Enhanced cloud infrastructure security through runtime visibility into deployed software
A system retrieves from cloud storage a packet(s) sampled from network traffic detected for software deployed on a cloud instance within a cloud environment. Each packet is inspected with deep packet inspection (DPI) to determine characteristics of the packet from which the identity/type of the corr...
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Cheng, Yonghui Narayan, Krishnan Shankar |
| description | A system retrieves from cloud storage a packet(s) sampled from network traffic detected for software deployed on a cloud instance within a cloud environment. Each packet is inspected with deep packet inspection (DPI) to determine characteristics of the packet from which the identity/type of the corresponding software are determined. The system correlates the data/metadata generated from DPI with data/metadata of other cloud resources of the cloud environment based on determining the cloud resources to which the cloud instance is related or which also support deployment/execution of the software. The correlated data/metadata are evaluated based on security policies which include criteria for characteristics of software running on the cloud infrastructure rather than criteria for cloud infrastructure configuration alone. The system thus determines whether a cloud resource complies with the security policies based at least partly on the types/characteristics of software with which it is correlated. |
| format | Patent |
| fullrecord | <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US12003517B2</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US12003517B2</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US12003517B23</originalsourceid><addsrcrecordid>eNqNjDsKAjEQQNNYiHqH8QDCfhB7ZcVeBbslJpPdgZiEyUTZ26vgAaxe8R5vrm5dGHUwaMH4WCxQcKyzcDFSGCGjKUwygYwcyzAClyD0QHhSpjv5r6IgESwmH6fPJkcnL824VDOnfcbVjwu1PnaXw2mDKfaYkzYYUPrruW6qqt3Wu33T_tO8AWTzO-c</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Enhanced cloud infrastructure security through runtime visibility into deployed software</title><source>esp@cenet</source><creator>Cheng, Yonghui ; Narayan, Krishnan Shankar</creator><creatorcontrib>Cheng, Yonghui ; Narayan, Krishnan Shankar</creatorcontrib><description>A system retrieves from cloud storage a packet(s) sampled from network traffic detected for software deployed on a cloud instance within a cloud environment. Each packet is inspected with deep packet inspection (DPI) to determine characteristics of the packet from which the identity/type of the corresponding software are determined. The system correlates the data/metadata generated from DPI with data/metadata of other cloud resources of the cloud environment based on determining the cloud resources to which the cloud instance is related or which also support deployment/execution of the software. The correlated data/metadata are evaluated based on security policies which include criteria for characteristics of software running on the cloud infrastructure rather than criteria for cloud infrastructure configuration alone. The system thus determines whether a cloud resource complies with the security policies based at least partly on the types/characteristics of software with which it is correlated.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRIC DIGITAL DATA PROCESSING ; ELECTRICITY ; PHYSICS ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2024</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20240604&DB=EPODOC&CC=US&NR=12003517B2$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25564,76547</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20240604&DB=EPODOC&CC=US&NR=12003517B2$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Cheng, Yonghui</creatorcontrib><creatorcontrib>Narayan, Krishnan Shankar</creatorcontrib><title>Enhanced cloud infrastructure security through runtime visibility into deployed software</title><description>A system retrieves from cloud storage a packet(s) sampled from network traffic detected for software deployed on a cloud instance within a cloud environment. Each packet is inspected with deep packet inspection (DPI) to determine characteristics of the packet from which the identity/type of the corresponding software are determined. The system correlates the data/metadata generated from DPI with data/metadata of other cloud resources of the cloud environment based on determining the cloud resources to which the cloud instance is related or which also support deployment/execution of the software. The correlated data/metadata are evaluated based on security policies which include criteria for characteristics of software running on the cloud infrastructure rather than criteria for cloud infrastructure configuration alone. The system thus determines whether a cloud resource complies with the security policies based at least partly on the types/characteristics of software with which it is correlated.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>ELECTRICITY</subject><subject>PHYSICS</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2024</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNqNjDsKAjEQQNNYiHqH8QDCfhB7ZcVeBbslJpPdgZiEyUTZ26vgAaxe8R5vrm5dGHUwaMH4WCxQcKyzcDFSGCGjKUwygYwcyzAClyD0QHhSpjv5r6IgESwmH6fPJkcnL824VDOnfcbVjwu1PnaXw2mDKfaYkzYYUPrruW6qqt3Wu33T_tO8AWTzO-c</recordid><startdate>20240604</startdate><enddate>20240604</enddate><creator>Cheng, Yonghui</creator><creator>Narayan, Krishnan Shankar</creator><scope>EVB</scope></search><sort><creationdate>20240604</creationdate><title>Enhanced cloud infrastructure security through runtime visibility into deployed software</title><author>Cheng, Yonghui ; Narayan, Krishnan Shankar</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US12003517B23</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2024</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>ELECTRICITY</topic><topic>PHYSICS</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>Cheng, Yonghui</creatorcontrib><creatorcontrib>Narayan, Krishnan Shankar</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Cheng, Yonghui</au><au>Narayan, Krishnan Shankar</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Enhanced cloud infrastructure security through runtime visibility into deployed software</title><date>2024-06-04</date><risdate>2024</risdate><abstract>A system retrieves from cloud storage a packet(s) sampled from network traffic detected for software deployed on a cloud instance within a cloud environment. Each packet is inspected with deep packet inspection (DPI) to determine characteristics of the packet from which the identity/type of the corresponding software are determined. The system correlates the data/metadata generated from DPI with data/metadata of other cloud resources of the cloud environment based on determining the cloud resources to which the cloud instance is related or which also support deployment/execution of the software. The correlated data/metadata are evaluated based on security policies which include criteria for characteristics of software running on the cloud infrastructure rather than criteria for cloud infrastructure configuration alone. The system thus determines whether a cloud resource complies with the security policies based at least partly on the types/characteristics of software with which it is correlated.</abstract><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_epo_espacenet_US12003517B2 |
| source | esp@cenet |
| subjects | CALCULATING COMPUTING COUNTING ELECTRIC COMMUNICATION TECHNIQUE ELECTRIC DIGITAL DATA PROCESSING ELECTRICITY PHYSICS TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION |
| title | Enhanced cloud infrastructure security through runtime visibility into deployed software |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-03T15%3A10%3A52IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Cheng,%20Yonghui&rft.date=2024-06-04&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS12003517B2%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |