Peer-to-peer remediation

US 8,924,577 B2
Filed: 09/13/2012
Issued: 12/30/2014
Est. Priority Date: 12/08/2005
Status: Active Grant

First Claim

Patent Images

1. A system comprising a server computing device and at least one software module that are together configured for performing actions comprising:

recognizing an attempt by a client to access the server computing device;

determining whether a status of the attempting client complies with a quarantine enforcement policy, where the determining comprises receiving a statement of health from the attempting client, comparing the statement of health with the quarantine enforcement policy, and transmitting a statement of health response to the attempting client indicative of compliance with the quarantine enforcement policy, where the transmitted statement of health response comprises, in response to the status not complying with the quarantine enforcement policy, at least one particular patch that, when successfully installed on the attempting client, will cause the status to comply with the quarantine enforcement policy;

allowing the attempt in response to the status complying with the quarantine enforcement policy, the allowing the attempt resulting in the attempting client succeeding in accessing the server computing device; and

denying the attempt in response to the status not complying with the quarantine enforcement policy, the denying the attempt resulting in the attempting client failing to access the server computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network in which peer-to-peer remediation is provided to keep clients in the network up-to-date. As network clients establish peer-to-peer connections, they exchange status information. The status information allows the clients to mutually identify whether one client is more out-of-date than another. The more up-to-date client provides update information to the more out-of-date client. To preserve the integrity of the update process, updates are provided as signed binary files and are only applied by the client receiving the update if the binary file may be authenticated by the recipient.

63 Citations

View as Search Results

20 Claims

1. A system comprising a server computing device and at least one software module that are together configured for performing actions comprising:
- recognizing an attempt by a client to access the server computing device;
  
  determining whether a status of the attempting client complies with a quarantine enforcement policy, where the determining comprises receiving a statement of health from the attempting client, comparing the statement of health with the quarantine enforcement policy, and transmitting a statement of health response to the attempting client indicative of compliance with the quarantine enforcement policy, where the transmitted statement of health response comprises, in response to the status not complying with the quarantine enforcement policy, at least one particular patch that, when successfully installed on the attempting client, will cause the status to comply with the quarantine enforcement policy;
  
  allowing the attempt in response to the status complying with the quarantine enforcement policy, the allowing the attempt resulting in the attempting client succeeding in accessing the server computing device; and
  
  denying the attempt in response to the status not complying with the quarantine enforcement policy, the denying the attempt resulting in the attempting client failing to access the server computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1 where the status comprises an update status of software installed on the attempting client.
  - 3. The system of claim 2 where the software comprises an operating system.
  - 4. The system of claim 2 where the software comprises patches installed on the attempting client.
  - 5. The system of claim 1 where the statement of health response comprises a plurality of portions, and where each portion indicates a particular status that corresponds to a different software or patch installed on the attempting client.
  - 6. The system of claim 5 where the status complying with the quarantine enforcement policy is based on each particular status complying with the quarantine enforcement policy.
  - 7. The system of claim 1, the actions further comprising identifying patches that, when installed on the attempting client, are sufficient to bring the attempting client into compliance with the quarantine enforcement policy.

8. A method performed on a server computing device, the method comprising:
- recognizing an attempt by a client to access the server computing device;
  
  determining whether a status of the attempting client complies with a quarantine enforcement policy, where the determining comprises receiving a statement of health from the attempting client, comparing the statement of health with the quarantine enforcement policy, and transmitting a statement of health response to the attempting client indicative of compliance with the quarantine enforcement policy,where the statement of health response comprises, in response to the status not complying with the quarantine enforcement policy at least one particular patch that, when successfully installed on the attempting client, will cause the status to comply with the quarantine enforcement policy;
  
  allowing the attempt in response to the status complying with the quarantine enforcement policy, the allowing the attempt resulting in the attempting client succeeding in accessing the server computing device; and
  
  denying the attempt in response to the status not complying with the quarantine enforcement policy, the denying the attempt resulting in the attempting client failing to access the server computing device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8 where the status comprises an update status of software installed on the attempting client.
  - 10. The method of claim 9 where the software comprises an operating system.
  - 11. The method of claim 9 where the software comprises patches installed on the attempting client.
  - 12. The method of claim 8 where the statement of health response comprises a plurality of portions, and where each portion indicates a particular status that corresponds to a different software or patch installed on the client.
  - 13. The method of claim 12 where the status complying with the quarantine enforcement policy is based on each particular status complying with the quarantine enforcement policy.
  - 14. The method of claim 8 further comprising identifying patches that, when installed on the attempting client, are sufficient to bring the attempting client into compliance with the quarantine enforcement policy.

15. At least one storage device storing computer-executable instructions that, when executed by a server computing device, cause the server computing device to perform actions comprising:
- recognizing an attempt by a client to access the server computing device;
  
  determining whether a status of the attempting client complies with a quarantine enforcement policy, where the determining comprises receiving a statement of health from the attempting client, comparing the statement of health with the quarantine enforcement policy, and transmitting a statement of health response to the attempting client indicative of compliance with the quarantine enforcement policy,where the statement of health response comprises, in response to the status not complying with the quarantine enforcement policy at least one particular patch that, when successfully installed on the attempting client, will cause the status to comply with the quarantine enforcement policy;
  
  allowing the attempt in response to the status complying with the quarantine enforcement policy, the allowing the attempt resulting in the attempting client succeeding in accessing the server computing device; and
  
  denying the attempt in response to the status not complying with the quarantine enforcement policy, the denying the attempt resulting in the attempting client failing to access the server computing device.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The at least one storage device of claim 15 where the status comprises an update status of software installed on the attempting client.
  - 17. The at least one storage device of claim 16 where the software comprises an operating system, or where the software comprises patches installed on the attempting client.
  - 18. The at least one storage device of claim 15, the actions further comprising identifying patches that, when installed on the attempting client, are sufficient to bring the attempting client into compliance with the quarantine enforcement policy.
  - 19. The at least one storage device of claim 15 where the statement of health response comprises a plurality of portions, and where each portion indicates a particular status that corresponds to a different software or patch installed on the attempting client.
  - 20. The at least one storage device of claim 18 where the identified patches are authenticated.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Choe, Calvin Choon-Hwan
Primary Examiner(s)
KIM, EDWARD J

Application Number

US13/615,527
Publication Number

US 20130007295A1
Time in Patent Office

838 Days
Field of Search

709217-219, 709/225, 709227-229, 709236-237
US Class Current

709/229
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

H04L 67/34   involving the movement of s...

Peer-to-peer remediation

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

63 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Peer-to-peer remediation

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links