USRE49634EActiveUtility

System and method for determining the risk of vulnerabilities on a mobile communications device

85
Assignee: LOOKOUT INCPriority: Nov 18, 2009Filed: Aug 2, 2021Granted: Aug 29, 2023
Est. expiryNov 18, 2029(~3.4 yrs left)· nominal 20-yr term from priority
H04L 12/4641H04W 12/069H04L 63/0272H04W 84/045H04L 63/1433G06F 21/577H04W 12/128H04W 12/12
85
PatentIndex Score
1
Cited by
262
References
47
Claims

Abstract

The invention is a system and method for identifying, assessing, and responding to vulnerabilities on a mobile communication device. Information about the mobile communication device, such as its operating system, firmware version, or software configuration, is transmitted to a server for assessment. The server accesses a data storage storing information about vulnerabilities. Based on the received information, the server may identify those vulnerabilities affecting the mobile communication device, and may transmit a notification to remediate those vulnerabilities. The server may also transmit result information about the vulnerabilities affecting the mobile communication device. The server may also store the received information about the device, so that in the event the server learns of new vulnerabilities, it may continue to assess whether the device is affected, and may accordingly notify or remediate the device. The server may provide an interface for an administrator to manage the system and respond to security issues.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A method comprising:
 a) providing at least one server that accesses a data storage storing a plurality of sets of vulnerability information;   b) receiving, at the at least one server, a set of vulnerability identification information about a mobile communication device;   c) correlating, by the at least one server, the received set of vulnerability identification information to at least one of the plurality of sets of vulnerability information to generate a first set of result information; and,   d) transmitting, by the at least one server, the first set of result information.   
     
     
       2. The method of  claim 1 , wherein the vulnerability identification information is information selected from the group consisting of an operating system type, an operating system version, a firmware version, a device model, carrier information, authentication information, user information, configuration information for the mobile communication device, hardware information, a list of files, a list of software components, a list of libraries, and a list of software applications on the mobile communication device. 
     
     
       3. The method of  claim 1 , wherein vulnerability information is information selected from the group consisting of a name, a description, a remediation instruction, a severity rating, a security impact summary, and a criterion for being vulnerable. 
     
     
       4. The method of  claim 1 , further comprising the step of:
 e) transmitting, by the at least one server to the mobile communication device, a notification about the first set of result information.   
     
     
       5. The method of  claim 4 , wherein the notification includes an instruction related to the first set of result information. 
     
     
       6. The method of  claim 1 , further comprising the steps of:
 e) updating at least one of the plurality of sets of vulnerability information on the data storage to form a plurality of updated sets of vulnerability information;   f) after the step of transmitting, by the at least one server, the first set of result information, correlating, by the at least one server, the received set of vulnerability identification information to the plurality of updated sets of vulnerability information to generate a second set of result information; and,   g) transmitting, by the at least one server, the second set of result information.   
     
     
       7. The method of  claim 1 , further comprising the steps of:
 e) updating at least one of the plurality of sets of vulnerability information on the data storage to form a plurality of updated sets of vulnerability information;   f) after the step of transmitting, by the at least one server, the first set of result information, correlating, by the at least one server, the received set of vulnerability identification information to the plurality of updated sets of vulnerability information to generate a second set of result information; and,   g) transmitting, by the at least one server to the mobile communication device, a notification about the second set of result information.   
     
     
       8. The method of  claim 1 , further comprising the steps of:
 e) receiving, at the data storage, a new set of vulnerability information to form an updated plurality of sets of vulnerability information;   f) after the step of transmitting, by the at least one server, the first set of result information, correlating, by the at least one server, the received set of vulnerability identification information to the updated plurality of sets of vulnerability information to generate a second set of result information; and,   g) transmitting, by the at least one server, the second set of result information.   
     
     
       9. The method of  claim 1 , further comprising the steps of:
 e) receiving, at the data storage, a new set of vulnerability information to form an updated plurality of sets of vulnerability information;   f) after the step of transmitting, by the at least one server, the first set of result information, correlating, by the at least one server, the received set of vulnerability identification information to the updated plurality of sets of vulnerability information to generate a second set of result information; and,   g) transmitting, by the at least one server to the mobile communication device, a notification about the second set of result information.   
     
     
       10. A method comprising:
 a) transmitting, from a mobile communication device, a set of vulnerability identification information to at least one server that accesses a data storage storing a plurality of sets of vulnerability information; and,   b) receiving, at the mobile communication device from the at least one server, a first set of result information that correlates to the transmitted set of vulnerability identification information.   
     
     
       11. The method of  claim 10 , wherein the vulnerability identification information is information selected from the group consisting of an operating system type, an operating system version, a firmware version, a device model, carrier information, authentication information, user information, configuration information for the mobile communication device, hardware information, a list of files, a list of software components, a list of libraries, and a list of software applications on the mobile communication device. 
     
