Jumping application security system

US 7,735,134 B2
Filed: 10/15/2003
Issued: 06/08/2010
Est. Priority Date: 10/16/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A computer implemented jumping application security console that maintains the security of a jumping application that is jumping between two or more hosts connected to the security console though a network, the security console comprising:

a security module that controls the security of a jumping application;

a database that contains one or more pieces of code and a description of each piece of code, wherein each piece of code implements a particular behavior; and

wherein the security module further comprises instructions to replace code from the jumping application that implements a first behavior with a piece of code from the database into the jumping application that implements the first behavior when the jumping application is received at the security console during a jump between hosts, and where the code is replaced for each jump of the jumping application between hosts.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A jumping application security system and method provides known safe code for the jumping applications on each jump. A participating host specifies the desired code by describing the desired behavior. The security system provides the specified code on behalf of the host.

27 Citations

26 Claims

1. A computer implemented jumping application security console that maintains the security of a jumping application that is jumping between two or more hosts connected to the security console though a network, the security console comprising:
- a security module that controls the security of a jumping application;
  
  a database that contains one or more pieces of code and a description of each piece of code, wherein each piece of code implements a particular behavior; and
  
  wherein the security module further comprises instructions to replace code from the jumping application that implements a first behavior with a piece of code from the database into the jumping application that implements the first behavior when the jumping application is received at the security console during a jump between hosts, and where the code is replaced for each jump of the jumping application between hosts.
- View Dependent Claims (2, 3, 4, 26)
- - 2. The console of claim 1, wherein the instructions that replace code further comprise instructions to remove any existing code in the jumping application and instructions to insert a piece of code from the database into the jumping application that implements the particular behavior.
  - 3. The console of claim 1, wherein the security module further comprises instructions to receive a request for a piece of code from the database, by a host, that implements a particular behavior for a jumping application.
  - 4. The console of claim 1, wherein the instructions to replace the code further comprise instructions to remove the code from the jumping application, instructions to store a list of the code removed from the jumping application, and instructions to insert a piece of code from the database into the jumping application based on the list of code removed from the jumping application.
  - 26. The computer implemented jumping application security console of claim 1, where the piece of code corresponds to a program for implementing the particular behavior.

5. A computer implemented jumping application security console that maintains the security of a jumping application that is jumping between two or more hosts connected to the security console though a network, the security console being distinct from each of the two or more hosts, the security console comprising:
- means for controlling the security of a jumping application;
  
  means for storing one or more pieces of code and a description of each piece of code, wherein each piece of code implements a particular behavior; and
  
  wherein the security controlling means further comprises means for replacing code from the jumping application that implements a first behavior with a piece of code from the database into the jumping application that implements the first behavior when the jumping application is received at the security console during a jump between hosts, and where the code is replaced during each jump between hosts.
- View Dependent Claims (6, 7, 8)
- - 6. The console of claim 5, wherein the replacing means further comprises means for removing any existing code in the jumping application and means for inserting a piece of code from the means for storing that implements the particular behavior into the jumping application.
  - 7. The console of claim 5, wherein the security module further comprises means for receiving a request for a piece of code from the means for storing, by a host, that implements a particular behavior for a jumping application.
  - 8. The console of claim 5, wherein the replacing means further comprises means for removing the code from the jumping application, means for storing a list of the code removed from the jumping application, and means for inserting a piece of code of from the means for storing into the jumping application based on the list of code removed from the jumping application.

9. A computer-implemented method for controlling the security of a jumping application in a jumping application system, the jumping application system including a plurality of distinct hosts and a security console distinct from the plurality of hosts, the method comprising:
- receiving the jumping application at the security console from a host;
  
  identifying a piece of code in the jumping application that implements a particular behavior;
  
  removing the identified piece of code in the jumping application that implements the particular behavior each time the jumping application jumps between hosts so that the jumping application does not include the piece of code when it is executed by a next host in the jumping application system; and
  
  sending the jumping application to the next host.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The method of claim 9, further comprising replacing the identified piece of code with a replacement piece of code including removing the existing piece of code in the jumping application and then inserting a replacement piece of code that implements the particular behavior into the jumping application.
  - 11. The method of claim 9, further comprising:
    - receiving a request, from the host, for code that implements the particular behavior for the jumping application; and
      
      identifying available code in a database; and
      
      receiving a selection, from the host, of and selecting, by the host, the piece of code to be added in the jumping application.
  - 12. The method of claim 11, wherein adding the selected piece of code further comprises downloading the piece of code to the host in response to the selection of the piece of code by the host for insertion into the jumping application to implement the particular behavior.
  - 13. The method of claim 10, wherein replacing the code further comprises removing the code from the jumping application by the security console, storing a list of the code removed from the jumping application and inserting the replacement piece of code into the jumping application by the security console based on the list of code removed from the jumping application.

