Distributed system, access control process and apparatus and program product having access controlling program thereon
First Claim
1. An access control apparatus having an agent environment for executing one or more agents each having method executing means and for managing execution of said agent(s), wherein(a) said agent environment comprises:
- (a1) agent generating means for generating said agent;
(a2) agent management means for uniquely distinguishing and managing said agent from another agent in said agent environment as from generation until end of execution of said agent;
(a3) execution method management means for checking as to whether or not the method executed by said agent is in need of access control;
(a4) agent environment information management means for storing managing position information of said agent environment, a starter of said agent environment and a producer of an execution program of said agent environment, as agent environment information, upon startup of said agent environment, and for collating the agent environment information with a security policy proper to said agent environment to check into authorization of executing method of an agent operating on said agent environment;
(a5) agent information management means for storing and managing the information on a starter of said agent and a producer of said agent as agent information upon generation of said agent, and for collating said agent information with the security policy proper to said agent environment to check into the authorization of said executing method of said agent;
(b) wherein first method transmission means and first method reception means are provided in the access control apparatus;
(c) wherein the apparatus is configured such that;
(c1) when a first agent present in the first one of said plural agent environments makes a method execution request to a second agent having a method to be disclosed to another agent, (c2) said first agent information management means of the first agent environment discriminates the agent information on the first agent environment and collates the discriminated information with the security policy of said first agent environment to check into a transmission authorization of said method for said first agent and, (c4) when said first agent has an authorization to transmit said method, the first method transmission means transmits, along with the execution request of said method, the first agent information and an updated thread visit history information on an executed thread of said method of said first agent added with the agent environment information of said first agent by a first thread visit history management means of the first agent environment, (c5) said first method reception means receiving a reply to said method execution request;
(d) wherein said second agent environment where said second agent is present comprises;
(d1) second reception means for receiving said method execution request transmitted from said first method transmission means, said first agent information and said thread visit history information;
(d2) second agent information management means for reading said first agent information and collating the read information with the security policy of said second agent environment to check into the execution authorization of said method;
(d3) second thread visit history management means for reading and discriminating the updated thread visit history information and collating the read information with the security policy of said second agent environment to check into the execution authorization of said method; and
(d4) second method transmission means for returning a result of execution of said method to said first agent environment.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and a process for access controlling the agent execution, based on thread history (tracing) information, in an environment in which plural agents are run simultaneously, to protect the agent environment and the agents operating in the agent environment. When an agent 130 operating on an agent environment 140 requests execution of method to be a disclosed to another agent, the agent information 123 for the agent 130 and the agent environment information on the agent environment 140 are stored in a method execution request message, by agent environment information management means 172 and by agent environment information management means 173, respectively, whilst thread visit history information 125 on the thread of the method is stored in the thread visit history management means 174. Method transmission means 180 transmits the method to an agent environment of the method requestor. The method reception means of the agent environment of the requester receives the message. Agent execution management means of the agent environment checks into execution authorization of the requested method based on the agent information and the thread visit history information with execute access control.
-
Citations
23 Claims
-
1. An access control apparatus having an agent environment for executing one or more agents each having method executing means and for managing execution of said agent(s), wherein
(a) said agent environment comprises: -
(a1) agent generating means for generating said agent;
(a2) agent management means for uniquely distinguishing and managing said agent from another agent in said agent environment as from generation until end of execution of said agent;
(a3) execution method management means for checking as to whether or not the method executed by said agent is in need of access control;
(a4) agent environment information management means for storing managing position information of said agent environment, a starter of said agent environment and a producer of an execution program of said agent environment, as agent environment information, upon startup of said agent environment, and for collating the agent environment information with a security policy proper to said agent environment to check into authorization of executing method of an agent operating on said agent environment;
(a5) agent information management means for storing and managing the information on a starter of said agent and a producer of said agent as agent information upon generation of said agent, and for collating said agent information with the security policy proper to said agent environment to check into the authorization of said executing method of said agent;
(b) wherein first method transmission means and first method reception means are provided in the access control apparatus;
(c) wherein the apparatus is configured such that;
(c1) when a first agent present in the first one of said plural agent environments makes a method execution request to a second agent having a method to be disclosed to another agent, (c2) said first agent information management means of the first agent environment discriminates the agent information on the first agent environment and collates the discriminated information with the security policy of said first agent environment to check into a transmission authorization of said method for said first agent and, (c4) when said first agent has an authorization to transmit said method, the first method transmission means transmits, along with the execution request of said method, the first agent information and an updated thread visit history information on an executed thread of said method of said first agent added with the agent environment information of said first agent by a first thread visit history management means of the first agent environment, (c5) said first method reception means receiving a reply to said method execution request;
(d) wherein said second agent environment where said second agent is present comprises;
(d1) second reception means for receiving said method execution request transmitted from said first method transmission means, said first agent information and said thread visit history information;
(d2) second agent information management means for reading said first agent information and collating the read information with the security policy of said second agent environment to check into the execution authorization of said method;
(d3) second thread visit history management means for reading and discriminating the updated thread visit history information and collating the read information with the security policy of said second agent environment to check into the execution authorization of said method; and
(d4) second method transmission means for returning a result of execution of said method to said first agent environment.
-
-
2. An access control apparatus, capable of executing a plurality of agents having method executing means, comprising:
-
an agent environment managing execution of said agent;
said agent environment migrating said agent from a first agent environment, in which said agent operates, to a second agent environment in which said agent is restored to continue the execution;
said agent environment comprising;
agent generating means for generating an agent;
agent management means for uniquely distinguishing and managing said agent from other agents in said agent environment as from generation until end of execution of said agent;
execution method management means for checking as to whether or not a method executed by said agent is in need of access control;
agent environment information management means for storing and managing position information of said agent environment information on a starter of said agent environment and a producer of an execution program of said agent environment, as agent environment information, upon startup of said agent environment, and collating the agent environment information with a security policy proper to said agent environment to check into authorization of executing method of the agent operating on said agent environment; and
agent information management means for storing and managing the information on the starter of said agent and the producer of said agent program as the agent information upon generation of said agent, and collating said agent information with the security policy proper to said agent environment to check into the authorization of said executing method of said agent;
a first one of said agent environments comprising;
first agent information management means for discriminating the agent information of said agent when said agent is migrating to said second agent environment, to collate the agent information of said agent with the security policy of said first agent environment to check into the migration execution authorization of said agent;
first agent environment information management means for discriminating said first agent environment information for collating the security policy of said first agent environment to check into the migration execution authorization of said first agent;
first agent visit history management means for discriminating the agent visit history information of said agent for collating the discriminated information with the security policy of said first agent environment to check into the migration execution authorization of said agent; and
first agent transmission means for transmitting said agent information and an updated information to said second agent environment along with the agent migration request in case the agent has migration executing authorization, said updated visit history information being obtained by adding the agent environment information of said first agent environment to the agent visit history information of said agent by said first agent visit history information management means of said first agent environment; and
said second agent environment comprising;
second agent reception means for reception the agent migration request transmitted from said first agent transmission means and the updated agent visit history information;
second agent information management means for reading and discriminating the agent information and collating the discriminated information to a security policy of the second agent environment to check into the migration authorization of said agent; and
second agent visit history information management means for reading and discriminating the agent visit history information and collating the information with the security policy of the second agent environment to check into the migration authorization of said agent. - View Dependent Claims (3)
first method transmission means;
said first method transmission means being configured such that, in a first agent environment where a first agent is present and makes a method execution request to a second agent having a method to be disclosed to another agent;
when said first agent makes said method execution request, said first method transmission means discriminates the agent information on said first agent environment and collates the discriminated information with the security policy of said first agent environment to check into a transmission authorization of said method by said first agent and, said first agent environment information management means discriminates said agent environment information on said first agent environment and collates the discriminated agent environment information with the security policy of said first agent environment to check into a transmission authorization of said method by said agent, and when said first agent has authorization to transmit said method, said first agent transmits, along with said method execution request, the first agent information and said updated thread visit history information to said second agent environment;
first method reception means receiving a reply to said method execution request;
said second agent environment, where said second agent is present, comprising;
second method reception means for receiving said method execution request, said first agent information, and said thread visit history information;
second agent information management means for reading said first agent information and collating the read information with the security policy of said second agent environment to check into the execution authorization of said method;
second thread visit history management means for reading and discriminating the updated thread visit history information and collating the read information with the security policy of said second agent environment to check into the execution authorization of said method; and
second method transmission means for returning a result of execution of said method to said first agent environment.
