REMOTE COMPUTER CONFIGURATION SCANNING
The present invention relates to systems for the remote sensing of the configuration of computer system hardware and software.
Use of the Internet to obtain products and services from retailers' web sites on the Internet (hereinafter "e-tailers") is becoming widespread. Purchasing products and services in this way removes or restricts an important element from the purchasing transaction - that of obtaining advice on the suitability of the product or service to be purchased. As an illustration, suppose that an anonymous web-surfer wishes to purchase a webcam for his computer from an e-tailer. The e-tailer offers a wide range of webcams from different manufacturers, each of which is targeted at different needs, which are dependent on: (1) what the visitor wishes to use his webcam for, ie. his buyer preferences; and (2) the technical specification of his computer, ie. what his computer is capable of running or is compatible with).
However the e-tailer's breadth of offering is of little value to either party unless the options within the range can be matched to the needs of the individual consumer in this e-tail environment.
Establishing the web-surfer's buyer preferences can be relatively easy via a web page: the e-tailer can simply present him with a pick list describing possible preferences, and ask him to select the one which (most closely) describes his preference.
Where it becomes more difficult is in terms of technical specification. The reality is that most computer users are unable to provide even the most basic details about their computer reliably and accurately. In any case, in many situations, it is the detail that matters. Selling a USB-connecting webcam to a Windows 95 user is of little use unless the user is running Windows 95 versions B or C (which have USB support) as opposed to version A (which doesn't).
Quite apart from the purely technical aspect of ascertaining the computer specification, there is also the human element to consider. Asking a user a question to which he or she is unlikely to know the answer effectively raises barriers to a sale at exactly the point in the sale process where the objective is to remove any remaining barriers to the sale. It is expensive and counter-productive to address such questions to the users when the questions could be addressed directly to the computer itself with much greater speed, accuracy and efficiency.
It would therefore be desirable to automatically detect the hardware and/or software configuration of a users computer system prior to offering computer products or services for sale.
A number of hardware- and software-based computer inventory tools which are designed to detect personal computer configuration data are known in the art. Typically these products are used to conduct audits across a population of PC's or to collect data to populate applications such as asset management programs. Invariably, the inventory tools collect more than the hardware configuration data and are sizeable executables that generate large data files.
Typically, inventory programs are executed from floppy disk or from a server on a network, and the resulting data file is either saved back to floppy disk or the server. These inventory programs are not optimised for use across the Internet where the download time for the program and the subsequent upload time of the saved data would be prohibitive. The present invention is directed rather to a system which is particularly suited to computer hardware and software detection across the Internet and which requires no specialist knowledge on the part of the user.
A further problem is a question of trust in the relationship between the user and the prospective vendor. Many users may have a reluctance to agree to the unrestricted scanning of their computer system by a commercial organisation that is primarily concerned with making sales.
A further problem is that an e-tailer is concerned primarily with the sale of goods and services and does not necessarily have the expertise or the wish to acquire and maintain expertise in sophisticated computer scanning systems.
An objective of the present invention is therefore to provide an automated system for matching a user's technical needs with appropriate hardware and software systems which are available for purchase via an e-tailer's web site.
A further objective of the present invention is to provide an attachment technology for e-business by which, via their web site, a client e-business can enable the automatic examination of a visitor's computer (or other Internet-connected device) to determine the specification of that device and its suitability to receive products and services marketed by that e-business.
A further preferred objective of the invention is to provide a system in which can lie between a vendor of hardware or software and a prospective purchaser to match the requirements of the two parties while being independent of both.
Some or all of the above objectives are met with various embodiments to be described herein.
According to one aspect, the present invention provides a hardware and software system and method to detect and forward across the Internet to a third-party, configuration information detected from a user's computer, which user is a visitor to the third parry's web site.
The operation of the system is initiated by the user, from the web site of the third- party. The system comprises the software tool(s) for detecting the configuration information, the means for establishing the channels of communication between the third-party, user and a server on which the software tools and detected data are stored, and the return of validated data to the third-party.
