Hierarchical security mechanism for dynamically assigning security levels to object programs

Assignee

• International Business Machines Corporation · US

Inventors

• Peter Markstein · Yorktown Heights, US
• Alan Levi Tritter · Yorktown Heights, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F12/1491
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A computer system organization which allows a program to specify a predetermined security level for other programs which it invokes, while at the same time being subject to security restraints placed on it either by a higher priority level invoking program or by the operating system. A plurality of security levels organized as a hierarchy which may be established by both problem programmers, and the operating system are then controlled by the operating system. A program cannot change its previously assigned level. Only a higher level invoking program can make such an alteration. A new program's security level indicator must be validated and then a protection code or `mask` of a predetermined size related to the security level must be validated. The system utilizes a plurality of special purpose bits in every data word which bits contain the protection field. Level indicators for the particular program determine the use of the protection field. A series of linking registers or a `Link Stack` having appropriate logic circuitry connected thereto is utilized for keeping track of the security level of all programs in a hierarchical sequence currently running on the system. The stack all…