US 11,962,571 B2
Ecosystem per distributed element security through virtual isolation networks
Babak Pasdar, Jersey City, NJ (US)
Assigned to ACRETO CLOUD CORPORATION, Jersey City, NJ (US)
Filed by ACRETO CLOUD CORPORATION, Jersey City, NJ (US)
Filed on Jul. 19, 2022, as Appl. No. 17/867,910.
Application 17/867,910 is a continuation of application No. 16/000,294, filed on Jun. 5, 2018, granted, now 11,394,691.
Prior Publication US 2023/0076918 A1, Mar. 9, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/00 (2013.01); G06F 16/22 (2019.01); H04L 9/40 (2022.01)
CPC H04L 63/0272 (2013.01) [G06F 16/22 (2019.01); H04L 63/029 (2013.01); H04L 63/20 (2013.01)] 12 Claims
OG exemplary drawing
 
1. A method for improving security and management of information technology by creating an identifiable ecosystem, comprising:
a) configuring at least one database to accept a virtual isolation network registration therein of at least one virtual isolation network including at least one security instance operating at, at least one network security point, the at least one security instance operating with at least one segregated virtual network unit, wherein the at least one segregated virtual network unit utilizes at least one of a shared physical and virtual host kernel, having a fully contained dedicated Layer 2-7 network stack and ability to host applications, the at least one segregated virtual network unit hosting at least one application module;
b) configuring the at least one virtual isolation network to accept a first element registration-of a first element;
c) registering the first element in the at least one database;
d) enabling the registered first element to connect to at least one virtual isolation network via the at least one network security point to the at least one security instance;
e) applying at least one defined security policy for the communication by the first element via the at least one virtual isolation network to at least one of a communication source or destination,
wherein at least one defined security function is applied by the at least one defined security policy using at least one respective flow marker which references the at least one defined security policy to identify if and in what sequence communication through the at least one segregated virtual network unit and at least one application module of the at least one security instance is to be activated,
wherein the at least one element includes at least one of: a user, an electronic device, an IoT device, a network, a cloud network, a physical facility, a cloud instance, a Software-as-a-Service application, a software application, an operating system, a virtual machine, a connected member element, a non-connected member element;
wherein the first element communicates with an at least one additional element within the at least one virtual isolation network but is restricted from communicating beyond the at least one virtual isolation network, and
wherein the at least one security instance is configured to include modular interconnected respective segregated virtual network units.