Adaptive security for information devices

US 7,584,508 B1
Filed: 01/21/2009
Issued: 09/01/2009
Est. Priority Date: 12/31/2008
Status: Active Grant

First Claim

Patent Images

1. An information device having a dynamically configurable security arrangement, the device comprising:

computer circuitry, including a processor operatively coupled to a data store;

a user interface, including display and user input devices;

communications circuitry; and

a power supply that provides power to the computer circuitry, user interface, and communications circuitry;

wherein the computer circuitry includes a security arrangement comprising;

a configurable security module that provides security-related functionality in the information device according to a configuration of operational settings;

a risk profiling module that re-assesses a current set of security risks to which the information device is exposed;

a computing capacity determining module that re-assesses computing capacity availability relating to usage and performance expectations for operation of the information device; and

a security configuration module that automatically and dynamically configures the operational settings of the security module based on the current set of security risks from the risk profiling module and on the current state of dynamically-variable computing capacity availability from the computing capacity determining module, wherein the security configuration module includes;

a configuration determining module that determines, from among a set of security-related functionality with which the security module is to be configured in response to the current set of security risks from the risk profiling module, a subset of more essential security functionality and a subset of less essential security functionality relevant to the current set of security risks; and

a configuration setting module that sets the configuration of operational settings such that, in response to the computing capacity availability being indicative of a reduction of computing capacity availability from a previous computing capacity availability, the configuration setting module disables the subset of less essential security functionality to an extent that computational loading on the computer circuitry attributable to operation of the configurable security module is reduced to facilitate operation of the information device corresponding to the usage and performance expectations while executing the subset of more essential security functionality in the configurable security module.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An information device includes a dynamically configurable security module in which operational settings are automatically and dynamically configured based on risk profile or computing capacity information, or both.

Citations

20 Claims

1. An information device having a dynamically configurable security arrangement, the device comprising:
- computer circuitry, including a processor operatively coupled to a data store;
  
  a user interface, including display and user input devices;
  
  communications circuitry; and
  
  a power supply that provides power to the computer circuitry, user interface, and communications circuitry;
  
  wherein the computer circuitry includes a security arrangement comprising;
  
  a configurable security module that provides security-related functionality in the information device according to a configuration of operational settings;
  
  a risk profiling module that re-assesses a current set of security risks to which the information device is exposed;
  
  a computing capacity determining module that re-assesses computing capacity availability relating to usage and performance expectations for operation of the information device; and
  
  a security configuration module that automatically and dynamically configures the operational settings of the security module based on the current set of security risks from the risk profiling module and on the current state of dynamically-variable computing capacity availability from the computing capacity determining module, wherein the security configuration module includes;
  
  a configuration determining module that determines, from among a set of security-related functionality with which the security module is to be configured in response to the current set of security risks from the risk profiling module, a subset of more essential security functionality and a subset of less essential security functionality relevant to the current set of security risks; and
  
  a configuration setting module that sets the configuration of operational settings such that, in response to the computing capacity availability being indicative of a reduction of computing capacity availability from a previous computing capacity availability, the configuration setting module disables the subset of less essential security functionality to an extent that computational loading on the computer circuitry attributable to operation of the configurable security module is reduced to facilitate operation of the information device corresponding to the usage and performance expectations while executing the subset of more essential security functionality in the configurable security module.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The information device of claim 1, wherein the security configuration module progressively configures the operational settings of the security module in response to indicia of progressively-reducing computing capacity by progressively disabling security-related functionality in order of less essential functionality to more essential functionality to preserve computing capacity for non-security functions of the information device.
  - 3. The information device of claim 2, wherein the configurable security module stores a plurality of threat definitions and scans at least one of the data store and network traffic for any presence of security threats based on the plurality of threat definitions, and wherein the computing capacity determining module disables a subset of less essential security functionality by reducing the quantity of threat definitions on which the scanning is based.
  - 4. The information device of claim 2, wherein the configurable security module selectively implements combinations of different security functions, and wherein the computing capacity determining module disables the subset of less essential security functionality by selecting a thin client mode for the configurable security module in which a majority of security functions are executed on a remote server.
  - 5. The information device of claim 1, wherein the risk profiling module includes:
    - a location determining module configured to determine and provide an indication of a present location of the information device; and
      
      a location profile database containing security risk profile information for a plurality of local networks at a plurality of geographic locations;
      
      wherein the risk profiling module uses the indication of the present location to assess a present security risk to which the information device is exposed based on risk profile information contained in the location profile database corresponding to the present location.
  - 6. The information device of claim 5, wherein the location determining module includes at least one of:
    - a global positioning system (GPS) receiver; and
      
      a network topology analyzer.
  - 7. The information device of claim 1, wherein the computing capacity determining module assesses a present demand on computing resources based on at least one monitored parameter selected from the group consisting of:
    - system configuration information, operating state information, or any combination thereof.
  - 8. The information device of claim 1, wherein the computing capacity determining module assesses available computing resources based on at least one parameter selected from the group consisting of:
    - application programs in use, network traffic, processor idling, an amount of memory allocated, an amount of memory available in the data store, a condition of the on-board energy source, or any combination thereof.
  - 9. The information device of claim 1, further comprising:
    - a user preferences module that obtains at least one parameter from the user selected from the group consisting of;
      
      security risk tolerance information, user experience requirements, or any combination thereof;
      
      wherein the security configuration module configures the operational settings of the security module based on the at least one parameter.
  - 10. The information device of claim 1, wherein the risk profiling module is adapted to assess security risks to which the information device is presently exposed based on at least one parameter selected from the group consisting of:
    - relevant history of the information device, global security situational information, user preferences information, application programs installed or operating on the information device, or any combination thereof.
  - 11. The information device of claim 1, wherein the set of security-related functionality includes a multi-level hierarchy of functionality ranging from general security functionality to particular security functionality corresponding more closely to the current set of security risks;
    - andwherein the subset of more essential functionality is selected from a level of the multi-level hierarchy corresponding to the current state of computing capacity availability.

12. A method for automatically configuring an information device to facilitate usability while providing security protection for the information device, the method comprising:
- using a computing device, automatically profiling a set of current security risks to which the information device is exposed;
  
  using a computing device, automatically determining a set of security functionality with which a security module is to be configured in the information device to protect the information device in response to a result of the profiling of the set of current security risks;
  
  using a computing device, automatically re-assessing from among the set of security functionality, a subset of more essential security functionality and a subset of less essential security functionality relevant to the set of current security risks;
  
  using a computing device, automatically re-assessing current computing capacity availability relating to usage and performance expectations for operation of the information device; and
  
  using a computing device, automatically and dynamically configuring the security arrangement to run on the information device based on a result of the profiling of the current set of security risks and on a result of the re-assessing of the current computing capacity availability, including;
  
  in response to the result of the re-assessing of the current computing capacity availability being indicative of a reduction of computing capacity availability from a previous computing capacity availability, disabling the subset of less essential security functionality to an extent that computational loading on the information device attributable to operation of the configurable security module is reduced to facilitate operation of the information device corresponding to the usage and performance expectations while the information device executes the subset of more essential security functionality.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The method of claim 12, further comprising:
    - using a computing device, automatically determining and providing an indication of a present location of the information device; and
      
      using a computing device, automatically looking up the present location in a location profile database, said database containing security risk profile information for a plurality of local networks at a plurality of geographic locations; and
      
      wherein the profiling of the set of security risks to which the information device is exposed is based on risk profile information contained in the location profile database corresponding to the present location.
  - 14. The method of claim 13, wherein automatically determining the present location of the information device includes operating at least one of:
    - a global positioning system (GPS) receiver; and
      
      a network topology analyzer.
  - 15. The method of claim 12, further comprising:
    - storing a plurality of threat definitions and scanning at least one of a data store and network traffic for any presence of security threats based on the plurality of threat definitions; and
      
      wherein the disabling of the subset of less essential security functionality includes reducing the quantity of threat definitions on which the scanning is based.
  - 16. The method of claim 12, wherein at least one of:
    - said automatically profiling a set of current security risks, said automatically determining a set of security functionality with which a security module is to be configured in the information device, said automatically re-assessing subsets of more essential and less essential security functionality, said automatically re-assessing computing capacity availability, and said automatically and dynamically configuring the security arrangement, is performed by the information device.
  - 17. The method of claim 12, wherein automatically re-assessing the computing capacity includes assessing a present demand on computing resources based on at least one monitored parameter selected from the group consisting of:
    - application programs in use on the information device, network traffic to or from the information device, processor idling of the information device, an amount of memory allocated on the information device, or any combination thereof.
  - 18. The method of claim 12, wherein determining the computing capacity includes assessing available computing resources based on a condition of a battery of the information device.
  - 19. The method of claim 12, further comprising:
    - obtaining, by a computing device, at least one parameter from the user, said parameter being selected from the group consisting of;
      
      security risk tolerance information, user experience requirements, or any combination thereof; and
      
      wherein configuring the security module is performed based on the at least one parameter.
  - 20. The method of claim 12, wherein automatically profiling the current set of security risks is performed based on application programs installed or operating on the information device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lab A.O. Kaspersky
Original Assignee
Kaspersky Lab ZAO
Inventors
Kashchenko, Nadezhda V., Tikhomirov, Anton V., Polyakov, Dmitry A.
Primary Examiner(s)
Cervetti, David Garcia

Application Number

US12/357,246
Time in Patent Office

223 Days
Field of Search

726/22, 726/23, 726/24, 726/25
US Class Current

726/25
CPC Class Codes

G06F 1/3212   Monitoring battery levels, ...

G06F 21/554   involving event detection a...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/74   operating in dual or compar...

G06F 21/81   by operating on the power s...

G06F 2221/034   Test or assess a computer o...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2111   Location-sensitive, e.g. ge...

G06F 2221/2141   Access rights, e.g. capabil...

H04L 63/105   Multiple levels of security

Y02D 10/00   Energy efficient computing,...

Adaptive security for information devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Adaptive security for information devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links