According to another aspect, the present invention provides apparatus for the remote scanning of configuration data relating to hardware or software installed in or as part of a user's computer system, the apparatus comprising: means for downloading a software-based scanning module from a provider's server to a user's computer system; said scanning module including means for determining preselected items of configuration data from the user's computer system and conveying said configuration data to the provider's server; and means for forwarding said configuration data to a client server.
According to another aspect, the present invention provides a method of remote scanning for configuration data relating to hardware or software installed in or as part of a user's computer system, the method comprising: determining preselected items of configuration information required; initiating, by a user, download of a scanning module from a provider's server to the user's computer system; determining, by said scanning module, configuration data for said preselected items of configuration information from the user's computer system and conveying said configuration data to the provider's server; and authorising, by said user, transmittal of said configuration data to a client server.
According to another aspect, the present invention provides a method of verifying compatibility of a user's computer system with at least one candidate product or service comprising the steps of: visiting, by a user, a client web site; initiating, by the user, download of a scanning module from a provider server by activation of an address embedded in the client web site; scanning the user's computer system using said scanning module; forwarding configuration data resulting from the scan to the client server.
Embodiments of the present invention will now be described by way of example, with reference to the accompanying drawings in which:
Figure 1 shows a schematic diagram of the various components of a computer networked system suitable for carrying out the invention, and indicating data flows involved in an initial stage of a scanning operation;
Figure 2 shows a schematic diagram of the system of figure 1 indicating data flows during a second stage of a scanning operation;
Figure 3 shows a schematic diagram of the system of figure 1 indicating data flows during a third stage of a scanning operation;
Figure 4 shows a schematic diagram of the system of figure 1 indicating data flows during a fourth stage of a scanning operation; Figures 5 to 9 show schematic diagrams of the system of figure 1 indicating data flows during stages of an alternative scanning operation.
Throughout the present specification, the person using the computer system which is to be examined or scanned for configuration data will be referred to as the "user". References to the user's computer system are intended to include any type of network-connected (and in particular, Internet-connected) processing device, which may include Internet television set-top boxes and the like. The e-tailer or other business that is operating a network device, eg. web server, by which products and services are being sold to the user will be referred to as the "client", and references to the client's web server are intended to include any network-connected computer devices which require configuration data to be received in respect of a user's computer system. A third network-connected computer system that is providing the computer scanning service to be described herein is referred to as the scanning system "provider".
Although a preferred embodiment is described in the context of a commercial environment in which an e-tailer is selling products or services which require a knowledge of the user's computer system, it will be understood that the invention is not limited to use in such a commercial environment.
The configuration data being scanned from the user's computer may include both hardware and software configuration data. In general the configuration data may comprise a detailed description of the internal hardware components of the user's computer system, a detailed description of peripherals attached internally or
externally to the computer system, together with a detailed description of the software (eg. operating system, applications and drivers) installed on the computer system. The detailed description may include the make and model of the component and/or peripheral, or the publisher, name and build standard of software. The detailed description may also include information on the speed, storage capacity, quantity of memory and means of connectivity of the hardware component and/or peripheral as appropriate to its function. The detailed description is not necessarily limited to the items described above. Preferably, the configuration data collected is customised to the needs of the client or client server, eg. in accordance with the products or services the client is trying to sell.
The system of the present invention is preferably optimised for efficient information collection from the user's computer system, in particular over a limited bandwidth network such as the Internet. This is achieved by making the system fully configurable to collect only the targeted information. The information collected may be verified against a comprehensive and extensive data set maintained in the provider computer system to ensure accuracy. The technology can be readily adapted to operate across a broad range of computer operating systems to include all variants of 32-bit Microsoft Windows™ platforms, Apple Macintosh™ and other operating systems. The data collection capability can be comprehensive and extensive. In the preferred embodiment, the system is easy to configure by clients and easy to operate by the end user.
A significant feature of the preferred embodiment of the present invention is that a three party system, namely (i) computer user (eg. private individual); (ii) client (eg. e-tailer, or other e-business) and (iii) provider (of the scanning service) enables the provider system to be completely independent of the client system. Thus, the provider of the computer scanning service may be a trusted third party who can give assurance regarding user data privacy ensuring that only relevant configuration data is collected and passed to the client, and can build a comprehensive knowledge database of computer system configuration types.
