Computer network protection using cryptographic sealing software agents and objects

US 6,144,739 A
Filed: 01/20/1998
Issued: 11/07/2000
Est. Priority Date: 01/20/1998
Status: Expired due to Fees

First Claim

Patent Images

1. A cryptographically sealed system that operates within a networked computer system, comprising:

a software object comprised of a software program for monitoring an aspect of the networked computer system;

a communications interface, said communications interface receiving an incoming communication message and indicating if said incoming communication message is a challenge message;

a cryptographic code hasher operable to perform a hashing function, said cryptographic code hasher responsive to said communications interface indicating that said incoming communication message is said challenge message by performing said hashing function on said software object to indicate if said software object has been modified;

an authenticator for authenticating the incoming communication message using a public/private key authentication technique;

a challenge manager operable to activate said cryptographic code hasher in response to said challenge message by causing said cryptographic code hasher to perform said hashing function on said software object, said challenge manager generating a challenge response message indicating if said software object has been modified, transmitting the challenge response message to a cryptographic seal coordinator and inhibiting further communications with the software object when said software object has been modified; and

an encryptor for adding security for authentication to the challenge response message,wherein the cryptographic seal coordinator notifies a security agent that the software object has been modified and instructing said communications interface to route communication messages to the cryptographic seal coordinator, wherein the cryptographic seal coordinator includes a cryptographic seal coordinator authenticator for authenticating the challenge response message using said public key/private key authentication technique,wherein the cryptographically sealed system is a first cryptographically sealed system,wherein said software object communicates with a second cryptographically sealed system through the communication interface and generates an outgoing communication message, the second cryptographically sealed system for monitoring another aspect of the networked computer system;

wherein the encryptor of the first cryptographically sealed system encrypts the outgoing communication message;

wherein said communications interface operates to send said encrypted outgoing communication message to the second cryptographically sealed system;

wherein the second cryptographically sealed system includes a second authenticator and a second decryptor for respectfully authenticating and decrypting the outgoing communication message received from the first cryptographically sealed system;

wherein said second authenticator implements said public key/private key authentication technique;

wherein said challenge manager being operable to generate and send a second challenge message to said second cryptographically sealed system, said second challenge message including a portion for authentication by the second cryptographically sealed system;

wherein said challenge manager is operable to periodically activate said cryptographic code hasher to perform said hashing function on said software object, and notify said cryptographic seal coordinator and inhibit further communications with the software object when said hashing function indicates the software object has been modified;

wherein said communications interface determines if said incoming communication message is an object self-hash rate message, and said challenge manager is responsive to said communications interface determining that said incoming communication message is said object self-hash rate message by adjusting the periodicity of said hashing function on said software object.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for protecting software objects from external modification is described. A cryptographic seal protects the object at the object level and also supports secure inter-object communication. A software object (101) is packaged in a crypto seal (103), which provides a cryptographic code hasher (105) for performing a cryptographic form of hashing on the code of object (101), a crypto seal communications authenticator (107) which authenticates communications received by object (101), a crypto seal encryptor (108) which encrypts communications sent by the object (101), a challenge manager (106) which causes the cryptographic code hasher (105) to perform its hashing function on the code of object (101) periodically and on demand when a challenge message is received, and a communications interface (109) which controls inter-object communication. A system (100) which employs crypto sealed objects includes a crypto seal coordinator (119). Coordinator (119) coordinates activities of all crypto seals (103) in the network and causes each crypto seal (103) to be periodically challenged to perform a hash function on the code of its packaged object. Coordinator (119) is provided with a coordinator authenticator/encryptor (123) which authenticates communications received from crypto seals (103) and encrypts communications sent by coordinator (119), a registry (121) in which the identification and location of each crypto seal (103) is recorded, and a network activity monitor (125) which monitors for excess processing by crypto seals (103).

Citations

14 Claims

1. A cryptographically sealed system that operates within a networked computer system, comprising:
- a software object comprised of a software program for monitoring an aspect of the networked computer system;
  
  a communications interface, said communications interface receiving an incoming communication message and indicating if said incoming communication message is a challenge message;
  
  a cryptographic code hasher operable to perform a hashing function, said cryptographic code hasher responsive to said communications interface indicating that said incoming communication message is said challenge message by performing said hashing function on said software object to indicate if said software object has been modified;
  
  an authenticator for authenticating the incoming communication message using a public/private key authentication technique;
  
  a challenge manager operable to activate said cryptographic code hasher in response to said challenge message by causing said cryptographic code hasher to perform said hashing function on said software object, said challenge manager generating a challenge response message indicating if said software object has been modified, transmitting the challenge response message to a cryptographic seal coordinator and inhibiting further communications with the software object when said software object has been modified; and
  
  an encryptor for adding security for authentication to the challenge response message,wherein the cryptographic seal coordinator notifies a security agent that the software object has been modified and instructing said communications interface to route communication messages to the cryptographic seal coordinator, wherein the cryptographic seal coordinator includes a cryptographic seal coordinator authenticator for authenticating the challenge response message using said public key/private key authentication technique,wherein the cryptographically sealed system is a first cryptographically sealed system,wherein said software object communicates with a second cryptographically sealed system through the communication interface and generates an outgoing communication message, the second cryptographically sealed system for monitoring another aspect of the networked computer system;
  
  wherein the encryptor of the first cryptographically sealed system encrypts the outgoing communication message;
  
  wherein said communications interface operates to send said encrypted outgoing communication message to the second cryptographically sealed system;
  
  wherein the second cryptographically sealed system includes a second authenticator and a second decryptor for respectfully authenticating and decrypting the outgoing communication message received from the first cryptographically sealed system;
  
  wherein said second authenticator implements said public key/private key authentication technique;
  
  wherein said challenge manager being operable to generate and send a second challenge message to said second cryptographically sealed system, said second challenge message including a portion for authentication by the second cryptographically sealed system;
  
  wherein said challenge manager is operable to periodically activate said cryptographic code hasher to perform said hashing function on said software object, and notify said cryptographic seal coordinator and inhibit further communications with the software object when said hashing function indicates the software object has been modified;
  
  wherein said communications interface determines if said incoming communication message is an object self-hash rate message, and said challenge manager is responsive to said communications interface determining that said incoming communication message is said object self-hash rate message by adjusting the periodicity of said hashing function on said software object.
- View Dependent Claims (2, 3, 4)
- - 2. A system in accordance with claim 1, wherein:
    - the cryptographic seal coordinator comprises;
      
      a network activity monitor for detecting excess processing by said challenge manager in response to the challenge message, andsaid communications interface is responsive to said network activity monitor to disable communications from said software object if said network activity monitor detects excess processing, the cryptographic seal coordinator having means for notifying a system administrator of said excess processing, said excess processing indicating failure respond to said challenge message.
  - 3. A system in accordance with claim 1, wherein:
    - said challenge manager is operable to send the second challenge message to the second cryptographically sealed system, the second cryptographically sealed system comprised of a second software object for monitoring the another aspect of the networked computer system, said second challenge message causing the second cryptographically sealed system to perform a hashing function on the second software object to determine if the second software object has been modified.
  - 4. A system in accordance with claim 1, wherein:
    - said software object comprises a software agent comprised of software objects, the software agent operable to cooperate with other software agents to provide, in combination, functionality of a security monitoring tool for monitoring security aspects of the networked computer system.

5. A method for protecting a software object in a network system, the software object comprising a computer program for monitoring an aspect of the network system, said software object being one of a plurality of software objects that monitor different aspects of the network system and communicate with each other through the network system, said method comprising the steps of:
- authenticating communications received from other software objects of the plurality using a public/private key authentication technique;
  
  determining when an incoming message to said object is a challenge message;
  
  in response to receipt of the challenge message, performing a hashing function with a code hasher on said software object to determine if said software object has been modified;
  
  inhibiting communication with said software object when the hashing function indicates that said software object has been modifieddetecting excess processing during the performing a hashing function step; and
  
  disabling communications with the software object when excess processing is detected by the detecting step.
- View Dependent Claims (6, 7, 8, 9)
- - 6. A method in accordance with claim 5, further comprising the steps of:
    - generating a challenge response message in response to receipt of the challenge message indicating when the software object has been modified; and
      
      providing the challenge response message to a cryptographic seal coordinator, the cryptographic seal coordinator causing communications directed to the software object to be routed to the cryptographic seal coordinator when the software object has been modified.
  - 7. A method in accordance with claim 6, further comprising the step of:
    - authenticating said challenge message using said public/private key authentication technique.
  - 8. A method in accordance with claim 7, further comprising the step of:
    - performing said hashing function on said software object periodically at a periodic rate; and
      
      notifying a system administrator when excess processing is detected by the detecting step, wherein said excess processing indicating a failure to respond to said challenge message.
  - 9. A method in accordance with claim 5, further comprising the steps of:
    - sending a second challenge message to a second software object of the plurality; and
      
      encrypting communication messages communicated between software agents of the plurality using public/private key encryption techniques.

