Systems and apparatuses for architecture assessment and policy enforcement

US 9,940,467 B2
Filed: 05/15/2017
Issued: 04/10/2018
Est. Priority Date: 06/10/2016
Status: Active Grant

First Claim

Patent Images

1. A method for asset architecture evaluation and security enforcement within an enterprise computing platform implementing a DevOpsSec or Agile architecture, the method comprising:

causing transmission, by a component scanner, of one or more change identification messages to a component agent residing on an asset that was previously evaluated by a security engine;

receiving an indication that there have been changes to a current architecture of the asset;

generating a proposed architecture for evaluation, wherein the proposed architecture for evaluation indicates a design including both the enterprise computing platform and a modified version of the architecture of the asset that is based on the changes to the current architecture of the asset;

dynamically evaluating, by risk evaluation circuitry and in near-real-time using one or more machine learning algorithms trained using information contained in the DevOpsSec architecture, the proposed architecture against one or more baselines or patterns established for the enterprise computing platform;

in an instance in which dynamic evaluation of the proposed architecture identifies security gaps, determining, by the risk evaluation circuitry, changes to the proposed architecture that would remediate the identified security gaps;

causing transmission, by the component scanner and to the component agent residing on the asset, of a data stream regarding the proposed architecture.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Example embodiments are disclosed herein for asset architecture evaluation and security enforcement within an enterprise computing platform. One example method includes receiving a proposed architecture for evaluation, wherein the proposed architecture for evaluation relates to integration of an asset into the enterprise computing platform. This example method further includes dynamically evaluating, by risk evaluation circuitry, the proposed architecture against embedded security policies, standards, baselines, or patterns established for the enterprise computing platform. In addition, the example method includes, in an instance in which dynamic evaluation of the proposed architecture identifies security gaps, determining, by the risk evaluation circuitry, changes to the proposed architecture that would remediate the identified security gaps. The example method further includes generating a report regarding the proposed architecture, wherein the report identifies any changes to the proposed architecture that would remediate the identified security gaps. Corresponding apparatuses and computer program products are also provided.

Citations

20 Claims

1. A method for asset architecture evaluation and security enforcement within an enterprise computing platform implementing a DevOpsSec or Agile architecture, the method comprising:
- causing transmission, by a component scanner, of one or more change identification messages to a component agent residing on an asset that was previously evaluated by a security engine;
  
  receiving an indication that there have been changes to a current architecture of the asset;
  
  generating a proposed architecture for evaluation, wherein the proposed architecture for evaluation indicates a design including both the enterprise computing platform and a modified version of the architecture of the asset that is based on the changes to the current architecture of the asset;
  
  dynamically evaluating, by risk evaluation circuitry and in near-real-time using one or more machine learning algorithms trained using information contained in the DevOpsSec architecture, the proposed architecture against one or more baselines or patterns established for the enterprise computing platform;
  
  in an instance in which dynamic evaluation of the proposed architecture identifies security gaps, determining, by the risk evaluation circuitry, changes to the proposed architecture that would remediate the identified security gaps;
  
  causing transmission, by the component scanner and to the component agent residing on the asset, of a data stream regarding the proposed architecture.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein receiving the indication that there have been changes to the architecture includes:
    - receiving an indication of an architecture of the asset; and
      
      comparing the architecture of the asset to a version of the architecture of the asset that was previously evaluated by the security engine.
  - 3. The method of claim 1, further comprising:
    - training the one or more machine learning algorithms to establish the one or more baselines or patterns for the enterprise computing platform.
  - 4. The method of claim 3, wherein dynamically evaluating the proposed architecture includes:
    - evaluating, by the risk evaluation circuitry and using the one or more machine learning algorithms, whether any aspects of the proposed architecture violate the established one or more baselines or patterns for the enterprise computing platform.
  - 5. The method of claim 1, wherein determining changes to the proposed architecture that would remediate the identified security gaps includes:
    - retrieving manual intervention identifying the changes to the proposed architecture that would remediate the identified security gaps;
      
      oridentifying the changes to the proposed architecture that would remediate the identified security gaps using at least one of the embedded security policies, standards, baselines, or patterns established for the enterprise computing platform.
  - 6. The method of claim 1, wherein transmission of the data stream conveys, in near-real-time, the identified security gaps.
  - 7. The method of claim 1, wherein transmission of the data stream conveys, in near-real-time, changes to the proposed architecture that would remediate the identified security gaps.

