In a distributed computing architecture, a method and system for authenticating a message as originating from an unaltered or unmodified node is provided. Prior to sending a messages, a black box software module in a node validates the node to determine whether the node has been altered or modified
In a distributed computing architecture, a method and system for authenticating a message as originating from an unaltered or unmodified node is provided. Prior to sending a messages, a black box software module in a node validates the node to determine whether the node has been altered or modified without authorization. Once validated, the black box alters a message, using a black box protection scheme, in such a manner that the message can be subsequently authenticated. The black box module sends the altered message to a peer node, whose own black box authenticates the message using an authentication scheme corresponding to the protection scheme. Because validation is performed, each node may assume that the message originated from an unaltered node. The protection and/or validation scheme can be changed in regular intervals so that attackers do not have time to reverse engineer the black box. Alternatively, validation may be skipped and the key used to alter/protect each message may be based on the environment of the node performing the alteration/protection, so that nodes that have been altered will generate different keys than unaltered nodes, and will not be able to communicate.
대표청구항▼
We claim: 1. A method for protecting against software tampering in a node in a distributed computing system, comprising: (a) encrypting a message using a predetermined encryption algorithm at a first node, wherein the predetermined encryption algorithm uses a protection key based at least in part o
We claim: 1. A method for protecting against software tampering in a node in a distributed computing system, comprising: (a) encrypting a message using a predetermined encryption algorithm at a first node, wherein the predetermined encryption algorithm uses a protection key based at least in part on node-specific information of the first node and at the first node any new activity resulting from a new software module introduction that would subsequently be copied or transferred to a second node must be first validated at the first node and, the node-specific information changes if node software in the first node is altered by an underlying change in the composition of node-specific information; (b) sending the encrypted message to a second node along with the underlying change in the composition of the node-specific information of the first node if a change occurs at the first node by the new software module introduction; and (c) receiving the encrypted message at the second node along with the underlying change in the composition of the node-specific information of the first node if a change occurs at the first node by the new software introduction; (d) decrypting the encrypted message using the predetermined encryption algorithm and an authentication key, wherein the authentication key is based at least in part on node specific information of the second node, wherein the node-specific information changes if node software in the first node is altered by an underlying change in the composition of the node-specific information; and (e) periodically changing the predetermined encryption algorithm or the node-specific information upon which the protection and authentication keys are based. 2. The method of claim 1, wherein the predetermined encryption algorithm is changed when a predetermined event occurs. 3. The method of claim 2, wherein the predetermined event comprises a predetermined amount of time having elapsed. 4. The method of claim 1, wherein the predetermined encryption algorithm is changed when the predetermined algorithm has been compromised. 5. The method of claim 1, wherein the predetermined encryption algorithm comprises encrypting an asymmetric key using a symmetric key. 6. The method of claim 1, wherein the predetermined encryption algorithm comprises a symmetric encryption algorithm. 7. The method of claim 1, wherein the predetermined encryption algorithm comprises hashing. 8. The method of claim 1, wherein the predetermined encryption algorithm comprises watermarking. 9. The method of claim 1, further comprising: (f) determining whether a new predetermined encryption algorithm is available when step (d) fails to decrypt the received encrypted message; and (g) when a new predetermined encryption algorithm is available, the second node retrieving the new predetermined algorithm and decrypting the received encrypted message using the new predetermined algorithm. 10. The method of claim 9, further comprising ignoring the received encrypted message when either a new predetermined algorithm is not available in step (f), or the decryption of step (g) fails. 11. A method for validating a node in a distributed computing system, comprising: (a) validating a host node using a predetermined validation scheme based on physical characteristics of the host node and any managed agents including any independent nodes that communicate through the host node within the distributed computing system to allow dynamic changes to the host node without having to previously communicate the changes to a centralized server; (b) encrypting a message using a predetermined key and a predetermined encryption algorithm when the host node is successfully validated in step (a); (c) sending the encrypted message to a peer node; (d) receiving the encrypted message at the peer node; (e) validating the peer node using the predetermined validation scheme based on physical characteristics of the peer node and, when validation is successful, decrypting the encrypted message using the predetermined key and the predetermined encryption algorithm; and (f) changing the predetermined validation scheme when a predetermined event occurs. 12. The method of claim 11, wherein the physical characteristics of the host node comprise physical characteristics of an executable image in a memory of the host node. 13. The method of claim 11, further comprising: (g) determining whether a new predetermined algorithm is available when step (e) fails to decrypt the received encrypted message; and (h) when a new predetermined algorithm is available, the peer node retrieving the new predetermined algorithm and decrypting the received message using the new predetermined algorithm. 