Communications traffic segregation for security purposes

US 7,698,548 B2
Filed: 12/08/2005
Issued: 04/13/2010
Est. Priority Date: 12/08/2005
Status: Active Grant

First Claim

Patent Images

1. A method for applying a communications traffic security policy, comprising:

segregating a distinct communications traffic flow based upon a security value that indicates user-interactive communications traffic flows for a computing device; and

,applying an enforcement policy to the segregated communications traffic flow if it is determined that a user is not interacting with the computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Technology for applying a communications traffic security policy in which a distinct communications traffic flow is segregated based upon a security value; whereby the communications traffic security policy include one or both of a detection and an enforcement policy. The detection policy may include determining whether the segregated communications traffic flow involves malware; and, the enforcement policy may include a malware policy.

Citations

20 Claims

1. A method for applying a communications traffic security policy, comprising:
- segregating a distinct communications traffic flow based upon a security value that indicates user-interactive communications traffic flows for a computing device; and
  
  ,applying an enforcement policy to the segregated communications traffic flow if it is determined that a user is not interacting with the computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. A method according to claim 1 comprising one or both of:
    - determining via a detection policy whether the segregated communications traffic flow is associated with malware; and
      
      ,enforcing via the enforcement policy a malware mitigation policy.
  - 3. A method according to claim 1 comprising determining if a user is locally interacting with the computing device.
  - 4. A method according to claim 1 wherein the segregated communications traffic flow comprises is one of:
    - being allowed to continue its flow if a detection policy does not determine an association with malware; and
      
      being blocked from its flow if the detection policy determines an association with malware.
  - 5. A method according to claim 1 wherein the application of the enforcement policy comprises blocking flow of the segregated communications traffic if a detection policy determines an association with malware.
  - 6. A method according to claim 1 wherein segregating a communications traffic flow comprises one or both of:
    - being performed by a computer with respect to a communications traffic flow within the computer; and
      
      ,being performed by a centralized security engine with respect to one or more communications traffic flows from one or more computers.
  - 7. A method according to claim 6 wherein the enforcement policy is implemented by one or both of the computer and the centralized security engine.
  - 8. A method according to claim 1 wherein segregating a communications traffic flow comprises segregating by the security value two or more communications traffic flows.
  - 9. A method according to claim 8 wherein the enforcement policy is applied to one or both of the two or more segregated communications traffic flows.
  - 10. A method according to claim 8 wherein segregating the two or more communications traffic flows comprises dynamically tagging one or more of the two or more communications traffic flows.
  - 11. A method according to claim 10 comprising tracking one or more of the dynamically tagged communications traffic flows.
  - 12. A method according to claim 10 comprising tracking one or more of the communications traffic flows which have not been dynamically tagged.
  - 13. A method according to claim 1 wherein a detection policy comprises rules for using a certain minimum number of traffic flows generated in a certain minimal period of time.
  - 14. A computer-readable storage medium comprising computer-executable instructions for performing a computer process implementing the method of claim 1.

15. A method for applying a communications traffic policy comprising:
- segregating user interactive communications traffic flows from non-interactive communications traffic flows for a computing device;
  
  detecting whether one or more of the user interactive communications traffic flows are associated with malware; and
  
  if malware is detected, applying an enforcement policy that mitigates the user interactive communications traffic flows for the computing device.
- View Dependent Claims (16, 17, 18, 19)
- - 16. A method according to claim 15 wherein segregating a communications traffic flows comprises segregating by a security value two or more communications traffic flows.
  - 17. A method according to claim 16 wherein one or both of a detection policy and the enforcement policy are applied to one or both of the two or more segregated communications traffic flows.
  - 18. A method according to claim 16 wherein segregating the two or more communications traffic flows comprises dynamically tagging one or more of the two or more communications traffic flows.
  - 19. A computer-readable storage medium comprising computer-executable instructions for performing a computer process implementing the method of claim 15.

20. A computer system comprising a computing device and a connection for connecting the computing device to a network, the computer system comprising:
- a security policy component connected to or within one or both of the computing device and the connection;
  
  the security policy component comprising a processor and adapted to be executed thereby, and configured to serve as one or both of a detection module and an enforcement module to execute one or both of a detection policy and an enforcement policy in relation to a segregated communications traffic flow, the one or both of the detection and the enforcement policies defining a category for the segregation of the segregated communications traffic flow, wherein the category comprises user-interactive communications.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Abzarian, David, Shelest, Art, Yariv, Eran
Primary Examiner(s)
SMITHERS, MATTHEW

Application Number

US11/297,717
Publication Number

US 20070136783A1
Time in Patent Office

1,587 Days
Field of Search

713/154
US Class Current

713/154
CPC Class Codes

H04L 63/1408 by monitoring network traff...

H04L 63/1441 Countermeasures against mal...

Communications traffic segregation for security purposes

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Communications traffic segregation for security purposes

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links