-
-
4. An access control process having an agent environment for executing plural agents having a method executing step and for managing execution of said agent, said agent environment comprising:
-
an agent generating step of generating an agent;
an agent management step of uniquely distinguishing and managing said agent from another agent in said agent environment as from generation until end of execution of said agent;
an execution method management step of checking as to whether or not the method executed by said agent is in need of access control;
an agent environment information management step of storing and managing position information of said agent environment, a starter of said agent environment and a producer of an execution program of said agent environment, as agent environment information, upon startup of said agent environment, and for collating the agent environment information with a security policy proper to said agent environment to check into authorization, for executing said method, of the agent operating on said agent environment; and
an agent information management step of storing and managing the information on the starter of said agent and on the producer of said agent program as the agent information upon generation of said agent, and collating said agent information with the security policy proper to said agent environment to check into the authorization, for executing said method, of said agent;
said first agent environment comprising;
a first agent environment management step of, in the first agent environment, discriminating the agent information of said first agent to collate the agent information of said agent with a security policy of said first agent environment to check into method transmitting authorization of said first agent, when the first agent existing in the first agent environment makes a method execution request to a second agent having a method to be disclosed to another agent;
a first agent environment information management step of discriminating said agent environment information on the first agent environment for collating the security policy of said first agent environment to check into the method transmitting authorization of said first agent;
a first method transmitting step of transmitting, along with said method execution request, said first agent information and updated thread visit information, when said first agent has said method transmitting authorization, said updated thread visit information being obtained by adding said agent environment information of the first agent to thread visit history information on an executed thread of said method of the first agent in a first thread visit history management step of the first agent environment;
a first method reception step of receiving a reply to said method execution request;
a second agent environment in which a second agent is present comprising;
a second agent reception step of receiving the agent execution request transmitted from the first agent transmitting step, said first agent information and the updated thread visit history information;
a second agent information management step of reading and discriminating the updated thread visit history information, and collating a security policy of the second agent environment to check into execution authorization of said agent;
a second thread visit history information management step of reading and discriminating the thread visit history information, and collating the discriminated information with the security policy of the second agent environment to check into the migration authorization of said method; and
a second method transmitting step of transmitting an executed result of said method.
-
-
5. An access control process having an agent environment in which to execute one or plural agents having a method executing step and in which to manage the execution of said agent;
- said method being capable of migrating said agent from a first agent environment in which said agent is operated to a second agent environment for restoring said agent to continue the execution;
said agent environment comprising;
(a) an agent generating step of generating an agent;
(b) an agent management step of uniquely distinguishing and managing said agent from the other agents in said agent environment as from generation until end of execution of said agent;
(c) an execution method management step of checking as to whether or not a method executed by said agent is in need of access control;
(d) an agent environment information management step of storing and managing position information of said agent environment, a starter of said agent environment and a producer of an execution program of said agent environment, as agent environment information, at the time of startup of said agent environment, and collating the agent environment information to a security policy proper to said agent environment to check into authorization, for executing the method, of the agent operating in said agent environment; and
(e) an agent information management step of storing and managing the information on the starter of said agent and the producer of said agent program as agent information upon generation of said agent, and collating said agent information with the security policy proper to said agent environment to check into the authorization of executing the method of said agent;
said first agent environment comprising;
(f) a first agent information management step of discriminating the agent information of said agent when said agent migrates to the second agent environment and collating the agent information with a security policy of the first agent environment to check into migration executing authorization of said agent;
(g) a first agent environment information management step of discriminating the first agent environment information with collate it with the security policy of the first agent environment to check into the migration execution authorization of said first agent;
(h) a first agent visit history management step of discriminating the agent visit history information of said agent to collate it to the security policy of the first agent environment to check into the migration execution authorization of said agent; and
(i) a first agent transmitting step of transmitting to a second agent environment the first agent information along with the agent executing request, in case said first agent has an agent transmitting authorization, and an updated thread visit history information in the first agent visit history information of the first agent environment, said updated agent visit history information being obtained by adding agent environment information of said first agent environment to the agent visit history information of said agent; and
the second agent environment comprising;
(j) a second agent reception step of receiving the agent migration request transmitted from the first agent transmitting step, and said updated agent visit history information;
(k) a second agent information management step of reading and discriminating the agent information, and collating a security policy of the second agent environment to check into execution authorization of said agent;
