发明名称 |
Reactive anti-tampering system for protected services in an enterprise computing system |
摘要 |
An enterprise computing system may utilize a management infrastructure that interacts with protected services in the system. The management infrastructure accepts requests through an anti-tamper procedure that specifies a tamper event, a crucial service to be protected, and a remedial action that may be applied when the tamper event occurs on the protected service. The anti-tamper procedure may be created by a system administrator and distributed to one or more client devices in the system. The management infrastructure monitors a protected service in accordance with the operations and actions specified in the anti-tamper procedure thereby ensuring that the integrity of the system is preserved. |
申请公布号 |
US8756594(B2) |
申请公布日期 |
2014.06.17 |
申请号 |
US201113283635 |
申请日期 |
2011.10.28 |
申请人 |
Microsoft Corporation |
发明人 |
Umansky Alex;Zeitlin Eli;Borshack Ronen |
分类号 |
G06F9/445 |
主分类号 |
G06F9/445 |
代理机构 |
|
代理人 |
Tabor Ben;Drakos Kate;Minhas Micky |
主权项 |
1. A method implemented on a client device having at least one processor, comprising:
receiving a request to monitor for occurrence of a tamper event affecting a protected service executing on the client device, the protected service including an instance of a program that provides a function critical for operation of the client device, the request distributed by a system administrator, the request comprising a remedial action for remedying the tamper event and a provider that provides data from the protected service, the client device part of an enterprise computing system having multiple client devices; utilizing a management infrastructure to monitor the protected service for an occurrence of a tamper event through data received from the provider and to initiate a remedial action in response to detecting occurrence of the tamper event, wherein the provider communicates directly with the protected service; receiving data from the provider that indicates that the tamper event has occurred at the protected service; and applying the remedial action to the protected service, wherein the tamper event, the protected service and the remedial action are specified through executable instructions.
|
地址 |
Redmond WA US |