Methods of dynamically securing electronic devices and other communications through environmental and system measurements leveraging tailored trustworthy spaces and continuous authentication
First Claim
1. A method performed by a first and second data processing apparatus that are communicatively coupled, the method comprising:
- obtaining, by the first data processing apparatus, one or more signals from one or more sensors communicatively coupled to the first data processing apparatus;
determining, by the first data processing apparatus, a varying trust level in the operating security state of the first data processing apparatus by applying at least one of a scaling function, identity function, assignment function, step function, artificial neural network, and machine learning techniques to the one or more signals from the one or more sensors to determine a first TTS measurement;
determining, by the first data processing apparatus, at least two trust levels from the one or more signals, wherein each trust level is determined independently of any other trust level;
creating a third trust level by combining the at least two trust levels;
transmitting, by the first data processing apparatus to the second data processing apparatus, the first TTS measurement, wherein the second data processing apparatus is operating in a first operating security state; and
changing, by the second data processing apparatus after receiving the first TTS measurement, from the first operating security state of the second data processing apparatus to a second operating security state by at least one of control, direction, manipulation, limitation, activation, and deactivation of at least one of a plurality of operating security states of the second data processing apparatus;
wherein the first data processing apparatus and the second data processing apparatus are communicatively coupled by a first communication method;
wherein the changing from the first operating security state to the second operating security state by the second data processing apparatus comprises;
determining, by the second data processing apparatus, a TTS state using tailored trustworthy space rules (“
TTS rules”
) and the first TTS measurement received from the first data processing apparatus;
wherein the determining, by the first data processing apparatus, one of the at least two trust levels further comprises;
using data from at least one TTS rule, wherein the data comprises one or more of a historical trust level and a historical value for one of the one or more signals used in determining one of the at least two trust levels; and
wherein machine learning techniques are used to determine if the first data processing apparatus is currently operating in one of a typical way and an atypical way.
1 Assignment
0 Petitions
Accused Products
Abstract
This invention is for a system capable of securing one or more fixed or mobile computing device and connected system. Each device is configured to change its operating posture by allowing, limiting, or disallowing access to applications, application features, devices features, data, and other information based on the current Tailored Trustworthy Space (TTS) definitions and rules which provided for various situationally dependent scenarios. Multiple TTS may be defined for a given deployment, each of which specifies one or more sensors and algorithms for combining sensor data from the device, other connected devices, and/or other data sources from which the current TTS is identified. The device further achieves security by loading digital credentials through a unidirectional multidimensional physical representation process which allows for the device to obtain said credentials without the risk of compromising the credential issuing system through the data transfer process. This secure system methodology may be used to create a Mobile Secure Compartmentalized Information Facility (M-SCIF), among other applications.
45 Citations
18 Claims
-
1. A method performed by a first and second data processing apparatus that are communicatively coupled, the method comprising:
-
obtaining, by the first data processing apparatus, one or more signals from one or more sensors communicatively coupled to the first data processing apparatus; determining, by the first data processing apparatus, a varying trust level in the operating security state of the first data processing apparatus by applying at least one of a scaling function, identity function, assignment function, step function, artificial neural network, and machine learning techniques to the one or more signals from the one or more sensors to determine a first TTS measurement; determining, by the first data processing apparatus, at least two trust levels from the one or more signals, wherein each trust level is determined independently of any other trust level; creating a third trust level by combining the at least two trust levels; transmitting, by the first data processing apparatus to the second data processing apparatus, the first TTS measurement, wherein the second data processing apparatus is operating in a first operating security state; and changing, by the second data processing apparatus after receiving the first TTS measurement, from the first operating security state of the second data processing apparatus to a second operating security state by at least one of control, direction, manipulation, limitation, activation, and deactivation of at least one of a plurality of operating security states of the second data processing apparatus; wherein the first data processing apparatus and the second data processing apparatus are communicatively coupled by a first communication method; wherein the changing from the first operating security state to the second operating security state by the second data processing apparatus comprises; determining, by the second data processing apparatus, a TTS state using tailored trustworthy space rules (“
TTS rules”
) and the first TTS measurement received from the first data processing apparatus;wherein the determining, by the first data processing apparatus, one of the at least two trust levels further comprises;