     
       12. The method of  claim 10 , wherein vulnerability information is information selected from the group consisting of a name, a description, a remediation instruction, a severity rating, a security impact summary, and a criterion for being vulnerable. 
     
     
       13. The method of  claim 10 , further comprising the step of:
 c) receiving, at the mobile communication device from the at least one server, a notification about the first set of result information.   
     
     
       14. The method of  claim 13 , wherein the notification includes an instruction related to the first set of result information. 
     
     
       15. The method of  claim 13 , further comprising the step of:
 d) displaying, on the mobile communication device, at least a portion of the received notification.   
     
     
       16. The method of  claim 10 , further comprising the step of:
 c) receiving, at the mobile communication device from the at least one server, a notification about a second set of result information.   
     
     
       17. A method comprising:
 a) providing at least one server that accesses a data storage storing a plurality of sets of vulnerability information;   b) receiving, at the at least one server, a first set of vulnerability identification information about a first mobile communication device;   c) correlating, by the at least one server, the first set of vulnerability identification information to at least one of the plurality of sets of vulnerability information to generate a first set of result information; and,   d) transmitting, by the at least one server, the first set of result information;   e) receiving, at the at least one server, a second set of vulnerability identification information about a second mobile communication device, wherein the second set of vulnerability identification information differs from the first set of vulnerability identification information;   f) correlating, by the at least one server, the second set of vulnerability identification information to at least one of the plurality of sets of vulnerability information to generate a second set of result information; and,   g) transmitting, by the at least one server, the second set of result information.   
     
     
       18. The method of  claim 17 , wherein the vulnerability identification information is information selected from the group consisting of an operating system type, an operating system version, a firmware version, a device model, carrier information, authentication information, user information, configuration information for the mobile communication device, hardware information, a list of files, a list of software components, a list of libraries, and a list of software applications on the mobile communication device. 
     
     
       19. The method of  claim 17 , wherein vulnerability information is information selected from the group consisting of a name, a description, a remediation instruction, a severity rating, a security impact summary, and a criterion for being vulnerable. 
     
     
       20. A system comprising:
 a data storage storing a plurality of sets of vulnerability information;   a server for accessing the data storage, for receiving one or more sets of vulnerability identification information about one or more mobile communication devices, for correlating the one or more sets of received vulnerability identification information to at least one of the plurality of sets of vulnerability information to generate one or more sets of result information, for transmitting the one or more sets of result information, and for transmitting one or more notifications about the one or more sets of result information; and,   a network connecting the at least one server, data storage, and the plurality of mobile communication devices.   
     
     
       21. The system of  claim 20 , further comprising a user interface for monitoring the plurality of mobile communication devices to identify which of the plurality of mobile communication devices is vulnerable. 
     
     
       22. The system of  claim 20 , wherein vulnerability information is information selected from the group consisting of a name, a description, one or more remediation instructions, a severity rating, a security impact summary, and one or more criteria for being vulnerable. 
     
     
       23. A method comprising:
 a) providing at least one server that accesses a data storage storing a plurality of sets of vulnerability information;   b) receiving, at the at least one server, a set of vulnerability identification information about a mobile communication device;   c) correlating, by the at least one server, the received set of vulnerability identification information to at least one of the plurality of sets of vulnerability information to generate a first set of result information; and,   d) transmitting, by the at least one server to the mobile communication device, a notification about the first set of result information.   
     
     
       24. The method of  claim 23 , wherein the vulnerability identification information is information selected from the group consisting of an operating system type, an operating system version, a firmware version, a device model, carrier information, authentication information, user information, configuration information for the mobile communication device, hardware information, a list of files, a list of software components, a list of libraries, and a list of software applications on the mobile communication device. 
     
     
       25. The method of  claim 23 , wherein vulnerability information is information selected from the group consisting of a name, a description, a remediation instruction, a severity rating, a security impact summary, and a criterion for being vulnerable. 
     
     
       26. The method of  claim 23 , further comprising the steps of:
 e) receiving, at the data storage, a new set of vulnerability information to form an updated plurality of sets of vulnerability information;   f) correlating, by the at least one server, the received set of vulnerability identification information to the updated plurality of sets of vulnerability information to generate a second set of result information; and,   g) transmitting, by the at least one server, the second set of result information.   
     
     
       27. The method of  claim 23 , further comprising the steps of:
 e) receiving, at the data storage, a new set of vulnerability information to form an updated plurality of sets of vulnerability information;   f) correlating, by the at least one server, the received set of vulnerability identification information to the updated plurality of sets of vulnerability information to generate a second set of result information; and,   g) transmitting, by the at least one server to the mobile communication device, a notification about the second set of result information.   
     
     
       28. A method comprising:
 a) storing a plurality of sets of vulnerability information on a data storage accessible by at least one server, the vulnerability information including descriptions of known vulnerabilities;   b) receiving, at the at least one server, a set of vulnerability identification information about a mobile communications device;   c) correlating, by the at least one server, the received set of vulnerability identification information to at least one of the plurality of sets of vulnerability information from the data storage to generate a first set of result information; and   d) initiating the transmitting, by the at least one server to the mobile communications device, of a first subset of the first set of result information, the first subset of result information being selected from the first set of result information based on a determined vulnerability risk of each item of the result information, and the first subset of result information including instructions for remediating at least one vulnerability of the mobile communications device.   
     
     
       29. The method of claim 28, wherein:
 the vulnerability identification information is information selected from the group consisting of: an operating system type, an operating system version, a firmware version, a device model, carrier information, authentication information, user information, configuration information for the mobile communications device, hardware information, a list of files, a list of software components, a list of libraries, and a list of software applications on the mobile communications device; and   the vulnerability information is information selected from the group consisting of: a name, a description, a remediation instruction, a severity rating, a security impact summary, and a criterion for being vulnerable.   
     
     
       30. The method of claim 28, further comprising the step of:
 e) initiating the transmitting, by the at least one server to the mobile communications device, of a notification about the first set of result information, wherein the notification includes an instruction related to the first set of result information.   
     
     
       31. The method of claim 28, further comprising the steps of:
 e) updating at least one of the plurality of sets of vulnerability information on the data storage to form an updated plurality of sets of vulnerability information;   f) after the step of initiating the transmitting, by the at least one server, of the first subset of result information, correlating, by the at least one server, the received set of vulnerability identification information to the updated plurality of sets of vulnerability information to generate a second set of result information; and,   g) initiating the transmitting, by the at least one server to the mobile communications device, of a second subset of the second set of result information, an amount of the second set of result information included in the second subset of result information being determined by the setting provided to the server by the input from the administrator.   
     
     
       32. The method of claim 28, further comprising the steps of:
 e) updating at least one of the plurality of sets of vulnerability information on the data storage to form an updated plurality of sets of vulnerability information;   f) after the step of initiating the transmitting, by the at least one server, of the first subset of result information, correlating, by the at least one server, the received set of vulnerability identification information to the updated plurality of sets of vulnerability information to generate a second set of result information; and,   g) initiating the transmitting, by the at least one server to the mobile communications device, of a notification about the second set of result information.   
     
     
       33. The method of claim 28, further comprising the steps of:
 e) receiving, at the data storage, a new set of vulnerability information to form an updated plurality of sets of vulnerability information;   f) after the step of initiating the transmitting, by the at least one server, of the first subset of result information, correlating, by the at least one server, the received set of vulnerability identification information to the updated plurality of sets of vulnerability information to generate a second set of result information; and,   g) initiating the transmitting, by the at least one server, of the second set of result information.   
     
     
       34. The method of claim 28, further comprising the steps of:
 e) receiving, at the data storage, a new set of vulnerability information to form an updated plurality of sets of vulnerability information;   f) after the step of initiating the transmitting, by the at least one server, of the first subset of result information, correlating, by the at least one server, the received set of vulnerability identification information to the updated plurality of sets of vulnerability information to generate a second set of result information; and,   g) initiating the transmitting, by the at least one server to the mobile communications device, of a notification about the second set of result information.   
     
     
       35. A system comprising:
 a mobile communications device;   a network-enabled data storage; and   at least one network-enabled server, the system performing steps comprising:   a) storing a plurality of sets of vulnerability information on the data storage, the vulnerability information including descriptions of known vulnerabilities;   b) receiving, at the at least one server, a set of vulnerability identification information about a mobile communications device;   c) correlating, by the at least one server, the received set of vulnerability identification information to at least one of the plurality of sets of vulnerability information from the data storage to generate a first set of result information; and   d) initiating the transmitting, by the at least one server to the mobile communications device, of a first subset of the first set of result information, the first subset of result information being selected from the first set of result information based on a determined vulnerability risk of each item of the result information, and the first subset of result information including instructions for remediating at least one vulnerability of the mobile communications device.   
     
     
       36. The system of claim 35, wherein:
 the vulnerability identification information is information selected from the group consisting of: an operating system type, an operating system version, a firmware version, a device model, carrier information, authentication information, user information, configuration information for the mobile communications device, hardware information, a list of files, a list of software components, a list of libraries, and a list of software applications on the mobile communications device; and   the vulnerability information is information selected from the group consisting of: a name, a description, a remediation instruction, a severity rating, a security impact summary, and a criterion for being vulnerable.   
     
