-
公开(公告)号:US20210182873A1
公开(公告)日:2021-06-17
申请号:US17031198
申请日:2020-09-24
Applicant: Ulrich LANG , Rudolf SCHREINER
Inventor: Ulrich LANG , Rudolf SCHREINER
Abstract: Method and system for automating analyzing anomalies of an item for which no golden reference item is available, by using reference information, wherein the golden reference item is a known non-abnormal instance of an analyzed assembly, includes loading from a data storage, a memory, or via a communication, or user entry, item information of an analyzed item to be analyzed to be either expected or abnormal; loading reference information about the analyzed item; preprocessing both of the item information and the reference information to facilitate analysis; analyzing the item information and the reference information to determine a result that indicates whether elements of the item are confirmed by the reference information to be expected or abnormal; generating an output data with the result; and storing the output data pertaining to the result in a memory.
-
2.发明申请公开(公告)号:US20180069899A1
公开(公告)日:2018-03-08
申请号:US15645639
申请日:2017-07-10
Applicant: Ulrich Lang , Rudolf SCHREINER
Inventor: Ulrich Lang , Rudolf SCHREINER
IPC: H04L29/06 , G06F9/44 , G06F3/0482 , G06F3/0481 , G06F17/24
CPC classification number: H04L63/20 , G06F3/04817 , G06F3/0482 , G06F8/38 , G06F17/248 , H04L63/0263
Abstract: A policy management method and system, which determines at least one functional model for the IT system; loads at least one pre-configured policy selection template that indicates at least one policy aspect applicable to the at least one IT system; generates at least one policy user interface that gathers a policy input; receives a policy input loaded from a data storage or a memory or entered by a user via a user interface; loads at least one pre-configured policy generation template that indicates at least one technical rule or configuration aspect of the policy that the policy template pertains to; generates at least one machine-enforceable rule/configuration compliant with the received input policy; transmits the at least one machine-enforceable rule and/or configuration to at least one policy implementation entity; and executes the transmitted at least one machine-enforceable rule/configuration.
-
公开(公告)号:US20170324779A1
公开(公告)日:2017-11-09
申请号:US15656393
申请日:2017-07-21
Applicant: Ulrich Lang , Rudolf SCHREINER
Inventor: Ulrich Lang , Rudolf SCHREINER
IPC: H04L29/06
CPC classification number: H04L63/20 , G06F21/57 , G06F2221/2101 , H04L41/145 , H04L63/14 , H04L63/1433
Abstract: A system and method for managing and analyzing security requirements in reusable models. At least one functional model, at least one security implementation model, at least one requirement model, and meta models of the models are read by a reader. A correspondence between the functional model, security implementation model, and the requirements model is analyzed, whereby the correspondence indicates that compliance/security/accreditation requirements defined in the requirement model match with security objectives implemented by controls defined by the security implementation model. Next, it is determined whether correspondence is or is not given based on the analysis of the correspondence and then evidence is generated based on the analysis of the correspondence and the determination and the impact of changes is analyzed.
-
公开(公告)号:US20240022607A1
公开(公告)日:2024-01-18
申请号:US18093486
申请日:2023-01-05
Applicant: Ulrich LANG , Rudolf SCHREINER
Inventor: Ulrich LANG , Rudolf SCHREINER
CPC classification number: H04L63/20 , G06F21/57 , G06F21/604 , G06F2221/034 , G06F2221/2141
Abstract: A system and method for managing implementation of policies in an information technologies system receives at least one policy function, at least one refinement template and at least one available policy function from the at least one memory, receives a policy input indicating a high-level policy for the IT system where the policy input is compliant with the at least one policy function and is received in a format that is not machine-enforceable at an enforcement entity of the IT system, based on the received policy input, automatically or semi-automatically generates a machine-enforceable rule and/or configuration by filling the at least one refinement template, where the machine-enforceable rule and/or configuration includes the at least one available policy function and being compliant with the received policy input, and distributes the machine-enforceable rule and/or configuration to the at least one memory of the IT system or another at least one memory to thereby enable implementation of the policies.
-
5.发明申请公开(公告)号:US20220353300A1
公开(公告)日:2022-11-03
申请号:US17864146
申请日:2022-07-13
Applicant: Ulrich Lang , Rudolf SCHREINER
Inventor: Ulrich Lang , Rudolf SCHREINER
IPC: H04L9/40 , G06F3/0482 , G06F3/04817 , G06F8/38 , G06F40/186
Abstract: A method of managing supply chain risks having a supply chain risk analysis implementation, includes loading from a data storage or a memory, supply chain data for a supply chain which indicates information about the supply chain; mapping the supply chain data to a consistent input model; automatically analyzing, by an analytics module implemented on a processor, the input model to detect supply chain anomalies indicating the supply chain risks; producing an analysis results output of the analyzed input model; and outputting the analysis results output of the detected supply chain anomalies to the memory, the data storage, a display, or a message. A supply chain risk analysis system includes the processor, the data storage or the memory that stores the supply chain data for the supply chain which indicates information about the supply chain. The processor is configured to perform the processes.