(l) a second agent visit history information management step of reading and discriminating said agent visit history information and collating this information with the security policy of the second agent environment to check into the migration authorization of said agent. - View Dependent Claims (6)
a first method transmission step and a first method reception step;
said first method transmission step being configured such that;
in a first agent environment where a first agent is present that makes a method execution request to a second agent having a method to be disclosed to another agent, when said first agent present in the first agent environment makes said method execution request to said second agent, said first method transmission step comprising the sub steps of;
(m) a first agent information management step of the first agent environment discriminating the agent information of said first agent to collate the agent information with a security policy of said first agent environment to check into the method transmitting authorization of said first agent;
(n) said first agent environment information management step of the first agent environment discriminating said agent environment information on the first agent environment for collating the security policy of said first agent environment to check into the method transmitting authorization of said first agent;
(o) the first method transmission step of transmitting to a second agent environment the first agent information, along with the method executing request in case said first agent has the method transmitting authorization, and the updated thread visit history information in the first thread visit history information of the first agent environment, said updated thread visit history information being obtained by adding the agent environment information of said first agent to thread visit history information on an executed thread of the method of the first agent;
(p) the first method reception step receiving a reply to the method execution request; and
the agent environment in which said second agent is present comprising;
(q) a second method reception step of receiving the method execution request transmitted from the first method transmitting step, said first agent information and the updated thread visit history information;
(r) a second agent information management step of reading and discriminating the first agent information, and collating the security policy of the second agent environment to check into the execution authorization of said method;
(s) a second thread visit history information management step of reading and discriminating the thread visit history information and collating the information with the security policy of the second agent environment to check into the execution authorization of said method; and
(t) a second method transmitting step of returning a result of execution of said method to the first agent environment.
- said method being capable of migrating said agent from a first agent environment in which said agent is operated to a second agent environment for restoring said agent to continue the execution;
-
7. A computer-readable program product carried on a medium for execution on a plurality of computers connected to other computers over a network, said computers having an agent environment for executing plural agents having a method executing step and managing the execution of said agent, wherein said program product comprising the following processing steps (a) to (m):
-
said agent environment comprises;
(a) an agent generating processing of generating an agent;
(b) an agent management processing of uniquely distinguishing and managing said agent from the other agents in said agent environment as from generation until end of execution of said agent;
(c) an execution method management processing of checking as to whether or not a method executed by said agent is in need of access control;
(d) an agent environment information management processing of storing and managing position information of said agent environment, a starter of said agent environment and a producer of an execution program of said agent environment, as agent environment information, at the time of startup of said agent environment, and collating the agent environment information with a security policy proper to said agent environment to check into authorization, for executing the method, of the agent operating in said agent environment; and
(e) an agent information management processing of storing and managing the information on the starter of said agent and the producer of said agent program as agent information upon generation of said agent, and collating said agent information to the security policy proper to said agent environment to check into the authorization of executing the method of said agent;
when a first agent existing in the first agent environment makes a method execution request to a second agent having a method to be disclosed to another agent, said agent environment comprising;
(f) a first agent environment management processing of the first agent environment discriminating the agent information of said first agent, and collating the agent information with the security policy of said first agent environment to check into the method transmitting authorization of said first agent;
(g) a first agent environment information management processing of the first agent environment discriminating said agent environment information on the first agent environment for collating the security policy of said first agent environment to check into the method transmitting authorization of said first agent;
(h) a first method transmitting processing of transmitting to a second agent environment, along with the method executing request in case said first agent has the method transmitting authorization, the first agent information and updated thread visit history information in the first thread visit history information of the first agent environment, said updated thread visit history information being obtained by adding the agent environment information of said first agent to thread visit history information on an executed thread of said method of said first agent; and
(i) a first method reception processing of receiving a reply to the method execution request;
the agent environment in which said second agent is present comprising;
(j) a second method reception processing of receiving the method execution request transmitted from the first method transmitting processing, said first agent information and the updated thread visit history information;
(k) a second agent information management processing of reading and discriminating the first agent information, and collating the information with the security policy of the second agent environment to check into the execution authorization of said method;
(l) a second thread visit history information management processing of reading and discriminating the agent visit history information and collating the information with the security policy of the second agent environment to check into the execution authorization of said method; and
(m) a second method transmitting processing of returning a result of execution of said method to the first agent environment.
