Router based securing of internet of things devices on local area networks
First Claim
1. A method implemented on a backend server computer for securing internet of things (IoT) devices on a plurality of local area networks, each one of the plurality of the local area networks comprising a router and multiple computing devices, the method comprising:
- receiving, by the backend server computer from the routers of the multiple ones of the plurality of local area networks, information concerning monitored activities of multiple IoT devices on the multiple ones of the plurality of local area networks;
amalgamating, by the backend server computer, information concerning monitored activities of multiple IoT devices received from the routers of the multiple ones of the plurality of local area networks over time;
calculating, by the backend server computer for each specific IoT device for which information concerning monitored activities is received, a dynamic reputation score quantifying trustworthiness of the specific IoT device, based on at least amalgamated information concerning monitored activities of the specific IoT device;
determining, by the backend server computer for each specific IoT device for which information concerning monitored activities is received, activities the specific IoT device performs in order to execute authorized functionality, based on at least amalgamated information concerning monitored activities of the specific IoT device;
creating a constraint profile for each specific IoT device for which information concerning monitored activities is received, based on at least a corresponding reputation score and corresponding determined activities, by the backend server computer, each constraint profile comprising local area network level directives specifying how to enable the corresponding IoT device to execute authorized functionality while maintaining local area network level security;
wherein creatine a constraint profile for a specific IoT device based on at least a corresponding reputation score and corresponding determined activities further comprises;
testing the specific IoT device for security vulnerabilities; and
configuring the constraint profile to protect against at least one discovered security vulnerability; and
transmitting the created constraint profiles to the routers of the plurality of local area networks, by the backend server computer.
5 Assignments
0 Petitions
Accused Products
Abstract
IoT devices are secured on multiple local area networks. Each local network contains a router which monitors activities of IoT devices, and transmits corresponding information to a backend server. The backend amalgamates this information, calculates dynamic reputation scores, and determines expected authorized activities for specific IoT devices. Based thereon, the backend creates a constraint profile for each IoT device, and transits the constraint profiles to the routers for enforcement. Enforcing a constraint profile can include creating multiples VLANs with varying levels of restricted privileges on a given local area network, and isolating various IoT devices in specific VLANs based on their reputation scores. Constraint profiles can specify to enforce specific firewall rules, and/or to limit an IoT device'"'"'s communication to specific domains and ports, and/or to specific content. The backend continues to receive monitored information concerning IoT devices from multiple routers over time, and periodically updates constraint profiles.
39 Citations
19 Claims
-
1. A method implemented on a backend server computer for securing internet of things (IoT) devices on a plurality of local area networks, each one of the plurality of the local area networks comprising a router and multiple computing devices, the method comprising:
-
receiving, by the backend server computer from the routers of the multiple ones of the plurality of local area networks, information concerning monitored activities of multiple IoT devices on the multiple ones of the plurality of local area networks; amalgamating, by the backend server computer, information concerning monitored activities of multiple IoT devices received from the routers of the multiple ones of the plurality of local area networks over time; calculating, by the backend server computer for each specific IoT device for which information concerning monitored activities is received, a dynamic reputation score quantifying trustworthiness of the specific IoT device, based on at least amalgamated information concerning monitored activities of the specific IoT device; determining, by the backend server computer for each specific IoT device for which information concerning monitored activities is received, activities the specific IoT device performs in order to execute authorized functionality, based on at least amalgamated information concerning monitored activities of the specific IoT device; creating a constraint profile for each specific IoT device for which information concerning monitored activities is received, based on at least a corresponding reputation score and corresponding determined activities, by the backend server computer, each constraint profile comprising local area network level directives specifying how to enable the corresponding IoT device to execute authorized functionality while maintaining local area network level security; wherein creatine a constraint profile for a specific IoT device based on at least a corresponding reputation score and corresponding determined activities further comprises; testing the specific IoT device for security vulnerabilities; and configuring the constraint profile to protect against at least one discovered security vulnerability; and transmitting the created constraint profiles to the routers of the plurality of local area networks, by the backend server computer. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method implemented on a router on a local area network for securing internet of things (IoT) devices, the method comprising:
-
monitoring activities of at least one IoT device on the local area network; transmitting information concerning monitored activities of the at least one IoT device to a backend server computer that receives information concerning monitored activities of multiple IoT devices from multiple local area networks; for the at least one IoT device on the local area network, receiving, from the backend server computer, a corresponding constraint profile comprising local area network level directives specifying how to enable the corresponding IoT device to execute authorized functionality while maintaining local area network level security; wherein the constraint profile for the at least one specific IoT device was created by the backend server computer based on at least a corresponding reputation score and corresponding determined activities, and wherein creating the constraint profile for the at least one specific IoT device further comprises; testing the specific IoT device for security vulnerabilities; and configuring the constraint profile to protect against at least one discovered security vulnerability; and for the at least one IoT device on the local area network, enforcing a corresponding constraint profile. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method implemented on a router on a local area network for securing internet of things (IoT) devices, the At least one non-transitory computer readable medium for securing internet of things (IoT) devices on a plurality of local area networks, by a backend server computer, each one of the plurality of the local area networks comprising a router and multiple computing devices, the at least one non-transitory computer readable medium storing computer executable instructions that, when loaded into computer memory and executed by at least one processor of at least one computing device, cause the at least one computing device to perform the following steps:
-
receiving, by the backend server computer from the routers of the multiple ones of the plurality of local area networks, information concerning monitored activities of multiple IoT devices on the multiple ones of the plurality of local area networks; amalgamating, by the backend server computer, information concerning monitored activities of multiple IoT devices received from the routers of the multiple ones of the plurality of local area networks over time; calculating, by the backend server computer for each specific IoT device for which information concerning monitored activities is received, a dynamic reputation score quantifying trustworthiness of the specific IoT device, based on at least amalgamated information concerning monitored activities of the specific IoT device; determining, by the backend server computer for each specific IoT device for which information concerning monitored activities is received, activities the specific IoT device performs in order to execute authorized functionality, based on at least amalgamated information concerning monitored activities of the specific IoT device; creating a constraint profile for each specific IoT device for which information concerning monitored activities is received, based on at least a corresponding reputation score and corresponding determined activities, by the backend server computer, each constraint profile comprising local area network level directives specifying how to enable the corresponding IoT device to execute authorized functionality while maintaining local area network level security; wherein creating a constraint profile for a specific IoT device based on at least a corresponding reputation score and corresponding determined activities further comprises; testing the specific IoT device for security vulnerabilities; and configuring the constraint profile to protect against at least one discovered security vulnerability; and transmitting the created constraint profiles to the routers of the plurality of local area networks, by the backend server computer.
-
Specification