Secure interprocess communications binding system and methods
First Claim
1. A security server that operates to conditionally enable establishment of a secure interprocess communications session between designated application program instances, said security server comprising:
- a) a policy database storing a plurality of policy rules that collectively define the mutual authentication and authorization requirements for establishing a interprocess communications session between first and second application instances; and
b) a security controller interoperative with an operating system that includes an application call interface operative to enable establishment of said interprocess communications session, said security controller being operative to receive predetermined authentication and authorization information from said operating system in connection with a predetermined application call request to establish said interprocess communications session, said security controller being further operative to evaluate said predetermined application call request and said predetermined authentication and authorization information against said plurality of policy rules to conditionally permit the establishment of said interprocess communications session with respect to said first and second application instances.
0 Assignments
0 Petitions
Accused Products
Abstract
The secure trust relationship between communicating programs is established at any policy defined level down to individual program instances. Policy enforcement modules installed on host computer systems support qualified encrypted communications channels between discretely selected program instances. Program instances are qualified to establish communication channels, each defined by a unique session encryption key, based on an evaluation of security data including the individual process execution contexts, user authorizations, and access attributes of the program instances. A security appliance server performs the policy-based qualification based on a mutually interdependent evaluation of the security data for both the communications channel source and target program instances.
-
Citations
42 Claims
-
1. A security server that operates to conditionally enable establishment of a secure interprocess communications session between designated application program instances, said security server comprising:
-
a) a policy database storing a plurality of policy rules that collectively define the mutual authentication and authorization requirements for establishing a interprocess communications session between first and second application instances; and
b) a security controller interoperative with an operating system that includes an application call interface operative to enable establishment of said interprocess communications session, said security controller being operative to receive predetermined authentication and authorization information from said operating system in connection with a predetermined application call request to establish said interprocess communications session, said security controller being further operative to evaluate said predetermined application call request and said predetermined authentication and authorization information against said plurality of policy rules to conditionally permit the establishment of said interprocess communications session with respect to said first and second application instances. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An interprocess communications security system enabling secure communications sessions to be established between designated application instances, said interprocess communications security system comprising:
-
a) a first computer system coupleable to a communications network, wherein said first computer system includes a first operating system operative to support execution of a first application instance by said first computer system, said first operating system including a first policy enforcement module operative to qualify predetermined communications calls made between said first application instance and said first operating system;
b) a second computer system coupleable to a communications network, wherein said second computer system includes a second operating system operative to support execution of a second application instance by said second computer system, said second operating system including a second policy enforcement module operative to qualify predetermined communications calls made between said second application instance and said second operating system; and
c) a security appliance coupleable to said first and second computer systems through said communications network, said security appliance being interoperable with said first and second policy enforcement modules to mutually authenticate said first and second application instances to conditionally conduct interprocess communications. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. An interprocess communications security system enabling secure trust relationships to be established at any level down to the level of individual application instances as executed on respective host computer systems interconnected by a communications network, said system comprising:
-
a) a first host computer operative to support execution of a first application instance within a first predefined process context;
b) a second host computer system operative to support execution of a second application instance in a second predefined process context;
c) control means, provided with respect to said first and second host computer systems, for establishing communications channels between said first and second host computer systems including a predetermined communications channel conducting communications between said first and second predefined process contexts, said control means being responsive to predetermined information identified with said first and second predefined process contexts to determine a session encryption key for use exclusively in encryption processing of communications conducted through said predetermined communications channel. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. A method of binding application execution contexts on network connected computer systems through a secure communications channel, said method comprising the steps of:
-
a) first enabling execution of a first application instance on a first computer system dependent on a first security assessment of a first application context within which said first application instance is executable;
b) second enabling execution of a second application instance on a second computer system dependent on a second security assessment of a second application context within which said second application instance is executable;
c) third enabling communications between said first and second application instances dependent on a mutual security assessment of said first and second application contexts; and
d) selectively establishing an encrypted communications channel between said first and second application instances wherein use of said encrypted communications channel is enabled by a session key shared between said first and second application contexts. - View Dependent Claims (21, 22, 23)
-
-
24. A method of securely binding communications between processes, wherein application instances, within respective processes, are executed on computer systems in process execution contexts, said method comprising the steps of:
-
a) intercepting communications between first and second predetermined process execution contexts; and
b) encrypting intercepted network communication transmissions and decrypting intercepted communication receptions utilizing an encryption key uniquely established based on an evaluation of authorization and authentication information descriptive of said first and second predetermined process execution contexts. - View Dependent Claims (25, 26, 27, 28, 29)
-
-
30. A method of securely binding process communications, said method comprising the steps of:
-
a) intercepting, on first and second host computer systems, communications data directed between first and second application instances executed respectively on said first and second host computers; and
b) transferring the intercepted communications data, in encrypted form, between said first and second application instances, wherein the intercepted communications data is encrypted using an encryption key determined specific to said first and second application instances. - View Dependent Claims (31, 32, 33)
-
-
34. A system of securing communications between application instances executable on respective host computer systems, said system comprising:
-
a) first and second computer systems operable to execute respective pluralities of application instances; and
b) first and second secure communications modules respectively executable by said first and second computer systems, said first and second secure communications modules being operative to identify discrete communications sessions between specific pairs of application instances among said pluralities of application instances and establish encrypted communications channels between said first and second secure communications modules for respective communication sessions. - View Dependent Claims (35, 36, 37, 38, 39)
-
-
40. A system for controlling the execution and mutual communication between remotely executing programs, said system comprising:
-
a) a first control program executable by a first computer system operative, by execution of a first operating system, to support execution of a first predetermined program, said first control program operative to process first predetermined data transfers between said first predetermined program and said first operating system;
b) a second control program executable by a second computer system operative, by execution of a second operating system, to support execution of a second predetermined program, said second control program operative to process second predetermined data transfers between said second predetermined program and said second operating system; and
c) a security server coupleable to said first and second predetermined programs to selectively enable processing of said first and second predetermined data transfers dependent on security values evaluated by said security server with respect to said first and second predetermined programs. - View Dependent Claims (41, 42)
-
Specification