-
Patent Agency Ranking
6.发明申请公开(公告)号:US20200259868A1
公开(公告)日:2020-08-13
申请号:US16845893
申请日:2020-04-10
Applicant: Ulrich Lang , Rudolf SCHREINER
Inventor: Ulrich Lang , Rudolf SCHREINER
IPC: H04L29/06 , G06F3/0482 , G06F3/0481 , G06F8/38 , G06F40/186
Abstract: A method of managing supply chain risks having a supply chain risk analysis implementation, includes loading from a data storage or a memory, supply chain data for a supply chain which indicates information about the supply chain; mapping the supply chain data to a consistent input model; automatically analyzing, by an analytics module implemented on a processor, the input model to detect supply chain anomalies indicating the supply chain risks; producing an analysis results output of the analyzed input model; and outputting the analysis results output of the detected supply chain anomalies to the memory, the data storage, a display, or a message. A supply chain risk analysis system includes the processor, the data storage or the memory that stores the supply chain data for the supply chain which indicates information about the supply chain. The processor is configured to perform the processes.
-
公开(公告)号:US20170289198A1
公开(公告)日:2017-10-05
申请号:US15629170
申请日:2017-06-21
Applicant: Ulrich LANG , Rudolf SCHREINER
Inventor: Ulrich LANG , Rudolf SCHREINER
CPC classification number: H04L63/20 , H04L63/0263 , H04L63/10 , H04L67/10
Abstract: A policy management system includes a policy management device that is configured to manage a policy input and/or a template and/or a functional model, a policy enforced device that is directly or indirectly connected to the policy management device via a network and that is configured such that at least a part of the functional model managed by the policy management device reflects the functional features/behaviors of the policy enforced device, a policy enforcement device that is configured to execute policy enforcement on the policy enforced device, and a policy decision device that is configured to receive machine-enforceable rule and/or configuration from the policy management device. The policy enforcement device, when a policy relevant event occurs, instructs the policy decision device to determine the result of the condition of the transmitted machine-enforceable rule and/or configuration for implementing the policy input for the policy enforced device, thereby modifying an operation of the policy enforced device or the policy enforcement device to execute the action.
-
公开(公告)号:US20090077621A1
公开(公告)日:2009-03-19
申请号:US12126711
申请日:2008-05-23
Applicant: Ulrich LANG , Rudolf SCHREINER
Inventor: Ulrich LANG , Rudolf SCHREINER
IPC: G06F21/00
CPC classification number: H04L63/20 , H04L63/0263 , H04L63/10 , H04L67/10
Abstract: A system and method of managing security policies in an information technologies (IT) system are provided. In an example, the method includes receiving an input indicating a high-level security policy for the IT system, the received high-level security policy relating to non-functional system attributes for the IT system and received in a format that is not machine-enforceable at an enforcement entity of the IT system. A functional model for the IT system is determined, where the functional model indicates functional system attributes of the IT system. At least one pre-configured rule template is loaded, and at least one machine-enforceable rule is generated in a manner compliant with the received high-level security policy by iteratively filling the at least one pre-configured rule template with functional system attributes indicated by the functional model. After the generating step, the at least one machine-enforceable rule can be distributed (e.g., to an enforcement entity, an Intrusion Detection System (IDS), etc.). In another example, the receiving, determining, loading, generating and distributing steps can be performed at a policy node within an IT system.
Abstract translation: 提供了一种在信息技术(IT)系统中管理安全策略的系统和方法。 在一个示例中,该方法包括接收指示IT系统的高级安全策略的输入,接收到的与IT系统的非功能系统属性相关的高级安全策略,并以不是机器级的格式接收, 可在信息系统的执法实体上执行。 确定IT系统的功能模型,其中功能模型指示IT系统的功能系统属性。 加载至少一个预先配置的规则模板,并且以符合所接收的高级安全策略的方式生成至少一个机器可执行规则,通过迭代地填充至少一个预先配置的规则模板,所述规则模板具有指示的功能系统属性 通过功能模型。 在生成步骤之后,可以分发至少一个可执行机器的规则(例如,到执行实体,入侵检测系统(IDS)等)。 在另一示例中,可以在IT系统内的策略节点执行接收,确定,加载,生成和分发步骤。
-
9.发明申请公开(公告)号:US20190258953A1
公开(公告)日:2019-08-22
申请号:US16255811
申请日:2019-01-23
Applicant: Ulrich Lang , Rudolf SCHREINER
Inventor: Ulrich Lang , Rudolf SCHREINER
Abstract: A method of automating an agent for environment includes loading an action determination model that indicates an action option, determining whether the action determination model indicates a next action option, and if so, determining an action based on the action determination model, determining whether an execution data model has been stored, and if so, obtaining data pertaining to the determined action, executing the action, determining a result of the action, storing the data pertaining to the result in an execution data model. Then, until the environment or agent reach an end state, the following are repeated: determining whether the action determination model indicates the next action option, and if so, determining the action based on the action determination model, and determining whether the execution data model has been stored, and if so, obtaining the data pertaining to the determined action.
-
10.发明申请公开(公告)号:US20190014153A1
公开(公告)日:2019-01-10
申请号:US16112045
申请日:2018-08-24
Applicant: Ulrich LANG , Rudolf SCHREINER
Inventor: Ulrich LANG , Rudolf SCHREINER
Abstract: A system and method for managing implementation of policies in an information technologies system receives at least one policy function, at least one refinement template and at least one available policy function from the at least one memory, receives a policy input indicating a high-level policy for the IT system where the policy input is compliant with the at least one policy function and is received in a format that is not machine-enforceable at an enforcement entity of the IT system, based on the received policy input, automatically or semi-automatically generates a machine-enforceable rule and/or configuration by filling the at least one refinement template, where the machine-enforceable rule and/or configuration includes the at least one available policy function and being compliant with the received policy input, and distributes the machine-enforceable rule and/or configuration to the at least one memory of the IT system or another at least one memory to thereby enable implementation of the policies.
-
-
-
-
-
-
-
-
-
Search Results
14
records
(took 0.026 seconds)
