Secure computer system
First Claim
1. A trusted computer system including computer system hardware for at least storing an authentication and authorization database and an operating system for controlling operation of said system hardware comprising:
- a plurality of user software processes controlled by said operating system;
said user software processes including a like plurality of software daemons, each one of said daemons being associated with a respective one of said processes and functioning separately from the others;
said computer system hardware and said operating system including means for isolating each one of said daemons from the other to prevent any unauthorized operation of any one of said daemons from affecting the operation of any other of said daemons;
means for selecting one of said daemons to be responsible for accessing said authentication and authorization database;
said operating system including means for preventing any of said processes and their respective daemons other than said selected daemon from reading from or writing into said authentication and authorization database whereby said database is protected from unauthorized access.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for controlling the access of users to a trusted computer system using an authentication and authorization database, containing information used to authenticate human users and information establishing what each user can do, and a number of software processes, including session initiation, authorization, credentials and database management daemons. The software processes are implemented in an independent fashion to prevent any process from performing an operation that would affect another process in an unauthorized way.
198 Citations
25 Claims
-
1. A trusted computer system including computer system hardware for at least storing an authentication and authorization database and an operating system for controlling operation of said system hardware comprising:
-
a plurality of user software processes controlled by said operating system; said user software processes including a like plurality of software daemons, each one of said daemons being associated with a respective one of said processes and functioning separately from the others; said computer system hardware and said operating system including means for isolating each one of said daemons from the other to prevent any unauthorized operation of any one of said daemons from affecting the operation of any other of said daemons; means for selecting one of said daemons to be responsible for accessing said authentication and authorization database; said operating system including means for preventing any of said processes and their respective daemons other than said selected daemon from reading from or writing into said authentication and authorization database whereby said database is protected from unauthorized access.
-
-
2. A method for initiating a session in a trusted computer system having:
-
(a) computer system hardware; (b) an operating system for controlling said hardware; (c) an authentication and authorization database stored in said hardware; (d) user software controlled by said operating system; (e) said user software including a plurality of software processes, each one of said processes functioning separately from the others; (f) said computer system hardware including means for isolating each one of said processes from the other to prevent any unauthorized operation of any one of said processes from affecting the operation of any other of said processes; (g) means for selecting one of said plurality of software processes as a Session Initiator (SI); (h) means for selecting a different one of said plurality of processes as the Credentials Daemon (CD); said method comprising the steps of; (I) determining the parameters and constraints for said session; (II) sending an inquiry from the SI to the CD to ask the CD if said session is authorized; (III) the CD responding to said inquiry by determining if the session is authorized; and (IV) if the CD determines that said session is authorized, sending a first set of session credentials from the CD to the SI to initiate said session. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for increasing the difficulty of penetration of a trusted computer system and having minimal effect on legitimate users of said system where said computer system has:
-
(a) an authentication and authorization database having a plurality of authentication records; (b) some of said authentication records containing a user identity, an authentication scheme for said user, and an action said user is authorized to perform; and
,(c) a plurality of ports for accessing said computer system; said method comprising; (I) suspending the authentication record of an authorized user who fails to be authenticated after a predetermined number of attempts; (II) suspending the account of a user who fails to be authorized after a predetermined number of attempts; and (III)suspending the port of a user who fails to present a valid account name after a predetermined number of attempts.
-
-
15. A method for verifying the integrity of an authentication and authorization database in a trusted computer system having:
-
(a) an operating system; (b) computer system hardware controlled by said operating system; (c) user software controlled by said operating system; (d) said user software including a plurality of software processes, each one of said processes functioning separately from the others; (e) said computer system hardware and said operating system together isolating each one of said processes from the other to prevent any unauthorized operation of any one of said processes from affecting the operation of any other of said processes; (f) a selected one of said plurality of software processes being designated as a first Authentication Daemon (AD); and (g) a selected one of said plurality of software processes being designated as a second Authentication Daemon (AD). said method comprising the steps of; (I) reading each record from said authentication and authorization database; (II) if said record is an authentication record presenting said record to the correct one of said ADs; and (III)determining in said AD the status of said record. - View Dependent Claims (16, 17)
-
-
18. A trusted computer system, said system comprising;
-
computer hardware; an authentication and authorization database; means for providing a plurality of user software processes certain of said processes being daemons each one of said daemons functioning separately from and being isolated from all other processes to prevent unauthorized operation of any one of said certain and said other processes from affecting operation of any of said software daemons; and
,means for selecting one of said daemons to control access to said authentication and authorization database whereby all of said processes and their respective daemons other than said selected daemon are prevented from reading from or writing into said database to protect against unauthorized access thereto.
-
-
19. Software methodology including an authentication and authorization database for use in a trusted computer system, said methodology comprising:
-
(I) providing a plurality of user software processes certain of said processes being daemons, each one of said daemons functioning separately from and being isolated from all other software processes to prevent unauthorized operation of any one of said certain and said other processes from affecting operation of any of said software daemons; and
,(II) selecting one of said daemons to control access to said authentication and authorization database whereby all of said processes and their respective daemons other than said selected daemon are prevented from reading from or writing into said database to protect against unauthorized access thereto.
-
-
20. A trusted computer system comprising:
-
(a) computer system hardware; (b) an operating system for controlling said hardware; (c) an authentication and authorization database stored in said hardware; (d) user software controlled by said operating system; (e) said user software including a plurality of software processes, each one of said processes functioning separately from the others; (f) said computer system hardware including means for isolating each one of said processes from the other to prevent any unauthorized operation of any one of said processes from affecting the operation of any other of said processes; and (g) means for selecting at least one of said plurality of software processes as an Authentication Daemon (AD) each said AD comprising; (i) means for validating authorization data; and (ii) means for changing authorization data. - View Dependent Claims (21, 22, 23, 24, 25)
-
Specification