Protocol agnostic security by using out-of-band health checks
Abstract
A computer-implemented method provides an improvement in security breach detection and comprises calculating, using a gateway computing device, a current digital fingerprint of a computing device based on current security service data of the computing device; conducting, using the gateway computing device, a real-time health check of the computing device based on an initial digital fingerprint stored in a distributed data repository, wherein the initial digital fingerprint is based on an initial security service data of the computing device; and in response to the real-time health check of the computing device, determining, using the gateway computing device, whether to restore the computing device with configurations consistent with the initial digital fingerprint stored in the distributed data repository.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A computer-implemented method of providing improvements in security breach detection, comprising:
calculating, using a gateway computing device, a current digital fingerprint of a computing device based on current security service data of the computing device; conducting, using the gateway computing device, a real-time health check of the computing device based on an initial digital fingerprint stored in a distributed data repository, wherein the initial digital fingerprint is based on an initial security service data of the computing device; and in response to the real-time health check of the computing device, determining, using the gateway computing device, whether to restore the computing device with configurations consistent with the initial digital fingerprint stored in the distributed data repository.
2 . The computer-implemented method of claim 1 , further comprising:
generating, using a broker computing device, a digital replica of the computing device, wherein the digital replica comprises the initial security service data of the computing device; sending, using the broker computing device, the initial digital fingerprint of the computing device for storing in the distributed data repository.
3 . The computer-implemented method of claim 2 , further comprising encrypting, using the broker computing device, the initial security service data of the computing device, wherein the initial digital fingerprint comprises the encrypted initial security service data.
4 . The computer-implemented method of claim 2 , further comprising:
receiving, using the broker computing device, an authorized change to the initial security service data at the computing device; generating, using the broker computing device, an updated fingerprint based on the authorized change to the initial security service data at the computing device; and sending, using the broker computing device, the updated fingerprint for storing in the distributed data repository.
5 . The computer-implemented method of claim 1 , wherein the initial security service data comprises initial hardware data, initial firmware data, initial software data, and initial memory space data of the computing device, wherein the initial digital fingerprint comprises a plurality of initial encrypted data object identifiers, and wherein the plurality of initial encrypted data object identifiers is generated based on the initial security service data.
6 . The computer-implemented method of claim 1 , wherein the current security service data comprises current hardware data, current firmware data, current software data, and current memory space data of the computing device, wherein the current digital fingerprint comprises a plurality of current encrypted data object identifiers, and wherein the plurality of current encrypted data object identifiers is generated based on the current security service data.
7 . The computer-implemented method of claim 1 , wherein calculating a current digital fingerprint of the computing device comprises accessing the current security service data of the computing device by remoting logging into the computing device via SSH, Telnet, or HTTP, or by using a native protocol of the computing device.
8 . The computer-implemented method of claim 1 , wherein conducting the real-time health check of the computing device comprises comparing the current digital fingerprint that is calculated to the initial digital fingerprint that is stored in the distributed data repository.
9 . One or more non-transitory computer-readable storage media storing one or more instructions programmed for providing improvements in security breach detection and which, when executed by one or more intermediary computing devices, cause:
calculating, using a gateway computing device, a current digital fingerprint of a computing device based on current security service data of the computing device; conducting, using the gateway computing device, a real-time health check of the computing device based on an initial digital fingerprint stored in a distributed data repository, wherein the initial digital fingerprint is based on an initial security service data of the computing device; and in response to the real-time health check of the computing device, determining, using the gateway computing device, whether to restore the computing device with configurations consistent with the initial digital fingerprint stored in the distributed data repository.
10 . The one or more non-transitory computer-readable storage media of claim 9 , storing one or more further instructions which, when executed by the one or more intermediary computing devices, further cause:
generating, using a broker computing device, a digital replica of the computing device, wherein the digital replica comprises the initial security service data of the computing device; sending, using the broker computing device, the initial digital fingerprint of the computing device for storing in the distributed data repository.
11 . The one or more non-transitory computer-readable storage media of claim 10 , further comprising encrypting, using the broker computing device, the initial security service data of the computing device, wherein the initial digital fingerprint comprises the encrypted initial security service data.
12 . The one or more non-transitory computer-readable storage media of claim 10 , storing one or more further instructions which, when executed by the one or more intermediary computing devices, further cause:
receiving, using the broker computing device, an authorized change to the initial security service data at the computing device; generating, using the broker computing device, an updated fingerprint based on the authorized change to the initial security service data at the computing device; and sending, using the broker computing device, the updated fingerprint for storing in the distributed data repository.
13 . The one or more non-transitory computer-readable storage media of claim 9 , wherein calculating a current digital fingerprint of the computing device comprises accessing the current security service data of the computing device by remoting logging into the computing device via SSH, Telnet, or HTTP, or by using a native protocol of the computing device.
14 . The one or more non-transitory computer-readable storage media of claim 9 , wherein conducting the real-time health check of the computing device comprises comparing, using the gateway computing device, the current digital fingerprint that is calculated to the initial digital fingerprint that is stored in the distributed data repository.
15 . A computer system providing improvements in security breach detection, the computer system comprising:
a distributed ledger data repository; a gateway computing device that is communicatively coupled to the distributed ledger data repository and comprising a non-transitory data storage medium storing a first set of instructions which, when executed by the gateway computing device, cause:
calculating a current digital fingerprint of a computing device based on current security service data of the computing device;
conducting a real-time health check of the computing device based on an initial digital fingerprint stored in a distributed data repository, wherein the initial digital fingerprint is based on an initial security service data of the computing device; and
in response to the real-time health check of the computing device, determining whether to restore the computing device with configurations consistent with the initial digital fingerprint stored in the distributed data repository.
16 . The computer system of claim 15 , wherein calculating a current digital fingerprint of the computing device comprises accessing the current security service data of the computing device by remoting logging into the computing device via SSH, Telnet, or HTTP, or by using a native protocol of the computing device.
17 . The computer system of claim 15 , wherein conducting the real-time health check of the computing device comprises comparing the current digital fingerprint that is remotely calculated to the initial digital fingerprint that is stored in the distributed ledger data repository.
18 . The computing system of claim 17 , wherein the first set of instructions, when executed by the gateway computing device, further cause, in response to conducting the real-time health checks, determining whether to allow traffic from the computing device through or to block the traffic from the computing device.
19 . The computing system of claim 17 , further comprising:
a broker computing device that is communicatively coupled to the distributed ledger data repository and comprising a second non-transitory data storage medium storing a second set of instructions which, when executed by the broker computing device, cause: generating a digital replica of the computing device, wherein the digital replica comprises the initial security service data of the computing device; sending the initial digital fingerprint of the computing device for storing in the distributed data repository.
20 . The computing system of claim 19 , wherein the second set of instructions, when executed by the broker computing device, further cause, encrypting the initial security service data of the computing device, wherein the initial digital fingerprint comprises the encrypted initial security service data.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.