User device security profile

US 9,323,935 B2
Filed: 12/18/2012
Issued: 04/26/2016
Est. Priority Date: 12/18/2012
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

collecting first attribute data at an endpoint computing device describing attributes of the endpoint computing device at a first instance, wherein the attributes at the first instance indicate that the endpoint computing device is located in a first geographical location at the first instance;

sending the first attribute data over a network to a remote security score generator;

receiving, at the endpoint computing device, first security score data for the endpoint computing device from the remote security score generator corresponding to the first attribute data; and

determining, from the first security score data, a first set of security ratings comprising a respective security rating for each of a plurality of different user activities capable of being performed by a user on the endpoint computing device, wherein each security rating indicates an amount of risk determined to be associated with the corresponding user activity when performed on the endpoint device based at least in part on the endpoint computing device being located in the first geographical location;

causing a graphical dashboard interface to be presented on a display device of the endpoint computing device, the dashboard interface presenting graphical representations of each of the first set of security ratings determined for the plurality of user activities, when the endpoint computing device is in the first geographical location;

collecting second attribute data at the endpoint computing device describing attributes of the endpoint computing device at a second instance, wherein the attributes at the second instance indicate that the endpoint computing device is located in a second geographical location at the second instance;

sending the second attribute data from the endpoint computing device to the remote security score generator;

receiving, at the endpoint computing device, second security score data for the endpoint computing device from the remote security score generator corresponding to the second attribute data;

determining, from the second security score data, a second set of security ratings comprising a respective security rating for each of the plurality of different user activities based at least in part on the endpoint computing device being located in the second geographical location; and

causing the dashboard interface to present graphical representations of each of the second set of security ratings determined for the plurality of user activities, when it is determined that the endpoint computing device is in the second geographical location.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Attribute data of an endpoint computing device is collected that describes attributes of the endpoint computing device. The attribute data is communicated to a security score generator and security score data is received for the endpoint computing device. A graphical dashboard interface is caused to be presented on a display device, the dashboard interface presenting a plurality of security ratings based on the security score data, each security rating representing an amount of risk determined to be associated with a corresponding user activity on the endpoint device in a plurality of user activities.

30 Citations

View as Search Results

23 Claims

1. A method comprising:
- collecting first attribute data at an endpoint computing device describing attributes of the endpoint computing device at a first instance, wherein the attributes at the first instance indicate that the endpoint computing device is located in a first geographical location at the first instance;
  
  sending the first attribute data over a network to a remote security score generator;
  
  receiving, at the endpoint computing device, first security score data for the endpoint computing device from the remote security score generator corresponding to the first attribute data; and
  
  determining, from the first security score data, a first set of security ratings comprising a respective security rating for each of a plurality of different user activities capable of being performed by a user on the endpoint computing device, wherein each security rating indicates an amount of risk determined to be associated with the corresponding user activity when performed on the endpoint device based at least in part on the endpoint computing device being located in the first geographical location;
  
  causing a graphical dashboard interface to be presented on a display device of the endpoint computing device, the dashboard interface presenting graphical representations of each of the first set of security ratings determined for the plurality of user activities, when the endpoint computing device is in the first geographical location;
  
  collecting second attribute data at the endpoint computing device describing attributes of the endpoint computing device at a second instance, wherein the attributes at the second instance indicate that the endpoint computing device is located in a second geographical location at the second instance;
  
  sending the second attribute data from the endpoint computing device to the remote security score generator;
  
  receiving, at the endpoint computing device, second security score data for the endpoint computing device from the remote security score generator corresponding to the second attribute data;
  
  determining, from the second security score data, a second set of security ratings comprising a respective security rating for each of the plurality of different user activities based at least in part on the endpoint computing device being located in the second geographical location; and
  
  causing the dashboard interface to present graphical representations of each of the second set of security ratings determined for the plurality of user activities, when it is determined that the endpoint computing device is in the second geographical location.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein determining the security ratings for each of the plurality of different user activities comprises generating the security ratings from the received security score data.
  - 3. The method of claim 1, wherein the security score generator is remote from the endpoint computing device.
  - 4. The method of claim 1, wherein each user activity maps to one or more known system vulnerabilities and presence of a particular one of the known system vulnerabilities on the endpoint computing device increases risk represented in at least one of the security ratings.
  - 5. The method of claim 4, wherein at least one of the known vulnerabilities is associated with two or more of the user activities.
  - 6. The method of claim 1, wherein the collected attribute data describes a system configuration of the endpoint computing device.
  - 7. The method of claim 1, wherein the collected attribute data describes attributes of a network connection of the endpoint computing device.
  - 8. The method of claim 1, wherein the collected attribute data describes hardware of the endpoint computing device.
  - 9. The method of claim 1, wherein a first user is determined to be using the endpoint computing device at the first instance and a second user is determined to be using the endpoint computing device at the second instance, wherein a first set of security ratings are to be determined for each of the plurality of different user activities as performed by the first user based on the first security score data, a second set of security ratings are to be determined for each of the plurality of different user activities as performed by the second user based on the second security score data, and the graphical representations presented on the graphical dashboard interface are to reflect the first set of security ratings when it is determined that the first user uses the endpoint computing device and reflect the second set of security ratings when it is determined that the second user uses the endpoint computing device.
  - 10. The method of claim 1, wherein at least some of the values of the first set of security ratings are different from values of the second set of security ratings.
  - 11. The method of claim 1, further comprising determining, from the security score data, an aggregate security score for the device, wherein the aggregate security score identifies security of the endpoint computing device relative to other endpoint computing devices and is viewable from the graphical dashboard interface.
  - 12. The method of claim 1, wherein a set of values for each of the plurality of security ratings indicates safety of a corresponding one of the plurality of user activities.

