System for extranet security
First Claim
1. A system for communication with a server, the system comprising:
- a user computer configured to run a first operating environment for performing general-purpose operations, and a second operating environment configured expressly for interacting with the server in a protected communication session and is isolated from the first operating environment, where in the protected communication session the second operating environment exchanges transaction data with the server via a security protocol, where the general-purpose operations performed in the first operating environment do not affect operation of the second operating environment, and where the first operating environment does not interact with the server in the protected communication session; and
a central management subsystem coupled to the server and the user computer and external to the server and to the user computer, configured to assess a trustworthiness of the second operating environment running on the user computer including to monitor a performance of software components of the second operating environment during the protected communication session to determine if the monitored performance matches an expected performance of code for the second operating environment, the central management subsystem further to report the assessed trustworthiness to the server to cause the server to control the communication session between the server and the user computer based on the assessed trustworthiness,wherein the central management subsystem is further coupled to one or more additional servers and one or more additional user computers, each user computer configured to run respective first and second operating environments to interact in respective communication sessions with one or more of the additional servers using the second operating environments and to perform general-purpose operations using the first operating environments,wherein the second operating environments are isolated from the respective first operating environments, and the central management subsystem external to the servers and the user computers, the central management subsystem further configured to assess the trustworthiness of respective second operating environments running on the additional user computers including to monitor a performance of software components of the second operating environments during the protected communication sessions to determine if the monitored performance matches an expected performance of code for the second operating environments, the central management subsystem further to report the assessed trustworthiness to the servers to cause the server to control the communication sessions between the servers and the user computers based on the assessed trustworthiness.
3 Assignments
0 Petitions
Accused Products
Abstract
A system for communication with a server includes a user computer, which is configured to run first and second operating environments. The first operating environment is arranged to perform general-purpose operations. The second operating environment is configured expressly for interacting with the server in a communication session and is isolated from the first operating environment such that the general-purpose operations performed in the first operating environment do not affect operation of the second operating environment. The system further includes a central management subsystem, which is external to the server and to the user computer and is coupled to monitor the operation of the second operating environment running on the user computer and to control the communication session based on the monitored operation.
80 Citations
31 Claims
-
1. A system for communication with a server, the system comprising:
-
a user computer configured to run a first operating environment for performing general-purpose operations, and a second operating environment configured expressly for interacting with the server in a protected communication session and is isolated from the first operating environment, where in the protected communication session the second operating environment exchanges transaction data with the server via a security protocol, where the general-purpose operations performed in the first operating environment do not affect operation of the second operating environment, and where the first operating environment does not interact with the server in the protected communication session; and a central management subsystem coupled to the server and the user computer and external to the server and to the user computer, configured to assess a trustworthiness of the second operating environment running on the user computer including to monitor a performance of software components of the second operating environment during the protected communication session to determine if the monitored performance matches an expected performance of code for the second operating environment, the central management subsystem further to report the assessed trustworthiness to the server to cause the server to control the communication session between the server and the user computer based on the assessed trustworthiness, wherein the central management subsystem is further coupled to one or more additional servers and one or more additional user computers, each user computer configured to run respective first and second operating environments to interact in respective communication sessions with one or more of the additional servers using the second operating environments and to perform general-purpose operations using the first operating environments, wherein the second operating environments are isolated from the respective first operating environments, and the central management subsystem external to the servers and the user computers, the central management subsystem further configured to assess the trustworthiness of respective second operating environments running on the additional user computers including to monitor a performance of software components of the second operating environments during the protected communication sessions to determine if the monitored performance matches an expected performance of code for the second operating environments, the central management subsystem further to report the assessed trustworthiness to the servers to cause the server to control the communication sessions between the servers and the user computers based on the assessed trustworthiness. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A user computer, comprising:
-
a first operating environment for performing general-purpose operations; and a second operating environment configured expressly for interacting with a server in a protected communication session and is isolated from the first operating environment, where in the protected communication session the second operating environment exchanges transaction data with the server via a security protocol, where the general-purpose operations performed in the first operating environment do not affect operation of the second operating environment, and where the first operating environment does not interact with the server in the protected communication session, the second operating environment further coupled to provide information to a central management subsystem external to the user computer to enable the central management subsystem to assess a trustworthiness of the second operating environment including to monitor a performance of software components of the second operating environment during the protected communication session to determine if the monitored performance matches an expected performance of code for the second operating environment, the central management subsystem further to report the assessed trustworthiness to the server to cause the server to control the communication session between the server and the user computer based on the assessed trustworthiness, wherein the central management subsystem is further coupled to one or more additional servers and one or more additional user computers, each user computer configured to run respective first and second operating environments to interact in respective communication sessions with one or more of the additional servers using the second operating environments and to perform general-purpose operations using the first operating environments, wherein the second operating environments are isolated from the respective first operating environments, and the central management subsystem external to the servers and the user computers, the central management subsystem further configured to assess the trustworthiness of respective second operating environments running on the additional user computers including to monitor a performance of software components of the second operating environments during the protected communication sessions to determine if the monitored performance matches an expected performance of code for the second operating environments, the central management subsystem further to report the assessed trustworthiness to the servers to cause the server to control the communication sessions between the servers and the user computers based on the assessed trustworthiness.
-
-
31. A computer software product for use in a user computer, the product comprising a non-transitory computer-readable storage medium, in which program instructions are stored, which instructions, when executed by the user computer, cause the user computer
to run a first operating environment for performing general-purpose operations, to run a second operating environment configured expressly for interacting with a server in a protected communication session and is isolated from the first operating environment, where in the protected communication session the second operating environment exchanges transaction data with the server via a security protocol, where the general-purpose operations performed in the first operating environment do not affect operation of the second operating environment, and where the first operating environment does not interact with the server in the protected communication session, and to provide information by the second operating environment to a central management subsystem external to the user computer to enable the central management subsystem to assess a trustworthiness of the second operating environment including to monitor a performance of software components of the second operating environment during the protected communication session to determine if the monitored performance matches an expected performance of code for the second operating environment, and to control the communication session between the server and the user computer based on the assessed trustworthiness, wherein the central management subsystem is further coupled to one or more additional servers and one or more additional user computers, each user computer configured to run respective first and second operating environments to interact in respective communication sessions with one or more of the additional servers using the second operating environments and to perform general-purpose operations using the first operating environments, wherein the second operating environments are isolated from the respective first operating environments, and the central management subsystem external to the servers and the user computers, the central management subsystem further configured to assess the trustworthiness of respective second operating environments running on the additional user computers including to monitor a performance of software components of the second operating environments during the protected communication sessions to determine if the monitored performance matches an expected performance of code for the second operating environments, the central management subsystem further to report the assessed trustworthiness to the servers to cause the server to control the communication sessions between the servers and the user computers based on the assessed trustworthiness.
Specification