Controlling enterprise access by mobile devices
First Claim
Patent Images
1. A system comprising:
- at least one component running on at least one server, the at least one component receiving vulnerability data and, for each device of a plurality of devices, device data that includes data of at least one device component, wherein the vulnerability data comprises a set of vulnerability data identified as corresponding to each device of the plurality of devices based on the at least one device component of each device, wherein the device data is received using a first agent of an enterprise when the device data is unique to the device and is otherwise received using a second agent of the at least one server;
a trust score corresponding to each device of the plurality of devices and representing a level of security applied to the device, wherein the trust score is generated by calculating for each vulnerability of each device component of each device a vulnerability trust score that is proportional to a severity rating of each vulnerability, and calculating the trust score of each device by combining the vulnerability trust score of each vulnerability of that device; and
an access control component coupled to the at least one component and controlling access of each device of the plurality of devices to the enterprise using the trust score.
6 Assignments
0 Petitions
Accused Products
Abstract
A system comprising at least one component running on at least one server and receiving vulnerability data and, for each device of a plurality of devices, device data that includes data of at least one device component. The system includes a trust score corresponding to each device of the plurality of devices and representing a level of security applied to the device. The trust score is generated using a severity of the vulnerability data. The system includes an access control component coupled to the at least one component and controlling access of the plurality of devices to an enterprise using the trust score.
-
Citations
77 Claims
-
1. A system comprising:
-
at least one component running on at least one server, the at least one component receiving vulnerability data and, for each device of a plurality of devices, device data that includes data of at least one device component, wherein the vulnerability data comprises a set of vulnerability data identified as corresponding to each device of the plurality of devices based on the at least one device component of each device, wherein the device data is received using a first agent of an enterprise when the device data is unique to the device and is otherwise received using a second agent of the at least one server; a trust score corresponding to each device of the plurality of devices and representing a level of security applied to the device, wherein the trust score is generated by calculating for each vulnerability of each device component of each device a vulnerability trust score that is proportional to a severity rating of each vulnerability, and calculating the trust score of each device by combining the vulnerability trust score of each vulnerability of that device; and an access control component coupled to the at least one component and controlling access of each device of the plurality of devices to the enterprise using the trust score. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76)
-
-
77. A method comprising:
-
receiving vulnerability data and, for each device of a plurality of devices, device data by at least one component running on at least one server, wherein the device data includes data of at least one device component, wherein the vulnerability data comprises a set of vulnerability data identified as corresponding to each device of the plurality of devices based on the at least one device component of each device, wherein the device data is received using a first agent of an enterprise when the device data is unique to the device and is otherwise received using a second agent of the at least one server; generating a trust score corresponding to each device of the plurality of devices and representing a level of security applied to the device, wherein the generating of the trust score includes calculating for each vulnerability of each device component of each device a vulnerability trust score that is proportional to a severity rating of each vulnerability, and calculating the trust score of each device by combining the vulnerability trust score of each vulnerability of that device; and controlling access of the plurality of devices to the enterprise using the trust score hosted at an access control component coupled to the at least one component.
-
Specification