System and method for enhanced network client security

US 20060075472A1
Filed: 06/27/2005
Published: 04/06/2006
Est. Priority Date: 06/28/2004
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

receiving a security-related policy associated with a user;

determining a security model associated with the security-related policy; and

applying the security model to a network connection on a client device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems are methods for enhanced network client security are described. One aspect of one embodiment of the present invention includes receiving a security-related policy associated with a user, determining a security model associated with the security-related policy, and applying the security model to a network connection on a client device. One aspect of another embodiment of the present invention includes receiving a first measure associated with a usage characteristic, the usage characteristic associated with a user, receiving a second measure associated with the usage characteristic, comparing the first measure and second measure, and determining the likelihood that an unauthorized access has occurred based at least in part on the comparison.

182 Citations

View as Search Results

17 Claims

1. A method comprising:
- receiving a security-related policy associated with a user;
  
  determining a security model associated with the security-related policy; and
  
  applying the security model to a network connection on a client device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the security model comprises at least one rule.
  - 3. The method of claim 2, wherein the rule comprises a rule selected from the group consisting of a firewall rule, an antivirus rule, and a virtual private network rule.
  - 4. The method of claim 1, wherein the security policy is associated with a connection type.
  - 5. The method of claim 4, wherein the connection type comprises a connection type selected from the group consisting of Wifi, local area network, wide area network, wireless wide area network, personal handy network, dial-up, and satellite.
  - 6. The method of claim 1, wherein the security policy comprises a secure zone and a non-secure zone.
  - 7. The method of claim 1, wherein the user is associated with a user group.
  - 8. The method of claim 1, wherein receiving the security policy comprises receiving the security policy from a policy server.
  - 9. The method of claim 8, further comprising:
    - creating a security policy; and
      
      associating the security policy with the user.

10. A method comprising:
- receiving a first measure associated with a usage characteristic, the usage characteristic associated with a user;
  
  receiving a second measure associated with the usage characteristic;
  
  comparing the first measure and second measure; and
  
  determining the likelihood that an unauthorized access has occurred based at least in part on the comparison.
- View Dependent Claims (11, 12, 13)
- - 11. The method of claim 10, wherein the usage characteristic comprises at least one usage characteristic selected from the group consisting of a uniform resource locator visited, an application launched, an number of systems calls per specified duration, a keystroke sequence, a system call, a processor utilization measure, and a memory utilization measure.
  - 12. The method of claim 10, wherein the usage characteristic comprises at least one usage characteristic selected from the group consisting of a traffic level associated with a connection, a protocol used, and a port hit.
  - 13. The method of claim 10, wherein comparing the first measure and second measure comprises performing a statistical linear regression.

14. A computer-readable medium on which is encoded program code, the program code comprising:
- program code for receiving a security-related policy associated with a user;
  
  program code for determining a security model associated with the security-related policy; and
  
  program code for applying the security model to a network connection on a client device.

15. A computer-readable medium on which is encoded program code, the program code comprising:
- program code for receiving a first measure associated with a usage characteristic, the usage characteristic associated with a user;
  
  program code for receiving a second measure associated with the usage characteristic;
  
  program code for comparing the first measure and second measure; and
  
  program code for determining the likelihood that an unauthorized access has occurred based at least in part on the comparison.

16. A system comprising:
- a policy reader operable to determine a policy associated with a user; and
  
  a client security module operable to;
  
  receive a security-related policy associated with a user;
  
  determine a security model associated with the security-related policy; and
  
  apply the security model to a network connection on a client device.

17. A system comprising:
- a policy reader operable to determine a policy associated with a user; and
  
  a unauthorized access detector operable to;
  
  receive a first measure associated with a usage characteristic, the usage characteristic associated with a user;
  
  receive a second measure associated with the usage characteristic;
  
  compare the first measure and second measure; and
  
  determine the likelihood that an unauthorized access has occurred based at least in part on the comparison.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Japan Communications Inc.
Original Assignee
Japan Communications Inc.
Inventors
Laves, Edward W., Johnston, Robert L., Gurgone, Raymond T., Fukuda, Naohisa, Tidwell, Justin Owen, Robins, David S., Zeitz, Karlton Mark, Worthington, Laura J., Sanda, Frank Seiji

Application Number

US11/167,744
Publication Number

US 20060075472A1
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06F 21/6227   where protection concerns t...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 41/0213   Standardised network manage...

H04L 41/0681   Configuration of triggering...

H04L 41/5009   Determining service level p...

H04L 41/5016   based on statistics of serv...

H04L 41/5067   Customer-centric QoS measur...

H04L 41/509   wherein the managed service...

H04L 43/045   for graphical visualisation...

H04L 43/0817   by checking functioning

H04L 47/11   Identifying congestion

H04L 47/22   Traffic shaping

H04L 47/24   Traffic characterised by sp...

H04L 63/0227   Filtering policies mail mes...

H04L 63/0263   Rule management

H04L 63/0272   Virtual private networks

H04L 63/08   for authentication of entit...

H04L 63/0823 : using certificates cryptogr...

H04L 63/0869 : for achieving mutual authen...

H04L 63/102 : Entity profiles

H04L 63/1408 : by monitoring network traff...

H04L 63/145 : the attack involving the pr...

H04L 63/162 : at the data link layer

H04L 63/166 : at the transport layer

H04L 63/20 : for managing network securi...

H04L 67/02 : based on web technology, e....

H04L 67/04 : specially adapted for termi...

H04L 67/14 : Session management for real...

H04L 67/30 : Profiles

H04L 67/61 : taking into account QoS or ...

H04L 69/329 : in the application layer [O...

H04L 9/321 : involving a third party or ...

H04L 9/3273 : for mutual authentication n...

H04W 12/088 : using filters or firewalls

H04W 48/18 : Selecting a network or a co...

View All

System and method for enhanced network client security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

182 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for enhanced network client security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

182 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links