Notification of modifications to a trusted computing base
First Claim
1. A method for notifying a central authority of changes to a trusted computing installation, comprising the steps of:
- determining that a user has made a security modification to a portion of the trusted computing installation under user control;
determining that the security modification is a notification event if the security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing installation; and
sending the central authority a notification of the security modification, in response to determining that the security modification is a notification event.
3 Assignments
0 Petitions
Accused Products
Abstract
A mechanism that allows enterprise authorities to be informed when security-sensitive decisions or actions have been or are attempting to be made by users of untrusted code executing in the trusted computing base. The mechanism may be implemented as an abstract class that is part of the trusted computing base. The class provides a framework abstract enough to permit multiple possible notifications (e.g., providing an e-mail to a system operator, sending an Simple Network Management Protocol (SNMP) alert, making an entry in an online database, or the like) in the event that a given action is taken by a user of untrusted code. The abstract class may provide a default notification, or the class may be extended to enable an authority to provide its own set of customized notifications.
-
Citations
23 Claims
-
1. A method for notifying a central authority of changes to a trusted computing installation, comprising the steps of:
-
determining that a user has made a security modification to a portion of the trusted computing installation under user control; determining that the security modification is a notification event if the security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing installation; and sending the central authority a notification of the security modification, in response to determining that the security modification is a notification event. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of notifying a central authority of changes to a trusted computing installation, comprising the steps of:
-
determining that a user has made a security modification to a portion of the trusted computing installation under user control; invoking a security notification manager class; instantiating the security manager class with an instance that determines that the security modification is a notification event if the security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing installation; and sending the central authority a notification of the security modification, in response to determining that the security modification is a notification event. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A method for notifying a central authority of changes to a trusted computing installation, comprising the steps of:
-
upon a given security modification, invoking a security notification manager class; extending the security notification manager class with one of a set of instances, wherein a given instance determines that the security modification is a notification event if the security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing installation; and sending the central authority a notification of the security modification, and response to determining that the security modification is a notification event.
-
-
15. A computer program product in a computer-useable medium for notifying an authority of changes to a trusted computing installation, comprising:
-
a security notification manager class; at least one class instance for the security notification manager class for determining that a given security modification is a notification event if the security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing installation; and means for sending the authority a notification of the given security modification in response to determining that the security modification is a notification event. - View Dependent Claims (16, 17)
-
-
18. A computer program product in a computer-readable medium for notifying an authority of changes to a trusted computing installation, comprising:
-
a control routine executed upon a given security modification in the trusted computing installation for invoking an abstract Java class; at least one class instance for the abstract Java class for determining that the given security modification is a notification event if the security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing installation; and means for sending the authority a notification of the given security modification in response to determining that the security modification is a notification event.
-
-
19. A trusted computing base, comprising:
-
untrusted code executing in the trusted computing base; means operative as the untrusted code is executed for determining whether a given security modification has occurred, wherein the given security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing base; means responsive to the occurrence of the given security modification for invoking a security notification manager class that issues a given notification. - View Dependent Claims (20, 21)
-
-
22. A notification service for a trusted computing installation, comprising:
-
a pluggable framework for receiving a set of notification objects, wherein each notification objects identifies a given notification that is issued upon a given security modification to the trusted computing installation, wherein the given security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing base; and means for issuing the given notification upon the occurrence of its associated security modification. - View Dependent Claims (23)
-
Specification