Scanning And Remediating Configuration Settings Of A Device Using A Policy-Driven Approach in Patent Application Approval Process (USPTO 20220247793):…

admin on August 21, 2022 Leave a Comment

2022 AUG 19 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- A patent application by the inventor Hatch, Thomas S. (Lehi, UT, US), filed on April 18, 2022, was made available online on August 4, 2022, according to news reporting originating from Washington, D.C., by NewsRx correspondents.

This patent application has not been assigned to a company or institution.

The following quote was obtained by the news editors from the background information supplied by the inventors: Recent years have seen rapid development in software products and electronic devices. For example, software products can affect functionality related to communication of data to and from electronic devices as well as operation of operating systems and/or individual applications installed on the electronic devices. As software and hardware become more complex, it becomes increasingly difficult to effectively secure information contained on electronic devices as well as information transmitted to and from electronic devices (e.g., over the Internet). Indeed, in an attempt to gather information, many individuals use viruses, spyware, malware, and other threatening tools to gather sensitive and/or valuable information.

While many tools exist for avoiding potential threats in cybersecurity of electronic devices, conventional cybersecurity systems often fail to adequately address potential security issues. For example, conventional cybersecurity systems typically utilize dedicated diagnostic tools for identifying whether a personal computer is compliant with a known security standard. Conventional diagnostic tools, however, are limited to providing a report of settings or configurations on a device that are out of compliance with a known set of standards. The report is then generally provided to an information technology (IT) administrator who manually addresses issues identified by the report or, alternatively, utilizes a separate software tool to facilitate remediation of various issues identified by the diagnostic tool.

In addition to failing to enable effective diagnosis and remediation of potential security issues, conventional cybersecurity systems can be inflexible and computationally prohibitive. For example, conventional cybersecurity systems are often limited to scanning a device for compliance with a specific security standard (e.g., Center for Internet Security (CIS) standards, Standard Technical Implementation Guide (STIG) standards, Payment Card Industry (PCI) standards, and Health Insurance Portability and Accountability Act (HIPAA)). As a result, conventional systems may provide an effective tool for identifying potential security threats for a select group of devices or programs uniquely tailored to a particular security standard. However, conventional cybersecurity systems may fail to effectively identify potential security threats for other devices or programs not specifically tailored to the security standard. Furthermore, while a device may simply run different security checks based on multiple security standards, running comprehensive checks based on multiple standards can be expensive and can utilize significant computing resources.

These along with additional problems and issues exist with regard to conventional cybersecurity systems.

In addition to the background information obtained for this patent application, NewsRx journalists also obtained the inventors summary information for this patent application: Embodiments of the present disclosure provide benefits and/or solve one or more of the foregoing and other problems in the art with systems, methods and computer-readable media that enforce security policies on a client device (or other computing device). In particular, in one or more embodiments, the disclosed systems enforce security policies by performing operations that enable an agent on the client device to both scan and fix security issues. For example, the disclosed systems can enforce a security policy by performing an idempotent operation in which a check and a fix of a security policy are the same operation (e.g., a check operation is the fix operation). In this way, the systems described herein can effectively identify and remediate configuration settings of a client device out of compliance with security standards using a single software agent.

In addition, in one or more embodiments the disclosed systems provide a policy-driven approach to enforcing security policies applicable to a wider range of client devices and applications. Indeed, by providing a policy-driven approach to enforcing security policies, the disclosed systems can enable a client device to comply with multiple security standards while performing a fewer number of operations than conventional systems, thereby improving performance of the client device without sacrificing substantial processing resources. In addition, by enforcing security policies using a policy-driven approach, the disclosed systems provide more effective security across a wider range of client devices and applications for which different security standards may be better suited to address potential security issues.

Additional features and advantages of one or more embodiments of the present disclosure are outlined in the description which follows, and in part will be obvious from the description, or may be learned by the practice of such example embodiments.

The claims supplied by the inventors are:

1. An apparatus comprising: at least one memory; instructions in the apparatus; and processor circuitry to execute the instructions to: enforce a first security policy of a first security standard; audit for a first compliance level with the first security standard; audit for a second compliance level with a second security standard; determine an overlap between the first security standard and the second security standard, the overlap associated with a second security policy; enforce the second security standard; and determine an update of the first compliance level based on the overlap.

2. The apparatus of claim 1, wherein the processor circuitry is to execute the instructions to enforce at least one of the first security policy or the second security policy with an idempotent operation in which a check and a fix of the security policy are the same operation.