-
-
8. A computer-readable program product carried on a medium for execution on a plurality of computers connected to other computers over a network, said computers having an agent environment for executing plural agents having a method executing step and managing the execution of said agent, said agent being migrated from a first agent environment in which said agent operates to a second agent environment in which said agent is restored and continues to be executed;
-
said program product comprising the following processing steps of (a) to (l);
wherein said agent environment comprises;
(a) an agent generating processing of generating an agent;
(b) an agent management processing of uniquely distinguishing and managing said agent from the other agents in said agent environment as from generation until end of execution of said agent;
(c) an execution method management processing of checking as to whether or not a method executed by said agent is in need of access control;
(d) an agent environment information management processing of storing and managing position information of said agent environment, a starter of said agent environment and a producer of an execution program of said agent environment, as agent environment information, at the time of startup of said agent environment, and collating the agent environment information with a security policy proper to said agent environment to check into authorization, for executing the method, of the agent operating in said agent environment; and
(e) an agent information management processing of storing and managing the information on the starter of said agent and the producer of said agent program as agent information upon generation of said agent, and collating said agent information with the security policy proper to said agent environment to check into the authorization, for executing the method, of said agent;
said first agent environment comprising;
(f) a first agent information management processing of discriminating the agent information of said agent when said agent is migrated to the second agent environment and collating the agent information with a security policy of the first agent environment to check into the migration executing authorization of said agent;
(g) a first agent environment information management processing of discriminating the first agent environment information with collate it with the security policy of the first agent environment to check into the migration execution authorization of said first agent;
(h) a first agent visit history management processing of discriminating agent visit history information of said agent to collate it with the security policy of the first agent environment to check into the migration execution authorization of said agent; and
(i) a first agent transmitting processing of transmitting to a second agent environment, along with the agent executing request in case said first agent has the agent transmitting authorization, the first agent information and updated agent visit history information in the first agent visit history management processing of the first agent environment, said updated agent visit history information being obtained by adding the agent environment information of said first agent to the agent visit history information of said first agent;
the second agent environment comprising;
(j) a second agent reception processing of receiving the agent execution request transmitted from the first agent transmitting processing, said first agent information and the updated agent visit history information;
(k) a second agent information management processing of reading and discriminating the first agent information, collating the security policy of the second agent environment to check into the migration authorization of said agent; and
(l) a second agent visit history information management processing of reading and discriminating the agent visit history information and collating the information with the security policy of the second agent environment to check into the migration authorization of said agent.- View Dependent Claims (9)
first method transmission processing and first method reception processing;
in said first method transmission processing, when the first agent present in the first agent environment makes a method execution request to the second agent having the method to be disclosed to another agent, (m) a first agent environment management processing of the first agent environment discriminating the agent information on said first agent to collate the agent information with the security policy of said first agent environment to check into the method transmitting authorization of said first agent;
(n) a first agent environment information management processing discriminating said agent environment information on the first agent environment for collating it with the security policy of said first agent environment to check into the method transmission authorization of said first agent;
(o) a first method transmitting processing of transmitting to a second agent environment, along with the method executing request in case said first agent has the method transmitting authorization, the first agent information and the updated thread visit history information in the first thread visit history information of the first agent environment, said updated thread visit history information being obtained by adding the agent environment information of said first agent to the thread visit history information on the method execution thread of said first agent; and
(p) the first method reception processing receiving a reply to the method execution request;
the second agent environment in which said second agent is present comprising;
(q) a second method reception processing of receiving the method execution request transmitted from the first method transmitting processing, said first agent information and the updated thread visit history information;
(r) a second agent information management processing of reading and discriminating the first agent information, and collating it with the security policy of the second agent environment to check into the execution authorization of said method;
(s) a second thread visit history management processing of reading and discriminating the thread visit history information and collating the information with the security policy of the second agent environment to check into the execution authorization of said method; and
(t) a second method transmitting processing of returning a result of execution of said method to the first agent environment.
-
-
10. An access control process in which a method and/or an agent is sent from one computer to another computer over a network for execution, comprising:
-
holding and transmitting visit history information on agent environments of computers traversed by a method and/or an agent, collating, in an agent environment of a destined computer, the visit history information, with a security policy defining the security information, and performing control so as not to permit execution of a method and/or an agent which has traversed an agent environment not permitted under a security policy of an own agent environment; and
wherein the visit history information comprises migration message information on each agent environment previously traversed by the method and/or agent.
