OPERATING SYSTEM PATCHING AND SOFTWARE UPDATE RECONCILIATION

US 20140053145A1
Filed: 09/28/2012
Published: 02/20/2014
Est. Priority Date: 08/17/2012
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method of using a Software Reconciliation Framework (SRF) tool, the method comprising:

receiving change data describing changes to one or more files stored on a computer-readable storage device;

determining installed software on a computer associated with the computer-readable storage device;

receiving a manifest comprising a description of file changes associated with a software patch or update for the installed software;

comparing the change data to the manifest; and

if the change data matches the manifest, promoting the changes, thereby producing promoted changes, andif the change data does not match the manifest, marking the changes for further analysis, thereby producing marked changes.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Apparatus and methods are disclosed for implementing software reconciliation frameworks to process changes detected to software installed on computer hosts. According to one embodiment, a method includes receiving change data describing changes to one or more software components stored on a computer-readable storage device, determining installed software on a computer associated with the computer-readable storage device, receiving a manifest comprising a description of file changes associated with a software patch or update for the installed software, and comparing the change data to the manifest. Based on the comparing, if the change data matches the manifest, the changes are promoted, and if the change data does not match the manifest, the changes are marked for further analysis.

78 Citations

View as Search Results

22 Claims

1. A computer-implemented method of using a Software Reconciliation Framework (SRF) tool, the method comprising:
- receiving change data describing changes to one or more files stored on a computer-readable storage device;
  
  determining installed software on a computer associated with the computer-readable storage device;
  
  receiving a manifest comprising a description of file changes associated with a software patch or update for the installed software;
  
  comparing the change data to the manifest; and
  
  if the change data matches the manifest, promoting the changes, thereby producing promoted changes, andif the change data does not match the manifest, marking the changes for further analysis, thereby producing marked changes.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising transmitting a request to receive the manifest to a remote server associated with the installed software, the request identifying at least some of the installed software.
  - 3. The method of claim 1, further comprising:
    - determining a network address associated with a software repository for the installed software based on repository information stored on the computer-readable storage device; and
      
      sending a request for the manifest over a network based on the network address.
  - 4. The method of claim 1, wherein the determining installed software comprises searching a registry of installed applications stored on the computer-readable storage device.
  - 5. The method of claim 1, wherein the determining installed software comprises searching a package manager database.
  - 6. The method of claim 1, wherein the acts of determining and comparing are initiated in response to the receiving the change data.
  - 7. The method of claim 1, wherein the manifest is based at least in part on expected changes specified by a user of the computer.
  - 8. The method of claim 1, wherein the manifest is generated by a publisher or distributor of the installed software.
  - 9. The method of claim 1, wherein the manifest is based at least in part on a listing of files associated with a version of the patch or update of the installed software.
  - 10. One or more non-transitory computer-readable media storing computer-executable instructions that when executed by a computer cause the computer to perform the method of claim 1.

11. A method of reconciling software changes on a host computer, the method comprising:
- receiving one more changes to one or more software components detected by an agent or a compliance and configuration tool executing on the host computer;
  
  generating a description of expected changes for one or more software components installed on the host computer; and
  
  comparing the description to the received changes and, based on the comparing, promoting at least one of the received changes to be indicated as an approved change in a promotion database.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The method of claim 11, wherein the changes are received in response to a change trigger.
  - 13. The method of claim 11, wherein the changes are detected by applying a command output capture rule (COCR) to at least one of the software components, the COCR comprising one or more regular expressions.
  - 14. The method of claim 11, further comprising marking at least one of the received changes for further analysis based on the at least one change not being promoted based on the manifest comparison.
  - 15. The method of claim 11, wherein the changes are a first set of changes, and wherein the method further comprises:
    - receiving a second set of one or more changes, the second set of changes including at least one change in the first set of changes;
      
      comparing a description of the expected changes the second set of one or more changes; and
      
      not reporting at least one of the second set of changes, based on at least one or more of the second set of changes matching an approved change in the promotion database.
  - 16. The method of claim 11, further comprising analyzing the host computer to detect one or more software packages installed on the machine, wherein the generating the description is based at least in part on the detected software.
  - 17. The method of claim 11, further comprising marking at least one of the changes as not found in the promotion database, the marking indicating the change is to be further analyzed.
  - 18. The method of claim 11, further comprising:
    - generating the description of expected changes by comparing one or more software components associated with a version of the installed software components to generate a list of updated or changed software components; and
      
      transmitting the description to the host computer, the description including an indication of the version of the installed software components and the list of updated or changed software components.
  - 19. The method of claim 11, further comprising:
    - generating the description of expected changes by comparing one or more software components to entries in a user-defined list, the user-defined list indicating expected changes to at least one of the software components installed on the host computer.

20. A system, comprising:
- one or more processors;
  
  memory coupled to the processors;
  
  at least one network interface; and
  
  one or more non-transitory computer-readable storage media coupled to the processors, the computer-readable storage media storing modules comprising computer-executable instructions executable by the processors, the modules comprising;
  
  a manifest acquisition module configured to receive one or more software manifests using the network interface, the manifests comprising data describing one or more software modules stored on the computer-readable storage media;
  
  a user-configurable reconciliation module configured to reconcile changes detected in the system based on approved changes in the software manifest;
  
  a configuration module configured to provide access to system credentials and network addresses that can be accessed by the manifest acquisition module to request the software manifests using an application layer of the network interface; and
  
  a rule configuration module configured to manage rules defining changes to software modules that have been defined as approved.
- View Dependent Claims (21, 22)
- - 21. The system of claim 20, further comprising a cache for storing the software manifests, the cache allowing the reconciliation module to access a previously-received software manifest without using the network interface.
  - 22. The system of claim 20, further comprising a promotion database configured to store definitions of changes that have been promoted using the rule configuration module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tripwire Incorporated (Belden Inc.)
Original Assignee
Tripwire Incorporated (Belden Inc.)
Inventors
Steigleder, Andrew C.

Granted Patent

US 9,766,873 B2
Time in Patent Office

Days
Field of Search
US Class Current

717/169
CPC Class Codes

G06F 16/00   Information retrieval; Data...

G06F 8/61   Installation

G06F 8/65   Updates security arrangemen...

G06F 8/658   Incremental updates; Differ...

OPERATING SYSTEM PATCHING AND SOFTWARE UPDATE RECONCILIATION

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

78 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

OPERATING SYSTEM PATCHING AND SOFTWARE UPDATE RECONCILIATION

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

78 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others