Multi-Dimensional Reputation Scoring
First Claim
Patent Images
1. A computer implemented method operable to assign a reputation to a communications entity associated with a received communication, comprising:
- arranging a plurality of agents within a network, the plurality of agents being associated with a security device operable to protect an associated network from communications that violate a policy associated with the associated network;
collecting data associated with entities originating communications, wherein collecting data comprises using the plurality of agents to collect data associated with the communications;
aggregating the collected data;
analyzing the aggregated data to identify attributes respectively associated with entities originating communications;
correlating the attributes to identify relationships between entities;
updating a reputation associated with one or more entities based upon the relationship to one or more other entities identified by correlating the attributes; and
communicating updated reputation information to one or more of the plurality of agents.
11 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for assigning reputation to communications entities include collecting communications data from distributed agents, aggregating the communications data, analyzing the communications data and identifying relationships between communications entities based upon the communications data.
258 Citations
62 Claims
-
1. A computer implemented method operable to assign a reputation to a communications entity associated with a received communication, comprising:
-
arranging a plurality of agents within a network, the plurality of agents being associated with a security device operable to protect an associated network from communications that violate a policy associated with the associated network; collecting data associated with entities originating communications, wherein collecting data comprises using the plurality of agents to collect data associated with the communications; aggregating the collected data; analyzing the aggregated data to identify attributes respectively associated with entities originating communications; correlating the attributes to identify relationships between entities; updating a reputation associated with one or more entities based upon the relationship to one or more other entities identified by correlating the attributes; and communicating updated reputation information to one or more of the plurality of agents. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer implemented method operable to assign a reputation to a communications entity associated with a received communication, comprising:
-
collecting data associated with entities originating communications, wherein collecting data comprises receiving data from a plurality of agents to collect data associated with the communications; aggregating the collected data; analyzing the aggregated data to identify attributes respectively associated with entities originating communications; correlating the attributes to identify relationships between entities; updating a reputation associated with one or more entities based upon the relationship to one or more other entities identified by correlating the attributes; and handling communications based upon the updated reputation information.
-
-
21. A distributed system operable to derive and communicate a reputation associated with a communications entity, comprising:
-
a communications interface operable to communicate with a plurality of agents arranged within a global network, the plurality of agents being operable to derive local reputations associated with entities from which communications are received, wherein the plurality of agents are further operable to collect data associated with received communications; one or more data aggregation engines operable to aggregate the collected data via the communications interface; an analyzer operable to analyze the data to identify attributes respectively associated with entities originating the received communications; a correlation engine operable to correlate the attributes of the entities and to identify relationships between the entities; a reputation engine operable to identify relationships between the entities and to update reputations associated with one or more entities based upon its relationship to one or more other entities; and wherein the communications interface is further operable to communicate updated reputation information to devices operating on the global network. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
40. A system operable to derive a reputation associated with a communications entity, comprising:
-
a communications interface operable to receive information from a plurality of agents or a central server within a global network, the plurality of agents being operable to collect data associated with received communications; one or more data aggregation engines operable to aggregate the received information from the communications interface; an analyzer operable to analyze the received information to identify attributes respectively associated with entities originating the received communications; a correlation engine operable to correlate the attributes of the entities and to identify relationships between the entities; a reputation engine operable to identify relationships between the entities and to update reputations associated with one or more entities based upon its relationship to one or more other entities; and a traffic control engine operable to determine handling associated with a communication based upon the updated reputations.
-
-
41. A system comprising:
-
a security control interface operable to produce a plurality of security control representations, each of the plurality of security control representations being operable to control a plurality of security settings associated with a protected entity; and a policy control interface operable to produce a plurality of policy control representations, each of the plurality of policy control representations being operable to control a plurality of policy settings associated with a protected entity; a filtering module operable to filter one or more communication streams based upon the plurality of security settings and based upon the plurality of policy settings. - View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54)
-
-
55. A computer implemented method comprising:
-
receiving a plurality of ranges from an administrator; providing a security control interface to a user, the security control interface comprising a plurality of security control representations associated with security controls, each of the security control mechanisms including an associated range from among the plurality of ranges, the associated range defining a minimum and maximum setting associated with the respective security controls; receiving a plurality of security control settings from the user through the security control interface; adjusting a plurality of thresholds related to plurality of control settings received from the user, the plurality of thresholds being associated with tolerance for a classification of potential security violation; and filtering communications streams from a protected entity associated with the user based upon the plurality of thresholds. - View Dependent Claims (56, 57, 58, 59, 60, 61)
-
-
62. One or more computer readable media having software program code operable to enable filter adjustments for incoming and outgoing communications streams, comprising:
-
receiving a plurality of ranges from an administrator; providing a security control interface to a user, the security control interface comprising a plurality of security control representations associated with a plurality of security control settings, each of the security control mechanisms including an associated range from among the plurality of ranges, the associated range defining a minimum and maximum setting associated with the respective security controls; receiving input from the user through the security control interface, the input requesting adjustment of the security control settings; adjusting a plurality of thresholds related to plurality of control settings received from the user, the plurality of thresholds being associated with tolerance for a classification of potential security violation; and filtering communications streams from a protected entity associated with the user based upon the plurality of thresholds.
-
Specification