Tuning product policy using observed evidence of customer behavior

US 9,224,168 B2
Filed: 12/11/2012
Issued: 12/29/2015
Est. Priority Date: 11/15/2004
Status: Active Grant

First Claim

Patent Images

1. A server comprising:

at least one processing unit; and

at least one computer-readable media storing computer-executable instructions which, when executed by the at least one processing unit, cause the server to;

acquire operational data reflecting operation of a computer;

set policy information for the computer based on the acquired operational data; and

send the policy information from the server to the computer,wherein the policy information sent from the server to the computer causes the computer to impose a sanction on the computer for non-compliance with the policy information, andwherein the computer comprises a sanction circuit in a secure execution environment and the policy information directs the sanction circuit to impose the sanction.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer adapted for pay-as-you go or other metered use has a policy for determined what measurements to take to detect fraud as well as steps to take when fraud is found. To optimize between good performance and sufficient tests to reduce the risk of fraud, a policy is developed based on observation of the users behavior, using data taken at the computer, data from a payment processor or both. After analysis, an updated policy is securely loaded at the computer to determine what, and how often to measure for suspected fraud.

783 Citations

21 Claims

1. A server comprising:
- at least one processing unit; and
  
  at least one computer-readable media storing computer-executable instructions which, when executed by the at least one processing unit, cause the server to;
  
  acquire operational data reflecting operation of a computer;
  
  set policy information for the computer based on the acquired operational data; and
  
  send the policy information from the server to the computer,wherein the policy information sent from the server to the computer causes the computer to impose a sanction on the computer for non-compliance with the policy information, andwherein the computer comprises a sanction circuit in a secure execution environment and the policy information directs the sanction circuit to impose the sanction.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The server of claim 1, wherein the operational data is received from the computer.
  - 3. The server of claim 1, wherein the computer-executable instructions, when executed by the at least one processing unit, cause the server to:
    - encrypt the policy information before sending the policy information to the computer.
  - 4. The server of claim 1, wherein the sanction at least partially disables the computer.
  - 5. The server of claim 1, wherein the computer-executable instructions, when executed by the at least one processing unit, cause the server to:
    - collect financial history information associated with a user of the computer; and
      
      set the policy information based on the financial history information.
  - 6. The server of claim 1, wherein the policy information includes criteria for measuring compliance with a policy defined by the policy information.
  - 7. The server of claim 1, wherein the sanction comprises a warning provided on the computer.

8. A computer comprising:
- at least one processing unit;
  
  a secure execution environment;
  
  a sanction circuit in the secure execution environment; and
  
  at least one computer-readable media storing computer-executable instructions which, when executed by the at least one processing unit, cause the at least one processing unit to;
  
  acquire operational data reflecting operation of the computer;
  
  provide the operational data to a server that sets policy information for the computer based on the operational data; and
  
  receive the policy information from the server,wherein the sanction circuit in the secure execution environment is configured to impose a sanction on the computer based on the policy information received from the server.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
- - 9. The computer of claim 8, wherein the secure execution environment is part of the at least one processing unit.
  - 10. The computer of claim 8, wherein the sanction circuit is implemented as software.
  - 11. The computer of claim 10, wherein the sanction circuit is executed by the at least one processing unit.
  - 12. The computer of claim 8, wherein the secure execution environment is a standalone component separate from the at least one processing unit.
  - 13. The computer of claim 8, further comprising a measurement circuit configured to perform measurements on the computer to obtain the operational data.
  - 14. The computer of claim 13, wherein the measurement circuit is configured to adjust how the measurements are performed based on the policy information.
  - 15. The computer of claim 14, wherein the measurement circuit is implemented as software executed by the at least one processing unit.
  - 16. The computer of claim 8, wherein the computer is a metered-use computer.

17. A method performed by at least one computer processing unit, the method comprising:
- acquiring operational data reflecting operation of a computer;
  
  setting policy information for the computer based on the acquired operational data; and
  
  providing the policy information to the computer,wherein the policy information provided to the computer causes a sanction circuit in a secure execution environment on the computer to impose a sanction on the computer for non-compliance with the policy information, andwherein the policy information includes criteria for imposing the sanction based on at least one of;
  
  clock verification by the secure execution environment on the computer, orcomponent verification by the secure execution environment on the computer, wherein the component verification verifies that certain elements of the computer are present and operating properly.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The method of claim 17, wherein the policy information comprises a data collection policy that causes the computer to obtain subsequent operational data in accordance with the data collection policy.
  - 19. The method of claim 18, wherein the data collection policy controls a measurement circuit embodied in the secure execution environment of the computer.
  - 20. The method of claim 17, wherein the criteria for imposing the sanction is based on the clock verification by the secure execution environment on the computer.
  - 21. The method of claim 17, wherein the criteria for imposing the sanction is based on the component verification by the secure execution environment on the computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Thirumalai, Gokul P., Ahdout, Isaac P.
Primary Examiner(s)
LEWIS, LISA C

Application Number

US13/711,549
Publication Number

US 20130173442A1
Time in Patent Office

1,113 Days
Field of Search

726/1
US Class Current

1/1
CPC Class Codes

G06Q 20/26   Debit schemes, e.g. "pay now"

G06Q 20/4016   involving fraud or risk lev...

G06Q 30/04   Billing or invoicing

G06Q 30/06   Buying, selling or leasing ...

G06Q 40/00   Finance; Insurance; Tax str...

G06Q 40/02   Banking, e.g. interest calc...

Tuning product policy using observed evidence of customer behavior

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

783 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

Tuning product policy using observed evidence of customer behavior

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

783 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others