Mechanism for evaluating security risks
First Claim
1. A computer-readable medium having computer-executable components, comprising:
- a trust manager configured to receive a notification that an application is being loaded and, in response, to cause the application to be evaluated for a plurality of security risks, the trust manager being further configured to aggregate scores associated with each security risk evaluation to determine a collective security assessment based on the aggregated scores; and
a user interface configured to present the collective security assessment determined by the trust manager.
2 Assignments
0 Petitions
Accused Products
Abstract
Described is a mechanism for collectively evaluating security risks associated with loading an application. A hosting environment associated with loading the application invokes a trust manager to evaluate the security risks. The trust manager invokes a plurality of trust evaluators, where each trust evaluator is responsible for analyzing and assessing a different security risk. Upon completion of each security risk evaluation, results of those individual security risk evaluations are returned to the trust manager. The trust manager aggregates the variety of security risk evaluation results and makes a security determination based on the aggregated evaluation results. That determination may be to move forward with loading the application, to block the load of the application, or perhaps to prompt the user for a decision about whether to move forward with the load.
111 Citations
17 Claims
-
1. A computer-readable medium having computer-executable components, comprising:
-
a trust manager configured to receive a notification that an application is being loaded and, in response, to cause the application to be evaluated for a plurality of security risks, the trust manager being further configured to aggregate scores associated with each security risk evaluation to determine a collective security assessment based on the aggregated scores; and
a user interface configured to present the collective security assessment determined by the trust manager. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer-readable medium encoded with a data structure, comprising:
a grant set associated with an application, the grant set including a first table and a second table, the first table including a list of components constituting the application, each component being associated with a permission set, the second table including a list of permission sets and a description for each permission set.
-
13. A computer-implemented method, comprising:
-
receiving a notification that an application is being loaded by a hosting environment;
receiving an application description object that includes information about the application;
causing the application to be evaluated to determine a plurality of security risks associated with the application;
aggregating results from the evaluation of the plurality of security risks; and
presenting the aggregated results as a collective security assessment of the application. - View Dependent Claims (14, 15, 16, 17)
-
Specification