Methods and apparatus for automated creation of security policy
First Claim
1. A computer-implemented method of creating a security policy for at least one application executing on a computer system, the method comprising:
- (A) providing a template defining a security policy for the at least one application;
(B) exercising the at least one application to generate a sample of actions representing actual behavior of the at least one application;
(C) applying at least one heuristic to determine representative actions from the sample of actions performed by the at least one application; and
(D) arranging the representative actions according to the template in order to produce a security policy.
3 Assignments
0 Petitions
Accused Products
Abstract
An automated method and apparatus for creating a security policy for one or more applications is provided. The method includes exercising the features of the one or more applications to generate behavioral data, applying a heuristic to aggregate the behavioral data into a subset of representative actions, and organizing the representative actions according to a structure defined by a template into a security policy for the one or more applications. The security policy may be downloaded to one or more workstations for deployment, and provides a safeguard to protect a computer system against cyber-terrorism.
-
Citations
85 Claims
-
1. A computer-implemented method of creating a security policy for at least one application executing on a computer system, the method comprising:
-
(A) providing a template defining a security policy for the at least one application; (B) exercising the at least one application to generate a sample of actions representing actual behavior of the at least one application; (C) applying at least one heuristic to determine representative actions from the sample of actions performed by the at least one application; and (D) arranging the representative actions according to the template in order to produce a security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A computer-readable medium having instructions recorded thereon which, when executed by a computer, cause the computer to perform a method of creating a security policy for at least one application executing on a computer system, the method comprising:
-
(A) providing a template defining a security policy for the at least one application; (B) exercising the at least one application to generate a sample of actions representing actual behavior of the at least one application; (C) applying at least one heuristic to determine representative actions from the sample of actions performed by the at least one application; and (D) arranging the representative actions according to the template in order to produce a security policy. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A system for creating a security policy for at least one application executing on a computer system, the system comprising:
-
a first component to provide a template defining a security policy for the at least one application; a second component to exercise the at least one application to generate a sample of actions representing actual behavior of the at least one application; a third component to apply at least one heuristic to determine representative actions from the sample of actions performed by the at least one application; and a fourth component to arrange the representative actions according to the template in order to produce a security policy, where at least one of, the first component, the second component, the third component, and the fourth component are embodied on a computer-readable medium. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
-
-
46. A system for deploying a security policy for at least one application, the system comprising:
-
a first component to exercise the at least one application to generate a sample of actions representing actual behavior of the at least one application; a second component to apply at least one heuristic to determine representative actions from the sample of actions performed by the at least one application; and a third component to arrange the representative actions according to a template to produce a security policy. - View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60)
-
-
61. A computer-implemented method of securing a computer system against terrorist attack, the method comprising:
-
(A) providing a template defining a security policy for at least one application executing on a computer system; (B) exercising the at least one application to generate a sample of actions representing actual behavior of the at least one application; (C) applying at least one heuristic to determine representative actions from the sample of actions performed by the at least one application; (D) arranging the representative actions according to the template in order to produce a security policy; (E) downloading the security policy to at least one agent executing on the computer system; and (F) employing the security policy to determine whether a request issued by the at least one application to access a system resource should be allowed or denied. - View Dependent Claims (62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73)
-
-
74. A computer-readable medium having instructions recorded thereon which, when executed by a computer, cause the computer to perform a method of creating a security policy for at least one application executing on a computer system, the method comprising:
-
(A) providing a template defining a security policy for the at least one application; (B) exercising the at least one application to generate a sample of actions representing actual behavior of the at least one application; (C) applying at least one heuristic to determine representative actions from the sample of actions performed by the at least one application, wherein the heuristic is defined using input accepted from a user in response to the user'"'"'s examination of the at least one of the sample of actions and the representative actions; and (D) arranging the representative actions according to the template in order to produce a security policy. - View Dependent Claims (75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85)
-
Specification