Mobile risk assessment

US 8,677,497 B2
Filed: 12/28/2011
Issued: 03/18/2014
Est. Priority Date: 10/17/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving a query from a particular endpoint device identifying a particular wireless access point encountered by the particular endpoint device;

determining whether pre-existing risk assessment data exists for the identified particular wireless access point; and

participating in a risk assessment of the particular wireless access point with the particular endpoint device, wherein the risk assessment includes;

the particular endpoint device attempting to communicate with a trusted endpoint over the particular wireless access point; and

monitoring the attempted communication with the trusted endpoint over the particular wireless access point to assess risk associated with the particular wireless access point.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A query is received from a particular endpoint device identifying a particular wireless access point encountered by the particular endpoint device. Pre-existing risk assessment data is identified for the identified particular wireless access point and query result data is sent to the particular endpoint device characterizing pre-assessed risk associated with the particular wireless access point. In some instances, the query result data is generated based on the pre-existing risk assessment data. In some instances, pre-existing risk assessment data can be the result of an earlier risk assessment carried-out at least in part by an endpoint device interfacing with and testing the particular wireless access point.

45 Citations

View as Search Results

23 Claims

1. A method comprising:
- receiving a query from a particular endpoint device identifying a particular wireless access point encountered by the particular endpoint device;
  
  determining whether pre-existing risk assessment data exists for the identified particular wireless access point; and
  
  participating in a risk assessment of the particular wireless access point with the particular endpoint device, wherein the risk assessment includes;
  
  the particular endpoint device attempting to communicate with a trusted endpoint over the particular wireless access point; and
  
  monitoring the attempted communication with the trusted endpoint over the particular wireless access point to assess risk associated with the particular wireless access point.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1, further comprising receiving risk assessment feedback data from the endpoint device in connection with at least one assessment task performed by the particular endpoint device.
  - 3. The method of claim 2, further comprising using the received risk assessment feedback data to determine a risk profile for the particular wireless access point.
  - 4. The method of claim 3, wherein the pre-assessed risk associated with the particular wireless access point is considered in the determination of the risk profile.
  - 5. The method of claim 2, wherein the feedback data includes at least one of a service set identifier (SSID), data describing encryption used by the wireless access point, splash page information, and wireless access point password information.
  - 6. The method of claim 1, wherein attempting to communicate with the trusted endpoint includes attempting to establish a secured connection between the particular endpoint device and the trusted endpoint, and establishing the secured connection includes receiving expected trust verification data from the trusted endpoint;
    - wherein receipt of data other than the expected trust verification data is presumed to indicate that the particular wireless access point is untrustworthy suggesting higher risk associated with the particular wireless access point.
  - 7. The method of claim 6, wherein participating in the risk assessment of the particular wireless access point includes facilitating communication of the expected trust verification data to the particular endpoint device in advance of the particular endpoint device attempting to communicate with the trusted endpoint over the particular wireless access point.
  - 8. The method of claim 1, wherein participating in the risk assessment of the particular wireless access point includes identifying, to the particular endpoint device, the trusted endpoint device from a plurality of available trusted endpoint devices in advance of the particular endpoint device attempting to communicate with the trusted endpoint over the particular wireless access point.
  - 9. The method of claim 1, wherein pre-existing risk assessment data for the identified particular wireless access point was generated in connection with at least one previous encounter with the particular wireless access point by an endpoint device.
  - 10. The method of claim 9, wherein the previous encounter with the particular wireless access point was made by an endpoint device other than the particular endpoint device.
  - 11. The method of claim 1, wherein the pre-existing risk assessment data for the identified particular wireless access point is identified from risk assessment records including pre-existing risk assessment data for a plurality of wireless access points identified by wireless-enabled endpoint devices.
  - 12. The method of claim 1, wherein the query includes geo-positional data indicating a location of at least one of the particular endpoint device and the particular wireless access point.
  - 13. The method of claim 12, further comprising:
    - generating query result data based at least in part on pre-existing risk assessment data for the identified particular wireless access point and the location identified in the geo-positional data.
  - 14. The method of claim 1, further comprising calculating a risk profile for the particular endpoint device based on a set of device attributes including risk associated with wireless access points accessed by the particular endpoint device.
  - 15. The method of claim 1, further comprising causing a graphical indicator of risk associated with the particular wireless access point to be presented at the particular endpoint device.
  - 16. The method of claim 1, wherein the query is sent over a secure connection other than a wireless network associated with the particular wireless access point.
  - 17. The method of claim 16, wherein the secure connection is implemented over at least one of a wireless mobile broadband connection and a VLAN tunnel.
  - 18. The method of claim 1, further comprising sending query result data to the particular endpoint device characterizing risk associated with the particular wireless access point.
  - 19. The method of claim 18, wherein pre-existing risk assessment data is determined to exist for the identified particular wireless access point and the query result data is based at least in part on the pre-existing risk assessment data.
  - 20. The method of claim 18, wherein the query result data is based at least in part on results of the risk assessment.

21. At least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
- receive a query from a particular endpoint device identifying a particular wireless access point encountered by the particular endpoint device;
  
  determine whether pre-existing risk assessment data exists for the identified particular wireless access point; and
  
  participate in a risk assessment of the particular wireless access point with the particular endpoint device, wherein the risk assessment includes;
  
  the particular endpoint device attempting to communicate with a trusted endpoint over the particular wireless access point; and
  
  monitoring the attempted communication with the trusted endpoint over the particular wireless access point to assess risk associated with the particular wireless access point.

22. A system comprising:
- at least one processor device;
  
  at least one memory element; and
  
  a wireless access point risk assessor, adapted when executed by the at least one processor device to;
  
  receive a query from a particular endpoint device identifying a particular wireless access point encountered by the particular endpoint device;
  
  determine whether pre-existing risk assessment data exists for the identified particular wireless access point pre-existing risk assessment data for the identified particular wireless access point; and
  
  participate in a risk assessment of the particular wireless access point with the particular endpoint device, wherein the risk assessment includes;
  
  the particular endpoint device attempting to communicate with a trusted endpoint over the particular wireless access point; and
  
  monitoring the attempted communication with the trusted endpoint over the particular wireless access point to assess risk associated with the particular wireless access point.
- View Dependent Claims (23)
- - 23. The system of claim 22, further comprising a device risk assessment tool adapted to calculate a risk profile for the particular endpoint device based on a set of device attributes including risk associated with wireless access points accessed by the particular endpoint device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Basavapatna, Prasanna Ganapathi, Gaddala, Satish Kumar, Schrecker, Sven, Goldschlag, David Moshe
Primary Examiner(s)
POWERS, WILLIAM S

Application Number

US13/339,221
Publication Number

US 20130097711A1
Time in Patent Office

811 Days
Field of Search

None
US Class Current

726/25
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

H04L 63/0272   Virtual private networks

H04L 63/12   Applying verification of th...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1433   Vulnerability analysis

H04W 12/12   Detection or prevention of ...

H04W 12/122   Counter-measures against at...

H04W 12/67   Risk-dependent, e.g. select...

H04W 4/02   Services making use of loca...

H04W 4/029   Location-based management o...

Mobile risk assessment

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

45 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Mobile risk assessment

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

45 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links