Managing privilege delegation on a computer device
US11270013B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 7, 2019 |
| Grant date | Mar 8, 2022 |
| Priority date | — |
| Expiry date | Feb 12, 2040 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/604
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A computer device for managing privilege delegation to control creation of processes thereon is described. Creation of a process, in a user account on a computer device, is requested according to first privileges. An agent, cooperating with an operating system of the computer device, intercepts the request. The agent determines whether to create the process according to second privileges, different from the first privileges and if permitted, cause the process to be created accordingly. The agent hooks a query provided by the operating system to identify whether a user account control service is enabled. The agent enquires of the operating system whether to create the process according to the second privileges whereupon the hooked query is invoked. The agent confirms to the operating system that the user account control service is enabled, such that checks by the operating system are performed as if the operating system were enabled.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.