Use of artificial intelligence techniques to identify possible inadvertent data disclosures in emails
US-2024422114-A1 · Dec 19, 2024 · US
Automatically validating enterprise firewall rules and provisioning firewall rules in computer systems
US9843560B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9843560-B2 |
| Application number | US-201514851981-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 11, 2015 |
| Priority date | Sep 11, 2015 |
| Publication date | Dec 12, 2017 |
| Grant date | Dec 12, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Automatically validating a firewall rule for provisioning in a computer system. One or more firewall rules for provisioning on a server is received from a user device. Based on predefined firewall rules, whether to approve one or more of the firewall rules and deny one or more of the firewall rules is determined. Responsive to determining that one or more of the firewall rules are denied, additional validation of one or more of the firewall rules that are denied are performed. A firewall rule learning engine is updated with a result of the additional validation. Based on the result of the additional validation, the firewall rule learning engine updates the predefined firewall rules. One or more of the firewall rules that are approved on the server may be provisioned.
First claim
Opening claim text (preview).
We claim: 1. A computer-implemented method of automatically validating a firewall rule for provisioning in a computer system, comprising executing on one or more computer processors: receiving from a user device one or more firewall rules for provisioning on a server; determining based on predefined firewall rules, whether to approve one or more of the firewall rules and deny one or more of the firewall rules; responsive to determining that one or more of the firewall rules are denied, performing additional validation of one or more of the firewall rules that are denied; updating a firewall rule learning engine with a result of the additional validation, wherein based on the result of the additional validation, the firewall rule learning engine updates the predefined firewall rules; provisioning one or more of the firewall rules that are approved on the server; and opening the one or more of the firewall rules between a source server and a target server, wherein one or more of the computer processors automatically secure connections between the source server and the target server. 2. The method of claim 1 , wherein the firewall rule learning engine creates one or more new firewall rules based on the additional validation and adds the new firewall rules to the predefined firewall rules. 3. The method of claim 1 , wherein the firewall rule learning engine implements a machine learning algorithm to automatically create the new firewall rules. 4. The method of claim 3 , wherein the machine learning algorithm includes a support vector machine-based algorithm. 5. The method of claim 1 , further comprising sending provisioning status to the user device. 6. The method of claim 1 , wherein a cloud management stack receives the request and performs the provisioning. 7. A non-transitory computer readable storage medium storing a program of instructions executable by a machine to perform a method of automatically validating a firewall rule for provisioning in a computer system, the method comprising: receiving from a user device one or more firewall rules for provisioning on a server; determining based on predefined firewall rules, whether to approve one or more of the firewall rules and deny one or more of the firewall rules; responsive to determining that one or more of the firewall rules are denied, performing additional validation of one or more of the firewall rules that are denied; updating a firewall rule learning engine with a result of the additional validation, wherein based on the result of the additional validation, the firewall rule learning engine updates the predefined firewall rules; provisioning one or more of the firewall rules that are approved on the server; and opening the one or more of the firewall rules between a source server and a target server, wherein one or more of the computer processors automatically secure connections between the source server and the target server. 8. The non-transitory computer readable storage medium of claim 7 , wherein the firewall rule learning engine creates one or more new firewall rules based on the additional validation and adds the new firewall rules to the predefined firewall rules. 9. The non-transitory computer readable storage medium of claim 7 , wherein the firewall rule learning engine implements a machine learning algorithm to automatically create the new firewall rules. 10. The non-transitory computer readable storage medium of claim 9 , wherein the machine learning algorithm includes a support vector machine-based algorithm. 11. The non-transitory computer readable storage medium of claim 7 , further comprising sending provisioning status to the user device. 12. The non-transitory computer readable storage medium of claim 7 , wherein a cloud management stack receives the request and performs the provisioning. 13. A system of automatically validating a firewall rule for provisioning in a computer system, comprising: a storage device; one or more computer processors operatively coupled to a communication network, one or more of the computer processors operable to receive from a user device one or more firewall rules for provisioning on a server, one or more of the computer processors determining based on predefined firewall rules stored on the storage device, whether to approve one or more of the firewall rules and deny one or more of the firewall rules, responsive to determining that one or more of the firewall rules are denied, one or more of the computer processors performing additional validation of one or more of the firewall rules that are denied; a firewall rule learning engine coupled to one or more of the computer processors; one or more of the computer processors updating the firewall rule learning engine with a result of the additional validation; based on the result of the additional validation, the firewall rule learning engine operable to update the predefined firewall rules; one or more of the computer processors operable to provision one or more of the firewall rules that are approved on the server; one or more of the computer processors opening the one or more of the firewall rules between a source server and a target server, wherein one or more of the computer processors automatically secure connections between the source server and the target server. 14. The system of claim 13 , wherein the firewall rule learning engine creates one or more new firewall rules based on the additional validation and adds the new firewall rules to the predefined firewall rules. 15. The system of claim 1 , wherein the firewall rule learning engine implements a machine learning algorithm to automatically create the new firewall rules. 16. The system of claim 15 , wherein the machine learning algorithm includes a support vector machine-based algorithm. 17. The system of claim 13 , wherein one or more of the computer processors sends provisioning status to the user device. 18. The system of claim 13 , wherein one or more of the computer processors runs a cloud management stack that receives the request and performs the provisioning.
Assignees
Inventors
Classifications
- H04L63/0263Primary
Rule management · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9843560B2 cover?
- Automatically validating a firewall rule for provisioning in a computer system. One or more firewall rules for provisioning on a server is received from a user device. Based on predefined firewall rules, whether to approve one or more of the firewall rules and deny one or more of the firewall rules is determined. Responsive to determining that one or more of the firewall rules are denied, addit…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0263. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Dec 12 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).