Policy-based selection of remediation
First Claim
27. A machine-readable medium comprising instructions, execution of which by a machine determines one or more remediations for a device that includes a processor, the machine-readable instructions including:
- a first code segment to receive values of a plurality of parameters which collectively characterize an operational state of the device, there being at least one policy associated with at least a given one of the plurality of parameters, policy defining as a condition thereof one or more potential values of, or based upon, the given parameter, satisfaction of the condition potentially being indicative of unauthorized activity or manipulation of the device;
a second code segment to automatically determine, from the received parameter values, whether the conditions for any policies are satisfied, respectively; and
a third code segment to automatically select one or more remediations for the device according to the satisfied policies, respectively.
7 Assignments
0 Petitions
Accused Products
Abstract
A method, of automatically determining one or more remediations for a device that includes a processor, may include: receiving values of a plurality of parameters which collectively characterize an operational state of the device, there being at least one policy associated with at least a given one of the plurality of parameters, policy defining as a condition thereof one or more potential values of, or based upon, the given parameter, satisfaction of the condition potentially being indicative of unauthorized activity or manipulation of the device; automatically determining, from the received parameter values, whether the conditions for any policies are satisfied, respectively; and automatically selecting one or more remediations for the device according to the satisfied policies, respectively.
-
Citations
45 Claims
-
27. A machine-readable medium comprising instructions, execution of which by a machine determines one or more remediations for a device that includes a processor, the machine-readable instructions including:
-
a first code segment to receive values of a plurality of parameters which collectively characterize an operational state of the device, there being at least one policy associated with at least a given one of the plurality of parameters, policy defining as a condition thereof one or more potential values of, or based upon, the given parameter, satisfaction of the condition potentially being indicative of unauthorized activity or manipulation of the device;
a second code segment to automatically determine, from the received parameter values, whether the conditions for any policies are satisfied, respectively; and
a third code segment to automatically select one or more remediations for the device according to the satisfied policies, respectively. - View Dependent Claims (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 42, 43, 44, 45)
-
-
32-1. The machine-readable medium of claim 27, wherein the condition for at least one policy describes for the corresponding at-least-one parameter one of the following:
-
existence;
non-existence;
a range of potential values thereof;
change in the value thereof;
no-change in the value thereof;
a maximum amount of change in the value thereof;
a minimum amount of change in the value thereof;
a maximum potential value thereof;
a minimum potential value thereof;
being equal to a specific value thereof;
not being equal to a specific value thereof;
presence on a list; and
absence from a list.
-
-
33-2. The machine-readable medium of claim 27, wherein the machine-readable instructions further include:
a fourth code segment to automatically create, for each satisfied policy, a machine-actionable map between the policy, the corresponding one or more selected remediations and the device.
-
38-3. A machine configured to implement the method of claim 20.
-
39-4. A machine configured to implement the method of claim 22.
-
40. An apparatus for determining one or more remediations for a device that includes a processor, the apparatus comprising:
-
means for receiving values of a plurality of parameters which collectively characterize an operational state of the device, there being at least one policy associated with at least a given one of the plurality of parameters, policy defining as a condition thereof one or more potential values of, or based upon, the given parameter, satisfaction of the condition potentially being indicative of unauthorized activity or manipulation of the device;
means for automatically determining, from the received parameter values, whether the conditions for any policies are satisfied, respectively; and
means for automatically selecting one or more remediations for the device according to the satisfied policies, respectively. - View Dependent Claims (41)
-
Specification