US 9,813,444 B2
Reliable selection of security countermeasures
Siying Yang, Cupertino, CA (US)
Assigned to Shape Security, Inc., Mountain View, CA (US)
Filed by Shape Security, Inc., Palo Alto, CA (US)
Filed on Feb. 25, 2016, as Appl. No. 15/52,951.
Application 15/052,951 is a continuation of application No. 14/790,738, filed on Jul. 2, 2015, granted, now 9,275,222.
Application 14/790,738 is a continuation of application No. 14/321,172, filed on Jul. 1, 2014, granted, now 9,075,990, issued on Jul. 7, 2015.
Prior Publication US 2016/0182534 A1, Jun. 23, 2016
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 29/06 (2006.01); H04L 29/08 (2006.01); G06F 21/14 (2013.01); G06F 21/55 (2013.01)
CPC H04L 63/145 (2013.01) [G06F 21/14 (2013.01); G06F 21/55 (2013.01); H04L 63/1416 (2013.01); H04L 63/1441 (2013.01); H04L 63/20 (2013.01); H04L 67/02 (2013.01); H04L 63/168 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method, comprising:
providing, to one or more trusted client computing devices, a shared secret recipe comprising a key and instructions for generating security tokens based on the key;
updating the shared secret recipe by providing one or more updates to the one or more trusted client computing devices;
receiving, from a client computing device from among the one or more trusted client computing devices, a request for an electronic resource;
validating a security token received from the client computing device, wherein the security token is generated by the client computing device using the shared secret recipe, wherein validating the security token includes verifying an identity of the client computing device;
based on validating the security token, determining a level of trust for the client computing device;
selecting, based on the level of trust for the client computing device, a set of one or more security countermeasures that interfere with an ability of malware to interact with the electronic resource on the client computing device;
applying the set of one or more security countermeasures to the electronic resource; and
after applying the set of one or more security countermeasures, serving the electronic resource to the client computing device;
wherein the method is performed by one or more computing devices.