US 11,695,802 B2
Integrated control frameworks
Mark F. Novak, Newcastle, WA (US); Todd Hrycenko, Bellevue, WA (US); Roy E. Crowder, III, Pickerington, OH (US); and Marshall C. McCain, North Richland Hills, TX (US)
Assigned to JPMORGAN CHASE BANK, N.A., New York, NY (US)
Filed by JPMORGAN CHASE BANK, N.A., New York, NY (US)
Filed on Aug. 20, 2020, as Appl. No. 16/998,907.
Claims priority of provisional application 62/889,332, filed on Aug. 20, 2019.
Prior Publication US 2021/0058430 A1, Feb. 25, 2021
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/20 (2013.01) 18 Claims
OG exemplary drawing
 
1. An integrated control framework, comprising:
an application model layer that defines an application profile, an application model, and a target cloud environment for an application, the application comprising a plurality of application modules;
a control selection and parameterization layer comprising:
a standards catalog comprising a plurality of controls;
a controls catalog comprising control requirements for at least one of the target cloud environment, a jurisdiction, an industry standard, and a best practice; and
a controls selection engine that identifies a list of inline, preventive, detective and reactive controls for the application based on the application profile and an application module of the plurality of application modules;
a control configuration and deployment layer that configures selected controls from the plurality of controls to implement the list of inline, preventive, detective and reactive controls for the application based on the target cloud environment and the application model or the application profile, comprising:
a deployment pipeline that applies preventive controls and deploys the application, wherein the application passes the preventive controls;
a runtime validation module that deploys the detective controls on the application module to identify a deviation from an expected configuration or behavior;
an inline control module that deploys inline controls;
a runtime response module comprising reactive controls; and
a control-specific validation module that triggers a control-specific response module that applies a reactive control; and
an evidencing, visualization, and alerting layer comprising:
an event sink that receives control events from the inline controls and the control-specific response module;
an alerting module that generates an alert in response to a control event;
an evidencing repository that logs supporting information and results of decisions for the deployed controls to a log; and
a presentation layer that provides access to the evidencing repository.