Computer network protection using cryptographic sealing software agents and objects
First Claim
1. A cryptographically sealed system that operates within a networked computer system, comprising:
- a software object comprised of a software program for monitoring an aspect of the networked computer system;
a communications interface, said communications interface receiving an incoming communication message and indicating if said incoming communication message is a challenge message;
a cryptographic code hasher operable to perform a hashing function, said cryptographic code hasher responsive to said communications interface indicating that said incoming communication message is said challenge message by performing said hashing function on said software object to indicate if said software object has been modified;
an authenticator for authenticating the incoming communication message using a public/private key authentication technique;
a challenge manager operable to activate said cryptographic code hasher in response to said challenge message by causing said cryptographic code hasher to perform said hashing function on said software object, said challenge manager generating a challenge response message indicating if said software object has been modified, transmitting the challenge response message to a cryptographic seal coordinator and inhibiting further communications with the software object when said software object has been modified; and
an encryptor for adding security for authentication to the challenge response message,wherein the cryptographic seal coordinator notifies a security agent that the software object has been modified and instructing said communications interface to route communication messages to the cryptographic seal coordinator, wherein the cryptographic seal coordinator includes a cryptographic seal coordinator authenticator for authenticating the challenge response message using said public key/private key authentication technique,wherein the cryptographically sealed system is a first cryptographically sealed system,wherein said software object communicates with a second cryptographically sealed system through the communication interface and generates an outgoing communication message, the second cryptographically sealed system for monitoring another aspect of the networked computer system;
wherein the encryptor of the first cryptographically sealed system encrypts the outgoing communication message;
wherein said communications interface operates to send said encrypted outgoing communication message to the second cryptographically sealed system;
wherein the second cryptographically sealed system includes a second authenticator and a second decryptor for respectfully authenticating and decrypting the outgoing communication message received from the first cryptographically sealed system;
wherein said second authenticator implements said public key/private key authentication technique;
wherein said challenge manager being operable to generate and send a second challenge message to said second cryptographically sealed system, said second challenge message including a portion for authentication by the second cryptographically sealed system;
wherein said challenge manager is operable to periodically activate said cryptographic code hasher to perform said hashing function on said software object, and notify said cryptographic seal coordinator and inhibit further communications with the software object when said hashing function indicates the software object has been modified;
wherein said communications interface determines if said incoming communication message is an object self-hash rate message, and said challenge manager is responsive to said communications interface determining that said incoming communication message is said object self-hash rate message by adjusting the periodicity of said hashing function on said software object.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for protecting software objects from external modification is described. A cryptographic seal protects the object at the object level and also supports secure inter-object communication. A software object (101) is packaged in a crypto seal (103), which provides a cryptographic code hasher (105) for performing a cryptographic form of hashing on the code of object (101), a crypto seal communications authenticator (107) which authenticates communications received by object (101), a crypto seal encryptor (108) which encrypts communications sent by the object (101), a challenge manager (106) which causes the cryptographic code hasher (105) to perform its hashing function on the code of object (101) periodically and on demand when a challenge message is received, and a communications interface (109) which controls inter-object communication. A system (100) which employs crypto sealed objects includes a crypto seal coordinator (119). Coordinator (119) coordinates activities of all crypto seals (103) in the network and causes each crypto seal (103) to be periodically challenged to perform a hash function on the code of its packaged object. Coordinator (119) is provided with a coordinator authenticator/encryptor (123) which authenticates communications received from crypto seals (103) and encrypts communications sent by coordinator (119), a registry (121) in which the identification and location of each crypto seal (103) is recorded, and a network activity monitor (125) which monitors for excess processing by crypto seals (103).
