Compliance validator for restricted network access control
First Claim
1. A method, comprising:
- determining if there are any updates at a central update location for either a compliance validation executable file or a compliance configuration file that require installation, based on a digital hash of the compliance validation executable file and the compliance validation configuration file;
automatically updating a compliance validation executable file and the compliance validation configuration file, if any updates are available;
determining if a compliance validation executable update file has been removed from the central update location;
if the update file has been removed, removing the compliance validation executable file and the compliance validation configuration file from a computer system; and
encrypting a path to the central update location to prevent tampering with at least one of the compliance validation executable update file and the compliance validation configuration file stored at the central update location.
4 Assignments
0 Petitions
Accused Products
Abstract
A method, system, and computer program product for detecting and enforcing compliance with access requirements for a computer system in a restricted computer network. A compliance validation configuration file is created for the computer system. A maintenance service utility is configured to launch a compliance validation executable file at a specified time during operation of the computer system. A digital hash is generated for the compliance validation executable file and for the compliance validation configuration file. A determination is made if the computer system or a computer system user is a member of a configured restricted group. If the computer system or the computer system user is a member of a configured restricted group, a determination is made if a directory site code for a subnet of the restricted computer network to which the computer system is connected corresponds to a configured and allowed site. If the directory site code does not correspond to a configured and allowed site, compliance with access requirements are enforced. Enforcement actions can include a forced logoff of the computer system user, and/or a forced shutdown of the computer system.
35 Citations
20 Claims
-
1. A method, comprising:
-
determining if there are any updates at a central update location for either a compliance validation executable file or a compliance configuration file that require installation, based on a digital hash of the compliance validation executable file and the compliance validation configuration file; automatically updating a compliance validation executable file and the compliance validation configuration file, if any updates are available; determining if a compliance validation executable update file has been removed from the central update location; if the update file has been removed, removing the compliance validation executable file and the compliance validation configuration file from a computer system; and encrypting a path to the central update location to prevent tampering with at least one of the compliance validation executable update file and the compliance validation configuration file stored at the central update location. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system, comprising:
-
a processor that; determines if there are any updates at a central update location for either a compliance validation executable file or a compliance configuration file that require installation, based on a digital hash of the compliance validation executable file and the compliance validation configuration file; automatically updates a compliance validation executable file and the compliance validation configuration file, if any updates are available; determines if a compliance validation executable update file has been removed from the central update location; if the update file has been removed, removes the compliance validation executable file and the compliance validation configuration file from a computer system; and encrypts a path to the central update location to prevent tampering with at least one of the compliance validation executable update file and the compliance validation configuration file stored at the central update location. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer program product comprising a computer readable medium having computer readable code embedded therein, the computer readable medium comprising:
-
program instructions that determine if there are any updates at a central update location for either a compliance validation executable file or a compliance configuration file that require installation, based on a digital hash of the compliance validation executable file and the compliance validation configuration file; program instructions that automatically update a compliance validation executable file and the compliance validation configuration file, if any updates are available; program instructions that determine if a compliance validation executable update file has been removed from the central update location; if the update file has been removed, program instructions that remove the compliance validation executable file and the compliance validation configuration file from a computer system; and program instructions that encrypt a path to the central update location to prevent tampering with at least one of the compliance validation executable update file and the compliance validation configuration file stored at the central update location. - View Dependent Claims (20)
-
Specification