Abstract: A method, apparatus and computer program product for use in identifying and blocking operation of compromised or potentially compromised IoT device(s) on a network, such as a local network behind a router or firewall. To this end, the technique provides for automated and seamless on-boarding of a “guard” system for IoT devices, preferably as those devices join (or re-join) into the network via a Dynamic Host Configuration Protocol message exchange. In operation, and in response to receipt of a DHCP discover message that includes a network location, a DHCP server uses the network location to locate and retrieve a set of flow attributes for the device. Those attributes are then associated with the IP address to be assigned to the IoT device in a network control device. The network control device then selectively identifies and/or blocks operation of the IoT device when the IoT device is compromised or potentially compromised, thereby protecting the network (or network resources) from damage or misuse.

Abstract: A method, apparatus and computer program product for use in identifying and blocking operation of compromised or potentially compromised IoT device(s) on a network, such as a local network behind a router or firewall. To this end, the technique provides for automated and seamless on-boarding of a “guard” system for IoT devices, preferably as those devices join (or re-join) into the network via a Dynamic Host Configuration Protocol message exchange. In operation, and in response to receipt of a DHCP discover message that includes a network location, a DHCP server uses the network location to locate and retrieve a set of flow attributes for the device. Those attributes are then associated with the IP address to be assigned to the IoT device in a network control device. The network control device then selectively identifies and/or blocks operation of the IoT device when the IoT device is compromised or potentially compromised, thereby protecting the network (or network resources) from damage or misuse.

Abstract: Embodiments for rendering content by a processor are provided. A request to render content is received. A score is assigned to each of a plurality of rendering browsers based on a plurality of factors associated with the content and the plurality of rendering browsers, the score used in determining a selection of the rendering browser and weighted according to each of the plurality of factors which include: a security risk of the content, and language support, performance characteristics and a user preference of the plurality of rendering browsers. The selected rendering browser is automatically instantiated and the content is rendered by the selected rendering browser on the computing device.

Abstract: A method, apparatus and computer program product for protecting enterprise Information Technology (IT) infrastructures by automatically instantiating individualized network flow controls and/or network access controls specific to an IoT device. In this approach, an IoT device is identified, e.g., via network scanning or other observational sensors, or by receipt of information from a network administrator. In response to receiving information about the new IoT device, a control component obtains applicable network flow control and/or access control rules for the IoT device. These rules are obtained from one or more authoritative (trusted) sources, e.g., querying a website of the IoT vendor, an industry site, or an enterprise site. In this manner, applicable network flow control and/or access control rules are obtained.

Abstract: A method, apparatus and computer program product for protecting enterprise Information Technology (IT) infrastructures by automatically instantiating individualized network flow controls and/or network access controls specific to an IoT device. In this approach, an IoT device is identified, e.g., via network scanning or other observational sensors, or by receipt of information from a network administrator. In response to receiving information about the new IoT device, a control component obtains applicable network flow control and/or access control rules for the IoT device. These rules are obtained from one or more authoritative (trusted) sources, e.g., querying a website of the IoT vendor, an industry site, or an enterprise site. In this manner, applicable network flow control and/or access control rules are obtained.

Abstract: A method, apparatus and computer program product for use in monitoring and controlling network behavior of Internet of Things (IoT) devices connected to a network. According to this approach, a set of network characteristics of an IoT device (e.g., as published by the device manufacturer) are assigned various risk values and then monitored over an initial time period to generate a “fingerprint” of the device's network flow. This flow is then transformed into one or more flow control rules representing “normal” or abnormal behavior of the IoT device. Preferably, the rules are instantiated into a network boundary control system (NBCS), such as an enterprise router, gateway, or the like, and then enforced, e.g., to generate alerts or others actions when the rules are triggered. The approach enables dynamic and automated threat detection and prevention based on anomalous and/or known-bad behavior.

Abstract: Embodiments for rendering content by a processor are provided. A request to render content is received. A score is assigned to each of a plurality of rendering browsers based on a plurality of factors associated with the content and the plurality of rendering browsers, the score used in determining a selection of the rendering browser and weighted according to each of the plurality of factors which include: a security risk of the content, and language support, performance characteristics and a user preference of the plurality of rendering browsers. The selected rendering browser is automatically instantiated and the content is rendered by the selected rendering browser on the computing device.

Abstract: A method, apparatus and computer program product for use in identifying and blocking operation of compromised or potentially compromised IoT device(s) on a network, such as a local network behind a router or firewall. To this end, the technique provides for automated and seamless on-boarding of a “guard” system for IoT devices, preferably as those devices join (or re-join) into the network via a Dynamic Host Configuration Protocol message exchange. In operation, and in response to receipt of a DHCP discover message that includes a network location, a DHCP server uses the network location to locate and retrieve a set of flow attributes for the device. Those attributes are then associated with the IP address to be assigned to the IoT device in a network control device. The network control device then selectively identifies and/or blocks operation of the IoT device when the IoT device is compromised or potentially compromised, thereby protecting the network (or network resources) from damage or misuse.

Abstract: A method, apparatus and computer program product for protecting enterprise Information Technology (IT) infrastructures by automatically instantiating individualized network flow controls and/or network access controls specific to an IoT device. In this approach, an IoT device is identified, e.g., via network scanning or other observational sensors, or by receipt of information from a network administrator. In response to receiving information about the new IoT device, a control component obtains applicable network flow control and/or access control rules for the IoT device. These rules are obtained from one or more authoritative (trusted) sources, e.g., querying a website of the IoT vendor, an industry site, or an enterprise site. In this manner, applicable network flow control and/or access control rules are obtained.

