Abstract: Methods and systems are provided for conditionally granting access to service levels based on a determined security state of the device requesting access. A software component, upon receiving a request for access to a provider having a plurality of service levels, determines the current security state of the requesting device. The software component compares that security state to a policy associated with the provider. The software component then allows the requesting device access to the provider services where the device's current security state meets or exceeds the security state required for the service.

Abstract: A software component, upon receiving a request for access to a provider having a plurality of service levels, determines the current security state of the requesting device. The security state of the requesting device varies according to severity levels of device security events. The software component compares that security state to a policy associated with the provider. The software component then allows the requesting device access to the provider services where the device's current security state meets or exceeds the security state required for the service.

Abstract: Methods and systems are provided for conditionally granting access to service levels based on a determined security state of the device requesting access. A software component, upon receiving a request for access to a provider having a plurality of service levels, determines the current security state of the requesting device. The software component compares that security state to a policy associated with the provider. The software component then allows the requesting device access to the provider services where the device's current security state meets or exceeds the security state required for the service.

Abstract: Methods and systems are provided for sharing information and improving the functioning of devices by blocking potentially harmful communications. In the methods and systems disclosed, a security component on an electronic device may receive a policy. The security component may also receive, from a local device proxy on the electronic device, information pertaining to a communication. The security component may compare the information pertaining to the communication to the policy. The comparison may result in a determination that the communication is potentially harmful. The security component may then instruct the local device proxy to block the communication from proceeding past the local device proxy.

Abstract: Methods and systems are provided for sharing information and improving the functioning of devices by blocking potentially harmful communications. In the methods and systems disclosed, a security component on an electronic device may receive a policy. The security component may also receive, from a local device proxy on the electronic device, information pertaining to a communication. The security component may compare the information pertaining to the communication to the policy. The comparison may result in a determination that the communication is potentially harmful. The security component may then instruct the local device proxy to block the communication from proceeding past the local device proxy.

Abstract: Methods and systems are provided for sharing information and improving the functioning of devices by blocking the installation of an application based on an assessment. In the methods and systems disclosed, a server may receive data pertaining to an application from the mobile communications device. The server may process the data from the mobile communications device to determine an assessment of the application, where the assessment is based on an analysis using information shared by sources other than the mobile communications device. The server may then provide the assessment to the mobile communications device.

Abstract: A server receives from a mobile communication device information about a data object (e.g., application) on the device when the device cannot assess the data object. The server uses the information along with other information stored at the server to assess the data object. Based on the assessment, the device may be permitted to access the data object or the device may not be permitted to access the data object. The other information stored at the server can include data objects known to be bad, data objects known to be good, or both.

Abstract: Methods and systems are provided for sharing information and improving the functioning of devices by blocking the installation of an application based on an assessment. In the methods and systems disclosed, a server may receive data pertaining to an application from the mobile communications device. The server may process the data from the mobile communications device to determine an assessment of the application, where the assessment is based on an analysis using information shared by sources other than the mobile communications device. The server may then provide the assessment to the mobile communications device.

Abstract: Methods are provided for determining an enterprise risk level, for sharing security risk information between enterprises by identifying a security response by a first enterprise and then sharing the security response to a second enterprise when a relationship database profile for the first collection indicates the security response may be shared. Methods are also provided for determining whether to allow a request from an originating device where the request may have been initiated by a remote device.

Abstract: Methods and systems are provided for sharing security risk information between collections of computing devices, such as mobile communications devices, to improve the functioning of devices associated with the collections. The methods and systems disclosed may share security risk information by identifying a security risk response by a first collection and then providing the security risk response to a second collection when a relationship database profile for the first collection indicates the security response may be shared with the second collection. Methods and systems are also provided for determining whether to allow a request from an originating device where the request may have been initiated by a remote device.

Abstract: A system and method checks for harmful behavior of an application to be installed on a mobile communications device. A server computer receives from the mobile communications device data pertaining to the application to be installed and information pertaining to the mobile communications device. The server processes the data and information to determine an assessment for the application to be installed. The assessment is provided to the mobile communications device and the assessment is displayed on the device if the assessment is one of dangerous and potentially dangerous.

Abstract: A server receives from a mobile communication device information about a data object (e.g., application) on the device when the device cannot assess the data object. The server uses the information along with other information stored at the server to assess the data object. Based on the assessment, the device may be permitted to access the data object or the device may not be permitted to access the data object. The other information stored at the server can include data objects known to be bad, data objects known to be good, or both.

Abstract: Methods and systems are provided for sharing security risk information between collections of computing devices, such as mobile communications devices, to improve the functioning of devices associated with the collections. The methods and systems disclosed may share security risk information by identifying a security risk response by a first collection and then providing the security risk response to a second collection when a relationship database profile for the first collection indicates the security response may be shared with the second collection. Methods and systems are also provided for determining whether to allow a request from an originating device where the request may have been initiated by a remote device.

Abstract: Embodiments are directed to a system and method for authenticating a user of a client computer making a request to a server computer providing access to a network resource through an authentication platform that issues a challenge in response to the request requiring authentication of the user identity through a reply from the client computer, determining one or more items of context information related to at least one of the user, the request, and the client computer, and determining a disposition of the request based on the reply and the one or more items of context information. The reply includes a user password and may be provided by an authorizing client device.

Abstract: This disclosure is directed to a system and method for providing advisement about applications on mobile communication devices such as smartphones, netbooks, and tablets. A server gathers data about mobile applications, analyzes the applications, and produces an assessment that may advise users on a variety of factors, including security, privacy, battery impact, performance impact, and network usage. The disclosure helps users understand the impact of applications to improve the experience in using their mobile device. The disclosure also enables a server to feed information about applications to other protection systems such as application policy systems and network infrastructure. The disclosure also enables advisement about applications to be presented in a variety of forms, such as through a mobile application, as part of a web application, or integrated into other services via an API.

Abstract: Disclosed herein is a system and method for efficiently gathering information about applications for mobile communications devices (e.g., smartphones, netbooks, and tablets) and using that information to produce assessments of the applications. To gather information, a server may send a request for application data to a mobile communications device. In response, the server may receive some but not all of the first-requested application data. The server may then a second request for application data to a second mobile communications device that also has access to the application. The server may receive application data from the second mobile communications device, and store the received first- and second-requested application data. The server then uses the stored application data to assess the application.

Abstract: A system and method identifies mobile applications that are likely to have an adverse effect on a mobile network if accessed by mobile communication devices. In an implementation, a server monitors behavioral data relating to a mobile application and applies a model to determine if the application is likely to have an adverse effect on a mobile network when accessed by a plurality of mobile devices. A mobile device, computer device, or server, may monitor behavioral data, apply a model to the data, and create a disposition. They may aggregate behavioral data or disposition information from multiple devices. They may transmit or make available the disposition information to a subscriber through a web interface, API, email, or other mechanism. After identifying that an application may have an adverse effect, they may enact corrective actions, such as generating device or network configuration data.

Abstract: Methods are provided for determining an enterprise risk level, for sharing security risk information between enterprises by identifying a security response by a first enterprise and then sharing the security response to a second enterprise when a relationship database profile for the first collection indicates the security response may be shared. Methods are also provided for determining whether to allow a request from an originating device where the request may have been initiated by a remote device.

Abstract: Disclosed herein is a system and method for efficiently gathering information about applications for mobile communications devices (e.g., smartphones, netbooks, and tablets) and using that information to produce assessments of the applications. To gather information, a server may send a request for application data to a mobile communications device. In response, the server may receive some but not all of the first-requested application data. The server may then a second request for application data to a second mobile communications device that also has access to the application. The server may receive application data from the second mobile communications device, and store the received first- and second-requested application data. The server then uses the stored application data to assess the application.

Abstract: A server receives from a mobile communication device application data identifying an application accessible by the mobile communication device. The server uses at least some of the application data to assess the application. The application data can include, for example, behavioral data, metadata, parts of the application, information indicating the application is installed on the mobile communication device, or combinations of these.