System, method, apparatus and computer program product for facilitating digital communications

US 7,395,341 B2
Filed: 08/16/2004
Issued: 07/01/2008
Est. Priority Date: 08/15/2003
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for preventing unsecured access to a computer over a network by a client running on a remote computer comprising:

storing at least one client policy, said client policy including a configuration of said remote computer that reduces the likelihood of a security breach of said computer as a result of said remote computer accessing said computer;

receiving a request from a user for access to said computer;

determining a location type of said remote computer;

selecting a desired policy from among said at least one client policy based on said location type of said remote computer;

selecting a connection type from available connections to said computer based on said desired policy;

verifying that said remote computer conforms with said desired policy; and

connecting said client to said computer.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method and apparatus prevents unsecured access to a computer over a network by a client running on a remote computer. In one aspect of the present invention, a client policy is stored on the remote computer. The client policy includes a configuration of the remote computer that reduces the likelihood of a security breach of the computer as a result of the remote computer accessing the computer. A request is received from a user for access to the computer. It is verified that the remote computer conforms with the client policy, and the client is connected to said computer.

Citations

16 Claims

1. A computer-implemented method for preventing unsecured access to a computer over a network by a client running on a remote computer comprising:
- storing at least one client policy, said client policy including a configuration of said remote computer that reduces the likelihood of a security breach of said computer as a result of said remote computer accessing said computer;
  
  receiving a request from a user for access to said computer;
  
  determining a location type of said remote computer;
  
  selecting a desired policy from among said at least one client policy based on said location type of said remote computer;
  
  selecting a connection type from available connections to said computer based on said desired policy;
  
  verifying that said remote computer conforms with said desired policy; and
  
  connecting said client to said computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method recited in claim 1, wherein said determining step includes determining said location type of one of:
    - non-corporate/non-roaming, corporate/non-roaming, and non-corporate/roaming.
  - 3. The method recited in claim 1, wherein said verifying step includes verifying that none of a list of forbidden applications are running on said remote computer.
  - 4. The method recited in claim 1, wherein said verifying step includes verifying that none of a list of forbidden applications are running on said remote computer, said list of forbidden applications including at least one of:
    - viruses, spyware, instant messaging, unlicensed, and file sharing applications.
  - 5. The method recited in claim 1, wherein said verifying step includes verifying that all of a list of required applications are running on said remote computer.
  - 6. The method recited in claim 1, wherein said verifying step includes verifying that all of a list of required applications are running on said remote computer, said list of required applications including at least one of:
    - firewall, anti-virus, and anti-spyware applications.
  - 7. The method recited in claim 1, further comprising:
    - periodically determining that said remote computer conforms with said client policy; and
      
      taking a policy based action, said policy based action including at least one of;
      
      correcting a non-conforming condition and notifying said user of said non-conforming condition.
  - 8. The method recited in claim 7, further comprising:
    - disconnecting said client from at least one of said computer and an Internet connection if said non-conforming condition cannot be corrected.
  - 9. The method recited in claim 1, further comprising:
    - transmitting a list of policy violations to an access control gateway.

10. A computer program product including a computer storage medium, said computer storage medium comprising one of volatile media and non-volatile media, and a computer program code mechanism embedded in the computer storage medium for preventing unsecured access to a computer over a network by a client running on a remote computer, the computer code mechanism comprising:
- a computer code device configured to store at least one client policy, said client policy including a configuration of said remote computer that reduces the likelihood of a security breach of said computer as a result of said remote computer accessing said computer;
  
  a computer code device configured to receive a request from a user for access to said computer;
  
  a computer code device configured to determine a location type of said remote computer;
  
  a computer code device configured to select a desired policy from among said at least one client policy based on said location type of said remote computer;
  
  a computer code device configured to select a connection type from available connections to said computer based on said desired policy;
  
  a computer code device configured to verify that said remote computer conforms with said desired policy; and
  
  a computer code device configured to connect said client to said computer;
  
  wherein said remote computer accesses said computer over said network if said remote computer conforms with said desired policy.

11. An apparatus for preventing unsecured access to a computer over a network by a client running on a remote computer comprising:
- means for storing at least one client policy, said client policy including a configuration of said remote computer that reduces the likelihood of a security breach of said computer as a result of said remote computer accessing said computer;
  
  means for receiving a request from a user for access to said computer;
  
  means for determining a location type of said remote computer;
  
  means for selecting a desired policy from among said at least one client policy based on said location type of said remote computer;
  
  means for selecting a connection type from available connections to said computer based on said desired policy;
  
  means for verifying that said remote computer conforms with said desired policy; and
  
  means for connecting said client to said computer.

12. An apparatus for preventing unsecured access to a computer over a network by a client running on a remote computer comprising:
- a storage mechanism configured to store at least one client policy, said client policy including a configuration of said remote computer that reduces the likelihood of a security breach of said computer as a result of said remote computer accessing said computer;
  
  an input/output device configured to receive a request from a user for access to said computer; and
  
  a processor including;
  
  a location determination mechanism configured to determine a location type of said remote computer;
  
  a policy selection mechanism configured to select a desired policy from among said at least one client policy based on said location type of said remote computer;
  
  a connection selection mechanism configured to select a connection type from available connections to said computer based on said desired policy; and
  
  a verification mechanism configured to verify that said remote computer conforms with said desired policy,wherein said input/output device is configured to connect said client to said computer.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The apparatus recited in claim 12, wherein said verification mechanism is configured to verify that none of a list of forbidden applications are running on said remote computer.
  - 14. The apparatus recited in claim 13, wherein said list of forbidden applications includes at least one of:
    - viruses, spyware, instant messaging, unlicensed, and file sharing applications.
  - 15. The apparatus recited in claim 12, wherein said verification mechanism is configured to verify that all of a list of required applications are running on said remote computer.
  - 16. The apparatus recited in claim 15, wherein said list of required applications includes at least one of:
    - firewall, anti-virus, and anti-spyware applications.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
Fiberlink Communications Corporation (International Business Machines Corporation)
Inventors
Pappano, Joseph E., Bluestone, Derek, Adams, Clinton, Pressman, Howard M., Nicodemus, Blair Gaver
Primary Examiner(s)
Walsh; John B.

Application Number

US10/918,362
Publication Number

US 20050086510A1
Time in Patent Office

1,415 Days
Field of Search

None
US Class Current

709/229
CPC Class Codes

H04L 12/2898   Subscriber equipments DSL m...

H04L 63/0272   Virtual private networks

H04L 63/0414   during transmission, i.e. p...

H04L 63/0428   wherein the data content is...

H04L 63/083   using passwords cryptograph...

H04L 63/102   Entity profiles

H04L 69/16   Implementation or adaptatio...

H04L 69/168   specially adapted for link ...

H04L 9/3226   using a predetermined code,...

H04L 9/3271   using challenge-response

H04W 74/00   Wireless channel access

System, method, apparatus and computer program product for facilitating digital communications

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

System, method, apparatus and computer program product for facilitating digital communications

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links