RESCUING TRUSTED NODES FROM FILTERING OF UNTRUSTED NETWORK ENTITIES

US 20110191832A1
Filed: 01/29/2010
Published: 08/04/2011
Est. Priority Date: 01/29/2010
Status: Active Grant

First Claim

Patent Images

1. A method of filtering activities of a node interacting over a network with a device having a processor, the method comprising:

executing on the processor instructions configured to;

evaluate at least one activity of the node interacting with the device to assign a node trust rating to the node;

compare the node trust rating with a network entity trust rating of a network entity controlling the node;

upon identifying a node trust rating of the node higher than the network entity trust rating of the network entity, filter activities of the node based on the node trust rating; and

upon not identifying a node trust rating of the node higher than the network entity trust rating of the network entity, filter activities of the node based on the network entity trust rating.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Network entities controlling a set of nodes may vary by trustworthiness, such as tolerance for nodes that send spam, distribute malware, or perform denial-of-service attacks. A device receiving such activities may identify a trust rating of the network entity and apply appropriately stringent filtering (such as spam evaluation) to activities received from nodes controlled by the network entity. However, a poor trust rating of a network entity may subject a legitimate node controlled by the network entity to inefficiently or unfairly stringent activity filtering. Instead, the device may evaluate the activities of a particular node, assign a trust rating to the node, and if the trust rating of the node is higher than the trust rating of the network entity, apply less stringent activity filtering to the activities of the node, thereby “rescuing” the node from the more stringent activity filtering applied to the other nodes of the network entity.

Citations

20 Claims

1. A method of filtering activities of a node interacting over a network with a device having a processor, the method comprising:
- executing on the processor instructions configured to;
  
  evaluate at least one activity of the node interacting with the device to assign a node trust rating to the node;
  
  compare the node trust rating with a network entity trust rating of a network entity controlling the node;
  
  upon identifying a node trust rating of the node higher than the network entity trust rating of the network entity, filter activities of the node based on the node trust rating; and
  
  upon not identifying a node trust rating of the node higher than the network entity trust rating of the network entity, filter activities of the node based on the network entity trust rating.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1, at least one activity of the node interacting with the device selected from an activity set comprising:
    - sending at least one email message to the device;
      
      sending at least one text message to the device;
      
      sending at least one social network message to the device;
      
      sending at least one weblog post to the device; and
      
      utilizing at least one service of the device.
  - 3. The method of claim 1, evaluating the at least one activity of the node comprising:
    - evaluating at least one activity property of at least one activity of the node, the at least one activity property selected from an activity properties set comprising;
      
      a message metric of messages sent by the node;
      
      a recipient metric of recipients of at least one message sent by the node;
      
      a returned message metric of returned messages sent to the node in response to at least one message sent by the node;
      
      a connection metric of connections established by the node; and
      
      a bandwidth metric of bandwidth utilized by the network.
  - 4. The method of claim 3:
    - the network entity controlling at least one trusted node that is assigned a higher node trust rating than the network entity trust rating; and
      
      evaluating the at least one activity of the node comprising;
      
      identifying at least one activity of the node that corresponds to at least one activity of the untrusted node associated with the node trust rating of the trusted node.
  - 5. The method of claim 3:
    - the network entity controlling at least one untrusted node that is not assigned a higher node trust rating than the network entity trust rating; and
      
      evaluating the at least one activity of the node comprising;
      
      identifying at least one activity of the node that differs from at least one activity of the untrusted node associated with the node trust rating of the untrusted node.
  - 6. The method of claim 1, assigning the node trust rating of the node comprising:
    - assigning the node trust rating of the node based on at least one network property exhibited by the node, the at least one network property selected from a network property set comprising;
      
      a name registry comprising a node name of the node;
      
      at least one network port status of at least one network port of the node;
      
      a geographic location of the node; and
      
      at least one property of at least one network route associated with at least one network address of the node.
  - 7. The method of claim 1, assigning the node trust rating of the node comprising:
    - assigning the node trust rating of the node based on at least one user property of at least one user of the node, the at least one user property selected from a user property set comprising;
      
      a geographic location of the user;
      
      a user type of the user;
      
      a reputation of the user; and
      
      a financial status indicator of the user.
  - 8. The method of claim 7, assigning the node trust rating of the node based on the at least one user property of a user of the node comprising:
    - upon receiving from the user at least one user credential;
      
      authenticating the user using the at least one user credential; and
      
      upon authenticating the user, assigning the node trust rating of the node based on the at least one user property of the user.
  - 9. The method of claim 1, assigning the node trust rating of the node comprising:
    - querying a user to evaluate at least one activity of the node, andupon receiving from the user a node trust rating of the node, assigning the node trust rating to the node.
  - 10. The method of claim 1, assigning the node trust rating of the node comprising:
    - selecting a node activity classification of the activity of the node using a node activity classifier configured to evaluate activities of nodes, andassigning the node trust rating of the node based on the node activity classification.
  - 11. The method of claim 1, evaluating the at least one activity of the node interacting with the device comprising:
    - upon receiving a request from a user of the node to evaluate at least one activity of the node, evaluating the at least one activity of the node interacting with the device to assign a node trust rating to the node.
  - 12. The method of claim 1:
    - the network entity identified in a routing table as controlling a network address block, andthe node having a network address within the network address block.
  - 13. The method of claim 1:
    - at least one network entity registered with a name registry associating a node name with respective nodes of the network, anddetermining the network entity comprising;
      
      identifying a node name of the node, andassociating the node name of the node with a network entity according to the name registry.
  - 14. The method of claim 1, comprising:
    - notifying at least one trusted device of at least one node trust rating assigned to the node.
  - 15. The method of claim 1, assigning the node trust rating of the node comprising:
    - receiving at least one node trust rating of the node from at least one trusted device, andassigning the node trust rating of the node based on the at least one activity of the node interacting with the device and the node trust rating received from the at least one trusted device.
  - 16. The method of claim 1, comprising:
    - upon identifying a network entity trust rating assigned to a network entity based on at least one node trust rating of a node controlled by the network entity;
      
      identifying at least one user of at least one node controlled by the network entity; and
      
      notifying the at least one user of the network entity trust rating assigned to the network entity.
  - 17. The method of claim 1, comprising:
    - after assigning a node trust rating to a node;
      
      evaluating at least one subsequent activity of the node to determine an updated node trust rating of the node; and
      
      upon determining an updated node trust rating of the node based on the at least one subsequent activity of the node, assigning to the node the updated node trust rating.
  - 18. The method of claim 17, evaluating the at least one subsequent activity of the node comprising:
    - for an evaluation period, reducing filtering of the activities of the node; and
      
      evaluating the at least one activity of the node received during the evaluation period to assign an updated node trust rating of the node.

19. A system of filtering activities of a node interacting with a device over a network, the system comprising:
- a node activity trust rating component configured to evaluate at least one activity of the node interacting with the device to assign a node trust rating to the node;
  
  a trust rating comparing component configured to compare the node trust rating of the node with a network entity trust rating of a network entity controlling the node; and
  
  a node activity filtering component configured to filter activities of the node by;
  
  upon the trust rating comparing component identifying a higher node trust rating of the node than the network entity trust rating of the network entity, filtering activities of the node based on the node trust rating; and
  
  upon the trust rating comparing component failing to identify a higher node trust rating of the node than the network entity trust rating of the network entity, filtering activities of the node based on the network entity trust rating.

20. A computer-readable storage medium comprising instructions that, when executed by a device, filter activities of a node interacting over a network with the device by:
- evaluating at least one activity of the node interacting with the device to assign a node trust rating to the node by;
  
  selecting a node activity classification of the activity of the node using a node activity classifier configured to evaluate activities of nodes, andassigning the node trust rating of the node based on the node activity classification,the node trust rating based on at least one network property exhibited by the node the at least one network property selected from a network property set comprising;
  
  a name registry comprising a node name of the node;
  
  at least one network port status of at least one network port of the node;
  
  a geographic location of the node;
  
  the node trust rating based on at least one user property of at least one user of the node, the at least one user property selected from a user property set comprising;
  
  a geographic location of the user;
  
  a user type of the user;
  
  a reputation of the user; and
  
  a financial status indicator of the user; and
  
  the node trust rating based on at least one property of at least one network route associated with at least one network address of the node, the at least one activity selected from an activity set comprising;
  
  sending at least one email message to the device;
  
  sending at least one text message to the device;
  
  sending at least one social network message to the device;
  
  sending at least one weblog post to the device; and
  
  utilizing at least one service of the device;
  
  notifying at least one trusted device of at least one node trust rating of the nodeassigning a network entity trust rating to a network entity based on at least one node trust rating of a node controlled by the network entity;
  
  identifying at least one user of at least one node controlled by the network entity;
  
  notifying the at least one user of the network entity trust rating assigned to the network entity;
  
  comparing the node trust rating with a network entity trust rating of a network entity controlling the node;
  
  upon identifying a node trust rating of the node higher than the network entity trust rating of the network entity, filtering activities of the node based on the node trust rating;
  
  upon not identifying a node trust rating of the node higher than the network entity trust rating of the network entity, filtering activities of the node based on the network entity trust rating; and
  
  after assigning a node trust rating to a node;
  
  evaluating at least one subsequent activity of the node to assign an updated node trust rating of the node; and
  
  upon determining an updated node trust rating of the node based on the at least one subsequent activity of the node, assigning to the node the updated node trust rating.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Osipkov, Ivan, Drinic, Milenko, Bidgoli, Mehrdad, Vitaldevara, Krishna C., Davis, Malcolm H., Ramachandran, Aravind K., McCann, Robert L., Hulten, Geoffrey J., Walter, Jason D., Gillum, Eliot C.

Granted Patent

US 8,370,902 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06F 15/16   Combinations of two or more...

G06F 21/00   Security arrangements for p...

G06F 21/55   Detecting local intrusion o...

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 51/212   using filtering or selectiv...

H04L 51/222   using geographical location...

H04L 63/0227   Filtering policies mail mes...

H04L 63/105   Multiple levels of security

RESCUING TRUSTED NODES FROM FILTERING OF UNTRUSTED NETWORK ENTITIES

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

RESCUING TRUSTED NODES FROM FILTERING OF UNTRUSTED NETWORK ENTITIES

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links