| 发明名称 | Computer-implemented command control in information technology service environment | ||
| 摘要 | A computer-implemented agent process running on a first computer automatically intercepts a command issued from the first computer to execute on a target computer prior to invocation of the command on the target computer. A server profile built for an application running on the target computer that supports the command may be retrieved. At least based on the server profile a risk enforcement policy is dynamically constructed. Based on the risk enforcement policy, one or more computer-executable enforcement actions to perform prior to sending the command to the target computer for execution is determined. Based on executing of one or more of the computer-executable enforcement actions, the command may be transmitted to execute on the target computer or prevented from executing on the target computer. | ||
| 申请公布号 | US9584378(B1) | 申请公布日期 | 2017.02.28 |
| 申请号 | US201514978291 | 申请日期 | 2015.12.22 |
| 申请人 | International Business Machines Corporation | 发明人 | Adam Constantin M;Anerousis Nikolaos;Chandran Vysakh K.;Hernandez Milton H.;Padhi Debasisha K.;Ruan Yaoping;Tanada Fabio M.;Wu Frederick Y.-F.;Zeng Sai |
| 分类号 | H04L12/24;H04L29/08 | 主分类号 | H04L12/24 |
| 代理机构 | Scully, Scott, Murphy & Presser, P.C. | 代理人 | Scully, Scott, Murphy & Presser, P.C. ;Percello, Esq. Louis J. |
| 主权项 | 1. A computer-implemented method of controlling execution of computer-executable commands, the method performed by one or more hardware processors, comprising: intercepting, automatically by a computer-implemented agent process running on a first computer, a command issued from the first computer to execute on a target computer prior to invocation of the command on the target computer; retrieving a server profile built for an application running on the target computer that supports the command; dynamically constructing a risk enforcement policy at least based on the server profile and change policy; determining based on the risk enforcement policy, one or more computer-executable enforcement actions to perform prior to sending the command to the target computer for execution; and based on executing of one or more of the computer-executable enforcement actions, transmitting the command to execute on the target computer or preventing the command from executing on the target computer to prevent error, the computer-executable enforcement actions comprising at least detecting a connection to the target computer, mapping a process identifier associated with the connection, mapping a process binary from the process identifier, computing a checksum of the process binary and detecting whether the computed checksum matches a pre-computed checksum associated with a custom shell client, wherein the intercepting comprises capturing by the computer-implemented agent process an application invocation signal, and intercepting user input to the application. | ||
| 地址 | Armonk NY US | ||