The present invention relates to the technical fields of Computer Security, Mobile Computing, Telecommunications, Digital Communications, and Computer Technology.
The primary advantage of the invention is to enable finely granular control over security policy that governs a wide variety of computing devices, systems, processes, and resources. Furthermore, the invention is not specific to security but can be generalized to any policy that might need to be applied to the use of a resource or an action a user wishes to take.
The invention is motivated by the rapid proliferation of mobile devices that increasingly have greater computing power than ever before. They also have networking capabilities and they interface with other devices and system easily via 802.11 wireless protocols and Bluetooth short range protocols, to name two of the most common. Furthermore, because mobile devices are “mobile”, they are used in different computing contexts all the time, and often, they are used in a computing context once and only once. Therefore, the rules by which these devices operate in novel contexts must by dynamic, yet secure.
Lastly, the new “Internet of Things” (IoT) whereby objects of all types are being configured with lightweight computing and networking capabilities opens a myriad of new issues related to control and security that are unique to that class of computing hardware.
The “attack surface” of computing devices is changing and enlarging, therefore new systems and methods to control and enforce security policy are needed. While U.S. Patent Application 61/673,220 (now Ser. No. 13/945,677, which is incorporated by reference as if fully set forth herein) discloses an invention that is a framework for such control and security, it has shortcomings in the degree to which the system is context or situation-aware. Often, the context of a transaction or task that user wishes to execute is a critical component in determining if it should be allowed and if so, under what stipulations. The present invention addresses this issue and enhances U.S. Patent Application 61/673,220 to include these capabilities.
The level of granularity possible in a policy-based system for access control of mobile computing applications is greatly enhanced if the policy rules that govern the use of resources and approval of transactions can be made context-aware. To be context-aware, the system must not only be able to gather information about the context in which the user is operating, but it must be able to store that information for later use. Context requires a memory.
The present invention solves this problem by adding policy information points (PIPs) to the policy-based access control architecture. Policy decision points (PDPs) adjudicate queries that request approval for transaction or the use of resources. Policy enforcement points (PEPs) act on the decisions of the PDPs to enforce the policy and are associated directly with the resources on the device. Adding PIPs and an Analytical Processing Engine to the architecture allows the system to be aware of the context in which a query is made. The PDPs can then access information in the PIPs as input into the policy rules that are used to adjudicate the query.
The resulting system is far more expressive in the policy rules that can be formed and implemented and the system is able track variables over time, observe tendencies, threshold values, and other critical parameters necessary for highly granular policy rules.
U.S. Patent Application 61/673,220 discloses a system for policy-based access control and management for mobile computing devices (see
The present invention consists of a set of enhancements to the system disclosed in U.S. Patent Application 61/673,220. These enhancements may also have utility in cases and in systems other than those described in the 61/673,220 application. The enhancements disclosed herein pertain to capabilities for a computing device security system to respond to contextual events and information that occur outside or are stored externally to a given computing device that is managed by the system. Such events and information may include recent events and information, as well as older, historical data. Key objectives for the system are to be able to defend managed devices from global, system-wide or otherwise broadly applicable security threats, and to consider in response decisions certain contextual information that may be stored, maintained, or detected outside a system-managed device, such as, but not limited to, employee records, system conditions and alert levels, and environmental conditions.
Individual PIPs may store different information than other PIPs in a given system to suit the policy-based requests that they may need to support from PDPs. By way of non-limiting example, one subject-specific PIP can field requests from a multitude of PDPs. However, scaling of our system for handling large numbers of requests to PIPs can be accomplished by a multitude of PIPs containing identical information, similar, for example, to a RAID 1 configuration of hard disks, wherein any one of a set of identical PIPs can respond to information queries for decision computations for the same set of policies from PDPs.
Of primary importance in the system is the security and confidentiality of the information stored in it. PIPs may contain sensitive personal and corporate data, such as employee records, and other confidential information, and therefore measures are taken in the system to control and limit access to PIPs and the information that they contain.
Communication between PDPs and PIPs is performed by secure network means, such as encrypted traffic over TCP/IP or UDP. PDP access to PIP-stored data is read-only (RO), to prevent compromise of the stored information, and access to specific data can granted if authorized specifically within a given policy.
Write access to PIP-stored data is carefully controlled and is not available to PDPs. Functionality of a given PIP may go beyond storage and data query response capabilities, although those are the main functional goals of the PIP. For example, PIPs may also perform data processing on local data such as analytic functions, calibration against reference or baseline standards, or data type and format conversions. As shown in
Corporate information is often stored in Lightweight Directory Access Protocol (LDAP) directories (see Reinhard & Voglmaier, 2014) which deliver fast data retrieval with granular access control. LDAP-based information storage is well suited for use with PIPs in this system.
