Embodiments of the present invention relate generally to methods and systems for enforcing system integrity and, more particularly, to using policy enforcement for ensuring self integrity and health validation of a system.
Presently, it is difficult (and often impossible) to impose particular policies on a user of a device. Some techniques for achieving this consist of essentially placing specific code (programs) that should appropriately restrict the device/user's behavior and/or report the device/user to a monitoring system. However, currently there is not a real way to ensure that programs that actively prevent or report certain actions are present and running properly, nor is there any way to ensure that no additional measures are present to circumvent such programs.
Some typical examples of such programs include ensuring that digital management rights (DRM) are respected (e.g., DVD/CD media copy protection, MPEG/OMA DRM for distributions, etc.). Further, programs include ensuring that archiving policies are respected (e.g., file retention timeouts, destruction policies, no not archive, etc.), ensuring software license management can execute, ensuring corporate “spyware” runs properly, adware agents, etc. Some additional examples include ensuring that a policy enforcer on a device is running, ensuring that appropriate security settings (e.g., firewall settings, antivirus software, etc.) are in place and running, ensuring documents are labeled properly (e.g., confidential) and that proper access to such documents is maintained (e.g., can be sent, copied, archived, downloaded, etc.). Furthermore, other examples of such software include ensuring that relevant events are properly logged, as well as ensuring that device/user clients such as those found in U.S. Pat. No. 7,426,381, entitled DEVICE BILLING AGENT, filed on Mar. 23, 2005, and U.S. Pat. No. 7,403,763, entitled DEVICE AGENT, filed on Sep. 19, 2005, which are incorporated by reference in their entirety for any and all purposes.
Some of the software that circumvents such programs result in a variety of problems. For example, DRM circumvention may include code that disables DRM protection, open source operating systems may skip or ignore DRM protections, or a chip (i.e., the Wiikeey chip) may prevent DRM protection systems. Regarding archiving policies, such policies may simply be ignored and unverified locally, or a copy can be done from other machines. With respect to software license management, such programs may be removed or prevent from running/starting or reporting may be prevented. Similarly, cooperative spyware, adware agents, policy enforcers, and security settings may also be removed, or prevented from running/starting or reporting. Accordingly, there are many ways to eliminate and circumvent programs running on a user device, and thus, there is a need for improvements in the art.