Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Business Method of Using Host Based Health Checking and Vulnerability Mitigation

IP.com Disclosure Number: IPCOM000015506D
Original Publication Date: 2002-Jan-12
Included in the Prior Art Database: 2003-Jun-20
Document File: 4 page(s) / 70K

Publishing Venue

IBM

Abstract

This disclosure defines the business method for a service offering that uses Host Based Health Checking in web hosting environments. In a Web Hosting environment, there exists different security zones depending on the proximity of each to the Internet. Each zone can be defined and represented by green, yellow, or red colors based on the risk each poses for systems residing in them. For example, systems close to the Internet reside in a red zone and have a higher security risk. As systems, depending on their function, reside (logically) further from the internet in the Web hosting environments more protection and safeguards are in place thereby having less security risks associated with them. These system are designated to be in Yellow or Green zones. Current hosting architectures exhibit these structures as shown in figure 1. Note that although 3 zones are shown, additional zones which represent combinations or subsets of the shown zones can be shown. "3" is not a magic number. In figure 1, zones are interconnected at connection points. The nature of the connection points are typically firewalls, routers or load balancers. To afford protection in this environment, host based vulnerability protection is available and used. There are multiple products available to utilize for this function, and for the purpose of this disclosure are termed Host Based Health Checking. Host Based Health Checking performs the following generic checks: Account Integrity, Account information, File Attributes, File Find, Password Strength, Network Integrity, Object Integrity, Startup Files, User Files. This is not a complete list, but a sample list of general health checking checks. These checks are not meant to be an all inclusive list since they are dependent on the application. They are also not intended to limit the scope, but only used to better illustrate the type of checks used in a health checking application.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 47% of the total text.

Page 1 of 4

  Business Method of Using Host Based Health Checking and Vulnerability Mitigation

    This disclosure defines the business method for a service offering that uses Host Based Health Checking in web hosting environments.

In a Web Hosting environment, there exists different security zones depending on the proximity of each to the Internet. Each zone can be defined and represented by green, yellow, or red colors based on the risk each poses for systems residing in them. For example, systems close to the Internet reside in a red zone and have a higher security risk. As systems, depending on their function, reside (logically) further from the internet in the Web hosting environments more protection and safeguards are in place thereby having less security risks associated with them. These system are designated to be in Yellow or Green zones. Current hosting architectures exhibit these structures as shown in figure 1. Note that although 3 zones are shown, additional zones which represent combinations or subsets of the shown zones can be shown. "3" is not a magic number. In figure 1, zones are interconnected at connection points. The nature of the connection points are typically firewalls, routers or load balancers.

To afford protection in this environment, host based vulnerability protection is available and used. There are multiple products available to utilize for this function, and for the purpose of this disclosure are termed Host Based Health Checking. Host Based Health Checking performs the following generic checks: Account Integrity, Account information, File Attributes, File Find, Password Strength, Network Integrity, Object Integrity, Startup Files, User Files.

This is not a complete list, but a sample list of general health checking checks. These checks are not meant to be an all inclusive list since they are dependent on the application. They are also not intended to limit the scope, but only used to better illustrate the type of checks used in a health checking application.

A Health Checking Service may be offered in 2 categories: Standard and Custom. Typical examples of health checking items in a standard offering would be: IBM provided health checking policies, IBM

1

[This page contains 1 picture or other non-text object]

Page 2 of 4

provided health checking server; shared by several customers, IBM provided health checking reports, IBM provided ERS (Emergency Response Services).

Typical examples of health checking items in a custom offering would be: all the items in the standard offering, custom health checking policies, dedicated health checking manager, detailed health checking reports, custom ERS support.

This disclosure does not attempt to define how a Host Based Health Checking product is constructed, but rather the business process that uses a Host Based Health Checking System in the Web Hosting Environment. This business process is the basis for service offerings for the web hosted customer. Note that the number of offeri...