TECHNOLOGIES FOR MULTI-FACTOR SECURITY ANALYSIS AND RUNTIME CONTROL

US 20160088019A1
Filed: 09/23/2014
Published: 03/24/2016
Est. Priority Date: 09/23/2014
Status: Active Grant

First Claim

Patent Images

1. A computing device for client-level web application runtime control and multi-factor security analysis, the computing device comprising:

at least one sensor;

a browser to receive application code associated with a browser-based application from a web server; and

a web security module to (i) collect real-time data generated by the at least one sensor, (ii) perform a multi-factor security assessment of the browser-based application as a function of the collected real-time data and the application code, (iii) determine whether the application code is modifiable to eliminate execution of impermissible code in response to an indication of the multi-factor security assessment that the application code includes the impermissible code, (iv) modify the application code in response to a determination that the application code is modifiable to eliminate the execution of the impermissible code, (v) establish a client-level web application runtime security policy associated with the browser-based application in response to the multi-factor security assessment, and (vi) enforce the client-level web application runtime security policy on the computing device,wherein the client-level web application runtime security policy identifies at least one of hardware, firmware, or software access rules to be enforced on the computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Technologies for client-level web application runtime control and multi-factor security analysis by a computing device include receiving application code associated with a browser-based application from a web server. The computing device collects real-time data generated by at least one sensor of the computing device and performs a multi-factor security assessment of the browser-based application as a function of the collected real-time data and the application code. Further, the computing device establishes a client-level web application runtime security policy associated with the browser-based application in response to performing the multi-factor security assessment and enforces the client-level web application runtime security policy.

31 Citations

25 Claims

1. A computing device for client-level web application runtime control and multi-factor security analysis, the computing device comprising:
- at least one sensor;
  
  a browser to receive application code associated with a browser-based application from a web server; and
  
  a web security module to (i) collect real-time data generated by the at least one sensor, (ii) perform a multi-factor security assessment of the browser-based application as a function of the collected real-time data and the application code, (iii) determine whether the application code is modifiable to eliminate execution of impermissible code in response to an indication of the multi-factor security assessment that the application code includes the impermissible code, (iv) modify the application code in response to a determination that the application code is modifiable to eliminate the execution of the impermissible code, (v) establish a client-level web application runtime security policy associated with the browser-based application in response to the multi-factor security assessment, and (vi) enforce the client-level web application runtime security policy on the computing device,wherein the client-level web application runtime security policy identifies at least one of hardware, firmware, or software access rules to be enforced on the computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13, 14, 15)
- - 2. The computing device of claim 1, wherein to collect the real-time data comprises to determine an impact of execution of the application code on the operation of computing device.
  - 3. The computing device of claim 2, wherein to determine the impact of the execution of the application code comprises to determine an impact of execution of the application code on a parameter of the operation of the computing device unrelated to a maliciousness aspect of the application code.
  - 4. The computing device of claim 2, wherein to determine the impact of the execution of the application code comprises to determine an impact of execution of the application code on concurrent execution of another application of the computing device different from the browser-based application.
  - 5. The computing device of claim 2, wherein to determine the impact of the execution of the application code comprises to determine an impact of execution of the application code on at least one of power consumption or latency of the computing device.
  - 6. The computing device of claim 1, wherein to collect the real-time data comprises to determine a real-time security threat level of a network of the computing device.
  - 7. The computing device of claim 1, wherein the at least one sensor comprises at least one of a hardware sensor or a software context source;
    - andwherein to collect the real-time data comprises to determine a context of the computing device based on data received from at least one of the hardware sensor or the software context source.
  - 8. The computing device of claim 1, wherein to collect the real-time data comprises to:
    - transmit the application code to a cloud server for remote simulation of the application code; and
      
      receive security results from the cloud server in response to transmittal of the application code to the cloud server.
  - 9. The computing device of claim 1, further comprising a secure execution environment, wherein to collect the real-time data comprises to:
    - simulate execution of the application code in the secure execution environment; and
      
      receive security results from the simulated execution of the application code.
  - 11. The computing device of claim 1, further comprising:
    - a browser security interface to generate machine-executable code for the application code and an access control map for the application code,wherein to perform the multi-factor security assessment comprises to perform the multi-factor security assessment of the browser-based application as a function of the collected real-time data, the application code, and the access control map.
  - 12. The computing device of claim 11, wherein the access control map is generated as a function of at least one of (i) design time rules for the browser-based application that identify at least one of hardware, firmware, or software of the computing device that the browser-based application is configured to access and (ii) user configurations for the browser-based application that identify at least one of hardware, firmware, or software of the computing device that the browser-based application is configured to access.
  - 13. The computing device of claim 1, wherein to establish the client-level web application runtime security policy comprises to establish hardware access rules that identify which hardware of the computing device the browser-based application is authorized to access;
    - andwherein to enforce the established client-level web application runtime security policy comprises to restrict access to hardware of the computing device as a function of the hardware access rules.
  - 14. The computing device of claim 1, wherein to establish the client-level web application runtime security policy comprises to establish firmware access rules that identify which firmware of the computing device the browser-based application is authorized to access;
    - andwherein to enforce the established client-level web application runtime security policy comprises to restrict access to firmware of the computing device as a function of the firmware access rules.
  - 15. The computing device of claim 1, wherein to establish the client-level web application runtime security policy comprises to establish software access rules that identify which software of the computing device the browser-based application is authorized to access.

