Systems and methods for implementing modular computer system security solutions
First Claim
1. An apparatus, comprising:
- a memory; and
a control chain processor operatively coupled to the memory, the control chain processor configured to automatically discover a hardware asset in response to the hardware asset being operatively coupled to the control chain processor via a network, the control chain processor configured to automatically identify, in response to automatically discovering the hardware asset, a first plurality of hardware asset attributes for the hardware asset and automatically define, based on the first plurality of hardware asset attributes, an asset data structure for the hardware asset,the control chain processor configured to select, from a control database and in response to automatically discovering the hardware asset, a security guideline control data structure to be implemented with respect to the hardware asset, the security guideline control data structure (1) including requirements to satisfy a human-readable security guideline associated with the security guideline control data structure, (2) being generated during runtime operation by translating the human-readable security guideline into the security guideline control data structure and (3) including a second plurality of hardware asset attributes, the control chain processor configured to select the security guideline control data structure based on the first plurality of hardware asset attributes being associated with the second plurality of hardware asset attributes,the control chain processor configured to select, based on the security guideline control data structure and the first plurality of hardware asset attributes, a security implementation control data structure from a plurality of implementation control data structures and to be associated with the hardware asset, the security implementation control data structure including instructions to interpret information encoded in the security guideline control data structure during runtime operation so as to perform security actions at the hardware asset,the control chain processor configured to select, based on the security implementation control data structure and the security guideline control data structure, a computer-implemented control assessor including computer-readable instructions to execute a computer-implemented automated test to monitor the hardware asset during runtime operation based on the security implementation control data structure to determine compliance of the hardware asset with the security guideline control data structure, the control chain processor configured to define a control chain including the security guideline control data structure, the security implementation control data structure, and the computer-implemented control assessor,the control chain processor configured to send an instruction to apply the control chain to the hardware asset such that the security implementation control data structure is implemented at the hardware asset to improve a security function of the hardware asset and the computer-implemented control assessor monitors the hardware asset based on the security implementation control data structure for compliance with the security guideline.
1 Assignment
0 Petitions
Accused Products
Abstract
In some embodiments, an apparatus includes a control chain generation module is configured to receive, from a control database, a security guideline control to be implemented with respect to a hardware asset. The control chain generation module is configured to select, based on requirements to satisfy the security guideline and attributes of the hardware asset, a security implementation control. The control chain generation module is configured to select a control assessor to monitor the compliance of the hardware asset with the security guideline and is configured to define a control chain including the security guideline control, the security implementation control, and the control assessor. The control chain generation module is configured to send an instruction to apply the control chain to the hardware asset such that the control assessor monitors the hardware asset for compliance with the security guideline.
-
Citations
24 Claims
-
1. An apparatus, comprising:
-
a memory; and a control chain processor operatively coupled to the memory, the control chain processor configured to automatically discover a hardware asset in response to the hardware asset being operatively coupled to the control chain processor via a network, the control chain processor configured to automatically identify, in response to automatically discovering the hardware asset, a first plurality of hardware asset attributes for the hardware asset and automatically define, based on the first plurality of hardware asset attributes, an asset data structure for the hardware asset, the control chain processor configured to select, from a control database and in response to automatically discovering the hardware asset, a security guideline control data structure to be implemented with respect to the hardware asset, the security guideline control data structure (1) including requirements to satisfy a human-readable security guideline associated with the security guideline control data structure, (2) being generated during runtime operation by translating the human-readable security guideline into the security guideline control data structure and (3) including a second plurality of hardware asset attributes, the control chain processor configured to select the security guideline control data structure based on the first plurality of hardware asset attributes being associated with the second plurality of hardware asset attributes, the control chain processor configured to select, based on the security guideline control data structure and the first plurality of hardware asset attributes, a security implementation control data structure from a plurality of implementation control data structures and to be associated with the hardware asset, the security implementation control data structure including instructions to interpret information encoded in the security guideline control data structure during runtime operation so as to perform security actions at the hardware asset, the control chain processor configured to select, based on the security implementation control data structure and the security guideline control data structure, a computer-implemented control assessor including computer-readable instructions to execute a computer-implemented automated test to monitor the hardware asset during runtime operation based on the security implementation control data structure to determine compliance of the hardware asset with the security guideline control data structure, the control chain processor configured to define a control chain including the security guideline control data structure, the security implementation control data structure, and the computer-implemented control assessor, the control chain processor configured to send an instruction to apply the control chain to the hardware asset such that the security implementation control data structure is implemented at the hardware asset to improve a security function of the hardware asset and the computer-implemented control assessor monitors the hardware asset based on the security implementation control data structure for compliance with the security guideline. - View Dependent Claims (2, 3, 4, 5, 6, 21, 22, 23, 24)
-
-
7. A non-transitory processor-readable medium storing code representing instructions to be executed by a processor, the code comprising code to cause the processor to:
-
automatically discover a hardware asset in response to the hardware asset being operatively coupled to a control chain processor via a network; automatically identify, in response to automatically discovering the hardware asset, a first plurality of hardware asset attributes for the hardware asset and automatically define, based on the first plurality of hardware asset attributes, an asset data structure for the hardware asset; select, from a control database and in response to automatically discovering the hardware asset, a security guideline control data structure to be implemented with respect to the hardware an asset, the security guideline control data structure including requirements to satisfy a human-readable security guideline associated with the security guideline control data structure and being generated by translating the human-readable security guideline into the security guideline control data structure, the security guideline control data structure including a second plurality of hardware asset attributes, the selecting the security guideline control data structure being based on the first plurality of hardware asset attributes being associated with the second plurality of hardware asset attributes; select, based on the security guideline control data structure and the first plurality of hardware asset attributes, a security implementation control data structure from a plurality of implementation control data structures and to be associated with the hardware asset, the security implementation control data structure including instructions to interpret information encoded in the security guideline control data structure during runtime operation so as to perform security actions at the hardware asset; select, based on the security implementation control data structure and the security guideline control data structure, a computer-implemented control assessor including computer-readable instructions to execute a computer-implemented automated test to monitor the hardware asset during runtime operation based on the security implementation control data structure to determine compliance of the asset with the security guideline control data structure; define a control chain including the security guideline control data structure, the security implementation control data structure, and the computer-implemented control assessor; and send an instruction to apply the control chain to the hardware asset such that the security implementation control data structure is implemented with respect to the hardware asset and the computer-implemented control assessor monitors the hardware asset based on the security implementation control data structure for compliance with the security guideline control data structure. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification