Methods and apparatus for rating device security and automatically assessing security compliance
US8336080B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jun 26, 2009 |
| Grant date | Dec 18, 2012 |
| Priority date | — |
| Expiry date | Sep 9, 2030 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04W12/37
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Automatic Security Compliance Assessment (ASCA) systems and methods are provided for automatically generating and determining a security rating for a plurality of Settings Objects (SOs), where each of the SOs define particular configurations of subsystems of a wireless computing device. Each SO collectively defines a collection of Values specified for Configurable Attributes that can be used to define a different configuration for a particular subsystem associated with a particular Setting Class that is used to guide the creation of that particular SO. The server can store a group of security rating templates, each of which includes the information needed to determine an expected security rating for any SOs created per a particular Settings Class. For any combination of device settings, the resultant SOs can be used to generate an expected security rating. In addition, a security interaction template (SIT) and security test scripts can be generated that correspond to each particular group of SOs, and can be used to produce an Overall Device Security Rating (ODSR) for that particular group of SOs or a sub-set thereof.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.