SYSTEMS, METHODS, AND COMPUTER PROGRAM PRODUCTS FOR ADAPTING THE SECURITY MEASURES OF A COMMUNICATION NETWORK BASED ON FEEDBACK

US 20110016513A1
Filed: 07/17/2009
Published: 01/20/2011
Est. Priority Date: 07/17/2009
Status: Active Grant

First Claim

Patent Images

1. A method for adapting a security system based on security-related data associated with a communication network, the method comprising:

collecting, by a plurality of trust mediator agents, security-related data associated with a plurality of communication network modules, the plurality of trust mediator agents being associated with the plurality of network modules, respectively,wherein at least one of the plurality of communication network modules is a mobile communication device,wherein the security-related data is collected for one or more variables selected by a trust mediator, andwherein the security-related data is collected periodically at a time interval determined by the trust mediator;

transmitting, by the plurality of trust mediator agents, the security-related data to the trust mediator over the communication network;

determining, by the trust mediator, based on at least one of the security-related data transmitted by the trust mediator agents and a predetermined rule stored in a memory, modifications to one or more security safeguards; and

transmitting, by the trust mediator, instructions corresponding to the modifications to at least one of the plurality of trust mediator agents over the communication network.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An adaptable network security system includes trust mediator agents that are coupled to each network component. Trust mediator agents continuously detect changes in the security characteristics of the network and communicate the detected security characteristics to a trust mediator. Based on the security characteristics received from the trust mediator agents, the trust mediator adjusts security safeguards to maintain an acceptable level of security. Trust mediator also uses predetermined rules in determining whether to adjust security safeguards. Despite inevitable changes in security characteristics, an acceptable level of security and efficient network operation are achieved without subjecting users of the network to over burdensome security safeguards.

118 Citations

View as Search Results

18 Claims

1. A method for adapting a security system based on security-related data associated with a communication network, the method comprising:
- collecting, by a plurality of trust mediator agents, security-related data associated with a plurality of communication network modules, the plurality of trust mediator agents being associated with the plurality of network modules, respectively,wherein at least one of the plurality of communication network modules is a mobile communication device,wherein the security-related data is collected for one or more variables selected by a trust mediator, andwherein the security-related data is collected periodically at a time interval determined by the trust mediator;
  
  transmitting, by the plurality of trust mediator agents, the security-related data to the trust mediator over the communication network;
  
  determining, by the trust mediator, based on at least one of the security-related data transmitted by the trust mediator agents and a predetermined rule stored in a memory, modifications to one or more security safeguards; and
  
  transmitting, by the trust mediator, instructions corresponding to the modifications to at least one of the plurality of trust mediator agents over the communication network.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising the step of determining, by the trust mediator, that a safeguard time provided by the one or more security safeguards meets at least one of an attack time and a user expectation.
  - 3. The method of claim 1, wherein the security-related data includes at least one of threat data corresponding to at least one of the plurality of communication network modules, user expectation data, a list of currently running security safeguards, and a protection time provided by the currently running security safeguards.
  - 4. The method of claim 1, wherein the instructions corresponding to the modifications are based on a security safeguard modification request received from the mobile communication device over the communication network.
  - 5. The method of claim 1, wherein at least one of the collecting and transmitting security-related data is performed by the plurality of trust mediator agents based on at least one of a predetermined repetition rate and a detection of an event.
  - 6. The method of claim 5, wherein the event includes receiving, by at least one of the plurality of trust mediator agents, a request to complete a financial transaction from the mobile communication device.

