POLICY-BASED SELECTION OF REMEDIATION
First Claim
1. A method of automatically determining one or more remediations for a device that includes a processor, the method comprising:
- receiving values of a plurality of parameters which collectively characterize an operational state of the device;
retrieving, from a policy database, at least one policy associated with at least one of the plurality of parameters, the at-least-one policy defining at least one parameter condition violation of which is potentially being indicative of unauthorized activity or manipulation of the device;
applying, by a computer processor, the retrieved at least one policy to the plurality of parameter values to determine whether the at least one retrieved policy is violated;
when the retrieved at least one policy is violated, retrieving from a remediation database at least one remediation for the device according to the violated policy; and
deploying the at least one retrieved remediation to the device.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, of automatically determining one or more remediations for a device that includes a processor, may include: receiving values of a plurality of parameters which collectively characterize an operational state of the device, there being at least one policy associated with at least a given one of the plurality of parameters, policy defining as a condition thereof one or more potential values of, or based upon, the given parameter, satisfaction of the condition potentially being indicative of unauthorized activity or manipulation of the device; automatically determining, from the received parameter values, whether the conditions for any policies are satisfied, respectively; and automatically selecting one or more remediations for the device according to the satisfied policies, respectively.
96 Citations
20 Claims
-
1. A method of automatically determining one or more remediations for a device that includes a processor, the method comprising:
-
receiving values of a plurality of parameters which collectively characterize an operational state of the device; retrieving, from a policy database, at least one policy associated with at least one of the plurality of parameters, the at-least-one policy defining at least one parameter condition violation of which is potentially being indicative of unauthorized activity or manipulation of the device; applying, by a computer processor, the retrieved at least one policy to the plurality of parameter values to determine whether the at least one retrieved policy is violated; when the retrieved at least one policy is violated, retrieving from a remediation database at least one remediation for the device according to the violated policy; and deploying the at least one retrieved remediation to the device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-readable storage medium including instructions stored thereon, execution of which by a processor of a computing device cause the computer to perform a method including:
-
receiving values of a plurality of parameters which collectively characterize an operational state of the device; retrieving, from a policy database, at least one policy associated with at least one of the plurality of parameters, the at-least-one policy defining at least one parameter condition violation of which is potentially being indicative of unauthorized activity or manipulation of the device; applying the retrieved at least one policy to the plurality of parameter values to determine whether the at least one retrieved policy is violated; when the retrieved at least one policy is violated, retrieving from a remediation database at least one remediation for the device according to the violated policy; and deploying the at least one retrieved remediation to the device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system comprising:
-
a processor; a network interface device; a memory device storing an instruction set executable by the processor to; receive, over a network via the network interface device from a remote device, values of a plurality of parameters which collectively characterize an operational state of the remote device; retrieve, from a policy database, at least one policy associated with at least one of the plurality of parameters, the at-least-one policy defining at least one parameter condition violation of which is potentially being indicative of unauthorized activity or manipulation of the remote device; apply the retrieved at least one policy to the plurality of parameter values to determine whether the at least one retrieved policy is violated; when the retrieved at least one policy is violated, retrieve from a remediation database at least one remediation for the remote device according to the violated policy; and deploy the at least one retrieved remediation to the remote device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification