System, method and computer program product for applying prioritized security policies with predetermined limitations

US 7,373,659 B1
Filed: 12/20/2001
Issued: 05/13/2008
Est. Priority Date: 12/20/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method executed utilizing a computer including a tangible computer readable medium for prioritized network security, comprising:

identifying a set of policies, each policy having a condition associated therewith;

determining whether the conditions are met;

determining whether a user confirms activation of the policies; and

activating the policies whose associated conditions are determined to be met if the user confirms the activation;

wherein the conditions are based on a priority of the policy;

wherein a first policy with a higher priority has a first condition associated therewith that is different from a second condition associated with a second policy with a lower priority such that the first policy and second policy are activated under different priority-related conditions;

wherein the activation of the policies includes;

adding the policies to a set of a plurality of active policies, and executing securing actions associated with the active policies if associated limits are met; and

identifying currently executed security actions, determining whether a conflict exists between the currently executed security actions, and resolving any conflicts between the currently executed security actions;

wherein the conditions are based on a time factor, the time factor including at least one of a timeframe, a predetermined time period, and a time limit;

wherein the conditions are based on a source of the policies;

wherein the conditions are based on a severity of security actions associated with the policies.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method and computer program product are provided for prioritized network security. Initially, a set of policies is identified, where each policy has a condition associated therewith. It is then determined whether the conditions are met. Next, the policies are activated whose associated conditions are determined to be met. Such conditions represent a priority of the policy.

Citations

21 Claims

1. A method executed utilizing a computer including a tangible computer readable medium for prioritized network security, comprising:
- identifying a set of policies, each policy having a condition associated therewith;
  
  determining whether the conditions are met;
  
  determining whether a user confirms activation of the policies; and
  
  activating the policies whose associated conditions are determined to be met if the user confirms the activation;
  
  wherein the conditions are based on a priority of the policy;
  
  wherein a first policy with a higher priority has a first condition associated therewith that is different from a second condition associated with a second policy with a lower priority such that the first policy and second policy are activated under different priority-related conditions;
  
  wherein the activation of the policies includes;
  
  adding the policies to a set of a plurality of active policies, and executing securing actions associated with the active policies if associated limits are met; and
  
  identifying currently executed security actions, determining whether a conflict exists between the currently executed security actions, and resolving any conflicts between the currently executed security actions;
  
  wherein the conditions are based on a time factor, the time factor including at least one of a timeframe, a predetermined time period, and a time limit;
  
  wherein the conditions are based on a source of the policies;
  
  wherein the conditions are based on a severity of security actions associated with the policies.
- View Dependent Claims (2, 3)
- - 2. The method as recited in claim 1, and further comprising updating the set of policies.
  - 3. The method as recited in claim 2, wherein the updating includes receiving another inactive policy, determining whether the user accepts the inactive policy, and adding the inactive policy to the set if the user accepts the inactive policy.

4. The method as recited in claim 1, and further comprising determining whether the conditions associated with the active policies are still met, and de-activating the active policies if the associated conditions are not met.

5. The method as recited in claim 1, wherein the policies include low priority policies that are default policies which do not expire.

6. The method as recited in claim 1, wherein the policies include medium priority policies that are valid for the predetermined time period.

7. The method as recited in claim 6, wherein the policies include high priority policies that are valid for another predetermined time period that is less than the predetermined time period associated with the medium priority policies.

8. The method as recited in claim 1, wherein the identifying the set of policies, the determining whether the conditions are met, and the activating the policies are controlled locally.

9. The method as recited in claim 1, wherein the associated conditions of the policies dictate the manner in which the active policies are to be deactivated.

10. The method as recited in claim 1, and further comprising determining whether one of the active policies is still active including determining whether the condition associated with the active policy is still met.

11. The method as recited in claim 10, and further comprising de-activating the active policy if the associated condition is not met and determining whether the de-activated policy is to be reused or discarded.

12. The method as recited in claim 11, wherein an indication of the determination whether the de-activated policy is to be reused or discarded is stored with the associated condition.

13. The method as recited in claim 1, wherein the condition are based on the detection of a predetermined amount of files of a certain type.

14. The method as recited in claim 1, wherein the conditions are based on whether a virus signature update is current.

15. A computer program product embodied on a tangible computer readable medium for prioritized network security, comprising:
- computer code for identifying a set of policies, each policy having a condition associated therewith;
  
  computer code for determining whether the conditions are met;
  
  computer code for determining whether a user confirms activation of the policies; and
  
  computer code for activating the policies whose associated conditions are determined to be met if the user confirms the activation;
  
  wherein the conditions are based on a priority of the policy;
  
  wherein a first policy with a higher priority has a first condition associated therewith that is different from a second condition associated with a second policy with a lower priority such that the first policy and second policy are activated under different priority-related conditions;
  
  wherein the activation of the policies involves;
  
  computer code for adding the policies to a set of a plurality of active policies, and executing security actions associated with the active policies if associated limits are met; and
  
  computer code for identifying currently executed security actions, determining whether a conflict exists between the currently executed security actions, and resolving any conflicts between the currently executed security actions;
  
  wherein the conditions are based on a time factor, the time factor including at least one of a timeframe, a predetermined time period, and a time limit;
  
  wherein the conditions are based on a source of the policies;
  
  wherein the conditions are based on a severity of security actions associated with the policies.

