Passive based security escalation to shut off of application based on rules event triggering

US 9,794,299 B2
Filed: 03/16/2017
Issued: 10/17/2017
Est. Priority Date: 10/30/2015
Status: Active Grant

First Claim

Patent Images

1. A system for passive based security escalation implementation, the system comprising:

a memory device with a security application stored thereon;

a communication device in operative communication with a communication device associated with a user device over a network; and

a processing device operatively coupled to the memory device and the communication device, wherein the security application, when executed by the processing device, causes the processing device to;

determine an offline period of time for the user device;

generate a security escalation plan for the user device, wherein the security escalation plan comprises a set of rules for security during the offline period of time, wherein the set of rules for security during the offline period of time comprises rules for initiating a shutdown of one or more applications on the user device; and

integrate, over the network, the security escalation plan into a user application on the user device, wherein the user application, when executed by a processor associated with the user device, causes the processor to implement the security escalation plan.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention are directed to a system, method, or computer program product for a passive based security escalation to shut off of applications on a mobile device based on rules. As such, the system may identify, via extraction of data, time periods correlating to events that the user may be offline or inactive with respect to his/her mobile device. Once the time periods are identified, rules are created for the level of security escalation required based on the event. Subsequently, a trigger is identified at a time leading up to the event, where the system integrates with the mobile device and requires additional authentication to access one or more applications. Once the offline event starts, the system initiates a shutdown of the functions of one or more applications on the user'"'"'s mobile device. The system then reinstates the application functionality after the offline event has ended.

175 Citations

18 Claims

1. A system for passive based security escalation implementation, the system comprising:
- a memory device with a security application stored thereon;
  
  a communication device in operative communication with a communication device associated with a user device over a network; and
  
  a processing device operatively coupled to the memory device and the communication device, wherein the security application, when executed by the processing device, causes the processing device to;
  
  determine an offline period of time for the user device;
  
  generate a security escalation plan for the user device, wherein the security escalation plan comprises a set of rules for security during the offline period of time, wherein the set of rules for security during the offline period of time comprises rules for initiating a shutdown of one or more applications on the user device; and
  
  integrate, over the network, the security escalation plan into a user application on the user device, wherein the user application, when executed by a processor associated with the user device, causes the processor to implement the security escalation plan.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system according to claim 1, wherein the security escalation plan further comprises a second set of rules for security before the offline period of time, wherein the second set of rules for security before the offline period of time comprises rules to increase security requirements for accessing the one or more applications on the user device based on a triggering of a time period leading up to the offline period of time.
  - 3. The system according to claim 2, wherein the security escalation plan further comprises a third set of rules for security after the offline period of time, wherein the third set of rules for security after the offline period of time comprises rules for restoring functionality of the one or more applications on the user device based on a triggering of a time period after the offline period of time.
  - 4. The system according to claim 3, wherein the third set of rules for security further comprise rules for restoring standard security requirements for the one or more applications on the user device.
  - 5. The system according to claim 1, wherein determining an offline period of time for the user device is accomplished by the security application further causing the processing device to:
    - extract historical user data associated with a user from one or more external sources; and
      
      identify, from the historical user data, an indication of the offline period of time for the user device, wherein the indication of the offline period of time comprises one or more events that the user is attending at a future time.
  - 6. The system according to claim 1, wherein a user may override the shutdown of the one or more applications on the user device via security authorization.

7. A computer program product for passive based security escalation implementation, the computer program product comprising at least one non-transitory computer-readable medium having computer-readable program code portions embodied therein, the computer-readable program code portions comprising:
- an executable portion configured for determining an offline period of time for a user device;
  
  an executable portion configured for generating a security escalation plan for the user device, wherein the security escalation plan comprises a set of rules for security during the offline period of time, wherein the set of rules for security during the offline period of time comprises rules for initiating a shutdown of one or more applications on the user device;
  
  an executable portion configured for integrating, over a network, the security escalation plan into a user application; and
  
  an executable portion configured for implementing the security escalation plan.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The computer program product according to claim 7, wherein the security escalation plan further comprises a second set of rules for security before the offline period of time, wherein the second set of rules for security before the offline period of time comprises rules for increasing security requirements for accessing the one or more applications on the user device based on a triggering of a time period leading up to the offline period of time.
  - 9. The computer program product according to claim 8, wherein the security escalation plan further comprises a third set of rules for security after the offline period of time, wherein the third set of rules for security after the offline period of time comprises rules for restoring functionality of the one or more applications on the user device based on a triggering of a time period after the offline period of time.
  - 10. The computer program product according to claim 9, wherein the third set of rules for security further comprise rules for restoring standard security requirements for the one or more applications on the user device.
  - 11. The computer program product according to claim 7, wherein the computer readable program code portions further comprise:
    - an executable portion configured for extracting historical user data associated with a user from one or more external sources; and
      
      an executable portion configured for identifying, from the historical user data, an indication of the offline period of time for the user device, wherein the indication of the offline period of time comprises one or more events that the user is attending at a future time.
  - 12. The computer program product according to claim 7, wherein a user may override the shutdown of the one or more applications on the user device via security authorization.

13. A computer-implemented method for passive based security escalation implementation, the method comprising:
- determining an offline period of time for a user device;
  
  generating a security escalation plan for the user device, wherein the security escalation plan comprises a set of rules for security during the offline period of time, wherein the set of rules for security during the offline period of time comprises rules for initiating a shutdown of one or more applications on the user device;
  
  integrating, over a network, the security escalation plan into a user application; and
  
  implementing the security escalation plan.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The computer-implemented method according to claim 13, wherein the security escalation plan further comprises a second set of rules for security before the offline period of time, wherein the second set of rules for security before the offline period of time comprises rules for increasing security requirements for accessing one or more applications on the user device based on a triggering of a time period leading up to the offline period of time.
  - 15. The computer-implemented method according to claim 14, wherein the security escalation plan further comprises a third set of rules for security after the offline period of time, wherein the third set of rules for security after the offline period of time comprises rules for restoring functionality of the one or more applications on the user device based on a triggering of a time period after the offline period of time.
  - 16. The computer-implemented method according to claim 15, wherein the third set of rules for security further comprise rules for restoring standard security requirements for the one or more applications on the user device.
  - 17. The computer-implemented method according to claim 13, the method further comprising:
    - extracting historical user data associated with a user from one or more external sources; and
      
      identifying, from the historical user data, an indication of the offline period of time for the user device, wherein the indication of the offline period of time comprises one or more events that the user is attending at a future time.
  - 18. The computer-implemented method according to claim 13, wherein a user may override the shutdown of the one or more applications on the user device via security authorization.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Votaw, Elizabeth S., Jones-McFadden, Alicia C.
Primary Examiner(s)
DADA, BEEMNET W

Application Number

US15/460,951
Publication Number

US 20170187754A1
Time in Patent Office

215 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/629   to features or functions of...

H04L 63/08   for authentication of entit...

H04L 63/105   Multiple levels of security

H04L 63/205   involving negotiation or de...

H04W 12/06   Authentication

H04W 12/082   using revocation of authori...

H04W 12/37   Managing security policies ...

H04W 12/61   Time-dependent

H04W 12/67   Risk-dependent, e.g. select...

Passive based security escalation to shut off of application based on rules event triggering

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

175 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Passive based security escalation to shut off of application based on rules event triggering

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

175 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links