     
       37. The system of claim 35, the steps further comprising:
 e) initiating the transmitting, by the at least one server to the mobile communications device, of a notification about the first set of result information, wherein the notification includes an instruction related to the first set of result information.   
     
     
       38. The system of claim 35, the steps further comprising:
 e) after the step of initiating the transmitting, by the at least one server, of the first subset of result information, correlating, by the at least one server, the received set of vulnerability identification information to an updated plurality of sets of vulnerability information to generate a second set of result information; and,   f) initiating the transmitting, by the at least one server to the mobile communications device, of a second subset of the second set of result information, an amount of the second set of result information included in the second subset of result information being determined by the setting provided to the server by the input from the administrator.   
     
     
       39. The system of claim 35, the steps further comprising:
 e) after the step of initiating the transmitting, by the at least one server, of the first subset of result information, correlating, by the at least one server, the received set of vulnerability identification information to an updated plurality of sets of vulnerability information to generate a second set of result information; and,   f) initiating the transmitting, by the at least one server to the mobile communications device, of a notification about the second set of result information.   
     
     
       40. The system of claim 35, the steps further comprising:
 e) receiving, at the data storage, a new set of vulnerability information to form an updated plurality of sets of vulnerability information;   f) after the step of initiating the transmitting, by the at least one server, of the first subset of result information, correlating, by the at least one server, the received set of vulnerability identification information to the updated plurality of sets of vulnerability information to generate a second set of result information; and,   g) initiating the transmitting, by the at least one server, of the second set of result information.   
     
     
       41. The system of claim 35, the steps further comprising:
 e) receiving, at the data storage, a new set of vulnerability information to form an updated plurality of sets of vulnerability information;   f) after the step of initiating the transmitting, by the at least one server, of the first subset of result information, correlating, by the at least one server, the received set of vulnerability identification information to the updated plurality of sets of vulnerability information to generate a second set of result information; and,   g) initiating the transmitting, by the at least one server to the mobile communications device, of a notification about the second set of result information.   
     
     
       42. A non-transitory, computer-readable storage medium having stored thereon a plurality of instructions, which, when executed by a processor of a server, cause the server to perform steps comprising:
 a) accessing a plurality of sets of vulnerability information stored on a data storage, the vulnerability information including descriptions of known vulnerabilities;   b) receiving a set of vulnerability identification information about a mobile communications device;   c) correlating the received set of vulnerability identification information to at least one of the plurality of sets of vulnerability information from the data storage to generate a first set of result information; and   d) initiating the transmitting, to the mobile communications device, of a first subset of the first set of result information, the first subset of result information being selected from the first set of result information based on a determined vulnerability risk of each item of the result information, and the first subset of result information including instructions for remediating at least one vulnerability of the mobile communications device.   
     
     
       43. The non-transitory, computer-readable storage medium of claim 42, the steps further comprising:
 e) initiating the transmitting, to the mobile communications device, of a notification about the first set of result information, wherein the notification includes an instruction related to the first set of result information.   
     
     
       44. The non-transitory, computer-readable storage medium of claim 42, the steps further comprising:
 e) after the step of initiating the transmitting, to the mobile communications device, of the first subset of result information, correlating the received set of vulnerability identification information to an updated plurality of sets of vulnerability information stored on the data storage to generate a second set of result information; and,   f) initiating the transmitting, to the mobile communications device, of a second subset of the second set of result information, an amount of the second set of result information included in the second subset of result information being determined by the setting provided to the server by the input from the administrator.   
     
     
       45. The non-transitory, computer-readable storage medium of claim 42, the steps further comprising:
 e) after the step of initiating the transmitting, to the mobile communications device, of the first subset of result information, correlating the received set of vulnerability identification information to an updated plurality of sets of vulnerability information stored on the data storage to generate a second set of result information; and,   f) initiating the transmitting, to the mobile communications device, of a notification about the second set of result information.   
     
     
       46. The non-transitory, computer-readable storage medium of claim 42, the steps further comprising:
 e) after the step of initiating the transmitting, to the mobile communications device, of the first subset of result information, correlating the received set of vulnerability identification information to an updated plurality of sets of vulnerability information to generate a second set of result information; and,   f) initiating the transmitting, to the mobile communications device, of the second set of result information.   
     
     
       47. The non-transitory, computer-readable storage medium of claim 42, the steps further comprising:
 e) after the step of initiating the transmitting, to the mobile communications device, of the first subset of result information, correlating the received set of vulnerability identification information to an updated plurality of sets of vulnerability information to generate a second set of result information; and,   f) initiating the transmitting, to the mobile communications device, of a notification about the second set of result information.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.