10. A multi-agent network security system for providing network security, said system comprising:
- a plurality of cryptographically sealed software agents, each software agent of the plurality comprising a computer program operating within the network for monitoring an aspect of a computer network; and
  
  a cryptographic seal coordinator in communication with each of the software agents,wherein each software agent is associated with;
  
  a communications interface for receiving incoming communication messages;
  
  an authenticator for authenticating said incoming communication messages using public/private key authentication techniques;
  
  a cryptographic code hasher operable to perform a hashing function on the associated software agent; and
  
  a challenge manager responsive to said communications interface causing said associated cryptographic code hasher to perform said hashing function on said associated software agent when an incoming communication message is a challenge message, said cryptographic code hasher indicating if said software agent has been modified,wherein the cryptographic seal coordinator is operable to cause said challenge message to be generated and operable to signal an intrusion indicator when said cryptographic code hasher indicates that said software agent has been modified,wherein as part of providing security for the network, communication messages are exchanged between the software agents of the plurality, wherein received communication messages are authenticated by the receiving software agent'"'"'s associated authenticator using the public/private key authentication techniques, and wherein sent communication messages are secured by the sending software agent'"'"'s associated authenticator using the public/private key authentication techniques, andwherein further exchange of communication messages with a software agent of the plurality is disabled when the challenge manager indicates that an associated software agent has been modified, andwherein the cryptographic seal coordinator comprises a network activity monitor for detecting excess processing by said challenge manager in response to the challenge message, and said communications interface is responsive to said network activity monitor to disable communications from said software object if said network activity monitor detects excess processing, andsaid challenge manager is operable to periodically activate said cryptographic code hasher to perform said hashing function on said software object, and notify said cryptographic seal coordinator and inhibit further communications with the software object when said hashing function indicates the software object has been modified, andsaid communications interface is operable to determine if said incoming communication message is an object self-hash rate message, andsaid challenge manager is responsive to said communications interface determining that said incoming communication message is said object self-hash rate message by adjusting the periodicity of said hashing function on said software object.
- View Dependent Claims (11, 12, 13, 14)
- - 11. A system in accordance with claim 10, wherein each software agent is further associated with means for disabling communications from said software agent when said challenge manager indicates that said software agent has been modified.
  - 12. A system in accordance with claim 11, comprising:
    - a second challenge manager;
      
      said cryptographic seal coordinator causing said second challenge manager to generate and send said challenge message to said communications interface.
  - 13. A system in accordance with claim 12, wherein said second challenge manager sends a timeout indicator to said cryptographic seal coordinator if a challenge response message is not received from said software object within a predetermined time period.
  - 14. A system in accordance with claim 10, wherein the cryptographic seal coordinator comprises means for notifying a system administrator of said excess processing, said excess processing indicating failure respond to said challenge message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
General Dynamics C4 Systems Incorporated (General Dynamics Corporation)
Original Assignee
Motorola, Inc. (Motorola Solutions, Inc.)
Inventors
Witt, Don Earl, Lynn, James T.
Primary Examiner(s)
Peeso, Thomas R.
Assistant Examiner(s)
JACK, TODD M

Application Number

US09/009,342
Time in Patent Office

1,022 Days
Field of Search

380/2, 380/4, 380/6, 380/278, 380/259, 713/169, 713/170
US Class Current

380/2
CPC Class Codes

G06F 21/64   Protecting data integrity, ...

G06F 2211/008   Public Key, Asymmetric Key,...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2103   Challenge-response

H04L 2209/60   Digital content management,...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/123   received data contents, e.g...

H04L 63/126   the source of the received ...

H04L 9/3236   using cryptographic hash fu...

H04L 9/3271   using challenge-response

Computer network protection using cryptographic sealing software agents and objects

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Computer network protection using cryptographic sealing software agents and objects

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links