Method of and apparatus for ascertaining the status of a data processing environment

US 20020120575A1
Filed: 02/22/2002
Published: 08/29/2002
Est. Priority Date: 02/23/2001
Status: Active Grant

First Claim

Patent Images

1. An apparatus for ascertaining the status of a data processing environment, comprising at least one trusted computing device which is arranged to challenge other devices within a data processing environment, to keep a record of the response and to make the record available.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In order to facilitate a user'"'"'s ability to trust a computing environment, a trusted computing device (2) is arranged to challenge other devices in the computing environment and to record a log of the facilities available within the computing environment and an indication of whether those facilities are trustworthy. A new user (40) entering the computing environment can obtain the log from the trusted computing device in order to ascertain the status of the environment. Alternatively any device can hold data concerning platforms in its vicinity and its operation can be authenticated by the trusted device.

Citations

24 Claims

1. An apparatus for ascertaining the status of a data processing environment, comprising at least one trusted computing device which is arranged to challenge other devices within a data processing environment, to keep a record of the response and to make the record available.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 14, 15, 17, 18, 19, 20)
- - 2. An apparatus as claimed in claim 1, in which the trusted computing device is arranged to make periodic challenges to the other devices in order to maintain the accuracy of the record.
  - 3. An apparatus as claimed in claim 1, in which the record indicates the historical status of the data processing environment.
  - 4. An apparatus as claimed in claim 1, in which the at least one trusted computing device is arranged to listen to communications within the data processing environment so as to identify the presence of new devices.
  - 5. An apparatus as claimed in claim 1, in which the record includes data identifying the type of devices in the data processing environment.
  - 6. An apparatus as claimed in claim 1, in which the trusted computing device is arranged to analyse the responses it receives in order to determine if a given device in the data processing environment is trustworthy.
  - 7. An apparatus as claimed in claim 6, in which the record indicates whether a device has been judged as trustworthy by the trusted computing device.
  - 8. An apparatus as claimed in claim 1, in which the at least one trusted computing device acts as a gateway to the data processing environment.
  - 9. An apparatus as claimed in claim 1, in which the at least one trusted computing device is a server.
  - 10. An apparatus as claimed in claim 1 in which the at least one trusted computing device transmits a challenge which includes a generation identifier which enables devices receiving the challenge to identify whether the challenge is valid.
  - 11. An apparatus as claimed in claim 1, wherein the at least one trusted device is arranged to act as a proxy gateway to facilitate the exchange of data between devices in the data processing environment.
  - 14. A computing device as claimed in claim 13, in which the computing device is arranged to search for a generation identifier within the challenge, to apply response rules to the generation identifier to see if the challenge is still valid, and if it is not to disregard the challenge.
  - 15. A computing device as claimed in claim 14, in which the computing device retransmits the challenge with a modified generation identifier if the challenge is valid.
  - 17. A method as claimed in claim 16, in which the trusted computing continues to challenge the devices in the data processing environment so as to maintain an evolving record of the status of the data processing environment.
  - 18. A method as claimed in claim 16, in which the record includes a historical status of the data processing environment.
  - 19. A method as claimed in claim 16, in which the at least one trusted computing device listens to communications within the data processing environment so as to identify the presence of new devices.
  - 20. A method as claimed in claim 16, in which the challenge generated by the trusted device includes a generation identifier such that any device receiving the challenge can examine the generation identifier in order to establish whether the challenge is directly received from the trusted computing device or whether it has been retransmitted.

12. A computing device including a communication device and a data processor, wherein the data processor is arranged to establish communication with a trusted computing device via the communication device, to receive at least part of the record of responses and to establish from an internal rules base whether the data processing environment is trustworthy enough to enable a class of transaction or task to be carried out in that environment.

13. A computing device including a communication device and a data processor, wherein the computing device uses the communication device to establish communication with at least one device within a data processing system, and in which the data processor is arranged to identify challenges from at least one trusted computing device, to apply response rules to the challenge and, if a response indicated, to respond to the challenge in accordance with the rules.

16. A method of ascertaining the status of a data processing environment, comprising the following steps:
- a trusted computing device challenges other devices within a data processing environment, keeps a record of responses made to the challenges and makes the record available.

21. A method of conducting a transaction in a data processing environment comprising a user device and at least a trusted computing device each having respective communication capabilities wherein the trusted computing device keeps a record of computing devices that it has identified within the data processing environment, and whereby the user device establishes communication with the trusted computing device, the trusted computing device sends to the user device at least a portion of the record of computing devices within the data processing environment, and the user device analyses the record to establish what facilitates the user device may access.
- View Dependent Claims (22)
- - 22. A method of conducting a transaction as claimed in claim 21, wherein the user device further analyses the record in accordance with a set of security rules to determine what level of trust can be placed on the integrity of the data processing environment.

23. An apparatus for ascertaining the status of a data processing environment, comprising at least one trusted computing device which is arranged to make periodic challenges to other devices within a data processing environment, to analyse the responses it receives in order to determine if given devices in the data processing environment are trustworthy, to keep a record of the response and to make the record available to other devices in the data processing environment.

24. A method of ascertaining the status of a data processing environment, comprising the following steps:
- a trusted computing device makes multiple challenges to other devices within a data processing environment, keeps a record of responses made to the challenges, analyses the responses it receives in order to determine if given devices in the data processing environment are trustworthy and makes the record available to other devices in the data processing environment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett-Packard Company (HP Inc.)
Inventors
Proudler, Graeme John, Pearson, Siani Lynne

Granted Patent

US 8,219,496 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/51
CPC Class Codes

G06F 21/57 Certifying or maintaining t...

G06Q 20/3674 involving authentication

Method of and apparatus for ascertaining the status of a data processing environment

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Method of and apparatus for ascertaining the status of a data processing environment

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links