Social-graph aware policy suggestion engine

US 10,536,486 B2
Filed: 12/13/2017
Issued: 01/14/2020
Est. Priority Date: 06/28/2014
Status: Active Grant

First Claim

Patent Images

1. A machine-readable storage device or storage disk comprising instructions that, when executed, cause a security appliance to at least:

identify a first user within a first social network corresponding to a first social media environment;

collect first user properties corresponding to the first user, the first user properties based on a first user profile for the first user associated with the first social media environment;

collect device information about at least one of devices or networks to be protected by the security appliance;

request a set of recommended security policies from a security policy provider responsive to the first user properties and the device information, the set of recommended security policies based on modifications by a second user to previous security policy recommendations, the second user associated with second user properties, the second user properties based on a second user profile for the second user associated with at least one of the first social media environment or a different social media environment, the second user properties having similarities with the first user properties; and

in response to receiving the set of recommended security policies from the security policy provider, implement the set of recommended security policies.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, devices and methods are disclosed to assist in configuring devices and policies to protect a regional network (e.g., home network) and its users. Users on the network are monitored to determine appropriate configuration settings and preferences by utilizing a combination of internally configured information and externally gathered information for each user. For example, externally gathered information may include information obtained about a user from one or more social media Internet sites. Automatically obtained information may be used to provide or augment policy information such that a user'"'"'s preference relative to internet content (e.g., content blocking software configuration) may be achieved without requiring an administrator to individually prepare each users security profile and configuration.

Citations

20 Claims

1. A machine-readable storage device or storage disk comprising instructions that, when executed, cause a security appliance to at least:
- identify a first user within a first social network corresponding to a first social media environment;
  
  collect first user properties corresponding to the first user, the first user properties based on a first user profile for the first user associated with the first social media environment;
  
  collect device information about at least one of devices or networks to be protected by the security appliance;
  
  request a set of recommended security policies from a security policy provider responsive to the first user properties and the device information, the set of recommended security policies based on modifications by a second user to previous security policy recommendations, the second user associated with second user properties, the second user properties based on a second user profile for the second user associated with at least one of the first social media environment or a different social media environment, the second user properties having similarities with the first user properties; and
  
  in response to receiving the set of recommended security policies from the security policy provider, implement the set of recommended security policies.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The machine-readable storage device or storage disk of claim 1, wherein the modifications are first modifications and the instructions further cause the security appliance to:
    - detect second modifications to the recommended security policies by the first user; and
      
      provide the second modifications to the security policy provider.
  - 3. The machine-readable storage device or storage disk of claim 1, wherein the instructions further cause the security appliance to:
    - identify the first user within a second social network;
      
      collect third user properties corresponding to the first user in the second social network;
      
      aggregate the first user properties corresponding to the first user in the first social network and the third user properties corresponding to the first user in the second social network; and
      
      request the set of recommended security policies from the security policy provider responsive to the aggregated first and third user properties.
  - 4. The machine-readable storage device or storage disk of claim 1, wherein the instructions further cause the security appliance to:
    - identify security software installed on a first device of the at least one of the devices or the networks to be protected by the security appliance; and
      
      request the set of recommended security policies from the security policy provider responsive to the first user properties and the identified security software.
  - 5. The machine-readable storage device or storage disk of claim 4, wherein the instructions further cause the security appliance to configure the security software responsive to the set of recommended security policies.
  - 6. The machine-readable storage device or storage disk of claim 1, wherein the modifications are first modifications and the instructions further cause the security appliance to:
    - detect second modifications to the recommended security policies by the first user; and
      
      modify a recommended set of security policies for a third user based on the second modifications.
  - 7. The machine-readable storage device or storage disk of claim 6, wherein the instructions further cause the security appliance to send the second modifications and the first user properties to the security policy provider.