14. Distributed computer system comprising: a node that authenticates a peer node based on a received message a protection module for altering messages using a predetermined algorithm that allows each message to be subsequently authenticated, and a protection key based at least in part on node specific information that includes specific parameter information relating to a security control routine and a node that introduces the peer node acting as an independent agent, allows the peer node acting as an independent agent to run on the node that conducts the introduction, and to allows the node that conducts the introduction to evaluate whether the peer node acting as an independent agent alters node software present on the node conducting the introduction; an authentication module for authenticating altered messages received from other nodes using the predetermined algorithm and an authentication key based at least in part on the node specific information; control logic that permits the node to process a message when the message is successfully authenticated by the authentication module; and wherein the control logic, when the authentication module unsuccessfully authenticates the message, polls a server to determine whether a new predetermined algorithm is available and, if so, retrieves the new predetermined algorithm from the server for use by the protection and authentication modules. 15. The node of claim 14, further comprising a validation module that validates the node based on a physical characteristic of the node, and where successful validation is required prior to performing protection or authentication by the protection module and authentication module, respectively. 16. The node of claim 15, wherein the predetermined algorithm comprises encrypting an asymmetric key using a symmetric key. 17. The node of claim 15, wherein the predetermined algorithm comprises a symmetric encryption algorithm. 18. The node of claim 14, wherein the predetermined algorithm comprises hashing. 19. The node of claim 14, wherein the predetermined algorithm comprises watermarking. 20. The node of claim 14, wherein the node further comprises control logic that checks for a new predetermined algorithm when a predetermined event occurs. 21. The node of claim 14, wherein the predetermined event comprises a predetermined amount of time having elapsed. 22. The node of claim 14, further comprising control logic that causes the node to ignore the message when either no new predetermined algorithm is available, or the decryption module fails to decrypt the message using the new predetermined algorithm. 23. A computer storage readable medium storing computer readable instructions that, when executed, cause a computer system to perform a method for validating a sending node, comprising: validating the sending node using a predetermined validation scheme based on characteristics of a program environment provided by the sending node, by comparing elements of the program environment to expected values to allow a dynamic change to the characteristics of a program environment of the sending node, without having to communicate the change to a centralized server; when the comparing step is successful, encrypting a message to be sent to a peer node based on a predetermined encryption algorithm, wherein the predetermined encryption algorithm includes a protection key that is based on node specific information corresponding to the sending node that includes specific parameter information relating to a security routine and an evaluation by the sending node to determine whether the dynamic change to the characteristics of a program environment of the sending node are present; and periodically changing the predetermined validation scheme and the node-specific information on which the protection key is based.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (35)
Wobber Edward (Menlo Park CA) Abadi Martin (Palo Alto CA) Birrell Andrew (Los Altos CA) Lampson Butler (Cambridge MA), Access control subsystem and method for distributed computer system using locally cached authentication credentials.
Bigus Joseph Phillip ; Cragun Brian John ; Delp Helen Roxlo, Apparatus and method for optimizing the performance of computer tasks using multiple intelligent agents having varied degrees of domain knowledge.
Graunke Gary L. ; Carbajal John ; Maliszewski Richard L. ; Rozas Carlos V., Method for securely distributing a conditional use private key to a trusted entity on a remote system.
Devarakonda Murthy V. ; Mohindra Ajay ; Purakayastha Apratim ; Zukowski Deborra Jean, System and method for automatically localizing access to remote network components using implicit agent relocation.
White James E. ; Helgeson Christopher S. ; Steedman Douglas A., System and method for distributed computation based upon the movement, execution, and interaction of processes in a network.
LeVine,Richard B.; Lee,Andrew R.; Howard,Daniel G.; Goldman,Daniel M.; Hart, III,John J., Systems and methods for preventing unauthorized use of digital content.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Brutch, Tasneem; Kumar, Alok; Scarlata, Vincent R.; Siddiqi, Faraz A.; Smith, Ned M.; Wiseman, Willard M., Methods and apparatus for providing upgradeable key bindings for trusted platform modules.
Stolfo, Salvatore J.; Li, Wei-Jen; Keromylis, Angelos D.; Androulaki, Elli, Methods, media, and systems for detecting attack on a digital processing device.
Stolfo, Salvatore J.; Li, Wei-Jen; Keromytis, Angelos D.; Androulaki, Elli, Methods, media, and systems for detecting attack on a digital processing device.
Stolfo, Salvatore J.; Li, Wei-Jen; Keromytis, Angelos D.; Androulaki, Elli, Methods, media, and systems for detecting attack on a digital processing device.
Dang, Ya Bin; Hao, Da Ming; Li, Shih-Gong; Luo, Lin; Yang, Shun Xiang, Secure apparatus and method for protecting integrity of software system and system thereof.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.