HEALTH-BASED ACCESS TO NETWORK RESOURCES
First Claim
1. A computer-implemented method for protecting a computer system from accessing malicious network resources, the method comprising:
- receiving a request to access a resource, wherein the request includes an identification of the resource;
determining a reputation of the requested resource, wherein the reputation indicates a likelihood that accessing the resource will cause malicious content to be downloaded to the computer system;
determining a health state of the computer system from which the request is received;
accessing an access policy that identifies one or more conditions based on the resource reputation and computer system health state for which the computer system is allowed to access the requested resource; and
applying the access policy to determine whether to allow the computer system to access the requested resource based on the access policy and thereby protect the computer system from accessing malicious network resources,wherein the preceding steps are performed by at least one processor.
2 Assignments
0 Petitions
Accused Products
Abstract
A protection system is described herein that dynamically determines whether a computer system can access a particular resource based on a combination of a dynamic health state of the computer system and a dynamic reputation of the resource. When a user attempts to access a resource, the protection system intercepts the request. The protection system determines the reputation of the resource that the user is attempting to access and the health of the computer system through which the user is attempting to access the resource. Based on the determined resource reputation and the determined computer system health, the protection system determines whether to allow the requested access to the resource.
69 Citations
20 Claims
-
1. A computer-implemented method for protecting a computer system from accessing malicious network resources, the method comprising:
-
receiving a request to access a resource, wherein the request includes an identification of the resource; determining a reputation of the requested resource, wherein the reputation indicates a likelihood that accessing the resource will cause malicious content to be downloaded to the computer system; determining a health state of the computer system from which the request is received; accessing an access policy that identifies one or more conditions based on the resource reputation and computer system health state for which the computer system is allowed to access the requested resource; and applying the access policy to determine whether to allow the computer system to access the requested resource based on the access policy and thereby protect the computer system from accessing malicious network resources, wherein the preceding steps are performed by at least one processor. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer system for blocking access to a network resource based on the health of the computer requesting access to the network resource, the system comprising:
-
a processor and memory configured to execute software instructions; a resource request component configured to receive requests to access resources from user programs or other applications, wherein requests received by the resource request component identify the resource to be accessed; a resource reputation component configured to determine a reputation score of the network resource for resource requests received through the resource request component; a health state component configured to determine a health score of the computer system making the resource request; a policy component configured to receive and store policies defined by an administrator to determine whether to allow or deny a particular resource access request; and an access control component configured to determine whether to allow access to a requested resource by applying the defined policies to the determined health score of the requesting computer system and the reputation score of the network resource. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer-readable storage medium comprising instructions for controlling a computer system to use the health of the computer system to determine access to resources, wherein the instructions, when executed, cause a processor to perform actions comprising:
-
receiving a health of the computer system and a reputation score of a requested resource, wherein the reputation score indicates whether a likelihood that the requested resource contains malicious content and the health indicates a level of defense of the computer system to malicious content; if the reputation score of the requested resource is above a predetermined reputation threshold, allowing the computer system to access the requested resource; if the health of the requesting computer system is above a predetermined health threshold, then allowing the computer system to access the requested resource; and if the health of the requesting computer system is below the predetermined health threshold and the reputation of the requested resource is below the predetermined reputation threshold, determining whether to allow access to the requested resource based on a combination of the health and reputation score. - View Dependent Claims (18, 19, 20)
-
Specification