. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A system configured to quantify a security risk associated with a computer system, the system comprising:
-
means for identifying a computer system; means for analyzing an actual configuration of the computer system by; identifying a vulnerability path of one or more intermediary systems, the vulnerability path comprising a sequence of vulnerabilities in which a first event must interrupt a normal operating mode on a first system before a second event may occur on a second system; identifying a risk for the actual configuration associated with the computer system, the risk relating to an event that may interrupt a normal operating mode of the computer system as a result of the vulnerability path being exploited; determining a likelihood for the actual configuration that the event associated with the risk for the actual configuration will occur; determining a cost for the actual configuration associated with the event occurring on the computer system; quantifying the risk into an impact value by using the likelihood for the actual configuration and the cost for the actual configuration; means for accessing the actual configuration for the computer system; means for analyzing an alternative configuration for the computer system by; enabling a user to modify the actual configuration to create the alternative configuration; identifying, using the alternative configuration, an alternative path of one or more intermediary systems, the alternative path comprising a sequence of vulnerabilities in the alternative configuration; identifying an alternative risk associated with the alternative configuration; determining an alternative likelihood that an event associated with the alternative risk will occur; and determining an alternative cost associated with the alternative configuration; quantifying the alternative risk into an alternative value by using the alternative likelihood and the alternative cost; and means for enabling the user to perceive the impact value for the actual configuration and the alternative value for the alternative configuration.
-
-
33. A computer program on a computer-readable medium configured to quantify a security risk associated with a computer system, comprising:
-
a first code segment structured and arranged to; identify a computer system; and analyze an actual configuration of the computer system; a path code segment structured and arranged to identify a vulnerability path of one or more intermediary systems, the vulnerability path comprising a sequence of vulnerabilities in which a first event must interrupt a normal operating mode on a first system before a second event may occur on a second system; a second code segment structured and arranged to identify a risk for the actual configuration associated with the computer system, the risk for the actual configuration relating to an event that may interrupt a normal operating mode of the computer system as a result of the vulnerability path being exploited; a third code segment structured and arranged to determine a likelihood for the actual configuration that the event associated with the risk for the actual configuration will occur; a fourth code segment structured and arranged to determine a cost for the actual configuration associated with the event occurring on the computer system; a fifth code segment structured and arranged to quantify the risk for the actual configuration into an impact value by using the likelihood for the actual configuration and the cost for the actual configuration; a sixth code segment structured and arranged to access the actual configuration for the computer system; a seventh code segment structured and arranged to analyze an alternative configuration for the computer system by; enabling a user to modify the actual configuration to create the alternative configuration; identifying, using the alternative configuration, an alternative path of one or more intermediary systems, the alternative path comprising a sequence of vulnerabilities in the alternative configuration; identifying an alternative risk associated with the alternative configuration;
determining an alternative likelihood that an event associated with the alternative risk will occur; anddetermining an alternative cost associated with the alternative configuration; quantifying the alternative risk into an alternative value by using the alternative likelihood and the alternative cost; and an eighth code segment structured and arranged to enable the user to perceive the impact value for the actual configuration and the alternative value for the alternative configuration.
-
Specification