System, method and computer program product for dynamic system adaptation using contracts
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-015/173
G06F-015/16
출원번호
US-0586550
(2000-05-31)
등록번호
US-7426551
(2008-09-16)
발명자
/ 주소
Benzinger,Lee
Feiertag,Richard J.
Rho,Jaisook
출원인 / 주소
McAfee, Inc.
대리인 / 주소
Zilka Kotab, PC
인용정보
피인용 횟수 :
16인용 특허 :
23
초록▼
A system, method and computer program product are provided for dynamic adaptation of a system in accordance with a contract with criteria associated therewith. During operation, an interaction between a plurality of components of a system is governed utilizing the criteria of the contract. Further,
A system, method and computer program product are provided for dynamic adaptation of a system in accordance with a contract with criteria associated therewith. During operation, an interaction between a plurality of components of a system is governed utilizing the criteria of the contract. Further, it is determined whether the interaction between the components of the system meets the criteria of the contract. Upon the criteria of the contract not being met, the interaction between the components of the system is adapted to conform to the criteria.
대표청구항▼
What is claimed is: 1. A method implemented using a computer for dynamic adaptation of a system in accordance with a contract with criteria associated therewith, comprising: governing a security-related interaction between a plurality of components of the system utilizing the criteria of the contra
What is claimed is: 1. A method implemented using a computer for dynamic adaptation of a system in accordance with a contract with criteria associated therewith, comprising: governing a security-related interaction between a plurality of components of the system utilizing the criteria of the contract, the components including an intrusion detection module which is subject to the governing; determining whether the security-related interaction between the components of the system meets the criteria of the contract; and adapting the security-related interaction between the components of the system upon the criteria of the contract not being met; wherein the contract is created by advertising a capability to a control component which handles contract negotiations, receiving a proposed contract based on the capability, accepting the proposed contract, receiving a seal message, receiving and storing a fallback proposed contract, and if replacement of the proposed contract is required, replacing the proposed contract with the fallback proposed contract; wherein the proposed contract is selected from a predetermined set; wherein replacement of the proposed contract is required when the interaction governed by the proposed contract no longer meets criteria of a cost model; wherein the system includes the intrusion detection module and triggers a reaction based on the security-related interaction. 2. The method as recited in claim 1, wherein the security-related interaction between the components of the system is adapted by adjusting the contract. 3. The method as recited in claim 2, wherein the contract is adjusted by a method selected from the group consisting of deactivation of the contract, modification of the contract, deletion of the contract, and activation of a different contract. 4. The method as recited in claim 1, wherein the criteria of the contract include cost model criteria. 5. The method as recited in claim 4, wherein the cost model criteria is based on resource utilization. 6. The method as recited in claim 4, wherein the cost model criteria is based on performance. 7. The method as recited in claim 4, wherein the cost model criteria is based on service provisioning. 8. The method as recited in claim 1, wherein the components include the intrusion detection module and an analysis module. 9. The method as recited in claim 1, wherein the control component selects the contract from the predetermined set of contracts. 10. The method as recited in claim 1, wherein the interaction is prohibited if the proposed contract is not accepted. 11. The method as recited in claim 1, wherein another seal message is received from the control component for completing the fallback proposed contract. 12. The method as recited in claim 11, wherein the fallback proposed contract is stored, but not activated, before the completion, for use in case the replacement is required. 13. A computer program product stored on a computer-readable medium for dynamic adaptation of a system in accordance with a contract with criteria associated therewith, comprising: (a) computer code for governing a security-related interaction between a plurality of components of the system utilizing the criteria of the contract, the components including an intrusion detection module which is subject to the governing; (b) computer code for determining whether the security-related interaction between the components of the system meets the criteria of the contract; and (c) computer code for adapting the security-related interaction between the components of the system upon the criteria of the contract not being met; wherein the contract is created by advertising a capability to a control component which handles contract negotiations, receiving a proposed contract based on the capability, accepting the proposed contract, receiving a seal message, receiving and storing a fallback proposed contract, and if replacement of the proposed contract is required, replacing the proposed contract with the fallback proposed contract; wherein the proposed contract is selected from a predetermined set; wherein replacement of the proposed contract is required when the interaction governed by the proposed contract no longer meets criteria of a cost model; wherein the system includes the intrusion detection module and triggers a reaction based on the security-related interaction. 14. The computer program product as recited in claim 13, wherein the security-related interaction between the components of the system is adapted by adjusting the contract. 15. The computer program product as recited in claim 14, wherein the contract is adjusted by a method selected from the group consisting of deactivation of the contract, modification of the contract, deletion of the contract, and activation of a different contract. 16. The computer program product as recited in claim 13, wherein the criteria of the contract includes cost model criteria. 17. The computer program product as recited in claim 16, wherein the cost model criteria is based on resource utilization. 18. The computer program product as recited in claim 16, wherein the cost model criteria is based on performance. 