SYSTEMS AND METHODS FOR GENERATING POLICY COVERAGE INFORMATION FOR SECURITY-ENHANCED INFORMATION HANDLING SYSTEMS
An information handling system may include a host system comprising a processor and a management controller communicatively coupled to the processor, the management controller comprising firmware having a security module configured to enforce access control in accordance with a security policy. The...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | GIRI, Prashanth |
| description | An information handling system may include a host system comprising a processor and a management controller communicatively coupled to the processor, the management controller comprising firmware having a security module configured to enforce access control in accordance with a security policy. The security module may be further configured to, with respect to a process: (i) with respect to a firmware process, receive a plurality of access requests from the firmware process, wherein such plurality of access requests is generated as a result of at least one test case being applied to the firmware process; (ii) for each particular request of the plurality of requests, determine if the particular request is permitted in accordance with the security policy and if the particular request is permitted in accordance with the security policy, add an entry to a coverage store, the entry comprising information regarding the particular request; and (iii) compare the coverage store to the security policy to generate a policy coverage data file setting forth security rules of the security policy covered by execution of the plurality of requests. |
| format | Patent |
| fullrecord | <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US2020210598A1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US2020210598A1</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US2020210598A13</originalsourceid><addsrcrecordid>eNrjZCgMjgwOcfUNVnD0c1HwdQ3x8HcJVnDzD1Jwd_VzDXIM8fRzVwjw9_F0jlRw9g8Diri7Knj6ARX4AuX8_cBKg12dQ4M8QyJ1Xf08HP2cXV1QVACFXHxAxkBt4mFgTUvMKU7lhdLcDMpuriHOHrqpBfnxqcUFicmpeakl8aHBRgZAaGhgamnhaGhMnCoAPE05lw</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>SYSTEMS AND METHODS FOR GENERATING POLICY COVERAGE INFORMATION FOR SECURITY-ENHANCED INFORMATION HANDLING SYSTEMS</title><source>esp@cenet</source><creator>GIRI, Prashanth</creator><creatorcontrib>GIRI, Prashanth</creatorcontrib><description>An information handling system may include a host system comprising a processor and a management controller communicatively coupled to the processor, the management controller comprising firmware having a security module configured to enforce access control in accordance with a security policy. The security module may be further configured to, with respect to a process: (i) with respect to a firmware process, receive a plurality of access requests from the firmware process, wherein such plurality of access requests is generated as a result of at least one test case being applied to the firmware process; (ii) for each particular request of the plurality of requests, determine if the particular request is permitted in accordance with the security policy and if the particular request is permitted in accordance with the security policy, add an entry to a coverage store, the entry comprising information regarding the particular request; and (iii) compare the coverage store to the security policy to generate a policy coverage data file setting forth security rules of the security policy covered by execution of the plurality of requests.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC DIGITAL DATA PROCESSING ; PHYSICS</subject><creationdate>2020</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20200702&DB=EPODOC&CC=US&NR=2020210598A1$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,776,881,25542,76289</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20200702&DB=EPODOC&CC=US&NR=2020210598A1$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>GIRI, Prashanth</creatorcontrib><title>SYSTEMS AND METHODS FOR GENERATING POLICY COVERAGE INFORMATION FOR SECURITY-ENHANCED INFORMATION HANDLING SYSTEMS</title><description>An information handling system may include a host system comprising a processor and a management controller communicatively coupled to the processor, the management controller comprising firmware having a security module configured to enforce access control in accordance with a security policy. The security module may be further configured to, with respect to a process: (i) with respect to a firmware process, receive a plurality of access requests from the firmware process, wherein such plurality of access requests is generated as a result of at least one test case being applied to the firmware process; (ii) for each particular request of the plurality of requests, determine if the particular request is permitted in accordance with the security policy and if the particular request is permitted in accordance with the security policy, add an entry to a coverage store, the entry comprising information regarding the particular request; and (iii) compare the coverage store to the security policy to generate a policy coverage data file setting forth security rules of the security policy covered by execution of the plurality of requests.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>PHYSICS</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2020</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZCgMjgwOcfUNVnD0c1HwdQ3x8HcJVnDzD1Jwd_VzDXIM8fRzVwjw9_F0jlRw9g8Diri7Knj6ARX4AuX8_cBKg12dQ4M8QyJ1Xf08HP2cXV1QVACFXHxAxkBt4mFgTUvMKU7lhdLcDMpuriHOHrqpBfnxqcUFicmpeakl8aHBRgZAaGhgamnhaGhMnCoAPE05lw</recordid><startdate>20200702</startdate><enddate>20200702</enddate><creator>GIRI, Prashanth</creator><scope>EVB</scope></search><sort><creationdate>20200702</creationdate><title>SYSTEMS AND METHODS FOR GENERATING POLICY COVERAGE INFORMATION FOR SECURITY-ENHANCED INFORMATION HANDLING SYSTEMS</title><author>GIRI, Prashanth</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US2020210598A13</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2020</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>PHYSICS</topic><toplevel>online_resources</toplevel><creatorcontrib>GIRI, Prashanth</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>GIRI, Prashanth</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>SYSTEMS AND METHODS FOR GENERATING POLICY COVERAGE INFORMATION FOR SECURITY-ENHANCED INFORMATION HANDLING SYSTEMS</title><date>2020-07-02</date><risdate>2020</risdate><abstract>An information handling system may include a host system comprising a processor and a management controller communicatively coupled to the processor, the management controller comprising firmware having a security module configured to enforce access control in accordance with a security policy. The security module may be further configured to, with respect to a process: (i) with respect to a firmware process, receive a plurality of access requests from the firmware process, wherein such plurality of access requests is generated as a result of at least one test case being applied to the firmware process; (ii) for each particular request of the plurality of requests, determine if the particular request is permitted in accordance with the security policy and if the particular request is permitted in accordance with the security policy, add an entry to a coverage store, the entry comprising information regarding the particular request; and (iii) compare the coverage store to the security policy to generate a policy coverage data file setting forth security rules of the security policy covered by execution of the plurality of requests.</abstract><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_epo_espacenet_US2020210598A1 |
| source | esp@cenet |
| subjects | CALCULATING COMPUTING COUNTING ELECTRIC DIGITAL DATA PROCESSING PHYSICS |
| title | SYSTEMS AND METHODS FOR GENERATING POLICY COVERAGE INFORMATION FOR SECURITY-ENHANCED INFORMATION HANDLING SYSTEMS |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-11T21%3A52%3A24IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=GIRI,%20Prashanth&rft.date=2020-07-02&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS2020210598A1%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |