Notification of modifications to a trusted computing base

US 6,961,855 B1
Filed: 12/16/1999
Issued: 11/01/2005
Est. Priority Date: 12/16/1999
Status: Expired due to Term

First Claim

Patent Images

1. A method for notifying a central authority of changes to a trusted computing installation, comprising the steps of:

determining that a user has made a security modification to a portion of the trusted computing installation under user control;

determining that the security modification is a notification event if the security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing installation; and

sending the central authority a notification of the security modification, in response to determining that the security modification is a notification event.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mechanism that allows enterprise authorities to be informed when security-sensitive decisions or actions have been or are attempting to be made by users of untrusted code executing in the trusted computing base. The mechanism may be implemented as an abstract class that is part of the trusted computing base. The class provides a framework abstract enough to permit multiple possible notifications (e.g., providing an e-mail to a system operator, sending an Simple Network Management Protocol (SNMP) alert, making an entry in an online database, or the like) in the event that a given action is taken by a user of untrusted code. The abstract class may provide a default notification, or the class may be extended to enable an authority to provide its own set of customized notifications.

52 Citations

View as Search Results

23 Claims

1. A method for notifying a central authority of changes to a trusted computing installation, comprising the steps of:
- determining that a user has made a security modification to a portion of the trusted computing installation under user control;
  
  determining that the security modification is a notification event if the security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing installation; and
  
  sending the central authority a notification of the security modification, in response to determining that the security modification is a notification event.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method as described in claim 1 wherein the predetermined event is chosen from the group consisting of a failed applet signature verification, an addition of a certificate in a certificate database and a modification of a certificate in a certificate database.
  - 3. The method as described in claim 1 wherein the predetermined event is created by a Java applet wishing to run with higher privileges and further comprising the steps of:
    - verifying a signature of the Java applet;
      
      responsive to a failed verification of the signature, running the applet as untrusted; and
      
      sending the central authority a notification of the failed verification.
  - 4. The method as described in claim 1 wherein the central authority provides a mechanism wherein the group of predetermined events can be modified by an authorized user.
  - 5. The method as described in claim 1 wherein the notification is chosen from the group consisting of an SNMP alert, an e-mail, a screen message and an online database.
  - 6. The method as described in claim 1 wherein the security modification is to allow untrusted code to run in the trusted computing installation.
  - 7. The method as described in claim 1 wherein the step of determining that the security modification is a notification event is accomplished by an abstract class instantiation which defines the type of notification in a concrete implementation of the abstract class instantiation.
  - 8. The method as described in claim 1 wherein the trusted computing installation further comprises a Java Virtual Machine resident in a local machine under user control.

9. A method of notifying a central authority of changes to a trusted computing installation, comprising the steps of:
- determining that a user has made a security modification to a portion of the trusted computing installation under user control;
  
  invoking a security notification manager class;
  
  instantiating the security manager class with an instance that determines that the security modification is a notification event if the security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing installation; and
  
  sending the central authority a notification of the security modification, in response to determining that the security modification is a notification event.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The method as described in claim 9 wherein the notification is selected from a group of notifications consisting of:
    - an SNMP alert, an e-mail, a database log, and a screen message.
  - 11. The method as described in claim 9 wherein the determining step executes a given control routine when the user has made a security modification to a portion of the trusted computing installation under user control.
  - 12. The method as described in claim 11 wherein the portion of the trusted computing installation is an applet signature verification routine.
  - 13. The method as described in claim 11 wherein the portion of the trusted computing installation is a certificate modification routine.

14. A method for notifying a central authority of changes to a trusted computing installation, comprising the steps of:
- upon a given security modification, invoking a security notification manager class;
  
  extending the security notification manager class with one of a set of instances, wherein a given instance determines that the security modification is a notification event if the security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing installation; and
  
  sending the central authority a notification of the security modification, and response to determining that the security modification is a notification event.

15. A computer program product in a computer-useable medium for notifying an authority of changes to a trusted computing installation, comprising:
- a security notification manager class;
  
  at least one class instance for the security notification manager class for determining that a given security modification is a notification event if the security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing installation; and
  
  means for sending the authority a notification of the given security modification in response to determining that the security modification is a notification event.
- View Dependent Claims (16, 17)
- - 16. The computer program product as described in claim 15 wherein the notification is selected from a group of notifications consisting of:
    - an SNMP alert, an e-mail, a database log, and a screen message.
  - 17. The computer program product as described in claim 15 further including a control routine for determining when the user has made a security modification to a portion of the trusted computing installation to generate the given security modification.

18. A computer program product in a computer-readable medium for notifying an authority of changes to a trusted computing installation, comprising:
- a control routine executed upon a given security modification in the trusted computing installation for invoking an abstract Java class;
  
  at least one class instance for the abstract Java class for determining that the given security modification is a notification event if the security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing installation; and
  
  means for sending the authority a notification of the given security modification in response to determining that the security modification is a notification event.

19. A trusted computing base, comprising:
- untrusted code executing in the trusted computing base;
  
  means operative as the untrusted code is executed for determining whether a given security modification has occurred, wherein the given security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing base;
  
  means responsive to the occurrence of the given security modification for invoking a security notification manager class that issues a given notification.
- View Dependent Claims (20, 21)
- - 20. The trusted computing base as described in claim 19 further including a set of one or more security notification manager class instances, wherein a given security notification manager class instance extends the security notification manager class to identify a given security modification.
  - 21. The trusted computing base as described in claim 20 wherein a given security manager class instance includes at least first and second rules, wherein the first rule triggers a first notification and the second rule triggers a second notification.

22. A notification service for a trusted computing installation, comprising:
- a pluggable framework for receiving a set of notification objects, wherein each notification objects identifies a given notification that is issued upon a given security modification to the trusted computing installation, wherein the given security modification is a predetermined event indicative of an attempt to circumvent a security mechanism of the trusted computing base; and
  
  means for issuing the given notification upon the occurrence of its associated security modification.
- View Dependent Claims (23)
- - 23. The notification service as described in claim 22 wherein the given notification is selected from a group of notifications consisting of:
    - an SNMP alert, an e-mail, a database log, and a screen message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
International Business Machines Corporation
Inventors
Shrader, Theodore Jack London, Yarsa, Julianne, Rich, Bruce Arland, Skibbie, Donna
Primary Examiner(s)
Barron, Gilberto
Assistant Examiner(s)
Gurshman, Grigory

Application Number

US09/464,854
Time in Patent Office

2,147 Days
Field of Search

713/200, 713/201, 713/187
US Class Current

726/1
CPC Class Codes

G06F 21/53 by executing in a restricte...

G06F 21/552 involving long-term monitor...

Notification of modifications to a trusted computing base

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

52 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Notification of modifications to a trusted computing base

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

52 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links