System and method of monitoring and controlling application files
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-017/30
H04L-029/06
G06F-011/34
G06F-021/50
G06F-021/55
G06F-021/57
H04L-012/26
출원번호
US-0011371
(2016-01-29)
등록번호
US-9692790
(2017-06-27)
발명자
/ 주소
Kester, Harold M.
Dimm, John Ross
Anderson, Mark Richard
Papa, Joseph
출원인 / 주소
Websense, LLC
대리인 / 주소
Schwegman Lundberg & Woessner, P.A.
인용정보
피인용 횟수 :
0인용 특허 :
160
초록▼
A system and method for updating, monitoring, and controlling applications on a workstation. The workstation includes a workstation management module configured to detect the launch or request to access a network by an application. A workstation application server receives data associated with the a
A system and method for updating, monitoring, and controlling applications on a workstation. The workstation includes a workstation management module configured to detect the launch or request to access a network by an application. A workstation application server receives data associated with the application from the workstation. The application server module can determine one or more policies or categories to associate with the application by referencing an application inventory database. Once the application server module has the category or policy, it forwards a hash/policy table to the workstation management module. Upon receipt of the hash/policy table, the workstation management module applies the policy that is associated with the application to control network access by the application.
대표청구항▼
1. A method of updating a system which controls operation of programs on a workstation, the method comprising: detecting a network access attempt by an application;generating an application digest for the application;determining whether the application is associated with one or more policies;if the
1. A method of updating a system which controls operation of programs on a workstation, the method comprising: detecting a network access attempt by an application;generating an application digest for the application;determining whether the application is associated with one or more policies;if the application is associated with one or more policies, then applying the one or more policies that are associated with the application;if the application is not associated with a policy, then sending the application digest to an application server module;determining whether the application is operating in a predetermined manner based at least in part on analyzing past network activity involving the same or relevant applications and text strings associated with the application;if the application is not operating in the predetermined manner, then send the application digest to an application database factory, if the application is operating in the predetermined manner, then apply the one or more policies associated with the application;determining whether each application has been previously analyzed;for each application that was not previously analyzed, assigning one or more categories to at least one of each application or application digest associated with the application;posting each application along with its assigned one or more categories into a database of categorized applications; andreceiving the database of categorized applications by the application server module. 2. The method of claim 1, further comprising: updating a frequency if the application is in an application inventory database; anduploading the application inventory database to the application database factory. 3. The method of claim 1, wherein the one or more policies include allowing or disallowing the application to access the network. 4. The method of claim 1, wherein the application digest includes additional data associated with the application. 5. The method of claim 4, wherein the additional data includes a destination port number. 6. The method of claim 4, wherein the additional data includes a source IP address. 7. The method of claim 1, further comprising: analyzing at least one of the application or application digest associated with the application for data characteristics that are indicative of the one or more categories; andassociating one or more indicators with the application. 8. The method of claim 7, wherein the analyzing the application digest is performed on text strings that are associated with the application. 9. The method of claim 7, wherein the one or more indicators can include a category flag. 10. The method of claim 7, further comprising screening the application using the one or more indicators. 11. A method of updating a system which controls network access by programs on a workstation, the method comprising: detecting a network access request of an application;generating a hash value for the application, wherein the hash values includes network access data;comparing the generated hash value to one or more hash values in a hash/policy table that includes one or more policies associated with the one or more hash values;if the generated hash value matches one or more of the hash values in the hash/policy table, then applying the one or more policies that are associated with the one or more hash values;if the generated hash value does not match a hash value in the hash/policy table, then posting the application to a logging database;uploading the logging database to an application server module;determining whether the application from the logging database is operating in a predetermined manner based at least in part on analyzing past network activity involving the same or relevant applications and text strings associated with the application;if the application is not operating in the predetermined manner, then send the application digest to an application database factory, if the application is operating in the predetermined manner, then apply the one or more policies associated with the application;determining whether the application has been previously analyzed;for each application that was not previously analyzed, selecting one or more categories to associate with that application;posting each application along with its selected one or more categories into a database of categorized applications; andreceiving the database of categorized applications by the application server module. 12. The method of claim 11, further comprising scanning the logging database to determine a frequency count for the application. 13. The method of claim 11, further comprising: posting each application along with its selected one or more categories into a database of applications; andreceiving the database of applications for incorporation into the application inventory database. 14. A method of updating a system which controls operation of programs on a workstation, the method comprising: detecting a program on a workstation accessing a network;determining whether the program is in a network access database sending program data associated with the program to an application server module if the program is not in the network access database;apply one or more policies that are associated with the program, wherein the network access database includes a protocol that is associated with the program;receiving the program data from the workstation management module if the program was not in the network access database;determine whether the program is operating in a predetermined manner based at least in part on analyzing past network activity involving the same or relevant programs and text strings associated with the program, if the program is not operating in the predetermined manner, then send the program data to an application database factory, if the program is operating in the predetermined manner, then provide the one or more policies associated with the program to the workstation management module;determine whether the program was previously analyzed by the application database factory, if the program was not previously analyzed, then determining one or more policies to associate with the program and provide the one or more policies to the application server module;receive the program data from the application server module if the program is not operating in the predetermined manner, if the program was previously analyzed, then providing the one or more policies that were previously associated with the program data to the application server module. 15. The method of claim 14, wherein the protocol is a transport protocol. 16. The method of claim 14, wherein the network access database comprises hash values. 17. The method of claim 14, wherein the network access database comprises one or more categories and one or more policies associated with the program.
