Methods and systems for sharing risk responses between collections of mobile communications devices
First Claim
Patent Images
1. A method for determining an acceptable risk level for a collection to improve the functioning of mobile communications devices associated with the collection, the method comprising:
- accessing, by a server security component, a security database including risk information received from a plurality of collections, wherein the risk information includes source information that associates the risk information with one or more collections from the plurality;
determining, by the server security component, a risk level for each collection based on the accessed risk information associated with each collection, the determined risk levels including a first risk level associated with a first collection;
determining, by the server security component, an acceptable risk level based on the determined risk levels;
providing, by the server security component to the first collection, the acceptable risk level and the first risk level;
determining, by the server security component, a new first risk level for the first collection based in part on new risk information associated with the first collection;
determining, by the server security component, a new acceptable risk level based on a plurality of determined risk levels;
providing, by the server security component to the first collection, the new acceptable risk level and the new first risk level;
comparing, by the server security component, the new first risk level to the new acceptable risk level; and
,notifying, by the server security component, the first collection when the comparison indicates that the new first risk level is more than a threshold amount greater than the new acceptable risk level.
11 Assignments
0 Petitions
Accused Products
Abstract
Methods are provided for determining an enterprise risk level, for sharing security risk information between enterprises by identifying a security response by a first enterprise and then sharing the security response to a second enterprise when a relationship database profile for the first collection indicates the security response may be shared. Methods are also provided for determining whether to allow a request from an originating device where the request may have been initiated by a remote device.
-
Citations
8 Claims
-
1. A method for determining an acceptable risk level for a collection to improve the functioning of mobile communications devices associated with the collection, the method comprising:
-
accessing, by a server security component, a security database including risk information received from a plurality of collections, wherein the risk information includes source information that associates the risk information with one or more collections from the plurality; determining, by the server security component, a risk level for each collection based on the accessed risk information associated with each collection, the determined risk levels including a first risk level associated with a first collection; determining, by the server security component, an acceptable risk level based on the determined risk levels; providing, by the server security component to the first collection, the acceptable risk level and the first risk level; determining, by the server security component, a new first risk level for the first collection based in part on new risk information associated with the first collection; determining, by the server security component, a new acceptable risk level based on a plurality of determined risk levels; providing, by the server security component to the first collection, the new acceptable risk level and the new first risk level; comparing, by the server security component, the new first risk level to the new acceptable risk level; and
,notifying, by the server security component, the first collection when the comparison indicates that the new first risk level is more than a threshold amount greater than the new acceptable risk level. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for determining whether to allow a network access request, comprising:
-
receiving, by a destination computing device running a destination computing device security component, an access request by a terminal computing device in a series of at least one computing devices, wherein the series begins with an initial computing device, wherein the initial computing device initiates the access request, and wherein the series includes all computing devices used to transmit the access request to the destination computing device; requesting, by the destination computing device security component, terminal source information relating to the access request from a terminal device security component running on the terminal computing device; requesting, by the destination computing device security component, next source information relating to the access request from a next device security component running on a next computing device of the series when the destination computing device security component receives terminal source information from the terminal device security component and the terminal source information indicates that the terminal computing device is trusted, and is not the initiator of the access request, and identifies the next computing device in the series; allowing, by the destination computing device security component, the access request; when the destination computing device security component receives next source information from the next device security component, and when the next source information; indicates that the next computing device is trusted, and indicates that the next computing device is the initial computing device and is not being controlled by a remote device; and repeating, for additional next computing devices, requesting, by the destination computing device security component, additional next source information relating to the initiator of the access request from additional next device security components running on additional next computing devices when the destination computing device security component receives source information from a previous device security component and the previous source information indicates that the previous computing device is trusted, and is not the initiator of the access request, and identifies the additional next computing device in the series, until the destination computing device security component receives additional next source information from an additional next device security component and the additional next source information indicates that the additional next computing device is trusted, and is the initiator of the access request.
-
-
8. A method for determining whether to allow a network access request, comprising:
-
receiving, by a destination computing device running a destination computing device security component, an access request by a terminal computing device in a series of at least one computing devices, wherein the series begins with an initial computing device, wherein the initial computing device is the initiator of the access request, and wherein the access request is transmitted to the destination computing device using the series; requesting, by the destination computing device security component, terminal source information relating to the initiator of the access request from a terminal device security component running on the terminal computing device; requesting, by the destination computing device security component, next source information relating to the initiator of the access request from a next device security component running on a next computing device when the destination computing device security component receives terminal source information from the terminal device security component and the terminal source information indicates that the terminal computing device is trusted, and is not the initiator of the access request, and identifies the next computing device in the series; denying, by the destination computing device security component, the access request; when the destination computing device security component does not receive next source information, or when the destination computing device security component receives next source information from the next device security component and the next source information indicates that the next computing device is the initiator of the access request and indicates that the next computing device in the series is not trusted; and repeating, for additional next computing devices, requesting, by the destination computing device security component, additional next source information relating to the initiator of the access request from additional next device security components running on additional next computing devices when the destination computing device security component receives source information from a previous device security component and the previous source information indicates that the previous computing device is trusted, and is not the initiator of the access request, and identifies the additional next computing device in the series; until the destination computing device security component does not receive additional next source information from an additional next device security component, or until the additional next source information indicates; that the additional next computing device is not trusted, or that the additional next computing device is the initiator of the access request.
-
Specification