System and method for protecting cloud services from unauthorized access and malware attacks
First Claim
1. A method for processing queries from a user device by a server, comprising:
- receiving, by the server, from a security software deployed on a user device, a system state and configuration information of the user device;
analyzing, by the server, the collected system state and configuration information to determine a level of trust associated with the user device;
receiving, by the server, one or more queries from a security software of the user device directed to one or more services provided by the server, wherein the security software is configured to follow different procedures for contacting different services;
analyzing the one or more queries received from the security software to determine whether the security software followed a correct procedure for contacting one or more services, wherein the correct procedure includes contacting different services in a specific order;
based on the determination of whether the security software followed a correct or incorrect procedure for contacting the server, determining whether to update or not update the level of trust associated with the user device;
determining, based on the level of trust, how to process the one or more queries; and
providing different responses to the one or more queries from the security software based on the determination of how to process the one or more queries.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are systems, methods and computer program products for protecting cloud security services from unauthorized access and malware attacks. In one example, a cloud server receives one or more queries from security software of the user device. The server analyzes a system state and configuration of the user device to determine the level of trust associated with the user device. The server also analyzes the one or more queries received from the security software to determine whether to update the level of trust associated with the user device. The server determines, based on the level of trust, how to process the one or more queries. Finally, the server provides responses to the one or more queries from the security software based on the determination of how to process the one or more queries.
74 Citations
17 Claims
-
1. A method for processing queries from a user device by a server, comprising:
-
receiving, by the server, from a security software deployed on a user device, a system state and configuration information of the user device; analyzing, by the server, the collected system state and configuration information to determine a level of trust associated with the user device; receiving, by the server, one or more queries from a security software of the user device directed to one or more services provided by the server, wherein the security software is configured to follow different procedures for contacting different services; analyzing the one or more queries received from the security software to determine whether the security software followed a correct procedure for contacting one or more services, wherein the correct procedure includes contacting different services in a specific order; based on the determination of whether the security software followed a correct or incorrect procedure for contacting the server, determining whether to update or not update the level of trust associated with the user device; determining, based on the level of trust, how to process the one or more queries; and providing different responses to the one or more queries from the security software based on the determination of how to process the one or more queries. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for processing queries from a user device by a server, the system comprising;
-
a hardware processor configured to; receive from a security software deployed on a user device, a system state and configuration information of the user device; analyze, the collected system state and configuration information to determine a level of trust associated with the user device; receive one or more queries from a security software of the user device directed to one or more services provided by the server, wherein the security software is configured to follow different procedures for contacting different services; analyze the one or more queries received from the security software to determine whether the security software followed a correct procedure for contacting one or more services, wherein the correct procedure includes contacting different services in a specific order; based on the determination of whether the security software followed a correct or incorrect procedure for contacting the server, determine whether to update or not update the level of trust associated with the user device; determine, based on the level of trust, how to process the one or more queries; and provide different responses to the one or more queries from the security software based on the determination of how to process the one or more queries. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer program product embedded in a non-transitory computer-readable storage medium, the computer program product comprising computer-executable instructions for processing queries from a user device by a server, including instructions for:
-
receiving, by the server, from a security software deployed on a user device, a system state and configuration information of the user device; analyzing, by the server, the collected system state and configuration information to determine a level of trust associated with the user device; receiving, by the server, one or more queries from a security software of the user device directed to one or more services provided by the server, wherein the security software is configured to follow different procedures for contacting different services; analyzing the one or more queries received from the security software to determine whether the security software followed a correct procedure for contacting one or more services, wherein the correct procedure includes contacting different services in a specific order; based on the determination of whether the security software followed a correct or incorrect procedure for contacting the server, determining whether to update or not update the level of trust associated with the user device; determining, based on the level of trust, how to process the one or more queries; and providing different responses to the one or more queries from the security software based on the determination of how to process the one or more queries. - View Dependent Claims (14, 15, 16, 17)
-
Specification