As a detailed, non-limiting example of how the system would be used, consider a network of sensors for moisture detection in a building (see
In this example, there are two PEPs, one that serves as a sensor of contextual variables (PEP1), and one that controls a resource (PEP2), a nearby water supply valve. The functionality of PEP2 depends on the values sensed by PEP1. There are two PIPs, PIP1 that associates the identification of PEP1 with a device type and also associates PEP1 values with a set of moisture levels that can be used to determine a status (e.g. dry, damp, flooded). There is also PIP2 that associates the identification of PEP1 with the identification of PEP2. The PDP uses the data returned by PIP1 and PIP2 to reach a policy decision and then sends that policy decision to PEP2. When activated, the PEPs send queries to the PDP indicating the sensor identification and a value of the variable they are sensing. The PDP contacts PIP1 where the sensor identification is associated with the sensor type (e.g. moisture) and the sensor detected values are compared with sensor ranked values (baselines) to determine the degree of moisture present. This comparison returns a state value to the PDP, e.g. “critical state”, in the case of a high moisture level. The PDP contacts PIP2 to obtain information of PEP2, for example a radio controlled water valve ID [number] associated with PEP1. The PDP evaluates the values returned by PIP1 and PIP2 and obtains a policy decision, for example “Close” or “Deny” that should apply to PEP2 (whose functionality depends on PEP1). The PDP sends a policy decision to PEP2. This decision may be pushed by the PDP when PEP2 communicates to the PDP, or it may be done on a regular polling basis, or on demand based on, for example, an administrative query.
The present invention is applicable to any domain where context-aware policy-based control is desirable. Examples were given of mobile device security where the context of the transaction or access to a resource was controlled by the policy-based system but it further used the features of the present invention to collect contextual information in the PIPs for use in adjudicating the query to execute the transaction or to use the resource. Similarly, an example of a moisture sensor network was given to show that the invention has wide applicability. In the example, a sensor array gathers data that is stored over time in the PIPs. The policy-based system then uses that information along with the rules to control the state of a valve.
This non-provisional application claims priority to Provisional Patent Application Ser. No. 62/150,527, entitled “System and Methods for Context-Aware and Situation-Aware Secure, Policy-Based Access Control for Computing Devices” filed Apr. 21, 2015.
Filing Document | Filing Date | Country | Kind |
---|---|---|---|
PCT/US2016/028481 | 4/20/2016 | WO | 00 |
Publishing Document | Publishing Date | Country | Kind |
---|---|---|---|
WO2016/172237 | 10/27/2016 | WO | A |
Number | Name | Date | Kind |
---|---|---|---|
5881225 | Worth | Mar 1999 | A |
6301613 | Ahlstrom | Oct 2001 | B1 |
7140035 | Karch | Nov 2006 | B1 |
7240015 | Karmouch | Jun 2007 | B1 |
7246233 | Brabson et al. | Jul 2007 | B2 |
7400891 | Aaron | Jul 2008 | B2 |
7640429 | Huang et al. | Dec 2009 | B2 |
7797544 | Dillaway | Sep 2010 | B2 |
7941647 | Yates | May 2011 | B2 |
8014721 | Johnson | Sep 2011 | B2 |
8037318 | Tahan | Oct 2011 | B2 |