7. An adaptive security system for a communication network, the system comprising:
- a plurality of communication network modules, including a mobile communication device, interconnected over the communication network;
  
  a plurality of trust mediator agents coupled to the plurality of communication network modules, respectively, the trust mediator agents being configured to collect security-related data for one or more variables at a time interval associated with the plurality of communication network modules; and
  
  a trust mediator configured to;
  
  select the one or more variables,determine the time interval,receive over the communication network, the security-related data from the plurality of trust mediator agents,determine, based on at least one of the security-related data transmitted by the trust mediator agents and a predetermined rule stored in a memory, modifications to one or more security safeguards, andtransmit instructions corresponding to the modifications to at least one of the plurality of trust mediator agents over the communication network.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein the trust mediator is further configured to determine that a safeguard time provided by the one or more security safeguards meets at least one of an attack time and a user expectation.
  - 9. The system of claim 7, wherein the security-related data includes at least one of threat data corresponding to at least one of the plurality of communication network modules, user expectation data, a list of currently running security safeguards, and a protection time provided by the currently running security safeguards.
  - 10. The system of claim 7, wherein the instructions corresponding to the modifications are based on a security safeguard modification request received from the mobile communication device over the communication network.
  - 11. The system of claim 7, wherein the plurality of trust mediator agents are configured to collect and transmit security-related data to the trust mediator based on at least one of a predetermined repetition rate and a detection of an event.
  - 12. The system of claim 11, wherein the event includes receiving, by at least one of the plurality of trust mediator agents, a request to complete a financial transaction from the mobile communication device.

13. A computer-readable medium having stored thereon sequences of instructions, the sequences of instructions including instructions which when executed by a computer system cause the computer system to perform:
- collecting, by a plurality of trust mediator agents, security-related data associated with a plurality of communication network modules, the plurality of trust mediator agents being associated with the plurality of network modules, respectively,wherein at least one of the plurality of communication network modules is a mobile communication device,wherein the security-related data is collected for one or more variables selected by a trust mediator, andwherein the security-related data is collected periodically at a time interval determined by the trust mediator;
  
  transmitting, by the plurality of trust mediator agents, the security-related data to the trust mediator over the communication network;
  
  determining, by the trust mediator, based on at least one of the security-related data transmitted by the trust mediator agents and a predetermined rule stored in a memory, modifications to one or more security safeguards; and
  
  transmitting, by the trust mediator, instructions corresponding to the modifications to at least one of the plurality of trust mediator agents over the communication network.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The computer-readable medium of claim 13, wherein the sequences of instructions further include instructions which when executed by the computer system cause the computer system to perform:
    - determining, by the trust mediator, that a safeguard time provided by the one or more security safeguards meets at least one of an attack time and a user expectation.
  - 15. The computer-readable medium of claim 13, wherein the security-related data includes at least one of threat data corresponding to at least one of the plurality of communication network modules, user expectation data, a list of currently running security safeguards, and a protection time provided by the currently running security safeguards.
  - 16. The computer-readable medium of claim 13, wherein the instructions corresponding to the modifications are based on a security safeguard modification request received from the mobile communication device over the communication network.
  - 17. The computer-readable medium of claim 13, wherein at least one of the collecting and transmitting security-related data is performed by the plurality of trust mediator agents based on at least one of a predetermined repetition rate and a detection of an event.
  - 18. The computer-readable medium of claim 17, wherein the event includes receiving, by at least one of the plurality of trust mediator agents, a request to complete a financial transaction from the mobile communication device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Original Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Inventors
Bailey, Samuel A. JR.

Granted Patent

US 8,752,142 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06F 21/552   involving long-term monitor...

G06F 21/57   Certifying or maintaining t...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/602   Providing cryptographic fac...

G06Q 20/206   comprising security or oper...

G06Q 20/3223   Realising banking transacti...

G06Q 20/382   insuring higher security of...

G06Q 20/40   Authorisation, e.g. identif...

H04L 63/06   for supporting key manageme...

H04L 63/105   Multiple levels of security

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

H04L 63/205   involving negotiation or de...

H04W 12/12   Detection or prevention of ...

SYSTEMS, METHODS, AND COMPUTER PROGRAM PRODUCTS FOR ADAPTING THE SECURITY MEASURES OF A COMMUNICATION NETWORK BASED ON FEEDBACK

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

118 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEMS, METHODS, AND COMPUTER PROGRAM PRODUCTS FOR ADAPTING THE SECURITY MEASURES OF A COMMUNICATION NETWORK BASED ON FEEDBACK

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

118 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links