Classifying an Operating Environment of a Remote Computer

US 20100333169A1
Filed: 06/22/2010
Published: 12/30/2010
Est. Priority Date: 12/10/2003
Status: Active Grant

First Claim

Patent Images

1. (canceled)

View all claims

14 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and techniques are provided for controlling requests for resources from remote computers. A remote computer'"'"'s ability to access a resource is determined based upon the computer'"'"'s operating environment. The computer or computers responsible for controlling access to a resource will interrogate the remote computer to ascertain its operating environment. The computer or computers responsible for controlling access to a resource may, for example, download one or more interrogator agents onto the remote computer to determine its operating environment. Based upon the interrogation results, the computer or computers responsible for controlling access to a resource will control the remote computer'"'"'s access to the requested resource.

120 Citations

View as Search Results

14 Claims

1. (canceled)

2. A method for classifying an operating environment of a remote computer, the method comprising:
- maintaining a list of zones of trust in memory, each zone of trust associated with a set of resources; and
  
  executing instructions stored in memory, wherein execution of the instructions by a processor;
  
  selects a zone of trust from the list of zones of trust, wherein the selected zone of trust is defined by a signature comprising one or more literal values concerning a computer state,compares the one or more literal values with a corresponding state of the operating environment of the remote computer, andclassifies the operating environment of the remote computer into the selected zone of trust when the one or more literal values are true for the operating environment, wherein classification into the selected zone of trust includes access to the set of resources associated with the selected zone of trust.
- View Dependent Claims (3, 4, 5, 6, 7)
- - 3. The method of claim 2, wherein the list of zones of trust is further associated with a community of one or more users within a realm, the realm including one or more authorized users each associated with a remote computer and an authentication server.
  - 4. The method of claim 2, further comprising installing a process object on the classified remote computer, the process object for accessing a set of resources associated with the selected zone of trust.
  - 5. The method of claim 4, wherein the process object is a security process object.
  - 6. The method of claim 2, wherein the literal value is an agent literal value.
  - 7. The method of claim 2, wherein the literal value is an artifact literal value.

8. A system for classifying an operating environment of a remote computer, the system comprising:
- a policy server that;
  
  maintains a list of zones of trust in memory, each zone of trust associated with a set of resources,selects a zone of trust from the list of zones of trust, wherein the selected zone of trust is defined by a signature comprising one or more literal values concerning a computer state, andcompares the one or more literal values with a corresponding state of the operating environment of the authenticated remote computer; and
  
  an end point control server for classifying the operating environment of the authenticated remote computer into the selected zone of trust when the one or more literal values are true for the operating environment, wherein classification into the selected zone of trust includes access to the set of resources associated with the selected zone of trust.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The system of claim 8, wherein the signature for the selected zone of trust further includes a list of provisioned process objects required for accessing the set of resources associated with the selected zone of trust.
  - 10. The system of claim 9, wherein a process object from the list of provisioned process objects is installed on the classified remote computer, the installed process object for accessing a set of resources associated with the selected zone of trust.
  - 11. The system of claim 10, wherein the process object is a security process object.
  - 12. The system of claim 11, wherein the end point control server provides and activates the security process object.
  - 13. The system of claim 8, wherein the signature for the selected zone of trust further includes agents running on the remote computer.

14. A non-transitory computer readable storage medium having embodied thereon a program, the program being executable by a processor to perform a method for classifying an operating environment of a remote computer, the method comprising:
- maintaining a list of zones of trust in memory, each zone of trust associated with a set of resources;
  
  selecting a zone of trust from the list of zones of trust, wherein the selected zone of trust is defined by a signature comprising one or more literal values concerning a computer state;
  
  comparing the one or more literal values with a corresponding state of the operating environment of the remote computer; and
  
  classifying the operating environment of the remote computer into the selected zone of trust when the one or more literal values are true for the operating environment wherein classification into the selected zone of trust includes access to the set of resources associated with the selected zone of trust.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aventail LLC
Original Assignee
Aventail LLC
Inventors
Young, Brian, Anandam, Parvez, Hopen, Chris, Tomlinson, Gary, Flagg, Alan

Granted Patent

US 8,301,769 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/6218 to a system of files or obj...

Classifying an Operating Environment of a Remote Computer

First Claim

14 Assignments

0 Petitions

Accused Products

Abstract

120 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Classifying an Operating Environment of a Remote Computer

First Claim

14 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

120 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links