Who is the assignee on this patent?

Microsoft Technology Licensing Llc

What technology area does this patent fall under?

Primary CPC classification G06F21/577. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Dec 01 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Automated production of certification controls by translating framework controls

US10855673B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10855673-B2
Application number	US-201815900934-A
Country	US
Kind code	B2
Filing date	Feb 21, 2018
Priority date	Sep 3, 2013
Publication date	Dec 1, 2020
Grant date	Dec 1, 2020

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A compliance application automatically produces certification controls by translating framework controls. The framework controls are common certification controls used in production of the certification. The application retrieves framework controls including metadata from a compliance framework data store. Metadata of the framework controls map the framework controls to the certification. In addition, the application retrieves certification parity data associated with the metadata. Certification controls are produced based on the framework controls and the certification parity data. A view of the certification including the certification controls is provided to a customer requesting the certification.

First claim

Opening claim text (preview).

What is claimed is: 1. A method to automatically produce a certification control, the method comprising: receiving, at a compliance application that is being executed on a hardware-implemented computing device, a request to view a certification associated with a service; selecting, by the compliance application, a framework control that includes metadata that matches an attribute of the certification; retrieving, by the compliance application, the framework control from a framework data store; retrieving, by the compliance application, certification parity data associated with the metadata included in the framework control from a parity data store; translating, by the compliance application, the framework control to the certification control using the certification parity data; and providing, by the compliance application, the certification control within the certification for display. 2. The method of claim 1 , further comprising: prior to translation, enabling, by the compliance application, execution of a compliance test on the framework control to determine whether the framework control is capable of being translated to the certification control using the certification parity data. 3. The method of claim 2 , further comprising: obtaining, by the compliance application, data associated with dependency information of the framework control from the certification parity data; and enabling, by the compliance application, the execution of the compliance test to validate the data obtained from the certification parity data in order to determine whether the framework control is capable of being translated to the certification control. 4. The method of claim 3 , further comprising: in response to a determination that the framework control is not capable of being translated to the certification control, updating, by the compliance application, the certification parity data such that the framework control is capable of being translated to the certification control. 5. The method of claim 3 , further comprising: producing, by the compliance application, the certification associated with the service within a common audit based on the data obtained from the certification parity data, the compliance test, the framework control, and the certification parity data; and certifying, by the compliance application, the service to a certification authority during the common audit. 6. The method of claim 3 , further comprising: producing, by the compliance application, one or more additional certifications associated with one or more additional services within a multi audit based on the data obtained from the certification parity data, the compliance test, the framework control, and the certification parity data; and certifying, by the compliance application, the one or more additional services to a certification authority during the multi audit. 7. The method of claim 1 , further comprising: automating, by the compliance application, the certification associated with the service. 8. The method of claim 7 , wherein automating, by the compliance application, the certification comprises: one of monitoring or auditing, by the compliance application, the service to produce a report; and translating, by the compliance application, the report using the certification parity data. 9. A hardware-implemented computing device to automate production of a certification control, the hardware-implemented computing device comprising: a memory configured to store instructions; and a hardware-implemented processor coupled to the memory, wherein the hardware-implemented processor executes a compliance application and is configured to: in response to receiving a request to view a certification associated with a service, select a framework control that includes metadata that matches an attribute of the certification; retrieve the framework control from a framework data store; retrieve certification parity data associated with the metadata included in the framework control from a parity data store; translate the framework control to the certification control using the certification parity data through a translation layer of the compliance application; and provide for display the certification control within the certification through a user interface. 10. The hardware-implemented computing device of claim 9 , wherein another hardware-implemented computing device communicatively coupled to the hardware-implemented computing device comprises an automation component that is configured to establish a connection with the translation layer in order to execute a compliance test prior to the translation. 11. The hardware-implemented computing device of claim 10 , wherein the automation component is configured to execute the compliance test on the framework control using the certification parity data in order to determine whether the framework control is capable of being translated to the certification control. 12. The hardware-implemented computing device of claim 11 , wherein, in response to a determination that the framework control is not capable of being translated to the certification control, the hardware-implemented processor is configured to update the certification parity data such that the framework control is capable of being translated to the certification control. 13. The hardware-implemented computing device of claim 9 , wherein the attribute of the certification includes one or more of a service identifier, a security description, and an expiration date of the metadata. 14. A system to automate production of a certification control, the system comprising: a first hardware-implemented computing device configured to execute a service; and a second hardware-implemented computing device, comprising: a communication interface configured to facilitate communication between the first hardware-implemented computing device and the second hardware-implemented computing device; a memory configured to store instructions; and a hardware-implemented processor coupled to the communication interface and the memory, wherein the hardware-implemented processor executes a compliance application and is configured to: in response to receiving a request to view a certification associated with the service from the first hardware-implemented computing device through the communication interface, select a framework control that includes metadata that matches an attribute of the certification; retrieve the framework control from a framework data store; retrieve certification parity data associated with the metadata included in the framework control from a parity data store; translate the framework control to the certification control using the certification parity data through a translation layer of the compliance application; and provide the certification control within the certification to the first hardware-implemented computing device through the communication interface for display through a user interface of the first hardware-implemented computing device. 15. The system of claim 14 , further comprising: a third hardware-implemented computing device that includes an automation component, wherein the automation component is configured to: establish a connection with the translation layer in order to execute a compliance test on the framework control using the certification parity data prior to the translation; and execute the compliance test to determine whether the framework control is capable of being translated to the certification control. 16. The system of claim 14 , wherein the hardware-implemen

Assignees

Microsoft Technology Licensing Llc

Inventors

Classifications

G06F21/577Primary
Assessing vulnerabilities and evaluating computer system security · CPC title
H04L9/3268Primary
using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL] · CPC title
G06F21/44Primary
Program or device authentication · CPC title
G06F40/186
Templates · CPC title
H04L63/0823Primary
using certificates (cryptographic mechanisms or cryptographic arrangements for entity authentication involving certificates H04L9/3263) · CPC title

Patent family

Related publications grouped by family.

View patent family 51541332

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10855673B2 cover?: A compliance application automatically produces certification controls by translating framework controls. The framework controls are common certification controls used in production of the certification. The application retrieves framework controls including metadata from a compliance framework data store. Metadata of the framework controls map the framework controls to the certification. In ad…
Who is the assignee on this patent?: Microsoft Technology Licensing Llc
What technology area does this patent fall under?: Primary CPC classification G06F21/577. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Dec 01 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).