End user risk management

US 7,490,356 B2
Filed: 07/20/2004
Issued: 02/10/2009
Est. Priority Date: 07/20/2004
Status: Active Grant

First Claim

Patent Images

1. A method of generating a risk score associated with an end user of a computer system, the method comprising:

assessing a data risk associated with each piece of electronically available information accessible by an end user of a computer system, the data risk based in part on a value associated with the electronically available information;

monitoring interactions between the end user and the computer system used by the end user to access the electronically available information, each interaction associated with a risk measured by a risk metric;

calculating a risk score for the end user, the risk score based upon the data risk associated with each piece of electronically available information and the risk metric associated with the monitored interactions;

informing the end user of the computer system of the calculated risk score; and

displaying the risk score to the end user.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A flexible, efficient and easy-to-use computer security management system effectively evaluates and responds to informational risks on a wide variety of computing platforms and in a rapidly changing network environment. An individual computer system dynamically monitors its end user, without regard to network connectivity, in order to calculate a risk score and to ensure that the end user'"'"'s behavior does not put corporate information or other assets at risk. Data regarding such risks and responses are analyzed and stored in real-time.

269 Citations

12 Claims

1. A method of generating a risk score associated with an end user of a computer system, the method comprising:
- assessing a data risk associated with each piece of electronically available information accessible by an end user of a computer system, the data risk based in part on a value associated with the electronically available information;
  
  monitoring interactions between the end user and the computer system used by the end user to access the electronically available information, each interaction associated with a risk measured by a risk metric;
  
  calculating a risk score for the end user, the risk score based upon the data risk associated with each piece of electronically available information and the risk metric associated with the monitored interactions;
  
  informing the end user of the computer system of the calculated risk score; and
  
  displaying the risk score to the end user.
- View Dependent Claims (2, 3, 4, 5, 6, 8, 9, 10)
- - 2. The method of claim 1, further comprising restricting access to the electronically available information when the risk score exceeds a threshold.
  - 3. The method of claim 1, wherein informing further comprises displaying, to the end user of the computer system, the risk score corresponding to said end user.
  - 4. The method of claim 3, further comprising allowing the end user of the computer system to modify the risk score via additional interactions between the end user and the computer system.
  - 5. The method of claim 1, wherein the end user interacts with the computer system remotely.
  - 6. The method of claim 1, further comprising adjusting the risk score in response to an occurrence of an exceptional event.
  - 8. The method of claim 1, wherein assessing the data risk associated with each piece of electronically available information further comprises determining a risk associated with the electronically available information.
  - 9. The method of claim 8, wherein determining the risk further comprises determining the risk of any one of disclosure, corruption and deletion of the electronically available information.
  - 10. The method of claim 1, wherein monitoring interactions further comprises monitoring interactions between the end user and a computer system local to the end user.

7. A method of evaluating a risk which an end user poses to electronically available information, comprising:
- (a) assessing asset values for each piece of electronically available information to which the end user has access, the asset values based in part on a value associated with the electronically available information;
  
  (b) monitoring the end user'"'"'s interactions with a computer system through which the end user accesses the electronically available information;
  
  (c) calculating a risk score in real time for the end user based upon the assessed asset values associated with each piece of electronically available information and the end user'"'"'s interactions, the risk score indicative of the risk that the end user poses to the electronically available information;
  
  (d) displaying the risk score to the end user; and
  
  (e) returning to step (a), and repeating at least steps (a) through (e) to evaluate the risk posed by the real time interactions between the end user and the computer system.

11. A system for evaluating risk, the system comprising:
- a plurality of client computers in communication with a server via a network, each of the client computers responsive to input generated by an end user;
  
  a security agent on each of the client computers, the security agent configured to;
  
  monitor interactions between the end user and one of either a second client computer and the server,assign a data risk to electronically available information accessible by the end user, the data risk based in part on a value associated with the electronically available information,generate a risk score for the end user, the risk score based upon interactions between the end user and the one of either the second client computer and the server, and the data risk assigned to the electronically available information,detect an end user action posing a security risk to the one of either the second client computer and the server,update, in real time, the risk score in response to detection of the end user action, anddisplay the risk score to the end user.
- View Dependent Claims (12)
- - 12. The system of claim 11, further comprising the security agent configured to store the generated risk score in a repository located on the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Reflectent Software, Inc. (Cloud Software Group)
Inventors
Norman, Dustin, Lieblich, Jason
Primary Examiner(s)
Vu; Kim
Assistant Examiner(s)
SHAN, APRIL YING

Application Number

US10/894,714
Publication Number

US 20060020814A1
Time in Patent Office

1,666 Days
Field of Search

726/22, 726/3, 726/21, 726/23, 726/25, 726/26, 726/27, 726/28, 726/29, 726/30, 713/182, 713/187, 455/26.1, 399/366, 379/93.02, 708/135
US Class Current

726/25
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06F 21/577   Assessing vulnerabilities a...

H04L 63/14   for detecting or protecting...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/20   for managing network securi...

End user risk management

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

269 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

End user risk management

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

269 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links