using data from at least one TTS rule, wherein the data comprises one or more of a historical trust level and a historical value for one of the one or more signals used in determining one of the at least two trust levels; andwherein machine learning techniques are used to determine if the first data processing apparatus is currently operating in one of a typical way and an atypical way. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for facilitating communication between devices comprising:
-
a first data processing apparatus comprising a first processor, a first memory, and one or more first sensors; a second data processing apparatus comprising a second processor, a second memory, and communicatively coupled to the first data processing apparatus by a first communication method; and an intermediate device comprising one or more second sensors, the intermediate device communicatively coupled between the first data processing apparatus and the second data processing apparatus; wherein the second memory stores computer-executable instructions that, when executed by the second processor, cause the second data processing apparatus to; receive one or more external TTS measurements from a transmitting apparatus comprising at least one of the first data processing apparatus and the intermediate device, wherein the transmitting apparatus is configured to determine the one or more external TTS measurements by applying at least one of a scaling function, identity function, assignment function, step function, artificial neural network, and machine learning techniques to the one or more signals received by the transmitting apparatus from the at least one of the one or more first sensors and the one or more second sensors; perform a first check comparing the one or more external TTS measurements against at least one value defined by at least one TTS rule; pass the first check to obtain a first TTS state; and after passing the first check, adjust, by the second processor, the operating security state of the second data processing apparatus to implement the first TTS state by performing at least one of; loading a communication method configuration, enabling a keystore access, enabling an incoming communication, enabling an outgoing communication, enabling a communication request notification, establishing a communication with an endpoint, causing hardware actions on the second data processing apparatus, causing first application specific behavior actions, enabling a first feature of the second data processing apparatus, and enabling a second feature of an application on the second data processing apparatus; wherein the transmitting apparatus is configured to determine at least two TTS measurements from the one or more signals, wherein each TTS measurements is determined independently of any other TTS measurement; wherein the transmitting apparatus is further configured to determine a third TTS measurements by combining the at least two TTS measurements; wherein the transmitting apparatus is further configured to determine one of the at least two TTS measurements using data from at least one TTS rule, wherein the data comprises one or more of a historical TTS measurement and a historical value for one of the one or more signals used in determining one of the at least two TTS measurements; and wherein machine learning techniques are used to determine if the transmitting apparatus is currently operating in one of a typical way and an atypical way. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A computer-readable medium storing computer instructions that, when executed by a processor, cause a first data processing apparatus to perform steps comprising:
-
receiving one or more signals from one or more sensors; determining varying levels of trust, security, and access by applying at least one of a scaling function, identity function, assignment function, step function, artificial neural network, and machine learning techniques to the one or more signals from the one or more sensors to determine a TTS measurement; determining, by the first data processing apparatus, at least two trust levels from the one or more signals, wherein each trust level is determined independently of any other trust level; determining, by the first data processing apparatus, a third trust level by combining the at least two trust levels; changing a first operating security state of the first data processing apparatus to a second operating security state by at least one of control, direction, manipulation, limitation, activation, and deactivation of at least one of a plurality of operating security states of the first data processing apparatus; and transmitting the TTS measurement to a second data processing apparatus; wherein the changing from the first operating security state to the second operating security state occurs using first tailored trustworthy space rules (“
TTS rules”
) and the TTS measurement;wherein determining, by the first data processing apparatus, one of the at least two trust levels further comprises;
using data from at least one TTS rule, wherein the data comprises one or more of a historical trust level and a historical value for one of the one or more signals used in determining one of the at least two trust levels;wherein machine learning techniques are used to determine if the first data processing apparatus is currently operating in one of a typical way and an atypical way; and wherein the second data processing apparatus is configured to change its operating security state using both the TTS measurement received from the first data processing apparatus and a second TTS rules tailored for the second data processing apparatus, wherein the second data processing apparatus changing its operating security states comprises at least one; termination of communication with the first data processing apparatus, screen lock of the second data processing apparatus, shutdown of the second data processing apparatus, device wipe of the second data processing apparatus, vibration of the second data processing apparatus, graphical screen notification on the second data processing apparatus, flashing of a visual indicator light of the second data processing apparatus, and noise notification on the second data processing apparatus. - View Dependent Claims (18)
-
Specification