“Scanning And Remediating Configuration Settings Of A Device Using A Policy-Driven Approach” in Patent Application Approval Process (USPTO 20220247793): Patent Application
2022 AUG 19 (NewsRx) -- By a
This patent application has not been assigned to a company or institution.
The following quote was obtained by the news editors from the background information supplied by the inventors: “Recent years have seen rapid development in software products and electronic devices. For example, software products can affect functionality related to communication of data to and from electronic devices as well as operation of operating systems and/or individual applications installed on the electronic devices. As software and hardware become more complex, it becomes increasingly difficult to effectively secure information contained on electronic devices as well as information transmitted to and from electronic devices (e.g., over the Internet). Indeed, in an attempt to gather information, many individuals use viruses, spyware, malware, and other threatening tools to gather sensitive and/or valuable information.
“While many tools exist for avoiding potential threats in cybersecurity of electronic devices, conventional cybersecurity systems often fail to adequately address potential security issues. For example, conventional cybersecurity systems typically utilize dedicated diagnostic tools for identifying whether a personal computer is compliant with a known security standard. Conventional diagnostic tools, however, are limited to providing a report of settings or configurations on a device that are out of compliance with a known set of standards. The report is then generally provided to an information technology (IT) administrator who manually addresses issues identified by the report or, alternatively, utilizes a separate software tool to facilitate remediation of various issues identified by the diagnostic tool.
“In addition to failing to enable effective diagnosis and remediation of potential security issues, conventional cybersecurity systems can be inflexible and computationally prohibitive. For example, conventional cybersecurity systems are often limited to scanning a device for compliance with a specific security standard (e.g.,
“These along with additional problems and issues exist with regard to conventional cybersecurity systems.”
In addition to the background information obtained for this patent application, NewsRx journalists also obtained the inventor’s summary information for this patent application: “Embodiments of the present disclosure provide benefits and/or solve one or more of the foregoing and other problems in the art with systems, methods and computer-readable media that enforce security policies on a client device (or other computing device). In particular, in one or more embodiments, the disclosed systems enforce security policies by performing operations that enable an agent on the client device to both scan and fix security issues. For example, the disclosed systems can enforce a security policy by performing an idempotent operation in which a check and a fix of a security policy are the same operation (e.g., a check operation is the fix operation). In this way, the systems described herein can effectively identify and remediate configuration settings of a client device out of compliance with security standards using a single software agent.
“In addition, in one or more embodiments the disclosed systems provide a policy-driven approach to enforcing security policies applicable to a wider range of client devices and applications. Indeed, by providing a policy-driven approach to enforcing security policies, the disclosed systems can enable a client device to comply with multiple security standards while performing a fewer number of operations than conventional systems, thereby improving performance of the client device without sacrificing substantial processing resources. In addition, by enforcing security policies using a policy-driven approach, the disclosed systems provide more effective security across a wider range of client devices and applications for which different security standards may be better suited to address potential security issues.
“Additional features and advantages of one or more embodiments of the present disclosure are outlined in the description which follows, and in part will be obvious from the description, or may be learned by the practice of such example embodiments.”
The claims supplied by the inventors are:
“1. An apparatus comprising: at least one memory; instructions in the apparatus; and processor circuitry to execute the instructions to: enforce a first security policy of a first security standard; audit for a first compliance level with the first security standard; audit for a second compliance level with a second security standard; determine an overlap between the first security standard and the second security standard, the overlap associated with a second security policy; enforce the second security standard; and determine an update of the first compliance level based on the overlap.
“2. The apparatus of claim 1, wherein the processor circuitry is to execute the instructions to enforce at least one of the first security policy or the second security policy with an idempotent operation in which a check and a fix of the security policy are the same operation.
“3. The apparatus of claim 1, wherein the processor circuitry is to execute the instructions to: determine whether an exemption applies to at least one of the first or second security policies and in response to a determination that the exemption applies to the at least one of the first or second security policies, bypass enforcement of the at least one of the first or second security policies.
“4. The apparatus of claim 1, wherein the processor circuitry is to execute the instructions to generate a compliance report indicating a measure of compliance with at least one of the first security standard or the second security standard.
“5. The apparatus of claim 1, wherein the processor circuitry is to execute the instructions to generate mapping information associating a plurality of security policies to a plurality of security standards.
“6. The apparatus of claim 5, wherein the mapping information includes information indicating the overlap between the first security standard and the second security standard.
“7. The apparatus of claim 1, wherein compliance with a security standard includes configuration settings of an application or operating system on a client device.
“8. The apparatus of claim 1, wherein the processor circuitry is to determine the update of the first compliance level based on the overlap before performing an additional audit of the first compliance level.
“9. A non-transitory computer readable storage medium comprising instructions which, when executed, cause processor circuitry to at least: enforce a first security policy of a first security standard; audit for a first compliance level with the first security standard; audit for a second compliance level with a second security standard; determine an overlap between the first security standard and the second security standard, the overlap associated with a second security policy; enforce the second security standard; and determine an update of the first compliance level based on the overlap.