Another significant feature of an embodiment of the invention is that the scanning code does not carry the burden of databases to match the detected raw configuration
data with. Data matching is achieved by passing raw configuration data back from the user's computer to a data server for processing. This enables very compact scanning code sequences to be used which result in quick and easy transmission using standard Internet transmission protocols.
The system of the preferred embodiment is made up of a number of components that combine to form a coherent and flexible product that dynamically adapts to the information requirements of a client and a user. There are four basic stages, each making use of a series of components as follows:
(a) Initial configuration
The initial configuration process is used by the client to specify which data is to be collected from the user's computer system. This is preferably performed by filling in a web-based form. The result of this initial configuration process is a personalised uniform resource locator (URL) that is placed on the client's web site.
(b) Initiation
A scan is initiated when a user clicks on this URL on the client web site. The URL calls and downloads an executable piece of code from the provider computer system.
(c) Scanning
The raw hardware and configuration data is detected in the user's computer system and then passed to the provider's application server for further processing and identification using a predetermined knowledge base in the provider's server.
(d) Delivery
Once identified, the required configuration data is made available to the client server for further processing.
Initial configuration
Preferably, the system is first configured for use, by the client, via a web page on the provider's web site. The client may identify the configuration data items that it wants to detect on the user's computer system by selecting them from drop-down
hierarchical menus. Thus the data set required may be unique or customised to each individual client. Once the initial configuration process is completed, the client will be presented with a confirmation of the data items selected and a textual URL link to the provider's server, which the client can incorporate into the hypertext mark up language (HTML) on their web pages. Thus, in this fashion the system more generally provides a means for, remotely from the client server, preselecting required items of configuration data and storing said required items' definition in the provider's server.
In a preferred embodiment, a script will also be incorporated into the client's web page which will display the provider's URL "button" which may be clicked by the user to establish the required link to the provider's server. The URL link also contains a unique client identifier (UCI) that is used to direct the results of a scan of the user's computer system to the correct client web site.
Thus, while in the preferred embodiment, the preselection of configuration data items required is implemented remotely from the client server, the initial configuration process could be carried out in a number of other ways. These could include, for example, direct programming at the provider's server. This process, being a relatively infrequent operation, need not be carried out on-line over the Internet but could be carried out using other conventional information submission methods.
Once the configuration process is complete and the URL link incorporated into the client's web page the system is ready for use.
Operating sequence
With reference to figure 1, a user 10 establishes a link 11 with a client web server 12 by visiting the client's web site (step 101) and will see the provider's button that will launch the data detection or scanning process. Once this button is pressed (step 102), a link 13 is established between the user's computer system 10 and the provider's web server 14 and the detection / scanning software is downloaded to the user (step 103) from the provider's web server 14. The detection / scanning software downloaded to the user is preferably customised to scan only for the
configuration data required according to the initial configuration request of the client.
With reference to figure 2, the detection / scanning software runs and establishes a link 21 with the provider's data server 16. Once the scan is complete, the detected configuration data will be identified with a unique ID, possibly generated from session data, and then passed (step 104) to the data server 16 knowledge base 22 for verification. Compression algorithms may be used on the data packets sent to the provider's data server from the user's computer system.
Confirmation of receipt of the configuration data will be passed back (step 105) to the user's computer system on link 21. In a preferred embodiment, to ensure complete confidentiality of information, no personal information would be included in the detected data and the user will remain unidentifiable. For example, system specific information such as the Intel® CPU serial number might be excluded from collection.
With reference to figure 3, the configuration data is stored as a unique record in a transaction database 31 on the provider's data server 16. Once confirmation is received by the user's computer system that the data has been stored correctly, the user will be invited to view the information detected. If the user chooses, the detecting / scanning software displays the results, for example, by opening a new browser displaying the data in a form (step 106).
At this stage, and depending on the initial configuration of the system, the user may be allowed to amend details in designated fields on the form. To achieve this, there is provided a means adapted to enable the user to edit the configuration data displayed on the user's computer system and thereby to enable the user to edit the configuration data stored in the transaction database. This will typically be used where user's PC make and model infoπnation is requested by the client but is undetectable on the user's PC.
In one embodiment, where the user decides to edit the configuration data, a further communication may be commenced between the user's computer system and the provider's data server to complete this function (not shown).
