Command processing system by a management agent
0 Assignments
0 Petitions
Accused Products
Abstract
In a system where a management application sends commands to a remotely-located agent over a network, the agent maintains a security specification table defining the security level for each combination of the cipher and authentication algorithms of the communication path to/from the management application and a required security level table defining the minimum security level required for the execution of each command. Upon receiving a command from the management application, the agent obtains, by referencing these tables, the operational security level of the communication path and the required security level for the command, and executes the command only if the former is greater than or equal to the latter. This mechanism ensures high security in system management by preventing a malicious intruder from executing potent commands that can cause a down of a computer system, without unreasonably limiting the use of the management application by the system administrator.
-
Citations
22 Claims
-
1-17. -17. (canceled)
-
18. A command processing system for processing commands sent through a communication path between a management application and a management agent, comprising:
-
a memory that stores a first table pre-registering the security levels of the communication path between the management application and the management agent and a second table pre-registering the security levels required for the execution of commands that the management application requests the management agent to execute;
first means for obtaining, for each command sent from the management application to the management agent, the operational security level for the command by referencing the first table;
second means for obtaining, for each command sent from the management application to the management agent, the required security level by referencing the second table;
third means for comparing the operational security level obtained by the first means and the required security level obtained by the second means; and
fourth means for determining whether to permit the execution of the command based on the result of the comparison made by the third means. - View Dependent Claims (19, 20, 21, 22)
-
Specification