Browse Prior Art Database

Method for Providing Cognitive Audit System for Learning and Managing Device Configurations and Security Policies

IP.com Disclosure Number: IPCOM000253944D
Publication Date: 2018-May-16
Document File: 2 page(s) / 90K

Publishing Venue

The IP.com Prior Art Database

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

1

Method for Providing Cognitive Audit System for Learning and Managing Device Configurations and Security Policies

Description

Generally, most of the security solutions deployed in real world involve multiple devices from multiple vendors with different software, communicating with various protocols and various tools. There is no standard for configurations and policies to manage the devices which makes overall security policy design hard and auditing even harder. So, there exists a need for managing configurations and security policies of multiple devices in an environment.

Disclosed is a method for providing cognitive audit system for learning and managing device configurations and security policies. The method initially collects configurations and policies of devices in the environment and feed the collected data to a cognitive system. Subsequently, collection of queries from an administrator are periodically send to the cognitive system to create a cognitive audit system for checking completeness or readiness or security in the environment, wherein the queries are constructed by natural language or structural language.

In accordance with the method, the cognitive system comprising a parser component utilizes machine learning to understand configurations and policies from sources such as, but not limited to, configuration files, product manual, online tutorial, online courses, online forum, and newsgroup to understand a context. The configurations and policies are periodically (actively or passively) collected from every device/tool/software, and each configuration or policy is associated with a type of device/tool/software to provide an input to the cognitive system. An advisory module then recommends everything that a security administrator needs for deploying, by considering requirements of modifying existing security policies as input, which is described in natural language or structured language. For instance, security administrator asks the cognitive system to recommend a set of new configurations and policies that allows a roaming user to connect to internal file server via VPN. Additionally, current security deployment is verified for any flaws by an audit system. For example, a security administrator asks the audit system if VPN user can use torrents to download files. The audit system consumes a set of rules for validation, requests the cognitive audit system periodically or when a new policy or configuration is collected to validate rules for security co...