STATEFUL MICROSERVICE-AWARE INTRUSION DETECTION

STATEFUL MICROSERVICE-AWARE INTRUSION DETECTION

A method, system, and computer program product for performing microservice-aware reference policy checking that accept stateful security policies. The method may include receiving a security policy for a container that is part of a microservice architecture. The method may also include obtaining a f...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Araujo, Frederico, Blair, William, Taylor, Teryl Paul
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator Araujo, Frederico
Blair, William
Taylor, Teryl Paul
description A method, system, and computer program product for performing microservice-aware reference policy checking that accept stateful security policies. The method may include receiving a security policy for a container that is part of a microservice architecture. The method may also include obtaining a first effect graph of the security policy, resulting in a security model for the container. The method may also include identifying execution behavior of the container. The method may also include generating a second effect graph of the execution behavior of the container, where the generating includes summarizing operations and interactions between entities in the execution behavior and results in a behavioral model. The method may also include comparing the behavioral model to the security model. The method may also include determining whether the container has deviated from the security policy based on the comparing. The method may also include enforcing the security policy against the container.
format Patent
fullrecord <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US2022309152A1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US2022309152A1</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US2022309152A13</originalsourceid><addsrcrecordid>eNrjZNAPDnEMcXUL9VHw9XQO8g92DQrzdHbVdQx3DHJV8PQLCQoN9vT3U3BxDXF1DgGyeBhY0xJzilN5oTQ3g7Kba4izh25qQX58anFBYnJqXmpJfGiwkYGRkbGBpaGpkaOhMXGqANO0J1g</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>STATEFUL MICROSERVICE-AWARE INTRUSION DETECTION</title><source>esp@cenet</source><creator>Araujo, Frederico ; Blair, William ; Taylor, Teryl Paul</creator><creatorcontrib>Araujo, Frederico ; Blair, William ; Taylor, Teryl Paul</creatorcontrib><description>A method, system, and computer program product for performing microservice-aware reference policy checking that accept stateful security policies. The method may include receiving a security policy for a container that is part of a microservice architecture. The method may also include obtaining a first effect graph of the security policy, resulting in a security model for the container. The method may also include identifying execution behavior of the container. The method may also include generating a second effect graph of the execution behavior of the container, where the generating includes summarizing operations and interactions between entities in the execution behavior and results in a behavioral model. The method may also include comparing the behavioral model to the security model. The method may also include determining whether the container has deviated from the security policy based on the comparing. The method may also include enforcing the security policy against the container.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC DIGITAL DATA PROCESSING ; PHYSICS</subject><creationdate>2022</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20220929&amp;DB=EPODOC&amp;CC=US&amp;NR=2022309152A1$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25564,76547</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20220929&amp;DB=EPODOC&amp;CC=US&amp;NR=2022309152A1$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Araujo, Frederico</creatorcontrib><creatorcontrib>Blair, William</creatorcontrib><creatorcontrib>Taylor, Teryl Paul</creatorcontrib><title>STATEFUL MICROSERVICE-AWARE INTRUSION DETECTION</title><description>A method, system, and computer program product for performing microservice-aware reference policy checking that accept stateful security policies. The method may include receiving a security policy for a container that is part of a microservice architecture. The method may also include obtaining a first effect graph of the security policy, resulting in a security model for the container. The method may also include identifying execution behavior of the container. The method may also include generating a second effect graph of the execution behavior of the container, where the generating includes summarizing operations and interactions between entities in the execution behavior and results in a behavioral model. The method may also include comparing the behavioral model to the security model. The method may also include determining whether the container has deviated from the security policy based on the comparing. The method may also include enforcing the security policy against the container.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>PHYSICS</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2022</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZNAPDnEMcXUL9VHw9XQO8g92DQrzdHbVdQx3DHJV8PQLCQoN9vT3U3BxDXF1DgGyeBhY0xJzilN5oTQ3g7Kba4izh25qQX58anFBYnJqXmpJfGiwkYGRkbGBpaGpkaOhMXGqANO0J1g</recordid><startdate>20220929</startdate><enddate>20220929</enddate><creator>Araujo, Frederico</creator><creator>Blair, William</creator><creator>Taylor, Teryl Paul</creator><scope>EVB</scope></search><sort><creationdate>20220929</creationdate><title>STATEFUL MICROSERVICE-AWARE INTRUSION DETECTION</title><author>Araujo, Frederico ; Blair, William ; Taylor, Teryl Paul</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US2022309152A13</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2022</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>PHYSICS</topic><toplevel>online_resources</toplevel><creatorcontrib>Araujo, Frederico</creatorcontrib><creatorcontrib>Blair, William</creatorcontrib><creatorcontrib>Taylor, Teryl Paul</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Araujo, Frederico</au><au>Blair, William</au><au>Taylor, Teryl Paul</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>STATEFUL MICROSERVICE-AWARE INTRUSION DETECTION</title><date>2022-09-29</date><risdate>2022</risdate><abstract>A method, system, and computer program product for performing microservice-aware reference policy checking that accept stateful security policies. The method may include receiving a security policy for a container that is part of a microservice architecture. The method may also include obtaining a first effect graph of the security policy, resulting in a security model for the container. The method may also include identifying execution behavior of the container. The method may also include generating a second effect graph of the execution behavior of the container, where the generating includes summarizing operations and interactions between entities in the execution behavior and results in a behavioral model. The method may also include comparing the behavioral model to the security model. The method may also include determining whether the container has deviated from the security policy based on the comparing. The method may also include enforcing the security policy against the container.</abstract><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier
ispartof
issn
language eng
recordid cdi_epo_espacenet_US2022309152A1
source esp@cenet
subjects CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
title STATEFUL MICROSERVICE-AWARE INTRUSION DETECTION
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-22T16%3A40%3A31IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Araujo,%20Frederico&rft.date=2022-09-29&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS2022309152A1%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true