19. The computer program product as recited in claim 16, wherein the cost model criteria is based on service provisioning. 20. The computer program product as recited in claim 13, wherein the components include the intrusion detection module and an analysis module. 21. An apparatus stored on a computer-readable medium for dynamic adaptation of a system in accordance with a contract with criteria associated therewith, comprising: a module for: (a) governing a security-related interaction between a plurality of components of the system utilizing the criteria of the contract, the components including an intrusion detection module which is subject to the governing; (b) determining whether the security-related interaction between the components of the system meets the criteria of the contract; and (c) adapting the security-related interaction between the components of the system upon the criteria of the contract not being met; wherein the contract is created by advertising a capability to a control component which handles contract negotiations, receiving a proposed contract based on the capability, accepting the proposed contract receiving a seal message, receiving and storing a fallback proposed contract, and if replacement of the proposed contract is required, replacing the proposed contract with the fallback proposed contract; wherein the proposed contract is selected from a predetermined set; wherein replacement of the proposed contract is required when the interaction governed by the proposed contract no longer meets criteria of a cost model; wherein the system includes the intrusion detection module and triggers a reaction based on the security-related interaction. 22. A method implemented using a computer for dynamic adaptation of a system in accordance with a contract with criteria associated therewith, comprising: governing a security-related interaction between a plurality of components of the system utilizing the criteria of the contract, the components including a plurality of intrusion detection modules, and at least one firewall which are subject to the governing; determining whether the security-related interaction between the components of the system meets the criteria of the contract utilizing an analysis module; and adapting the security-related interaction between the components of the system upon the criteria of the contract not being met utilizing the analysis module; wherein the security-related interaction between the components of the system is adapted by adjusting the contract by a method selected from the group consisting of deactivation of the contract, modification of the contract, deletion of the contract, and activation of a different contract; wherein the contract is created by advertising a capability to a control component which handles contract negotiations, receiving a proposed contract based on the capability, accepting the proposed contract receiving a seal message, receiving and storing a fallback proposed contract, and if replacement of the proposed contract is required, replacing the proposed contract with the fallback proposed contract; wherein the proposed contract is selected from a predetermined set; wherein replacement of the proposed contract is required when the interaction governed by the proposed contract no longer meets criteria of a cost model; wherein the system includes the intrusion detection modules and triggers a reaction based on the security-related interaction. 23. The method as recited in claim 22, wherein the intrusion detection modules are adapted for communicating information to the analysis module for detecting intrusions. 24. The method as recited in claim 23, wherein information includes generalized intrusion detection objects.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (23)
Bigus Joseph P. (Rochester MN), Adaptive job scheduling using neural network priority functions.
Monks Robert A. G. ; Marshall Ric, Computer assisted and/or implemented process and architecture for simulating, determining and/or ranking and/or indexing effective corporate governance using complexity theory and agency-based modeli.
Eriksson Anders,SEX, Controlling access to resources in a connectionless network using a ticket message containing reserved network resource allocation information.
Kase Naoki,JPX ; Kawamura Takahiro,JPX, Cooperative inferring apparatus for causing a plurality of inferring units that infer a problem to negotiate with each other corresponding to negotiation strategies that can be autonomously changed c.
Austvold Shawn M. (Rochester MN) Bigus Joseph P. (Rochester MN) Henckel Jonathan D. (Rochester MN) Hospers Paul A. (Rochester MN), Enhanced neural network shell for application programs.
Zinky, John A.; Schantz, Richard R.; Bakken, David E.; Loyall, Joseph P., Framework for providing quality of service requirements in a distributed object-oriented computer system.
Pleso Mark F., Integrated device driver wherein the peripheral downloads the device driver via an I/O device after it is determined that the I/O device has the resources to support the peripheral device.
Guido M. Schuster ; Michael S. Borella ; Jacek A. Grabiec ; Ikhlaq S. Sidhu, Method and apparatus for measurement-based conformance testing of service level agreements in networks.
Bartz, Thomas G.; Janes, Stephen; Singhal, Sharad; Bhoj, Preeti, Method and apparatus for processing quality of service measurement data to assess a degree of compliance of internet services with service level agreements.
Shan Ming-Chien (Saratoga CA) Murphy Marguerite C. (Berkeley CA), Method of automatically controlling the allocation of resources of a parallel processor computer system by calculating a.
Fijolek, John G.; Robinson, Phillip T.; Gilbert, Irene M.; Budinger, Daniel M.; Jain, Narij, Methods and systems for service level agreement enforcement on a data-over cable system.
Richard J. Riggan ; William Joseph Beyda ; Shmuel Shaffer, System and method for prevention of cell loss due to quality of service contracts in an ATM network.
Barkan, Arye; Freidin, Aviv; Musman, Lior; Rotem, Noam; Treves, Dror; Baram, Gal; Wagner, Sharon, System use internal service level language including formula to compute service level value for analyzing and coordinating service level agreements for application service providers.
Peterson, Jonathan M.; Stark, Magnus H.; Kozee, Jacqueline E.; Atkinson, M. Cort; Hodges, Donna Kay; Bonner, Bridget N.; Muth, Mario, Methods and systems for electronic data exchange utilizing centralized management technology.
Hodges, Donna Kay; Kreiner, Barrett M.; Menon, Jai P.; Walton, Tommy W.; Rehkopf, Thomas W.; Tischer, Steven Neil, Service-oriented architecture systems and methods.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.