-
-
11. An access control process for an agent system, in wich a plurality of computers is interconnected over a network and in which a method disclosed by an agent of a computer is requested to be executed by an agent of another computer, comprising:
-
storing and holding a security policy which defines security information from one agent environment to another by each computer;
updating and holding, in a method request message;
information on an agent of a method execution requester, information on an agent environment traversed by the method, and visit history information, on a thread of said method, to transmit the resulting message to an agent environment of the method execution requester, and performing control in an agent environment to which of the method execution is requested so as not to permit execution of a thread which has traversed an agent environment not permitted under a security policy on an own agent environment, by collating the visit history information of said thread of the received method request message with the security policy; and
wherein the visit history information comprises migration message information on each agent environment previously traversed by the method and/or agent.
-
-
12. An access control process, in a mobile agent system in which an agent is migrated between agent environments of a plurality of computers interconnected over a network, comprising:
-
storing and holding by each computer a security policy defining security information from one agent environment to another;
every time an agent traverses an agent environment, updating and holding agent environment information and agent visit history information in an agent migration message; and
collating, in an agent environment of a destination of agent movement, the agent visit history information of a received agent migration message with a security policy to perform control so as not to permit execution of an agent which has traversed an agent environment not permitted by the security policy of an own agent environment; and
wherein the visit history information comprises migration message information on each agent environment previously traversed by the method and/or agent.
-
-
13. A distributed system comprising:
-
a plurality of computers interconnected over a network, in which a method disclosed by an agent of a computer is requested by an agent of another computer to be executed;
each computer including storage means for holding security policy defining security information from one agent environment to another;
in an agent environment of a method execution requestor, means for storing in a method request message;
agent information, agent environment information or, and visit history information on a method thread;
in an agent environment which the method has traversed, means for holding agent environment information added to the thread visit history information of the method request message; and
in an agent environment of an addresee of the method execution request, means for managing control by collating the visit history information of said thread of the received method request message with a security policy of an own agent environment so as not to permit execution of a thread which has traversed a non-permitted agent environment; and
wherein the visit history information comprises migration message information on each agent environment previously traversed the method and/or agent.
-
-
14. A distributed system in which a plurality of computers are interconnected over a network and in which an agent is migrated between agent environments of the computers for execution, wherein:
-
(a) each computer includes storage means for holding a security policy defining security information from one agent environment to another; and
(b) the system comprises;
(b1) means for adding agent visit history information with an agent environment to update an agent migration message each time an agent traverses the agent environment; and
(b2) means for collating the agent visit history information of a received agent migration message with a security policy of an own agent environment to check into migration authorization of the agent, thereby managing control so as not to permit execution of an agent which has traversed an agent environment not permitted by said security policy; and
(c) the visit history information comprises migration message information on each agent environment previously traversed by the method and/or agent.
-
-
15. An access control method for a distributed system in which a plurality of computers are interconnected over a network;
- wherein
each computer stores and holds a security policy defining security information of each agent environment; and
said method comprises;
(a) a step of having reference to said security policy to check into transmission authorization of a method request upon requesting another agent environment which has disclosed a method for executing the method;
(b) a step of adding a thread visit history information on the method execution thread to an own agent environment information in an agent environment traversed by said agent and a source of transmission of the agent and storing the information in the own agent environment information for transmission; and
(c) a step of reading the thread visit history information of the method request message upon receiving the method request from another agent and collating the read information with the security policy of the own agent environment to check into execution authorization of the method; and
wherein the visit history information comprises migration message information on each agent environment previously traversed the method and/or agent.
- wherein
-
16. An access control method for a distributed system in which a plurality of computers are interconnected over a network;
- wherein
each computer stores and holds a security defining security information of own agent environment;
said method comprises;
(a) a step of having reference to said security policy to check into migration execution authorization of an agent lying in an own agent environment upon migration of the agent to another agent environment of a destination of migration;
(b) a step of storing, in an agent migration message, agent visit history information updated by addition of information of the own anent environment when the migration execution authorization of said agent is found; and
(c) a step of reading agent visit history information upon receiving an agent migration message from another agent and collating the read information with a security policy of the own agent environment to check into the migration authorization of the agent; and
the visit history information comprises migration message information on each agent environment previously traversed by the method and/or agent.
- wherein
-
17. A distributed system, comprising:
-
a plurality of computers interconnected over a network each computer comprising;
storage means for storing a security policy defining security information of an agent environment of an own computer, and agent execution management means for managing execution of an agent in an agent environment of the own computer;
said agent execution management means comprising;
means for having reference to said security policy to check into transmission authorization of a method request upon making a method request from an agent in an own agent environment to an agent of another agent environment;
means for adding own agent environment information to thread visit history information on the method execution thread of said agent to store the added information along with updated thread visit history information in a method request message; and
means for reading the thread visit history information of said method request message upon receiving a method request message from another agent, and for collating the read information with the security policy of the own agent environment to check into the execution authorization of said method.