8. A security appliance, comprising:
- a processor; and
  
  memory including instructions that, when executed, cause the processor to;
  
  identify a first user within a first social network corresponding to a first social media environment;
  
  collect first user properties corresponding to the first user in the first social network, the first user properties based on a first user profile for the first user associated with the first social media environment;
  
  collect device information about at least one of devices or networks to be protected by the security appliance;
  
  request a set of recommended security policies from a security policy provider responsive to the collected first user properties and the device information, the set of recommended security policies based on modifications by a second user to previous security policy recommendations, the second user associated with second user properties, the second user properties based on a second user profile for the second user associated with at least one of the first social media environment or a different social media environment, the second user properties having commonalities with the first user properties; and
  
  implement the set of recommended security policies from the security policy provider.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The security appliance of claim 8, wherein the modifications are first modifications and the processor is to:
    - detect second modifications to the recommended security policies by the first user; and
      
      provide the second modifications to the security policy provider.
  - 10. The security appliance of claim 8, wherein the device information includes information about security software installed on a first device of the devices to be protected by the security appliance.
  - 11. The security appliance of claim 10, wherein the processor is to send configuration instructions to the security software responsive to the set of recommended security policies.
  - 12. The security appliance of claim 10, wherein the processor is to:
    - identify the first user within a second social network;
      
      collect third user properties corresponding to the first user in both the first and second social networks;
      
      aggregate the first and third user properties; and
      
      request the set of recommended security policies from the security policy provider based on the aggregated first and third user properties.
  - 13. The security appliance of claim 8, wherein the modifications are first modifications, and the processor is to:
    - detect second modifications to the recommended security policies by the first user; and
      
      modify the set of recommended security policies for a third user based on the second modifications.
  - 14. The security appliance of claim 13, wherein the processor is to send the modified set of recommended security policies and the first user properties to the security policy provider.

15. A method of configuring a security gateway appliance, the method comprising:
- identifying a first user within a first social network corresponding to a first social media environment;
  
  collecting first user properties corresponding to the first user in the first social network, the first user properties based on a first user profile for the first user associated with the first social media environment;
  
  collecting hardware information about at least one of devices or networks to be protected by the security gateway appliance;
  
  requesting a set of recommended security policies from a security policy provider responsive to the collected first user properties and hardware information, the set of recommended security policies based on modifications by a second user to previous security policy recommendations, the second user associated with second user properties, the second user properties based on a second user profile for the second user associated with at least one of the first social media environment or a different social media environment, the second user properties associated with the first user properties; and
  
  implementing the set of recommended security policies from the security policy provider on the security gateway appliance.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, wherein the modifications are first modifications, the method further including:
    - detecting second modifications to the recommended security policies by the first user; and
      
      providing the second modifications to the security policy provider.
  - 17. The method of claim 15, wherein the hardware information includes information about security software installed on a first device of the devices to be protected by the security gateway appliance.
  - 18. The method of claim 17, further including sending configuration instructions to the security software responsive to the set of recommended security policies.
  - 19. The method of claim 15, further including:
    - identifying the first user within a second social network;
      
      collecting third user properties corresponding to the first user in the second social network;
      
      aggregating the first and third user properties; and
      
      requesting the set of recommended security policies from the security policy provider based on the aggregated first and third user properties.
  - 20. The method of claim 15, wherein the modifications are first modifications, the method further including:
    - detecting second modifications to the recommended security policies by the first user;
      
      modifying the recommended set of security policies based on the second modifications; and
      
      sending the modified recommended set of security policies and the first user properties to the security policy provider.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, LLC
Inventors
Nair, Jayakrishnan K., Venkateswaran, Prasanna, Hunt, Simon
Primary Examiner(s)
Leung, Robert B

Application Number

US15/840,233
Publication Number

US 20180103069A1
Time in Patent Office

762 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/20 for managing network securi...

H04L 63/205 involving negotiation or de...

Social-graph aware policy suggestion engine

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Social-graph aware policy suggestion engine

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links