Device communication based on device trustworthiness
First Claim
1. A method comprising:
- requesting, by a user device, one or more trustworthiness attributes of a target device before exchanging data with the target device;
receiving the one or more trustworthiness attributes of the target device;
determining, based on the received one or more trustworthiness attributes of the target device, a set of one or more security policies to enforce on a communication channel used for exchanging data between the user device and the target device, wherein the set of one or more security policies is determined by determining a trustworthiness score of the target device based on the received one or more trustworthiness attributes of the target device, and determining a trust level of the target device based on the trustworthiness score; and
establishing the communication channel between the user device and the target device according to the set of one or more security policies,wherein when the trust level of the target device corresponds to a first trust level, the set of one or more security policies includes at least one of using a first encryption algorithm to encrypt the data being exchanged on the communication channel, and digitally signing the data being exchanged on the communication channel, and when the trust level of the target device corresponds to a second trust level, the set of one or more security policies includes at least one of using a second encryption algorithm that is different than the first encryption algorithm to encrypt the data being exchanged on the communication channel.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for assessing the trustworthiness of a target device that a user device is attempting to communicate with are described. A user device may request one or more trustworthiness attributes of a target device before exchanging data with the target device. The user device may receive the one or more trustworthiness attributes of the target device, and determine, based on the received one or more trustworthiness attributes of the target device, a set of one or more security policies to enforce on a communication channel used for exchanging data between the user device and the target device. A communication channel between the user device and the target device can then be established according to the set of one or more security policies.
56 Citations
18 Claims
-
1. A method comprising:
-
requesting, by a user device, one or more trustworthiness attributes of a target device before exchanging data with the target device; receiving the one or more trustworthiness attributes of the target device; determining, based on the received one or more trustworthiness attributes of the target device, a set of one or more security policies to enforce on a communication channel used for exchanging data between the user device and the target device, wherein the set of one or more security policies is determined by determining a trustworthiness score of the target device based on the received one or more trustworthiness attributes of the target device, and determining a trust level of the target device based on the trustworthiness score; and establishing the communication channel between the user device and the target device according to the set of one or more security policies, wherein when the trust level of the target device corresponds to a first trust level, the set of one or more security policies includes at least one of using a first encryption algorithm to encrypt the data being exchanged on the communication channel, and digitally signing the data being exchanged on the communication channel, and when the trust level of the target device corresponds to a second trust level, the set of one or more security policies includes at least one of using a second encryption algorithm that is different than the first encryption algorithm to encrypt the data being exchanged on the communication channel. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A user device comprising:
-
communication circuitry for implementing a communication channel used for exchanging data with a target device; one or more processors; and one or more memories coupled to the one or more processors and including executable code which when executed by the one or more processors causes the user device to; request one or more trustworthiness attributes of a target device before establishing the communication channel with the target device; receive the one or more trustworthiness attributes of the target device; determine, based on the received one or more trustworthiness attributes of the target device, a set of one or more security policies to enforce on the communication channel when exchanging data with the target device, wherein the set of one or more security policies is determined by determining a trustworthiness score of the target device based on the received one or more trustworthiness attributes of the target device, and determining a trust level of the target device based on the trustworthiness score; establish the communication channel using the communication circuitry after determining the set of one or more security policies; and enforce the set of one or more security policies on the communication channel when exchanging data with the target device, wherein when the trust level of the target device corresponds to a first trust level, the set of one or more security policies includes at least one of using a first encryption algorithm to encrypt the data being exchanged on the communication channel, and digitally signing the data being exchanged on the communication channel, and when the trust level of the target device corresponds to a second trust level, the set of one or more security policies includes at least one of using a second encryption algorithm that is different than the first encryption algorithm to encrypt the data being exchanged on the communication channel, and not digitally signing the data being exchanged on the communication channel. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method comprising:
-
receiving, by a target device, a request from a user device for one or more trustworthiness attributes of the target device before exchanging data with a user device; determining the one or more trustworthiness attributes of the target device; sending the determined one or more trustworthiness attributes of the target device to the user device; receiving one or more security policies to enforce on a communication channel used for exchanging data between the user device and the target device, wherein the set of one or more security policies is determined by determining a trustworthiness score of the target device based on the received one or more trustworthiness attributes of the target device, and determining a trust level of the target device based on the trustworthiness score; and establishing the communication channel between the user device and the target device according to the one or more security policies, wherein when the trust level of the target device corresponds to a first trust level, the set of one or more security policies includes at least one of using a first encryption algorithm to encrypt the data being exchanged on the communication channel, and digitally signing the data being exchanged on the communication channel, and when the trust level of the target device corresponds to a second trust level, the set of one or more security policies includes at least one of using a second encryption algorithm that is different than the first encryption algorithm to encrypt the data being exchanged on the communication channel. - View Dependent Claims (17, 18)
-
Specification