Secure gateway communication systems and methods
First Claim
1. A security system comprising:
- a microkernel configured to provide a gateway for communication between a first entity and a second entity, wherein the first entity and second entity are configured to initiate actions subject to monitoring, and wherein the microkernel is further configured to intercept an action along the gateway between the first entity and the second entity;
computing hardware, including at least one processor, a data store, and input/output facilities interfaced with the at least one processor, the data store including a security subsystem executable by the at least one processor, that, when executed, causes the computing hardware to implement;
a security server engine configured to check whether the action is permissible by computing a verdict based on a plurality of policies, wherein the security server is unable to apply the verdict, and wherein each of the plurality of policies are defined by a conjunction of at least a first predefined access mechanism and a second predefined access mechanism;
a first gateway associated with the first entity and configured to apply a first verdict to the first entity; and
a second gateway associated with the second entity and configured to apply a second verdict to the second entity,wherein the first gateway and the second gateway are configured according to a system-level configuration applicable to both the first entity and the second entity, and a reflection configuration specific to the one of the first entity or the second entity, wherein the reflection configuration maps a plurality of entity actions to a security policy.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer security architecture applies selected rules from among a set of rules defining one or more security policies to a given set of security context parameters to produce security verdicts, each representing whether a certain action requested by a subject entity is permissible. Each security policy is associated with a corresponding communication interface. A plurality of gateway engines are each associated with at least one of the subject entities and dedicated to interfacing with the security server. Each of the gateway engines carries out monitoring of requested actions by the associated subject entity and, for each requested action, identifies a security context. A security policy is determined for the requested action based on a corresponding security context, and a security verdict is obtained via a communication interface corresponding to the applicable security policy.
25 Citations
19 Claims
-
1. A security system comprising:
-
a microkernel configured to provide a gateway for communication between a first entity and a second entity, wherein the first entity and second entity are configured to initiate actions subject to monitoring, and wherein the microkernel is further configured to intercept an action along the gateway between the first entity and the second entity; computing hardware, including at least one processor, a data store, and input/output facilities interfaced with the at least one processor, the data store including a security subsystem executable by the at least one processor, that, when executed, causes the computing hardware to implement; a security server engine configured to check whether the action is permissible by computing a verdict based on a plurality of policies, wherein the security server is unable to apply the verdict, and wherein each of the plurality of policies are defined by a conjunction of at least a first predefined access mechanism and a second predefined access mechanism; a first gateway associated with the first entity and configured to apply a first verdict to the first entity; and a second gateway associated with the second entity and configured to apply a second verdict to the second entity, wherein the first gateway and the second gateway are configured according to a system-level configuration applicable to both the first entity and the second entity, and a reflection configuration specific to the one of the first entity or the second entity, wherein the reflection configuration maps a plurality of entity actions to a security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A security server comprising:
-
computing hardware, including at least one processor, a data store, and input/output facilities interfaced with the at least one processor, the data store containing an operating system and a plurality of subject entities executable by the at least one processor; the data store further comprising a security subsystem executable by the at least one processor, that, when executed, causes the computing hardware to implement; a plurality of security policies, wherein each of the plurality of security policies comprises a set of rules that operate on parameters related to an action requested by a subject entity to produce a security verdict, and wherein each of the plurality of security policies are defined by a conjunction of at least a first predefined access mechanism and a second predefined access mechanism, a plurality of communication interfaces, wherein each of the plurality of communication interfaces is associated with one of the plurality of security policies, and wherein each of the plurality of communication interfaces is configured to receive a request from a specific requesting gateway and return the security verdict to the requesting gateway; and wherein the security server operates outside of functional logic of the plurality of subject entities and is unable to apply the security verdict, and wherein the requesting gateway is configured according to a system-level configuration applicable a plurality of gateways, and a reflection configuration specific to the requesting gateway, wherein the reflection configuration maps a plurality of entity actions to a security policy. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A security gateway comprising:
-
computing hardware, including at least one processor, a data store, and input/output facilities interfaced with the at least one processor, the data store containing an operating system and a first entity and a second entity executable by the at least one processor; the data store further comprising a security subsystem executable by the at least one processor, that, when executed, causes the computing hardware to implement; a first gateway engine associated with the first entity and comprising a verdicts cache configured to store previously-rendered security verdicts corresponding to the first gateway engine, wherein the first gateway engine is configured to; provide a channel for the first entity to communicate an event with the second entity or the operating system, determine a particular communication method of the event, determine a security policy corresponding to the particular communication method, identify a security context of the first entity and the second entity or the operating system, determine if a security verdict corresponding to the event exists in the verdicts cache, and if the security verdict exists in the verdicts cache, return the security verdict, and if the security verdict does not exist in the verdicts cache, request a security verdict from the security server based on the security context, wherein the first gateway engine is unable to produce the security verdict; wherein the first gateway is configured according to a system-level configuration applicable to both the first entity and the second entity, and a reflection configuration specific to the first entity, wherein the reflection configuration maps a plurality of entity actions to a security policy. - View Dependent Claims (16, 17, 18, 19)
-
Specification