Risk assessment for software applications

US 9,934,384 B2
Filed: 12/23/2014
Issued: 04/03/2018
Est. Priority Date: 03/08/2012
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, wherein, when executed, the program causes the at least one computing device to at least:

generate an application rating of an application installed on a client device based at least in part on at least one application characteristic corresponding to the application and at least one rating rule;

generate a device rating based at least in part on at least one device characteristic of the client device;

determine a risk analysis of an installation of the application on the client device the risk analysis indicating a degree of security risk associated with the installation of the application on the client device and the risk analysis being based at least in part on;

the application rating,user information associated with one or more users having access to the client device, the user information including a credit rating of a user having access to the client device, andthe device rating; and

perform an action corresponding to the installation of the application, the action being selected from a plurality of actions based at least in part on a comparison of the risk analysis with a predetermined risk criterion.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are various embodiments for assessing risk associated with a software application on a user computing device in an enterprise networked environment. An application rating is generated for the software application based at least in part on application characteristics. A risk analysis for the installation of the application is generated based at least in part on the application rating, the user computing device, and user information.

Citations

20 Claims

1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, wherein, when executed, the program causes the at least one computing device to at least:
- generate an application rating of an application installed on a client device based at least in part on at least one application characteristic corresponding to the application and at least one rating rule;
  
  generate a device rating based at least in part on at least one device characteristic of the client device;
  
  determine a risk analysis of an installation of the application on the client device the risk analysis indicating a degree of security risk associated with the installation of the application on the client device and the risk analysis being based at least in part on;
  
  the application rating,user information associated with one or more users having access to the client device, the user information including a credit rating of a user having access to the client device, andthe device rating; and
  
  perform an action corresponding to the installation of the application, the action being selected from a plurality of actions based at least in part on a comparison of the risk analysis with a predetermined risk criterion.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The non-transitory computer-readable medium of claim 1, wherein the at least one application characteristic includes at least one of:
    - a threat classification of the application, a history of security vulnerabilities associated with the application, an installed version of the application on the client device, or whether the application communicates over a network.
  - 3. The non-transitory computer-readable medium of claim 1, wherein the client device is a specific client device of a plurality of client devices within an enterprise computing network.
  - 4. The non-transitory computer-readable medium of claim 3, wherein the program further causes the at least one computing device to at least determine a number of installations of the application on the plurality of client devices, and wherein the application rating is further based at least in part on the number of installations.
  - 5. The non-transitory computer-readable medium of claim 1, wherein the program further causes the at least one computing device to at least present a risk analysis description of the installation and a request for an identification of a function of the application.

6. A system, comprising:
- at least one computing device; and
  
  at least one application executable in the at least one computing device, wherein, when executed, the at least one application causes the at least one computing device to at least;
  
  determine an application rating of an installed application on a client device based at least in part on at least one characteristic associated with an installation of the application, at least one application characteristic, and at least one rating rule;
  
  generate a risk analysis of an installation of the installed application on the client device, the risk analysis indicating a degree of security risk associated with the installation of the application on the client device and the risk analysis being based at least in part on;
  
  the application rating,user information associated with one or more users having access to the client device, the user information including a credit rating of a user having access to the client device, anddevice information;
  
  determine a particular action from a plurality of actions based at least in part on the degree of security risk and at least one action rule, the at least one action rule indicating the particular action for the risk analysis; and
  
  initiate the particular action.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 7. The system of claim 6, wherein the at least one characteristic associated with the installation of the application comprises a version of the installed application on the client device.
  - 8. The system of claim 6, wherein the at least one rating rule comprises a version criterion of the installed application, and the at least one application further causes the at least one computing device to at least compare the version of the installed application with the version criterion, the application rating indicating a greater security risk when a difference between an installed version and a latest available version exceeds a predetermined threshold defined by the version criterion.
  - 9. The system of claim 6, wherein the at least one application characteristic comprises at least one of:
    - a threat classification of the installed application, a history of security vulnerabilities associated with the installed application, or whether the installed application communicates over a network.
  - 10. The system of claim 6, wherein the at least one application characteristic comprises a protected resource access capability, and the protected resource access capability defines at least whether the installed application has access to at least one of identification information, password information, or payment instrument information.
  - 11. The system of claim 6, wherein the particular action comprises a removal of the installed application from the client device.
  - 12. The system of claim 6, wherein the particular action comprises limiting a network connectivity of the client device to one or more systems that provide an update for the installed application.
  - 13. The system of claim 6, wherein the at least one characteristic associated with the installation of the application further comprises the application communicating over a network.
  - 14. The system of claim 6, wherein the at least one characteristic associated with the installation of the application further comprises the use of escalated privileges by the application.
  - 15. The system of claim 6, wherein the at least one characteristic associated with the installation of the application further comprises usage of mandatory access control requirements by the application.
  - 16. The system of claim 6, wherein the at least one characteristic associated with the installation of the application further comprises usage of virtualization protections by the application.

17. A method, comprising:
- receiving, via at least one of one or more computing devices, a request to analyze a risk of an installation of an application on a client device;
  
  determining, via at least one of the one or more computing devices, a version of the application installed on the client device;
  
  generating, via at least one of the one or more computing devices, an application rating of the application based at least in part on the version, at least one application characteristic, and at least one rating rule;
  
  generating, via at least one of the one or more computing devices, an analysis of the risk of the installation of the application, the analysis indicating a degree of security risk associated with the installation of the application on the client device and the analysis being based at least in part on;
  
  the application rating,the device information, anduser information of one or more users permitted to use the client device, the user information including a credit rating of a user of the one or more users permitted to use the client device; and
  
  initiating, via at least one of the one or more computing device, an action corresponding to the installation of the application based at least in part on the degree of security risk.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17, wherein the client device is a particular client device of a plurality of client devices within a network, and the application rating is based at least in part on a comparison of the version of the application installed on the client device with at least one other version of the application installed on at least one other client device of the plurality of client devices.
  - 19. The method of claim 17, further comprising determining, via at least one of the one or more computing devices, the action to perform based at least in part on a comparison of the degree of security risk with a predefined risk criterion.
  - 20. The method of claim 17, wherein the at least one rating rule comprises at least one allowable version of the application, and the application rating indicates an increased risk when the version of the application installed on the client device differs from the at least one allowable version of the application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Johansson, Jesper M., Hamer, Kenneth L., Hunter, Beau J., Busch, Jeffrey Joseph
Primary Examiner(s)
Homayounmehr, Farid
Assistant Examiner(s)
Harris, Christopher C

Application Number

US14/581,358
Publication Number

US 20150143528A1
Time in Patent Office

1,197 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/033   Test or assess software

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2117   User registration

G06F 2221/2141   Access rights, e.g. capabil...

G06F 8/61   Installation

H04L 63/0876   based on the identity of th...

H04L 63/1433   Vulnerability analysis

H04W 4/02   Services making use of loca...

Risk assessment for software applications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Risk assessment for software applications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links