With reference to figure 4, the user will then be invited to confirm that the configuration data presented can be passed to the client web server. To achieve this, there is provided a means for enabling the user to confirm or inhibit passing of configuration data to the client server. In the example, the user may click a button to authorise the transfer of the configuration data to the client web site (step 107). By this action, the user computer 10 sends a unique identification code for the information to the client web server on link 41, and the client script uses this code to pull the scanning result from the provider's data server 16 on link 42 (step 108). The preferred default data format is extensible mark up language (XML) although other formats may be provided such as Management Information Format (MIF) or plain HTML.
Alternatively, the user may be given the opportunity to cancel the operation and prevent any configuration data being passed to the client web site.
Once the configuration data is received by the client web server 12 it can be processed in a number of ways. Sample PERL or active server page (ASP) scripts may be provided to clients by the provider giving examples of decision tree methods and similar actions to be taken using the data. Generally speaking, the client is not required to install any bespoke software to read the results detected from the user computer system.
In the preferred embodiment, these may be used to control the selection of data presented to the user 10 on the client's web page. For example, the number of available hardware or software items presented for sale may be restricted to purchase options which are technically suitable, ie. with which the user's computer system will be compatible.
Thus, in the preferred embodiments described above, the invention provides a computer configuration detection system optimised for use across the Internet. It
will be understood that the invention is applicable to other computer communication networks.
In preferred embodiments, the configuration detection system is capable of detecting in excess of 300 items of hardware configuration including: type and speed of CPU; installed RAM; number of, capacities of, and free space on hard drives; graphics card make, model and video modes; BIOS manufacturer and version; interfaces installed and in use; modem and network card makes and models; network protocols and addresses and more.
The configuration detection system is optimised for use over the Internet by keeping the downloaded scanning software code as small as possible for the task in hand. By providing an initial configuration step in which clients determine what they require in the way of user's configuration data, only the data required is downloaded from the user' s computer.
The scanning software code is preferably downloaded onto, and configuration data uploaded from, the user's computer using standard Internet protocols.
Preferably, there shall be no legacy code or data left on the user's computer. All downloaded scanning code may be cached and thus erased when the cache is either erased or rotated. Alternatively, the downloaded scanning code may be auto- deleting. This avoids any permanent legacy data or indication of the data detection on the user's computer. However, cookies could be employed to track the visit to the provider's web server site.
In the preferred embodiment, the scanning / detection is conducted while the user is still connected to the client's web site and is essentially part of that connection session as it is integrated into the user's visit to the client web site.
Advantageously, the preferred embodiments of the system require minimal understanding and intervention on the part of the user. All the user has to do is click the provider's button on the client's web site to launch operation of the system. Preferably, the transactions between the user and the provider are subject to
authentication and integrity checking procedures, such as those provided by a third party, such as NeriSign. The initial download of code onto the user's computer may use NeriSign technology to maintain integrity.
The initial stages of configuration data detection or scan may include a multi-stage procedure to determine how best the information can be detected. An iterative interaction between the user's computer and the provider's data server is possible to determine the course of action for the detection. The detection process may incorporate a detection hierarchy. Detection would initially (via the first module downloaded) follow a logical path of looking at targeted areas of the system for specific information, for example the System Management BIOS data. Should the information not be found in these targeted areas, or should the system not support the protocol, further data detection would take place possibly utilising other modules that would be downloaded onto the end-user's computer.
The system may be designed to work with systems running 32-bit versions of Microsoft Windows™ on platforms accessed across the Internet or for Apple Macintosh™ and other operating systems. The system may be designed to collect data from all generations of computers capable of running these operating systems.
The detection / scanning software is preferably downloaded to the user's computer using standard Internet protocols. The software preferably specifies the items of configuration data required by the client, and once downloaded, self-executes on the user's computer and establish a link to the provider's data server. The software then detects the required data set corresponding to the items of configuration data specified.
In the event of encountering an unknown computer whose configuration data the scanning software cannot detect, the provider's server may be adapted to download from the user's computer whatever data is needed to build a comprehensive picture that will be used to constantly update the provider's knowledge database.
