Securing a Device Based on Atypical User Behavior

US 20100056105A1
Filed: 09/02/2008
Published: 03/04/2010
Est. Priority Date: 09/02/2008
Status: Active Grant

First Claim

Patent Images

1. A system for securing a device comprising:

a. a behavior module for authorizing events, updating rule data, and securing the device; and

b. an authentication module responsive to a first event being a secure event, for determining if the first event is authenticated;

c. responsive to the first event being authenticated, for directing the behavior module to authorize the first event and to update the rule data;

d. responsive to the first event not being authenticated, for determining if an authentication is valid;

e. responsive to the authentication being valid, for directing the behavior module to authorize the first event and update the rule data; and

f. responsive to the authentication not being valid, for directing the behavior module to secure the device.

View all claims

23 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for securing the mobile device applies the rules to determine if an event associated with an application is a secure event. If the event is a secure event, the system applies the rules to determine if the event is authenticated. If the event is authenticated, the event is authorized and the system updates rule data associated with the event and/or other associated events. Updating the rule data allows other associated events to be authenticated. If the event is not authenticated, the system requests authentication from a user. If the authentication is valid, the event is authorized and the system updates the rule data associated with the event and/or other associated events. If the authentication is not valid, the system secures the mobile device. Authorizing the event enables a user to access the application and/or data associated with the application.

41 Citations

View as Search Results

33 Claims

1. A system for securing a device comprising:
- a. a behavior module for authorizing events, updating rule data, and securing the device; and
  
  b. an authentication module responsive to a first event being a secure event, for determining if the first event is authenticated;
  
  c. responsive to the first event being authenticated, for directing the behavior module to authorize the first event and to update the rule data;
  
  d. responsive to the first event not being authenticated, for determining if an authentication is valid;
  
  e. responsive to the authentication being valid, for directing the behavior module to authorize the first event and update the rule data; and
  
  f. responsive to the authentication not being valid, for directing the behavior module to secure the device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The system of claim 1, wherein the authentication module is responsive to the first event not being a secure event, for directing the behavior module to authorize the first event and update the rule data.
  - 3. The system of claim 2, wherein the first event is a non-secure event, and wherein the behavior module is further adapted to update the rule data by converting the first event into a secure event.
  - 4. The system of claim 3, wherein the behavior module is adapted to convert the first event into the secure event responsive to the behavior module authorizing a plurality of non-secure events.
  - 5. The system of claim 1, wherein the first event is a secure event, and wherein the behavior module is further adapted for converting the first event into a non-secure event.
  - 6. The system of claim 1, wherein the authentication module is responsive to the authentication being valid, for directing the behavior module to determine if the first event is a static event, and wherein the behavior module is responsive to the first event not being a static event, for authorizing the first event and updating the rule data.
  - 7. The system of claim 1, wherein the authentication module is adapted to determine if the authentication is valid based on a prior authentication of the first event.
  - 8. The system of claim 1 wherein the authentication module is adapted to determine if the authentication is valid based on a prior authentication of an associated event.
  - 9. The system of claim 8, wherein the first event and/or the associated event are based on activities of a person.
  - 10. The system of claim 1, wherein the behavior module is adapted to update the rule data for the first event by updating rule data of an associated event.
  - 11. The system of claim 10, wherein the first event and/or the associated event are based activities of a person.
  - 12. The system of claim 1, wherein the authentication module is adapted to determine if the authentication is valid based on a period of time since the last authentication of the first event.
  - 13. The system of claim 1, wherein the first event is an item from the group comprising:
    - accessing a network, accessing an application, accessing a file, accessing a directory, accessing a memory device, accessing a docking station, removing a memory device, inserting a memory device, receiving an email, sending an email, receiving a file, sending a file, copying a file, accessing a device, entering a secure location, leaving a secure location, connecting to a network, disconnecting from a network, accessing a calendar, receiving a phone call, and placing a phone call.
  - 14. The system of claim 1, wherein the behavior module is adapted to secure the mobile device by at least one item selected from the group comprising:
    - locking the device, encrypting application data, and deleting application data.
  - 15. The system of claim 1, wherein the device is a mobile device.

