	US 12,174,969 B2
	Continuous risk assessment for electronic protected health information
David M. T. Ting, Sudbury, MA (US); and Sean Ting, San Francisco, CA (US)
Assigned to Tausight, Inc., Sudbury, MA (US)
Filed by David M. T. Ting, Sudbury, MA (US); and Sean Ting, San Francisco, CA (US)
Filed on Dec. 28, 2022, as Appl. No. 18/089,646.
Application 18/089,646 is a continuation of application No. 16/841,232, filed on Apr. 6, 2020, granted, now 11,625,488.
Claims priority of provisional application 62/829,695, filed on Apr. 5, 2019.
Prior Publication US 2023/0134122 A1, May 4, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/57 (2013.01); G06F 21/70 (2013.01); G16H 10/60 (2018.01)

CPC G06F 21/577 (2013.01) [G06F 21/70 (2013.01); G16H 10/60 (2018.01)]

22 Claims

1. A computational system comprising:

a. a processor;

b. an operating system;

c. a computer memory;

d. a plurality of user applications;

e. a risk database; and

f. at least one agent executable by the processor and configured to (i) monitor resource requests by the user applications and, based thereon, generate a map of resource usage by each application; (ii) based on the map and the risk database, detect application events associated with risks; and (iii) upon detection of an event corresponding to a risk, check the event against a minimum cut set of vulnerabilities, wherein the minimum cut set of vulnerabilities is the smallest set of individual component faults required to trigger a root-level fault, determine a set of resources vulnerable to the risk and, based thereon, take an action, wherein a resource is a physical or logical capability managed by the operating system.