US2017099315A1PendingUtilityA1

System and method for obtaining keys to access protected information

Assignee: ANGEL SECURE NETWORKS INCPriority: Sep 16, 2012Filed: Jun 14, 2016Published: Apr 6, 2017
Est. expirySep 16, 2032(~6.2 yrs left)· nominal 20-yr term from priority
G06F 16/182H04L 9/0861G06F 2221/2125H04L 63/1441G06F 21/6218H04L 9/0822H04L 9/0618H04L 63/083H04L 63/166H04L 63/06H04L 9/14G06F 17/30194
49
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A server uses an encryption key to decrypt authentication information thereby facilitating communication with network-accessible applications that may be remotely located from the server. Servers can also use encryption keys to decrypt files containing sensitive data. The encryption key is obtained by a collection of software agents, each providing a portion of information necessary for generating the encryption key. Each software agent performs a respective examination, the results of which determine whether the respective portion of information is valid or not. A complete encryption key can be obtained only when all of the contributing portions of information are valid.

Claims

exact text as granted — not AI-modified
1 . A system comprising:
 a memory to store computer instructions; and   a processor in communication with the memory, wherein the processor, responsive to executing the computer instructions, performs operations comprising:
 receiving a request to access information content from a file system; 
 identifying a network of software agents, each software agent configured to conduct a respective evaluation returning a respective portion of information; 
 requesting that each software agent in the network of software agents conducts its respective evaluation; 
 generating a key from the respective portions of information; and 
 accessing by the key, the information content from the file system. 
   
     
     
         2 . The system of  claim 1 , wherein the network of agents are configured to perform tests on the system to determine whether the system is in a safe state. 
     
     
         3 . The system of  claim 1 , wherein the network of software agents makes the key from values returned as a result obtained by performance of a test. 
     
     
         4 . The system of  claim 1 , wherein the network of software agents is re-configurable according to a type of test performed. 
     
     
         5 . The system of  claim 1 , wherein the file system is encrypted, and a file-open command of an unencrypted file system initiates a procedure whereby a plurality of software agents of the network of software agents are called, the plurality of software agents providing respective portions of information. 
     
     
         6 . The system of  claim 1 , wherein requesting that each software agent conduct its respective evaluation occurs sequentially according to a predetermined chain of software agents of the network of software agents, each software agent of the chain of software agents passing its respective portion of information to a subsequent software agent of the chain of software agents. 
     
     
         7 . The system of  claim 6 , wherein a final software agent in the predetermined chain of software agents produces a key, which is a combination of the respective portions of information of preceding software agents of the predetermined chain of software agents. 
     
     
         8 . The system of  claim 1 , where each software agent of the network of software agents conducts a respective examination by using an authentication function comprising initially encrypted authentication functions that are decrypted just prior to being run. 
     
     
         9 . The system of  claim 8 , where the authentication function uses other software agents on other processors to conduct their examination. 
     
     
         10 . The system of  claim 9 , further comprising communication of code snippets from a calling software agent of the network of software agents to another software agent on other processors, wherein the other software agent receiving the code snippet executes the code snippet in memory immediately after receipt and returns a result to the calling software agent. 
     
     
         11 . A method comprising:
 receiving, by a system comprising a processor, a request to access information content from a file system;   identifying, by the system, a plurality of software agents, each software agent configured to conduct a respective evaluation returning a respective portion of information;   requesting, by the system, that each software agent in the plurality of software agents conducts its respective evaluation;   generating, by the system, a key from the respective portions of information; and   accessing by the key, the information content from the file system.   
     
     
         12 . The method of  claim 11 , wherein requesting that each software agent conduct its respective evaluation occurs sequentially according to a chain of software agents of the plurality of software agents, each software agent of the chain of the plurality of software agents passing its respective portion of information to a subsequent software agent of the chain of the plurality of software agents. 
     
     
         13 . The method of  claim 12 , wherein a final software agent in the chain of the plurality of software agents produces a key, which is a combination of the respective portions of information of the preceding software agents of the chain of the plurality of software agents. 
     
     
         14 . The method of  claim 11 , wherein each software agent of the plurality of software agents conducts a respective examination according to one or more authentication functions, wherein the one or more authentication functions are initially encrypted, the one or more authentication functions being decrypted at run time. 
     
     
         15 . The method of  claim 14 , wherein at least some of the one or more authentication functions conducts the respective examination using one or more other software agents on one or more other processors. 
     
     
         16 . The method of  claim 15 , further comprising communication of a code segment from a calling software agent of the plurality of software agents to another software agent on other processors, wherein the other software agent receiving the code segment executes the code segment in memory to produce a result and returns the result to the calling software agent. 
     
     
         17 . A machine-readable storage device, comprising executable instructions which, responsive to being executed by at least one processor, cause the at least one processor to perform operations comprising:
 receiving a request to access information content from a file system;   identifying a chain of software agents, each software agent configured to conduct a respective evaluation returning a respective portion of information;   requesting that each software agent in the chain of software agents conduct its respective evaluation;   generating a key from the respective portions of information; and   accessing the information content from the file system.   
     
     
         18 . The machine-readable storage device of  claim 17 , where each software agent of the chain of software agents conducts a respective examination by using initially encrypted authentication functions that are decrypted just-in-time when they are run. 
     
     
         19 . The machine-readable storage device of  claim 18 , where the initially encrypted authentication functions use other software agents on other processors to conduct their examination. 
     
     
         20 . The machine-readable storage device of  claim 19 , further comprising communicating a code segment from a calling software agent of the chain of software agents to another software agent on another processor, wherein the other software agent receiving the code segment executes the code segment to produce a result and returns the result to the calling software agent.

Join the waitlist — get patent alerts

Track US2017099315A1 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.