US2016352773A1PendingUtilityA1
Security action verification in a computing network
Est. expiryJun 1, 2035(~8.9 yrs left)· nominal 20-yr term from priority
G06F 21/577H04L 63/20H04L 63/1433H04L 63/1441H04L 63/14
51
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
Systems, methods, and software described herein provide for validating security actions before they are implemented in a computing network. In one example, a computing network may include a plurality of computing assets that provide a variety of different operations. During the operations of the network, administration systems may generate and provide security actions to prevent or mitigate the effect of a security threat on the network. However, prior to implementing the security actions within the network, computing assets may exchange security parameters with the administration systems to verify that the security actions are authentic.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method of implementing security actions in a computing network comprising a plurality of computing assets, the method comprising:
in an administration system, identifying a security action to be implemented in at least one computing asset of the computing network; in response to identifying the security action, exchanging, between the administration system and the at least one computing asset, security parameters for the security action; in the at least one computing asset, determining whether the security action is approved for the at least one computing asset based on the security parameters; and in the at least one computing asset and if the security action is approved, initiating implementation of the security action.
2 . The method of claim 1 wherein the at least one computing asset comprises at least one of a firewall, a serving computing system, an end user computing system, a virtual machine, or a router.
3 . The method of claim 1 wherein exchanging, between the administration system and the at least one computing asset, security parameters for the security action comprises:
in the administration system, receiving security credentials for the at least one computing asset from an administrator of the at least one computing asset; and
in the administration system, transferring, for delivery to the at least one computing asset, the security credentials.
4 . The method of claim 3 wherein the security credentials for the at least one computing asset comprise at least a username and password for the at least one computing asset.
5 . The method of claim 1 wherein initiating implementation of the security action comprises transferring a notification to the administration system requesting the security action.
6 . The method of claim 5 further comprising, in the administration system, receiving the notification and, in response to the notification, transferring the security action, for delivery to the at least one computing asset, to be implemented on the at least one computing asset.
7 . The method of claim 1 further comprising transferring the security action for delivery to the at least one computing asset and wherein initiating implementation of the security action comprises initiating implementation of the received security action.
8 . The method of claim 1 further comprising, in the at least one computing asset and if the security action is not approved, blocking the security action.
9 . The method of claim 8 further comprising, in the at least one computing asset and if the security action is not approved, transferring a notification to the administration system indicating that the security action is not approved.
10 . A system to implement security actions in a computing network comprising a plurality of computing assets, the system comprising:
an administration system configured to identify a security action to be implemented in at least one computing asset of the computing network and exchange security parameters for the security action with the at least one computing asset; the at least one computing asset configured to exchange the security parameters with the administration system, determine whether the security action is approved for the at least one computing asset based on the security parameters, and if the security action is approved, initiate implementation of the security action.
11 . The system of claim 10 wherein the at least one computing asset comprises at least one of a firewall, a serving computing system, an end user computing system, a virtual machine, or a router.
12 . The system of claim 10 ,
wherein the administration system configured to exchange the security parameters with the at least one computing asset is configured to receive security credentials for the at least one computing asset from an administrator of the at least one computing asset, and transfer for delivery to the at least one computing asset, the security credentials, and wherein the at least one computing asset configured to exchange the security parameters with the administration system is configured to receive the security credentials from the administration system.
13 . The system of claim 10 wherein the at least one computing asset configured to initiate implementation of the security action is configured to transfer a notification to the administration system requesting the security action, and wherein the administration system is further configured to receive the notification and, in response to the notification, transfer the security action, for delivery to the at least one computing asset, to be implemented on the at least one computing asset.
14 . The system of claim 10 wherein the administration system is further configured to transfer the security action for delivery to the at least one computing asset, and wherein the initiating implementation of the security action comprises initiating implementation of the received security action.
15 . A method of implementing security actions in a computing network comprising a plurality of computing assets, the method comprising:
in an administration system, identifying a security action to be implemented in at least one computing asset of the computing network; in the administration system and in response to identifying the security action, receiving security credentials for the at least one computing asset; in the administration system, transferring the security credentials for delivery to the at least one computing asset; in the at least one computing asset, receiving the security credentials; in the at least one computing asset, determining whether the security action is approved for the at least one computing asset based on the security credentials; and in the at least one computing asset and if the security action is approved, initiating implementation of the security action.
16 . The method of claim 15 wherein the at least one computing asset comprises at least one of a firewall, a serving computing system, an end user computing system, a virtual machine, or a router.
17 . The method of claim 15 wherein the security credentials for the at least one computing asset comprise at least a username and password for the at least one computing asset.
18 . The method of claim 15 wherein transferring the security credentials for delivery to the at least one computing asset comprises transferring the security credentials and the security action for delivery to the at least one computing asset, wherein receiving the security credentials comprises receiving the security credentials and the security action, and wherein initiating implementation of the security action comprises implementing the received security action.
19 . The method of claim 15 wherein initiating implementation of the security action comprises transferring a notification to the administration system requesting the security action, and wherein the method further comprises, in the administration system, receiving the notification and, in response to the notification, transferring the security action for delivery to the at least one computing asset to be implemented on the at least on computing asset.
20 . The method of claim 15 wherein the security action comprises a block internet protocol action, a remove process action, or a segregation action to segregate the at least one computing asset from other computing assets in the computing network.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.