Process for transparently enforcing protection domains and access control as well as auditing operations in software components
US6317868A · kind A · utility
Assignee
Inventors
Key dates
| Filing date | Oct 7, 1998 |
| Grant date | Nov 13, 2001 |
| Priority date | — |
| Expiry date | Oct 7, 2018 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/125
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
An original software component is modified in accordance with a site's security policy provisions prior to being executed by a component system or computer at the site. The original software component is intercepted by an introspection service running on a server or on the component system prior to execution on the component system. The introspection service analyzes the software component by parsing it, and based on the information it determines, a security policy service instructs an interposition service how to modify the software component so that it conforms to the security policy service requirements. The interposition service thus produces a modified software component by inserting code for security initialization and for imposing security operations on the original component operations. When the modified software component is executed, an enforcement service follows the security operations that were injected into the software component, which instruct the enforcement service on associating component system objects with security identifiers. For example, a security identifier is associated with the software component. In addition, the enforcement service determines when and …
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.