System and method for mobile communication device application advisement
US-9367680-B2 · Jun 14, 2016 · US
Client device state collection and network-based processing solution
US10341509B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10341509-B2 |
| Application number | US-201313836240-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 15, 2013 |
| Priority date | Feb 24, 2013 |
| Publication date | Jul 2, 2019 |
| Grant date | Jul 2, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The presently described embodiments relate to a novel system and method to collect state as a snapshot from a potentially transient endpoint and transmit the state to a public or private network for storage and processing. This system and method allows for the synchronization and virtualization of the endpoint state image in the network for purposes of processing, analysis, and reporting, including but not limited to endpoint vulnerability auditing.
First claim
Opening claim text (preview).
What is claimed is: 1. A system comprising: a) a network interface for communicating over a network with an endpoint device, wherein the endpoint device is intermittently connected to the network; b) a repository for storing a state image of the endpoint device, the state image being a last agreed upon stage image between the system and the endpoint device; and c) a processor unit in communication with the repository and the endpoint device; wherein the system is configured to: provide a manifest to the endpoint device via the network interface, wherein the manifest includes priority and frequency requirements for collecting a state image delta associated with the endpoint device based on the state image of the endpoint device, the state image delta comprising data to add, update, or delete from the state image of the endpoint device; receive the state image delta from the endpoint device via the network interface, wherein the state image delta is received when the endpoint device connects to the network; merge the state image delta with the state image of the endpoint device in the repository to result in an updated state image, wherein the updated state image is stored in the repository, wherein the system being configured to merge the state image delta with the state image of the endpoint device in the repository comprises the system being configured to: determine whether a data collection interval has expired and whether an instruction to drop the state image delta has been processed, and in response to determining the data collection interval has expired and the instruction to drop the state image delta has not been processed, the system is configured to merge the state image delta with the state image of the endpoint device in the repository, wherein the endpoint device instructs the system to drop a last state image delta if the last state image delta has not been processed and if the data collection interval has expired; receive a request for confirmation that the state image delta has been merged with the state image of the endpoint device in the repository from the endpoint device via the network interface; and transmit confirmation that the state image delta has been merged with the state image of the endpoint device in the repository to the endpoint device via the network interface, wherein an identifier associated with the state image delta is stored at the endpoint device, and wherein after the confirmation that the state image delta has been merged with the state image of the endpoint device in the repository is received by the endpoint device, the endpoint device merges the state image delta with a second endpoint image stored at the endpoint device. 2. The system of claim 1 , and further comprising a scanner in communication with the repository, the scanner configured to analyze at least one of the state image and the updated state image stored in the repository. 3. The system of claim 2 , wherein the scanner is configured to determine possible vulnerabilities of the endpoint device based on at least one of the state image and the updated state image without regard to whether the endpoint device is connected to the network at the time of the analysis. 4. The system of claim 1 , wherein the identifier identifies a directory record associated with the updated state image in the repository. 5. The system of claim 1 , wherein the identifier identifies a parent directory record associated with the updated state image in the repository. 6. The system of claim 1 , wherein the identifier identifies state data associated with the endpoint device, wherein the state data is comprised in a directory record associated with the updated state image in the repository. 7. The system of claim 1 , wherein the state image in the repository is created in the repository prior to merging the state image delta with the state image in response to determining that no state image associated with the endpoint exists in the repository. 8. The system of claim 1 , wherein the state image delta comprises state data associated with the endpoint device, and wherein the state data is collected substantially simultaneously to collecting the state image delta. 9. The system of claim 8 , wherein the state data relates to a state and health of the endpoint device and comprises at least one of: information indicating what is installed on the endpoint device; information indicating a storage location of what is installed on the endpoint device; information associated with a password of a particular file stored on the endpoint device; information indicating which processes are currently being executed on the endpoint device; information associated with the network in communication with the endpoint device; and information associated with resource utilization of the endpoint device. 10. The system of claim 1 , wherein the processor unit is configured to establish priority requirements for collecting, by the endpoint device, state data associated with the endpoint device, and wherein the priority requirements for collecting state data associated with the endpoint device are comprised in the manifest. 11. The system of claim 1 , further comprising an analyzing agent in communication with the network interface, wherein the analyzing agent collects the state image delta associated with the endpoint device based on the manifest. 12. The system of claim 11 , wherein the analyzing agent comprises a unique identifier associated with the endpoint device, or wherein the analyzing agent is installed on the endpoint device. 13. The system of claim 11 , wherein the analyzing agent comprises an application programming interface associated with the endpoint device. 14. The system of claim 13 , wherein the application programming interface serves to identify the endpoint device. 15. A system comprising: a) a network interface for communicating over a network with an endpoint device; b) a repository for storing a state image of the endpoint device, the state image being a last agreed upon stage image between the system and the endpoint device; c) a processor unit in communication with the repository; and d) an analyzing agent in communication with the network interface, the repository, and the processor unit; wherein the system is configured to: provide a manifest to the analyzing agent via the network interface, the manifest including priority and frequency requirements for collecting a state image delta associated with the endpoint device based on the state image of the endpoint device, the state image delta comprising data to add, update, or delete from the state image of the endpoint device; receive the state image delta from the analyzing agent via the network interface, wherein the state image delta is collected by the analyzing agent; merge the state image delta with the state image in the repository to result in an updated state image, wherein the updated state image is stored in the repository, wherein the system being configured to merge the state image delta with the state image of the endpoint device in the repository comprises the system being configured to: determine whether a data collection interval has expired and whether an instruction to drop the state image delta has been processed, and in response to determining the data collection interval has expired and the instruction to drop the state image delta has not been processed, the system is configured to merge the state image delta with the state image of the endpoint device in the repository, wherein the endpoint device instructs the system to drop a last state im
Assignees
Inventors
Classifications
Intermediate information storage (H04N1/387, H04N1/41 take precedence {; for control between transmitter and receiver or between image input and image output device H04N1/32358; indexing, editing G11B27/00}) · CPC title
- H04N1/00244Primary
with a server, e.g. an internet server (fax-servers or the like for store and forward H04N1/324) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10341509B2 cover?
- The presently described embodiments relate to a novel system and method to collect state as a snapshot from a potentially transient endpoint and transmit the state to a public or private network for storage and processing. This system and method allows for the synchronization and virtualization of the endpoint state image in the network for purposes of processing, analysis, and reporting, inclu…
- Who is the assignee on this patent?
- Qualys Inc
- What technology area does this patent fall under?
- Primary CPC classification H04N1/00244. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jul 02 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).