Risk assessment for software applications
First Claim
Patent Images
1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, wherein, when executed, the program causes the at least one computing device to at least:
- generate an application rating of an application installed on a client device based at least in part on at least one application characteristic corresponding to the application and at least one rating rule;
generate a device rating based at least in part on at least one device characteristic of the client device;
determine a risk analysis of an installation of the application on the client device the risk analysis indicating a degree of security risk associated with the installation of the application on the client device and the risk analysis being based at least in part on;
the application rating,user information associated with one or more users having access to the client device, the user information including a credit rating of a user having access to the client device, andthe device rating; and
perform an action corresponding to the installation of the application, the action being selected from a plurality of actions based at least in part on a comparison of the risk analysis with a predetermined risk criterion.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for assessing risk associated with a software application on a user computing device in an enterprise networked environment. An application rating is generated for the software application based at least in part on application characteristics. A risk analysis for the installation of the application is generated based at least in part on the application rating, the user computing device, and user information.
-
Citations
20 Claims
-
1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, wherein, when executed, the program causes the at least one computing device to at least:
-
generate an application rating of an application installed on a client device based at least in part on at least one application characteristic corresponding to the application and at least one rating rule; generate a device rating based at least in part on at least one device characteristic of the client device; determine a risk analysis of an installation of the application on the client device the risk analysis indicating a degree of security risk associated with the installation of the application on the client device and the risk analysis being based at least in part on; the application rating, user information associated with one or more users having access to the client device, the user information including a credit rating of a user having access to the client device, and the device rating; and perform an action corresponding to the installation of the application, the action being selected from a plurality of actions based at least in part on a comparison of the risk analysis with a predetermined risk criterion. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system, comprising:
-
at least one computing device; and at least one application executable in the at least one computing device, wherein, when executed, the at least one application causes the at least one computing device to at least; determine an application rating of an installed application on a client device based at least in part on at least one characteristic associated with an installation of the application, at least one application characteristic, and at least one rating rule; generate a risk analysis of an installation of the installed application on the client device, the risk analysis indicating a degree of security risk associated with the installation of the application on the client device and the risk analysis being based at least in part on; the application rating, user information associated with one or more users having access to the client device, the user information including a credit rating of a user having access to the client device, and device information; determine a particular action from a plurality of actions based at least in part on the degree of security risk and at least one action rule, the at least one action rule indicating the particular action for the risk analysis; and initiate the particular action. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method, comprising:
-
receiving, via at least one of one or more computing devices, a request to analyze a risk of an installation of an application on a client device; determining, via at least one of the one or more computing devices, a version of the application installed on the client device; generating, via at least one of the one or more computing devices, an application rating of the application based at least in part on the version, at least one application characteristic, and at least one rating rule; generating, via at least one of the one or more computing devices, an analysis of the risk of the installation of the application, the analysis indicating a degree of security risk associated with the installation of the application on the client device and the analysis being based at least in part on; the application rating, the device information, and user information of one or more users permitted to use the client device, the user information including a credit rating of a user of the one or more users permitted to use the client device; and initiating, via at least one of the one or more computing device, an action corresponding to the installation of the application based at least in part on the degree of security risk. - View Dependent Claims (18, 19, 20)
-
Specification