Brandt Marcia Lynn ; Brown Kenneth Edgar ; Dykes Pernell James ; Lindberg Erik Duane ; Olson Diane Elaine ; Selden Jeffrey Edward ; Snyder Devon Daniel ; Walts James Orrin, Computer apparatus and method for providing a common user interface for software applications accessed via the world-wid.
Metzger Stephen D. (Lancaster MA) Lomicka Jeffrey A. (Maynard MA) Vacon Gary (Melrose MA) Gili Pat (Westfield MA), Disposition filtering of messages using a single address and protocol table bridge.
Campbell Jerry D. (2281 S. Stagecoach La. Fallbrook CA 92028), Electrical coffee pot positionable in a vehicle and operable from a cigarette lighter receptacle.
Alcorn Allan E. (Portola Valley CA) Barnett Michael (Santa Clara CA) Giacalone ; Jr. Louis D. (Palo Alto CA) Levinthal Adam E. (Redwood City CA), Electronic casino gaming apparatus with improved play capacity, authentication and security.
Shieh Johnny Meng-Han ; Maddalozzo ; Jr. John ; McBrearty Gerald Francis, Filtered utilization of internet data transfers to reduce delay and increase user control.
Rousseau Francis John,GBX ; Godfrey David,GBX ; Bonell John Louis,GBX, Ignition exciter for a gas turbine engine and method of igniting a gas turbine engine.
Benantar Messaoud ; Blakley ; III George Robert ; Nadalin Anthony Joseph, Information handling system, method, and article of manufacture for efficient object security processing by grouping obj.
Bond,Paul W.; Casper,Daniel F.; Chencinski,Edward; Hoke,Joseph M.; Livolsi,Robert R., Initialization of a bidirectional, self-timed parallel interface with automatic testing of AC differential wire pairs.
Duvall William S. ; Kendall Matthew, Internet filtering system for filtering data transferred over the internet utilizing immediate and deferred filtering a.
Eidson John C ; Nicholson Clark ; Weibel Gerald ; O'Brien Dennis ; Wardle Jay M ; Engel Glenn R. ; van der Meulen Ronald, Message filters, automatic binding, and encoding for distributed systems.
Radia Sanjay R. ; Lim Swee Boon ; Tsirigotis Panagiotis ; Wong Thomas K. ; Goedman Robert J. ; Patrick Michael W., Method and apparatus for dynamic packet filter assignment.
Poliquin Lynn R. (Goffstown NH) Arrowsmith Russell (Merrimack NH) Lewis Lundy (Mason NH) Tracy William (Chelmsford MA), Method and apparatus for policy-based alarm notification in a distributed network management environment.
Baugher Mark J. (Austin TX) Chang Philip Y. (Austin TX) Morris Gregory L. (Round Rock TX) Stephens Alan P. (Austin TX), Method and apparatus for reserving system resources to assure quality of service.
Skopp Peter ; Vitale Benjamin F. ; Marur Vinod R. ; Tse Clifford S.C. ; Dulai Dharmender S., Method and apparatus to determine user identity and limit access to a communications network.
Hao Ming C. (Los Altos Hills CA) Obermarck Ronald L. (Redwood City CA) Trivett Gene E. (Portola Valley CA) Trivett Lynn (Portola Valley CA), Method for controlling the peer-to-peer processing of a distributed application across a synchronous request/response in.
