Systems, methods, and computer program products for adapting the security measures of a communication network based on feedback

US 9,635,059 B2
Filed: 05/27/2016
Issued: 04/25/2017
Est. Priority Date: 07/17/2009
Status: Active Grant

First Claim

Patent Images

1. A method for adapting a security system based on security-related data associated with a communication network, the method comprising steps of:

generating, by a sensor associated with a mobile communication device, a risk variable based on location data associated with the mobile communication device;

transmitting, by the mobile communication device, the location data associated with the mobile communication device to a trust mediator over the communication network;

receiving, by the mobile communication device from the trust mediator communicatively coupled to the mobile communication device by way of the communication network, a determined time interval at which to collect security-related data for the risk variable generated by the sensor based on the location data associated with the mobile communication device;

collecting, by a trust mediator agent associated with the mobile communication device, the security-related data for the risk variable periodically at the determined time interval;

transmitting, by the mobile communication device to the trust mediator over the communication network, the collected security-related data;

receiving, by the mobile communication device, instructions corresponding to a security safeguard modification from the trust mediator over the communication network, the security safeguard modification being based on at least one of the collected security-related data and a predetermined rule; and

modifying, by the trust mediator agent, the security safeguard by executing the instructions received from the trust mediator.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An adaptable network security system includes trust mediator agents that are coupled to each network component. Trust mediator agents continuously detect changes in the security characteristics of the network and communicate the detected security characteristics to a trust mediator. Based on the security characteristics received from the trust mediator agents, the trust mediator adjusts security safeguards to maintain an acceptable level of security. Trust mediator also uses predetermined rules in determining whether to adjust security safeguards. Despite inevitable changes in security characteristics, an acceptable level of security and efficient network operation are achieved without subjecting users of the network to over burdensome security safeguards.

124 Citations

20 Claims

1. A method for adapting a security system based on security-related data associated with a communication network, the method comprising steps of:
- generating, by a sensor associated with a mobile communication device, a risk variable based on location data associated with the mobile communication device;
  
  transmitting, by the mobile communication device, the location data associated with the mobile communication device to a trust mediator over the communication network;
  
  receiving, by the mobile communication device from the trust mediator communicatively coupled to the mobile communication device by way of the communication network, a determined time interval at which to collect security-related data for the risk variable generated by the sensor based on the location data associated with the mobile communication device;
  
  collecting, by a trust mediator agent associated with the mobile communication device, the security-related data for the risk variable periodically at the determined time interval;
  
  transmitting, by the mobile communication device to the trust mediator over the communication network, the collected security-related data;
  
  receiving, by the mobile communication device, instructions corresponding to a security safeguard modification from the trust mediator over the communication network, the security safeguard modification being based on at least one of the collected security-related data and a predetermined rule; and
  
  modifying, by the trust mediator agent, the security safeguard by executing the instructions received from the trust mediator.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising a step of:
    - receiving, by the mobile communication device, a request from the trust mediator for the location data associated with the mobile communication device, the location data being transmitted in response to the request.
  - 3. The method of claim 1, further comprising steps of:
    - updating location data associated with the mobile communication device;
      
      generating, by the sensor associated with the mobile communication device, a second risk variable based on the updated location data;
      
      collecting, by the trust mediator agent, second security-related data for the second risk variable; and
      
      transmitting, by the mobile communication device, the collected second security-related data for the second risk variable to the trust mediator over the communication network.
  - 4. The method of claim 1, further comprising steps of:
    - generating, by the sensor associated with the mobile communication device, a second risk variable based on the collected security-related data;
      
      collecting, by the trust mediator agent, second security-related data for the second risk variable; and
      
      transmitting, by the mobile communication device, the collected second security-related data for the second risk variable to the trust mediator over the communication network.
  - 5. The method of claim 1, wherein the security-related data includes at least one of threat data corresponding to at least one of the plurality of communication network modules, user expectation data, a list of currently running security safeguards, and a protection time provided by the currently running security safeguards.
  - 6. The method of claim 1, further comprising steps of:
    - generating, by the sensor associated with the mobile communication device, a second risk variable based on a security goal;
      
      collecting, by the trust mediator agent, second security-related data for the second risk variable; and
      
      transmitting, by the mobile communication device, the collected second security-related data for the second risk variable to the trust mediator over the communication network.
  - 7. The method of claim 1, wherein the instructions corresponding to a security safeguard modification include at least one of increasing a key length, changing an encryption algorithm, changing an authentication method.

8. A system for adapting a security system based on security-related data associated with a communication network, wherein the system comprises a mobile communication device that includes:
- a sensor;
  
  a trust mediator agent;
  
  a processor; and
  
  a memory device accessible by the processor and storing;
  
  computer code executable by the processor, anddata used by the computer code,wherein the mobile communication device is communicatively coupled to a trust mediator by way of the communication network, andwherein the computer code includes code for;
  
  generating, by the sensor, a risk variable based on location data associated with the mobile communication device;
  
  transmitting, by the mobile communication device, the location data associated with the mobile communication device to a trust mediator over the communication network;
  
  receiving, from the trust mediator, a determined time interval at which to collect security-related data for the risk variable generated by the sensor, based on the location data associated with the mobile communication device;
  
  collecting, by the trust mediator agent, the security-related data for the risk variable periodically at the determined time interval;
  