3. The apparatus of claim 1, wherein the processor circuitry is to execute the instructions to: determine whether an exemption applies to at least one of the first or second security policies and in response to a determination that the exemption applies to the at least one of the first or second security policies, bypass enforcement of the at least one of the first or second security policies.

4. The apparatus of claim 1, wherein the processor circuitry is to execute the instructions to generate a compliance report indicating a measure of compliance with at least one of the first security standard or the second security standard.

5. The apparatus of claim 1, wherein the processor circuitry is to execute the instructions to generate mapping information associating a plurality of security policies to a plurality of security standards.

6. The apparatus of claim 5, wherein the mapping information includes information indicating the overlap between the first security standard and the second security standard.

7. The apparatus of claim 1, wherein compliance with a security standard includes configuration settings of an application or operating system on a client device.

8. The apparatus of claim 1, wherein the processor circuitry is to determine the update of the first compliance level based on the overlap before performing an additional audit of the first compliance level.

9. A non-transitory computer readable storage medium comprising instructions which, when executed, cause processor circuitry to at least: enforce a first security policy of a first security standard; audit for a first compliance level with the first security standard; audit for a second compliance level with a second security standard; determine an overlap between the first security standard and the second security standard, the overlap associated with a second security policy; enforce the second security standard; and determine an update of the first compliance level based on the overlap.

10. The non-transitory computer readable storage medium of claim 9, wherein the instructions, when executed, cause the processor circuitry to enforce at least one of the first security policy or the second security policy with an idempotent operation in which a check and a fix of the security policy are the same operation.

11. The non-transitory computer readable storage medium of claim 9, wherein the instructions, when executed, cause the processor circuitry to: determine whether an exemption applies to at least one of the first or second security policies; and in response to a determination that the exemption applies to the at least one of the first or second security policies, bypass enforcement of the at least one of the first or second security policies.

12. The non-transitory computer readable storage medium of claim 9, wherein the instructions, when executed, cause the processor circuitry to generate a compliance report indicating a measure of compliance with at least one of the first security standard or the second security standard.

13. The non-transitory computer readable storage medium of claim 9, wherein the instructions, when executed, cause the processor circuitry to generate mapping information associating a plurality of security policies to a plurality of security standards.

14. The non-transitory computer readable storage medium of claim 13, wherein the mapping information includes information indicating the overlap between the first security standard and the second security standard.

15. The non-transitory computer readable storage medium of claim 9, wherein compliance with a security standard includes configuration settings of an application or operating system on a client device.

16. The non-transitory computer readable storage medium of claim 9, wherein the instructions, when executed, cause the processor circuitry to determine the update of the first compliance level based on the overlap before performing an additional audit of the first compliance level.

17. A method comprising: enforcing, by executing an instruction with a processor, a first security policy of a first security standard; auditing, by executing an instruction with the processor, for a first compliance level with the first security standard; auditing, by executing an instruction with the processor, for a second compliance level with a second security standard; determining, by executing an instruction with the processor, an overlap between the first security standard and the second security standard, the overlap associated with a second security policy; enforcing, by executing an instruction with the processor, the second security standard; and determining, by executing an instruction with the processor, an update of the first compliance level based on the overlap.

18. The method of claim 17, further including enforcing at least one of the first security policy or the second security policy with an idempotent operation in which a check and a fix of the security policy are the same operation.

19. The method of claim 17, further including: determining whether an exemption applies to at least one of the first or second security policies; and in response to determining that the exemption applies to the at least one of the first or second security policies, bypassing enforcement of the at least one of the first or second security policies.

20. The method of claim 17, further including generating a compliance report indicating a measure of compliance with at least one of the first security standard or the second security standard.

21. The method of claim 17, further including generating mapping information associating a plurality of security policies to a plurality of security standards.

22. The method of claim 21, wherein the mapping information includes information indicating the overlap between the first security standard and the second security standard.

23. The method of claim 17, wherein compliance with a security standard includes configuration settings of an application or operating system on a client device.

24. The method of claim 17, further including determining the update of the first compliance level based on the overlap before performing an additional audit of the first compliance level.

URL and more information on this patent application, see: Hatch, Thomas S. Scanning And Remediating Configuration Settings Of A Device Using A Policy-Driven Approach. Filed April 18, 2022 and posted August 4, 2022. Patent URL: https://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220220247793%22.PGNR.&OS=DN/20220247793&RS=DN/20220247793

(Our reports deliver fact-based news of research and discoveries from around the world.)

Read the original post:
Scanning And Remediating Configuration Settings Of A Device Using A Policy-Driven Approach in Patent Application Approval Process (USPTO 20220247793):...

Related Posts
Posted in Internet Security

Comments are closed.