Authorizing access to operating system resources using security policies managed by service external to the operating system
US12111940B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 3, 2021 |
| Grant date | Oct 8, 2024 |
| Priority date | — |
| Expiry date | Jun 16, 2042 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2209/542
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Systems, devices, and methods are provided for authorizing access to operating system resources using security policies managed by a service external to the operating system. An operating system may be provisioned with a kernel-mode component that intercepts system calls from applications, determines a request context for the system call, and sends a request to an external policy management service. The policy management service may be used to perform a policy evaluation to determine whether to grant access to operating system resources. In some cases, policies are cached by the operating system. In various examples, the operating system and policy management service are both hosted on resources managed by a computing resource service provider on behalf of a customer to run mainframe workloads.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.