Abstract: Embodiments for rendering content by a processor are provided. A request to render content is received. A rendering browser to render the content on a computing device is selected from a plurality of rendering browsers. The selecting of the rendering browser is based on security information associated with at least one of the content and the plurality of rendering browsers.

Abstract: A method, apparatus and computer program product for protecting enterprise Information Technology (IT) infrastructures by automatically instantiating individualized network flow controls and/or network access controls specific to an IoT device. In this approach, an IoT device is identified, e.g., via network scanning or other observational sensors, or by receipt of information from a network administrator. In response to receiving information about the new IoT device, a control component obtains applicable network flow control and/or access control rules for the IoT device. These rules are obtained from one or more authoritative (trusted) sources, e.g., querying a website of the IoT vendor, an industry site, or an enterprise site. In this manner, applicable network flow control and/or access control rules are obtained.

Abstract: A method, apparatus and computer program product for use in identifying and blocking operation of compromised or potentially compromised IoT device(s) on a network, such as a local network behind a router or firewall. To this end, the technique provides for automated and seamless on-boarding of a “guard” system for IoT devices, preferably as those devices join (or re-join) into the network via a Dynamic Host Configuration Protocol message exchange. In operation, and in response to receipt of a DHCP discover message that includes a network location, a DHCP server uses the network location to locate and retrieve a set of flow attributes for the device. Those attributes are then associated with the IP address to be assigned to the IoT device in a network control device. The network control device then selectively identifies and/or blocks operation of the IoT device when the IoT device is compromised or potentially compromised, thereby protecting the network (or network resources) from damage or misuse.

Abstract: A method, apparatus and computer program product for use in monitoring and controlling network behavior of Internet of Things (IoT) devices connected to a network. According to this approach, a set of network characteristics of an IoT device (e.g., as published by the device manufacturer) are assigned various risk values and then monitored over an initial time period to generate a “fingerprint” of the device's network flow. This flow is then transformed into one or more flow control rules representing “normal” or abnormal behavior of the IoT device. Preferably, the rules are instantiated into a network boundary control system (NBCS), such as an enterprise router, gateway, or the like, and then enforced, e.g., to generate alerts or others actions when the rules are triggered. The approach enables dynamic and automated threat detection and prevention based on anomalous and/or known-bad behavior.

Abstract: Embodiments are directed to a computer-implemented method of controlling an electronic device. The method includes detecting, using a processor, a user using one or more sensors. The method further includes selecting one table from a set of tables, wherein each table includes a set of rules to be followed depending on the detecting step. The method further includes measuring changes in a position of the user that are detected by the one or more sensors. The method further includes comparing the changes in the position of the user to one or more rules in the selected table. The method further includes controlling the electronic device based on the comparison.

Abstract: Embodiments are directed to a computer-implemented method of controlling an electronic device. The method includes detecting, using a processor, a user using one or more sensors. The method further includes selecting one table from a set of tables, wherein each table includes a set of rules to be followed depending on the detecting step. The method further includes measuring changes in a position of the user that are detected by the one or more sensors. The method further includes comparing the changes in the position of the user to one or more rules in the selected table. The method further includes controlling the electronic device based on the comparison.

Abstract: Embodiments for rendering content by a processor are provided. A request to render content is received. A rendering browser to render the content on a computing device is selected from a plurality of rendering browsers. The selecting of the rendering browser is based on security information associated with at least one of the content and the plurality of rendering browsers.

Abstract: A countermeasure for a computer security threat to a computer system is administered by establishing a baseline identification of an operating or application system type and an operating or application system release level for the computer system that is compatible with a Threat Management Vector (TMV). A TMV is then received, including therein a first field that provides identification of at least one operating system type that is affected by a computer security threat, a second field that provides identification of an operating system release level for the operating system type, and a third field that provides identification of a set of possible countermeasures for an operating system type and an operating system release level. Countermeasures that are identified in the TMV are processed if the TMV identifies the operating system type and operating system release level for the computer system as being affected by the computer security threat.

Abstract: A countermeasure for a computer security threat to a computer system is administered by establishing a baseline identification of an operating or application system type and an operating or application system release level for the computer system that is compatible with a Threat Management Vector (TMV). A TMV is then received, including therein a first field that provides identification of at least one operating system type that is affected by a computer security threat, a second field that provides identification of an operating system release level for the operating system type, and a third field that provides identification of a set of possible countermeasures for an operating system type and an operating system release level. Countermeasures that are identified in the TMV are processed if the TMV identifies the operating system type and operating system release level for the computer system as being affected by the computer security threat.

Abstract: A countermeasure for a computer security threat to a computer system is administered by establishing a baseline identification of an operating or application system type and an operating or application system release level for the computer system that is compatible with a Threat Management Vector (TMV). A TMV is then received, including therein a first field that provides identification of at least one operating system type that is affected by a computer security threat, a second field that provides identification of an operating system release level for the operating system type, and a third field that provides identification of a set of possible countermeasures for an operating system type and an operating system release level. Countermeasures that are identified in the TMV are processed if the TMV identifies the operating system type and operating system release level for the computer system as being affected by the computer security threat.

Abstract: A threat management domain controller is responsive to a computer-actionable threat management vector that includes a first computer-readable field that provides identification of at least one system type that is affected by a computer security threat, a second computer-readable field that provides identification of a release level for the system type and a third computer-readable field that provides identification of a set of possible countermeasures for a system type and release level. The threat management domain controller processes a threat management vector that is received for use by a domain of target computer systems, and transmits the threat management vector that has been processed to at least one of the target computer systems in the domain of target computer systems.