Trustable communities for a computer system

US 7,809,955 B2
Filed: 10/17/2006
Issued: 10/05/2010
Est. Priority Date: 10/17/2006
Status: Active Grant

First Claim

Patent Images

1. A computer node, comprising:

a network interface;

a processor communicatively coupled with the network interface and having an operating system executing thereon; and

a hardware element communicatively coupled with the processor, wherein the hardware element is not managed by the operating system, wherein the computer node receives one or more managing software elements and one or more security dependencies for managed software elements via the network interface and installs the managing software elements on the computer node under management of the operating system, and wherein the computer node executes the managing software elements under management of the operating system whereby operation of managed software elements is conditioned on determinations of trustworthiness of other managed software elements made using the security dependencies, findings of untrustworthiness are logged in a log file maintained on the computer node, and integrity of the managing software elements, the security dependencies and the log file are verified at least in part by validating one or more hash values cryptographically signed by the hardware element.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A trustable community for a computer system includes multiple software components that have security interdependence. A trustable community attempts to stop malware from compromising one software component within the community by conditioning operation of the software component upon a determination of present trustworthiness of itself and other software components within the community. Present trustworthiness may be determined through hash checks and application of community rules defining conditions under which software components are trustworthy.

22 Citations

View as Search Results

25 Claims

1. A computer node, comprising:
- a network interface;
  
  a processor communicatively coupled with the network interface and having an operating system executing thereon; and
  
  a hardware element communicatively coupled with the processor, wherein the hardware element is not managed by the operating system, wherein the computer node receives one or more managing software elements and one or more security dependencies for managed software elements via the network interface and installs the managing software elements on the computer node under management of the operating system, and wherein the computer node executes the managing software elements under management of the operating system whereby operation of managed software elements is conditioned on determinations of trustworthiness of other managed software elements made using the security dependencies, findings of untrustworthiness are logged in a log file maintained on the computer node, and integrity of the managing software elements, the security dependencies and the log file are verified at least in part by validating one or more hash values cryptographically signed by the hardware element.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The computer node of claim 1, wherein launch of a first managed software element is prevented on finding nonconformance of a second managed software element with a load-time security dependency for the first managed software element.
  - 3. The computer node of claim 1, wherein operation of a first managed software element is terminated on finding nonconformance of a second managed software element with a runtime security dependency for the first managed software element.
  - 4. The computer node of claim 1, wherein operation of a first managed software element is conditioned on validation of a hash value of a second managed software element.
  - 5. The computer node of claim 1, wherein operation of a first managed software element is conditioned on an operational state of a second managed software element.
  - 6. The computer node of claim 1, wherein operation of a first managed software element on the computer node is conditioned on a determination of trustworthiness of a second managed software element on a second computer node made using one or more security dependencies.
  - 7. The computer node of claim 1, wherein operation of a first managed software element is conditioned on a determination of trustworthiness of a second managed software element made using one or more security dependencies, and wherein operation of a first community of software elements including the first managed software element and the second managed software element is conditioned on a determination of trustworthiness of a second community of software elements made using one or more security dependencies.
  - 8. The computer node of claim 1, wherein upon updating the log file a hash value of the updated log file is cryptographically signed by the hardware element.
  - 9. The computer node of claim 1, wherein upon updating a managing software element a hash value of the managing software element is cryptographically signed by the hardware element.

10. A method for maintaining trustable communities, comprising the steps of:
- receiving on a computer node one or more managing software elements and security dependencies for managed software elements;
  
  installing on the computer node, under management of an operating system executing on the computer node, the managing software elements;
  
  conditioning by the computer node, under management of the operating system, operation of managed software elements on determinations of trustworthiness of other managed software elements made using the security dependencies;
  
  logging by the computer node in a log file maintained on the computer node, under management of the operating system, findings of untrustworthiness; and
  