-
Citations
14 Claims
-
1. A cryptographically sealed system that operates within a networked computer system, comprising:
-
a software object comprised of a software program for monitoring an aspect of the networked computer system; a communications interface, said communications interface receiving an incoming communication message and indicating if said incoming communication message is a challenge message; a cryptographic code hasher operable to perform a hashing function, said cryptographic code hasher responsive to said communications interface indicating that said incoming communication message is said challenge message by performing said hashing function on said software object to indicate if said software object has been modified; an authenticator for authenticating the incoming communication message using a public/private key authentication technique; a challenge manager operable to activate said cryptographic code hasher in response to said challenge message by causing said cryptographic code hasher to perform said hashing function on said software object, said challenge manager generating a challenge response message indicating if said software object has been modified, transmitting the challenge response message to a cryptographic seal coordinator and inhibiting further communications with the software object when said software object has been modified; and an encryptor for adding security for authentication to the challenge response message, wherein the cryptographic seal coordinator notifies a security agent that the software object has been modified and instructing said communications interface to route communication messages to the cryptographic seal coordinator, wherein the cryptographic seal coordinator includes a cryptographic seal coordinator authenticator for authenticating the challenge response message using said public key/private key authentication technique, wherein the cryptographically sealed system is a first cryptographically sealed system, wherein said software object communicates with a second cryptographically sealed system through the communication interface and generates an outgoing communication message, the second cryptographically sealed system for monitoring another aspect of the networked computer system; wherein the encryptor of the first cryptographically sealed system encrypts the outgoing communication message; wherein said communications interface operates to send said encrypted outgoing communication message to the second cryptographically sealed system; wherein the second cryptographically sealed system includes a second authenticator and a second decryptor for respectfully authenticating and decrypting the outgoing communication message received from the first cryptographically sealed system; wherein said second authenticator implements said public key/private key authentication technique; wherein said challenge manager being operable to generate and send a second challenge message to said second cryptographically sealed system, said second challenge message including a portion for authentication by the second cryptographically sealed system; wherein said challenge manager is operable to periodically activate said cryptographic code hasher to perform said hashing function on said software object, and notify said cryptographic seal coordinator and inhibit further communications with the software object when said hashing function indicates the software object has been modified; wherein said communications interface determines if said incoming communication message is an object self-hash rate message, and said challenge manager is responsive to said communications interface determining that said incoming communication message is said object self-hash rate message by adjusting the periodicity of said hashing function on said software object. - View Dependent Claims (2, 3, 4)
-
-
5. A method for protecting a software object in a network system, the software object comprising a computer program for monitoring an aspect of the network system, said software object being one of a plurality of software objects that monitor different aspects of the network system and communicate with each other through the network system, said method comprising the steps of:
-
authenticating communications received from other software objects of the plurality using a public/private key authentication technique; determining when an incoming message to said object is a challenge message; in response to receipt of the challenge message, performing a hashing function with a code hasher on said software object to determine if said software object has been modified; inhibiting communication with said software object when the hashing function indicates that said software object has been modified detecting excess processing during the performing a hashing function step; and disabling communications with the software object when excess processing is detected by the detecting step. - View Dependent Claims (6, 7, 8, 9)
-
-
10. A multi-agent network security system for providing network security, said system comprising:
-
a plurality of cryptographically sealed software agents, each software agent of the plurality comprising a computer program operating within the network for monitoring an aspect of a computer network; and a cryptographic seal coordinator in communication with each of the software agents, wherein each software agent is associated with; a communications interface for receiving incoming communication messages; an authenticator for authenticating said incoming communication messages using public/private key authentication techniques; a cryptographic code hasher operable to perform a hashing function on the associated software agent; and a challenge manager responsive to said communications interface causing said associated cryptographic code hasher to perform said hashing function on said associated software agent when an incoming communication message is a challenge message, said cryptographic code hasher indicating if said software agent has been modified, wherein the cryptographic seal coordinator is operable to cause said challenge message to be generated and operable to signal an intrusion indicator when said cryptographic code hasher indicates that said software agent has been modified, wherein as part of providing security for the network, communication messages are exchanged between the software agents of the plurality, wherein received communication messages are authenticated by the receiving software agent'"'"'s associated authenticator using the public/private key authentication techniques, and wherein sent communication messages are secured by the sending software agent'"'"'s associated authenticator using the public/private key authentication techniques, and wherein further exchange of communication messages with a software agent of the plurality is disabled when the challenge manager indicates that an associated software agent has been modified, and wherein the cryptographic seal coordinator comprises a network activity monitor for detecting excess processing by said challenge manager in response to the challenge message, and said communications interface is responsive to said network activity monitor to disable communications from said software object if said network activity monitor detects excess processing, and said challenge manager is operable to periodically activate said cryptographic code hasher to perform said hashing function on said software object, and notify said cryptographic seal coordinator and inhibit further communications with the software object when said hashing function indicates the software object has been modified, and said communications interface is operable to determine if said incoming communication message is an object self-hash rate message, and said challenge manager is responsive to said communications interface determining that said incoming communication message is said object self-hash rate message by adjusting the periodicity of said hashing function on said software object. - View Dependent Claims (11, 12, 13, 14)
-
Specification