Security status and information display system

US 8,510,843 B2
Filed: 10/06/2011
Issued: 08/13/2013
Est. Priority Date: 10/21/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprising the steps of:

providing a local security component on a mobile device;

acquiring by the local security component data concerning a current configuration of the mobile device;

receiving at the local security component from one or more other applications running on the mobile device raw or partially processed data about events on the mobile device;

processing the received data by the local security component against a database containing identification data for security threats and against the current mobile device configuration data to assess a security state of the mobile device, the processing including assigning by the local security component a severity level for each event;

outputting by the local security component to the mobile device the security state assessment results, including a first assessed security state of the mobile device by the local security component for persistent display of the current security state assessment on a mobile device display home screen;

transmitting the raw or partially processed data about events on the mobile device to a server for processing at the server;

receiving, at the mobile device, a second assessed security state of the mobile device from the server; and

displaying the second assessed security state on the mobile device display, wherein the second assessed security state by the server is different from the first assessed security state by the local security component.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a system and method for reporting security information relating to a mobile device. A security component identifies security events on the mobile device that are processed on the mobile device or by a server. The security component then determines a security assessment for the mobile device based upon the detected security events. The security state assessment can be displayed in various different formats on the mobile device display or on a client computer through a user interface. The display may be persistent in the form of a desktop widget or home-screen item which enables the user or administrator to verify the functioning of security protection on the device and be alerted if the device needs attention without having to specifically seek such information.

251 Citations

17 Claims

1. A method comprising the steps of:
- providing a local security component on a mobile device;
  
  acquiring by the local security component data concerning a current configuration of the mobile device;
  
  receiving at the local security component from one or more other applications running on the mobile device raw or partially processed data about events on the mobile device;
  
  processing the received data by the local security component against a database containing identification data for security threats and against the current mobile device configuration data to assess a security state of the mobile device, the processing including assigning by the local security component a severity level for each event;
  
  outputting by the local security component to the mobile device the security state assessment results, including a first assessed security state of the mobile device by the local security component for persistent display of the current security state assessment on a mobile device display home screen;
  
  transmitting the raw or partially processed data about events on the mobile device to a server for processing at the server;
  
  receiving, at the mobile device, a second assessed security state of the mobile device from the server; and
  
  displaying the second assessed security state on the mobile device display, wherein the second assessed security state by the server is different from the first assessed security state by the local security component.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein the outputting step further includes outputting the security state assessment results from the mobile device to a server.
  - 3. The method of claim 1, wherein the outputting step further includes outputting the security state assessment results from the mobile device to a client computer for display on the client computer.
  - 4. The method of claim 1, wherein the processing step further includes a severity assessment of security events on the mobile device to determine severity levels for the security events, and wherein the outputting step includes outputting the security severity level determination for display on the mobile device display home screen.
  - 5. The method of claim 1, wherein the outputting step further includes outputting a list of security events for display on the mobile device display home screen.
  - 6. The method of claim 1, wherein the outputting step further includes outputting a list of security events from the mobile device to a client computer for the display of the list of security events on the client computer.
  - 7. The method of claim 1, wherein the outputting step further includes outputting a chart indicating security events on the mobile device for display of the security event chart on the mobile device display.
  - 8. The method of claim 1, wherein the outputting step further includes outputting from the mobile device to a client computer a chart indicating security events on the mobile device for display of the security event chart on the client computer.
  - 9. The method of claim 1, wherein the outputting step further includes outputting a status indicator signal representing a current security state assessment for the mobile device for persistent display of the status indicator signal on the mobile device display home screen.
  - 10. The method of claim 1, wherein the outputting step further includes outputting from the mobile device to a client computer a status indicator signal representing a current security state for the mobile device for display of the status indicator signal on the client computer.
  - 11. The method of claim 1, wherein the outputting step further includes sending an e-mail to a client computer that includes a current security state assessment for the mobile device.
  - 12. The method of claim 1, wherein the outputting step further includes generating a webpage that includes an indication of the current security state assessment for the mobile device.
  - 13. The method of claim 1 wherein the assigning further comprises:
    - if a first event indicates malware was found and quarantined on the mobile device, assigning by the local security component a first severity level to the first event;
      
      if the first event indicates malware was found and not quarantined on the mobile device, assigning by the local security component a second severity level to the first event; and
      
      if the first event indicates no malware was found, assigning by the local security component a third severity level to the first event, wherein the third severity level is different from the first and second severity levels, and the first severity level is different from the second severity level.
  - 14. The method of claim 1 wherein the assigning further comprises:
    - if a first event indicates blocking of spam, assigning by the local security component a first severity level to the first event.
  - 15. The method of claim 1 wherein the assigning further comprises:
    - if a first event indicates a firewall rule violation, assigning by the local security component a first severity level to the first event.

16. A method comprising the steps of:
- at a server security component running on a server, receiving from a client security component running on a mobile device raw or at least partially processed data about a security event identified by the client security component;
  
  at the server security component, receiving data concerning a current configuration of the mobile device;
  
  at the server security component, processing the received security event data and the received current mobile device configuration data against a database of security events including at least three of the security events in the group of security events consisting of exploits, suspicious network traffic, viruses, malware, SMS message spam, phone call spam, suspicious system calls, suspicious function calls and authentication failures, to assess whether the security event represents a present threat to the mobile device on which the event occurred; and
  
  at the server security component, outputting a mobile-device-specific security state assessment for display.

17. A method comprising the steps of:
- at a server security component running on a server, receiving from a client security component running on a mobile device raw or at least partially processed data about a network interface event identified by the client security component;
  
  at the server security component, receiving data concerning a current configuration of the mobile device;
  
  at the server security component, processing the received network interface event data and the received current mobile device configuration data against a database of network interface events to assess whether the network interface event represents a present threat to the mobile device on which the event occurred; and
  
  at the server security component, outputting a mobile-device-specific security state assessment for display based upon the server processing.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lookout Incorporated
Original Assignee
Lookout Incorporated
Inventors
Mahaffey, Kevin, Hering, John G., Burgess, James
Primary Examiner(s)
CHEN, SHIN HON

Application Number

US13/267,731
Publication Number

US 20120060222A1
Time in Patent Office

677 Days
Field of Search

None
US Class Current

726/25
CPC Class Codes

G06F 21/554 involving event detection a...

G06F 21/577 Assessing vulnerabilities a...

Security status and information display system

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

251 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Security status and information display system

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

251 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links