8127982 | Casey et al. | Mar 2012 | B1 |
8135385 | Ohta | Mar 2012 | B2 |
8176336 | Mao | May 2012 | B1 |
8185959 | Bellwood | May 2012 | B2 |
8230399 | Vertes | Jul 2012 | B2 |
8285249 | Baker et al. | Oct 2012 | B2 |
8321498 | Maes | Nov 2012 | B2 |
8463819 | Shashikumar et al. | Jun 2013 | B2 |
8468586 | Koottayi et al. | Jun 2013 | B2 |
8468608 | Hernacki | Jun 2013 | B1 |
8538843 | Smith | Sep 2013 | B2 |
8688592 | Abramson | Apr 2014 | B1 |
8880047 | Konicek | Nov 2014 | B2 |
8904483 | Martini | Dec 2014 | B1 |
8922372 | Soffer | Dec 2014 | B2 |
9053456 | Verthein | Jun 2015 | B2 |
9391782 | Mironenko | Jul 2016 | B1 |
9411962 | Attfield | Aug 2016 | B2 |
20020101826 | Giacopelli | Aug 2002 | A1 |
20020138814 | Katayama | Sep 2002 | A1 |
20030125925 | Walther | Jul 2003 | A1 |
20040123139 | Aiello | Jun 2004 | A1 |
20040123153 | Wright | Jun 2004 | A1 |
20040204949 | Shaji | Oct 2004 | A1 |
20050132202 | Billaway | Jun 2005 | A1 |
20050193196 | Huang | Sep 2005 | A1 |
20060005239 | Mondri | Jan 2006 | A1 |
20060026548 | Rosener | Feb 2006 | A1 |
20060059565 | Green | Mar 2006 | A1 |
20060150256 | Fanton | Jul 2006 | A1 |
20060236369 | Covington | Oct 2006 | A1 |
20060236385 | Innes | Oct 2006 | A1 |
20070150559 | Smith | Jun 2007 | A1 |
20080085698 | Gamm | Apr 2008 | A1 |
20080086042 | Brister | Apr 2008 | A1 |
20080133914 | Isaacson | Jun 2008 | A1 |
20080184336 | Sarukkai | Jul 2008 | A1 |
20080194233 | Henry | Aug 2008 | A1 |
20080263625 | Gomez | Oct 2008 | A1 |
20090031141 | Pearson | Jan 2009 | A1 |
20090089125 | Sultan | Apr 2009 | A1 |
20090100269 | Naccache | Apr 2009 | A1 |
20090113538 | Eom | Apr 2009 | A1 |
20090193503 | Shevohenko | Jul 2009 | A1 |
20090198617 | Soghoian | Aug 2009 | A1 |
20090204785 | Yates, Jr. et al. | Aug 2009 | A1 |
20090205016 | Milas | Aug 2009 | A1 |
20090228951 | Ramesh | Sep 2009 | A1 |
20090300174 | Floris | Dec 2009 | A1 |
20100023454 | Exton | Jan 2010 | A1 |
20100023703 | Christie | Jan 2010 | A1 |
20100037311 | He | Feb 2010 | A1 |
20100199325 | Raleigh | Aug 2010 | A1 |
20100216429 | Mahajan | Aug 2010 | A1 |
20100250370 | Jones et al. | Sep 2010 | A1 |
20100299717 | Nasirifard | Nov 2010 | A1 |
20110055890 | Gaulin | Mar 2011 | A1 |
20110063098 | Fischer | Mar 2011 | A1 |
20110077758 | Tran | Mar 2011 | A1 |
20110154034 | Bailey, Jr. | Jun 2011 | A1 |
20110173108 | Rjasekar | Jul 2011 | A1 |
20110173122 | Singhal | Jul 2011 | A1 |
20110251958 | Aubin | Oct 2011 | A1 |
20110258692 | Morrison | Oct 2011 | A1 |
20110270751 | Csinger | Nov 2011 | A1 |
20120030731 | Bhargava | Feb 2012 | A1 |
20120129450 | Lee | May 2012 | A1 |
20120197743 | Grigg | Aug 2012 | A1 |
20120214516 | Rosenberg | Aug 2012 | A1 |
20120216012 | Vorbach et al. | Aug 2012 | A1 |
20120216244 | Kumar | Aug 2012 | A1 |
20120270523 | Laudermilch | Oct 2012 | A1 |
20120323596 | Verhulst | Dec 2012 | A1 |
20120323717 | Kirsch | Dec 2012 | A1 |
20130029653 | Baker et al. | Jan 2013 | A1 |
20130031598 | Whelan | Jan 2013 | A1 |
20130080411 | Rolia | Mar 2013 | A1 |
20130111544 | Balinsky | May 2013 | A1 |
20130124567 | Balinsky | May 2013 | A1 |
20130125099 | Budiu | May 2013 | A1 |
20130130650 | Cheung | May 2013 | A1 |
20130145429 | Mendel | Jun 2013 | A1 |
20130179991 | White | Jul 2013 | A1 |
20130212022 | Lanc | Aug 2013 | A1 |
20130253942 | Liu et al. | Sep 2013 | A1 |
20130275746 | Galdwin | Oct 2013 | A1 |
20130298664 | Gillette, II | Nov 2013 | A1 |
20140007193 | Qureshi | Jan 2014 | A1 |
