Network node security analysis method
First Claim
1. A trust assessment system for assessing a target node in a network having a number of nodes, the system comprising:
- a plurality of trusted nodes coupled to said network an assessment node coupled to said trusted nodes and comprising means for issuing a plurality of software agents for assessing said target node to said trusted nodes;
each said trusted node having means for receiving an agent from the assessment node and means for modifying the received agent by changing a source identifier associated with said assessment node in the agent to a source identifier associated with said trusted node;
means for forwarding said modified agent onto said network to said target node.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention relates to analysing network nodes such as web servers using mobile software agents, and network nodes for interacting with said agents. The present invention provides a system of disseminating two or more assessment agents to a target network node in an insecure network, and retrieving said agents following interaction with the node. The agents are software based mobile agents and are arranged such that they are associated with different sources or transmitters. This is achieved by forwarding the agents to a plurality of trusted nodes in the network which each modify the received agent'"'"'s code in order to show the trusted node as the source of the agent, and forwarding the agent towards the target node. The system having retrieved the plurality of (further) modified agents then analyses their different interactions with the target node in order to determine a trust level for said target node.
-
Citations
28 Claims
-
1. A trust assessment system for assessing a target node in a network having a number of nodes, the system comprising:
-
a plurality of trusted nodes coupled to said network an assessment node coupled to said trusted nodes and comprising means for issuing a plurality of software agents for assessing said target node to said trusted nodes;
each said trusted node having means for receiving an agent from the assessment node and means for modifying the received agent by changing a source identifier associated with said assessment node in the agent to a source identifier associated with said trusted node;
means for forwarding said modified agent onto said network to said target node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A trusted node for a trust assessment system for assessing a target node in a network having a number of nodes, the trusted node comprising:
-
means for receiving from an assessment node a software agent for assessing said target node;
means for modifying the received agent by changing a source identifier associated with said assessment node in the agent to a source identifier associated with said trusted node;
means for forwarding said modified agent onto said network to said target node. - View Dependent Claims (13)
-
-
14. A trusted node for a trust assessment system for assessing a target node in a network having a number of nodes, the trusted node comprising:
-
means for receiving a notification from another trusted node;
means for receiving a software agent having a final destination identifier associated with said trusted node;
means for modifying said agent by changing said final destination identifier to an identifier associated with an assessment node; and
means for forwarding said modified agent to said assessment node.
-
-
15. A method for assessing a target node in a network having a number of nodes including a plurality of trusted nodes coupled to said network;
- the method comprising;
issuing a plurality of software agents for assessing said target node to said trusted nodes;
modifying the received agent by changing a source identifier associated with the origin of the agent to a source identifier associated with said trusted node;
forwarding said modified agent onto said network to said target node. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 28)
- the method comprising;
-
25. A method of operating a trusted node for a trust assessment system for assessing a target node in a network having a number of nodes, the method comprising:
-
receiving from an assessment node a software agent for assessing said target node;
modifying the received agent by changing a source identifier associated with said assessment node in the agent to a source identifier associated with said trusted node;
forwarding said modified agent onto said network to said target node. - View Dependent Claims (26)
-
-
27. A method of operating a trusted node for a trust assessment system for assessing a target node in a network having a number of nodes, the method comprising:
-
receiving a notification from another trusted node;
receiving a software agent having a final destination identifier associated with said trusted node;
modifying said agent by changing said final destination identifier to an identifier associated with an assessment node; and
forwarding said modified agent to said assessment node.
-
Specification