-
-
18. A distributed system, comprising:
-
a plurality of computers interconnected over a network;
in each computer, storage means for storing a security policy defining security information of an agent environment of an own computer and agent execution management means for managing execution of an agent in the agent environment of the own computer;
wherein said agent execution management means comprises;
means for referring to said security policy when an agent in an own agent environment is migrating to an agent environment of another destination of migration to check into migration executing authorization of said agent;
means for adding agent visit history information updated on addition of the own agent environment in an agent migration message in case said agent has a migration executing authorization for transmission to another agent environment, and means for reading the agent visit history information upon receiving the agent migration message to collate the read information with a security policy of the own agent environment to check into the migration authorization of said agent.
-
-
19. A computer program product, comprising:
-
a medium, and instructions, carried on the medium, for permitting a computer to participate in a system in which each of a plurality of computers interconnected over a network stores and holds a security policy which defines security information of an agent environment of an own computer, the instructions defining operations comprising;
referencing said security policy to check into a transmission authorization of a method request upon making a method execution request to another agent environment which has disclosed a method;
adding agent environment information to thread visit history information on an execution thread of the method of the agent and storing updated thread visit history information in a method request message for transmission; and
reading the thread visit history information of the method request message upon receiving the method request from another agent and collating the read information with a security policy of an own agent environment to check into the execution authorization of the method so as not to permit execution of a thread which has traversed an agent environment not permitted by the security policy of the own agent environment.
-
-
20. A computer program product, comprising:
-
a medium, and instructions, carried on the medium, for permitting a computer to participate in a system in which each of a plurality of computers interconnected over a network stores and holds a security policy which defines security information of an agent environment of an own computer, the instructions defining operations comprising;
referring to said security policy when an agent in an own agent environment is migrating to an agent environment of another destination of migration to check into migration executing authorization of said agent;
adding agent visit history information updated on addition of the own agent environment in an agent migration message for transmission to another agent environment in case said agent has the migration executing authorization; and
reading thread visit history information of a method request message upon receiving a method request from another agent and collating the read information with a security policy of an own agent environment to check into the execution authorization of the method so as not to permit execution of a thread which has traversed an agent environment not permitted by the security policy of the own agent environment.
-
-
21. A distributed system, comprising:
-
a plurality of agent environments that execute one or more agents;
each of said agent environments having method executing means; and
each of said agent environments managing execution of said agents;
wherein each said agent environment comprises;
agent generating means for generating said agent;
agent management means for uniquely managing said agent and distinguishing said agent from another agent in said agent environment as from generation until end of execution of said agent;
execution method management means for checking as to whether or not the method executed by said agent is in need of access control;
agent environment management means for;
storing and managing as agent environment information, upon startup of said agent environment;
position information of said agent environment, a starter of said agent environment, and a producer of an execution program of said agent environment, andcollating the agent environment information with a security policy proper to said agent environment to check into authorization of an executing method of an agent operating on said agent environment;
agent information management means for storing and managing the information on a starter of said agent and a producer of said agent as agent information upon generation of said agent, and for collating said agent information with the security policy proper to said agent environment to check into the authorization of said execution method of said agent;
first method transmission means; and
first method reception means;
wherein, as for the first method transmission means, a first agent information means is configured such that;
when a first agent present in a first one of said plural agent environments makes a method execution request to a second agent having a method to be disclosed to another agent, the first agent information management means of the first agent environment;
discriminates the agent information on the first agent, and
collates the discriminated agent information with a security policy of said first agent environment to check into a method transmitting authorization of said first agent;
the first agent environment management means of the first agent environment discriminates the agent environment information on the first agent environment, collates this discriminated information with the security policy of the first agent environment to check into the method transmitting authorization of said first agent, and
when said first agent has the method transmitting authorization, the first method transmission means transmits the first agent information and an updated thread visit history information, along with said method execution request, to a second agent environment, said updated thread visit history information comprising a thread visit history information on an executed thread of said method of said first agent added to the agent environment information of said first agent,
wherein said first method reception means receives a reply to said method execution request; and
wherein said second agent environment where said second agent is present comprises;
second reception means for receiving said method execution request transmitted from said first method transmission means, said first agent information and said thread visit history information;
second agent information management means for reading said first agent information and collating the read information with a security policy of said second agent environment to check into execution authorization of said method;
second thread visit history management means for reading the updated thread visit history information for discrimination, and collating the read information with the security policy of said second agent environment to check into the execution authorization of said method; and
second method transmission means for replying executed results of said method to said first agent environment.
