Computing environment and apparatuses with integrity based fail over

US 7,360,099 B2
Filed: 09/19/2002
Issued: 04/15/2008
Est. Priority Date: 09/19/2002
Status: Active Grant

First Claim

Patent Images

1. In a computing environment having a plurality of computing units, a method of operation comprising:

determining whether integrity of a first of the computing units of the computing environment has been compromised;

determining a degree of compromise of the integrity of the first computing unit with respect to a level of risk, if the integrity of the first computing unit is determined to have been compromised; and

soft failing the first computing unit over to one or more of the other computing units, including transferring any active user sessions to the one or more of the other computing units, if the degree of compromise of the integrity of the first computing unit is determined to be below a predetermined threshold with respect to the level of risk.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Computing units of a computing environment are equipped with means to determine their respective integrity. Further, each computing unit is equipped, such that if its integrity is determined to have been compromised, the computing unit automatically takes itself out of service. In one embodiment, prior to the automatically removing itself from service, a degree of compromise is determined. If the degree of compromise is determined to be within an acceptable risk level, the compromised computing unit fails itself over to one or more other computing units in the computing environment.

73 Citations

View as Search Results

26 Claims

1. In a computing environment having a plurality of computing units, a method of operation comprising:
- determining whether integrity of a first of the computing units of the computing environment has been compromised;
  
  determining a degree of compromise of the integrity of the first computing unit with respect to a level of risk, if the integrity of the first computing unit is determined to have been compromised; and
  
  soft failing the first computing unit over to one or more of the other computing units, including transferring any active user sessions to the one or more of the other computing units, if the degree of compromise of the integrity of the first computing unit is determined to be below a predetermined threshold with respect to the level of risk.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein said determining of whether integrity of a first of the computing units of the computing environment has been compromised is performed regularly on a periodic basis.
  - 3. The method of claim 1, wherein said determining of whether integrity of a first of the computing units of the computing environment has been compromised is performed continuously.
  - 4. The method of claim 1, wherein said determining of whether integrity of a first of the computing units of the computing environment has been compromised comprises verifying a privileged kernel of an operating system of the first computing unit has not been compromised.
  - 5. The method of claim 1, wherein said determining of whether integrity of a first of the computing units of the computing environment has been compromised further comprises verifying other privileged software of the first computing unit has not been compromised.
  - 6. The method of claim 5, wherein said determining of whether integrity of a first of the computing units of the computing environment has been compromised further comprises verifying shared non-privileged software of the first computing unit has not been compromised.
  - 7. The method of claim 6, wherein said determining of whether integrity of a first of the computing units of the computing environment has been compromised further comprises verifying non-shared and non-privileged software of the first computing unit has not been compromised.
  - 8. The method of claim 1, wherein said determining of whether integrity of a first of the computing units of the computing environment has been compromised comprises verifying certain designated system data of the first computing unit has not been compromised.
  - 9. The method of claim 1, wherein said determining of a degree of compromise comprises determining whether any software of the first computing unit with an integrity classification greater than a predetermined level has been compromised.
  - 10. The method of claim 1, wherein said failing of the first computing unit over to one or more of the other computing units comprises automatically relocating one or more user sessions being hosted on the first computing unit to one or more of the other computing units.
  - 11. The method of claim 10, wherein said failing over further comprises automatically taking the first computing unit out of service, upon relocating the one or more user sessions being hosted by the first computing unit to one or more of the other computing units.
  - 12. The method of claim 1, wherein the method further comprises automatically taking the first computing unit out of service.

13. A computing apparatus comprising:
- storage medium having stored therein a plurality of programming instructions designed todetermine whether integrity of the computing apparatus has been compromised;
  
  determine a degree of compromise with respect to the integrity of the computing apparatus with respect to a level of risk, if it is determined that the integrity of the computing apparatus has been compromised; and
  
  automatically soft failing the computing apparatus over to one or more of companion computing apparatuses. including transferring any active user sessions to the one or more of companion computing appratuses, if the degree of compromise with respect to the integrity of the first computing unit is determined to be below a predetermined threshold with respect to the level of risk; and
  
