Systems and apparatuses for architecture assessment and policy enforcement

US 9,652,618 B1
Filed: 06/10/2016
Issued: 05/16/2017
Est. Priority Date: 06/10/2016
Status: Active Grant

First Claim

Patent Images

1. A method for asset architecture evaluation and security enforcement within an enterprise computing platform, the method comprising:

causing transmission, by a component scanner, of one or more change identification messages to a component agent residing on an asset that was previously evaluated by a security engine;

receiving an indication that there have been changes to a current architecture of the asset;

generating a proposed architecture for evaluation, wherein the proposed architecture for evaluation indicates a design including both the enterprise computing platform and a modified version of the architecture of the asset that is based on the changes to the current architecture of the asset;

dynamically evaluating, by risk evaluation circuitry and in near-real-time using one or more machine learning algorithms, the proposed architecture against embedded security policies, standards, baselines, or patterns established for the enterprise computing platform;

in an instance in which dynamic evaluation of the proposed architecture identifies security gaps, determining, by the risk evaluation circuitry, changes to the proposed architecture that would remediate the identified security gaps;

generating a report regarding the proposed architecture, wherein the report identifies any changes to the proposed architecture that would remediate the identified security gaps; and

causing transmission, by the component scanner and to the component agent residing on the asset, of the report regarding the proposed architecture.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Example embodiments are disclosed herein for asset architecture evaluation and security enforcement within an enterprise computing platform. One example method includes receiving a proposed architecture for evaluation, wherein the proposed architecture for evaluation relates to integration of an asset into the enterprise computing platform. This example method further includes dynamically evaluating, by risk evaluation circuitry, the proposed architecture against embedded security policies, standards, baselines, or patterns established for the enterprise computing platform. In addition, the example method includes, in an instance in which dynamic evaluation of the proposed architecture identifies security gaps, determining, by the risk evaluation circuitry, changes to the proposed architecture that would remediate the identified security gaps. The example method further includes generating a report regarding the proposed architecture, wherein the report identifies any changes to the proposed architecture that would remediate the identified security gaps. Corresponding apparatuses and computer program products are also provided.

42 Citations

View as Search Results

15 Claims

1. A method for asset architecture evaluation and security enforcement within an enterprise computing platform, the method comprising:
- causing transmission, by a component scanner, of one or more change identification messages to a component agent residing on an asset that was previously evaluated by a security engine;
  
  receiving an indication that there have been changes to a current architecture of the asset;
  
  generating a proposed architecture for evaluation, wherein the proposed architecture for evaluation indicates a design including both the enterprise computing platform and a modified version of the architecture of the asset that is based on the changes to the current architecture of the asset;
  
  dynamically evaluating, by risk evaluation circuitry and in near-real-time using one or more machine learning algorithms, the proposed architecture against embedded security policies, standards, baselines, or patterns established for the enterprise computing platform;
  
  in an instance in which dynamic evaluation of the proposed architecture identifies security gaps, determining, by the risk evaluation circuitry, changes to the proposed architecture that would remediate the identified security gaps;
  
  generating a report regarding the proposed architecture, wherein the report identifies any changes to the proposed architecture that would remediate the identified security gaps; and
  
  causing transmission, by the component scanner and to the component agent residing on the asset, of the report regarding the proposed architecture.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein receiving the indication that there have been changes to the architecture includes:
    - receiving an indication of an architecture of the asset; and
      
      comparing the architecture of the asset to a version of the architecture of the asset that was previously evaluated by the security engine.
  - 3. The method of claim 1, further comprising:
    - training the one or more machine learning algorithms to develop one or more baselines or patterns for the enterprise computing platform.
  - 4. The method of claim 3, wherein dynamically evaluating the proposed architecture includes:
    - evaluating, by the risk evaluation circuitry and using the one or more machine learning algorithms, whether any aspects of the proposed architecture violate the developed baselines or patterns for the enterprise computing platform.
  - 5. The method of claim 1, wherein determining changes to the proposed architecture that would remediate the identified security gaps includes:
    - retrieving manual intervention identifying the changes to the proposed architecture that would remediate the identified security gaps;
      
      oridentifying the changes to the proposed architecture that would remediate the identified security gaps using at least one of the embedded security policies, standards, baselines, or patterns established for the enterprise computing platform.

