公开(公告)号：US09270677B1

公开(公告)日：2016-02-23

申请号：US14175372

申请日：2014-02-07

Applicant: OPEN INVENTION NETWORK LLC

Inventor： Colin Lee Feeser ,  Anthony William Ondrus ,  Mark Jackson Canup

IPC: H04L29/06 ,  G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G08B23/00

CPC classification number: H04L63/10 ,  G06F21/57 ,  G06F2221/034 ,  G06F2221/2101 ,  H04L9/0643 ,  H04L63/0428 ,  H04L63/126

Abstract: A method, system, and computer program product for detecting and enforcing compliance with access requirements for a computer system in a restricted computer network. A compliance validation configuration file is created for the computer system. A maintenance service utility is configured to launch a compliance validation executable file at a specified time during operation of the computer system. A digital hash is generated for the compliance validation executable file and for the compliance validation configuration file. A determination is made if the computer system or a computer system user is a member of a configured restricted group. If the computer system or the computer system user is a member of a configured restricted group, a determination is made if a directory site code for a subnet of the restricted computer network to which the computer system is connected corresponds to a configured and allowed site. If the directory site code does not correspond to a configured and allowed site, compliance with access requirements are enforced. Enforcement actions can include a forced logoff of the computer system user, and/or a forced shutdown of the computer system.

Abstract translation: 一种用于检测并执行受限计算机网络中计算机系统的访问要求的方法，系统和计算机程序产品。 为计算机系统创建合规验证配置文件。 维护服务实用程序被配置为在计算机系统的操作期间的指定时间启动符合性验证可执行文件。 为合规性验证可执行文件和合规性验证配置文件生成数字散列。 如果计算机系统或计算机系统用户是配置的受限组的成员，则确定。 如果计算机系统或计算机系统用户是配置的受限组的成员，则确定计算机系统连接的受限计算机网络的子网的目录站点代码是否对应于已配置和允许的站点。 如果目录站点代码与配置和允许的站点不对应，则强制执行访问要求。 执行操作可以包括计算机系统用户的强制注销和/或计算机系统的强制关闭。

公开(公告)号：US09843586B1

公开(公告)日：2017-12-12

申请号：US15295438

申请日：2016-10-17

Applicant: OPEN INVENTION NETWORK LLC

Inventor： Colin Lee Feeser ,  Anthony William Ondrus ,  Mark Jackson Canup

IPC: H04L29/06 ,  G06F21/57 ,  H04L9/06 ,  G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G08B23/00

CPC classification number: H04L63/10 ,  G06F21/57 ,  G06F2221/034 ,  G06F2221/2101 ,  H04L9/0643 ,  H04L63/0428 ,  H04L63/126

Abstract: A method, system, and computer program product for detecting and enforcing compliance with access requirements for a computer system in a restricted computer network. A compliance validation configuration file is created for the computer system. A maintenance service utility is configured to launch a compliance validation executable file at a specified time during operation of the computer system. A digital hash is generated for the compliance validation executable file and for the compliance validation configuration file. A determination is made if the computer system or a computer system user is a member of a configured restricted group. If the computer system or the computer system user is a member of a configured restricted group, a determination is made if a directory site code for a subnet of the restricted computer network to which the computer system is connected corresponds to a configured and allowed site. If the directory site code does not correspond to a configured and allowed site, compliance with access requirements are enforced. Enforcement actions can include a forced logoff of the computer system user, and/or a forced shutdown of the computer system.

公开(公告)号：US09473500B1

公开(公告)日：2016-10-18

申请号：US15050994

申请日：2016-02-23

Applicant: OPEN INVENTION NETWORK LLC

Inventor： Colin Lee Feeser ,  Anthony William Ondrus ,  Mark Jackson Canup

IPC: H04L29/06 ,  G06F21/57 ,  G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G08B23/00

CPC classification number: H04L63/10 ,  G06F21/57 ,  G06F2221/034 ,  G06F2221/2101 ,  H04L9/0643 ,  H04L63/0428 ,  H04L63/126

Abstract: A method, system, and computer program product for detecting and enforcing compliance with access requirements for a computer system in a restricted computer network. A compliance validation configuration file is created for the computer system. A maintenance service utility is configured to launch a compliance validation executable file at a specified time during operation of the computer system. A digital hash is generated for the compliance validation executable file and for the compliance validation configuration file. A determination is made if the computer system or a computer system user is a member of a configured restricted group. If the computer system or the computer system user is a member of a configured restricted group, a determination is made if a directory site code for a subnet of the restricted computer network to which the computer system is connected corresponds to a configured and allowed site. If the directory site code does not correspond to a configured and allowed site, compliance with access requirements are enforced. Enforcement actions can include a forced logoff of the computer system user, and/or a forced shutdown of the computer system.