System and method for evaluating and enhancing the security level of a network system

US 9,699,208 B1
Filed: 02/11/2016
Issued: 07/04/2017
Est. Priority Date: 01/06/2013
Status: Active Grant

First Claim

Patent Images

1. A method for evaluating a security level of a network system, the method being implemented by one or more processors and comprising:

identifying a plurality of security elements of the network system;

determining a security architecture of the network system based on the identified plurality of security elements;

wherein determining the security architecture includes implementing a security model that identifies a plurality of pre-determined relationships as between individual security elements in the plurality of security elements, in connection with possible types of threats to the network system and one or more types of assets that can be exposed as a result of a breach;

evaluating the security architecture to determine an evaluation for the network system;

wherein evaluating the security architecture includes determining (i) a parameter score for individual security elements in the plurality of identified security elements, wherein the parameter score is based at least in part on a measure of maturity for the individual security elements of the plurality of security elements; and

(ii) a protection index for the security architecture based on the parameter score for the individual security elements in the plurality of identified security elements and comparing the protection index to a security level indicated by a user;

outputting the evaluation to the user; and

updating the security architecture to include one or more new components to add to the network system to improve the security level of the network system based on the evaluation of the security architecture to achieve at least the security level indicated by the user.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Examples described herein provide for a system that evaluates a security level of a network system. Additionally, examples described herein evaluate a security level of a network system in order to enable a determination of components that can be used to enhance the security level of the network system.

Citations

20 Claims

1. A method for evaluating a security level of a network system, the method being implemented by one or more processors and comprising:
- identifying a plurality of security elements of the network system;
  
  determining a security architecture of the network system based on the identified plurality of security elements;
  
  wherein determining the security architecture includes implementing a security model that identifies a plurality of pre-determined relationships as between individual security elements in the plurality of security elements, in connection with possible types of threats to the network system and one or more types of assets that can be exposed as a result of a breach;
  
  evaluating the security architecture to determine an evaluation for the network system;
  
  wherein evaluating the security architecture includes determining (i) a parameter score for individual security elements in the plurality of identified security elements, wherein the parameter score is based at least in part on a measure of maturity for the individual security elements of the plurality of security elements; and
  
  (ii) a protection index for the security architecture based on the parameter score for the individual security elements in the plurality of identified security elements and comparing the protection index to a security level indicated by a user;
  
  outputting the evaluation to the user; and
  
  updating the security architecture to include one or more new components to add to the network system to improve the security level of the network system based on the evaluation of the security architecture to achieve at least the security level indicated by the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein each element in the plurality of identified elements corresponds to one of a component, a component class, a process or a capability.
  - 3. The method of claim 1, wherein identifying the plurality of security elements includes providing the user with one or more prompts to enter input regarding the plurality of security elements in accordance with the security model.
  - 4. The method of claim 1, wherein the parameter score is based at least in part on a measure of coverage for the individual security elements of the plurality of security elements.
  - 5. The method of claim 1, wherein evaluating the security architecture includes determining a protection index for the security architecture based on the parameter score for the individual security elements in the plurality of identified security elements.
  - 6. The method of claim 1, further comprising determining a set of recommendations based at least in part on evaluating the security architecture, each recommendation in the set of recommendations identifying another new component to add to the network system to improve the evaluation of the security architecture.
  - 7. The method of claim 1, wherein updating the security architecture includes repeating each of evaluating the security architecture and outputting the evaluation, for the updated security architecture.
  - 8. The method of claim 6, further comprising receiving a budget from the user, and wherein determining the set of recommendations includes selecting the new component based on a cost for implementing the new component on the network system.
  - 9. The method of claim 6, wherein evaluating the security architecture includes determining a monetary value for a risk to the security network as a result of one or more security elements being breached, and wherein determining the set of recommendations includes determining the new component based at least in part on both the cost for implementing the new component on the network system as compared to the monetary value for the breach if the new component is not implemented.
  - 10. The method of claim 9, wherein determining the new component includes determining a monetary value for a risk to the security network as a result of the new component being breached as compared to the monetary value for the risk to the security network as a result of one or more other comparable components being alternatively implemented on the network system.
  - 11. The method of claim 9, wherein determining the monetary value includes identifying a plurality of assets of the network system that are to be protected by the plurality of security elements.
  - 12. The method of claim 11, wherein identifying the plurality of assets includes prompting the user to enter information that identifies the plurality of assets, the plurality of assets including one or more hardware assets and/or one or more information assets.
  - 13. The method of claim 1, wherein outputting the evaluation for the user includes outputting a visual of the security model, the visual of the security model including a multi-dimensional sphere that arranges the plurality of security elements based at least in part on the plurality of pre-determined relationships.
  - 14. The method of claim 13, wherein outputting the evaluation includes outputting a parameter score for individual elements in the plurality of elements, the parameter score reflecting a security level of the individual element.