Where there is ambiguity in the configuration data, the ambiguity may be notified to the user and / or the client.
In a preferred embodiment, the provider and the provider's servers will be operated by a different commercial entity to the operator of the client's servers. The system may provide for the maintaining of billing information related to the number of accesses by users for the provider's scanning services, so that the client entity can be billed accordingly by the provider entity. Cookies may be used to record the use of the service. These cookies may be unique to each client (eg. linked to their specific URL calling the detection tool). If a user were to revisit the site within a predetermined period of time, eg. 24 hours, the configuration data may be re- detected but not counted for invoicing purposes, or may be not counted for invoicing services providing that the configuration data remains unchanged since the last configuration scan. Alternatively, billing information may generally be collected on a per hit or time period-based system.
Preferably, a unique ID will be generated on each execution of the scanning software. This will be used to link the information detected with the session. Preferably, the algorithm for generating the unique ID will not make use of any personal information.
Preferably, each URL link generated by a client will contain a unique identification code allowing the client to place a number of different provider buttons on their site to perform different categories of data collection and subsequent processing. For example, one link might assist users wishing to purchase memory. The configuration data collected for this scan could direct the user to the appropriate memory products. Another scan may be used to identify which CPU would work in the computer as an upgrade from the current CPU.
To optimise the size, and speed of download and execution of the detection component of the scanning software, the system may use a control stub that, once downloaded onto the end-user's computer, will call down additional executable modules to conduct the detection. The control stub may contain a description of the items required to be detected. The modules may be called down in sequence with the results from the execution of one used to determine whether additional modules are required.
The detection process may incorporate a detection hierarchy. Detection would initially (via the first module downloaded) follow a logical path of looking at targeted areas of the system for specific information, for example the System Management BIOS data. Should the information not be found in these areas, or should the system not support the protocol, further data detection would take place possibly utilising other modules that would be downloaded onto the end-user's computer.
With reference to figures 5 to 9, an alternative mode of operation using a control stub program is depicted. This mode of operation is similar to that described in connection with figures 1 to 4, except as outline below. With reference to figure 5, once the provider's URL button is pressed (step 202), a control stub will be downloaded to the user's computer (step 203) on the link 13 established between the provider's server 14 and the user's computer system 10.
With reference to figure 6, the stub code contains a secure Internet protocol that, once executed on the user's computer system, will establish a secure link 61 to the provider's data server 16 and retrieve a scanner component. The scanner component of the code runs (step 204) and establishes a link with the provider's data server from where it can call on program modules 62 necessary to detect the required data. The selection of these modules 62 will be dependent on the data items required to be detected, the operating system and age of the user's computer system 10.
With reference to figure 7, once the scan is complete, the detected data will be identified with a unique 3D, possibly generated from session data, and then passed to the data server knowledge base 22 for verification (step 205). Confirmation of receipt of data will be passed back to the user's computer system (step 206).
With reference to figure 8, the configuration data is stored a transaction database 31 on the provider's server 16. Once confirmation is received by the user's computer system that the data has been stored correctly (step 206), the user will be invited to view the information detected. If the user chooses, the detecting / scanning software launches a new browser window (step 207) and displays a form containing the
results. This form may be tailored to display the information selected by each client. The user will be invited to either confirm that the information is to be passed to the client or they will be given the opportunity to amend the information (step 207). The fields that the user has the option to amend may be controlled. Typically, they may include those where the data detected may conflict, for example, where the PC's manufacturer and model cannot be definitively detected, or where the PC has been re-badged or built under licence. The user may be given the opportunity to enter other information manually.
If any information presented in the user's form is altered, the revised information may be downloaded onto the provider's data server for audit purposes and preferably the client can be advised that the user elected to alter this information. If the user decides to edit the configuration data, a further communication may be commenced between the user's computer system and the provider's data server to complete this function (not shown). The user may then proceed, cancel or amend the configuration data (step 207)
If the action is to proceed, the user computer 10 sends a unique identification code for the information to the client web server on link 41 (step 208), and the client script uses this code to pull the scanning result from the provider's data server 16 on link 42 (step 209).
The present invention has been described in the context of specific embodiments. It will be understood that various modifications and adaptations are possible within the scope of the appended claims.