Trust map management and user interface
First Claim
1. A method for operating a computing device, the method comprising:
- obtaining a data set comprising a plurality of entities, the plurality of entities including at least one cryptographic key instance, at least one system identifier, at least one client identifier and at least one server identifier, at least one cryptographic key instance defining at least one trust relationship between a client identified by the at least one client identifier and a server identified by the at least one server identifier;
identifying a selected entity from the data set;
displaying at a hub region of a display device, a representation of the selected entity;
displaying at a spoke region of the display device, a representation of a plurality of non-selected entities, wherein the selected hub entity and the plurality of non-selected spoke entities forming a hub and spoke diagram and once the selected hub entity is identified, all other non-selected spoke entities are displayed in the spoke region arranged radially relative to the selected hub entity on a trust map with the trust relationship comprising an annotation illustrating a direction of a trust relationship;
presenting a representation of the trust relationship between the hub entity and each of the plurality of spoke entities, the trust relationship determined by at least one public/private key pair between the hub entity and each of the plurality of spoke entities;
receiving a gesture or command indicating an action to be taken; and
executing the action on the computing device.
7 Assignments
0 Petitions
Accused Products
Abstract
In an example embodiment, a user interface is presented for interacting with a trust map identifying trust relationships between clients/users and servers/hosts. The trust relationships are defined by public/private key pairs in Secure Shell (SSH), Secure File Transfer Protocol (SFTP), Transport Layer Security/Secure Sockets Layer (TLS/SSL), Secure Multipurpose Internet Mail Extensions (S/MIME), Internet Protocol Security (IPsec), and so forth. A selected entity such as a server, client, client/server, key set, policy, and so forth is selected and displayed at the center of a hub/spoke diagram. Non-selected entities having a trust relationship with the hub entity are displayed as spokes. Similar spoke entitles may be grouped together. Trust relationships and related properties are displayed as lines between the hub and spoke entities. A user performs actions on the entities by manipulation of the hub, spoke, trust relationship and related user interface elements.
9 Citations
20 Claims
-
1. A method for operating a computing device, the method comprising:
-
obtaining a data set comprising a plurality of entities, the plurality of entities including at least one cryptographic key instance, at least one system identifier, at least one client identifier and at least one server identifier, at least one cryptographic key instance defining at least one trust relationship between a client identified by the at least one client identifier and a server identified by the at least one server identifier; identifying a selected entity from the data set; displaying at a hub region of a display device, a representation of the selected entity; displaying at a spoke region of the display device, a representation of a plurality of non-selected entities, wherein the selected hub entity and the plurality of non-selected spoke entities forming a hub and spoke diagram and once the selected hub entity is identified, all other non-selected spoke entities are displayed in the spoke region arranged radially relative to the selected hub entity on a trust map with the trust relationship comprising an annotation illustrating a direction of a trust relationship; presenting a representation of the trust relationship between the hub entity and each of the plurality of spoke entities, the trust relationship determined by at least one public/private key pair between the hub entity and each of the plurality of spoke entities; receiving a gesture or command indicating an action to be taken; and executing the action on the computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
a hardware processor; memory coupled to the processor; a display of a trust map upon which the processor displays a graphical user interface, the graphical user interface comprising; a graphical user interface element representing a hub entity selected based on whether the hub entity is a server, a client, or a client/server, the hub entity displayed at a hub region of the display; a graphical user interface element representing each of a plurality of spoke entities selected based on whether each spoke entity is a server, a client, or a client/server, the plurality of spoke entities displayed at a spoke region of the display, the graphical user interface elements of the hub entity and the plurality of spoke entities forming a hub and spoke diagram and once the hub entity is selected by a user, all other non-selected spoke entities are displayed in the spoke region arranged radially relative to the selected hub entity on the trust map with the trust relationship comprising an annotation illustrating a direction of a trust relationship; a representation of the trust relationship between the hub entity and each of the plurality of spoke entities, the trust relationship determined by at least one public/private key pair between the hub entity and each of the plurality of spoke entities, the representation comprising an annotation indicating at least one of; an indication of a direction of the trust relationship and a key option associated with the public portion of the at least one public/private key pair or the private portion of the at least one public/private key pair, or both the public portion and the private portion of the at least one public/private key pair. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A machine readable storage device having executable instructions encoded thereon, which when executed by a hardware processor of a system, cause the system to:
-
display a user interface allowing an administrator to view and interact with a plurality of entities through manipulation of visual representations of each of the plurality of entities; and obtain a data set comprising a plurality of entities, the plurality of entities including at least one cryptographic key instance, at least one system identifier, at least one client identifier and at least one server identifier, at least one cryptographic key instance defining at least one trust relationship between a client identified by the at least one client identifier and a server identified by the at least one server identifier; identify a selected entity from the data set; display at a hub region of a display device, a representation of the selected entity; display at a spoke region of the display device, a representation of a plurality of non-selected entities, wherein the selected hub entity and the plurality of non-selected spoke entities forming a hub and spoke diagram and once the selected hub entity is identified, all other non-selected spoke entities are displayed in the spoke region arranged radially relative to the selected hub entity on a trust map with the trust relationship comprising an annotation illustrating a direction of a trust relationship; present a representation of the trust relationship between the hub entity and each of the plurality of spoke entities, the trust relationship determined by at least one public/private key pair between the hub entity and each of the plurality of spoke entities; receive a gesture or command indicating an action to be taken; and execute the action on the computing device. - View Dependent Claims (18, 19, 20)
-
Specification