6. An apparatus for asset architecture evaluation and security enforcement within an enterprise computing platform, the apparatus comprising at least one processor and at least one memory storing computer-executable instructions, that, when executed by the at least one processor, cause the apparatus to:
- cause transmission of one or more change identification messages to a component agent residing on an asset that was previously evaluated by a security engine;
  
  receive an indication that there have been changes to a current architecture of the asset;
  
  generate a proposed architecture for evaluation, wherein the proposed architecture for evaluation indicates a design including the enterprise computing platform and a modified version of the architecture of the asset that is based on the changes to the current architecture of the asset;
  
  dynamically evaluate, in near-real-time using one or more machine learning algorithms, the proposed architecture against embedded security policies, standards, baselines, or patterns established for the enterprise computing platform;
  
  in an instance in which dynamic evaluation of the proposed architecture identifies security gaps, determine changes to the proposed architecture that would remediate the identified security gaps;
  
  generate a report regarding the proposed architecture, wherein the report identifies any changes to the proposed architecture that would remediate the identified security gaps; and
  
  cause transmission of the report regarding the proposed architecture to the component agent residing on the asset.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The apparatus of claim 6, wherein the computer-executable instructions, when executed by the at least one processor, causes the apparatus to receive the indication that there have been changes to the architecture by causing the apparatus to:
    - receive an indication of an architecture of the asset; and
      
      compare the architecture of the asset to version of the architecture of the asset that was previously evaluated by the security engine.
  - 8. The apparatus of claim 6, wherein the computer-executable instructions, when executed by the at least one processor, further cause the apparatus to:
    - train the one or more machine learning algorithms to develop one or more baselines or patterns for the enterprise computing platform.
  - 9. The apparatus of claim 8, wherein the computer-executable instructions, when executed by the at least one processor, cause the apparatus to dynamically evaluate the proposed architecture by causing the apparatus to:
    - evaluate, using the one or more machine learning algorithms, whether any aspects of the proposed architecture violate the developed baselines or patterns for the enterprise computing platform.
  - 10. The apparatus of claim 6, wherein the computer-executable instructions, when executed by the at least one processor, cause the apparatus to determine changes to the proposed architecture that would remediate the identified security gaps by causing the apparatus to:
    - retrieve manual intervention identifying the changes to the proposed architecture that would remediate the identified security gaps;
      
      oridentify the changes to the proposed architecture that would remediate the identified security gaps using at least one of the embedded security policies, standards, baselines, or patterns established for the enterprise computing platform.

11. An apparatus for asset architecture evaluation and security enforcement within an enterprise computing platform, the apparatus comprising:
- means for causing transmission of one or more change identification messages to a component agent residing on an asset that was previously evaluated by a security engine;
  
  means for receiving an indication that there have been changes to a current architecture of the asset;
  
  means for generating a proposed architecture for evaluation, wherein the proposed architecture for evaluation indicates a design including the enterprise computing platform and a modified version of the architecture of the asset that is based on the changes to the current architecture of the asset;
  
  means for dynamically evaluating, in near-real-time using one or more machine learning algorithms, the proposed architecture against embedded security policies, standards, baselines, or patterns established for the enterprise computing platform;
  
  means for, in an instance in which dynamic evaluation of the proposed architecture identifies security gaps, determining changes to the proposed architecture that would remediate the identified security gaps;
  
  means for generating a report regarding the proposed architecture, wherein the report identifies any changes to the proposed architecture that would remediate the identified security gaps; and
  
  means for causing transmission of the report regarding the proposed architecture to the component agent residing on the asset.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The apparatus of claim 11, wherein the means for receiving the indication that there have been changes to the architecture include:
    - means for receiving an indication of an architecture of the asset; and
      
      means for comparing the architecture of the asset to a version of the architecture of the asset that was previously evaluated by the security engine.
  - 13. The apparatus of claim 11, further comprising:
    - means for training the one or more machine learning algorithms to develop one or more baselines or patterns for the enterprise computing platform.
  - 14. The apparatus of claim 13, wherein the means for dynamically evaluating the proposed architecture includes:
    - means for evaluating, using the one or more machine learning algorithms, whether any aspects of the proposed architecture violate the developed baselines or patterns for the enterprise computing platform.
  - 15. The apparatus of claim 11, wherein the means for determining changes to the proposed architecture that would remediate the identified security gaps include:
    - means for retrieving manual intervention identifying the changes to the proposed architecture that would remediate the identified security gaps;
      
      ormeans for identifying the changes to the proposed architecture that would remediate the identified security gaps using at least one of the embedded security policies, standards, baselines, or patterns established for the enterprise computing platform.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Optum Incorporated (UnitedHealth Group Incorporated)
Original Assignee
Optum Incorporated (UnitedHealth Group Incorporated)
Inventors
Lerner, Phillip F
Primary Examiner(s)
Poltorak, Peter

Application Number

US15/179,581
Time in Patent Office

340 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

G06F 21/6245   Protecting personal data, e...

G06F 8/60   Software deployment

G06F 8/71   Version control security ar...

G06N 20/00   Machine learning

G06Q 10/06   Resources, workflows, human...

Systems and apparatuses for architecture assessment and policy enforcement

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

42 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and apparatuses for architecture assessment and policy enforcement

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

42 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links