×

System self integrity and health validation for policy enforcement

  • US 9,495,521 B2
  • Filed: 02/07/2011
  • Issued: 11/15/2016
  • Est. Priority Date: 02/05/2010
  • Status: Active Grant
First Claim
Patent Images

1. A method of enforcing system self-integrity validation policies, the method comprising:

  • installing a policy enforcer on a client device;

    using the policy enforcer to examine the policy enforcer itself to determine whether the policy enforcer itself has been compromised;

    in response to a determination that the policy enforcer has been compromised, prohibiting access of the client device to the services provided by the service provider;

    installing, on the client device, a plurality of policies configured to enforce system integrity of the client device;

    monitoring, using the policy enforcer, system performance of the client device to determine actual system performance of the client device;

    based on a first policy in the plurality of policies, comparing the actual system performance of the client device with system performance required by the first policy, wherein the first policy restricts the use of operating systems (O/S) that circumvent digital rights management (DRM) protections;

    determining, by the policy enforcer, that the actual system performance of the client device does not match the system performance required by the first policy;

    identifying one or more software processes responsible for the actual system performance of the client device not matching the system performance required by the first policy including identifying that an O/S running on the client device is circumventing the DRM protections;

    identifying first services from the service provider that are related to the one or more software processes including identifying services that provide DRM-protected files; and

    denying the client device access to the first services from the service provider while continuing to allow the client device access to other services from the service provider, wherein the client device is denied access to the DRM-protected files provided by the identified services.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×