Device management apparatus, device management system, and verification method

US 10,225,372 B2
Filed: 11/28/2016
Issued: 03/05/2019
Est. Priority Date: 12/09/2015
Status: Active Grant

First Claim

Patent Images

1. A device management apparatus comprising:

a memory configured to store a plurality of verification programs, the plurality of verification programs configured to verify whether associated ones of a plurality of vulnerabilities have been successfully patched by an updating program; and

circuitry configured to,acquire the updating program for updating a device,transmit the updating program to the device,receive introduction success/failure information indicating whether the updating program is successfully introduced, from the device,determine which of the plurality of verification programs is a selected verification program based on which of the plurality of vulnerabilities are patchable by the updating program,acquire, if the introduction success/failure information indicates success in introduction, the selected verification program, andverify, using the selected verification program, whether the associated ones of the plurality of vulnerabilities have been successfully patched.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A device management apparatus includes circuitry configured to: acquire an updating program for updating a device; transmit the updating program to the device; receive introduction success/failure information indicating whether the updating program is successfully introduced, from the device; acquire, if the introduction success/failure information indicates success in introduction, a verification program for verifying an operation of the device updated with the updating program; and verify whether the operation of the updated device can be guaranteed based on the verification program.

15 Citations

View as Search Results

14 Claims

1. A device management apparatus comprising:
- a memory configured to store a plurality of verification programs, the plurality of verification programs configured to verify whether associated ones of a plurality of vulnerabilities have been successfully patched by an updating program; and
  
  circuitry configured to,acquire the updating program for updating a device,transmit the updating program to the device,receive introduction success/failure information indicating whether the updating program is successfully introduced, from the device,determine which of the plurality of verification programs is a selected verification program based on which of the plurality of vulnerabilities are patchable by the updating program,acquire, if the introduction success/failure information indicates success in introduction, the selected verification program, andverify, using the selected verification program, whether the associated ones of the plurality of vulnerabilities have been successfully patched.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The device management apparatus according to claim 1, wherein the circuitry is further configured to reverify, using the selected verification program, whether the associated ones of the plurality of vulnerabilities have been successfully patched, if the associated ones of the plurality of vulnerabilities are present after transmission of the updating program.
  - 3. The device management apparatus according to claim 1, wherein the circuitry is further configured to request the device to interrupt power supply if the associated ones of the plurality of vulnerabilities are present after transmission of the updating program.
  - 4. The device management apparatus according to claim 1, wherein the circuitry is further configured to retransmit the updating program to the device, if the introduction success/failure information indicates failure in introduction.
  - 5. The device management apparatus according to claim 1, wherein the circuitry is configured to request the device to interrupt power supply if the introduction success/failure information indicates failure in introduction.
  - 6. The device management apparatus according to claim 1, wherein the circuitry is configured to register, in the memory, a verification result indicating whether the associated ones of the plurality of vulnerabilities are present after transmission of the updating program.
  - 7. The device management apparatus according to claim 6, wherein the circuitry is further configured to register the introduction success/failure information in the memory.
  - 8. The device management apparatus according to claim 1, wherein the circuitry is configured to verify whether the associated ones of the plurality of vulnerabilities have been successfully patched by pseudo-attacking the device using the selected verification program.

9. A device management system comprising:
- a device; and
  
  a device management apparatus, the device management apparatus including,a memory configured to store a plurality of verification programs, the plurality of verification programs configured to verify whether associated ones of a plurality of vulnerabilities have been successfully patched by an updating program, andcircuitry configured to;
  
  acquire the updating program for updating the device;
  
  transmit the updating program to the device;
  
  receive introduction success/failure information indicating whether the updating program is successfully introduced, from the device;
  
  determine which of the plurality of verification programs is a selected verification program based on which of the plurality of vulnerabilities are patchable by the updating program;
  
  acquire the selected verification program, if the introduction success/failure information indicates success in introduction; and
  
  verify, using the selected verification program, whether the associated ones of the plurality of vulnerabilities have been successfully patched.
- View Dependent Claims (10, 11)
- - 10. The device management system according to claim 9, wherein the device includes circuitry configured to,receive the updating program from the device management apparatus, andtransmit the introduction success/failure information to the device management apparatus.
  - 11. The device management system according to claim 9, wherein the circuitry of the device management apparatus is configured to verify whether the associated ones of the plurality of vulnerabilities have been successfully patched by pseudo-attacking the device using the selected verification program.

12. A verification method method comprising:
- acquiring an updating program for updating a device;
  
  transmitting the updating program to the device;
  
  receiving introduction success/failure information indicating whether the updating program is successfully introduced, from the device;
  
  determining which of a plurality of verification programs stored in a memory is a selected verification program based on which of a plurality of vulnerabilities are patchable by the updating program, the plurality of verification programs configured to verify whether associated ones of the plurality of vulnerabilities have been successfully patched by the updating program;
  
  acquiring the selected verification program, if the introduction success/failure information indicates success in introduction; and
  
  verifying, using the selected verification program, whether the associated ones of the plurality of vulnerabilities have been successfully patched.
- View Dependent Claims (13, 14)
- - 13. The verification method according to claim 12, further comprising:
    - receiving, by the device, the updating program; and
      
      transmitting, by the device, the introduction success/failure information.
  - 14. The verification method to claim 12, wherein the verifying comprises:
    - pseudo-attacking the device using the selected verification program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ricoh Company Limited
Original Assignee
Ricoh Company Limited
Inventors
Itogawa, Akira
Primary Examiner(s)
Duong, Oanh

Application Number

US15/361,960
Publication Number

US 20170171354A1
Time in Patent Office

827 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

G06F 21/572   Secure firmware programming...

G06F 21/577   Assessing vulnerabilities a...

G06F 8/65   Updates security arrangemen...

H04L 67/01   Protocols

H04L 67/06   specially adapted for file ...

H04L 67/10   in which an application is ...

H04L 67/34   involving the movement of s...

Device management apparatus, device management system, and verification method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

15 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Device management apparatus, device management system, and verification method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links