Providing application-specific threat metrics
First Claim
1. A method for use with a first mobile device application (first app) suitable for running on devices of at least a first device type, the method comprising:
- collecting first-device-type risk-relevant data associated with a first app from a first plurality of devices, with each device of the first plurality of devices being of the first device type;
analyzing the first-device-type risk-relevant data to generate first-device-type risk characteristic data corresponding to the first device type;
associating the first-device-type risk characteristic data as first risk metadata with the first app;
collecting, for each device type of a set of device type(s) corresponding to the app, device-type-specific risk-relevant risk data associated with the app and a respective device type;
analyzing, for each device type of the set of device type(s) corresponding to the app, a respectively corresponding device-type-specific risk-relevant data to generate respectively corresponding device-type-specific risk characteristic data associated with the app and the respective device type; and
associating, for each device type of the set of device type(s) corresponding to the app, the respectively corresponding device-type-specific risk characteristic data as device-type specific risk metadata with the app;
wherein;
the first app is one of a plurality of apps that is used by members of an enterprise; and
each app of the plurality of apps is suitable for running on a respectively corresponding set of device type(s).
1 Assignment
0 Petitions
Accused Products
Abstract
Assessment of threat risks associated with a given mobile device application (app) on a device type specific basis, so that the threat assessment is specific to a particular device type that is suitable for running the given app. The assessed device-type-specific risk is represented as device-type-specific risk metadata, which is associated as metadata with the given app. For example, the metadata may be stored along with the given app in a common repository that includes many apps. In some embodiments, the device-type-specific risk metadata is generated and stored comprehensively for all apps and device types used in an enterprise. The device-type-specific risk assessment, and corresponding device-type-specific risk metadata, may be based upon run time behavior of the given app on a given device type.
-
Citations
18 Claims
-
1. A method for use with a first mobile device application (first app) suitable for running on devices of at least a first device type, the method comprising:
-
collecting first-device-type risk-relevant data associated with a first app from a first plurality of devices, with each device of the first plurality of devices being of the first device type; analyzing the first-device-type risk-relevant data to generate first-device-type risk characteristic data corresponding to the first device type; associating the first-device-type risk characteristic data as first risk metadata with the first app; collecting, for each device type of a set of device type(s) corresponding to the app, device-type-specific risk-relevant risk data associated with the app and a respective device type; analyzing, for each device type of the set of device type(s) corresponding to the app, a respectively corresponding device-type-specific risk-relevant data to generate respectively corresponding device-type-specific risk characteristic data associated with the app and the respective device type; and associating, for each device type of the set of device type(s) corresponding to the app, the respectively corresponding device-type-specific risk characteristic data as device-type specific risk metadata with the app; wherein; the first app is one of a plurality of apps that is used by members of an enterprise; and each app of the plurality of apps is suitable for running on a respectively corresponding set of device type(s). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program product for use with a first mobile device application (first app) suitable for running on devices of at least a first device type, the computer program product comprising a non-transitory computer readable storage medium having stored thereon:
-
first program instructions programmed to collect first-device-type risk-relevant data associated with the first app from a first plurality of devices, with each device of the first plurality of devices being of the first device type; second program instructions programmed to analyze the first-device-type risk-relevant data to generate first-device-type risk characteristic data corresponding to the first device type; third program instructions programmed to associate the first-device-type risk characteristic data as first risk metadata with the first app; fourth program instructions programmed to collect, for each device type of a set of device type(s) corresponding to the app, device-type-specific risk-relevant risk data associated with the app and a respective device type; fifth program instructions programmed to analyze, for each device type of the set of device type(s) corresponding to the app, a respectively corresponding device-type-specific risk-relevant data to generate respectively corresponding device-type-specific risk characteristic data associated with the app and a respective device type; and sixth program instructions programmed to associate, for each device type of the set of device type(s) corresponding to the app, a respectively corresponding device-type-specific risk characteristic data as device-type specific risk metadata with the app; wherein; the first app is one of a plurality of apps that is used by members of an enterprise; and each app of the plurality of apps is suitable for running on a respectively corresponding set of device type(s). - View Dependent Claims (10, 11, 12, 13)
-
-
14. A computer system for use with a first mobile device application (first app) suitable for running on devices of at least a first device type, the non-transitory computer system comprising:
-
a processor(s) set; and a computer readable storage medium; wherein; the processor(s) set is structured, located, connected and/or programmed to run program instructions stored on the computer readable storage medium; and the program instructions include; first program instructions programmed to collect first-device-type risk-relevant data associated with the first app from a first plurality of devices, with each device of the first plurality of devices being of the first device type, second program instructions programmed to analyze the first-device-type risk-relevant data to generate first-device-type risk characteristic data corresponding to the first device type, third program instructions programmed to associate the first-device-type risk characteristic data as first risk metadata with the first app, fourth program instructions programmed to collect, for each device type of a set of device type(s) corresponding to the app, device-type-specific risk-relevant risk data associated with the app and a respective device type, fifth program instructions programmed to analyze, for each device type of the set of device type(s) corresponding to the app, a respectively corresponding device-type-specific risk-relevant data to generate respectively corresponding device-type-specific risk characteristic data associated with the app and a respective device type, and sixth program instructions programmed to associate, for each device type of the set of device type(s) corresponding to the app, a respectively corresponding device-type-specific risk characteristic data as device-type specific risk metadata with the app; wherein; the first app is one of a plurality of apps that is used by members of an enterprise; and each app of the plurality of apps is suitable for running on a respectively corresponding set of device type(s). - View Dependent Claims (15, 16, 17, 18)
-
Specification