Verification of software agents and agent activities
First Claim
1. A computing environment comprising:
- an origin site capable of creating and sending a software agent;
a destination site capable of receiving, executing and returning a software agent;
a trusted site having software implemented thereon for receiving a software agent from an origin site, fingerprinting the software agent, forwarding the agent to the destination site, comparing original and return software agent fingerprints, and sending verification notices to the origin site; and
an open communication network, where the sites are in communication with each other through the network.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention provides for verification of software agents and their activities. In a distributed computing environment, an origin resource, a destination resource and a trusted resource are provided. The origin resource is associated with a software agent in that, most generally, the agent'"'"'s information and/or an entrusted task are relevant to the origin resource. The destination resource is associated with the software agent in that, most generally, it is expected to advance the agent in the performance of an entrusted task. The trusted resource is associated with the software agent in that the trusted resource functions to provide verification of the software agent and its activities. The trusted resource preferably supports one or more selected operations such as, for example: receiving/forwarding of software agents; encrypting/decrypting software agents; acquiring, storing, retrieving and comparing of software agent fingerprints; executing TR rules that indicate the appropriateness of the interaction with the destination resource; establishing, setting, updating and checking return timers; generating and forwarding verification return relevant to verification of the agent and its activities; logging the activities of software agents with which the trusted resource interacts; and stripping, masking, or otherwise protecting part(s) or all of a software agent, particularly the TR rules.
-
Citations
20 Claims
-
1. A computing environment comprising:
-
an origin site capable of creating and sending a software agent;
a destination site capable of receiving, executing and returning a software agent;
a trusted site having software implemented thereon for receiving a software agent from an origin site, fingerprinting the software agent, forwarding the agent to the destination site, comparing original and return software agent fingerprints, and sending verification notices to the origin site; and
an open communication network, where the sites are in communication with each other through the network. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method implemented on a trusted site of a distributed computing environment, the method comprising the steps of:
-
receiving a software agent from an origin site;
generating an original agent fingerprint of the agent;
sending the agent to a destination site;
receiving the agent returning from the destination site;
generating an return agent fingerprint of the agent;
comparing the original agent fingerprint to a return agent fingerprint; and
sending a verification return to the origin site. - View Dependent Claims (9, 10, 11)
generating an agent return timer;
monitoring for the agent'"'"'s return;
sending a time out notification to the origin site if the agent return timer indicates a time-out condition;
executing agent rules designed to inform the trusted site on the proper handling of variable agent information;
checking the variable agent information against the rules upon the agent'"'"'s return from its destination site; and
sending a notification to the origin site so that the origin site can determine whether the variable information was modified appropriately.
-
-
10. The method of claim 8, wherein the environment includes an open communication network.
-
11. The method of claim 10, wherein the communication network is an Internet.
-
12. A method implemented on a trusted site of a distributed computing environment comprising the steps of:
-
receiving a software agent from a origin site;
generating an original agent fingerprint;
generating an agent return timer;
sending the agent to a destination site;
monitoring for the agent'"'"'s return;
sending a time out notification to the origin site if the agent return timer indicates a time-out condition;
generating a return agent fingerprint if the agent returns from the destination site prior to the agent return timer timing out;
comparing the original and return agent fingerprints to form a verification result; and
sending verification result to the origin site. - View Dependent Claims (13, 14, 15, 16)
logging the activities set forth in the other steps.
-
-
15. The method of claim 12, wherein the environment includes an open communication network.
-
16. The method of claim 15, wherein the communication network is an Internet.
-
17. A software agent implemented in a memory of a trusted site comprising:
-
a set of routing fields;
a set of fixed rules field to be executed by the trusted site when the agent returns to the trusted site from a destination site;
a new agent flag field so that the trusted site can identify the agent as a returning agent;
a fixed code field including fixed data and executable code which is designed to remain unmodified during task execution; and
a variable code field including variable data and variable executable code which is designed to be modified during task execution. - View Dependent Claims (18, 19, 20)
a security field for identifying the user site and for locking out other specified information.
-
-
19. The agent of claim 17, wherein the set of rules are designed to determine whether a given agent task has executed within a predetermined manner by comparing rule-based information to information in the variable fields when the agent returns to the trusted site.
-
20. The agent of claim 19, the rule-based information includes acceptable ranges of values for each data variable associated with the agent.
Specification