-
-
22. A distributed system having a plurality of agent environments for executing one or more agents each having method executing means and for managing execution of said agents, for migrating said agent from a first agent environment where said agent operates to a second agent environment in which said agent is restored to continue the execution, wherein:
-
(a) said agent environment comprises;
(a1) agent generating means for generating said agent;
(a2) agent management means for uniquely distinguishing and managing said agent from another agent in said agent environment as from generation until end of execution of said agent;
(a3) execution method management means for checking as to whether or not the method executed by said agent is in need of access control;
(a4) agent environment management means for storing and managing position information of said agent environment, a starter of said agent environment and a producer of an execution program of said agent environment, as agent environment information, upon startup of said agent environment, and for collating the agent environment information with a security policy proper to said agent environment to check into authorization of an executing method of an agent operating on said agent environment; and
(a5) agent information management means for storing and managing the information on a starter of said agent and a producer of said agent as agent information upon generation of said agent, and for collating said agent information with the security policy proper to said agent environment to check into the authorization of said execution method of said agent;
(b) said agent environments comprise a first and second agent environment;
(b1) the first agent environment comprising a first agent information management means for discriminating the agent information of said agent when said agent is migrating to said second agent environment and for collating the agent information of said agent to a security policy of the first agent environment to check into migration execution authorization of said first agent;
(b2) first agent environment information management means for discriminating said first agent environment information and for collating the security policy of said first agent environment to check into migration execution authorization of said first agent;
(b3) first agent visit history information management means for discriminating the agent visit history information and of said agent and for collating the discriminated information with the security policy of said first agent environment to check into the migration execution authorization of said agent; and
(b4) first agent transmission means for transmitting said agent information and updated agent visit history information to said second agent environment by adding the agent environment information of said first agent environment to the agent visit history information of said agent through said first agent visit history information management means of said first agent environment along with an agent migration request in case the agent has migration executing authorization to update the agent visit history information;
(b2) said second agent environment comprising;
(b2.1) second agent reception means for receiving the agent migration request transmitted from said first agent transmission means and the updated agent visit history information;
(b2.2) second agent information management means for reading and discriminating the agent information and collating the discriminated information with a security policy of the second agent environment to check into the migration authorization of said agent; and
(b2.3) second agent visit history information management means for reading and discriminating the agent visit history information and collating this discriminated information with the security policy of the second agent environment to check into the migration authorization of said agent. - View Dependent Claims (23)
(c) first method transmission means and first method reception means;
(c1) in the first agent environment where an agent making a method execution request to an agent having a method to be disclosed to another agent is present, (c1.1) said first method transmission means being configured such that;
when a first agent present in the first agent environment makes a method execution request to a second agent having a method to be disclosed to another agent, (c1.2) said first agent information management means discriminates the agent information on said first agent environment and collates the discriminated information with the security policy of said first agent environment to check into a method transmission authorization of said first agent and, (c1.3) said first agent environment management means of the first agent environment discriminates the agent environment information on the first agent environment, and collates the discriminated information with the security policy by the first agent environment to check into the method transmission authorization of the first agent, (c1.4) when said first agent has an authorization to transmit said method, the first method transmission means transmits, along with the method execution request, the first agent information and an updated thread visit history information on the executed thread of said method of said first agent added with the agent environment information of said first agent by means of said first thread, and (c1.5) said first method reception means receives a reply to said method execution request;
(d) said second agent environment where said second agent is present comprising;
(d1) second method reception means for receiving said method execution request transmitted from said first method transmission means, said first agent information and said thread visit history information;
(d2) second agent information management means for reading and discriminating said first agent information and collating the read information with the security policy of said second agent environment to check into the execution authorization of said method;
(d3) second thread visit history management means for reading and discriminating the updated thread visit history information and collating the read information with the security policy of said second agent environment to check into the execution authorization of said method; and
(d4) said second method transmission means being configured for replying a result of execution of said method to said first agent environment.
-
Specification