20140013112 | Cidon | Jan 2014 | A1 |
20140096186 | Barton | Apr 2014 | A1 |
20140115659 | Attfield et al. | Apr 2014 | A1 |
20140143089 | Campos | May 2014 | A1 |
20140143149 | Aissi | May 2014 | A1 |
20140173700 | Awan | Jun 2014 | A1 |
20140181290 | Wong | Jun 2014 | A1 |
20140195425 | Campos | Jul 2014 | A1 |
20140279474 | Evan | Sep 2014 | A1 |
20140379361 | Mahakar | Dec 2014 | A1 |
20150046970 | Shimizu | Feb 2015 | A1 |
20150227925 | Filler | Aug 2015 | A1 |
20150278810 | Ramatchandirane | Oct 2015 | A1 |
20150302409 | Malek | Oct 2015 | A1 |
20150312277 | Rane et al. | Oct 2015 | A1 |
20150334133 | Schaffner et al. | Nov 2015 | A1 |
20150350254 | Hendrick et al. | Dec 2015 | A1 |
20150358822 | Hendrick et al. | Dec 2015 | A1 |
20160012216 | Attfield et al. | Jan 2016 | A1 |
20160314296 | Attfield et al. | Oct 2016 | A1 |
20170048714 | Attfield et al. | Feb 2017 | A1 |
20170244759 | Attfield et al. | Aug 2017 | A1 |
Number | Date | Country |
---|---|---|
1339199 | Aug 2003 | EP |
PCTUS06017123 | Jan 2008 | WO |
PCTUS08009313 | Feb 2009 | WO |
WO2015026389 | Feb 2015 | WO |
PCTUS1524932 | Apr 2015 | WO |
PCTUS1527561 | Apr 2015 | WO |
PCTUS1470897 | Dec 2015 | WO |
PCTUS15048526 | Mar 2016 | WO |
PCTUS1628481 | Oct 2016 | WO |
PCTUS16032502 | Nov 2016 | WO |
PCTUS16029144 | Feb 2017 | WO |
Entry |
---|
“Computer Architecture: A Quantitative Approach”, Hennessy J. and Patterson, D., 5th Ed. Morgan Kaufman (2011). |
“Computer Networks”, Tanenbaum, A. Andrew and Wetherall, D., 5th Ed. Prentice Hall (2010). |
“Prolog Programming: A First Course”, BRNA, P. (Mar. 5, 2001). Retrieved from <http://homepages.inf.ed.ac.ud/pbma/prolog book/> on Mar. 16, 2013. |
NFC Forum (2007), “Near Field Communication and the NFC Forum: The Keys to Truly Interoperable Communications” (PDF), http://www.nfc-forum.org, retrieved Oct. 30, 2012. |
Landt, Jeremy (2001), “Shrouds of Time: The history of RFID”, AIM, Inc. pp. 5-7. |
Bluetooth Special Interest Group website, “A Look at the Basics of Bluetooth Wireless Technology”, http:www.bluetooth.com/Pages/Basics.aspx, retrieved Oct. 29, 2012. |
See e.g. H. Schildt, C++—The Complete Reference, 2nd edition, pp. 67-70 McGraw Hill, 1995, ISBN 0-07-882123-1. |
K. Ashton, “That ‘Internet of Things’ Thing”, RFID Journal Jun. 22, 2009 (available online as of Oct. 20, 2013 at http://www.rfidjournal.com/articles/view?4986). |
T. White, Hadoop—The Definitive Guide, O'Reilly, 2009 978-0-596-52197-4. |
Nakamoto, Satoshi. “Bitcoin: A peer-to-peer electronic cash system.” Consulted Jan. 2012 (2008): 28. Obtained from http://www.cryptovest.co.ok/resources/Bitcoin%20paper%20 Original.pdf on Apr. 6, 2015. |
Bitcoin, Inc. “What are multi-signature transactions?”, Obtained from http://bitcoin.stackexchange.com/questions 3718/what-are-multi-signature-transactions on Apr. 6, 2015. |
Verilog, http://www.verilog.comm/, accessed May 12, 2014. |
L. Woods, ZS. Istvan, G. Alonzo Ibex(2014) An Intelligent Storage Engine with Support for Advanced SQL Off-loading. VLDB 2014k, Hangzhou, China, Sep. 2014. |
University of British Columbia, Department of Electrical and Computer Engineering, http://www.ece.ubc.ca//˜edc/379,ian99/lecgureslec 13.pdf, accessed May 2014. |
IEEE P 1076 Working Group. http://www.eda.org/twiki/bin/view.cgi/P1076, accessed May 12, 2014. |
Number | Date | Country | |
---|---|---|---|
20180157858 A1 | Jun 2018 | US |
Number | Date | Country | |
---|---|---|---|
62150527 | Apr 2015 | US |