Methods and systems for conditionally granting access to services based on the security state of the device requesting access
First Claim
Patent Images
1. A method comprising:
- receiving, by a software component executing on a server, a request from a mobile communications device for access to a provider of a service having a plurality of service levels, each service level allowing a different level of access to the service;
determining, by the software component, a current security state of the mobile communications device by;
processing event security data, generated by the mobile security device regarding security events on the mobile communications device, to determine severity levels for the security events, andusing the determined severity levels to assess the current security state of the mobile communications device;
comparing, by the software component, the current security state of the mobile communications device to a policy associated with the provider, wherein for each service level the policy specifies a minimum security state of a device required for the device to be granted access to the service level;
determining, by the software component from the comparison, that the current security state meets or exceeds the minimum security state for a subset of the plurality of service levels; and
permitting, by the software component, the mobile communications device to access the subset of the plurality of service levels based on the determination that the current security state meets or exceeds the minimum security state required for each service level in the subset.
5 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are provided for conditionally granting access to service levels based on a determined security state of the device requesting access. A software component, upon receiving a request for access to a provider having a plurality of service levels, determines the current security state of the requesting device. The software component compares that security state to a policy associated with the provider. The software component then allows the requesting device access to the provider services where the device'"'"'s current security state meets or exceeds the security state required for the service.
309 Citations
26 Claims
-
1. A method comprising:
-
receiving, by a software component executing on a server, a request from a mobile communications device for access to a provider of a service having a plurality of service levels, each service level allowing a different level of access to the service; determining, by the software component, a current security state of the mobile communications device by; processing event security data, generated by the mobile security device regarding security events on the mobile communications device, to determine severity levels for the security events, and using the determined severity levels to assess the current security state of the mobile communications device; comparing, by the software component, the current security state of the mobile communications device to a policy associated with the provider, wherein for each service level the policy specifies a minimum security state of a device required for the device to be granted access to the service level; determining, by the software component from the comparison, that the current security state meets or exceeds the minimum security state for a subset of the plurality of service levels; and permitting, by the software component, the mobile communications device to access the subset of the plurality of service levels based on the determination that the current security state meets or exceeds the minimum security state required for each service level in the subset. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A non-transitory, computer-readable storage medium having stored thereon a plurality of instructions, which, when executed by a processor of a server, cause the server to:
-
receive a request from a mobile communications device for access to a provider of a service having a plurality of service levels, each service level allowing a different level of access to the service; determine a current security state of the mobile communications device by; processing event security data, generated by the mobile security device regarding security events on the mobile communications device, to determine severity levels for the security events, and using the determined severity levels to assess the current security state of the mobile communications device; compare the current security state of the mobile communications device to a policy associated with the provider, wherein for each service level the policy specifies a minimum security state of a device required for the device to be granted access to the service level; determine from the comparison that the current security state meets or exceeds the minimum security state for a subset of the plurality of service levels; and permitting the mobile communications device to access the subset of the plurality of service levels based on the determination that the current security state meets or exceeds the minimum security state required for each service level in the subset. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A system, comprising a server with at least one processor and memory and instructions that when executed by the at least one processor cause the server to:
-
receive a request from a mobile communications device for access to a provider of a service having a plurality of service levels, each service level allowing a different level of access to the service; determine a current security state of the mobile communications device by; processing event security data, generated by the mobile security device regarding security events on the mobile communications device, to determine severity levels for the security events, and using the determined severity levels to assess the current security state of the mobile communications device; compare the current security state to a policy associated with the provider, the policy specifying, for each service level, a minimum security state of a device required for the device to be granted access to the service level; determine from the comparison that the current security state meets or exceeds the minimum security state for a subset of the plurality of service levels; and grant, to the mobile communications device, access to the subset of the plurality of service levels based on the determination that the current security state meets or exceeds the minimum security state required for each service level in the subset. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26)
-
Specification