There are many situations in which one computer needs to evaluate whether or not it is desirable to interact in a certain way with another computer. For example, a network gateway, used to control access to a computer network, may need to decide whether or not to allow a particular laptop computer to connect to the network. Similarly, a computer system containing private data concerning a given person may need to decide whether it can transmit that data to another computer system, or whether doing so would unacceptably jeopardize the privacy of the data.
In some traditional statically-configured computer systems, a human administrator configures access control policies that precisely determine which types of interaction, if any, a given computer system may engage in with specific other computer systems or groups of other systems. This configuration is based upon human knowledge or beliefs as to the nature and properties of the other computer systems. However, many computer systems are wholly or partially autonomic or self-managing. Such computer systems may not have a human administrator available at the moment in time when the decision about interaction must be made. In fact, computer systems potentially may not have a human administrator at all.
Other methods of computer system evaluation known in the art involve requiring that a computer allow itself to be inspected in various ways. For instance, network infrastructure known in the art can forbid any computer from joining the network unless it can be determined what anti-virus software that computer has installed, and that the installed software is on a list of approved anti-virus software packages. However, these methods have the disadvantage that they can only be used if a computer is willing to disclose the required information about itself to the outside world generally.
Other methods known in the art involve evaluating a system based only on information that it inherently exposes through the normal course of its operation. For example, a first computer system may determine which network ports on a second computer system are open and accepting connections. Also, a first system may determine how the second system responds to various, pre-defined queries and probes. However, these methods have the disadvantage that they are limited in their evaluations to algorithms that use already-exposed information about computer systems.