The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Dec. 10, 2019
Filed:
Jul. 20, 2018
International Business Machines Coproration, Armonk, NY (US);
Suresh N. Chari, Tarrytown, NY (US);
Ashish Kundu, Elmsford, NY (US);
Ian M. Molloy, Chappaqua, NY (US);
Dimitrios Pendarakis, Westport, CT (US);
Josyula R. Rao, Briarcliff Manor, NY (US);
International Business Machines Corporation, Armonk, NY (US);
Abstract
Generating an attack graph to protect sensitive data objects from attack is provided. The attack graph that includes nodes representing components in a set of components of a regulated service and edges between nodes representing relationships between related components in the set of components is generated based on vulnerability and risk metrics corresponding to each component. A risk score is calculated for each component represented by a node in the attack graph based on sensitivity rank and criticality rank corresponding to each respective component. Risk scores are aggregated for each component along each edge path connecting a node of a particular component to a node of a related component. In response to determining that an aggregated risk score of a component is greater than or equal to a risk threshold, an action is performed to mitigate a risk to sensitive data corresponding to the component posed by an attack.