首页>
外国专利>
DETECTION OF COMPROMISED UNMANAGED CLIENT END STATIONS USING SYNCHRONIZED TOKENS FROM ENTERPRISE-MANAGED CLIENT END STATIONS
DETECTION OF COMPROMISED UNMANAGED CLIENT END STATIONS USING SYNCHRONIZED TOKENS FROM ENTERPRISE-MANAGED CLIENT END STATIONS
展开▼
机译:使用企业管理的客户端终端站中的同步令牌检测受损的未管理客户端终端站
展开▼
页面导航
摘要
著录项
相似文献
摘要
Techniques related to detecting compromised unmanaged client end stations using synchronized tokens placed on enterprise-managed client end stations are described. A token distribution module causes token(s) to be placed with user data of a managed client end station in specific locations. The placement locations are selected due to the token(s) likely being synchronized, the token(s) being unlikely to be discovered or used by an authorized user, but likely discovered by an attacker. During a synchronization process, the token(s) are sent to an unmanaged client end station. The token(s) can be detected and/or acquired from the unmanaged client end station by an attacker, and thereafter used in an attempt to access an apparent enterprise resource. A token detection module can detect this use of the token(s) to thereby detect the compromise of the unmanaged client end station, without needing direct access to the unmanaged client end station.
展开▼