16. A method for securing a device comprising:
- a. determining if a first event is a secure event;
  
  b. in response to determining that the first event is a secure event, determining if the first event is authenticated;
  
  c. in response to determining that the first event is authenticated, proceeding to step (f);
  
  d. in response to determining that the first event is not authenticated, determining if an authentication is valid;
  
  e. in response to determining that the authentication is valid, proceeding to step (f);
  
  f. authorizing the first event and updating rule data for the first event; and
  
  g. in response to determining that the authentication is not valid, securing the device.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 17. The method of claim 16, further comprising:
    - in response to determining that the first event is not a secure event, proceeding to step (f).
  - 18. The method of claim 17, wherein the first event is a non-secure event and wherein updating the rules for the first event further comprises converting the first event to a secure event.
  - 19. The method of claim 18, wherein converting the first event to the secure event is based on accessing a plurality of non-secure events.
  - 20. The method of claim 16, wherein the first event is a secure event and wherein updating the rule data further comprises converting the first event into a non-secure event.
  - 21. The method of claim 16, wherein the step of determining if the authentication is valid, further comprises determining if the first event is a static event, and in response to the first event not being a static event, proceeding to step (f).
  - 22. The method of claim 16, wherein determining if the authentication is valid is based on a prior authentication of the first event.
  - 23. A method of claim 16, wherein determining if the authentication is valid is based on a prior authentication of an associated event.
  - 24. The method of claim 23, wherein the first event and/or the associated event are based on activities of a person.
  - 25. The method of claim 16, wherein updating the rules for the first event further comprises updating rules of an associated event.
  - 26. The method of claim 25, wherein the first event and/or the associated event are based activities of a person.
  - 27. The method of claim 16, wherein determining if the authentication is valid is based on a period of time since the last authentication of the first event.
  - 28. The method of claim 16, wherein the first event is an item from the group comprising:
    - accessing a network, accessing an application, accessing a file, accessing a directory, accessing a memory device, accessing a docking station, removing a memory device, inserting a memory device, receiving an email, sending an email, receiving a file, sending a file, copying a file, accessing a device, entering a secure location, leaving a secure location, connecting to a network, disconnecting from a network, accessing a calendar, receiving a phone call, and placing a phone call.
  - 29. The method of claim 16, wherein securing the mobile device comprises at least one item selected from the group comprising:
    - locking the device, encrypting application data, and deleting application data.
  - 30. The method of claim 16, wherein the device is a mobile device.
  - 31. An apparatus for performing the method of one of claims 16-30.

32. An apparatus for securing a device comprising:
- a. means for updating rule data for a first event and authorizing the first event;
  
  b. means for determining if the first event is a secure event;
  
  c. means responsive to determining that the first event is a secure event, for determining if the first event is authenticated;
  
  d. means responsive to determining that the first event is authenticated, for activating the updating means;
  
  e. means responsive to determining that the first event is not authenticated, for determining if an authentication is valid;
  
  f. means responsive to determining that the authentication is valid, for activating the updating means; and
  
  g. means responsive to determining that the authentication is not valid, for securing the device.

33. A system for securing a device comprising:
- a. an authentication module responsive to a first event being a secure event, for determining if the first event is authenticated;
  
  b. responsive to the first event not being a secure event, for directing a behavior module to authorize the first event and to update the rule data;
  
  c. responsive to the first event being authenticated, for directing the behavior module to authorize the first event and to update the rule data;
  
  d. responsive to the first event not being authenticated, for determining if an authentication is valid;
  
  e. responsive to the authentication not being valid, for directing the behavior module to secure the device;
  
  f. responsive to the authentication being valid, for directing the behavior module to determine if the first event is a static event;
  
  g. responsive to the authentication not being valid, for directing the behavior module to secure the device ; and
  
  h. the behavior module, adapted to authorize an event, update rule data, and secure the device, the behavior module further for determining if an event is a static event, and responsive to the event not being a static event, for authorizing the event and updating the rule data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Arlington Technologies, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
Avaya Incorporated
Inventors
Skiba, David, Erhart, George, Matula, Valentine

Granted Patent

US 8,789,136 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/411
CPC Class Codes

G06F 21/629   to features or functions of...

H04W 12/068   using credential vaults, e....

H04W 12/12   Detection or prevention of ...

Securing a Device Based on Atypical User Behavior

First Claim

23 Assignments

0 Petitions

Accused Products

Abstract

41 Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Securing a Device Based on Atypical User Behavior

First Claim

23 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

41 Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links