Data security classification sampling and labeling
US-11704431-B2 · Jul 18, 2023 · US
Quarantine for cloud-based services
US2023254279A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2023254279-A1 |
| Application number | US-202318297962-A |
| Country | US |
| Kind code | A1 |
| Filing date | Apr 10, 2023 |
| Priority date | Dec 6, 2019 |
| Publication date | Aug 10, 2023 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A quarantine system could be disposed between an outer firewall and an inner firewall. The quarantine system may include persistent storage containing mappings between computing devices disposed within the inner firewall and data sources disposed outside the outer firewall. The quarantine system may include one or more processors configured to perform operations that include requesting and receiving, based on the mappings, a software-related update from a data source, the software-related update being targeted for deployment on the computing devices. The operations may also include assigning the software-related update for review by a group of one or more agents authorized to approve or reject the software-related update. The operations may also receiving an indication that the software-related update has been approved by the one or more agents and, responsive to receiving the indication, transmitting, based on the mappings, the software-related update to a recipient device within the inner firewall.
First claim
Opening claim text (preview).
What is claimed is: 1 . A quarantine system comprising: one or more processors disposed between an outer firewall and an inner firewall, wherein the inner firewall is disposed within the outer firewall; and a memory storing instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising: requesting a software-related update from a data source disposed outside the outer firewall; receiving the software-related update from the data source disposed outside the outer firewall; and assigning the software-related update for review by one or more agents authorized to approve or reject the software-related update. 2 . The quarantine system of claim 1 , wherein the outer firewall is configured to restrict one or more updates that have not been requested by the quarantine system from being transmitted through the outer firewall to the quarantine system. 3 . The quarantine system of claim 1 , wherein the inner firewall is configured to: restrict one or more first updates that have not been requested by the quarantine system from being transmitted to one or more computing devices disposed within the inner firewall; and permit one or more second updates that have been requested by the quarantine system and approved by the one or more agents to be transmitted to the one or more computing devices. 4 . The quarantine system of claim 1 , wherein the one or more agents are disposed between the outer firewall and the inner firewall. 5 . The quarantine system of claim 1 , wherein the operations comprise: storing the software-related update in a queue for approval or rejection by the one or more agents, wherein the queue comprises a plurality of software-related updates; and assigning one or more software-related updates from the queue for approval or rejection by the one or more agents based on a priority order, wherein the priority order is based on a destination of each software-related update of the plurality of software-related updates, a source of each software-related update of the plurality of software-related updates, a type of each software-related update of the plurality of software-related updates, or an urgency of each software-related update of the plurality of software-related updates, or any combination thereof. 6 . The quarantine system of claim 1 , wherein the operations comprise: storing the software-related update in a queue for approval or rejection by the one or more agents, wherein the queue comprises a plurality of software-related updates; and deleting one or more software-related updates from the queue after a pre-determined period of time has elapsed since storing the one or more software-related updates in the queue, wherein the pre-determined period of time is based on a destination of each software-related update of the plurality of software-related updates, a source of each software-related update of the plurality of software-related updates, a type of each software-related update of the plurality of software-related updates, a caching policy of the quarantine system, or receiving a newer version of at least one software-related update of the plurality of software-related updates, or any combination thereof. 7 . The quarantine system of claim 1 , wherein the operations comprise: receiving an indication of a rejection of the software-related update by the one or more agents; and providing a notification indicative of the rejection of the software-related update in response to receiving the indication of the rejection of the software-related update. 8 . The quarantine system of claim 1 , wherein the operations comprise: receiving an indication of a rejection of the software-related update by the one or more agents; and isolating one or more additional software-related updates associated with the software-related update from being assigned to the one or more agents in response to receiving the indication of the rejection of the software-related update. 9 . A method, comprising: requesting, by one or more processors of a quarantine system disposed between an inner firewall and an outer firewall, a software-related update from a data source disposed outside the outer firewall, wherein the inner firewall is disposed within the outer firewall; receiving, by the one or more processors of the quarantine system, the software-related update from the data source disposed outside the outer firewall; and assigning, by the one or more processors of the quarantine system, the software-related update for review by one or more agents authorized to approve or reject the software-related update. 10 . The method of claim 9 , comprising providing a representation of a graphical user interface (GUI) configured to provide information associated with the software-related update for viewing by the one or more agents. 11 . The method of claim 10 , wherein the GUI is configured to provide a comparison of content of the software-related update and additional content installed on a computing resource, or a dependency tree indicative of connections between a plurality of computing resources of a cloud network, or both. 12 . The method of claim 9 , comprising: storing, by the one or more processors of the quarantine system, the software-related update in a queue for approval or rejection by the one or more agents, wherein the queue comprises a plurality of software-related updates; and assigning, by the one or more processors of the quarantine system, one or more software-related updates from the queue for approval or rejection by the one or more agents based on a priority order, wherein the priority order is based on a destination of each software-related update of the plurality of software-related updates, a source of each software-related update of the plurality of software-related updates, a type of each software-related update of the plurality of software-related updates, or an urgency of each software-related update of the plurality of software-related updates, or any combination thereof. 13 . The method of claim 9 , comprising: storing, by the one or more processors of the quarantine system, the software-related update in a queue for approval or rejection by the one or more agents, wherein the queue comprises a plurality of software-related updates; and deleting, by the one or more processors of the quarantine system, one or more software-related updates from the queue after a pre-determined period of time has elapsed since storing the one or more software-related updates in the queue, wherein the pre-determined period of time is based on a destination of each software-related update of the plurality of software-related updates, a source of each software-related update of the plurality of software-related updates, a type of each software-related update of the plurality of software-related updates, a caching policy of the quarantine system, or receiving a newer version of at least one software-related update of the plurality of software-related updates, or any combination thereof. 14 . The method of claim 9 , comprising: receiving, by the one or more processors of the quarantine system, an indication of a rejection of the software-related update by the one or more agents; and providing, by the one or more processors of the quarantine system, a notification indicative of the rejection of the software-related update in response to receiving the indication of the rejection of the software-related update. 15 . The method of claim 9 , comprising: receiving, by the one or more processors of the quarantine system, an
Assignees
Inventors
Classifications
Discovery or management of network topologies · CPC title
Configuration of virtualised networks or elements, e.g. virtualised network function or OpenFlow elements · CPC title
using virtualisation of network functions or resources, e.g. SDN or NFV entities · CPC title
- H04L63/0209Primary
Architectural arrangements, e.g. perimeter networks or demilitarized zones · CPC title
in which an application is distributed across nodes in the network (software deployment G06F8/60; multiprogramming arrangements G06F9/46) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2023254279A1 cover?
- A quarantine system could be disposed between an outer firewall and an inner firewall. The quarantine system may include persistent storage containing mappings between computing devices disposed within the inner firewall and data sources disposed outside the outer firewall. The quarantine system may include one or more processors configured to perform operations that include requesting and rece…
- Who is the assignee on this patent?
- Servicenow Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0209. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Aug 10 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 11 related publications on this page (citations in our corpus or others sharing the same primary CPC).