14. A jumping application security system, comprising:
- a security console computer system that control the security of a jumping application in the jumping application security system;
  
  one or more host computers connected to the security console computer system through a computer network, wherein each host computer executes a jumping application; and
  
  wherein the security console computer system further comprises a database that contains one or more pieces of code and a description of each piece of code, wherein each piece of code implements a particular behavior and a security module that comprises instructions that replace code from the jumping application that implements a first behavior with a piece of code from the database when the jumping application is received at the security console during a jump between hosts, and where the code is replaced into the jumping application that implements the first behavior each time the jumping application jumps between hosts.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The system of claim 14, wherein the instructions to replace the code further comprise instructions to remove any existing code in the jumping application and instructions to insert a piece of code from the database into the jumping application that implements the particular behavior.
  - 16. The system of claim 14, wherein the console further comprises instructions to receive a request for a piece of code from the database that implements a particular behavior for a jumping application for a host computer.
  - 17. The system of claim 16, wherein the instructions to receive a request further comprise instructions on the host computer to generate a query of the pieces of code contained in a database of the security console and instructions on the host computer to select a particular piece of code to be replaced in the jumping application.
  - 18. The system of claim 17, wherein the instructions to replace the code further comprise instructions to download the selected piece of code to the host computer in response to the selection of the piece of code by the host and instructions on the host computer to insert the selected piece of code into the jumping application to implement the particular behavior.
  - 19. The system of claim 14, wherein the instructions to replace the code further comprise instructions in the security console to remove the code from the jumping application, instructions in the security console to store a list of the code removed from the jumping application, and instructions in the security console to insert a piece of code from the database into the jumping application by the security console based on the list of code removed from the jumping application.

20. A server computer for a jumping application security system, the server comprising:
- a processor;
  
  a memory connected to the processor;
  
  a database connected to the processor that contains one or more pieces of code and a description of each piece of code, wherein each piece of code implements a particular behavior; and
  
  wherein the memory further comprises instructions that replace code from a jumping application received from a first host through a network that implements a first behavior with a piece of code from the database into the jumping application that implements the first behavior each time the jumping application including code that implements the first behavior jumps from the first host to a second host, the first host and the second host being distinct from the server computer.
- View Dependent Claims (21, 22, 23)
- - 21. The server of claim 20, wherein the instructions to replace the code further comprise instructions to remove any existing code in the jumping application and instructions to insert a piece of code from the database into the jumping application that implements the particular behavior.
  - 22. The server of claim 21, wherein the instructions to replace the code further comprise instructions to download the piece of code to the first host in response to the selection of the piece of code by the first host and instructions on the first host to insert the piece of code into the jumping application to implement the particular behavior.
  - 23. The server of claim 20, wherein the instructions to replace the code further comprise instructions in the security console to remove the code from the jumping application, instructions in the security console to store a list of the code removed from the jumping application, and instructions in the security console that insert a piece of code from the database into the jumping application by the security console based on the list of code removed from the jumping application.

24. A computer-implemented method comprising:
- receiving a jumping application at a server from a first host during a jump from the first host to a second host;
  
  determining whether the first host has been designated as an untrusted host;
  
  when the first host is an untrusted host, determining whether the received jumping application includes code that implements a particular behavior and when the jumping application includes the code, replacing the code in the jumping application that implements a particular behavior with a piece of code that implements the particular behavior in the jumping application so that the jumping application has the particular behavior when it is executed by the second host; and
  
  forwarding the jumping application to the second host.

25. A jumping application security system, comprising:
- a security console computer system that control the security of a jumping application in the jumping application security system;
  
  one or more host computers connected to the security console computer system through a computer network, wherein each host computer executes a jumping application; and
  
  wherein the security console computer system further comprises a database that contains one or more pieces of code and a description of each piece of code and a security module that comprises instructions that replace code from the jumping application with a piece of code from the database when the jumping application is received at the security console during a jump between hosts and where the code is replaced each time the jumping application jumps between hosts.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aramira Corporation
Original Assignee
Aramira Corporation
Inventors
Rygaard, Christopher A.
Primary Examiner(s)
Song; Hosuk
Assistant Examiner(s)
MORAN, RANDAL D

Application Number

US10/686,886
Publication Number

US 20040139345A1
Time in Patent Office

2,428 Days
Field of Search

726 22- 25, 726 26- 27, 713187-188, 717/168, 717/171, 717172-173, 709223-226
US Class Current

726/22
CPC Class Codes

G06F 21/562   Static detection

H04L 63/12   Applying verification of th...

H04L 67/34   involving the movement of s...

Jumping application security system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

27 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Jumping application security system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links