Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1998-07-17
2001-03-27
Swann, Tod R. (Department: 2767)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S152000, C713S164000, C713S151000
Reexamination Certificate
active
06209101
ABSTRACT:
FIELD OF THE INVENTION
This invention relates generally to the field of secure computing environments, and more particularly to an adaptive security system having a hierarchy of security servers.
BACKGROUND
In order to control the management, protection and distribution of sensitive information, an organization defines a security policy and implements the policy through various laws, rules and practices. A security policy has several objectives. First, a security policy strives to maintain the confidentiality of the sensitive information by protecting the information from improper disclosure to unauthorized users. Second, a security policy seeks to maintain the integrity of the information by ensuring that users do not modify data to which they are not authorized and authorized users do not corrupt the information by improper operations. Finally, the policy seeks to minimize any burden on the availability and accessibility of the information to authorized users incurred as a result of the policy.
In a computing environment, an operating system controls access to resources such as files and network devices. Often a policy engine, also referred to as a security server, is used in conjunction with the operating system and calculates permissions to the resources based on the organization's security policy. Therefore, the policy engine must reflect the policies of the organization. This is often difficult because organizational policies change over time due to unforseen events such as organizational restructuring, formation of new alliances, and the onset of emergency situations. Implementing a policy engine in a computing environment is further complicated by the fact that organization policies often change during normal operations. For example, some organizations, such as banks, have different security policies for business hours than for evenings and weekends. Conventional policy engines are static and are unable to adapt to organizational policy changes. For the reasons stated above, and for other reasons stated below which will become apparent to those skilled in the art upon reading and understanding the present specification, there is a need in the art for an adaptive security system which can readily adjust to organizational policy changes. Furthermore, there is a need for a security system which can dynamically implement new security policies and terminate out-of-date policies.
SUMMARY OF THE INVENTION
As explained in detail below, the present invention is directed to an adaptive method and system for controlling access to resources in a computing environment. In one embodiment, the invention is a security system having a plurality of security servers. Each security server includes a set of security associations. An enforcement mechanism is communicatively coupled to the plurality of security servers and enforces a request to access one of the plurality of resources by querying one of the security servers. According to one feature of the invention, the enforcement mechanism includes an operating system kernel having a task control block for each of a plurality of tasks executing in the computing environment. The enforcement mechanism queries a primary security server that is identified in the task control block of the corresponding task.
According to another aspect of the invention, each primary security server is a task executing within the computing environment. The task control block of each primary security server identifies a parent security server for resolving resource requests that the primary security server is unable to resolve, thereby forming a hierarchy of security servers. Preferably, one of the security servers is a root security server. According to the present invention, security servers may be dynamically created and removed. To create a new security server, the kernel spawns the new security server as a task and links it to the hierarchy of existing security servers. More specifically, the kernel assigns the created security server a parent security server for handling resource requests that the created security sever is unable to resolve. The parent security sever is typically the default security server, i.e., the primary security server of the task that initiated the creation.
The kernel terminates a security server by identifying the tasks that have the terminated security server as a primary security server and setting the primary security server of each identified task to the parent security server of the terminated security server. According to another feature, the enforcement mechanism queries the security servers by generating an encrypted or digitally signed message and communicating the message to the queried security server.
In another embodiment, the invention is a method for controlling access to a plurality of resources in a computing environment. A user request to access one of the resources of the computing environment is received. Based on this request, at least one of a plurality of security servers is queried to resolve the resource request according to a set of security associations. The request is enforced as a function of a response from the queried security server.
In yet another embodiment, the present invention is a software program for processing user requests to access resources in a computing environment. The software program creates a hierarchy of security servers and assigns each user a primary security server. The software program enforces each user request by querying the corresponding primary security server to resolve the resource request based on a set of security associations.
As discussed in detail below, the present invention provides for the dynamic creation and termination of security servers in order to adapt to organizational policy changes. Each security server can be tailored to implement a unique security policy, thus allowing greater flexibility in defining security policies for different users and processes. These and other features and advantages of the invention will become apparent from the following description of the preferred embodiments of the invention.
REFERENCES:
patent: 5758077 (1998-05-01), Danahy et al.
patent: 5761380 (1998-06-01), Lewis et al.
patent: 5764887 (1998-06-01), Kells et al.
patent: 5784612 (1998-07-01), Crane et al.
Carney Michael R.
Loe Brian J.
Mitchem Terrance
Schwegman Lundberg Woessner & Kluth P.A.
Secure Computing Corporation
Sulpizio, Jr. Ronald F.
Swann Tod R.
LandOfFree
Adaptive security system having a hierarchy of security servers does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Adaptive security system having a hierarchy of security servers, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Adaptive security system having a hierarchy of security servers will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2537956