“10. The non-transitory computer readable storage medium of claim 9, wherein the instructions, when executed, cause the processor circuitry to enforce at least one of the first security policy or the second security policy with an idempotent operation in which a check and a fix of the security policy are the same operation.
“11. The non-transitory computer readable storage medium of claim 9, wherein the instructions, when executed, cause the processor circuitry to: determine whether an exemption applies to at least one of the first or second security policies; and in response to a determination that the exemption applies to the at least one of the first or second security policies, bypass enforcement of the at least one of the first or second security policies.
“12. The non-transitory computer readable storage medium of claim 9, wherein the instructions, when executed, cause the processor circuitry to generate a compliance report indicating a measure of compliance with at least one of the first security standard or the second security standard.
“13. The non-transitory computer readable storage medium of claim 9, wherein the instructions, when executed, cause the processor circuitry to generate mapping information associating a plurality of security policies to a plurality of security standards.
“14. The non-transitory computer readable storage medium of claim 13, wherein the mapping information includes information indicating the overlap between the first security standard and the second security standard.
“15. The non-transitory computer readable storage medium of claim 9, wherein compliance with a security standard includes configuration settings of an application or operating system on a client device.
“16. The non-transitory computer readable storage medium of claim 9, wherein the instructions, when executed, cause the processor circuitry to determine the update of the first compliance level based on the overlap before performing an additional audit of the first compliance level.
“17. A method comprising: enforcing, by executing an instruction with a processor, a first security policy of a first security standard; auditing, by executing an instruction with the processor, for a first compliance level with the first security standard; auditing, by executing an instruction with the processor, for a second compliance level with a second security standard; determining, by executing an instruction with the processor, an overlap between the first security standard and the second security standard, the overlap associated with a second security policy; enforcing, by executing an instruction with the processor, the second security standard; and determining, by executing an instruction with the processor, an update of the first compliance level based on the overlap.
“18. The method of claim 17, further including enforcing at least one of the first security policy or the second security policy with an idempotent operation in which a check and a fix of the security policy are the same operation.
“19. The method of claim 17, further including: determining whether an exemption applies to at least one of the first or second security policies; and in response to determining that the exemption applies to the at least one of the first or second security policies, bypassing enforcement of the at least one of the first or second security policies.
“20. The method of claim 17, further including generating a compliance report indicating a measure of compliance with at least one of the first security standard or the second security standard.
“21. The method of claim 17, further including generating mapping information associating a plurality of security policies to a plurality of security standards.
“22. The method of claim 21, wherein the mapping information includes information indicating the overlap between the first security standard and the second security standard.
“23. The method of claim 17, wherein compliance with a security standard includes configuration settings of an application or operating system on a client device.
“24. The method of claim 17, further including determining the update of the first compliance level based on the overlap before performing an additional audit of the first compliance level.”
URL and more information on this patent application, see:
(Our reports deliver fact-based news of research and discoveries from around the world.)
Studies from Dartmouth Geisel School of Medicine Yield New Data on Genomics and Genetics (Black Patients Matter In Neurology Race, Racism, and Race-based Neurodisparities): Genomics and Genetics
Patent Application Titled “Data Processing Systems And Methods For Customizing Privacy Training” Published Online (USPTO 20220245539): OneTrust LLC
Advisor News
- Sketching out the golden years: new book tries to make retirement planning fun
- Most women say they are their household’s CFO, Allianz Life survey finds
- MassMutual reports strong 2025 results
- The silent retirement savings killer: Bridging the Medicare gap
- LTC: A critical component of retirement planning
More Advisor NewsAnnuity News
- Advising clients wanting to retire early: how annuities can bridge the gap
- F&G joins Voya’s annuity platform
- Regulators ponder how to tamp down annuity illustrations as high as 27%
- Annual annuity reviews: leverage them to keep clients engaged
- Symetra Enhances Fixed Indexed Annuities, Introduces New Franklin Large Cap Value 15% ER Index
More Annuity NewsHealth/Employee Benefits News
- States try 'public option' Obamacare plans to reduce coverage costs
- Novocure Announces Optune Lua® Receives Reimbursement Approval in Japan for the Treatment of Non-Small Cell Lung Cancer
- Health care affordability pressures persist for privately insured Americans
- Minnesota teacher takes the fight to lower health insurance costs to the Legislature
- Predictable Benefits™ Launches White-Label ICHRA Platform For Benefit Providers To Offer ICHRA In A Matter Of Minutes, While Brokers Stay BOR
More Health/Employee Benefits NewsLife Insurance News
- Majority of Women Now Are the Chief Financial Officer of Their Household, Allianz Life Study Finds
- Most women say they are their household’s CFO, Allianz Life survey finds
- MassMutual Delivers Excellent 2025 Financial Results
- ACORE CAPITAL Named Alternative Lender of the Year ($15 Billion + AUM) by PERE Credit
- Baby on Board
More Life Insurance News