  verifying by the computer node, under management of the operating system, integrity of the managing software elements, the security dependencies and the log file at least in part by validating one or more hash values cryptographically signed by a hardware element on the computer node, wherein the hardware element is not managed by the operating system.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10, wherein launch of a first managed software element is prevented on finding nonconformance of a second managed software element with a load-time security dependency for the first managed software element.
  - 12. The method of claim 10, wherein operation of a first managed software element is terminated on finding nonconformance of a second managed software element with a runtime security dependency for the first managed software element.
  - 13. The method of claim 10, wherein operation of a first managed software element is conditioned on validation of a hash value of a second managed software element.
  - 14. The method of claim 10, wherein operation of a first managed software element is conditioned on operational state of a second managed software element.
  - 15. The method of claim 10, wherein operation of a first managed software element on the computer node is conditioned on a determination of trustworthiness of a second managed software element on a second computer node made using one or more security dependencies.
  - 16. The method of claim 10, wherein operation of a first managed software element is conditioned on a determination of trustworthiness of a second managed software element made using one or more security dependencies, and wherein operation of a first community of software elements including the first managed software element and the second managed software element is conditioned on a determination of trustworthiness of a second community of software elements made using one or more security dependencies.
  - 17. The method of claim 10, further comprising the steps of updating by the computer node, under management of the operating system, the log file and cryptographically signing by the hardware element a hash value of the updated log file.
  - 18. The method of claim 10, further comprising the steps of receiving on the computer node updated managing software elements and cryptographically signing by the hardware element a hash value of the updated managing software elements.

19. A management node, comprising:
- a management console; and
  
  a network interface, wherein under control of the management console the management node downloads via the network interface one or more managing software elements and one or more security dependencies for managed software elements to a computer node whereon the managing software elements are installed and executed under management of an operating system executing on the computer node whereby operation of managed software elements is conditioned on determinations of trustworthiness of other managed software elements made using the security dependencies, findings of untrustworthiness are logged in a log file maintained on the computer node and integrity of the managing software elements, the security dependencies and the log file are verified by validating one or more hash values cryptographically signed by a hardware element on the computer node that is not managed by the operating system.
- View Dependent Claims (20, 21, 22, 23, 24, 25)
- - 20. The management node of claim 19, wherein launch of a first managed software element is prevented on finding nonconformance of a second managed software element with a load-time security dependency for the first managed software element.
  - 21. The management node of claim 19, wherein operation of a first managed software element is terminated on finding nonconformance of a second managed software element with a runtime security dependency for the first managed software element.
  - 22. The management node claim 19, wherein operation of a first managed software element is conditioned on validation of a hash value of a second managed software element.
  - 23. The management node of claim 19, wherein operation of a first managed software element is conditioned on operational state of a second managed software element.
  - 24. The management node of claim 19, wherein operation of a first managed software element on the computer node is conditioned on a determination of trustworthiness of a second managed software element on a second computer node made using one or more security dependencies.
  - 25. The management node of claim 19, wherein operation of a first managed software element is conditioned on a determination of trustworthiness of a second managed software element made using one or more security dependencies, and wherein operation of a first community of software elements including the first managed software element and the second managed software element is conditioned on a determination of trustworthiness of a second community of software elements made using one or more security dependencies.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AppGuard LLC
Original Assignee
Blue Ridge Networks Incorporated
Inventors
Comlekoglu, Fatih
Primary Examiner(s)
SMITHERS, MATTHEW

Application Number

US11/581,861
Publication Number

US 20080092235A1
Time in Patent Office

1,449 Days
Field of Search

713/187
US Class Current

713/187
CPC Class Codes

G06F 11/326   for error or online/offline...

G06F 21/51   at application loading time...

G06F 21/52   during program execution, e...

G06F 21/55   Detecting local intrusion o...

G06F 21/554   involving event detection a...

G06F 21/57   Certifying or maintaining t...

G06F 2221/2101   Auditing as a secondary aspect

H04L 2209/127   Trusted platform modules [TPM]

H04L 9/3236   using cryptographic hash fu...

Trustable communities for a computer system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

22 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Trustable communities for a computer system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links