15. A non-transitory computer-readable medium that stores instructions for evaluating a security level of a network system, the instructions being executable by one or more processors to cause the one or more processors to perform operations that include:
- identifying a plurality of security elements of the network system;
  
  determining a security architecture of the network system based on the identified plurality of security elements;
  
  wherein determining the security architecture includes implementing a security model that identifies a plurality of pre-determined relationships as between individual security elements in the plurality of security elements, in connection with possible types of threats to the network system and one or more types of assets that can be exposed as a result of a breach;
  
  evaluating the security architecture to determine an evaluation for the network system;
  
  wherein evaluating the security architecture includes determining (i) a parameter score for individual security elements in the plurality of identified security elements, wherein the parameter score is based at least in part on a measure of maturity for the individual security elements of the plurality of security elements; and
  
  (ii) a protection index for the security architecture based on the parameter score for the individual security elements in the plurality of identified security elements and comparing the protection index to a security level indicated by a user;
  
  outputting the evaluation to the user; and
  
  updating the security architecture to include one or more new components to add to the network system to improve the security level of the network system based on the evaluation of the security architecture to achieve at least the security level indicated by the user.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The non-transitory computer-readable medium of claim 15, wherein each element in the plurality of identified elements corresponds to one of a component, a component class, a process or a capability.
  - 17. The non-transitory computer-readable medium of claim 15, wherein identifying the plurality of security elements includes providing the user with one or more prompts to enter input regarding the plurality of security elements in accordance with the security model.
  - 18. The non-transitory computer-readable medium of claim 15, wherein the parameter score is based at least in part on a measure of coverage for the individual security elements of the plurality of security elements.
  - 19. The non-transitory computer-readable medium of claim 15, wherein evaluating the security architecture includes determining a protection index for the security architecture based on the parameter score for the individual security elements in the plurality of identified security elements.

20. A computer system comprising:
- a memory that stores a set of instructions;
  
  one or more processors that access the instructions in the memory to;
  
  identify a plurality of security elements of a network system;
  
  determine a security architecture of the network system based on the identified plurality of security elements;
  
  wherein the processor determines the security architecture by implementing a security model that identifies a plurality of pre-determined relationships as between individual security elements in the plurality of security elements, in connection with possible types of threats to the network system and one or more types of assets that can be exposed as a result of a breach;
  
  evaluate the security architecture to determine an evaluation for the network system by determining (i) a parameter score for individual security elements in the plurality of identified security elements, wherein the parameter score is based at least in part on a measure of maturity for the individual security elements of the plurality of security elements; and
  
  (ii) a protection index for the security architecture based on the parameter score for the individual security elements in the plurality of identified security elements and comparing the protection index to a security level indicated by a user;
  
  output the evaluation to the user; and
  
  update the security architecture to include one or more new components to add to the network system to improve the security level of the network system based on the evaluation of the security architecture to achieve at least the security level indicated by the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Security Inclusion Now USA LLC
Original Assignee
Spheric Security Solutions
Inventors
Francoeur, Jacques Remi
Primary Examiner(s)
Cribbs, Malcolm

Application Number

US15/041,923
Time in Patent Office

509 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/577 Assessing vulnerabilities a...

H04L 63/1433 Vulnerability analysis

System and method for evaluating and enhancing the security level of a network system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for evaluating and enhancing the security level of a network system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links