System and method for constructing a graph-based model for optimizing the security posture of a composed internet of things system
US12101357B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 1, 2020 |
| Grant date | Sep 24, 2024 |
| Priority date | — |
| Expiry date | Jan 22, 2042 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Embodiments provide a system and method for constructing a graph-based model for optimizing the security posture of a composed system. During operation, the system constructs a multi-layer graph for a system with a plurality of components, wherein the multi-layer graph comprises a configuration subgraph, a vulnerability subgraph, and a dependency subgraph. The system constructs the multi-layer graph by the following. The system generates nodes in the configuration subgraph, including: nodes in a first class which encode information associated with a configuration parameter for a respective component, wherein the encoded information includes a name, a default value, a range of values, and a data type; and nodes in a second class which encode value assignments for configuration parameters and relationships between configuration parameters. The system generates nodes in the vulnerability subgraph based on known vulnerabilities associated with a component, bad security practices, and best security practices.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.