Process control software security architecture based on least privileges
US11275861B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 25, 2014 |
| Grant date | Mar 15, 2022 |
| Priority date | — |
| Expiry date | Jul 25, 2034 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/604
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A process control system software security architecture, that is more effective at preventing zero-day or other types of malware attacks, implements the use of “least privileges” when executing the applications and services run within a computer device. The least privileges based architecture separates “service” processes from desktop applications that run on behalf of a logged-on user by partitioning the global namespace of the software system into service namespaces and logged-on user namespaces, and by strictly controlling communications between the applications and services in these different namespaces using interprocess communications. Moreover, the security architecture uses custom accounts to assure that each service process has the least set of privileges that are needed for implementing its function regardless of the privileges associated with the calling application or user.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.