END USER RISK MANAGEMENT

US 20090178142A1
Filed: 02/05/2009
Published: 07/09/2009
Est. Priority Date: 07/20/2004
Status: Active Grant

First Claim

Patent Images

1. A method for calculating a risk score representing a risk posed by a user to information within a computer system, the method comprising:

determining, by a security agent, a data risk associated with computer system information accessible by a user of the computer system;

determining, by the security agent, an application risk associated with applications executing within the computer system;

calculating, by the security agent, a risk score associated with the user using at least the data risk and the application risk;

analyzing, by the security agent, interactions between the user and the computer system to determine a risk metric for the user interactions; and

updating, by the security agent, the risk score using the determined risk metric.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A flexible, efficient and easy-to-use computer security management system effectively evaluates and responds to informational risks on a wide variety of computing platforms and in a rapidly changing network environment. An individual computer system dynamically monitors its end user, without regard to network connectivity, in order to calculate a risk score and to ensure that the end user'"'"'s behavior does not put corporate information or other assets at risk. Data regarding such risks and responses are analyzed and stored in real-time.

Citations

18 Claims

1. A method for calculating a risk score representing a risk posed by a user to information within a computer system, the method comprising:
- determining, by a security agent, a data risk associated with computer system information accessible by a user of the computer system;
  
  determining, by the security agent, an application risk associated with applications executing within the computer system;
  
  calculating, by the security agent, a risk score associated with the user using at least the data risk and the application risk;
  
  analyzing, by the security agent, interactions between the user and the computer system to determine a risk metric for the user interactions; and
  
  updating, by the security agent, the risk score using the determined risk metric.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising determining a risk level representative of an amount of unsolicited email received by the user.
  - 3. The method of claim 2, wherein calculating the risk score further comprises calculating the risk score using at least the data risk, the application risk and the risk level.
  - 4. The method of claim 1, further comprising displaying the risk score to the user.
  - 5. The method of claim 1, wherein determining the data risk further comprises determining the data risk based in part on a predetermined sensitivity value associated with the computer system information.
  - 6. The method of claim 1, wherein determining the application risk further comprises determining the application risk based in part on a probability that interactions between the user and at least one application will corrupt at least a portion of the computer system information.
  - 7. The method of claim 1, further comprising determining that the risk score exceeds a predetermined threshold and, responsive to the determination, restricting access to computer system information.
  - 8. The method of claim 1, wherein updating the risk score further comprises identifying that the determined risk metric is greater than a previously determined risk metric and, responsive to the identification, increasing the risk score.
  - 9. The method of claim 1, wherein updating the risk score further comprises identifying that the determined risk metric is less than a previously determined risk metric and, responsive to the identification, decreasing the risk score.

10. A system for calculating a risk score representing a risk posed by a user to information in a computer system, the system comprising:
- a computer system comprising at least one computer and having information accessible by a user of the computer system; and
  
  a security agent executing within the computer system to;
  
  determine a data risk associated with the computer system information,determine an application associated with applications executing within the computer system,calculate a risk score associated with the user, using at least the data risk and the application risk,analyze interactions between the user and the computer system to determine a risk metric for the user interactions, andupdate the risk score user using the determined risk metric.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system of claim 10, further comprising a security agent that determines a risk level representative of an amount of unsolicited email received by the user.
  - 12. The system of claim 11, wherein the security agent calculates the risk score using at least the data risk, the application risk and the risk level.
  - 13. The system of claim 10, further comprising a security agent that displays the risk score to the user.
  - 14. The system of claim 10, wherein the security agent determines the data risk based in part on a predetermined sensitivity value associated with the computer system information.
  - 15. The system of claim 10, wherein the security agent determines the application risk based in part on a probability that interactions between the user and at least one application will corrupt at least a portion of the computer system information.
  - 16. The system of claim 10, wherein the security agent determines that the risk score exceeds a predetermined threshold and, responsive to the determination, restricts access to computer system information.
  - 17. The system of claim 10, wherein the security agent updates the risk score by identifying that the determined risk metric is greater than a previously determined risk metric and, responsive to the identification, increases the risk score.
  - 18. The system of claim 10, wherein the security agent updates the risk score by identifying that the determined risk metric is less than a previously determined risk metric and, responsive to the identification, decreases the risk score.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Citrix Systems, Inc. (Cloud Software Group)
Inventors
Norman, Dustin, Lieblich, Jason

Granted Patent

US 7,865,958 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06F 21/577   Assessing vulnerabilities a...

H04L 63/14   for detecting or protecting...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/20   for managing network securi...

END USER RISK MANAGEMENT

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

END USER RISK MANAGEMENT

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links