13. At least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
- collect attribute data at an endpoint computing device describing attributes of the endpoint computing device including networks to which the endpoint computing device is connected;
  
  communicate the attribute data to a remote security score generator, wherein first attribute data is communicated by the endpoint device when the endpoint computing device is connected to a first network and second attribute data is communicated by the endpoint device when the endpoint computing device is connected to a second network;
  
  receive, at the endpoint computing device, first and second security score data for the endpoint computing device from the remote security score generator, wherein the first security score data is returned from the security score generator at a first instance and corresponds to the first attribute data, and the second security score data is returned from the security score generator at a second instance and corresponds to the second attribute data;
  
  determine, from the first security score data, a first set of security ratings comprising a respective security rating for each of a plurality of different user activities capable of being performed by a user on the endpoint computing device, wherein each security rating indicates an amount of risk determined to be associated with the corresponding user activity when performed on the endpoint device based at least in part on the endpoint computing device being connected to the first network;
  
  determine, from the second security score data, a second set of security ratings comprising a respective security rating for each of the plurality of different user activities based at least in part on the endpoint computing device being connected to the second network; and
  
  cause a graphical dashboard interface to be presented on a display device of the endpoint computing device, the dashboard interface presenting graphical representations of the sets of security ratings determined for the plurality of user activities, when the endpoint computing device is connected to the first and second networks, respectively.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
- - 14. The storage medium of claim 13, wherein the graphical dashboard interface further includes, for at least the graphical representations of a particular one of the security ratings corresponding to a particular one of the user activities, a corresponding repair button, wherein user selection of the repair button initiates a potential solution for reducing risk associated with the particular user activity.
  - 15. The storage medium of claim 14, wherein the instructions when executed further cause the machine to:
    - identify a particular vulnerability corresponding to the indicated risk associated with the particular user activity; and
      
      identify a countermeasure potentially remedying the particular vulnerability, wherein user selection of the repair button corresponding to the particular vulnerability initiates deployment of the countermeasure.
  - 16. The storage medium of claim 15, wherein initiating a potential solution includes automatically deploying a countermeasure.
  - 17. The storage medium of claim 13, wherein the graphical dashboard interface further includes, for each of the security ratings, a corresponding information button, wherein user selection of one of the information buttons causes information to be presented on the display device relating to a corresponding security rating.
  - 18. The storage medium of claim 17, wherein the information includes a detailed view of endpoint computing device attributes contributing to the corresponding security rating.
  - 19. The storage medium of claim 17, wherein the information includes a description of security ratings for a corresponding user activity.
  - 20. The storage medium of claim 13, wherein the collected attribute data describes an identity of a user of the endpoint computing device.
  - 21. The storage medium of claim 20, wherein the described identity includes historical behavioral attributes of system use of the user, and at least one of the security ratings is based on the historical behavioral attributes of system use of the user.

22. A system comprising:
- at least one processor device;
  
  at least one memory element; and
  
  a security dashboard generator, adapted when executed by the at least one processor device to;
  
  collect attribute data at an endpoint computing device describing attributes of the endpoint computing device including networks to which the endpoint computing device is connected;
  
  communicate the attribute data to a remote security score generator, wherein first attribute data is communicated by the endpoint device when the endpoint computing device is connected to a first network and second attribute data is communicated by the endpoint device when the endpoint computing device is connected to a second network;
  
  receive, at the endpoint computing device, first and second security score data for the endpoint computing device from the remote security score generator, wherein the first security score data is returned from the security score generator at a first instance and corresponds to the first attribute data, and the second security score data is returned from the security score generator at a second instance and corresponds to the second attribute data;
  
  determine, from the first security score data, a first set of security ratings comprising a respective security rating for each of a plurality of different user activities capable of being performed by a user on the endpoint computing device, wherein each security rating indicates an amount of risk determined to be associated with the corresponding user activity when performed on the endpoint device based at least in part on the endpoint computing device being connected to the first network;
  
  determine, from the second security score data, a second set of security ratings comprising a respective security rating for each of the plurality of different user activities based at least in part on the endpoint computing device being connected to the second network; and
  
  cause a graphical dashboard interface to be presented on a display device of the endpoint computing device based on the received security score data, the dashboard interface presenting graphical representations of the sets of security ratings determined for the plurality of user activities, when the endpoint computing device is connected to the first and second networks, respectively.
- View Dependent Claims (23)
- - 23. The system of claim 22, further comprising the security score generator.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Condry, Michael, Schrecker, Sven
Primary Examiner(s)
SHAIFER HARRIMAN, DANT B

Application Number

US13/718,200
Publication Number

US 20140173738A1
Time in Patent Office

1,225 Days
Field of Search

726/25
US Class Current

1/1
CPC Class Codes

G06F 21/568 eliminating virus, restorin...

G06F 21/577 Assessing vulnerabilities a...

User device security profile

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

30 Citations

23 Claims

Specification

Use Cases

Quick Links

Others

User device security profile

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

23 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others