Method and system for verification of an endpoint security scan
First Claim
Patent Images
1. A method of granting a node operated by a user access to resources based on information about the node, comprising:
- (a) receiving, by a receiver of a gateway, a request from a node operated by a user to access a resource;
(b) generating, by an agent constructor of the gateway, a scanning agent to gather information about the node;
(c) generating, by a key generator of the gateway, at least one key;
(d) embedding, by an encryption function generator of the gateway, in the scanning agent the at least one generated key;
(e) transmitting, by a transmitter of the gateway, the scanning agent to the node;
(f) encrypting, by the scanning agent, gathered information about the node using the at least one generated key;
(g) decrypting, by a decryptor of the gateway, the encrypted gathered information; and
(h) receiving, by a first component of a policy engine of the gateway, the decrypted gathered information, and generating a dataset comprising a plurality of identifiers, each of the plurality of identifiers identifying a respective condition satisfied by the gathered information;
(i) granting, by a second component of the policy engine, one of a plurality of levels of access to the node to access the resource responsive to application of a policy to the generated dataset.
8 Assignments
0 Petitions
Accused Products
Abstract
A method of granting access to resources includes the step of receiving a request from a node to access a resource. A scanning agent is generated to gather information about the node. A key is generated and embedded in the scanning agent. The scanning agent is transmitted to the node and gathers information regarding the node. The scanning agent encrypts the gathered information using the at least one generated key. The encrypted gathered information is received from the scanning agent and decrypted.
-
Citations
22 Claims
-
1. A method of granting a node operated by a user access to resources based on information about the node, comprising:
-
(a) receiving, by a receiver of a gateway, a request from a node operated by a user to access a resource; (b) generating, by an agent constructor of the gateway, a scanning agent to gather information about the node; (c) generating, by a key generator of the gateway, at least one key; (d) embedding, by an encryption function generator of the gateway, in the scanning agent the at least one generated key; (e) transmitting, by a transmitter of the gateway, the scanning agent to the node; (f) encrypting, by the scanning agent, gathered information about the node using the at least one generated key; (g) decrypting, by a decryptor of the gateway, the encrypted gathered information; and (h) receiving, by a first component of a policy engine of the gateway, the decrypted gathered information, and generating a dataset comprising a plurality of identifiers, each of the plurality of identifiers identifying a respective condition satisfied by the gathered information; (i) granting, by a second component of the policy engine, one of a plurality of levels of access to the node to access the resource responsive to application of a policy to the generated dataset. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system of granting a node operated by a user access to resources based on information about the node via an access gateway comprising:
-
a receiver, receiving a request from a node operated by a user to access a resource; an agent constructor, generating a scanning agent for gathering information about the node; a key generator, in communication with the receiver and the agent constructor, generating at least one key; a encryption function generator, in communication with the agent constructor and the key generator, embedding the at least one generated key in the generated scanning agent; a decryptor, receiving encrypted gathered information about the node and decrypting the gathered information; a first component of a policy engine, receiving the decrypted gathered information and generating a dataset comprising a plurality of identifiers, each of the plurality of identifiers identifying a respective condition satisfied by the gathered information; and a second component of the policy engine, granting one of a plurality of levels of access to the node to access the resource responsive to application of a policy to the generated dataset. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system of granting a node operated by a user access to resources based on information about the node via an access gateway comprising:
-
means for receiving a request from a node operated by a user to access a resource; means for generating a scanning agent for gathering information about a configuration of the node; means for generating at least one key; means for embedding the at least one generated key in the generated scanning agent; means for receiving encrypted gathered information about the configuration of the node and decrypting the gathered information; means for receiving, by a policy engine, the decrypted gathered information and generating a dataset comprising a plurality of identifiers, each of the plurality of identifiers identifying a respective condition satisfied by the gathered information; and means for granting, by the policy engine, one of a plurality of levels of access to the node to access the resource responsive to application of a policy to the generated dataset. - View Dependent Claims (22)
-
Specification