  a processor coupled to the storage medium to execute the programming instructions.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 14. The computing apparatus of claim 13, wherein said programming instructions are executed to perform said determining of whether integrity of the computing apparatus has been compromised regularly, on a periodic basis.
  - 15. The computing apparatus of claim 13, wherein said programming instructions are executed to perform said determining of whether integrity of a first of the computing units of the computing has been compromised continuously.
  - 16. The computing apparatus of claim 14, wherein said programming instructions are executed to perform said determining of whether integrity of the computing apparatus has been compromised by verifying a privileged kernel of an operating system of the computing apparatus has not been compromised.
  - 17. The computing apparatus of claim 16, wherein said programming instructions are further executed to perform said determining of whether integrity of the computing apparatus has been compromised by verifying other non-operating system kernel privileged software of the computing apparatus has not been compromised.
  - 18. The computing apparatus of claim 17, wherein said programming instructions are designed to further perform said determining of whether integrity of the computing apparatus has been compromised by verifying shared non-privileged software has not been compromised.
  - 19. The computing apparatus of claim 18, wherein said programming instructions are designed to further perform said determining of whether integrity of the computing apparatus has been compromised by verifying other non-shared and non-privileged software has not been compromised.
  - 20. The computing apparatus of claim 13, wherein said programming instructions are designed to perform said determining of whether integrity of the computing apparatus has been compromised by verifying certain designated system data of the computing apparatus has not been compromised.
  - 21. The computing apparatus of claim 13, wherein said programming instructions are designed to perform said determining of a degree of compromise by determining whether any software of the computing apparatus with an integrity classification greater than a predetermined level has been compromised.
  - 22. The computing apparatus of claim 13, wherein said programming instructions are designed to perform said failing of the computing apparatus over to one or more of companion computing apparatuses by automatically relocating one or more user sessions being hosted on the computing apparatus to the one or more companion computing apparatuses.
  - 23. The computing apparatus of claim 22, wherein said programming instructions are designed to perform said failing over by further automatically taking the computing apparatus out of service, upon relocating the one or more user sessions being hosted by the computing apparatus to the one or more companion computing apparatuses.
  - 24. The computing apparatus of claim 13, wherein the programming instructions are further designed to automatically take the computing apparatus out of service.

25. An apparatus comprising:
- means for determining whether integrity of the apparatus has been compromised;
  
  means for determining a degree of compromise with respect to the integrity of the apparatus with respect to a level of risk, if it is determined that the integrity of the apparatus has been compromised, andmeans for soft failing the apparatus over to one or more companion apparatuses, including transferring any active user sessions to the one or more companion apparatuses, if the degree of compromise with respect to the integrity of the apparatus is determined to be below a predetermined threshold with respect to the level of risk.

26. A computing environment, comprising:
- a first computing unit equipped to regularly determine whether its integrity has been compromised, and upon determining its integrity has been compromised, determine a degree of compromise with respect to a level of risk, and soft failing it self over to at least a second computing unit, including transferring any active user sessions to the at least a second computing unit, if the degree of compromise is determined to be below a predetermined threshold with respect to the level of risk; and
  
  the second computing unit, with the second computing unit being also equipped to regularly determine whether its integrity has been compromised, and upon determining its integrity has been compromised with respect to a level of risk, determine a degree of compromise, and soft failing itself over to at least the first computing unit, including transferring any active user sessions to the at least the first computing unit, if the degree of compromise is determined to be below a predetermined threshold with respect to the level of risk.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tripwire Incorporated (Belden Inc.)
Original Assignee
Tripwire Incorporated (Belden Inc.)
Inventors
Kim, Gene Ho, DiFalco, Robert A., Good, Thomas E.
Primary Examiner(s)
Barron, Jr.; Gilberto
Assistant Examiner(s)
LASHLEY, LAUREL L

Application Number

US10/251,545
Publication Number

US 20040059930A1
Time in Patent Office

2,035 Days
Field of Search

None
US Class Current

713/194
CPC Class Codes

G06F 21/562   Static detection

G06F 21/57   Certifying or maintaining t...

H04L 63/1441   Countermeasures against mal...

Computing environment and apparatuses with integrity based fail over

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

73 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Computing environment and apparatuses with integrity based fail over

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

73 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links