  transmitting to the trust mediator the collected security-related data;
  
  receiving instructions corresponding to a security safeguard modification from the trust mediator, the security safeguard modification being based on at least one of the collected security-related data and a predetermined rule; and
  
  modifying, by the trust mediator agent, the security safeguard by executing the instructions received from the trust mediator.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the computer code further includes code for:
    - receiving a request for the location data associated with the mobile communication device from the trust mediator, the location data being transmitted in response to the request.
  - 10. The system of claim 8, wherein the computer code further includes code for:
    - updating location data associated with the mobile communication device;
      
      generating, by the sensor, a second risk variable based on the updated location data;
      
      collecting, by the trust mediator agent, second security-related data for the second risk variable; and
      
      transmitting the collected second security-related data for the second risk variable to the trust mediator over the communication network.
  - 11. The system of claim 8, wherein the computer code further includes code for:
    - generating, by the sensor, a second risk variable based on the collected security-related data;
      
      collecting, by the trust mediator agent, second security-related data for the second risk variable; and
      
      transmitting the collected second security-related data for the second risk variable to the trust mediator over the communication network.
  - 12. The system of claim 8, wherein the security-related data includes at least one of threat data corresponding to at least one of the plurality of communication network modules, user expectation data, a list of currently running security safeguards, and a protection time provided by the currently running security safeguards.
  - 13. The system of claim 8, wherein the computer code further includes code for:
    - generating, by the sensor, a second risk variable based on a security goal; and
      
      collecting, by the trust mediator agent, second security-related data for the second risk variable; and
      
      transmitting the collected second security-related data for the second risk variable to the trust mediator over the communication network.
  - 14. The system of claim 8, wherein the instructions corresponding to a security safeguard modification include at least one of increasing a key length, changing an encryption algorithm, changing an authentication method.

15. A non-transitory computer-readable medium having stored thereon sequences of instructions, the sequences of instructions including instructions that, when executed by a computer, cause the computer to:
- generate, by a sensor associated with a mobile communication device, a risk variable based on location data associated with the mobile communication device;
  
  transmit, by the mobile communication device, the location data associated with the mobile communication device to a trust mediator over a communication network;
  
  receive, by the mobile communication device from the trust mediator, a determined time interval at which to collect security-related data for the risk variable generated by the sensor, based on the location data associated with the mobile communication device;
  
  collect, by a trust mediator agent associated with the mobile communication device, the security-related data for the risk variable periodically at the determined time interval;
  
  transmit, by the mobile communication device to the trust mediator over the communication network, the collected security related data;
  
  receive, by the mobile communication device, instructions corresponding to a security safeguard modification to the trust mediator agent via the communication network, the security safeguard modification being based on at least one of the collected security-related data and a predetermined rule; and
  
  modifying, by the trust mediator agent, the security safeguard by executing the instructions received from the trust mediator.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer-readable medium of claim 15, wherein the sequences of instructions further include instructions that, when executed by the computer, cause the computer to:
    - receive, by the mobile communication device, a request from the trust mediator for the location data associated with the mobile communication device, the location data being transmitted in response to the request.
  - 17. The non-transitory computer-readable medium of claim 15, wherein the sequences of instructions further include instructions that, when executed by the computer, cause the computer to:
    - updating the location data associated with the mobile communication device;
      
      generate, by the sensor associated with the mobile communication device, a second risk variable based on the updated location data;
      
      collect, by the trust mediator agent, second security-related data for the second risk variable; and
      
      transmit, by the mobile communication device, the collected second security-related data for the second risk variable to the trust mediator over the communication network.
  - 18. The non-transitory computer-readable medium of claim 15, wherein the sequences of instructions further include instructions that, when executed by the computer, cause the computer to:
    - generate, by the sensor associated with the mobile communication device, a second risk variable based on the collected security-related data;
      
      collect, by the trust mediator agent, second security-related data for the second risk variable; and
      
      transmit, by the mobile communication device, the collected second security-related data for the second risk variable to the trust mediator over the communication network.
  - 19. The non-transitory computer-readable medium of claim 15, wherein the security-related data includes at least one of threat data corresponding to at least one of the plurality of communication network modules, user expectation data, a list of currently running security safeguards, and a protection time provided by the currently running security safeguards.
  - 20. The non-transitory computer-readable medium of claim 15, wherein the instructions corresponding to a security safeguard modification include at least one of increasing a key length, changing an encryption algorithm, changing an authentication method.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Original Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Inventors
Bailey, Jr., Samuel A.
Primary Examiner(s)
ABYANEH, ALI S

Application Number

US15/166,673
Publication Number

US 20160277450A1
Time in Patent Office

333 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/552   involving long-term monitor...

G06F 21/57   Certifying or maintaining t...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/602   Providing cryptographic fac...

G06Q 20/206   comprising security or oper...

G06Q 20/3223   Realising banking transacti...

G06Q 20/382   insuring higher security of...

G06Q 20/40   Authorisation, e.g. identif...

H04L 63/06   for supporting key manageme...

H04L 63/105   Multiple levels of security

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

H04L 63/205   involving negotiation or de...

H04W 12/12   Detection or prevention of ...

Systems, methods, and computer program products for adapting the security measures of a communication network based on feedback

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

124 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems, methods, and computer program products for adapting the security measures of a communication network based on feedback

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

124 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links