Social-graph aware policy suggestion engine

US 9,860,281 B2
Filed: 06/28/2014
Issued: 01/02/2018
Est. Priority Date: 06/28/2014
Status: Active Grant

First Claim

Patent Images

1. A non-transitory machine-readable medium on which are stored instructions, comprising instructions that when executed, cause a programmable device to:

identify a user within a first social network;

collect properties corresponding to a social graph of the user in the first social network;

request a set of security policies from a security policy provider responsive to the collected properties;

receive a set of recommended security policies from the security policy provider; and

configure a computer security software of the programmable device responsive to the recommended set of security policies, wherein the computer security software is programmed to protect a device or a network associated with the user other than the programmable device.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, devices and methods are disclosed to assist in configuring devices and policies to protect a regional network (e.g., home network) and its users. Users on the network are monitored to determine appropriate configuration settings and preferences by utilizing a combination of internally configured information and externally gathered information for each user. For example, externally gathered information may include information obtained about a user from one or more social media Internet sites. Automatically obtained information may be used to provide or augment policy information such that a user'"'"'s preference relative to internet content (e.g., content blocking software configuration) may be achieved without requiring an administrator to individually prepare each users security profile and configuration.

18 Citations

19 Claims

1. A non-transitory machine-readable medium on which are stored instructions, comprising instructions that when executed, cause a programmable device to:
- identify a user within a first social network;
  
  collect properties corresponding to a social graph of the user in the first social network;
  
  request a set of security policies from a security policy provider responsive to the collected properties;
  
  receive a set of recommended security policies from the security policy provider; and
  
  configure a computer security software of the programmable device responsive to the recommended set of security policies, wherein the computer security software is programmed to protect a device or a network associated with the user other than the programmable device.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The machine-readable medium of claim 1, further comprising instructions that when executed cause the programmable device to:
    - identify the user within a second social network;
      
      collect properties corresponding to a social graph of the user in the second social network; and
      
      aggregate the properties corresponding to the social graph of the user in the first social network and the properties corresponding to the social graph of the user in the second social network, wherein the instructions to request a set of security policies comprise instructions that when executed cause the programmable device to request the set of security policies from the security policy provider responsive to the aggregated properties.
  - 3. The machine-readable medium of claim 1, further comprising instructions that when executed cause the programmable device to:
    - identify a device associated with the user; and
      
      identify a security software installed on the device,wherein the instructions that when executed cause the programmable device to request a set of security policies comprise instructions that when executed cause the programmable device to;
      
      request a set of security policies from the security policy provider responsive to the collected properties and the identified security software.
  - 4. The machine-readable medium of claim 1, further comprising instructions that when executed cause the programmable device to:
    - modify the recommended set of security policies based on received modifications.
  - 5. The machine-readable medium of claim 4, further comprising instructions that when executed cause the programmable device to:
    - send the modified recommended set of security policies and the collected properties to the security policy provider.

6. A security appliance, comprising:
- a hardware processor;
  
  a memory, coupled to the processor; and
  
  software, stored on the memory, comprising instructions that when executed cause the processor to;
  
  identify a user within a first social network;
  
  collect properties corresponding to a social graph of the user in the first social network;
  
  request a set of security policies from a security policy provider responsive to the collected properties;
  
  receive a set of recommended security policies from the security policy provider; and
  
  configure the security appliance to enforce the recommended set of security policies to protect a device or a network associated with the user other than the security appliance.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The security appliance of claim 6, wherein the software further comprises instructions that when executed cause the processor to:
    - identify a device associated with the user connected to an external network via the security appliance;
      
      identify a security software installed on the device; and
      
      wherein the instructions that when executed cause the processor to request a set of security policies comprise instructions that when executed cause the processor to;
      
      request a set of security policies from the security policy provider responsive to the collected properties and the identified security software.
  - 8. The security appliance of claim 7, wherein the software further comprises instructions that when executed cause the processor to:
    - send instructions to the security software installed on the device that when executed cause the device to configure the security software to comply with the recommended set of security policies.
  - 9. The security appliance of claim 6, wherein the software further comprises instructions that when executed cause the processor to:
    - receive modifications to the recommended set of security policies; and
      
      send the modifications to the security policy provider.
  - 10. The security appliance of claim 6, wherein the software further comprises instructions that when executed cause the processor to:
    - identify the user within a second social network;
      
      collect properties corresponding to a social graph of the user in the second social network; and
      
      aggregate the properties corresponding to the social graph of the user in the first social network and the properties corresponding to the social graph of the user in the second social network, wherein the instructions to request a set of security policies comprise instructions that when executed cause the processor to request the set of security policies from the security policy provider responsive to the aggregated properties.

11. A security policy provider system, comprising:
- a hardware processor;
  
  memory, coupled to the processor; and
  
  software, stored on the memory, comprising instructions that when executed cause the processor to;
  
  receive properties corresponding to a social graph of a user within a social network of a programmable device from a security gateway device other than the programmable device that protects the programmable device, wherein the security gateway device is separate from the programmable device;
  
  receive a request for security policies from the security gateway device;
  
  determine a recommended set of security policies response to the received properties; and
  
  send the recommended set of security policies to the security gateway device responsive to the request,wherein the recommended set of security policies comprise policies for configuring the security gateway device.
- View Dependent Claims (12, 13, 19)
- - 12. The security policy provider system of claim 11, wherein the recommended set of security policies comprise settings for configuring interaction with the social network.
  - 13. The security policy provider system of claim 11, wherein the properties identify a security software installed on the programmable device.
  - 19. The security policy provider system of claim 11, wherein the instructions further comprise instructions that when executed cause the processor to:
    - obtain security policies from a vendor of security policies.

14. A method of configuring a security gateway appliance, comprising:
- identifying a user within a social network;
  
  collecting properties corresponding to a social graph of the user in the social network;
  
  requesting a set of security policies from a security policy provider responsive to the collected properties;
  
  receiving a set of recommended security policies from the security policy provider; and
  
  configuring the security gateway appliance responsive to the recommended set of security policies to protect a device or a network associated with the user other than the security gateway appliance.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The method of claim 14, further comprising:
    - identifying a device associated with the user connected to an external network via the security gateway appliance; and
      
      identifying a security software installed on the device,wherein requesting a set of security policies comprises requesting a set of security policies responsive to the collected properties and the identified security software.
  - 16. The method of claim 15, further comprising:
    - sending configuration instructions to the security software responsive to the set of recommended security policies.
  - 17. The method of claim 14, further comprising:
    - receiving modifications to the set of recommended security policies; and
      
      sending the modifications to the security policy provider.
  - 18. The method of claim 14,wherein identifying the user within a social network comprises:
    - identifying the user within a plurality of social networks,wherein collecting properties corresponding to the social graph of the user in the social network comprises;
      
      collecting properties corresponding to a social graph of the user in each of the plurality of social networks; and
      
      aggregating the properties, and wherein requesting a set of security policies comprises;
      
      requesting a set of security policies from the security policy provider responsive to the aggregated properties.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, LLC
Inventors
Nair, Jayakrishnan K., Venkateswaran, Prasanna, Hunt, Simon
Primary Examiner(s)
LEUNG, ROBERT B

Application Number

US14/318,637
Publication Number

US 20150381662A1
Time in Patent Office

1,284 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/20 for managing network securi...

H04L 63/205 involving negotiation or de...

Social-graph aware policy suggestion engine

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

18 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Social-graph aware policy suggestion engine

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

18 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links