ADAPTIVE SECURITY INDICATOR FOR WIRELESS DEVICES

US 20160205128A1
Filed: 08/29/2013
Published: 07/14/2016
Est. Priority Date: 08/29/2013
Status: Active Grant

First Claim

Patent Images

1-21. -21. (canceled)

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatus, including computer program products, are provided for adaptive security. In one aspect there is provided a method. The method may include receiving, at a user equipment, at least one policy update representative of a rule defining at least one of a security level and an operation allowed to be performed at the security level; monitoring a configuration of the user equipment to determine whether the configuration of the user equipment violates the at least one policy update; and adapting, based on the monitoring, at least one of a security indicator at the user equipment and the operation at the user equipment. Related apparatus, systems, methods, and articles are also described.

46 Citations

View as Search Results

38 Claims

1-21. -21. (canceled)

22. A method comprising:
- receiving, at a user equipment, at least one policy update representative of a rule defining at least one of a security level and an operation allowed to be performed at the security level, wherein the at least one policy update indicates a vulnerability of an encryption algorithm;
  
  monitoring a configuration of the user equipment to determine whether the configuration of the user equipment violates the at least one policy update; and
  
  adapting, based on the monitoring, at least one of a security indicator at the user equipment and the operation at the user equipment.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29)
- - 23. The method of claim 22, wherein the at least one policy update is updated at least one of periodically, when requested by the user equipment, and in response to an event prompting a change in policy, wherein the policy update is received from a server configured to provide a plurality of security policies including the at least one policy update.
  - 24. The method of claim 23, wherein the event comprises a security event indicating a vulnerability to the user equipment.
  - 25. A method of claim 22, wherein the operation further comprises at least one of an application at the user equipment, a type of connection between the user equipment and a network, and a function at the user equipment.
  - 26. A method of claim 22, wherein the adapting further comprises:
    - generating, based on a result of the monitoring, the security indicator as a graphical indicator representing a plurality of security levels including the at least one security level.
  - 27. A method of claim 22, wherein the adapting further comprises:
    - inhibiting, based on a result of the monitoring including the at least one policy update, the operation at the user equipment.
  - 28. The method of claim 27, wherein the result of the monitoring indicates whether the configuration violates the at least one of the policy update, the at least one security level, or a combination thereof.
  - 29. The method of claim 22, wherein the vulnerability of the encryption algorithm includes a vulnerability of a data encryption standard.

30. An apparatus comprising:
- at least one processor; and
  
  at least one memory including computer program code, the at least one processor, the at least one memory, and the computer program code configured to cause the apparatus to at least;
  
  receive at least one policy update representative of a rule defining at least one of a security level and an operation allowed to be performed at the security level, wherein the at least one policy update indicates a vulnerability of an encryption algorithm;
  
  monitor a configuration of the apparatus to determine whether the configuration of the apparatus violates the at least one policy update; and
  
  adapt, based on the monitoring, at least one of a security indicator at the apparatus and the operation at the apparatus.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37)
- - 31. The apparatus of claim 30, wherein the at least one policy update is updated at least one of periodically, when requested by the apparatus, and in response to an event prompting a change in policy, wherein the policy update is received from a server configured to provide a plurality of security policies including the at least one policy update.
  - 32. The apparatus of claim 31, wherein the event comprises a security event indicating a vulnerability to the apparatus.
  - 33. An apparatus of claim 30, wherein the operation further comprises at least one of an application at the apparatus, a type of connection between the apparatus and a network, and a function at the apparatus.
  - 34. An apparatus of claim 30, wherein the apparatus is further configured to at least generate, based on a result of the monitoring, the security indicator as a graphical indicator representing a plurality of security levels including the at least one security level.
  - 35. An apparatus of claim 30, wherein the apparatus is further configured to at least inhibit, based on a result of the monitoring including the at least one policy update, the operation at the user equipment.
  - 36. The apparatus of claim 35, wherein the result of the monitoring indicates whether the configuration violates the at least one of the policy update, the at least one security level, or a combination thereof.
  - 37. The apparatus of claim 30, wherein the vulnerability of the encryption algorithm includes a vulnerability of a data encryption standard.

38. A non-transitory computer-readable storage medium including computer code which when executed by at least one processor causes operations comprising:
- receiving at least one policy update representative of a rule defining at least one of a security level and an operation allowed to be performed at the security level, wherein the at least one policy update indicates a vulnerability of an encryption algorithm;
  
  monitoring a configuration to determine whether the configuration of the violates the at least one policy update; and
  
  adapting, based on the monitoring, at least one of a security indicator and the operation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Technologies Oy (Nokia Corporation)
Inventors
UUSILEHTO, Janne, HOLTMANNS, Silke

Granted Patent

US 10,200,865 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

H04M 1/72463   to restrict the functionali...

H04W 12/08   Access security

H04W 12/37   Managing security policies ...

H04W 12/67   Risk-dependent, e.g. select...

H04W 88/02   Terminal devices

ADAPTIVE SECURITY INDICATOR FOR WIRELESS DEVICES

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

46 Citations

38 Claims

Specification

Use Cases

Quick Links

Others

ADAPTIVE SECURITY INDICATOR FOR WIRELESS DEVICES

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

46 Citations

38 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others