Electrical computers and digital processing systems: multicomput – Distributed data processing – Processing agent
Reexamination Certificate
1998-12-21
2001-12-11
Winder, Patrice (Department: 2155)
Electrical computers and digital processing systems: multicomput
Distributed data processing
Processing agent
C713S155000, C713S152000
Reexamination Certificate
active
06330588
ABSTRACT:
BACKGROUND
This invention relates to verification of software agents and their activities, and particularly to verification of software agents and their activities in a distributed computing environment.
In information-intensive computing environments, users tend both to be subject to information overload and to consume computing resources inefficiently. Toward alleviating such overload and inefficiency, software programmers have constructed programs commonly known as software agents. Indeed, software agents are well-known user tools.
Typically, software agents are entrusted to accomplish one or more tasks, e.g., on behalf of a user. As an example, some software agents are entrusted to search, filter, analyze and assign priorities to information. As another example, some software agents are entrusted with sensitive tasks and associated information, such as banking tasks and associated account information, e-commerce tasks and associated credit card information, and other transactions with trade secret or trade sensitive information.
Toward accomplishing tasks, software agents typically exercise the computing environment, e.g., to obtain services managed by servers and/or to interact with other agents. Under such conditions, a software agent is variously subject to corruption. As an example, a software agent can be rendered corrupting (e.g., made malicious) such as by changing its code to incorporate a virus or to provide other undesirable functionality. An agent corrupted by a virus typically is enabled to spread the virus in the computing environment (e.g., to servers) and/or to other agents with which it interacts.
As another example, a software agent can itself be corrupted, such as by a change in its code as to either an entrusted task or task-associated information. In the case of an agent entrusted with a bank transfer task, the agent is corrupted if its code is changed to alter the nature or amount of the transfer.
As yet another example, the software agent is without corruption, but the agent is functionally/indirectly corrupted by malicious operation within a part of the environment being exercised. To illustrate this example, an agent entrusted with a bank transfer task likely will carry information requesting that the transfer be of a fixed amount and be effected from a first account to a second account. However, the agent can be corrupted by maliciousness present in the transfer server itself. The agent's corruption in this case can be a change in the task's implementation, such as by (i) transferring a different amount or (ii) directing the amount to a third account, or (ii) both. The agent's corruption is compounded if accompanied by false reporting—to or through the agent, or otherwise—that the requested task was properly implemented.
Agent corruption generally is insufficiently protected via encryption techniques. That is, while encryption techniques can verify the origin of a software agent, these techniques typically have limited capability to deter corruption. In particular, encryption techniques generally fall short in deterring agent corruption if such corruption can occur prior to encryption or after decryption.
Accordingly, there is need in the art for methods and apparatus that verify software agents and their activities in a distributed computing environment. In particular, there is a need for such methods and apparatus where malicious operation may be present in the environment.
SUMMARY
The present invention provides an apparatus and method to verify software agents and their activities. In a distributed computing environment, an origin resource, a destination resource and a trusted resource are provided. The origin resource is associated with a software agent in that, most generally, the agent's information and/or an entrusted task are relevant to the origin resource. The origin resource, typically, provides information and/or entrusts task(s) to the software agent and expects to receive a report, either of information about or of the result of the agent's activities, via either return of the agent or otherwise.
The origin resource typically launches a software agent. However, a software agent may be associated with one or more origin resources and, as such, may be initially launched by any of such resources or by some other resource (e.g., a software agent could be launched initially by a trusted or a destination resource).
The destination resource is associated with the software agent in that, most generally, it is expected to advance the agent in the performance of an entrusted task. Typically, the destination resource receives the agent, interacts with it and performs and/or contributes to the performance of one or more of the agent's entrusted tasks. Any one software agent may have one or more associated destination resources.
The trusted resource is associated with the software agent in that the trusted resource functions to provide verification of the software agent and its activities. The trusted resource preferably has associated therewith selected mechanisms that support one or more selected operations such as, for example: receiving/forwarding of software agents; encrypting/decrypting part(s) of or entire software agents; acquiring, storing, retrieving and comparing of software agent fingerprints; executing rules, including for checking variable information; establishing, setting, updating and checking return timers; generating verification notices, reports or other return relevant to verification of the agent and its activities, such verification return typically being directed to an origin resource and/or the launching resource; logging the activities of software agents with which it interacts; and stripping, masking, or otherwise protecting part(s) or all of a software agent.
A trusted resource preferably is non-corruptible. Toward that, the trusted resource's resident hardware and/or software preferably effect security of the trusted resource itself. This security-directed hardware/software protects the trusted resource, e.g., from viruses and other corrupting influences, whether introduced through software agents or otherwise. Moreover, assuming some corruption may occur respecting the trusted resource, the security-directed hardware/software preferably enables identifying and correcting any such corruption, including of any operating system and application software associated with the trusted resource.
The present invention also provides a software agent configured so as to be capable of verification using the apparatus and methods of this invention. Any such agent preferably has one or more fixed and variable fields. Fixed fields typically support addresses, rules, data or other fixed information (information that does not change regardless of the task(s) the agent is entrusted to accomplish). Variable fields typically support operational flags (e.g., a new/old flag), rules, data or other variable information (information that changes as the agent accomplishes its entrusted task(s)). Any such agent preferably also supports certain rules, including rules that enable selected operations, such as, for example, checking for appropriate modifications of variable information and/or ensuring that the TR rules themselves are not corrupted.
REFERENCES:
patent: 5633931 (1997-05-01), Wright
patent: 5638446 (1997-06-01), Rubin
patent: 5926549 (1999-07-01), Pinkas
patent: 5958051 (1999-09-01), Renaud et al.
patent: 6058383 (2000-05-01), Narasimhalu et al.
patent: 6065040 (2000-05-01), Mima et al.
patent: 6112304 (2000-08-01), Clawson
patent: 6115699 (2000-09-01), Hardjono
patent: 6144739 (2000-11-01), Witt et al.
patent: 6157721 (2000-12-01), Shear et al.
Uwe G. Wilhelm, Cryptographically Protected Objects, (french vision) In the Proceedings of RenPAr'9 , Lausanne, CH, 4 pages, May 1997.*
Vipin Swarup, Appraisal and Secure Routing of Mobile Agents, DARPA Workshop on Foundations for Secure Mobile Code, 5 pages, Mar. 1997.*
Uwe G. Wilhelm et al., Protecting the itinerary of Mobile Agents, In 4th ECOOP Wor
Philips Electronics North America Corporation
Schmitt Michael
Winder Patrice
LandOfFree
Verification of software agents and agent activities does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Verification of software agents and agent activities, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Verification of software agents and agent activities will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2572631