16. The computer program product as recited in claim 15, and further comprising computer code for updating the set of policies.

17. The computer program product as recited in claim 16, wherein the updating includes receiving another inactive policy, determining whether the user accepts the inactive policy, and adding the inactive policy to the set if the user accepts the inactive policy.

18. The computer program product as recited in claim 15, and further comprising computer code for determining whether the conditions associated with the active policies are still met, and de-activating the active policies if the associated conditions are not met.

19. A system including a computer with a tangible computer readable medium for prioritized network security, the medium comprising:
- logic for identifying a set of policies, each policy having a condition associated therewith;
  
  logic for determining whether a user confirms activation of the policies;
  
  logic for determining whether the conditions are met if the user confirms the activation; and
  
  logic for activating the policies whose associated conditions are determined to be met;
  
  wherein the conditions are based on a priority of the policy;
  
  wherein a first policy with a higher priority has a first condition associated therewith that is different from a second condition associated with a second policy with a lower priority such that the first policy and second policy are activated under different priority-related conditions;
  
  wherein the activation of the policies involves;
  
  logic for adding the policies to a set of a plurality of active policies, and executing security actions associated with the active policies if associated limits are met; and
  
  logic for identifying currently executed security actions, determining whether a conflict exists between the currently executed security actions, and resolving any conflicts between the currently executed security actions;
  
  wherein the conditions are based on a time factor, the time factor including at least one of a timeframe, a predetermined time period, and a time limit;
  
  wherein the conditions are based on a source of the policies;
  
  wherein the conditions are based on a severity of security actions associated with the policies.

20. A method executed utilizing a computer including a tangible computer readable medium for prioritized network security, comprising:
- identifying a set of policies, each policy having a condition associated therewith;
  
  determining whether a user confirms activation of the policies;
  
  determining whether the conditions are met; and
  
  activating the policies whose associated conditions are determined to be met if the user confirms the activation;
  
  wherein the conditions are based on an urgency associated with an issue causing the policy to be activated;
  
  wherein a first policy with a higher associated urgency has a first condition associated therewith that is different from a second condition associated with a second policy with a lower associated urgency such that the first policy and the second policy are activated under different urgency-related conditions;
  
  wherein the activation of the policies includes;
  
  adding the policies to a set of a plurality of active policies, and executing security actions associated with the active policies if associated limits are met; and
  
  identifying currently executed security actions, determining whether a conflict exists between the currently executed security actions, and resolving any conflicts between the currently executed security actions;
  
  wherein the conditions are based on a time factor, the time factor including at least one of a timeframe, a predetermined time period, and a time limit;
  
  wherein the conditions are based on a source of the policies;
  
  wherein the conditions are based on a severity of security actions associated with the policies.

21. A method executed utilizing a computer including a tangible computer readable medium for providing network security, comprising:
- identifying a set of a plurality of inactive policies each including a security action, a condition for activating the policy, and a limit for triggering the security action if the policy is active;
  
  updating the set of inactive policies including;
  
  receiving another inactive policy,determining whether a user accepts the inactive policy, andadding the inactive policy to the set if the user accepts the inactive policy;
  
  determining whether the conditions are met for the inactive policies;
  
  determining whether the user confirms the activation of the inactive policies if the associated conditions are met; and
  
  activating the inactive policies if the user confirms, the activation including;
  
  adding the inactive policies to a set of a plurality of active policies,determining whether the conditions associated with the active policies are still met,de-activating the active policies if the associated conditions are not met, andexecuting the securing actions associated with the active policies if the associated conditions are met and the limits are met, the execution of the securing actions including;
  
  identifying currently executed security actions,determining whether a conflict exists between the currently executed security actions, andresolving any conflicts between the currently executed security actions;
  
  wherein the conditions are based on a time factor, the time factor including at least one of a timeframe, a predetermined time period, and a time limit;
  
  wherein the conditions are based on a source of the policies;
  
  wherein the conditions are based on a severity of security actions associated with the policies.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, Inc. (McAfee, LLC)
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Smithson, Robert Hugh, Hearnden, Stephen Owen, Vignoles, James M.
Primary Examiner(s)
Moise; Emmanuel L.
Assistant Examiner(s)
PYZOCHA, MICHAEL J

Application Number

US10/028,653
Time in Patent Office

2,336 Days
Field of Search

713/201, 726/11, 726/1, 726/24
US Class Current

726/11
CPC Class Codes

H04L 63/1416 Event detection, e.g. attac...

H04L 63/1441 Countermeasures against mal...

System, method and computer program product for applying prioritized security policies with predetermined limitations

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

System, method and computer program product for applying prioritized security policies with predetermined limitations

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links