Systems and methods for implementing computer security
First Claim
1. A computer system comprising:
- one or more processing units;
a memory, coupled to at least one of the one or more processing units, the memory storing an operating system, wherein an agent executive runs within the operating system, the agent executive executed by at least one of the one or more processing units, the agent executive including instructions for;
receiving an agent identity token from a grid computer system, wherein the agent identity token includes a unique cryptographic key assigned to the agent executive;
collecting information about the computer system for an evaluation of integrity of the agent executive, according to a plurality of agent self-verification factors;
encrypting the collected information using the cryptographic key;
transmitting the encrypted information to the grid computer system;
retrieving an encrypted first set of commands from the grid computer system, wherein the first set of commands is selected by the grid computer system in response to the transmitted encrypted information;
decrypting the encrypted first set of commands using the cryptographic key; and
executing, at the computer system, each command in the first set of commands.
4 Assignments
0 Petitions
Accused Products
Abstract
A computer system includes memory storing an operating system. An agent executive runs within the operating system. The agent executive receives an agent identity token from a grid computer system. The agent identity token includes a unique cryptographic key assigned to the agent executive. The agent executive collects information about the computer system for an evaluation of integrity of the agent executive, according to a plurality of agent self-verification factors. The agent executive encrypts the collected information using the cryptographic key and transmits the encrypted information to the grid computer system. The agent executive retrieves an encrypted set of commands from the grid computer system, which are selected by the grid computer system in response to the transmitted information. The agent executive decrypts the encrypted set of commands and executes, at the computer system, each command in the set of commands.
-
Citations
30 Claims
-
1. A computer system comprising:
-
one or more processing units; a memory, coupled to at least one of the one or more processing units, the memory storing an operating system, wherein an agent executive runs within the operating system, the agent executive executed by at least one of the one or more processing units, the agent executive including instructions for; receiving an agent identity token from a grid computer system, wherein the agent identity token includes a unique cryptographic key assigned to the agent executive; collecting information about the computer system for an evaluation of integrity of the agent executive, according to a plurality of agent self-verification factors; encrypting the collected information using the cryptographic key; transmitting the encrypted information to the grid computer system; retrieving an encrypted first set of commands from the grid computer system, wherein the first set of commands is selected by the grid computer system in response to the transmitted encrypted information; decrypting the encrypted first set of commands using the cryptographic key; and executing, at the computer system, each command in the first set of commands. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A grid computer system comprising:
-
one or more processing units; a memory, coupled to at least one of the one or more processing units, the memory storing a grid node, the grid node executed by at least one of the one or more processing units, the grid node including instructions for; receiving a request from an agent executive running within an operating system on a remote computer distinct from the grid computer system; generating a unique agent identity token, which includes a cryptographic key; transmitting the agent identity token to the agent executive; receiving encrypted information, signed with a cryptographic digital signature, from the remote computer for an evaluation of the integrity of the agent executive based upon a plurality of agent self-verification factors; decrypting the received encrypted information using the cryptographic key to form decrypted information; and verifying the integrity of the agent executive based on the decrypted information. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A non-transitory computer readable storage medium storing one or more programs configured for execution by a computer system having one or more processors and memory, the one or more programs comprising instructions for:
-
receiving an agent identity token from a grid computer system, distinct from the computer system, wherein the agent identity token includes a unique cryptographic key assigned to the computer system; collecting information about the computer system for an evaluation of integrity of the one or more programs, according to a plurality of agent self-verification factors; encrypting the collected information using the cryptographic key; transmitting the encrypted information to the grid computer system; retrieving an encrypted first set of commands from the grid computer system, wherein the first set of commands are selected by the grid computer system in response to the transmitted encrypted information; decrypting the encrypted first set of commands using the cryptographic key; and executing, at the computer system, each command in the first set of commands.
-
-
30. A non-transitory computer readable storage medium storing one or more programs configured for execution by a computer system having one or more processors and memory, the one or more programs comprising instructions for:
-
receiving a request from an agent executive running within an operating system on a remote computer distinct from the computer system, wherein the request includes a unique identifier of the agent executive; generating a unique agent identity token, which includes a cryptographic key; transmitting the agent identity token to the agent executive; receiving encrypted information, signed with a cryptographic digital signature, from the remote computer for an evaluation of the integrity of the agent executive based upon a plurality of agent self-verification factors; decrypting the received encrypted information using the cryptographic key to form decrypted information; and verifying the integrity of the agent executive based on the decrypted information.
-
Specification