10. (canceled)

16. One or more non-transitory machine-readable storage media comprising a plurality of instructions stored thereon that, in response to execution by a computing device, cause the computing device to:
- receive application code associated with a browser-based application from a web server;
  
  generate real-time data with at least one sensor of the computing device;
  
  collect the real-time data generated by the at least one sensor of the computing device;
  
  perform a multi-factor security assessment of the browser-based application as a function of the collected real-time data and the application code;
  
  determine whether the application code is modifiable to eliminate execution of impermissible code in response to an indication by the multi-factor security assessment that the application code includes the impermissible code;
  
  modify the application code in response to a determination that the application code is modifiable to eliminate the execution of the impermissible code;
  
  establish a client-level web application runtime security policy associated with the browser-based application in response to performing the multi-factor security assessment, wherein the client-level web application runtime security policy identifying at least one of hardware, firmware, or software access rules; and
  
  enforce the client-level web application runtime security policy.
- View Dependent Claims (17, 18, 19, 20, 22, 23)
- - 17. The one or more non-transitory machine-readable storage media of claim 16, wherein to collect the real-time data comprises to determine an impact of execution of the application code on the operation of the computing device.
  - 18. The one or more non-transitory machine-readable storage media of claim 16, wherein to collect the real-time data comprises to determine a real-time security threat level of a network of the computing device.
  - 19. The one or more non-transitory machine-readable storage media of claim 16, wherein to collect the real-time data comprises to determine a context of the computing device based on data generated by at least one of a hardware sensor of the computing device or a software context source of the computing device.
  - 20. The one or more non-transitory machine-readable storage media of claim 16, wherein to collect the real-time data comprises to receive security results from a simulated execution of the application code.
  - 22. The one or more non-transitory machine-readable storage media of claim 16, wherein the plurality of instructions further cause the computing device to:
    - generate machine-executable code for the application code; and
      
      generate an access control map for the application code;
      
      wherein to perform the multi-factor security assessment comprises to perform the multi-factor security assessment of the browser-based application as a function of the collected real-time data, the application code, and the access control map.
  - 23. The one or more non-transitory machine-readable storage media of claim 16, wherein to generate the access control map comprises to identify at least one of (i) design time rules for the browser-based application that identify at least one of hardware, firmware, or software of the computing device that the browser-based application is configured to access and (ii) user configurations for the browser-based application that identify at least one of hardware, firmware, or software of the computing device that the browser-based application is configured to access.

21. (canceled)

24. A method for client-level web application runtime control and multi-factor security analysis by a computing device, the method comprising:
- receiving, by the computing device, application code associated with a browser-based application from a web server;
  
  generating real-time sensor data with at least one sensor of the computing device;
  
  collecting, by the computing device, the real-time data generated by the at least one sensor of the computing device;
  
  performing, by the computing device, a multi-factor security assessment of the browser-based application as a function of the collected real-time data and the application code;
  
  determining, by the computing device, whether the application code is modifiable to eliminate execution of impermissible code in response to an indication by the multi-factor security assessment that the application code includes the impermissible code;
  
  modifying, by the computing device, the application code in response to a determination that the application code is modifiable to eliminate the execution of the impermissible code;
  
  establishing, by the computing device, a client-level web application runtime security policy associated with the browser-based application in response to performing the multi-factor security assessment, the client-level web application runtime security policy identifying at least one of hardware, firmware, or software access rules; and
  
  enforcing, by the computing device, the client-level web application runtime security policy.
- View Dependent Claims (25)
- - 25. The method of claim 24, wherein collecting the real-time data comprises:
    - determining an impact of execution of the application code on the operation of the computing device;
      
      determining a real-time security threat level of a network of the computing device;
      
      determining a context of the computing device based on data generated by at least one of a hardware sensor of the computing device or a software context source of the computing device; and
      
      receiving security results from a simulated execution of the application code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Li, Hong, Dewan, Prashant

Granted Patent

US 9,356,969 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/50   Monitoring users, programs ...

G06F 21/53   by executing in a restricte...

G06F 21/54   by adding security routines...

H04L 12/4625   Single bridge functionality...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1433   Vulnerability analysis

H04L 63/145   the attack involving the pr...

H04L 63/20   for managing network securi...

H04L 65/1045   Proxies, e.g. for session i...

H04L 67/02   based on web technology, e....

H04L 67/1097   for distributed storage of ...

TECHNOLOGIES FOR MULTI-FACTOR SECURITY ANALYSIS AND RUNTIME CONTROL

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

31 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

TECHNOLOGIES FOR MULTI-FACTOR SECURITY ANALYSIS AND RUNTIME CONTROL

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links