Graduated Enforcement of Restrictions According to an Application's Reputation
First Claim
1. A method for enforcing application restrictions according to an application'"'"'s reputation, the method comprising:
- observing a request for a resource from an application on a client;
determining a measure of a reputation associated with the application;
selecting an access policy from a set of three or more possible access policies, the selecting based at least in part on the measure of the reputation associated with the application; and
enforcing the selected access policy to the request for the resource from the application.
2 Assignments
0 Petitions
Accused Products
Abstract
Security software on a client observes a request for a resource from an application on the client and then determines the application'"'"'s reputation. The application'"'"'s reputation may be measured by a reputation score obtained from a remote reputation server. The security software determines an access policy from a graduated set of possible access policies for the application based on the application'"'"'s reputation. The security software applies the access policy to the application'"'"'s request for the resource. In this way, the reputation-based system uses a graduated trust scale and a policy enforcement mechanism that restricts or grants application functionality for resource interactivity along a graduated scale.
-
Citations
20 Claims
-
1. A method for enforcing application restrictions according to an application'"'"'s reputation, the method comprising:
-
observing a request for a resource from an application on a client; determining a measure of a reputation associated with the application; selecting an access policy from a set of three or more possible access policies, the selecting based at least in part on the measure of the reputation associated with the application; and enforcing the selected access policy to the request for the resource from the application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program product for enforcing application restrictions according to an application'"'"'s reputation, the computer program product comprising a computer-readable storage medium containing computer program code that comprises:
-
a reputation module configured to determine a measure of a reputation associated with an application on a client; a policy module coupled to the reputation module to obtain therefrom a measure of a reputation for an application, the policy module configured to select an access policy from a set of three or more access policies based at least in part on the measure of the reputation associated with the application; and a security module coupled to the policy module to obtain therefrom a policy selected for an application, the security module configured to enforce the selected access policy to a request for a resource on a client from the application. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer program product for enforcing application restrictions according to an entity'"'"'s reputation, the computer program product comprising a computer-readable storage medium containing computer program code for:
-
observing an attempt to use a resource on a client by an entity; obtaining a reputation score for the entity; and determining a level of access to the resource for the entity based at least in part on the entity'"'"'s reputation score, wherein the level of access is between allowing full access to disallowing access to the resource; and allowing a limited use of the resource by the entity according to the determined level of access. - View Dependent Claims (18, 19, 20)
-
Specification