Methods and systems for granting access to services based on a security state that varies with the severity of security events
First Claim
Patent Images
1. A method comprising:
- receiving, by a software component executing on a server, a request from a mobile communications device for access to a service provider;
determining, by the software component, a current security state of the mobile communications device by;
processing event security data, generated by the mobile communications device regarding security events on the mobile communications device, to determine severity levels for the security events, andusing the determined severity levels to assess the current security state of the mobile communications device;
comparing, by the software component, the current security state to a policy associated with the service provider, the policy specifying a first minimum security state of a device required for access to the service provider to be granted to the device; and
,by the software component granting access to the service provider only when the comparison results in a determination that the current security state meets the required first minimum security state.
6 Assignments
0 Petitions
Accused Products
Abstract
A software component, upon receiving a request for access to a provider having a plurality of service levels, determines the current security state of the requesting device. The security state of the requesting device varies according to severity levels of device security events. The software component compares that security state to a policy associated with the provider. The software component then allows the requesting device access to the provider services where the device'"'"'s current security state meets or exceeds the security state required for the service.
314 Citations
26 Claims
-
1. A method comprising:
-
receiving, by a software component executing on a server, a request from a mobile communications device for access to a service provider; determining, by the software component, a current security state of the mobile communications device by; processing event security data, generated by the mobile communications device regarding security events on the mobile communications device, to determine severity levels for the security events, and using the determined severity levels to assess the current security state of the mobile communications device; comparing, by the software component, the current security state to a policy associated with the service provider, the policy specifying a first minimum security state of a device required for access to the service provider to be granted to the device; and
,by the software component granting access to the service provider only when the comparison results in a determination that the current security state meets the required first minimum security state. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A non-transitory, computer-readable storage medium having stored thereon a plurality of instructions, which, when executed by a processor of a server, cause the server to:
-
receive a request from a mobile communications device for access to a service provider; determine a current security state of the mobile communications device by; processing event security data, generated by the mobile communications device regarding security events on the mobile communications device, to determine severity levels for the security events, and using the determined severity levels to assess the current security state of the mobile communications device; compare the current security state to a policy associated with the service provider, the policy specifying a first minimum security state of a device required for access to the service provider to be granted to the device; and
grant access to the service provider only when the comparison results in a determination that the current security state meets the required first minimum security state. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 21)
-
-
19. A system, comprising a server with at least one processor and memory and instructions that when executed by the at least one processor cause the server to:
-
receive a request from a mobile communications device for access to a service provider; determine a current security state of the mobile communications device by; processing event security data, generated by the mobile communications device regarding security events on the mobile communications device, to determine severity levels for the security events, and using the determined severity levels to assess the current security state of the mobile communications device; compare the current security state to a policy associated with the service provider, the policy specifying a first minimum security state of a device required for access to the service provider to be granted to the device; and
grant access to the service provider only when the comparison results in a determination that the current security state meets the required first minimum security state. - View Dependent Claims (20, 22, 23, 24, 25, 26)
-
Specification