8. An apparatus for asset architecture evaluation and security enforcement within an enterprise computing platform implementing a DevOpsSec or Agile architecture, the apparatus comprising at least one processor and at least one memory storing computer-executable instructions, that, when executed by the at least one processor, cause the apparatus to:
- cause transmission of one or more change identification messages to a component agent residing on an asset that was previously evaluated by a security engine;
  
  receive an indication that there have been changes to a current architecture of the asset;
  
  generate a proposed architecture for evaluation, wherein the proposed architecture for evaluation indicates a design including the enterprise computing platform and a modified version of the architecture of the asset that is based on the changes to the current architecture of the asset;
  
  dynamically evaluate, in near-real-time using one or more machine learning algorithms trained using information contained in the DevOpsSec architecture, the proposed architecture against one or more baselines or patterns established for the enterprise computing platform;
  
  in an instance in which dynamic evaluation of the proposed architecture identifies security gaps, determine changes to the proposed architecture that would remediate the identified security gaps;
  
  cause transmission, by the component scanner and to the component agent residing on the asset, of a data stream regarding the proposed architecture.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 20)
- - 9. The apparatus of claim 8, wherein the computer-executable instructions, when executed by the at least one processor, causes the apparatus to receive the indication that there have been changes to the architecture by causing the apparatus to:
    - receive an indication of an architecture of the asset; and
      
      compare the architecture of the asset to a version of the architecture of the asset that was previously evaluated by the security engine.
  - 10. The apparatus of claim 8, wherein the computer-executable instructions, when executed by the at least one processor, further cause the apparatus to:
    - train the one or more machine learning algorithms to establish the one or more baselines or patterns for the enterprise computing platform.
  - 11. The apparatus of claim 10, wherein the computer-executable instructions, when executed by the at least one processor, cause the apparatus to dynamically evaluate the proposed architecture by causing the apparatus to:
    - evaluate, using the one or more machine learning algorithms, whether any aspects of the proposed architecture violate the established one or more baselines or patterns for the enterprise computing platform.
  - 12. The apparatus of claim 8, wherein the computer-executable instructions, when executed by the at least one processor, cause the apparatus to determine changes to the proposed architecture that would remediate the identified security gaps by causing the apparatus to:
    - retrieve manual intervention identifying the changes to the proposed architecture that would remediate the identified security gaps;
      
      oridentify the changes to the proposed architecture that would remediate the identified security gaps using at least one of the embedded security policies, standards, baselines, or patterns established for the enterprise computing platform.
  - 13. The apparatus of claim 8, wherein transmission of the data stream conveys, in near-real-time, the identified security gaps.
  - 14. The apparatus of claim 8, wherein transmission of the data stream conveys, in near-real-time, changes to the proposed architecture that would remediate the identified security gaps.
  - 20. The apparatus of claim 8, wherein transmission of the data stream conveys, in near-real-time, the identified security gaps or changes to the proposed architecture that would remediate the identified security gaps.

15. An apparatus for asset architecture evaluation and security enforcement within an enterprise computing platform implementing a DevOpsSec or Agile architecture, the apparatus comprising:
- means for receiving a proposed architecture for evaluation, wherein the proposed architecture for evaluation relates to integration of an asset into the enterprise computing platform;
  
  means for dynamically evaluating, using one or more machine learning algorithms trained using information contained in the DevOpsSec architecture, the proposed architecture against one or more baselines or patterns established for the enterprise computing platform;
  
  means for, in an instance in which dynamic evaluation of the proposed architecture identifies security gaps, determining changes to the proposed architecture that would remediate the identified security gaps; and
  
  means for causing transmission, by the component scanner and to the component agent residing on the asset, of a data stream regarding the proposed architecture.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The apparatus of claim 15, wherein the means for receiving the indication that there have been changes to the architecture include:
    - means for receiving an indication of an architecture of the asset; and
      
      means for comparing the architecture of the asset to a version of the architecture of the asset that was previously evaluated by the security engine.
  - 17. The apparatus of claim 15, further comprising:
    - means for training the one or more machine learning algorithms to establish the one or more baselines or patterns for the enterprise computing platform.
  - 18. The apparatus of claim 17, wherein the means for dynamically evaluating the proposed architecture includes:
    - means for evaluating, using the one or more machine learning algorithms, whether any aspects of the proposed architecture violate the established one or more baselines or patterns for the enterprise computing platform.
  - 19. The apparatus of claim 15, wherein the means for determining changes to the proposed architecture that would remediate the identified security gaps include:
    - means for retrieving manual intervention identifying the changes to the proposed architecture that would remediate the identified security gaps;
      
      ormeans for identifying the changes to the proposed architecture that would remediate the identified security gaps using at least one of the embedded security policies, standards, baselines, or patterns established for the enterprise computing platform.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Optum Incorporated (UnitedHealth Group Incorporated)
Original Assignee
Optum Incorporated (UnitedHealth Group Incorporated)
Inventors
Lerner, Phillip F.
Primary Examiner(s)
Rahman, Shawnchoy

Application Number

US15/594,734
Publication Number

US 20170357812A1
Time in Patent Office

330 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/034   Test or assess a computer o...

G06N 20/00   Machine learning

G06Q 10/06   Resources, workflows, human...

Systems and apparatuses for architecture assessment and policy enforcement

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and apparatuses for architecture assessment and policy enforcement

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links