×

Computer network protection using cryptographic sealing software agents and objects

  • US 6,144,739 A
  • Filed: 01/20/1998
  • Issued: 11/07/2000
  • Est. Priority Date: 01/20/1998
  • Status: Expired due to Fees
First Claim
Patent Images

1. A cryptographically sealed system that operates within a networked computer system, comprising:

  • a software object comprised of a software program for monitoring an aspect of the networked computer system;

    a communications interface, said communications interface receiving an incoming communication message and indicating if said incoming communication message is a challenge message;

    a cryptographic code hasher operable to perform a hashing function, said cryptographic code hasher responsive to said communications interface indicating that said incoming communication message is said challenge message by performing said hashing function on said software object to indicate if said software object has been modified;

    an authenticator for authenticating the incoming communication message using a public/private key authentication technique;

    a challenge manager operable to activate said cryptographic code hasher in response to said challenge message by causing said cryptographic code hasher to perform said hashing function on said software object, said challenge manager generating a challenge response message indicating if said software object has been modified, transmitting the challenge response message to a cryptographic seal coordinator and inhibiting further communications with the software object when said software object has been modified; and

    an encryptor for adding security for authentication to the challenge response message,wherein the cryptographic seal coordinator notifies a security agent that the software object has been modified and instructing said communications interface to route communication messages to the cryptographic seal coordinator, wherein the cryptographic seal coordinator includes a cryptographic seal coordinator authenticator for authenticating the challenge response message using said public key/private key authentication technique,wherein the cryptographically sealed system is a first cryptographically sealed system,wherein said software object communicates with a second cryptographically sealed system through the communication interface and generates an outgoing communication message, the second cryptographically sealed system for monitoring another aspect of the networked computer system;

    wherein the encryptor of the first cryptographically sealed system encrypts the outgoing communication message;

    wherein said communications interface operates to send said encrypted outgoing communication message to the second cryptographically sealed system;

    wherein the second cryptographically sealed system includes a second authenticator and a second decryptor for respectfully authenticating and decrypting the outgoing communication message received from the first cryptographically sealed system;

    wherein said second authenticator implements said public key/private key authentication technique;

    wherein said challenge manager being operable to generate and send a second challenge message to said second cryptographically sealed system, said second challenge message including a portion for authentication by the second cryptographically sealed system;

    wherein said challenge manager is operable to periodically activate said cryptographic code hasher to perform said hashing function on said software object, and notify said cryptographic seal coordinator and inhibit further communications with the software object when said hashing function indicates the software object has been modified;

    wherein said communications interface determines if said incoming communication message is an object self-hash rate message, and said challenge manager is responsive to said communications interface determining that said incoming communication message is said object self-hash rate message by adjusting the periodicity of said hashing function on said software object.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×