Network node security analysis method

US 20050289650A1
Filed: 06/15/2005
Published: 12/29/2005
Est. Priority Date: 06/24/2004
Status: Abandoned Application

First Claim

Patent Images

1. A trust assessment system for assessing a target node in a network having a number of nodes, the system comprising:

a plurality of trusted nodes coupled to said network an assessment node coupled to said trusted nodes and comprising means for issuing a plurality of software agents for assessing said target node to said trusted nodes;

each said trusted node having means for receiving an agent from the assessment node and means for modifying the received agent by changing a source identifier associated with said assessment node in the agent to a source identifier associated with said trusted node;

means for forwarding said modified agent onto said network to said target node.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to analysing network nodes such as web servers using mobile software agents, and network nodes for interacting with said agents. The present invention provides a system of disseminating two or more assessment agents to a target network node in an insecure network, and retrieving said agents following interaction with the node. The agents are software based mobile agents and are arranged such that they are associated with different sources or transmitters. This is achieved by forwarding the agents to a plurality of trusted nodes in the network which each modify the received agent'"'"'s code in order to show the trusted node as the source of the agent, and forwarding the agent towards the target node. The system having retrieved the plurality of (further) modified agents then analyses their different interactions with the target node in order to determine a trust level for said target node.

Citations

28 Claims

1. A trust assessment system for assessing a target node in a network having a number of nodes, the system comprising:
- a plurality of trusted nodes coupled to said network an assessment node coupled to said trusted nodes and comprising means for issuing a plurality of software agents for assessing said target node to said trusted nodes;
  
  each said trusted node having means for receiving an agent from the assessment node and means for modifying the received agent by changing a source identifier associated with said assessment node in the agent to a source identifier associated with said trusted node;
  
  means for forwarding said modified agent onto said network to said target node.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. A system according to claim 1 said trusted nodes further comprising:
    - means for adding a final destination identifier associated with another said trusted node into the modified agent, and means for sending a notification to said other trusted node.
  - 3. A system according to claim 2 wherein said trusted node further comprises:
    - means for receiving a notification from another trusted node; and
      
      means for receiving a modified agent having a final destination identifier associated with said trusted node;
      
      means for further modifying said agent by changing said final destination identifier to an identifier associated with said assessment node; and
      
      means for forwarding said further modified agent to said assessment node.
  - 4. A system according to claim 2 wherein said notification comprises one or more of:
    - an identifier associated with the notification sender;
      
      a time of forwarding said modified agent;
      
      a modified agent identifier.
  - 5. A system according to claim 1 wherein a first group of said assessment agents are arranged to request data from said target node.
  - 6. A system according to claim 5 wherein a second group of said assessment agents are arranged to interact with assessment agents from said first group on said target nodes.
  - 7. A system according to claim 5 wherein said assessment node further comprises means for receiving said modified assessment agents following said data requesting, and means for analysing said retrieved target node data in order to determine a trust level or parameter for said target node.
  - 8. A system according to claim 1 wherein said assessment agents comprise one or more of the following identifiers associated with a virtual person:
    - an email address;
      
      bank details;
      
      name;
      
      phone number;
      
      address;
      
      security certificate.
  - 9. A system according to claim 1 wherein said assessment agents comprise a sequence of routing identifiers each corresponding to one of a number of said target nodes.
  - 10. A system according to claim 9 wherein the assessment node is arranged to provide the agents with different sequences of said routing identifiers.
  - 11. A system according to claim 9 wherein the assessment node is arranged to provide the agents with different routing identifiers.

12. A trusted node for a trust assessment system for assessing a target node in a network having a number of nodes, the trusted node comprising:
- means for receiving from an assessment node a software agent for assessing said target node;
  
  means for modifying the received agent by changing a source identifier associated with said assessment node in the agent to a source identifier associated with said trusted node;
  
  means for forwarding said modified agent onto said network to said target node.
- View Dependent Claims (13)
- - 13. A node according to claim 12 further comprising means for adding a final destination identifier associated with another trusted node into the modified agent, and means for sending a notification to said other trusted node.

14. A trusted node for a trust assessment system for assessing a target node in a network having a number of nodes, the trusted node comprising:
- means for receiving a notification from another trusted node;
  
  means for receiving a software agent having a final destination identifier associated with said trusted node;
  
  means for modifying said agent by changing said final destination identifier to an identifier associated with an assessment node; and
  
  means for forwarding said modified agent to said assessment node.

15. A method for assessing a target node in a network having a number of nodes including a plurality of trusted nodes coupled to said network;
- the method comprising;
  
  issuing a plurality of software agents for assessing said target node to said trusted nodes;
  
  modifying the received agent by changing a source identifier associated with the origin of the agent to a source identifier associated with said trusted node;
  
  forwarding said modified agent onto said network to said target node.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 28)
- - 16. A method according to claim 15 further comprising:
    - adding a final destination identifier associated with another said trusted node into the modified agent, and sending a notification to said other trusted node.
  - 17. A method according to claim 16 further comprising:
    - receiving a notification from another trusted node; and
      
      receiving a modified agent having a final destination identifier associated with said trusted node; and
      
      further modifying said agent by changing said final destination identifier to an identifier associated with an assessment node; and
      
      forwarding said further modified agent to said assessment node.
  - 18. A method according to claim 16 wherein said notification comprises one or more of:
    - an identifier associated with the notification sender;
      
      a time of forwarding said modified agent;
      
      a modified agent identifier.
  - 19. A method according to claim 15 wherein a first group of said assessment agents are arranged to request data from said target node.
  - 20. A method according to claim 19 wherein a second group of said assessment agents are arranged to interact with assessment agents from said first group on said target nodes.
  - 21. A method according to claim 19 further comprising receiving said modified assessment agents following said data requesting, and analysing said retrieved target node data in order to determine a trust level or parameter for said target node.
  - 22. A method according to claim 15 wherein said assessment agents comprise one or more of the following identifiers associated with a virtual person:
    - an email address;
      
      bank details;
      
      name;
      
      phone number;
      
      address;
      
      security certificate.
  - 23. A method according to claim 15 wherein said assessment agents comprise a sequence of routing identifiers each corresponding to one of a number of said target nodes.
  - 24. A method according to claim 23 wherein agents comprise different sequences of said routing identifiers.
  - 28. Processor control code which when implemented on a processor is arranged to carry out a method according to claim 15.

25. A method of operating a trusted node for a trust assessment system for assessing a target node in a network having a number of nodes, the method comprising:
- receiving from an assessment node a software agent for assessing said target node;
  
  modifying the received agent by changing a source identifier associated with said assessment node in the agent to a source identifier associated with said trusted node;
  
  forwarding said modified agent onto said network to said target node.
- View Dependent Claims (26)
- - 26. A method according to claim 25 further comprising adding a final destination identifier associated with another trusted node into the modified agent, and sending a notification to said other trusted node.

27. A method of operating a trusted node for a trust assessment system for assessing a target node in a network having a number of nodes, the method comprising:
- receiving a notification from another trusted node;
  
  receiving a software agent having a final destination identifier associated with said trusted node;
  
  modifying said agent by changing said final destination identifier to an identifier associated with an assessment node; and
  
  forwarding said modified agent to said assessment node.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Original Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Inventors
Kalogridis, Georgios

Application Number

US11/152,226
Publication Number

US 20050289650A1
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/57   Certifying or maintaining t...

H04L 63/1433   Vulnerability analysis

Network node security analysis method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Network node security analysis method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links