Adams James S. ; Moore Donald W. ; Huntington James C. ; Holland Richard C., Method for controlling the presentation of displays in a multi-window computer environment.
Theimer Marvin M. (Mountain View CA) Spreitzer Michael J. (Tracy CA) Weiser Mark D. (Palo Alto CA) Goldstein Richard J. (San Francisco CA) Elrod Scott A. (Redwood City CA) Swinehart Daniel C. (Palo A, Method for granting a user request having locational and contextual attributes consistent with user policies for devices.
Cox David E. ; Hayes ; Jr. Kent F. ; Kaminsky David L. ; Lindquist David B., Methods, systems and computer program products for management of configurable application programs on a network.
Theimer Marvin M. (Mountain View CA) Spreitzer Michael J. (Tracy CA) Weiser Mark D. (Palo Alto CA) Goldstein Richard J. (San Francisco CA) Terry Douglas B. (San Carlos CA) Schilit William N. (Palo Al, Selective delivery of electronic messages in a multiple computer system based on context and environment of a user.
Donald George Paul Waters GB; Jeremy Pavier GB; Graham David Turner GB; Richard Dewitt Cox ; Andrew Timothy Hunter ; Jeffrey Kevin Rand ; Nicolas Duncan Barker Smith GB, Service creation apparatus for a communications network.
Joseph L. Stern, System and method for accessing, manipulating and viewing internet and non-internet related information and for controlling networked devices.
Stern,Joseph L., System and method for controlling networked devices and accessing, manipulating and viewing internet and non-internet related information through multiple sessions.
Finney Michael S. ; Snider Michael L. ; Wright Randall S. ; Paynter James W. ; Bard Robin R., System and method for distributing electronic messages in accordance with rules.
Gryaznov,Dmitry O.; Peternev,Viatcheslav; Muttik,Igor, System and method for identifying a macro virus family using a macro virus definitions database.
Chess, David Michael; Kephart, Jeffrey Owen; Morar, John Frederick; Pring, Edward John; White, Steve Richard, System and method for managing files in a distributed system using filtering.
Chess, David Michael; Kephart, Jeffrey Owen; Morar, John Frederick; Pring, Edward John; White, Steve Richard, System and method for managing files in a distributed system using prioritization.
Bryant David M. (Cardiff CA) Corbeil Ryn C. (Bridgewater NJ) Malcolm Michael A. (Waterloo CA CAX) Thompson Donald R. (San Diego CA), System and method for name-lookup in a local area network data communication system.
Holden James M. ; Levin Stephen E. ; Nickel James O. ; Wrench Edwin H., System and method for providing multi-level security in computer devices utilized with non-secure networks.
Baker Brenda Sue (Berkeley Heights NJ) Grosse Eric (Berkeley Heights NJ), System and method for restricting user access rights on the internet based on rating information stored in a relational.
Kester, Harold M.; Kester Jones, legal representative, Nicole; Dimm, John Ross; Anderson, Mark Richard; Papa, Joseph, System and method of monitoring and controlling application files.
Akiyoshi Takashi (Osaka JPX) Matsuse Tetsuo (Ikoma-gun JPX), System for automatically generating and saving control information in a server if requested by a client at system initia.
Schmidt Jonathan ; Donzis Lewis ; Donzis Henry ; Murphy John ; Baron Peter ; Savage Herb, System for controlling users access to a distributive network in accordance with constraints present in common access.
Choquier Philippe,FRX ; Peyroux Jean-Francios ; Griffin William J., System for on-line service in which gateway computer uses service map which includes loading condition of servers broad.
Kapoor, Harsh; Akerman, Moisey; Justus, Stephen D.; Ferguson, JC; Korsunsky, Yevgeny; Gallo, Paul S.; Lee, Charles Ching; Martin, Timothy M.; Fu, Chunsheng; Xu, Weidong, Systems and methods for processing data flows.
Birrell Andrew D. ; Wobber Edward P. ; Schroeder Michael ; Melling Christopher,GBX ; Jaffer Simon,GBX, Technique for dynamically generating an address book in a distributed electronic mail system.
Horvitz, Eric J.; Kadie, Carl M.; Ozer, Stuart; Wong, Curtis G., Training, inference and user interface for guiding the caching of media content on local stores.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.